some changes

flake.nix

@@ -13,31 +13,21 @@
 
   '';
 
-  outputs = {self, ...} @ inputs: let
-    system = "x86_64-linux";
-  in
+  outputs = {self, ...} @ inputs:
     inputs.flake-parts.lib.mkFlake {inherit inputs;} {
       flake = let
+        machineConf = import ./machines/earth/earth.nix {inherit self;};
+        system = machineConf.universe.system.arch;
         u = import ./ulib {inherit inputs system;};
       in {
         nixosConfigurations."earth" = inputs.nixpkgs.lib.nixosSystem {
           specialArgs = {inherit system inputs u;};
           modules = [
-            ./hosts/common
-            ./hosts/earth
-            # universe
+            machineConf
+            ./modules
+            ./home
+            ./host
             inputs.home-manager.nixosModules.home-manager
-            {
-              home-manager = {
-                useGlobalPkgs = true;
-                useUserPackages = true;
-                backupFileExtension = "hm-old";
-                users.tx0 = import ./home;
-                extraSpecialArgs = {inherit system inputs u;};
-              };
-
-              nixpkgs.overlays = [(import ./overlays/spotx.nix)];
-            }
           ];
         };
       };

home/default.nix

@@ -1,16 +1,15 @@
-{u, ...}: {
-  imports = u.umport {
-    path = ./.;
-
-    include = [
-      ./system/packages/default.nix
-      ./programs/graphical/waybar/default.nix
-    ];
-
-    exclude = [
-      ./default.nix
-      ./system/packages
-      ./programs/graphical/waybar
-    ];
+{
+  config,
+  system,
+  inputs,
+  u,
+  ...
+}: {
+  home-manager = {
+    useGlobalPkgs = true;
+    useUserPackages = true;
+    backupFileExtension = "hm-old";
+    users.${config.universe.system.username} = import ./users/${config.universe.system.username};
+    extraSpecialArgs = {inherit system inputs u;};
   };
 }

home/users/tx0/default.nix

@@ -0,0 +1,16 @@
+{u, ...}: {
+  imports = u.umport {
+    path = ./.;
+
+    include = [
+      ./system/packages/default.nix
+      ./programs/graphical/waybar/default.nix
+    ];
+
+    exclude = [
+      ./default.nix
+      ./system/packages
+      ./programs/graphical/waybar
+    ];
+  };
+}

home/users/tx0/programs/graphical/zed.nix

@@ -0,0 +1,13 @@
+{config, pkgs,...}: {
+  programs.zed-editor = {
+    enable = true;
+    extensions = [
+      "nix"
+      "pylsp"
+    ];
+    userSettings = {
+      "buffer_font_size" = config.stylix.fonts.sizes.terminal * 4.0 / 3.0;
+    };
+    extraPackages = with pkgs; [nil nixd];
+  };
+}

home/users/tx0/universe.nix

@@ -7,7 +7,7 @@
     theme.stylix = {
       base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-material-dark-medium.yaml";
       # base16Scheme = "${pkgs.base16-schemes}/share/themes/catppuccin-mocha.yaml";
-      wallpapers = ../wallpaper.png;
+      wallpapers = ./wallpaper.png;
       useLutgen = true;
     };
   };

host/programs/graphical/anmezia-vpn.nix

@@ -0,0 +1,9 @@
+{
+  lib,
+  config,
+  ...
+}: {
+  config = lib.mkIf config.universe.programs.amnezia-vpn.enable {
+    programs.amnezia-vpn.enable = true;
+  };
+}

host/programs/graphical/hyprland.nix

@@ -0,0 +1,15 @@
+{
+  inputs,
+  system,
+  lib,
+  config,
+  ...
+}: {
+  config = lib.mkIf config.universe.de.hyprland.enable {
+    programs.hyprland = {
+      enable = true;
+      package = inputs.hyprland.packages.${system}.hyprland;
+      portalPackage = inputs.hyprland.packages.${system}.xdg-desktop-portal-hyprland;
+    };
+  };
+}

