14 files changed, 270 insertions, 223 deletions

diff --git a/config/desktop.nix b/config/desktop.nix
deleted file mode 100644
index 4380537..0000000
--- a/config/desktop.nix
+++ /dev/null
@@ -1,102 +0,0 @@
-{ config, lib, pkgs, ... }:
-{
-  imports = [ ./common.nix ./users.nix ];
-
-  location.latitude = 40.0;
-  location.longitude = -74.0;
-
-  sound.enable = true;
-
-  hardware = {
-    opengl = {
-      enable = true;
-      driSupport32Bit = true;
-      extraPackages32 = with pkgs.pkgsi686Linux; [ libva ];
-    };
-
-    bluetooth.enable = true;
-    pulseaudio = {
-      enable = true;
-      support32Bit = true;
-      package = pkgs.pulseaudioFull;
-      zeroconf.discovery.enable = true;
-      zeroconf.publish.enable = true;
-      tcp.enable = true;
-      tcp.anonymousClients.allowAll = true;
-    };
-  };
-
-  fonts = {
-    enableDefaultFonts = true;
-    fonts = with pkgs; [ fira-code dejavu_fonts steamPackages.steam-fonts wqy_microhei ];
-    fontconfig = {
-      defaultFonts = {
-        sansSerif = [ "Noto Sans" "WenQuanYi Micro Hei" ];
-        serif = [ "Noto Serif" "WenQuanYi Micro Hei-14" ];
-        emoji = [ "Noto Color Emoji" ];
-        monospace = [ "DejaVu Sans Mono" "WenQuanYi Micro Hei Mono" ];
-      };
-    };
-  };
-
-  environment.systemPackages = with pkgs; [
-    chromium
-    dmenu
-    emacs
-    firefox
-    haskellPackages.xmobar
-    pavucontrol
-    rxvt_unicode-with-plugins
-    sshfsFuse
-    trayer
-    (conky.override { pulseSupport = true; })
-    xbindkeys
-    xorg.xbacklight
-    xorg.xev
-    xscreensaver
-    xsel  # used by urxvt clipboard
-    xss-lock
-    networkmanagerapplet
-    imagemagick
-    dzen2 
-    rofi
-    autorandr
-  ];
-
-  i18n.inputMethod = {
-    enabled = "fcitx";
-    fcitx.engines = with pkgs.fcitx-engines; [cloudpinyin];
-  };
-
-  services = {
-    avahi.enable = true;
-
-    xserver = {
-      enable = true;
-      layout = "us";
-      # xkbVariant = "dvorak";
-      xkbOptions = "caps:ctrl_modifier";
-
-      # desktopManager.plasma5 = {
-      #   enable = true;
-      # };
-
-      windowManager.xmonad = {
-        enable = true;
-        enableContribAndExtras = true;
-        extraPackages = hpkgs: [ hpkgs.xmobar hpkgs.split ];
-      };
-
-      displayManager.lightdm = {
-        enable = true;
-      };
-
-      libinput.enable = true;
-    };
-
-    redshift = {
-      enable = true;
-      extraOptions = ["-r"];
-    };
-  };
-}
diff --git a/config/thinkpad.nix b/config/thinkpad.nix
deleted file mode 100644
index 5bd1707..0000000
--- a/config/thinkpad.nix
+++ /dev/null
@@ -1,32 +0,0 @@
-{ config, lib, pkgs, ... }:
-{
-  services = {
-    tlp = {
-      enable = true;
-      settings = {
-        "SATA_LINKPWR_ON_BAT" = "max_performance";
-      };
-    };
-    xserver.xkbModel = "thinkpad60";
-  };
-
-  boot = {
-    kernelModules = [ "tp_smapi" "thinkpad_acpi" "fbcon" "i915" "acpi_call" ];
-    extraModulePackages = with config.boot.kernelPackages; [ tp_smapi acpi_call ];
-  };
-
-  systemd.services = {
-    battery_threshold = {
-      description = "Set battery charging thresholds.";
-      path = [ pkgs.tpacpi-bat ];
-      after = [ "basic.target" ];
-      wantedBy = [ "multi-user.target" ];
-      script = ''
-        tpacpi-bat -s ST 1 39
-        tpacpi-bat -s ST 2 39
-        tpacpi-bat -s SP 1 80
-        tpacpi-bat -s SP 2 80
-      '';
-    };
-  };
-}
diff --git a/config/yubikey.nix b/config/yubikey.nix
deleted file mode 100644
index d10bb57..0000000
--- a/config/yubikey.nix
+++ /dev/null
@@ -1,51 +0,0 @@
-{ config, lib, pkgs, ... }:
-let
-  yubikey-pkgs = with pkgs; [
-    ccid
-    libu2f-host
-    libusb
-    rng_tools
-    yubikey-manager
-    yubikey-personalization
-    gnupg
-    pinentry
-  ];
-in
-{
-  services.pcscd.enable = true;
-  services.udev.packages = with pkgs; [
-    libu2f-host
-    yubikey-personalization
-  ];
-  services.gnome3.gnome-keyring.enable = lib.mkForce false;
-
-  programs.gnupg.agent = {
-    enable = true;
-    enableSSHSupport = true;
-  };
-  # Use GPG agent instead.
-  programs.ssh.startAgent = lib.mkDefault false;
-
-  environment = {
-    systemPackages = yubikey-pkgs;
-  };
-
-  security.sudo.extraRules = [
-    {
-      groups = [ "wheel" ];
-      commands = [ { command = "${pkgs.systemd}/bin/systemctl restart pcscd"; options = [ "NOPASSWD" ]; } ];
-    }
-  ];
-
-  systemd.user.services.restart-pcscd = {
-    description = "Redshift colour temperature adjuster";
-    wantedBy = [ "graphical-session.target" ];
-    partOf = [ "graphical-session.target" ];
-    serviceConfig = {
-      ExecStart = ''
-        sudo systemctl restart pcscd
-      '';
-      Type = "oneshot";
-    };
-  };
-}
diff --git a/flake.nix b/flake.nix
index d94478d..978b184 100644
--- a/flake.nix
+++ b/flake.nix
@@ -32,6 +32,16 @@
 
