cleanup

configuration.nix

@@ -1,19 +1,9 @@
-{ config, pkgs, ... }:
+{ config, pkgs, lib, ... }:
-
-let
-	ghKeys = builtins.fetchurl {
-		sha256 = "sha256:189ah8yyqgjvlsi2hydk94jrra97jj7hpxr805bzkif05jp2ivai";
-		url = "https://github.com/illustris.keys";
-	};
-in
 {
-
-	nixpkgs.overlays = [
-	];
-
 	imports = [
-		./hardware-configuration.nix
 		./desktop-configuration.nix
+		./hardware-configuration.nix
+		./networking-configuration.nix
 		./modules
 	];
 
@@ -38,94 +28,60 @@ in
 		zfs.devNodes = "/dev/disk/by-partuuid";
 	};
 
-	time.timeZone = "Asia/Kolkata";
-
-	networking = {
-		hostId = "f86b2fa7";
-
-		hostName = "desktop";
-		networkmanager.enable = true;
-	};
-
-	security.sudo.wheelNeedsPassword = false;
-
-	users.users = {
-		illustris = {
-			isNormalUser = true;
-			extraGroups = [ "wheel" "docker" "tty" "adb" "libvirtd" ];
-			openssh.authorizedKeys.keyFiles = [ ghKeys ];
-		};
-		root.openssh.authorizedKeys.keyFiles = [ ghKeys ];
-	};
-
 	environment = {
+		etc.nixpkgs.source = pkgs.path;
 		systemPackages = with pkgs; [
 			asciinema
-			arandr
+			bind binutils-unwrapped bmon
-			bind
-			binutils-unwrapped
-			bmon
 			cmatrix # More useful than you might think
-			#ec2_api_tools
+			cscope
-			ethtool
+			ethtool expect
-			expect
+			fatrace file
-			fatrace
+			gdb git gnumake
-			file
-			gdb
-			git
-			gnumake
-			#graphviz
 			htop
-			#imagemagick
+			iotop iperf
-			iotop
-			iperf
 			jq
 			killall
-			latencytop
+			latencytop linuxPackages.perf lsof
-			linuxPackages.perf
-			lsof
 			mosh
-			ncdu
+			ncdu neofetch nethogs networkmanager nfs-utils
-			neofetch
+			nix-du nix-top nix-prefetch-git nix-tree
-			nethogs
-			networkmanager
-			nfs-utils
-			nix-du
-			nix-top
-			nix-prefetch-git
-			nix-tree
 			nnn
-			p7zip
+			openvpn
-			pciutils
+			p7zip pciutils powertop pv
-			powertop
+			python3 python3Packages.percol
-			pv
-			python3
-			python3Packages.percol
 			ranger
-			screen
+			screen sshfs surf sysstat
-			sshfs
+			tmate tmux tree
-			surf
+			unzip usbutils
-			sysstat
-			tmate
-			tmux
-			tree
-			unzip
-			usbutils
 			valgrind
-			#virt-manager
 			wget
 			youtube-dl
-			(cscope.override{emacsSupport = false;})
-			#(emacs.override{withGTK3 = false; withX = false;})
 			(pass.withExtensions (exts: [ exts.pass-otp ]))
 			((pkgs.callPackage ./packages/passcol) { })
 			(writeScriptBin "vpnpass" (builtins.readFile ./scripts/vpnpass))
 		];
-		etc = {
+	};
-			nixpkgs.source = pkgs.path;
+
+	# for ZFS
+	networking.hostId = "f86b2fa7";
+
+	nix = {
+		nixPath = [ "nixpkgs=${pkgs.path}" ];
+		settings = {
+			auto-optimise-store = true;
+			experimental-features = [ "nix-command" "flakes" ];
+			trusted-users = [ "root" "illustris" ];
 		};
 	};
 
+	# TODO: make a mergable option
+	nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
+		"nvidia-persistenced" "nvidia-settings" "nvidia-x11"
+		"steam" "steam-original" "steam-run"
+		"zerotierone"
+	];
+
 	programs = {
 		adb.enable = true;
 		bash = {
@@ -156,29 +112,48 @@ in
 			enable = true;
 			pinentryFlavor = "curses";
 		};
+
 		mosh.enable = true;
 		mtr.enable = true;
 		ssh.startAgent = true;
 	};
 
