From 09b1375115f877c86f1937f3e5517f421424baf6 Mon Sep 17 00:00:00 2001
From: Julien Malka <julien.malka@me.com>
Date: Mon, 20 Dec 2021 23:42:19 +0100
Subject: [PATCH] Refactored newton

---
 machines/newton/default.nix     | 139 +++++---------------------------
 machines/newton/hardware.nix    |  65 +++++++++++++++
 machines/newton/home-julien.nix |  11 +++
 3 files changed, 95 insertions(+), 120 deletions(-)
 create mode 100644 machines/newton/hardware.nix
 create mode 100644 machines/newton/home-julien.nix

diff --git a/machines/newton/default.nix b/machines/newton/default.nix
index 0670e24..ea3e4f2 100644
--- a/machines/newton/default.nix
+++ b/machines/newton/default.nix
@@ -4,28 +4,28 @@ let
 in
 {
 
+  imports =
+    [
+      (modulesPath + "/installer/scan/not-detected.nix")
+      ./hardware.nix
+      ./home-julien.nix
+    ];
 
-  luj.hmgr.julien = {
-    luj.programs.neovim.enable = true;
-    luj.programs.git.enable = true;
-    luj.emails = {
-      enable = true;
-      backend.enable = true;
-    };
+  luj = {
+    filerun.enable = true;
+    zfs-mails.enable = true;
   };
 
+
   services.hydra = {
     enable = true;
-    hydraURL = "https://hydra.julienmalka.me"; # externally visible URL
-    notificationSender = "hydra@localhost"; # e-mail of hydra service
-    port = 9876; # Default
-    # a standalone hydra will require you to unset the buildMachinesFiles list to avoid using a nonexistant /etc/nix/machines
+    hydraURL = "https://hydra.julienmalka.me";
+    notificationSender = "hydra@localhost";
+    port = 9876;
     buildMachinesFiles = [ ];
-    # you will probably also want, otherwise *everything* will be built from scratch
     useSubstitutes = true;
   };
 
-
   services.nginx = {
     enable = true;
     virtualHosts = {
@@ -36,123 +36,22 @@ in
       };
     };
   };
-  boot.loader.grub.enable = true;
-  boot.loader.grub.version = 2;
-  boot.supportedFilesystems = [ "zfs" ];
-  boot.zfs.requestEncryptionCredentials = true;
-  boot.loader.grub.copyKernels = true;
-  boot.loader.grub.efiSupport = false;
-  boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
-
-  boot.loader.grub.mirroredBoots = [
-    { path = "/boot-1"; devices = [ "/dev/disk/by-id/ata-WDC_WD20EFRX-68EUZN0_WD-WCC4M1TVUVJV" ]; }
-    { path = "/boot-2"; devices = [ "/dev/disk/by-id/ata-WDC_WD20EFRX-68EUZN0_WD-WCC4M7UDRLSK" ]; }
-  ];
 
   programs.gnupg.agent.enable = true;
+
   networking.hostName = hostName; # Define your hostname.
   networking.hostId = "f7cdfbc9";
-
-  time.timeZone = "Europe/Paris";
-
-  networking.useDHCP = false;
   networking.interfaces.enp2s0f0.useDHCP = true;
   networking.interfaces.enp2s0f1.useDHCP = true;
+  networking.firewall.enable = true;
+  networking.firewall.allowedTCPPorts = [ 22 80 443 ];
+  networking.firewall.allowedUDPPorts = [ 22 80 443 ];
+  networking.firewall.allowedUDPPortRanges = [{ from = 60000; to = 61000; }];
+
 
   services.zfs.autoSnapshot.enable = true;
   services.zfs.autoScrub.enable = true;
 
-  boot.initrd.network = {
-    enable = true;
-    ssh = {
-      enable = true;
-      port = 2222;
-      hostKeys = [ /boot-1/initrd-ssh-key /boot-2/initrd-ssh-key ];
-      authorizedKeys = lib.splitString "\n" 
-    (builtins.readFile (pkgs.fetchurl {
-      url = "https://github.com/JulienMalka.keys";
-      sha256 = "sha256:2NLoT1/N6Y1uZQ+KLGeRLBPNkc4z3jrYrN9A4bCJWkU=";
-    }));
-
-    };
-    postCommands = ''
-      zpool import zroot
-      echo "zfs load-key -a; killall zfs" >> /root/.profile
-    '';
-  };
-
-
-
-
-  programs.fish.enable = true;
-  users.defaultUserShell = pkgs.fish;
-
-
-
-
-
-
-
-
- 
-  # Open ports in the firewall.
-  networking.firewall.allowedTCPPorts = [ 22 80 443 ];
-  networking.firewall.allowedUDPPorts = [ 22 80 443 ];
-  networking.firewall.allowedUDPPortRanges = [{ from = 60000; to = 61000; }];
-  # Or disable the firewall altogether.
-  networking.firewall.enable = true;
-
-  # This value determines the NixOS release from which the default
-  # settings for stateful data, like file locations and database versions
-  # on your system were taken. It‘s perfectly fine and recommended to leave
-  # this value at the release version of the first install of this system.
-  # Before changing this value read the documentation for this option
-  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
   system.stateVersion = "21.05"; # Did you read the comment?
 
