refactor: cleaned up nixos dir

flake.nix

@@ -75,11 +75,9 @@
               ./profiles/user0
               ./profiles/user1
               config.nixosModules.desktop
-              config.nixosModules.hyprland
-              config.nixosModules.wayland
-              config.nixosModules.personal
-              config.nixosModules.shared
+              config.nixosModules.core
               config.nixosModules.sops
+              config.nixosModules.system
               inputs.home-manager.nixosModules.home-manager
               inputs.lix-module.nixosModules.default
               inputs.nur.modules.nixos.default
@@ -89,10 +87,9 @@
               ./systems/fallaryn
               ./profiles/user2
               config.nixosModules.fallaryn
-              config.nixosModules.personal
-              config.nixosModules.plasma
-              config.nixosModules.shared
+              config.nixosModules.core
               config.nixosModules.sops
+              config.nixosModules.system
               inputs.home-manager.nixosModules.home-manager
               inputs.lix-module.nixosModules.default
               inputs.sops-nix.nixosModules.sops
@@ -101,9 +98,10 @@
               ./systems/laptop
               ./profiles/user0
               ./profiles/user1
-              config.nixosModules.personal
-              config.nixosModules.shared
+              config.nixosModules.laptop
+              config.nixosModules.core
               config.nixosModules.sops
+              config.nixosModules.system
               inputs.home-manager.nixosModules.home-manager
               inputs.lix-module.nixosModules.default
               inputs.nur.modules.nixos.default
@@ -112,9 +110,9 @@
             bartholomew = inputs.self.lib.mkLinuxSystem [
               ./systems/bartholomew
               ./profiles/user1
-              config.nixosModules.gnome
-              config.nixosModules.personal
-              config.nixosModules.shared
+              config.nixosModules.laptop
+              config.nixosModules.core
+              config.nixosModules.system
               inputs.home-manager.nixosModules.home-manager
               inputs.lix-module.nixosModules.default
             ];
@@ -122,8 +120,9 @@
               ./systems/server
               ./profiles/user0
               config.nixosModules.server
-              config.nixosModules.shared
+              config.nixosModules.core
               config.nixosModules.sops
+              config.nixosModules.system
               inputs.home-manager.nixosModules.home-manager
               inputs.lix-module.nixosModules.default
               inputs.ngipkgs.nixosModules."services.peertube"

nixos/default.nix

@@ -1,66 +1,38 @@
 let
-  modulesPath = ./modules;
-  moduleImport =
-    path: nameTransform:
+  collectDirs =
+    path:
+    let
+      content = builtins.readDir path;
+      subdirs = builtins.filter (name: content.${name} == "directory") (builtins.attrNames content);
+      buildPath = name: path + "/${name}";
+
+      thisDirs = map buildPath subdirs;
+      subDirs = builtins.concatMap collectDirs thisDirs;
+    in
+    [ path ] ++ subDirs;
+
+  directoryImport =
+    path:
     builtins.listToAttrs (
-      map
-        (name: {
-          name = nameTransform name;
-          value = import (path + "/${name}");
-        })
-        (
-          builtins.filter (
-            name: (builtins.readDir path).${name} == "regular" && builtins.match ".*\\.nix$" name != null
-          ) (builtins.attrNames (builtins.readDir path))
-        )
+      map (dir: {
+        name = baseNameOf (toString dir);
+        value = import dir;
+      }) (collectDirs path)
     );
-  modules =
-    moduleImport modulesPath (name: builtins.replaceStrings [ ".nix" ] [ "" ] name)
-    // (
-      path:
-      builtins.listToAttrs (
-        map
-          (name: {
-            name = name;
-            value = import (path + "/${name}");
-          })
-          (
-            builtins.filter (name: (builtins.readDir path).${name} == "directory") (
-              builtins.attrNames (builtins.readDir path)
-            )
-          )
-      )
-    )
-      modulesPath;
+
+  modules = directoryImport ./.;
 in
 {
   flake.nixosModules = {
-    personal = {
-      imports = builtins.attrValues {
-        inherit (modules)
-          android
-          audio
-          bluetooth
-          corectrl
-          dconf
-          disks
-          firejail
-          flatpak
-          fonts
-          printing
-          steam
-          sysstat
-          virtualization
-          ;
-      };
-    };
-
     desktop = {
       imports = builtins.attrValues {
         inherit (modules)
+          hypr
+          wayland
           mullvad
           syncthing
           ollama
+          xserver
           ;
       };
     };
@@ -68,48 +40,18 @@ in
     fallaryn = {
       imports = builtins.attrValues {
         inherit (modules)
+          plasma
+          sddm
           tablet
           ;
       };
     };
 
