From 6e3fecf13e123aa712eefe46e17e63ab527e5a1d Mon Sep 17 00:00:00 2001
From: Spotlight <spotlight@joscomputing.space>
Date: Sun, 3 Nov 2024 02:38:53 -0600
Subject: [PATCH] linux: Separate common configuration

---
 hosts/linux/cyclone/configuration.nix         |  97 +--------------
 hosts/linux/shared.nix                        | 111 ++++++++++++++++++
 .../spotlights-macbook-air/configuration.nix  |  56 +--------
 3 files changed, 119 insertions(+), 145 deletions(-)
 create mode 100644 hosts/linux/shared.nix

diff --git a/hosts/linux/cyclone/configuration.nix b/hosts/linux/cyclone/configuration.nix
index 55f8d30..bfd541d 100644
--- a/hosts/linux/cyclone/configuration.nix
+++ b/hosts/linux/cyclone/configuration.nix
@@ -3,76 +3,24 @@
 {
   imports = [
     ./hardware-configuration.nix
+    ../shared.nix
   ];
 
   networking = {
     hostName = "cyclone";
-    domain = "host.fox-int.cloud";
     hostId = "79696666";
-    networkmanager.enable = true;
-    useNetworkd = true;
     # Allow WireGuard.
     firewall.checkReversePath = "loose";
-
-    # Use a set of known-good nameservers.
-    nameservers = [
-      # Quad9
-      "2620:fe::fe"
-      "9.9.9.9"
-      # Cloudflare
-      "2606:4700:4700::1111"
-      "1.1.1.1"
-    ];
   };
 
-  nix.settings = {
-    experimental-features = [ "flakes" "nix-command" ];
-    trusted-users = [ "spotlight" ];
-    builders-use-substitutes = true;
-
-    # Include Garnix
-    substituters = [ "https://cache.garnix.io" ];
-    trusted-public-keys = [ "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" ];
-  };
-
-  # Select internationalisation properties.
-  time.timeZone = "America/Chicago";
-  i18n.defaultLocale = "en_US.UTF-8";
-
   # General service configuration.
   services = {
-    xserver = {
-      enable = true;
-
-      # GNOME!
-      desktopManager.gnome.enable = true;
-      displayManager.gdm = {
-        # At the login screen, don't automatically fall asleep.
-        autoSuspend = false;
-        enable = true;
-      };
-
-      # Nvidia driver support.
-      videoDrivers = [ "nvidia" ];
-    };
-
-    # CUPS might be nice.
-    printing.enable = true;
-
-    # Audio support.
-    pipewire = {
-      enable = true;
-      pulse.enable = true;
-    };
+    # Ensure xserver is using the Nvidia drivers.
+    xserver.videoDrivers = [ "nvidia" ];
 
+    # Allow for RDP access.
     gnome.gnome-remote-desktop.enable = true;
 
-    # Let's use our own API key.
-    geoclue2 = {
-      enable = true;
-      geoProviderUrl = "https://www.googleapis.com/geolocation/v1/geolocate?key=AIzaSyDwr302FpOSkGRpLlUpPThNTDPbXcIn_FM";
-    };
-
     # We'd like SSH available.
     openssh = {
       enable = true;
@@ -88,9 +36,6 @@
   };
 
   hardware = {
-    # Pipewire conflicts with PulseAudio.
-    pulseaudio.enable = false;
-
     # Nvidia
     graphics.enable = true;
     nvidia = {
@@ -124,18 +69,6 @@
     };
   };
 
-  # Hey, world!
-  users.users.spotlight = {
-    isNormalUser = true;
-    extraGroups = [ "libvirtd" "wheel" ];
-    openssh.authorizedKeys.keys = [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPQQO+c8ygVzRt55Z9qekqItSjYiw381cFPOqX+vGAGT MacBook Air 2020 macOS"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/gyX9b80oml6z3UGOxVMJk/NS8R5w9NEITJcKb0MnU MacBook Air 2020 NixOS"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICpZtyCO6581/FdJHqSTXiFZ2XcxmUudP3sw7jjTzLiN Termius"
-    ];
-    shell = pkgs.zsh;
-  };
-
   nixpkgs = {
     hostPlatform = lib.mkDefault "x86_64-linux";
 
@@ -157,32 +90,14 @@
     ];
   };
 
-  # Standard system utilities.
+  # Standard system utilities. Many of these are within ../shared.nix.
   # The bulk of user-specific packages should go within the home-manager configuration.
   environment.systemPackages = with pkgs; [
     cider
     discord
-    firefox
-    htop
-    git
-    gnome-tweaks
-    gnomeExtensions.appindicator
-    pciutils
-    seafile-client
-    telegram-desktop
-    transmission_4-gtk
-    tmux
-    usbutils
-    vim
-    wget
-    wl-clipboard
   ];
 
-  programs = {
-    gnupg.agent.enable = true;
-    steam.enable = true;
-    zsh.enable = true;
-  };
+  programs.steam.enable = true;
 
