cleanup modules

3 files changed, 90 insertions, 0 deletions

diff --git a/modules/common/default.nix b/modules/common/default.nix
new file mode 100644
index 0000000..f338823
--- /dev/null
+++ b/modules/common/default.nix
@@ -0,0 +1,37 @@
+{ config, lib, pkgs, ... }:
+
+{
+  imports = [ ./nix-settings.nix ./networking.nix ];
+
+  # Time and Locale
+  time.timeZone = "UTC";
+  i18n.defaultLocale = "en_US.UTF-8";
+  console = {
+    font = "Lat2-Terminus16";
+    keyMap = "us";
+  };
+
+  # Default Packages Set
+  environment.systemPackages = with pkgs; [ vim htop wget nftables wireguard-tools ];
+
+  # Security
+  networking.firewall.enable = false;
+  security.sudo.wheelNeedsPassword = false;
+  services.openssh = {
+    enable = true;
+    settings = {
+      PasswordAuthentication = false;
+      PermitRootLogin = "no";
+    };
+  };
+
+  # CPU
+  powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
+  hardware.cpu.amd.updateMicrocode =
+    lib.mkDefault config.hardware.enableRedistributableFirmware;
+  hardware.cpu.intel.updateMicrocode =
+    lib.mkDefault config.hardware.enableRedistributableFirmware;
+
+  # System state version
+  system.stateVersion = lib.mkDefault "23.05";
+}
diff --git a/modules/common/networking.nix b/modules/common/networking.nix
new file mode 100644
index 0000000..0f9aaca
--- /dev/null
+++ b/modules/common/networking.nix
@@ -0,0 +1,15 @@
+{ config, lib, pkgs, ... }:
+
+{
+  networking = {
+    usePredictableInterfaceNames = false;
+    enableIPv6 = true;
+    tempAddresses = "disabled";
+    interfaces.eth0.useDHCP = true;
+    nameservers = [ "1.1.1.1" "8.8.8.8" ];
+
+    dhcpcd.extraConfig = ''
+      nohook resolv.conf
+    '';
+  };
+}
diff --git a/modules/common/nix-settings.nix b/modules/common/nix-settings.nix
new file mode 100644
index 0000000..9e2eeb9
--- /dev/null
+++ b/modules/common/nix-settings.nix
@@ -0,0 +1,38 @@
+{ config, nixpkgs, lib, pkgs, ... }:
+
+{
+  environment.etc = {
+    "nix/channels/nixpkgs".source = nixpkgs.outPath;
+  };
+
+  nix = {
+    extraOptions = ''
+      keep-outputs = true
+      keep-derivations = true
+      experimental-features = nix-command flakes
+    '';
+
+    registry = {
+      nixpkgs.flake = nixpkgs;
+    };
+
+    nixPath = [
+      "nixpkgs=/etc/nix/channels/nixpkgs"
+    ];
+
+    settings = {
+      trusted-users = [ "@wheel" ];
+      auto-optimise-store = true;
+
+      substituters = [
+        "https://cache.nixos.org/"
+        "https://nix-community.cachix.org"
+      ];
+
+      trusted-public-keys = [
+        "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
+        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+      ];
+    };
+  };
+}