refactor: complete overhaul

systems/server/config/boot.nix

@@ -0,0 +1,28 @@
+{
+  pkgs,
+  config,
+  ...
+}: {
+  boot = {
+    extraModulePackages = [
+      config.boot.kernelPackages.v4l2loopback.out
+    ];
+    supportedFilesystems = ["ntfs"];
+    initrd = {
+      availableKernelModules = ["nvme" "ahci" "xhci_pci" "usb_storage" "usbhid" "sd_mod"];
+      kernelModules = [];
+    };
+
+    kernelModules = ["kvm-amd" "vfio-pci" "v4l2loopback"];
+
+    kernelPackages = pkgs.linuxPackages_latest;
+
+    loader = {
+      efi = {
+        canTouchEfiVariables = true;
+        efiSysMountPoint = "/boot";
+      };
+      systemd-boot.enable = true;
+    };
+  };
+}

systems/server/config/filesystem.nix

@@ -0,0 +1,45 @@
+{
+  flake,
+  config,
+  ...
+}: let
+  inherit (flake.config.people) user0;
+  inherit (flake.config.machines.devices) server;
+in {
+  fileSystems = let
+    storageDrives = [
+      "storage0"
+    ];
+
+    storageMounts = storage: {
+      name = "${server.${storage}.mount}";
+      value = {
+        device = server.${storage}.device;
+        fsType = "ext4";
+        options = server.${storage}.options;
+      };
+    };
+  in
+    {
+      "/" = {
+        device = "/dev/disk/by-uuid/de4e681b-0667-4bf8-8d6e-c50894aa41cd";
+        fsType = "ext4";
+      };
+      "/boot" = {
+        device = "/dev/disk/by-uuid/C68D-B1C0";
+        fsType = "vfat";
+      };
+    }
+    // (builtins.listToAttrs (map storageMounts storageDrives));
+
+  swapDevices = [
+    {device = "/dev/disk/by-uuid/259fcc06-912c-4bd3-b781-8f77449e935a";}
+  ];
+
+  systemd.tmpfiles.rules = [
+    "Z ${config.home-manager.users.${user0}.home.homeDirectory} 0755 ${user0} users -"
+    "Z ${server.storage0.mount} 2775 root root -"
+  ];
+
+  services.udisks2.enable = true;
+}

systems/server/config/graphics.nix

@@ -0,0 +1,24 @@
+{pkgs, ...}: {
+  hardware = {
+    graphics = {
+      enable = true;
+      extraPackages = builtins.attrValues {
+        inherit
+          (pkgs)
+          amdvlk
+          ;
+        inherit
+          (pkgs.rocmPackages.clr)
+          icd
+          ;
+      };
+      extraPackages32 = builtins.attrValues {
+        inherit
+          (pkgs.driversi686Linux)
+          amdvlk
+          ;
+      };
+    };
+  };
+  boot.initrd.kernelModules = ["amdgpu"];
+}

systems/server/config/hardware.nix

@@ -0,0 +1,12 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  hardware = {
+    firmware = [pkgs.rtl8761b-firmware];
+    enableAllFirmware = true;
+    cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+  };
+}

systems/server/config/networking.nix

@@ -0,0 +1,39 @@
+{
+  lib,
+  flake,
+  ...
+}: let
+  inherit (flake.config.machines.devices) server;
+in {
+  networking = {
+    hostName = server.name;
+    networkmanager.enable = true;
+    nftables.enable = true;
+    useDHCP = lib.mkDefault true;
+    firewall = {
+      enable = true;
+      allowedTCPPorts = [
+        22 # SSH
+        25 # SMTP
+        139 # SMTP
+        587 # SMTP
+      ];
+    };
+  };
+  services = {
+    avahi = {
+      enable = true;
+      openFirewall = true;
+      nssmdns4 = true;
+      publish = {
+        enable = true;
+        userServices = true;
+      };
+    };
+    sshd.enable = true;
+    openssh = {
+      enable = true;
+      settings.PasswordAuthentication = false;
+    };
+  };
+}

systems/server/config/sops.nix

@@ -0,0 +1,12 @@
+{flake, ...}: let
+  inherit (flake.config.people) user0;
+in {
+  sops = {
+    secrets = {
+      "discord-token" = {
+        path = "/home/${user0}/projects/zookeeper/.env";
+        owner = user0;
+      };
+    };
+  };
+}