-    plasma = {
-      imports = builtins.attrValues {
-        inherit (modules)
-          plasma
-          sddm
-          ;
-      };
-    };
-
-    gnome = {
+    laptop = {
       imports = builtins.attrValues {
         inherit (modules)
           gnome
-          ;
-      };
-    };
-
-    hyprland = {
-      imports = builtins.attrValues {
-        inherit (modules)
-          hyprland
-          ;
-      };
-    };
-
-    river = {
-      imports = builtins.attrValues {
-        inherit (modules)
-          river
-          ;
-      };
-    };
-
-    wayland = {
-      imports = builtins.attrValues {
-        inherit (modules)
-          wayland
+          xserver
           ;
       };
     };
@@ -117,7 +59,18 @@ in
     server = {
       imports = builtins.attrValues {
         inherit (modules)
-          services
+          acme
+          caddy
+          jellyfin
+          logrotate
+          mastodon
+          minecraft
+          ollama
+          website
+          postgresql
+          samba
+          vaultwarden
+          forgejo
           ;
       };
     };
@@ -130,20 +83,19 @@ in
       };
     };
 
-    shared = {
+    system = {
       imports = builtins.attrValues {
         inherit (modules)
-          accounts
-          doas
-          environment
-          gvfs
-          home-manager
-          locale
-          nh
-          nix
-          rsyncd
-          ssh
-          system
+          hardware
+          programs
+          ;
+      };
+    };
+
+    core = {
+      imports = builtins.attrValues {
+        inherit (modules)
+          core
           xserver
           ;
       };

nixos/modules/core/default.nix

@@ -0,0 +1,10 @@
+let
+  content = builtins.readDir ./.;
+
+  dirContent = builtins.filter (n: content.${n} == "directory") (builtins.attrNames content);
+
+  importList = map (name: ./. + "/${name}") dirContent;
+in
+{
+  imports = importList;
+}

nixos/modules/core/homeManager/default.nix

@@ -1,4 +1,5 @@
-{flake, ...}: {
+{ flake, ... }:
+{
   home-manager = {
     useGlobalPkgs = true;
     useUserPackages = true;

nixos/modules/core/locale/default.nix

@@ -0,0 +1,30 @@
+{
+  time.timeZone = "America/Winnipeg";
+
+  i18n =
+    let
+      locale = "en_CA.UTF-8";
+    in
+    {
+      defaultLocale = locale;
+
+      extraLocaleSettings = builtins.listToAttrs (
+        map
+          (option: {
+            name = option;
+            value = locale;
+          })
+          [
+            "LC_ADDRESS"
+            "LC_IDENTIFICATION"
+            "LC_MEASUREMENT"
+            "LC_MONETARY"
+            "LC_NAME"
+            "LC_NUMERIC"
+            "LC_PAPER"
+            "LC_TELEPHONE"
+            "LC_TIME"
+          ]
+      );
+    };
+}

nixos/modules/core/system/default.nix

@@ -0,0 +1 @@
+_: { }

nixos/modules/dconf.nix

@@ -1,3 +0,0 @@
-{
-  programs.dconf.enable = true;
-}

nixos/modules/default.nix

@@ -0,0 +1,10 @@
+let
+  content = builtins.readDir ./.;
+
+  dirContent = builtins.filter (n: content.${n} == "directory") (builtins.attrNames content);
+
+  importList = map (name: ./. + "/${name}") dirContent;
+in
+{
+  imports = importList;
+}

nixos/modules/desktop/default.nix

@@ -0,0 +1,10 @@
+let
+  content = builtins.readDir ./.;
+
+  dirContent = builtins.filter (n: content.${n} == "directory") (builtins.attrNames content);
+
+  importList = map (name: ./. + "/${name}") dirContent;
+in
+{
+  imports = importList;
+}