-
-  imports =
-    [
-      (modulesPath + "/installer/scan/not-detected.nix")
-    ];
-
-  boot.initrd.availableKernelModules = [ "tg3" "xhci_pci" "ahci" "ehci_pci" "usbhid" "usb_storage" "sd_mod" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-amd" ];
-  boot.extraModulePackages = [ ];
-
-  fileSystems."/" =
-    {
-      device = "zroot/root";
-      fsType = "zfs";
-      options = [ "nofail" ];
-    };
-
-  fileSystems."/boot-1" =
-    {
-      device = "/dev/disk/by-uuid/15AF-22DB";
-      fsType = "vfat";
-      options = [ "nofail" ];
-    };
-
-  fileSystems."/boot-2" =
-    {
-      device = "/dev/disk/by-uuid/15EC-BC00";
-      fsType = "vfat";
-      options = [ "nofail" ];
-    };
-
-  swapDevices = [ ];
-
-
-  luj = {
-    filerun.enable = true;
-    zfs-mails.enable = true;
-  };
-
-
-
-
-
-
 }
diff --git a/machines/newton/hardware.nix b/machines/newton/hardware.nix
new file mode 100644
index 0000000..84b3c3f
--- /dev/null
+++ b/machines/newton/hardware.nix
@@ -0,0 +1,65 @@
+{ pkgs, config, lib, ... }:
+{
+  boot.loader.grub.enable = true;
+  boot.loader.grub.version = 2;
+  boot.supportedFilesystems = [ "zfs" ];
+  boot.zfs.requestEncryptionCredentials = true;
+  boot.loader.grub.copyKernels = true;
+  boot.loader.grub.efiSupport = false;
+  boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
+
+  boot.loader.grub.mirroredBoots = [
+    { path = "/boot-1"; devices = [ "/dev/disk/by-id/ata-WDC_WD20EFRX-68EUZN0_WD-WCC4M1TVUVJV" ]; }
+    { path = "/boot-2"; devices = [ "/dev/disk/by-id/ata-WDC_WD20EFRX-68EUZN0_WD-WCC4M7UDRLSK" ]; }
+  ];
+ boot.initrd.network = {
+    enable = true;
+    ssh = {
+      enable = true;
+      port = 2222;
+      hostKeys = [ /boot-1/initrd-ssh-key /boot-2/initrd-ssh-key ];
+      authorizedKeys = lib.splitString "\n" 
+    (builtins.readFile (pkgs.fetchurl {
+      url = "https://github.com/JulienMalka.keys";
+      sha256 = "sha256:2NLoT1/N6Y1uZQ+KLGeRLBPNkc4z3jrYrN9A4bCJWkU=";
+    }));
+
+    };
+    postCommands = ''
+      zpool import zroot
+      echo "zfs load-key -a; killall zfs" >> /root/.profile
+    '';
+  };
+
+
+  boot.initrd.availableKernelModules = [ "tg3" "xhci_pci" "ahci" "ehci_pci" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    {
+      device = "zroot/root";
+      fsType = "zfs";
+      options = [ "nofail" ];
+    };
+
+  fileSystems."/boot-1" =
+    {
+      device = "/dev/disk/by-uuid/15AF-22DB";
+      fsType = "vfat";
+      options = [ "nofail" ];
+    };
+
+  fileSystems."/boot-2" =
+    {
+      device = "/dev/disk/by-uuid/15EC-BC00";
+      fsType = "vfat";
+      options = [ "nofail" ];
+    };
+
+  swapDevices = [ ];
+
+
+
+}
diff --git a/machines/newton/home-julien.nix b/machines/newton/home-julien.nix
new file mode 100644
index 0000000..359b973
--- /dev/null
+++ b/machines/newton/home-julien.nix
@@ -0,0 +1,11 @@
+{ pkgs, config, lib, ... }:
+{
+  luj.hmgr.julien = {
+    luj.programs.neovim.enable = true;
+    luj.programs.git.enable = true;
+    luj.emails = {
+      enable = true;
+      backend.enable = true;
+    };
+  };
+}