host/services/command-not-found.nix

@@ -0,0 +1,12 @@
+{
+  inputs,
+  system,
+  config,
+  lib,
+  ...
+}: {
+  config = lib.mkIf config.universe.services.command-not-found.enable {
+    programs.command-not-found.enable = true;
+    programs.command-not-found.dbPath = inputs.programsdb.packages.${system}.programs-sqlite;
+  };
+}

host/services/libvirtd.nix

@@ -0,0 +1,9 @@
+{
+  lib,
+  config,
+  ...
+}: {
+  config = lib.mkIf config.universe.services.libvirtd.enable {
+    virtualisation.libvirtd.enable = true;
+  };
+}

host/services/openssh.nix

@@ -0,0 +1,17 @@
+{
+  lib,
+  config,
+  ...
+}: let
+  cfg = config.universe.services.openssh;
+in {
+  config = lib.mkIf cfg.enable {
+    services.openssh = {
+      enable = true;
+      ports = cfg.ports;
+      settings = {
+        PasswordAuthentication = false;
+      };
+    };
+  };
+}

host/services/podman.nix

@@ -0,0 +1,12 @@
+{
+  lib,
+  config,
+  ...
+}: {
+  config = lib.mkIf config.universe.services.podman.enable {
+    virtualisation.podman = {
+      enable = true;
+      dockerCompat = true;
+    };
+  };
+}

host/services/udev.nix

@@ -0,0 +1,13 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  services.udev.packages =
+    []
+    ++ (
+      if config.universe.programs.android-tools.enable
+      then [pkgs.android-udev-rules]
+      else []
+    );
+}

host/services/vpn.nix

@@ -0,0 +1,44 @@
+{
+  lib,
+  config,
+  inputs,
+  pkgs,
+  ...
+}: let
+  cfg = config.universe.services.amneziawg;
+in {
+  imports = [
+    inputs.sops-nix.nixosModules.sops
+  ];
+  config = lib.mkIf cfg.enable {
+    sops = {
+      age.keyFile = "/home/tx0/.age-key.txt";
+
+      secrets."${cfg.IfName}.conf" = {
+        format = "binary";
+        sopsFile = cfg.secret-config;
+        path = "/run/secrets.d/{IfName}.conf";
+        restartUnits = ["awg-${cfg.IfName}.service"];
+      };
+    };
+
+    systemd.services."awg-${cfg.IfName}" = {
+      enable = true;
+      description = "AmneziaWG Interface awg0";
+      after = ["network.target"];
+      wantedBy = ["multi-user.target"];
+
+      unitConfig = {
+        ConditionPathExists = "/run/secrets.d/${cfg.IfName}.conf";
+      };
+
+      serviceConfig = {
+        Type = "oneshot";
+        RemainAfterExit = true;
+        ExecStart = "${pkgs.amneziawg-tools}/bin/awg-quick up /run/secrets.d/${cfg.IfName}.conf";
+        ExecStop = "${pkgs.amneziawg-tools}/bin/awg-quick down /run/secrets.d/${cfg.IfName}.conf";
+        Restart = "on-failure";
+      };
+    };
+  };
+}

host/system/boot.nix

@@ -6,7 +6,7 @@
 }: {
   boot = {
     kernelPackages = pkgs.linuxPackages_zen;
-    kernelModules = ["i2c-dev" "ddcci_backlight"];
+    kernelModules = ["i2c-dev"];
     extraModulePackages = with config.boot.kernelPackages; [
       amneziawg
     ];

host/system/hardware.nix

@@ -2,7 +2,6 @@
   config,
   lib,
   modulesPath,
-  system,
   ...
 }: {
   imports = [
@@ -56,7 +55,6 @@
   };
 
   services.xserver.videoDrivers = ["displaylink" "modesetting" "amdgpu"];
-  virtualisation.vmware.host.enable = true;
 
   hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }

host/system/locale.nix

@@ -0,0 +1,4 @@
+{config, ...}: {
+  time.timeZone = config.universe.locale.timeZone;
+  i18n.defaultLocale = config.universe.locale.lang;
+}

host/system/networking.nix

@@ -1,6 +1,6 @@
-{
+{config, ...}: {
   networking = {
-    hostName = "earth";
+    hostName = config.universe.system.hostname;
     networkmanager.enable = true;
     dhcpcd.enable = true;
   };

host/system/nixpkgs.nix

@@ -0,0 +1,18 @@
+{
+  config,
+  system,
+  ...
+}: {
+  system.stateVersion = "24.11";
+  nixpkgs = {
+    config = {
+      allowUnfree = config.universe.nixpkgs.allowUnfree;
+      allowBroken = true;
+      allowAliases = true;
+      allowInsecure = true;
+      allowUnfreePredicate = _: config.universe.nixpkgs.allowUnfree;
+    };
+    hostPlatform = system;
+    overlays = config.universe.nixpkgs.overlays;
+  };
+}

host/system/users.nix

@@ -0,0 +1,78 @@
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}: let
+  cfg = config.universe;
+in {
+  users = {
+    defaultUserShell = pkgs.fish;
+    users.${cfg.system.username} = {
+      isNormalUser = true;
+      extraGroups =
+        [
+          "wheel"
+          "input"
+          "networkmanager"
+          "video"
+          "audio"
+        ]
+        ++ (
+          if cfg.services.podman.enable
+          then ["podman"]
+          else []
+        )
+        ++ (
+          if cfg.services.libvirtd.enable
+          then ["kvm"]
+          else []
+        )
+        ++ (
+          if cfg.programs.android-tools.enable
+          then ["adbusers"]
+          else []
+        );
+      uid = 1000;
+      subGidRanges =
+        []
+        ++ (
+          if cfg.services.podman.enable
+          then [
+            {
+              count = 65536;
+              startGid = 100000;
+            }
+          ]
+          else []
+        );
+      subUidRanges =
+        []
+        ++ (
+          if cfg.services.podman.enable
+          then [
+            {
+              count = 65536;
+              startUid = 100000;
+            }
+          ]
+          else []
+        );
+      useDefaultShell = true;
+      openssh.authorizedKeys = {
+        keys = cfg.services.openssh.authorizedKeys;
+      };
+      shell = pkgs.fish;
+    };
+    groups =
+      {}
+      // lib.genAttrs (
+        []
+        ++ (
+          if cfg.programs.android-tools.enable
+          then ["adbusers"]
+          else []
+        )
+      ) (name: {});
+  };
+}

hosts/common/programs/graphical/anmezia-vpn.nix

@@ -1,3 +0,0 @@
-{...}: {
-  programs.amnezia-vpn.enable = true;
-}

hosts/common/programs/graphical/hyprland.nix

@@ -1,11 +0,0 @@
-{
-  inputs,
-  system,
-  ...
-}: {
-  programs.hyprland = {
-    enable = true;
-    package = inputs.hyprland.packages.${system}.hyprland;
-    portalPackage = inputs.hyprland.packages.${system}.xdg-desktop-portal-hyprland;
-  };
-}

hosts/common/services/command-not-found.nix

@@ -1,7 +0,0 @@
-{
-  inputs,
-  system,
-  ...
-}: {
-  programs.command-not-found.dbPath = inputs.programsdb.packages.${system}.programs-sqlite;
-}

hosts/common/services/openssh.nix

@@ -1,9 +0,0 @@
-{...}: {
-  services.openssh = {
-    enable = true;
-    ports = [22 48001];
-    settings = {
-      PasswordAuthentication = false;
-    };
-  };
-}

hosts/common/services/udev.nix

@@ -1,5 +0,0 @@
-{pkgs, ...}: {
-  services.udev.packages = [
-    pkgs.android-udev-rules
-  ];
-}