nixos/modules/desktop/gnome/default.nix

@@ -20,6 +20,7 @@
         gnome-settings-daemon
         ;
     };
+    gvfs.enable = true;
   };
   environment = {
     variables = {
@@ -50,4 +51,5 @@
         ;
     };
   };
+  programs.dconf.enable = true;
 }

nixos/modules/desktop/hypr/default.nix

@@ -0,0 +1,10 @@
+let
+  content = builtins.readDir ./.;
+
+  dirContent = builtins.filter (n: content.${n} == "directory") (builtins.attrNames content);
+
+  importList = map (name: ./. + "/${name}") dirContent;
+in
+{
+  imports = importList;
+}

nixos/modules/desktop/plasma/default.nix

@@ -1,10 +1,10 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
   services = {
     desktopManager.plasma6.enable = true;
   };
   environment.plasma6.excludePackages = builtins.attrValues {
-    inherit
-      (pkgs.kdePackages)
+    inherit (pkgs.kdePackages)
       plasma-browser-integration
       konsole
       kate

nixos/modules/desktop/wayland/default.nix

@@ -0,0 +1,10 @@
+let
+  content = builtins.readDir ./.;
+
+  dirContent = builtins.filter (n: content.${n} == "directory") (builtins.attrNames content);
+
+  importList = map (name: ./. + "/${name}") dirContent;
+in
+{
+  imports = importList;
+}

nixos/modules/gvfs.nix

@@ -1,3 +0,0 @@
-{
-  services.gvfs.enable = true;
-}

nixos/modules/hardware/android/default.nix

@@ -1,11 +1,11 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
   programs = {
     adb.enable = true;
     droidcam.enable = true;
   };
   services.udev.packages = builtins.attrValues {
-    inherit
-      (pkgs)
+    inherit (pkgs)
       android-udev-rules
       ;
   };

nixos/modules/hardware/default.nix

@@ -0,0 +1,10 @@
+let
+  content = builtins.readDir ./.;
+
+  dirContent = builtins.filter (n: content.${n} == "directory") (builtins.attrNames content);
+
+  importList = map (name: ./. + "/${name}") dirContent;
+in
+{
+  imports = importList;
+}

nixos/modules/hyprland/default.nix

@@ -1,6 +0,0 @@
-{
-  imports = map (file: ./${file}.nix) [
-    "hypridle"
-    "hyprland"
-  ];
-}

nixos/modules/locale.nix

@@ -1,27 +0,0 @@
-{
-  time.timeZone = "America/Winnipeg";
-
-  i18n = let
-    locale = "en_CA.UTF-8";
-  in {
-    defaultLocale = locale;
-
-    extraLocaleSettings =
-      builtins.listToAttrs
-      (map (option: {
-          name = option;
-          value = locale;
-        })
-        [
-          "LC_ADDRESS"
-          "LC_IDENTIFICATION"
-          "LC_MEASUREMENT"
-          "LC_MONETARY"
-          "LC_NAME"
-          "LC_NUMERIC"
-          "LC_PAPER"
-          "LC_TELEPHONE"
-          "LC_TIME"
-        ]);
-  };
-}

nixos/modules/ollama.nix

@@ -1,62 +0,0 @@
-{
-  flake,
-  pkgs,
-  ...
-}:
-let
-  inherit (flake.config.services.instances)
-    ollama
-    web
-    ;
-  service = ollama;
-  localhost = web.localhost.address0;
-in
-{
-  services = {
-    ollama = {
-      acceleration = "rocm";
-      package = pkgs.ollama.override {
-        config = {
-          rocmSupport = true;
-          cudaSupport = false;
-        };
-      };
-      enable = true;
-      group = service.name;
-      host = "http://${localhost}";
-      models = service.paths.path1;
-      user = service.name;
-    };
-    open-webui = {
-      enable = true;
-      host = localhost;
-      port = service.ports.port0;
-      environment = {
-        ENABLE_OLLAMA_API = "True";
-        ANONYMIZED_TELEMETRY = "False";
-        DO_NOT_TRACK = "True";
-        SCARF_NO_ANALYTICS = "True";
-        OLLAMA_BASE_URL = "http://${localhost}:${toString service.ports.port1}";
-        WEBUI_AUTH = "True";
-      };
-    };
-  };
-
-  users.users.${service.name}.extraGroups = [
-    "users"
-  ];
-
-  systemd.tmpfiles.rules = [
-    "Z ${service.paths.path1} 0777 ${service.name} ${service.name} -"
-  ];
-
-  networking = {
-    firewall = {
-      allowedTCPPorts = [
-        # 8080
-        service.ports.port0
-        service.ports.port1
-      ];
-    };
-  };
-}

