From 98ada82bb8221bdfeca976285ad6a4babe2486de Mon Sep 17 00:00:00 2001
From: Filippo Berto <berto.f@protonmail.com>
Date: Wed, 1 Oct 2025 22:33:18 +0200
Subject: [PATCH] Update: sif cleanup

---
 instances/sif/configuration.nix | 147 ++++----------------------------
 instances/sif/hm.nix            |   3 +-
 2 files changed, 17 insertions(+), 133 deletions(-)

diff --git a/instances/sif/configuration.nix b/instances/sif/configuration.nix
index 164a9e5..b2cb42c 100644
--- a/instances/sif/configuration.nix
+++ b/instances/sif/configuration.nix
@@ -1,17 +1,4 @@
-{ config
-, pkgs
-, lib
-, ...
-}:
-{
-  age.secrets = {
-    # ntfy-sif = {
-    #   file = ../../secrets/ntfy-odin.age;
-    #   owner = "bertof";
-    # };
-    # sif.file = ../../secrets/odin_wg_priv.age;
-  };
-
+{ config, pkgs, lib, ... }: {
   # Use the systemd-boot EFI boot loader.
   boot = {
     kernelPackages = pkgs.linuxPackages_latest;
@@ -23,89 +10,18 @@
 
     initrd.checkJournalingFS = true; # Use same ACPI identifier as Dell Ubuntu
     loader = {
-      systemd-boot = {
-        enable = true;
-        editor = false;
-      };
       efi.canTouchEfiVariables = true;
+      systemd-boot = { enable = true; editor = false; };
     };
     extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
 
     # Cross-build arm
-    binfmt.emulatedSystems = [
-      "armv7l-linux"
-      "aarch64-linux"
-    ];
-  };
-
-  hardware = {
-    xpadneo.enable = true;
-    logitech.wireless = { enable = true; enableGraphical = true; };
-
-    graphics = {
-      enable = true;
-      enable32Bit = true;
-      extraPackages = with pkgs; [ vpl-gpu-rt ];
-    };
-
-    enableRedistributableFirmware = true;
+    binfmt.emulatedSystems = [ "armv7l-linux" "aarch64-linux" ];
   };
 
   networking = {
     hostName = "sif";
-    networkmanager = {
-      enable = true;
-      plugins = with pkgs; [ networkmanager-openvpn ];
-    };
-    # networkmanager.wifi.backend = "iwd";
-
-    # Configure network proxy if necessary
-    # proxy.default = "http://user:password@proxy:port/";
-    # proxy.noProxy = "127.0.0.1,localhost,internal.domain";
-
-    # Open ports in the firewall.
-    # firewall.allowedTCPPorts = [ ... ];
-    # firewall.allowedUDPPorts = [ ... ];
-    # Or disable the firewall altogether.
-    # firewall.enable = false;
-
-    # wg-quick.interfaces = {
-    #   wg0 = {
-    #     autostart = false;
-    #     address = [ "10.0.0.2/24" "fdc9:281f:04d7:9ee9::2/64" ];
-    #     dns = [ "10.0.0.1" "fdc9:281f:04d7:9ee9::1" ];
-    #     privateKeyFile = config.age.secrets.sif.path;
-
-    #     peers = [
-    #       {
-    #         # baldur
-    #         # allowedIPs = [ "10.0.0.3/32" "fdc9:281f:04d7:9ee9::3/128" ];
-    #         allowedIPs = [ "0.0.0.0/0" "::/0" ];
-    #         endpoint = "baldur.bertof.net:51820";
-    #         presharedKeyFile = config.age.secrets.wg_psk.path;
-    #         publicKey = "K57ikgFSR1O0CXWBxfQEu7uxSOsp3ePj/NMRets5pVc=";
-    #       }
-    #       {
-    #         # sif
-    #         publicKey = "LDBhvzeYmHJ0z5ch+N559GWjT3It1gZvGR/9WtCfURw=";
-    #         presharedKeyFile = config.age.secrets.wg_psk.path;
-    #         allowedIPs = [ "10.0.0.2/24" "fdc9:281f:04d7:9ee9::2/128" ];
-    #       }
-    #       {
-    #         # oppo
-    #         publicKey = "OBk6bHKuIYLwD7cwjmAuMn57jXqbDwCL52jhQxiHnnA=";
-    #         presharedKeyFile = config.age.secrets.wg_psk.path;
-    #         allowedIPs = [ "10.0.0.3/24" "fdc9:281f:04d7:9ee9::3/128" ];
-    #       }
-    #       {
-    #         # thor
-    #         publicKey = "rpwR6n4IE96VZAmQDBufsWE/a9G7d8fpkvY1OwsbOhk=";
-    #         presharedKeyFile = config.age.secrets.wg_psk.path;
-    #         allowedIPs = [ "10.0.0.4/24" "fdc9:281f:04d7:9ee9::4/128" ];
-    #       }
-    #     ];
-    #   };
-    # };
+    networkmanager = { enable = true; plugins = with pkgs; [ networkmanager-openvpn ]; };
   };
 
