WIP: move nixos modules

modules/nixos/basics/default.nix

@@ -0,0 +1,10 @@
+{ lib, ... }:
+let
+  src = ./.;
+  files = builtins.readDir src;
+  nixFiles = builtins.attrNames (lib.attrsets.filterAttrs (name: type: type != "directory" && lib.hasSuffix ".nix" name && !(lib.hasSuffix "default.nix" name)) files);
+  imports = builtins.map (path: src + ("/" + path)) nixFiles;
+in
+{
+  inherit imports;
+}

modules/nixos/basics/distributed.nix

@@ -0,0 +1,24 @@
+{
+  security.sudo.wheelNeedsPassword = false;
+  nix.settings = {
+    substituters = [ "https://hyprland.cachix.org" ];
+
+    trusted-users = [ "root" "@wheel" ];
+
+    trusted-public-keys = [
+      "thor:yRx3HglIxjUYocp4/jAP9dPWxWBEpgP6hqj1ofEfn1A="
+      "odin:ClRXzxmDZl2Y94SG4YlWXGiJDY4L9DgZq/3OLR5+i6k="
+      "loki:HN1P2nXzIkqitl95MvjcSHxtDo7Ao+I8M8U/RqQLC5k="
+
+      "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
+    ];
+
+    secret-key-files = [ "/etc/nix/key" ];
+
+    # substituters = [
+    #   "ssh-ng://thor.local"
+    #   "ssh-ng://odin.local"
+    #   "ssh-ng://loki.local"
+    # ];
+  };
+}

modules/nixos/basics/extended-registry.nix

@@ -0,0 +1,37 @@
+{
+  nix.registry = {
+    agenix = {
+      from = {
+        id = "agenix";
+        type = "indirect";
+      };
+      to = {
+        type = "github";
+        owner = "ryantm";
+        repo = "agenix";
+      };
+    };
+    my-templates = {
+      from = {
+        id = "my-templates";
+        type = "indirect";
+      };
+      to = {
+        type = "github";
+        owner = "bertof";
+        repo = "flake-templates";
+      };
+    };
+    tex2nix = {
+      from = {
+        id = "tex2nix";
+        type = "indirect";
+      };
+      to = {
+        type = "github";
+        owner = "Mic92";
+        repo = "tex2nix";
+      };
+    };
+  };
+}

modules/nixos/basics/remote-deploy.nix

@@ -0,0 +1,15 @@
+{ lib, ... }: {
+  services.openssh = {
+    enable = true;
+    openFirewall = true;
+    settings = {
+      KbdInteractiveAuthentication = lib.mkDefault false;
+      PermitRootLogin = lib.mkDefault "prohibit-password";
+      PasswordAuthentication = lib.mkDefault false;
+    };
+  };
+
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKp1Rfb2acLM/5TDUahu+AdV/HVw+hoOTdQIeQIjV5p8"
+  ];
+}

modules/nixos/basics/zerotier.nix

@@ -0,0 +1,6 @@
+{
+  services.zerotierone = {
+    enable = true;
+    joinNetworks = [ "8056c2e21cf9c753" ];
+  };
+}