nixos/modules/programs/coreCtrl/default.nix

@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
   programs.corectrl = {
     enable = true;
     package = pkgs.corectrl;

nixos/modules/programs/default.nix

@@ -0,0 +1,10 @@
+let
+  content = builtins.readDir ./.;
+
+  dirContent = builtins.filter (n: content.${n} == "directory") (builtins.attrNames content);
+
+  importList = map (name: ./. + "/${name}") dirContent;
+in
+{
+  imports = importList;
+}

nixos/modules/programs/steam/default.nix

@@ -1,12 +1,12 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
   programs = {
     steam = {
       enable = true;
       remotePlay.openFirewall = true;
       dedicatedServer.openFirewall = true;
       extraPackages = builtins.attrValues {
-        inherit
-          (pkgs)
+        inherit (pkgs)
           curl
           ;
       };

nixos/modules/services/caddy/default.nix

@@ -1,6 +1,6 @@
-{flake, ...}: let
-  inherit
-    (flake.config.services.instances)
+{ flake, ... }:
+let
+  inherit (flake.config.services.instances)
     caddy
     web
     ;
@@ -8,7 +8,8 @@
   domain0 = web.domains.url0;
 
   service = caddy;
-in {
+in
+{
   services.caddy = {
     enable = true;
     virtualHosts = {

nixos/modules/services/default.nix

@@ -1,22 +1,10 @@
+let
+  content = builtins.readDir ./.;
+
+  dirContent = builtins.filter (n: content.${n} == "directory") (builtins.attrNames content);
+
+  importList = map (name: ./. + "/${name}") dirContent;
+in
 {
-  imports =
-    (map (folder: ./${folder}) [
-      "mastodon"
-    ])
-    ++ (map (file: ./${file}.nix) [
-      "acme"
-      "caddy"
-      "jellyfin"
-      "logrotate"
-      "minecraft"
-      "ollama"
-      "upRootNutrition"
-      # "peertube"
-      "postgresql"
-      # "owncast"
-      "samba"
-      "vaultwarden"
-      "forgejo"
-      # "nextcloud"
-    ]);
+  imports = importList;
 }

nixos/modules/services/jellyfin/default.nix

@@ -1,21 +1,20 @@
-{flake, ...}: let
-  inherit
-    (flake.config.people)
+{ flake, ... }:
+let
+  inherit (flake.config.people)
     user0
     ;
-  inherit
-    (flake.config.machines.devices)
+  inherit (flake.config.machines.devices)
     server
     ;
-  inherit
-    (flake.config.services.instances)
+  inherit (flake.config.services.instances)
     jellyfin
     web
     ;
   service = jellyfin;
   localhost = web.localhost.address0;
   host = "${service.subdomain}.${web.domains.url0}";
-in {
+in
+{
   services = {
     jellyfin = {
       enable = true;
@@ -42,28 +41,26 @@ in {
     };
   };
 
-  fileSystems = let
-    settings = {
-      fsType = "none";
-      options = [
-        "bind"
-      ];
-      depends = [
-        server.storage0.mount
-      ];
-    };
-  in {
-    "/var/lib/${service.name}" =
-      {
+  fileSystems =
+    let
+      settings = {
+        fsType = "none";
+        options = [
+          "bind"
+        ];
+        depends = [
+          server.storage0.mount
+        ];
+      };
+    in
+    {
+      "/var/lib/${service.name}" = {
         device = service.paths.path0;
-      }
-      // settings;
-    "/var/cache/${service.name}" =
-      {
+      } // settings;
+      "/var/cache/${service.name}" = {
         device = "${service.paths.path0}/cache";
-      }
-      // settings;
-  };
+      } // settings;
+    };
 