hosts/common/system/locale.nix

@@ -1,4 +0,0 @@
-{...}: {
-  time.timeZone = "Asia/Yekaterinburg";
-  i18n.defaultLocale = "en_US.UTF-8";
-}

hosts/common/system/nixpkgs.nix

@@ -1,13 +0,0 @@
-{system, ...}: {
-  system.stateVersion = "24.11";
-  nixpkgs = {
-    config = {
-      allowUnfree = true;
-      allowBroken = true;
-      allowAliases = true;
-      allowInsecure = true;
-      allowUnfreePredicate = _: true;
-    };
-    hostPlatform = system;
-  };
-}

hosts/common/system/udev.nix

@@ -1,5 +0,0 @@
-{...}: {
-  services.udev.extraRules = ''
-    KERNEL=="i2c-[0-9]*", GROUP="i2c", MODE="0660"
-  '';
-}

hosts/common/system/users.nix

@@ -1,44 +0,0 @@
-{pkgs, ...}: {
-  users = {
-    defaultUserShell = pkgs.fish;
-    users."tx0" = {
-      isNormalUser = true;
-      extraGroups = [
-        "wheel"
-        "input"
-        "networkmanager"
-        "video"
-        "audio"
-        "podman"
-        "adbusers"
-        "kvm"
-        "i2c"
-      ];
-      uid = 1000;
-      subGidRanges = [
-        {
-          count = 65536;
-          startGid = 100000;
-        }
-      ];
-      subUidRanges = [
-        {
-          count = 65536;
-          startUid = 100000;
-        }
-      ];
-      useDefaultShell = true;
-      openssh.authorizedKeys = {
-        keys = [
-          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCz8WZ+c24RYjBMVNZGMR+IjSQb7WtrMi2ZcfAf6BwNLaKJTlWABN20FSscbGy8oCdfheAKvdTrx+hMRNCmEdTmNZlDXZ0kDBFh1h3I2geC3XNWjXuYSSmZpfW71Tex5ZHpruD9lstL9rBVY7c1ZKJfmtgM5m+x44FZwjxdFffQbj9LtLmy6zWQ7iX7/zzcdPJvJxoQbBwmAeVqZErpR/IoSG2uXTS4tIqGStfg6kBoV/AZBwYCxE0f3jFzajTMm+n6kjnKOiztfaw+NVB4+QLlSvB5i3iJ7afjhv/KfH4/t0gmVCfqo+O9pPOUqLokQvHvAu33M6PP5Roc4mK+pGEYXabUdv757uo8RdDg6x3bu5kgJS+V06ZycnDtHYNda+8/qEh+nryu0TqqJtqALwO2k7VcTgDoMrU3UvXRSA3wIO+Gp8qbPVjJv1/jSKoVurmFe3Wwy0LVEA++zF4F571aOPzwY49q6AF+JuPCUWPy44K7oG6MfFPZSk7TtSelH18= timoxa@pc"
-          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAka1w1Ld4KLiZfztI6Qqe5irM6g8G0ENGmqds+LWiGE"
-        ];
-      };
-      shell = pkgs.fish;
-    };
-    groups = {
-      adbusers = {};
-      i2c = {};
-    };
-  };
-}

hosts/earth/secrets/default.nix

@@ -1,16 +0,0 @@
-{inputs, ...}: {
-  imports = [
-    inputs.sops-nix.nixosModules.sops
-  ];
-  sops = {
-    # defaultSopsFile = ./secrets.yaml;
-    age.keyFile = "/home/tx0/.age-key.txt";
-
-    secrets."awg0.conf" = {
-      format = "binary";
-      sopsFile = ./awg0.conf;
-      path = "/run/secrets.d/awg0.conf";
-      restartUnits = ["awg0.service"];
-    };
-  };
-}