   services = {
@@ -117,7 +33,6 @@
     displayManager = {
       enable = true;
       defaultSession = "hyprland";
-
       cosmic-greeter.enable = true;
       # sddm.enable = true;
     };
@@ -125,8 +40,6 @@
     # X11 windowing system.
     xserver = {
       enable = true;
-      # videoDrivers = [ "intel" ];
-      # desktopManager.plasma5 = { enable = true; runUsingSystemd = true; };
       xkb = {
         layout = "us,it";
         options = "eurosign:e,terminate:ctrl_alt_bksp,compose:rctrl,grp:menu_toggle";
@@ -140,10 +53,7 @@
       enable = true;
       pulse.enable = true;
       jack.enable = true;
-      alsa = {
-        enable = true;
-        support32Bit = true;
-      };
+      alsa = { enable = true; support32Bit = true; };
       # media-session.enable = true;
     };
 
@@ -232,27 +142,19 @@
   };
 
   hardware = {
-    steam-hardware.enable = true;
-    bluetooth = {
-      enable = true;
-      # package = pkgs.bluezFull;
-    };
+    bluetooth.enable = true;
+    enableRedistributableFirmware = true;
+    graphics = { enable = true; enable32Bit = true; extraPackages = with pkgs; [ vpl-gpu-rt ]; };
+    logitech.wireless = { enable = true; enableGraphical = true; };
+    xpadneo.enable = true;
   };
 
   services = {
-    hardware = {
-      bolt.enable = true;
-    };
-    dbus = {
-      packages = [ pkgs.dconf ];
-      implementation = "broker";
-    };
+    hardware.bolt.enable = true;
+    dbus = { packages = [ pkgs.dconf ]; implementation = "broker"; };
     gnome.gnome-keyring.enable = true;
     blueman.enable = true;
-    gvfs = {
-      enable = true;
-      # package = lib.mkForce pkgs.gnome3.gvfs;
-    };
+    gvfs.enable = true;
     tumbler.enable = true;
     # tlp.enable = false;
     avahi = {
@@ -272,32 +174,15 @@
     };
     # Power-profiles
     power-profiles-daemon.enable = true;
-    fprintd = {
-      enable = true;
-      tod = {
-        enable = true;
-        driver = pkgs.libfprint-2-tod1-goodix;
-      };
-    };
+    fprintd = { enable = true; tod = { enable = true; driver = pkgs.libfprint-2-tod1-goodix; }; };
   };
 
-  # Clamav
-  # services.clamav = {
-  #   daemon.enable = true;
-  #   updater.enable = true;
-  # };
-
-  # services.teamviewer.enable = true;
-
   # Virtualisation
   virtualisation = {
     # vswitch.enable = true;
     # docker.enable = true;
     kvmgt.enable = true;
-    libvirtd = {
-      enable = true;
-      qemu.swtpm.enable = true;
-    };
+    libvirtd = { enable = true; qemu.swtpm.enable = true; };
     podman.enable = true;
     # virtualbox.host.enable = true;
   };
@@ -326,5 +211,5 @@
   # this value at the release version of the first install of this system.
   # Before changing this value read the documentation for this option
   # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "24.11"; # Did you read the comment?
+  system.stateVersion = "25.11"; # Did you read the comment?
 }
diff --git a/instances/sif/hm.nix b/instances/sif/hm.nix
index 09035ec..8f43207 100644
--- a/instances/sif/hm.nix
+++ b/instances/sif/hm.nix
@@ -101,6 +101,7 @@
     # ../../hm/nautilus.nix
     # ../../hm/ncspot.nix
     # ../../hm/obs-studio.nix
+    # ../../hm/pro_audio.nix
     # ../../hm/pycharm.nix
     # ../../hm/rofi.nix
     # ../../hm/screen_locker.nix
@@ -125,9 +126,7 @@
     ../../hm/noti.nix
     ../../hm/nushell.nix
     ../../hm/office.nix
-    ../../hm/office.nix
     ../../hm/pass.nix
-    ../../hm/pro_audio.nix
     ../../hm/rclone-mount-bertof.nix
     ../../hm/research.nix
     ../../hm/syncthing.nix