flake-parts/hosts.nix

@@ -9,15 +9,14 @@ let
     hostName:
     inputs.nixpkgs.lib.nixosSystem {
       specialArgs = { inherit inputs self; };
-      modules =
+      modules = [
-        (lib.singleton { networking = { inherit hostName; }; })
+        { networking = { inherit hostName; }; }
-        ++ (
+        "${self}/hosts/${hostName}/default.nix"
-          "${self}/hosts/${hostName}"
+        "${self}/hosts/${hostName}/hardware.nix"
-          |> builtins.readDir
+        "${self}/hosts/${hostName}/disko.nix"
-          |> lib.attrNames
+        "${self}/users/seb"
-          |> lib.filter (file: file |> lib.hasSuffix ".nix")
+      ]
-          |> lib.map (file: "${self}/hosts/${hostName}/${file}")
+      ++ lib.optional (lib.pathExists "${self}/users/seb/@${hostName}") "${self}/users/seb/@${hostName}";
-        );
     };
 in
 {

justfile

@@ -41,7 +41,7 @@ reboot:
 [group('remote')]
 deploy +hosts:
     for host in {{ hosts }}; do \
-        nh os switch . --hostname=$host --target-host=$host; \
+      nh os switch . --hostname=$host --target-host=$host; \
     done
 
 [group('remote')]
@@ -69,9 +69,4 @@ sops-rotate-all:
     just _sops-do "find . -type f -name 'secrets.json' -exec sops rotate --in-place {} \;"
 
 _sops-do command:
-    if command -v sops > /dev/null 2>&1; then \
+    -if command -v sops >/dev/null 2>&1; then {{ command }}; else nix develop .#sops --command bash -c "{{ command }}; exec zsh"; fi
-        {{ command }}; \
-    else \
-        nix develop .#sops --command bash -c "{{ command }}; \
-        exec zsh"; \
-    fi

profiles/core.nix

@@ -68,16 +68,7 @@
 
   console.keyMap = "de-latin1-nodeadkeys";
 
-  sops.secrets."seb-password".neededForUsers = true;
+  users.mutableUsers = false;
-  users = {
-    mutableUsers = false;
-    users.seb = {
-      isNormalUser = true;
-      description = "Sebastian Stork";
-      hashedPasswordFile = config.sops.secrets."seb-password".path;
-      extraGroups = [ "wheel" ];
-    };
-  };
 
   programs.neovim = {
     enable = true;

profiles/workstation.nix

@@ -1,16 +1,6 @@
+{ self, pkgs, ... }:
 {
-  config,
+  imports = [ self.nixosModules.profile-core ];
-  inputs,
-  self,
-  pkgs,
-  pkgs-unstable,
-  ...
-}:
-{
-  imports = [
-    self.nixosModules.profile-core
-    inputs.home-manager.nixosModules.home-manager
-  ];
 
   boot.kernelPackages = pkgs.linuxPackages_latest;
 
@@ -29,14 +19,4 @@
   };
 
   programs.localsend.enable = true;
-
-  programs.zsh.enable = true;
-  users.users.seb.shell = pkgs.zsh;
-
-  home-manager = {
-    useGlobalPkgs = true;
-    useUserPackages = true;
-    extraSpecialArgs = { inherit inputs self pkgs-unstable; };
-    users.seb = "${self}/users/seb/@${config.networking.hostName}/home.nix";
-  };
 }

users/home-manager.nix

@@ -0,0 +1,17 @@
+{
+  inputs,
+  self,
+  pkgs-unstable,
+  ...
+}:
+{
+  imports = [ inputs.home-manager.nixosModules.home-manager ];
+
+  home-manager = {
+    useGlobalPkgs = true;
+    useUserPackages = true;
+    extraSpecialArgs = {
+      inherit inputs self pkgs-unstable;
+    };
+  };
+}

users/seb/@desktop/default.nix

@@ -0,0 +1,8 @@
+{ self, pkgs, ... }:
+{
+  imports = [ "${self}/users/home-manager.nix" ];
+  home-manager.users.seb = ./home.nix;
+
+  users.users.seb.shell = pkgs.zsh;
+  programs.zsh.enable = true;
+}

users/seb/@laptop/default.nix

@@ -0,0 +1,8 @@
+{ self, pkgs, ... }:
+{
+  imports = [ "${self}/users/home-manager.nix" ];
+  home-manager.users.seb = ./home.nix;
+
+  users.users.seb.shell = pkgs.zsh;
+  programs.zsh.enable = true;
+}

users/seb/default.nix

@@ -0,0 +1,11 @@
+{ config, ... }:
+{
+  sops.secrets."seb-password".neededForUsers = true;
+
+  users.users.seb = {
+    isNormalUser = true;
+    description = "Sebastian Stork";
+    hashedPasswordFile = config.sops.secrets."seb-password".path;
+    extraGroups = [ "wheel" ];
+  };
+}