hosts/earth/services/libvirtd.nix

@@ -1,3 +0,0 @@
-{...}: {
-  virtualisation.libvirtd.enable = true;
-}

hosts/earth/services/podman.nix

@@ -1,6 +0,0 @@
-{...}: {
-  virtualisation.podman = {
-    enable = true;
-    dockerCompat = true;
-  };
-}

hosts/earth/services/yggdrasil.nix

@@ -1,14 +0,0 @@
-{...}: {
-  services.yggdrasil = {
-    enable = false;
-    settings = {
-      Peers = [
-        "tls://ygg1.tx0.su:65534"
-        "tls://ygg2.tx0.su:65534"
-        "tls://ygg3.tx0.su:65534"
-      ];
-
-      IfName = "ygg";
-    };
-  };
-}

hosts/earth/system/yggdrasil.nix

@@ -1,2 +0,0 @@
-{...}: {
-}

hosts/earth/vpn.nix

@@ -1,20 +0,0 @@
-{pkgs, ...}: {
-  systemd.services.awg0 = {
-    enable = true;
-    description = "AmneziaWG Interface awg0";
-    after = ["network.target"];
-    wantedBy = ["multi-user.target"];
-
-    unitConfig = {
-      ConditionPathExists = "/run/secrets.d/awg0.conf";
-    };
-
-    serviceConfig = {
-      Type = "oneshot";
-      RemainAfterExit = true;
-      ExecStart = "${pkgs.amneziawg-tools}/bin/awg-quick up /run/secrets.d/awg0.conf";
-      ExecStop = "${pkgs.amneziawg-tools}/bin/awg-quick down /run/secrets.d/awg0.conf";
-      Restart = "on-failure";
-    };
-  };
-}

machines/earth/earth.nix

@@ -0,0 +1,46 @@
+{self, ...}: {
+  universe = {
+    programs = {
+      android-tools.enable = true;
+    };
+
+    system = {
+      tmpUseTmpfs = true;
+      emulatedSystems = ["aarch64-linux"];
+      arch = "x86_64-linux";
+      hostname = "earth";
+      username = "tx0";
+    };
+
+    nixpkgs = {
+      allowUnfree = true;
+      overlays = [(import "${self}/overlays/spotx.nix")];
+    };
+
+    locale = {
+      lang = "en_US.UTF-8";
+      timeZone = "Asia/Yekateringburg";
+    };
+
+    services = {
+      command-not-found.enable = true;
+      libvirtd.enable = false;
+      podman.enable = true;
+
+      openssh = {
+        enable = true;
+        ports = [22 48001];
+        authorizedKeys = [
+          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCz8WZ+c24RYjBMVNZGMR+IjSQb7WtrMi2ZcfAf6BwNLaKJTlWABN20FSscbGy8oCdfheAKvdTrx+hMRNCmEdTmNZlDXZ0kDBFh1h3I2geC3XNWjXuYSSmZpfW71Tex5ZHpruD9lstL9rBVY7c1ZKJfmtgM5m+x44FZwjxdFffQbj9LtLmy6zWQ7iX7/zzcdPJvJxoQbBwmAeVqZErpR/IoSG2uXTS4tIqGStfg6kBoV/AZBwYCxE0f3jFzajTMm+n6kjnKOiztfaw+NVB4+QLlSvB5i3iJ7afjhv/KfH4/t0gmVCfqo+O9pPOUqLokQvHvAu33M6PP5Roc4mK+pGEYXabUdv757uo8RdDg6x3bu5kgJS+V06ZycnDtHYNda+8/qEh+nryu0TqqJtqALwO2k7VcTgDoMrU3UvXRSA3wIO+Gp8qbPVjJv1/jSKoVurmFe3Wwy0LVEA++zF4F571aOPzwY49q6AF+JuPCUWPy44K7oG6MfFPZSk7TtSelH18= timoxa@pc"
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAka1w1Ld4KLiZfztI6Qqe5irM6g8G0ENGmqds+LWiGE"
+        ];
+      };
+
+      amneziawg = {
+        enable = true;
+        secret-config = ./awg0-earth.conf;
+        IfName = "awg0";
+      };
+    };
+  };
+}

