split server desktop, move stuff

helpers/default.nix

@@ -1,7 +0,0 @@
-{lib, ...}: {
-  mkIfElse = p: yes: no:
-    lib.mkMerge [
-      (lib.mkIf p yes)
-      (lib.mkIf (!p) no)
-    ];
-}

hetzner-vpn1.nix

@@ -1,14 +1,14 @@
 {...}: {
   imports = [
-    ./modules
+    ./modules/server
-    (import ./hardware "hetzner-vpn1")
+    (import ./modules/hardware "hetzner-vpn1")
   ];
 
   config = {
     my = {
-      desktop.enable = false;
       server.enable = true;
     };
+
     users.users.root.openssh.authorizedKeys.keys = [
       ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf''
     ];

modules/default.nix

@@ -1,55 +0,0 @@
-{
-  config,
-  pkgs,
-  ...
-}: let
-  cfg = config.my;
-  helpers = import ../helpers;
-in {
-  imports = [
-    ./home
-    ./desktop
-    ./i18n.nix
-    ./nixpkgs.nix
-  ];
-
-  config = {
-    networking = {
-      networkmanager.enable = true;
-      firewall.enable = true;
-    };
-
-    # Enable the OpenSSH daemon.
-    services.openssh = {
-      enable = true;
-      settings = {
-        # PermitRootLogin = "no"; # this is managed through authorized keys
-        PasswordAuthentication = false;
-        KbdInteractiveAuthentication = false;
-      };
-    };
-
-    systemd.extraConfig = ''
-      DefaultTimeoutStopSec=12s
-    '';
-
-    programs = {
-      zsh.enable = true;
-
-      git = {
-        enable = true;
-        package = pkgs.gitFull;
-      };
-    };
-
-    environment = {
-      pathsToLink = ["/share/zsh"];
-
-      systemPackages = with pkgs; [
-        lm_sensors
-        tldr
-        ncdu
-      ];
-    };
-  };
-}

modules/desktop/default.nix

@@ -7,8 +7,13 @@
   cfg = config.my.desktop;
 in {
   imports = [
+    <home-manager/nixos>
     ./gnome.nix
     ./kde.nix
+    ./i18n.nix
+    ./nixpkgs.nix
+    ./vinzenz.nix
+    ./ronja.nix
   ];
 
   options.my.desktop = {
@@ -16,6 +21,9 @@ in {
   };
 
   config = lib.mkIf cfg.enable {
+    home-manager.useUserPackages = true;
+    home-manager.useGlobalPkgs = true;
+
     services = {
       # Enable the X11 windowing system / wayland depending on DE
       xserver.enable = true;
@@ -23,7 +31,15 @@ in {
       # Enable CUPS to print documents.
       printing.enable = true;
 
-      openssh.settings.PermitRootLogin = "no";
+      # Enable the OpenSSH daemon.
+      openssh = {
+        enable = true;
+        settings = {
+          PermitRootLogin = "no";
+          PasswordAuthentication = false;
+          KbdInteractiveAuthentication = false;
+        };
+      };
     };
 
     # Enable sound with pipewire.
@@ -46,7 +62,11 @@ in {
     };
 
     # unblock kde connect / gsconnect
-    networking.firewall = {
+    networking = {
+      networkmanager.enable = true;
+      firewall.enable = true;
+
+      firewall = {
         allowedTCPPortRanges = [
           {
             # KDE Connect
@@ -63,4 +83,28 @@ in {
         ];
       };
     };
+
+    systemd.extraConfig = ''
+      DefaultTimeoutStopSec=12s
+    '';
+
+    programs = {
+      zsh.enable = true;
+
+      git = {
+        enable = true;
+        package = pkgs.gitFull;
+      };
+    };
+
+    environment = {
+      pathsToLink = ["/share/zsh"];
+
+      systemPackages = with pkgs; [
+        lm_sensors
+        tldr
+        ncdu
+      ];
+    };
+  };
 }

modules/desktop/gnome.nix

@@ -4,7 +4,9 @@
   lib,
   ...
 }: let
-  cfg = config.my.gnome;
+  desktopCfg = config.my.desktop;
+  cfg = desktopCfg.gnome;
+
   applyGnomeUserSettings = {
     home.packages = with pkgs; [
       gnome.gpaste
@@ -17,7 +19,7 @@
     };
   };
 in {
-  options.my.gnome = {
+  options.my.desktop.gnome = {
     enable = lib.mkEnableOption "gnome desktop";
   };
 
