stuff

common/networking/default.nix

@@ -0,0 +1,9 @@
+{
+  config,
+  lib,
+  ...
+}: {
+  imports = [./zerotier.nix];
+
+  zerotier.enable = lib.mkDefault true;
+}

common/networking/zerotier.nix

@@ -6,6 +6,10 @@
   outputs,
   ...
 }: {
+  options = {
+    zerotier.enable = lib.mkEnableOption "Enables zerotier and joins my network";
+  };
+  config = lib.mkIf config.zerotier.enable {
     services.zerotierone = {
       joinNetworks = [
         "ebe7fbd445359e9d"
@@ -18,4 +22,5 @@
       192.168.191.213 candlekeep.zt
       192.168.191.168 grymforge.zt
     '';
+  };
 }

common/nixos/packages.nix

@@ -27,6 +27,7 @@
     nh
     nix-output-monitor
     nvd
+    inputs.superfile.packages.${system}.default
   ];
   environment.sessionVariables = {
     FLAKE = "/home/${user}/repos/nixos-config";

common/virtualization/default.nix

@@ -0,0 +1,13 @@
+{
+  config,
+  pkgs,
+  user,
+  lib,
+  ...
+}: {
+  imports = [./libvirt.nix ./podman.nix ./kubernetes.nix];
+
+  libvirt.enable = lib.mkDefault true;
+  podman.enable = lib.mkDefault true;
+  kubernetes.enable = lib.mkDefault true;
+}

common/virtualization/kubernetes.nix

@@ -1,9 +1,13 @@
 {
   config,
   pkgs,
-  user,
+  lib,
   ...
 }: {
+  options = {
+    kubernetes.enable = lib.mkEnableOption "Enables Kubernetes and tooling";
+  };
+  config = lib.mkIf config.kubernetes.enable {
     environment.systemPackages = with pkgs; [
       argocd # Declarative, GitOps continuous delivery tool for Kubernetes.
       k3d # Lightweight utility to run Kubernetes clusters using Docker.
@@ -15,4 +19,5 @@
       minikube # Local Kubernetes cluster for easy testing and development.
       stern # Multi-container log tailing and streaming for Kubernetes.
     ];
+  };
 }

common/virtualization/libvirt.nix

@@ -2,10 +2,16 @@
   config,
   pkgs,
   user,
+  lib,
   ...
 }: {
+  options = {
+    libvirt.enable = lib.mkEnableOption "Enables Libvirt";
+  };
+  config = lib.mkIf config.libvirt.enable {
     boot.kernelModules = ["kvm-amd"];
     environment.systemPackages = with pkgs; [virt-manager];
     virtualisation.libvirtd.enable = true;
     users.extraGroups.libvirtd.members = ["${user}"];
+  };
 }

common/virtualization/podman.nix

@@ -1,4 +1,14 @@
-{pkgs, ...}: {
+{
+  pkgs,
+  lib,
+  config,
+  ...
+}: {
+  options = {
+    podman.enable = lib.mkEnableOption "Enables podman and installs container tools";
+  };
+
+  config = lib.mkIf config.podman.enable {
     virtualisation = {
       podman = {
         enable = true;
@@ -15,10 +25,11 @@
       buildah # Tool for building OCI (Open Container Initiative) and Docker container images.
       distrobox # Lightweight utility for running Linux distributions in containers.
       dive # A tool for exploring a Docker image, allowing inspection of layer contents.
-    #grype # A vulnerability scanner for container images and filesystems.
+      grype # A vulnerability scanner for container images and filesystems.
       hadolint # Dockerfile linter to analyze and enforce best practices in containerization.
       podman-compose # Podman plugin for managing multi-container applications.
       podman-tui # Text-based user interface (TUI) for Podman, facilitating container management.
       syft # Open-source tool for scanning and analyzing container images for software composition and vulnerabilities.
     ];
+  };
 }