   systemd.tmpfiles.rules = [
     "Z ${service.paths.path0} 0755 ${user0} ${service.name} -"

nixos/modules/services/minecraft/default.nix

@@ -2,17 +2,17 @@
   config,
   flake,
   ...
-}: let
-  inherit
-    (flake.config.machines.devices)
+}:
+let
+  inherit (flake.config.machines.devices)
     server
     ;
-  inherit
-    (flake.config.services.instances)
+  inherit (flake.config.services.instances)
     minecraft
     ;
   service = minecraft;
-in {
+in
+{
   services = {
     minecraft-server = {
       enable = true;
@@ -55,24 +55,26 @@ in {
       };
     };
   };
-  sops = let
-    sopsPath = secret: {
-      path = "${service.sops.path0}/${service.name}-${secret}";
-      owner = service.name;
-      mode = "600";
+  sops =
+    let
+      sopsPath = secret: {
+        path = "${service.sops.path0}/${service.name}-${secret}";
+        owner = service.name;
+        mode = "600";
+      };
+    in
+    {
+      secrets = builtins.listToAttrs (
+        map
+          (secret: {
+            name = "${service.name}-${secret}";
+            value = sopsPath secret;
+          })
+          [
+            "pass"
+          ]
+      );
     };
-  in {
-    secrets = builtins.listToAttrs (
-      map
-      (secret: {
-        name = "${service.name}-${secret}";
-        value = sopsPath secret;
-      })
-      [
-        "pass"
-      ]
-    );
-  };
 
   fileSystems."/var/lib/${service.name}" = {
     device = service.paths.path0;

nixos/modules/services/nextcloud/default.nix

@@ -3,21 +3,18 @@
   config,
   pkgs,
   ...
-}: let
-  inherit
-    (flake.config.people)
+}:
+let
+  inherit (flake.config.people)
     user0
     ;
-  inherit
-    (flake.config.people.users.${user0})
+  inherit (flake.config.people.users.${user0})
     name
     ;
-  inherit
-    (flake.config.machines.devices)
+  inherit (flake.config.machines.devices)
     server
     ;
-  inherit
-    (flake.config.services.instances)
+  inherit (flake.config.services.instances)
     nextcloud
     nginx
     web
@@ -25,7 +22,8 @@
   service = nextcloud;
   localhost = web.localhost.address0;
   host = "${service.subdomain}.${web.domains.url1}";
-in {
+in
+{
   services = {
     nextcloud = {
       appstoreEnable = true;
@@ -38,8 +36,7 @@ in {
       phpOptions."opcache.interned_strings_buffer" = "24";
       extraAppsEnable = true;
       extraApps = {
-        inherit
-          (config.services.service.package.packages.apps)
+        inherit (config.services.service.package.packages.apps)
           contacts
           calendar
           ;
@@ -88,24 +85,26 @@ in {
     };
   };
 
-  sops = let
-    sopsPath = secret: {
-      path = "${service.sops.path0}/${service.name}-${secret}";
-      owner = service.name;
-      mode = "600";
+  sops =
+    let
+      sopsPath = secret: {
+        path = "${service.sops.path0}/${service.name}-${secret}";
+        owner = service.name;
+        mode = "600";
+      };
+    in
+    {
+      secrets = builtins.listToAttrs (
+        map
+          (secret: {
+            name = "${service.name}-${secret}";
+            value = sopsPath secret;
+          })
+          [
+            "pass"
+          ]
+      );
     };
-  in {
-    secrets = builtins.listToAttrs (
-      map
-      (secret: {
-        name = "${service.name}-${secret}";
-        value = sopsPath secret;
-      })
-      [
-        "pass"
-      ]
-    );
-  };
 
   fileSystems."/var/lib/${service.name}" = {
     device = service.paths.path0;