@@ -56,8 +58,8 @@ in {
     ];
 
     home-manager.users = {
-      vinzenz = lib.mkIf config.my.home.vinzenz.enable applyGnomeUserSettings;
+      vinzenz = lib.mkIf desktopCfg.vinzenz.enable applyGnomeUserSettings;
-      ronja = lib.mkIf config.my.home.ronja.enable applyGnomeUserSettings;
+      ronja = lib.mkIf desktopCfg.ronja.enable applyGnomeUserSettings;
     };
   };
 }

modules/desktop/kde.nix

@@ -4,7 +4,8 @@
   lib,
   ...
 }: let
-  cfg = config.my.kde;
+  desktopCfg = config.my.desktop;
+  cfg = desktopCfg.kde;
 
   applyKdeUserSettings = {
     home = {
@@ -17,7 +18,7 @@
     };
   };
 in {
-  options.my.kde = {
+  options.my.desktop.kde = {
     enable = lib.mkEnableOption "KDE desktop";
   };
 
@@ -56,8 +57,8 @@ in {
     };
 
     home-manager.users = {
-      vinzenz = lib.mkIf config.my.home.vinzenz.enable applyKdeUserSettings;
+      vinzenz = lib.mkIf desktopCfg.vinzenz.enable applyKdeUserSettings;
-      ronja = lib.mkIf config.my.home.ronja.enable applyKdeUserSettings;
+      ronja = lib.mkIf desktopCfg.ronja.enable applyKdeUserSettings;
     };
   };
 }

modules/desktop/ronja.nix

@@ -5,9 +5,9 @@
   ...
 }:
 with lib; let
-  cfg = config.my.home.ronja;
+  cfg = config.my.desktop.ronja;
 in {
-  options.my.home.ronja = {
+  options.my.desktop.ronja = {
     enable = lib.mkEnableOption "user ronja";
   };
 
@@ -21,7 +21,6 @@ in {
     };
 
     # home manager
-    my.home.enable = true;
     home-manager.users.ronja = {
       config,
       pkgs,

modules/desktop/vinzenz.nix

@@ -4,9 +4,9 @@
   lib,
   ...
 }: let
-  cfg = config.my.home.vinzenz;
+  cfg = config.my.desktop.vinzenz;
 in {
-  options.my.home.vinzenz = {
+  options.my.desktop.vinzenz = {
     enable = lib.mkEnableOption "user vinzenz";
   };
 
@@ -20,7 +20,6 @@ in {
     };
 
     # home manager
-    my.home.enable = true;
     home-manager.users.vinzenz = {
       config,
       pkgs,

modules/home/default.nix

@@ -1,25 +0,0 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}: let
-  cfg = config.my.home;
-in {
-  imports =
-    [
-      ./vinzenz.nix
-      ./ronja.nix
-      # enable home manager
-    ]
-    ++ lib.optional (builtins.pathExists <home-manager/nixos>) <home-manager/nixos>;
-
-  options.my.home = {
-    enable = lib.mkEnableOption "my home management";
-  };
-
-  config = lib.mkIf cfg.enable {
-    home-manager.useUserPackages = true;
-    home-manager.useGlobalPkgs = true;
-  };
-}

modules/server/default.nix

@@ -14,13 +14,25 @@ in {
 
   config = lib.mkIf cfg.enable {
     services = {
-      services.openssh.enable = true;
+      # Enable the OpenSSH daemon.
+      services.openssh = {
+        enable = true;
+        settings = {
+          # PermitRootLogin = "no"; # this is managed through authorized keys
+          PasswordAuthentication = false;
+          KbdInteractiveAuthentication = false;
+        };
+      };
+
     };
 
     programs = {
+      git.enable = true;
+      zsh.enable = true;
     };
 
     networking.firewall = {
+      enable = true;
       allowedTCPPortRanges = [
         {
           # ssh
@@ -29,5 +41,11 @@ in {
         }
       ];
     };
+
+    environment = {
+      systemPackages = with pkgs; [
+        ncdu
+      ];
+    };
   };
 }

vinzenz-lpt.nix

@@ -1,13 +1,16 @@
 {...}: {
   imports = [
-    ./modules
+    ./modules/desktop
-    (import ./hardware "vinzenz-lpt")
+    (import ./modules/hardware "vinzenz-lpt")
   ];
 
   config = {
     my = {
+      desktop = {
+        enable = true;
         gnome.enable = true;
-      home.vinzenz.enable = true;
+        vinzenz.enable = true;
+      };
     };
 
     services.flatpak.enable = true;

vinzenz-pc2.nix

@@ -1,13 +1,14 @@
 {...}: {
   imports = [
     ./modules
-    (import ./hardware "vinzenz-pc2")
+    (import ./modules/hardware "vinzenz-pc2")
   ];
 
   config = {
     my = {
+      desktop = {
+        enable = true;
         kde.enable = true;
-      home = {
         vinzenz.enable = true;
         ronja.enable = true;
       };