flake.lock

@@ -366,6 +366,22 @@
         "type": "github"
       }
     },
+    "flake-compat_8": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1696426674,
+        "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
     "flake-parts": {
       "inputs": {
         "nixpkgs-lib": [
@@ -496,6 +512,42 @@
         "type": "github"
       }
     },
+    "flake-utils_7": {
+      "inputs": {
+        "systems": "systems_8"
+      },
+      "locked": {
+        "lastModified": 1710146030,
+        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "flake-utils_8": {
+      "inputs": {
+        "systems": "systems_9"
+      },
+      "locked": {
+        "lastModified": 1694529238,
+        "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
     "fromYaml": {
       "flake": false,
       "locked": {
@@ -617,6 +669,28 @@
         "type": "github"
       }
     },
+    "gomod2nix": {
+      "inputs": {
+        "flake-utils": "flake-utils_8",
+        "nixpkgs": [
+          "superfile",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1710154385,
+        "narHash": "sha256-4c3zQ2YY4BZOufaBJB4v9VBBeN2dH7iVdoJw8SDNCfI=",
+        "owner": "nix-community",
+        "repo": "gomod2nix",
+        "rev": "872b63ddd28f318489c929d25f1f0a3c6039c971",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "gomod2nix",
+        "type": "github"
+      }
+    },
     "home-manager": {
       "inputs": {
         "nixpkgs": [
@@ -1131,6 +1205,22 @@
         "type": "github"
       }
     },
+    "nixpkgs_7": {
+      "locked": {
+        "lastModified": 1712439257,
+        "narHash": "sha256-aSpiNepFOMk9932HOax0XwNxbA38GOUVOiXfUVPOrck=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "ff0dbd94265ac470dda06a657d5fe49de93b4599",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
     "nixvim": {
       "inputs": {
         "devshell": "devshell",
@@ -1298,7 +1388,8 @@
         "nixpkgs-unstable": "nixpkgs-unstable",
         "pre-commit-hooks": "pre-commit-hooks_4",
         "sops-nix": "sops-nix",
-        "stylix": "stylix"
+        "stylix": "stylix",
+        "superfile": "superfile"
       }
     },
     "sops-nix": {
@@ -1352,6 +1443,27 @@
         "type": "github"
       }
     },
+    "superfile": {
+      "inputs": {
+        "flake-compat": "flake-compat_8",
+        "flake-utils": "flake-utils_7",
+        "gomod2nix": "gomod2nix",
+        "nixpkgs": "nixpkgs_7"
+      },
+      "locked": {
+        "lastModified": 1713886578,
+        "narHash": "sha256-oWkL+jvuut/cy44zghbVmbv6Cq+b49E/J7y/LDsS3+A=",
+        "owner": "MHNightCat",
+        "repo": "superfile",
+        "rev": "a2b1a563b0e626099c08939aa330b3c1cb331f2f",
+        "type": "github"
+      },
+      "original": {
+        "owner": "MHNightCat",
+        "repo": "superfile",
+        "type": "github"
+      }
+    },
     "systems": {
       "locked": {
         "lastModified": 1681028828,
@@ -1457,6 +1569,36 @@
         "type": "github"
       }
     },
+    "systems_8": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    },
+    "systems_9": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    },
     "wlroots": {
       "flake": false,
       "locked": {

flake.nix

@@ -39,6 +39,10 @@
 
     sops-nix.url = "github:Mic92/sops-nix";
 
+    superfile = {
+      url = "github:MHNightCat/superfile";
+    };
+
     pre-commit-hooks.url = "github:cachix/pre-commit-hooks.nix";
     pre-commit-hooks.inputs.nixpkgs.follows = "nixpkgs";
   };

hosts/candlekeep/configuration.nix

@@ -15,7 +15,7 @@
     # outputs.nixosModules.example
     ../../common/nixos/common.nix
     ../../common/nixos/laptop.nix
-    ../../common/networking/zerotier.nix
+    ../../common/networking/default.nix
     ../../common/nixos/bluetooth.nix
     ../../common/nixos/restic.nix
     ../../common/nixos/ssh.nix
@@ -24,9 +24,7 @@
     ../../common/gui/hyprland.nix
     ../../common/gui/thunar.nix
     ../../common/style/stylix.nix
-    ../../common/virtualization/podman.nix
+    ../../common/virtualization/default.nix
-    ../../common/virtualization/kubernetes.nix
-    ../../common/virtualization/libvirt.nix
     ../../common/nixos/sysctl/default.nix
 
     ./auditd.nix