From 7a85f7cec62ef34dced2c5f5472c6eb9d0b1e457 Mon Sep 17 00:00:00 2001
From: Philipp Hochkamp <git@phochkamp.de>
Date: Fri, 25 Mar 2022 13:32:05 +0100
Subject: [PATCH] feat: working nixos

---
 flake.nix                            | 8 ++++----
 hosts/ds9/default.nix                | 6 ++++--
 hosts/ds9/hardware-configuration.nix | 2 +-
 nixos-common.nix                     | 4 +---
 nixos-modules/services/unifi.nix     | 1 +
 nixos-modules/system/agenix.nix      | 2 +-
 nixos-modules/user/default.nix       | 2 +-
 7 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/flake.nix b/flake.nix
index e270ebce..da9ae230 100644
--- a/flake.nix
+++ b/flake.nix
@@ -56,8 +56,8 @@
       ];
     };
 
-    hmConfig = { pkgs, inputs, config, ...}: { 
-      imports = lib.my.mapModulesRec' ./hm-imports (x: x);
+    hmConfig = { hm, pkgs, inputs, config, ...}: { 
+      imports = (lib.my.mapModulesRec' ./hm-imports (x: x)) ++ ["${impermanence}/home-manager.nix"];
     };
 
     rev = if (lib.hasAttrByPath [ "rev" ] self.sourceInfo) then self.sourceInfo.rev else "Dirty Build";
@@ -79,10 +79,10 @@
                 "<<< Welcome to ${config.system.nixos.label} @ ${rev} - Please leave\\l >>>";
               home-manager.useGlobalPkgs = true;
               home-manager.useUserPackages = true;
-              home-manager.extraSpecialArgs = { inherit inputs lib; };
+              home-manager.extraSpecialArgs = { inherit inputs ;  };
             }
 
-            (lib.mkIf (config.users.extraUsers.ragon != null) { # import hm stuff if enabled
+            (lib.mkIf config.ragon.user.enable { # import hm stuff if enabled
             home-manager.users.ragon = hmConfig;
             })
           ])
diff --git a/hosts/ds9/default.nix b/hosts/ds9/default.nix
index 68625c1d..a708d66a 100644
--- a/hosts/ds9/default.nix
+++ b/hosts/ds9/default.nix
@@ -3,7 +3,9 @@
 # and in the NixOS manual (accessible by running ‘nixos-help’).
 
 { config, inputs, pkgs, lib, ... }:
-
+let 
+  pubkeys = import ../../data/pubkeys.nix;
+in
 {
   imports =
     [
@@ -35,7 +37,7 @@
         "/persistent/etc/nixos/secrets/initrd/ssh_host_rsa_key"
         "/persistent/etc/nixos/secrets/initrd/ssh_host_ed25519_key"
       ];
-      authorizedKeys = pkgs.pubkeys.ragon.computers;
+      authorizedKeys = pubkeys.ragon.computers;
 
     };
 
diff --git a/hosts/ds9/hardware-configuration.nix b/hosts/ds9/hardware-configuration.nix
index d2252ee0..fcd10e40 100644
--- a/hosts/ds9/hardware-configuration.nix
+++ b/hosts/ds9/hardware-configuration.nix
@@ -8,7 +8,7 @@
 
   boot.initrd.availableKernelModules = [ "r8169" "ahci" "vfio-pci" "xhci_pci" "ehci_pci" "nvme" "usbhid" "sd_mod" "sr_mod" ];
   boot.kernelModules = [ "kvm-amd" ];
-  nix.maxJobs = lib.mkDefault 12;
+  nix.settings.max-jobs = lib.mkDefault 12;
   powerManagement.cpuFreqGovernor = "performance";
 
   services.zfs.autoScrub.enable = true;
diff --git a/nixos-common.nix b/nixos-common.nix
index 175fdb30..2dcb2871 100644
--- a/nixos-common.nix
+++ b/nixos-common.nix
@@ -2,7 +2,7 @@
 with lib;
 with lib.my;
 let
-  pubkeys = import ./data/pubkeys.nix {};
+  pubkeys = import ./data/pubkeys.nix;
 in
 {
   # Set your time zone.
@@ -41,8 +41,6 @@ in
       };
       extraOptions = "experimental-features = nix-command flakes";
       nixPath = nixPathInputs ++ [
-        "nixpkgs-overlays=${config.conf.dir}/overlays"
-        "conf=${config.conf.dir}"
       ];
       registry = registryInputs // { conf.flake = inputs.self; };
     };
diff --git a/nixos-modules/services/unifi.nix b/nixos-modules/services/unifi.nix
index d0d8a084..2007f4dc 100644
--- a/nixos-modules/services/unifi.nix
+++ b/nixos-modules/services/unifi.nix
@@ -13,6 +13,7 @@ in
   config = lib.mkIf cfg.enable {
     services.unifi = {
       enable = true;
+      openFirewall = true;
     };
     services.nginx.virtualHosts."${cfg.domainPrefix}.${domain}" = {
       forceSSL = true;
diff --git a/nixos-modules/system/agenix.nix b/nixos-modules/system/agenix.nix
index 74b67095..b10035d5 100644
--- a/nixos-modules/system/agenix.nix
+++ b/nixos-modules/system/agenix.nix
@@ -17,7 +17,7 @@ in
     };
   };
   config = mkIf cfg.enable {
-    environment.systemPackages = [ agenix.defaultPackage.${pkgs.system} ];
+    environment.systemPackages = [ inputs.agenix.defaultPackage.${pkgs.system} ];
     # Set passwords
     users.users.root.passwordFile = config.age.secrets.rootPasswd.path;
     age.identityPaths =
diff --git a/nixos-modules/user/default.nix b/nixos-modules/user/default.nix
index 16ac425a..a6111070 100644
--- a/nixos-modules/user/default.nix
+++ b/nixos-modules/user/default.nix
@@ -5,7 +5,7 @@ let
   username = cfg.username;
   extraGroups = cfg.extraGroups;
   extraAuthorizedKeys = cfg.extraAuthorizedKeys;
-  pubkeys = import ../../data/pubkeys.nix {};
+  pubkeys = import ../../data/pubkeys.nix;
 
 in
 {