+	security.sudo.wheelNeedsPassword = false;
+
 	services = {
-		zfs.autoScrub.enable = true;
+		flatpak.enable = true;
+		gnome.gnome-keyring.enable = true;
+		ntp.enable = true;
 		openssh = {
 			enable = true;
 			settings.X11Forwarding = true;
 		};
+		qemuGuest.enable = true;
+		resolved.enable = true;
 		udev = {
-			packages = [ (pkgs.callPackage (import ./packages/xr-hardware/default.nix) {}) ];
+			# TODO: check if still needed
 			extraRules = ''
 				SUBSYSTEM=="virtio-ports", ATTR{name}=="org.qemu.guest_agent.0", TAG+="systemd" ENV{SYSTEMD_WANTS}="qemu-guest-agent.service"
 			'';
+			packages = [ (pkgs.callPackage (import ./packages/xr-hardware/default.nix) {}) ];
 		};
-		ntp.enable = true;
+		zfs.autoScrub.enable = true;
-		zerotierone.enable = true;
+	};
-		flatpak.enable = true;
+
-		gnome.gnome-keyring.enable = true;
+	time.timeZone = "Asia/Kolkata";
-		qemuGuest.enable = true;
+
-		resolved.enable = true;
+	users.users = let
+		ghKeys = pkgs.fetchurl {
+			hash = "sha256-Ue0orizAxflXASj3C4+UJ6mcJUmzeSiipls+7D2CKqE=";
+			url = "https://github.com/illustris.keys";
+		};
+	in {
+		illustris = {
+			extraGroups = [ "adb" "docker" "libvirtd" "tty" "wheel" ];
+			isNormalUser = true;
+			openssh.authorizedKeys.keyFiles = [ ghKeys ];
+		};
+		root.openssh.authorizedKeys.keyFiles = [ ghKeys ];
 	};
 
 	virtualisation = {
@@ -191,26 +166,8 @@ in
 		libvirtd.enable = true;
 	};
 
-	networking.firewall.enable = false;
-
-	nix = {
-		extraOptions = ''
-			experimental-features = nix-command flakes
-		'';
-		nixPath = [ "nixpkgs=${pkgs.path}" ];
-		settings = {
-			trusted-users = [ "root" "illustris" ];
-			auto-optimise-store = true;
-		};
-	};
-
 	xdg.portal.enable = true;
 
-	# In case of emergency, bash glass
-	#systemd.tmpfiles.rules = [
-	#	"L /bin/bash - - - - /run/current-system/sw/bin/bash"
-	#];
-
 	# This value determines the NixOS release from which the default
 	# settings for stateful data, like file locations and database versions
 	# on your system were taken. It‘s perfectly fine and recommended to leave

desktop-configuration.nix

@@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ config, pkgs, lib, ... }:
 {
 
 	nixpkgs.overlays = [
@@ -7,40 +7,83 @@
 		(import ./overlays/suckless/dwm-overlay.nix)
 	];
 
+	environment.systemPackages = with pkgs; [
+		arandr
+		# blender
+		dmenu
+		dunst
+		emacs
+		firefox
+		flutter
+		gimp
+		gnome.gnome-screenshot
+		guake
+		insomnia
+		# kcachegrind
+		libnotify
+		mpv
+		obs-studio
+		okular
+		# openhmd
+		pavucontrol
+		remmina
+		perlPackages.AppClusterSSH
+		signal-desktop
+		scrot
+		st
+		sunshine
+		# surf
+		sxiv
+		virt-manager
+		vlc
+		wireshark
+		x11vnc
+		# zoom-us
+	];
+	
 	fonts.fonts = with pkgs; [
 		(nerdfonts.override { fonts = [ "DroidSansMono" ]; })
 	];
 