     in
     {
+      nixosModules = [
+        pkgs-module
+        ./modules/common.nix
+        ./modules/desktop.nix
+        ./modules/gaming.nix
+        ./modules/thinkpad.nix
+        ./modules/users.nix
+        ./modules/yubikey.nix
+      ];
+
       nixosConfigurations = let
         mkConfig = { hostName
                    , module ? (./. + "/machines/${hostName}.nix")
@@ -41,6 +51,7 @@
             inherit system;
 
             modules =
+              self.nixosModules ++
               [
                 pkgs-module
                 module
@@ -50,7 +61,7 @@
                   # of this flake.
                   system.configurationRevision =
                     let
-                      lastModified = final.substring 0 8 (self.lastModifiedDate or self.lastModified or "19700101");
+                      lastModified = pkgs.lib.substring 0 8 (self.lastModifiedDate or self.lastModified or "19700101");
                     in
                     "${lastModified}.${self.shortRev or "dirty"}";
 
diff --git a/install.sh b/install.sh
index 8550e67..b054698 100755
--- a/install.sh
+++ b/install.sh
@@ -1,4 +1,4 @@
 #!/usr/bin/env bash
 set -euo pipefail
 
-sudo nixos-rebuild switch --flake "$(dirname $0)"
+sudo nixos-rebuild switch --flake "$(dirname $0)" "$@"
diff --git a/machines/firelink.nix b/machines/firelink.nix
index 22c42eb..9ccaa7c 100644
--- a/machines/firelink.nix
+++ b/machines/firelink.nix
@@ -23,13 +23,13 @@ let
 in
 {
   imports = [
-    ../config/gaming.nix
-    # ../config/ap.nix
     ../config/common.nix
     ../config/desktop.nix
     ../config/yubikey.nix
   ];
 
+  orbekk.gaming.enable = true;
+
   environment.systemPackages = with pkgs; [
     openmw
     kodi
diff --git a/machines/x1-pincer.nix b/machines/x1-pincer.nix
index ec6fe50..35523d6 100644
--- a/machines/x1-pincer.nix
+++ b/machines/x1-pincer.nix
@@ -3,17 +3,12 @@ let ports = {
   minecraft = 25565;
 }; in
 {
-  networking.networkmanager.enable = true;
+  # orbekk.gaming.enable = true;
+  orbekk.desktop.enable = true;
+  orbekk.thinkpad.enable = true;
 
+  networking.networkmanager.enable = true;
   networking.firewall.allowedTCPPorts = [ ports.minecraft ]; # socks proxy
-  imports = [
-    ../config/desktop.nix
-    #../config/laptop.nix
-    ../config/yubikey.nix
-    ../config/thinkpad.nix
-    # ../config/ap.nix
-    # ../config/pxe.nix
-  ];
 
   networking = {
     hostName = "pincer";
@@ -82,4 +77,5 @@ let ports = {
   boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "sd_mod" ];
   nix.maxJobs = lib.mkDefault 4;
   hardware.enableRedistributableFirmware = lib.mkDefault true;
+  system.stateVersion = "17.04";
 }
diff --git a/machines/x220-aji.nix b/machines/x220-aji.nix
index eb41e3c..b05f16a 100644
--- a/machines/x220-aji.nix
+++ b/machines/x220-aji.nix
@@ -75,4 +75,5 @@
   swapDevices =
     [ { device = "/dev/mapper/cryptvg-swap"; }
     ];
+  system.stateVersion = "17.04";
 }
diff --git a/config/common.nix b/modules/common.nix
index 09f04a7..161d376 100644
--- a/config/common.nix
+++ b/modules/common.nix
@@ -1,6 +1,5 @@
 { config, lib, pkgs, ... }:
 {
-  imports = [ ./auto-upgrade.nix ];
   programs.zsh.enable = true;
   programs.tmux.enable = true;
 