   # Please do not change this without reviewing release notes upstream.
   system.stateVersion = "24.11";
diff --git a/hosts/linux/shared.nix b/hosts/linux/shared.nix
new file mode 100644
index 0000000..ade4828
--- /dev/null
+++ b/hosts/linux/shared.nix
@@ -0,0 +1,111 @@
+{ pkgs, ... }: {
+  # We want to ensure flakes, new Nix commands,
+  # and Garnix are available across all installs.
+  nix.settings = {
+    experimental-features = [ "flakes" "nix-command" ];
+    trusted-users = [ "spotlight" ];
+    builders-use-substitutes = true;
+
+    # Include Garnix
+    substituters = [ "https://cache.garnix.io" ];
+    trusted-public-keys = [ "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" ];
+  };
+
+  # We generally want these network preferences across all installs.
+  networking = {
+    domain = "host.fox-int.cloud";
+    networkmanager.enable = true;
+
+    nameservers = [
+      # Quad9
+      "2620:fe::fe"
+      "9.9.9.9"
+      # Cloudflare
+      "2606:4700:4700::1111"
+      "1.1.1.1"
+    ];
+  };
+
+  # Similarly, enforce baseline localisation.
+  time.timeZone = "America/Chicago";
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  # Some common services:
+  services = {
+    # We'd like Bonjour available.
+    avahi = {
+      enable = true;
+      # Enable .local resolution
+      nssmdns4 = true;
+    };
+
+    # We should have GNOME on all desktop installs.
+    xserver = {
+      enable = true;
+
+      # GNOME!
+      desktopManager.gnome.enable = true;
+      displayManager.gdm = {
+        # At the login screen, don't automatically fall asleep.
+        autoSuspend = false;
+        enable = true;
+      };
+    };
+
+    # We'd also like printing support.
+    printing.enable = true;
+
+    # We want proper sound support.
+    pipewire = {
+      enable = true;
+      pulse.enable = true;
+    };
+
+    # As Mozilla's Location Service has shut down,
+    # we'll use geolocation via the Arch Linux API key.
+    geoclue2 = {
+      enable = true;
+      geoProviderUrl = "https://www.googleapis.com/geolocation/v1/geolocate?key=AIzaSyDwr302FpOSkGRpLlUpPThNTDPbXcIn_FM";
+    };
+  };
+
+  # Pipewire conflicts with PulseAudio.
+  hardware.pulseaudio.enable = false;
+
+  # Our user!
+  users.users.spotlight = {
+    isNormalUser = true;
+    extraGroups = [ "libvirtd" "wheel" ];
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPQQO+c8ygVzRt55Z9qekqItSjYiw381cFPOqX+vGAGT MacBook Air 2020 macOS"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/gyX9b80oml6z3UGOxVMJk/NS8R5w9NEITJcKb0MnU MacBook Air 2020 NixOS"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICpZtyCO6581/FdJHqSTXiFZ2XcxmUudP3sw7jjTzLiN Termius"
+    ];
+    shell = pkgs.zsh;
+  };
+
+  # At a minimum, we'd like GnuPG and ZSH available.
+  programs = {
+    gnupg.agent.enable = true;
+    zsh.enable = true;
+  };
+
+  # Common utilities across most Linux installs.
+  environment.systemPackages = with pkgs; [
+    firefox
+    htop
+    git
+    gnome-tweaks
+    gnomeExtensions.appindicator
+    minicom
+    pciutils
+    seafile-client
+    telegram-desktop
+    transmission_4-gtk
+    tmux
+    usbutils
+    vim
+    wget
+    wl-clipboard
+  ];
+}
diff --git a/hosts/linux/spotlights-macbook-air/configuration.nix b/hosts/linux/spotlights-macbook-air/configuration.nix
index 5c2a5dc..6bf8b9b 100644
--- a/hosts/linux/spotlights-macbook-air/configuration.nix
+++ b/hosts/linux/spotlights-macbook-air/configuration.nix
@@ -8,13 +8,13 @@
 
   imports = [
     ./hardware-configuration.nix
+    ../shared.nix
   ];
 
-  nix.settings.experimental-features = [ "flakes" "nix-command" ];
-
   # Use the systemd-boot EFI boot loader.
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = false;
+
   # GPU enablement
   hardware.asahi = {
     peripheralFirmwareDirectory = /boot/asahi;
@@ -25,7 +25,6 @@
   };
 
   networking = {
-    hostName = "spotlights-macbook-air";
     wireless.iwd = {
       enable = true;
       settings.General.EnableNetworkConfiguration = true;
@@ -33,48 +32,8 @@
     networkmanager.enable = true;
   };
 
-  services = {
-    # Enable GNOME
-    xserver = {
-      enable = true;
-      displayManager.gdm.enable = true;
-      desktopManager.gnome.enable = true;
-    };
-    avahi = {
-      enable = true;
-      # Enable .local resolution
-      nssmdns4 = true;
-    };
-
-    # Enable CUPS to print documents.
-    printing.enable = true;
-  };
-
-  # Our user account.
-  programs.zsh.enable = true;
-  users.users.spotlight = {
-    isNormalUser = true;
-    extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
-    shell = pkgs.zsh;
-  };
-
   environment.systemPackages = with pkgs; [
-    cachix
-    firefox
-    git
-    htop
-    gnomeExtensions.appindicator
     legcord
-    minicom
-    nix-output-monitor
-    python3
-    seafile-client
-    telegram-desktop
-    tmux
-    usbutils
-    vim
-    vscode
-    wget
   ];
 
   # :(
@@ -82,16 +41,5 @@
     "vscode"
   ];
 
-  # Allow location services.
-  location.provider = "geoclue2";
-  services.geoclue2.enable = true;
-
-  # Some programs need SUID wrappers, can be configured further or are
-  # started in user sessions.
-  programs.gnupg.agent = {
-    enable = true;
-    pinentryPackage = pkgs.pinentry-gnome3;
-  };
-
   system.stateVersion = "24.05";
 }