nixos/modules/services/ollama.nix

@@ -1,75 +0,0 @@
-{flake, ...}: let
-  inherit
-    (flake.config.machines.devices)
-    server
-    ;
-  inherit
-    (flake.config.services.instances)
-    ollama
-    web
-    ;
-  service = ollama;
-  localhost = web.localhost.address0;
-  host = "${service.subdomain}.${web.domains.url0}";
-in {
-  services = {
-    ollama = {
-      acceleration = false;
-      enable = true;
-      group = service.name;
-      host = "http://${localhost}";
-      port = service.ports.port1;
-      user = service.name;
-    };
-
-    open-webui = {
-      enable = true;
-      host = localhost;
-      port = service.ports.port0;
-      environment = {
-        ENABLE_OLLAMA_API = "True";
-        ANONYMIZED_TELEMETRY = "False";
-        DO_NOT_TRACK = "True";
-        SCARF_NO_ANALYTICS = "True";
-        OLLAMA_BASE_URL = "http://${localhost}:${toString service.ports.port1}";
-        WEBUI_AUTH = "True";
-      };
-    };
-
-    caddy = {
-      virtualHosts = {
-        ${host} = {
-          extraConfig = ''
-            reverse_proxy ${localhost}:${toString service.ports.port0}
-
-            tls ${service.ssl.cert} ${service.ssl.key}
-          '';
-        };
-      };
-    };
-  };
-
-  fileSystems."/var/lib/${service.name}" = {
-    device = service.paths.path0;
-    fsType = "none";
-    options = [
-      "bind"
-    ];
-    depends = [
-      server.storage0.mount
-    ];
-  };
-
-  systemd.tmpfiles.rules = [
-    "Z ${service.paths.path0} 0755 ${service.name} ${service.name} -"
-  ];
-
-  networking = {
-    firewall = {
-      allowedTCPPorts = [
-        service.ports.port0
-        service.ports.port1
-      ];
-    };
-  };
-}

nixos/modules/services/ollama/default.nix

@@ -0,0 +1,117 @@
+{
+  flake,
+  config,
+  pkgs,
+  ...
+}:
+let
+  inherit (flake.config.machines.devices)
+    desktop
+    server
+    ;
+  inherit (flake.config.services.instances)
+    ollama
+    web
+    ;
+  service = ollama;
+  localhost = web.localhost.address0;
+  hostname = config.networking.hostName;
+  host = "${service.subdomain}.${web.domains.url0}";
+
+  caddyLogic =
+    if hostname == server.name then
+      {
+        caddy = {
+          virtualHosts = {
+            ${host} = {
+              extraConfig = ''
+                reverse_proxy ${localhost}:${toString service.ports.port0}
+
+                tls ${service.ssl.cert} ${service.ssl.key}
+              '';
+            };
+          };
+        };
+      }
+    else
+      { };
+
+  mountLogic =
+    if hostname == server.name then
+      {
+        "/var/lib/${service.name}" = {
+          device = service.paths.path0;
+          fsType = "none";
+          options = [
+            "bind"
+          ];
+          depends = [
+            server.storage0.mount
+          ];
+        };
+      }
+    else
+      { };
+in
+{
+  services = {
+    ollama =
+      {
+        enable = true;
+        group = service.name;
+        host = "http://${localhost}";
+        user = service.name;
+      }
+      // (
+        if hostname == desktop.name then
+          {
+            acceleration = "rocm";
+            package = pkgs.ollama.override {
+              config = {
+                rocmSupport = true;
+                cudaSupport = false;
+              };
+            };
+          }
+        else
+          {
+            port = service.ports.port1;
+            acceleration = false;
+            models = service.paths.path1;
+          }
+      );
+    open-webui = {
+      enable = true;
+      host = localhost;
+      port = service.ports.port0;
+      environment = {
+        ENABLE_OLLAMA_API = "True";
+        ANONYMIZED_TELEMETRY = "False";
+        DO_NOT_TRACK = "True";
+        SCARF_NO_ANALYTICS = "True";
+        OLLAMA_BASE_URL = "http://${localhost}:${toString service.ports.port1}";
+        WEBUI_AUTH = "True";
+      };
+    };
+  } // caddyLogic;
+
+  systemd.tmpfiles.rules = [
+    (
+      if hostname == desktop.name then
+        "Z ${service.paths.path1} 0777 ${service.name} ${service.name} -"
+      else
+        "Z ${service.paths.path0} 0755 ${service.name} ${service.name} -"
+    )
+  ];
+
+  networking = {
+    firewall = {
+      allowedTCPPorts = [
+        # 8080
+        service.ports.port0
+        service.ports.port1
+      ];
+    };
+  };
+  fileSystems = mountLogic;
+}