@@ -30,7 +29,6 @@
   ];
   time.timeZone = "America/New_York";
 
-  system.stateVersion = "17.04";
   services = {
     postgresql = {
       dataDir = "/var/db/postgresql";
diff --git a/modules/desktop.nix b/modules/desktop.nix
new file mode 100644
index 0000000..e348d77
--- /dev/null
+++ b/modules/desktop.nix
@@ -0,0 +1,113 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.orbekk.desktop;
+in
+{
+  options = {
+    orbekk.desktop = {
+      enable = lib.mkEnableOption "Enable standard desktop config";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    orbekk.yubikey.enable = lib.mkDefault true;
+
+    location.latitude = 40.0;
+    location.longitude = -74.0;
+
+    sound.enable = true;
+
+    hardware = {
+      opengl = {
+        enable = true;
+        driSupport32Bit = true;
+        extraPackages32 = with pkgs.pkgsi686Linux; [ libva ];
+      };
+
+      bluetooth.enable = true;
+      pulseaudio = {
+        enable = true;
+        support32Bit = true;
+        package = pkgs.pulseaudioFull;
+        zeroconf.discovery.enable = true;
+        zeroconf.publish.enable = true;
+        tcp.enable = true;
+        tcp.anonymousClients.allowAll = true;
+      };
+    };
+
+    fonts = {
+      enableDefaultFonts = true;
+      fonts = with pkgs; [ fira-code dejavu_fonts steamPackages.steam-fonts wqy_microhei ];
+      fontconfig = {
+        defaultFonts = {
+          sansSerif = [ "Noto Sans" "WenQuanYi Micro Hei" ];
+          serif = [ "Noto Serif" "WenQuanYi Micro Hei-14" ];
+          emoji = [ "Noto Color Emoji" ];
+          monospace = [ "DejaVu Sans Mono" "WenQuanYi Micro Hei Mono" ];
+        };
+      };
+    };
+
+    environment.systemPackages = with pkgs; [
+      chromium
+      dmenu
+      emacs
+      firefox
+      haskellPackages.xmobar
+      pavucontrol
+      rxvt_unicode-with-plugins
+      sshfsFuse
+      trayer
+      (conky.override { pulseSupport = true; })
+      xbindkeys
+      xorg.xbacklight
+      xorg.xev
+      xscreensaver
+      xsel  # used by urxvt clipboard
+      xss-lock
+      networkmanagerapplet
+      imagemagick
+      dzen2 
+      rofi
+      autorandr
+    ];
+
+    i18n.inputMethod = {
+      enabled = "fcitx";
+      fcitx.engines = with pkgs.fcitx-engines; [cloudpinyin];
+    };
+
+    services = {
+      avahi.enable = true;
+
+      xserver = {
+        enable = true;
+        layout = "us";
+        # xkbVariant = "dvorak";
+        xkbOptions = "caps:ctrl_modifier";
+
+        # desktopManager.plasma5 = {
+        #   enable = true;
+        # };
+
+        windowManager.xmonad = {
+          enable = true;
+          enableContribAndExtras = true;
+          extraPackages = hpkgs: [ hpkgs.xmobar hpkgs.split ];
+        };
+
+        displayManager.lightdm = {
+          enable = true;
+        };
+
+        libinput.enable = true;
+      };
+
+      redshift = {
+        enable = true;
+        extraOptions = ["-r"];
+      };
+    };
+  };
+}
diff --git a/config/gaming.nix b/modules/gaming.nix
index 2cc57dc..431c1f5 100644
--- a/config/gaming.nix
+++ b/modules/gaming.nix
@@ -1,12 +1,15 @@
 { config, lib, pkgs, ... }:
+
 let
-  pkgs_unstable = pkgs.my-extras.nixpkgs-unstable.legacyPackages.${pkgs.system};
-  my_steam = self: super: {
-    steam = super.steam.override {
-    # steam = pkgs_unstable.steam.override {
+  cfg = config.orbekk.gaming;
+
+  pkgs' = pkgs.unstable;
+
+  overlay = final: prev: {
+    steam = pkgs'.steam.override {
       # nativeOnly = true;
       withJava = true;
-      extraPkgs = p: with pkgs;
+      extraPkgs = p: with pkgs';
         let xorgdeps = with xorg; [
               libX11 libXrender libXrandr libxcb libXmu libpthreadstubs libXext libXdmcp
               libXxf86vm libXinerama libSM libXv libXaw libXi libXcursor libXcomposite
@@ -46,7 +49,7 @@ let
           libkrb5
           nss
           qt4
-          pkgs_unstable.qt514.full
+          qt514.full
           libjack2 jack2 jack2Full jack_capture
           libidn2
           rtmpdump
@@ -54,22 +57,29 @@ let
         ] ++ xorgdeps;
     };
   };
-in
-{
-  nixpkgs.overlays = [ my_steam ];
-  # nixpkgs.config.allowBroken = true;
-  nixpkgs.config.allowUnfree = true;
-  # nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
-  #   "steam"
-  # ];
-  
-  programs.steam.enable = true;
-  hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ libva ];
+
+in {
+  options = {
+    orbekk.gaming = {
+      enable = lib.mkEnableOption "Enable steam with overrides";
+    };
+  };
   