modules/universe.nix

@@ -0,0 +1,143 @@
+{
+  lib,
+  boot,
+  ...
+}:
+with lib; let
+  nixpkgsOverlayType = lib.mkOptionType {
+    name = "nixpkgs-overlay";
+    description = "nixpkgs overlay";
+    check = lib.isFunction;
+    merge = lib.mergeOneOption;
+  };
+in {
+  options.universe = {
+    programs = {
+      amnezia-vpn.enable = mkEnableOption "Enable AmneziaVPN app";
+      android-tools.enable = mkEnableOption "Enable android tools (adb, fastboot, ...)";
+    };
+
+    system = {
+      tmpUseTmpfs = mkEnableOption "Use tmpfs for /tmp";
+      emulatedSystems = mkOption {
+        description = "Systems to emulate";
+        type = with types; listOf enum builtins.attrNames boot.binfmt.magics;
+        default = [];
+      };
+      arch = mkOption {
+        description = "System architecture";
+        type = with types; uniq str;
+      };
+      hostname = mkOption {
+        description = "System hostname";
+        type = with types; uniq str;
+      };
+      username = mkOption {
+        description = "Username";
+        type = with types; uniq str;
+      };
+    };
+
+    nixpkgs = {
+      allowUnfree = mkEnableOption "Enable non-free software";
+      overlays = mkOption {
+        description = "List of nixpkgs overlays";
+        type = with types; listOf nixpkgsOverlayType;
+        default = [];
+      };
+    };
+
+    locale = {
+      timeZone = mkOption {
+        description = "System time zone";
+        type = with types; uniq str;
+        default = "Asia/Yekaterinburg";
+      };
+      lang = mkOption {
+        description = "System locale";
+        type = with types; uniq str;
+        default = "en_US.UTF-8";
+      };
+    };
+
+    services = {
+      command-not-found.enable = mkEnableOption "Enable command-not-found";
+      libvirtd.enable = mkEnableOption "Enable libvirtd";
+      podman.enable = mkEnableOption "Enable libvirtd";
+      openssh = {
+        enable = mkEnableOption "Enable openssh server";
+        ports = mkOption {
+          description = "Listen ports";
+          type = with types; uniq (listOf port);
+          default = [22];
+        };
+        authorizedKeys = mkOption {
+          description = "Authorized public ssh keys";
+          type = with types; uniq (listOf str);
+          default = [];
+        };
+      };
+      amneziawg = {
+        enable = mkEnableOption "Enable amneziawg vpn service";
+        secret-config = mkOption {
+          description = "Configuration SOPS secret";
+          type = with types; nullOr path;
+          default = null;
+        };
+        IfName = mkOption {
+          description = "Interface name";
+          type = with types; uniq str;
+        };
+      };
+    };
+
+    de = {
+      hyprland = {
+        enable = mkEnableOption "Enable Hyprland";
+      };
+      waybar = {
+        enable = mkEnableOption "Enable waybar";
+        settings = {
+          radiuses = {
+            outer = mkOption {
+              type = types.int;
+              default = 100;
+            };
+            inner = mkOption {
+              type = types.int;
+              default = 40;
+            };
+            bar = mkOption {
+              type = types.int;
+              default = 25;
+            };
+          };
+          gapps = {
+            outer = mkOption {
+              type = types.int;
+              default = 6;
+            };
+            inner = mkOption {
+              type = types.int;
+              default = 8;
+            };
+            chips = mkOption {
+              type = types.int;
+              default = 4;
+            };
+          };
+          sizes = {
+            icons = mkOption {
+              type = types.int;
+              default = 20;
+            };
+            text = mkOption {
+              type = types.int;
+              default = 15;
+            };
+          };
+        };
+      };
+    };
+  };
+}