nixos/modules/services/owncast/default.nix

@@ -1,13 +1,14 @@
-{flake, ...}: let
-  inherit
-    (flake.config.services.instances)
+{ flake, ... }:
+let
+  inherit (flake.config.services.instances)
     owncast
     web
     ;
   service = owncast;
   localhost = web.localhost.address1;
   host = "${service.subdomain}.${web.domains.url1}";
-in {
+in
+{
   services = {
     owncast = {
       enable = true;

nixos/modules/services/samba/default.nix

@@ -2,14 +2,15 @@
   pkgs,
   flake,
   ...
-}: let
-  inherit
-    (flake.config.services.instances)
+}:
+let
+  inherit (flake.config.services.instances)
     samba
     jellyfin
     ;
   service = samba;
-in {
+in
+{
   # If you ever need to start fresh, you need to add yourself to the Samba users database:
   # sudo smbpasswd -a username
   services = {

nixos/modules/services/website/default.nix

@@ -1,12 +1,13 @@
-{flake, ...}: let
-  inherit
-    (flake.config.services.instances)
+{ flake, ... }:
+let
+  inherit (flake.config.services.instances)
     upRootNutrition
     web
     ;
   service = upRootNutrition;
   host = web.domains.url3;
-in {
+in
+{
   services = {
     caddy = {
       virtualHosts = {

nixos/modules/sops/default.nix

@@ -25,7 +25,7 @@ let
 in
 {
   sops = {
-    defaultSopsFile = ../../secrets/secrets.yaml;
+    defaultSopsFile = ../../../secrets/secrets.yaml;
     validateSopsFiles = false;
     age = {
       keyFile = "/var/lib/sops-nix/key.txt";

nixos/modules/system.nix

@@ -1 +0,0 @@
-_: {}

nixos/modules/wayland/default.nix

@@ -1,11 +0,0 @@
-{
-  imports = map (file: ./${file}.nix) [
-    "geoclue2"
-    "greetd"
-    "network"
-    "regreet"
-    "swaylock"
-    "thunar"
-    "wayland"
-  ];
-}

templates/elm/parts/config/devshells.nix

@@ -2,18 +2,21 @@
   pkgs,
   pkgs-stable,
   ...
-}: {
+}:
+{
   devShells = {
     default = pkgs.mkShell {
       packages = builtins.attrValues {
-        inherit
-          (pkgs)
+        inherit (pkgs)
+          age
           just
-          nixd
           nil
+          nixd
+          sops
+          ssh-to-age
+          nixfmt-rfc-style
           ;
-        inherit
-          (pkgs-stable.elmPackages)
+        inherit (pkgs-stable.elmPackages)
           elm
           elm-format
           elm-land
@@ -21,8 +24,7 @@
           elm-review
           elm-test
           ;
-        inherit
-          (pkgs.haskellPackages)
+        inherit (pkgs.haskellPackages)
           nixfmt
           ;
       };

templates/haskell/parts/config/devshells.nix

@@ -2,57 +2,38 @@
   pkgs,
   config,
   ...
-}: {
+}:
+{
   haskellProjects.default = {
     devShell = {
       enable = true;
 
       tools = hp: {
-        inherit
-          (hp)
+        inherit (hp)
           cabal-fmt
           haskell-language-server
           ;
 
-        inherit
-          (pkgs)
+        inherit (pkgs)
           dhall
           dhall-json
           dhall-lsp-server
           helix-gpt
-          nixd
+          age
           just
-          libz
-          ngrep
           nil
+          nixd
           sops
           ssh-to-age
+          nixfmt-rfc-style
+          libz
+          ngrep
           stripe-cli
           vscode-langservers-extracted
           zlib
           ;
 
-        inherit
-          (pkgs.elmPackages)
-          elm
-          elm-format
-          elm-land
-          elm-language-server
-          elm-review
-          elm-test
-          ;
-
-        inherit
-          (pkgs.nodePackages_latest)
-          "@commitlint/config-conventional"
-          dotenv-cli
-          forever
-          nodejs
-          npm
-          typescript-language-server
-          ;
-        inherit
-          (pkgs.haskellPackages)
+        inherit (pkgs.haskellPackages)
           nixfmt
           ;
       };