-  environment.systemPackages = with pkgs; [
-    wineWowPackages.staging
-    steam
-    steam.run
-    obs-studio
-  ];
+  config = lib.mkIf cfg.enable {
+    nixpkgs.overlays = [ overlay ];
+
+    nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
+      "steam"
+    ];
+
+    programs.steam.enable = true;
+    hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ libva ];
+
+    environment.systemPackages = with pkgs; [
+      wineWowPackages.staging
+      steam
+      steam.run
+      obs-studio
+    ];
+  };
 }
diff --git a/modules/thinkpad.nix b/modules/thinkpad.nix
new file mode 100644
index 0000000..df24573
--- /dev/null
+++ b/modules/thinkpad.nix
@@ -0,0 +1,43 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.orbekk.desktop;
+in
+{
+  options = {
+    orbekk.thinkpad = {
+      enable = lib.mkEnableOption "Enable standard desktop config";
+    };
+  };
+
+  config = {
+    services = {
+      tlp = {
+        enable = true;
+        settings = {
+          "SATA_LINKPWR_ON_BAT" = "max_performance";
+        };
+      };
+      xserver.xkbModel = "thinkpad60";
+    };
+
+    boot = {
+      kernelModules = [ "tp_smapi" "thinkpad_acpi" "fbcon" "i915" "acpi_call" ];
+      extraModulePackages = with config.boot.kernelPackages; [ tp_smapi acpi_call ];
+    };
+
+    systemd.services = {
+      battery_threshold = {
+        description = "Set battery charging thresholds.";
+        path = [ pkgs.tpacpi-bat ];
+        after = [ "basic.target" ];
+        wantedBy = [ "multi-user.target" ];
+        script = ''
+        tpacpi-bat -s ST 1 39
+        tpacpi-bat -s ST 2 39
+        tpacpi-bat -s SP 1 80
+        tpacpi-bat -s SP 2 80
+      '';
+      };
+    };
+  };
+}
diff --git a/config/users.nix b/modules/users.nix
index b595754..b595754 100644
--- a/config/users.nix
+++ b/modules/users.nix
diff --git a/modules/yubikey.nix b/modules/yubikey.nix
new file mode 100644
index 0000000..971ac1f
--- /dev/null
+++ b/modules/yubikey.nix
@@ -0,0 +1,60 @@
+{ config, lib, pkgs, ... }:
+let
+  cfg = config.orbekk.yubikey;
+
+  yubikey-pkgs = with pkgs; [
+    ccid
+    libu2f-host
+    libusb
+    rng_tools
+    yubikey-manager
+    yubikey-personalization
+    gnupg
+    pinentry
+  ];
+in
+{
+  options = {
+    orbekk.yubikey = {
+      enable = lib.mkEnableOption "Enable yubikey config";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    services.pcscd.enable = true;
+    services.udev.packages = with pkgs; [
+      libu2f-host
+      yubikey-personalization
+    ];
+
+    programs.gnupg.agent = {
+      enable = true;
+      enableSSHSupport = true;
+    };
+    # Use GPG agent instead.
+    programs.ssh.startAgent = lib.mkDefault false;
+
+    environment = {
+      systemPackages = yubikey-pkgs;
+    };
+
+    security.sudo.extraRules = [
+      {
+        groups = [ "wheel" ];
+        commands = [ { command = "${pkgs.systemd}/bin/systemctl restart pcscd"; options = [ "NOPASSWD" ]; } ];
+      }
+    ];
+
+    systemd.user.services.restart-pcscd = {
+      description = "Restart pcscd on startup";
+      wantedBy = [ "graphical-session.target" ];
+      partOf = [ "graphical-session.target" ];
+      serviceConfig = {
+        ExecStart = ''
+        sudo systemctl restart pcscd
+      '';
+        Type = "oneshot";
+      };
+    };
+  };
+}