-	systemd.user.services.sunshine = {
+	hardware.pulseaudio = {
-		script = "sunshine";
+		daemon.config.default-sample-channels = 6;
-		path = [ pkgs.sunshine ];
+		enable = false;
+		# extraConfig = ''
+		# 	load-module module-simple-protocol-tcp rate=48000 format=s16le channels=2 source=alsa_output.pci-0000_01_00.1.hdmi-stereo.monitor record=true port=8888
+		# '';
+		package = pkgs.pulseaudioFull;
+		# tcp = {
+		# 	enable = true;
+		# };
 	};
 
+	networking.firewall.allowedTCPPorts = [ 4713 8888 ];
+
+	programs.steam.enable = true;
+
+	security.rtkit.enable = true;
+
 	services = {
-		xserver = {
+		blueman.enable = true;
-			enable = true;
-			displayManager.defaultSession = "none+dwm";
-			windowManager.dwm.enable = true;
-			videoDrivers = [ "nvidia" ];
-			dpi = 100;
-			#defaultDepth = 30;
-		};
 		picom = {
+			backend = "glx";
+			# backend = "xr_glx_hybrid";
 			enable = true;
 			vSync = true;
-			#backend = "xr_glx_hybrid";
-			backend = "glx";
 		};
-		blueman.enable = true;
+		xserver = {
-		pipewire = {
+			# defaultDepth = 30;
+			displayManager.defaultSession = "none+dwm";
+			dpi = 100;
 			enable = true;
+			videoDrivers = [ "nvidia" ];
+			windowManager.dwm.enable = true;
+		};
+		pipewire = {
 			alsa = {
 				enable = true;
 				support32Bit = true;
 			};
-			pulse.enable = true;
-			jack.enable = true;
-			socketActivation = true;
 			config.pipewire = {
 				#"context.properties" = {
 				#	"link.max-buffers" = 16;
@@ -83,62 +126,15 @@
 				#	{ name = "libpipewire-module-session-manager"; }
 				#];
 			};
-
+			enable = true;
+			jack.enable = true;
+			pulse.enable = true;
+			socketActivation = true;
 		};
 	};
 
-	nixpkgs.config.allowUnfree = true;
+	systemd.user.services.sunshine = {
-	programs.steam.enable = true;
+		path = [ pkgs.sunshine ];
-
+		script = "sunshine";
-	environment.systemPackages = with pkgs; [
-		emacs
-		st
-		dmenu
-		mpv
-		pavucontrol
-		sublime3
-		perlPackages.AppClusterSSH
-		x11vnc
-		#kcachegrind
-		remmina
-		insomnia
-		vlc
-		virt-manager
-		# openhmd
-		gimp
-		firefox
-		#obs-studio
-		signal-desktop
-		sxiv
-		scrot
-		#(libsForQt5.callPackage (import ./packages/rescuetime/default.nix) {})
-		#surf
-		gnome.gnome-screenshot
-		# blender
-		wireshark
-		flutter
-		obs-studio
-		dunst
-		libnotify
-		zoom-us
-		guake
-		okular
-		sunshine
-	];
-
-	security.rtkit.enable = true;
-
-	hardware.pulseaudio = {
-		enable = false;
-		daemon.config.default-sample-channels = 6;
-		package = pkgs.pulseaudioFull;
-		#extraConfig = ''
-		#	load-module module-simple-protocol-tcp rate=48000 format=s16le channels=2 source=alsa_output.pci-0000_01_00.1.hdmi-stereo.monitor record=true port=8888
-		#'';
-		#tcp = {
-		#	enable = true;
-		#};
 	};
-
-	networking.firewall.allowedTCPPorts = [ 4713 8888 ];
 }

modules/default.nix

@@ -2,6 +2,5 @@
 {
 	imports = [
 		./chromium
-		./openvpn
 	];
 }

modules/openvpn/default.nix

@@ -1,8 +0,0 @@
-{ pkgs, ... }:
-
-{
-	environment = {
-		systemPackages = with pkgs; [openvpn];
-		etc.openvpn.source = "${pkgs.update-resolv-conf}/libexec/openvpn";
-	};
-}

networking-configuration.nix

@@ -0,0 +1,9 @@
+{ ... }:
+{
+	networking = {
+		firewall.enable = false;
+		hostName = "desktop";
+		networkmanager.enable = true;
+	};
+	services.zerotierone.enable = true;
+}