more changes

apps/default.nix

@@ -25,9 +25,6 @@ rec {
   # Re-encrypt secrets for all machines
   reencrypt-secrets = import ./reencrypt-secrets.nix { inherit pkgs; };
 
-  # Connect machine metrics to Netdata Cloud
-  netdata = import ./netdata-cloud.nix { inherit pkgs; };
-
   # Run neovim as an app
   neovim = import ./neovim.nix { inherit pkgs; };
   nvim = neovim;

apps/format-root.nix

@@ -5,37 +5,5 @@
 
   type = "app";
 
-  program = builtins.toString (
+  program = pkgs.lib.getExe pkgs.format-root;
-    pkgs.writeShellScript "format-root" ''
-      set -e
-
-      DISK=$1
-
-      if [ -z "''${DISK}" ]; then
-          ${pkgs.gum}/bin/gum style --width 50 --margin "1 2" --padding "2 4" \
-              --foreground "#fb4934" \
-              "Missing required parameter." \
-              "Usage: format-root -- <disk>" \
-              "Flake example: nix run github:nmasur/dotfiles#format-root -- nvme0n1"
-          echo "(exiting)"
-          exit 1
-      fi
-
-      ${pkgs.disko}/bin/disko \
-          --mode create \
-          --dry-run \
-          --flake "path:$(pwd)#root" \
-          --arg disk \""/dev/''${DISK}"\"
-
-      ${pkgs.gum}/bin/gum confirm \
-          "This will ERASE ALL DATA on the disk /dev/''${DISK}. Are you sure you want to continue?" \
-          --default=false
-
-      ${pkgs.disko}/bin/disko \
-          --mode create \
-          --flake "path:$(pwd)#root" \
-          --arg disk "/dev/''${DISK}"
-
-    ''
-  );
 }

apps/help.nix

@@ -17,7 +17,6 @@
           '  • {{ Color "15" "57" " loadkey " }} {{ Italic "Load an ssh key for this machine using melt." }}' \
           '  • {{ Color "15" "57" " encrypt-secret " }} {{ Italic "Encrypt a secret for all machines." }}' \
           '  • {{ Color "15" "57" " reencrypt-secrets " }} {{ Italic "Reencrypt all secrets when new machine is added." }}' \
-          '  • {{ Color "15" "57" " netdata " }} {{ Italic "Connect a machine to Netdata cloud." }}'
       echo ""
       echo ""
     ''

apps/netdata-cloud.nix

@@ -1,21 +0,0 @@
-{ pkgs, ... }:
-{
-
-  type = "app";
-
-  program = builtins.toString (
-    pkgs.writeShellScript "netdata-cloud" ''
-      if [ "$EUID" -ne 0 ]; then
-        echo "Please run as root"
-        exit 1
-      fi
-      mkdir --parents --mode 0750 /var/lib/netdata/cloud.d
-      printf "\nEnter the claim token for netdata cloud...\n\n"
-      read -p "Token: " token
-      echo "''${token}" > /var/lib/netdata/cloud.d/token
-      chown -R netdata:netdata /var/lib/netdata
-      ${pkgs.netdata}/bin/netdata-claim.sh -id=$(uuidgen)
-      printf "\n\nNow restart netdata service.\n\n"
-    ''
-  );
-}

disks/zfs.nix

@@ -1,98 +0,0 @@
-{ pool, disks, ... }:
-{
-  disk = lib.genAttrs disks (disk: {
-    "${disk}" = {
-      type = "disk";
-      device = "/dev/${disk}";
-      content = {
-        type = "table";
-        format = "gpt";
-        partitions = [
-          {
-            type = "partition";
-            name = "zfs";
-            start = "128MiB";
-            end = "100%";
-            content = {
-              type = "zfs";
-              pool = pool;
-            };
-          }
-        ];
-      };
-    };
-  });
-  zpool = {
-    "${pool}" = {
-      type = "zpool";
-      mode = "raidz1";
-      rootFsOptions = {
-        compression = "on"; # lz4 by default
-        "com.sun:auto-snapshot" = "false";
-        ashift = "12";
-      };
-      # mountpoint = "/";
-
-      datasets = {
-        root = {
-          zfs_type = "filesystem";
-          mountpoint = null;
-          options."com.sun:auto-snapshot" = "false";
-        };
-        # "media/movies" = {
-        #   zfs_type = "filesystem";
-        #   mountpoint = "/media/movies";
-        #   options.recordsize = "1M";
-        # };
-        # "media/tv" = {
-        #   zfs_type = "filesystem";
-        #   mountpoint = "/media/tv";
-        #   options.recordsize = "1M";
-        # };
-        # "media/books" = {
-        #   zfs_type = "filesystem";
-        #   mountpoint = "/media/books";
-        # };
-        # archive = {
-        #   zfs_type = "filesystem";
-        #   mountpoint = "/archive";
-        #   options.compression = "zstd";
-        #   options."com.sun:auto-snapshot" = "true";
-        # };
-        # zfs_unmounted_fs = {
-        #   zfs_type = "filesystem";
-        #   options.mountpoint = "none";
-        # };
-        # zfs_legacy_fs = {
-        #   zfs_type = "filesystem";
-        #   options.mountpoint = "legacy";
-        #   mountpoint = "/zfs_legacy_fs";
-        # };
-        # zfs_testvolume = {
-        #   zfs_type = "volume";
-        #   size = "10M";
-        #   content = {
-        #     type = "filesystem";
-        #     format = "ext4";
-        #     mountpoint = "/ext4onzfs";
-        #   };
-        # };
-        # encrypted = {
-        #   zfs_type = "filesystem";
-        #   size = "20M";
-        #   options = {
-        #     mountpoint = "none";
-        #     encryption = "aes-256-gcm";
-        #     keyformat = "passphrase";
-        #     keylocation = "file:///tmp/secret.key";
-        #   };
-        # };
-        # "encrypted/test" = {
-        #   zfs_type = "filesystem";
-        #   size = "2M";
-        #   mountpoint = "/zfs_crypted";
-        # };
-      };
-    };
-  };
-}

flake.lock

@@ -508,26 +508,12 @@
         "type": "github"
       }
     },
-    "nixpkgs_2": {
-      "locked": {
-        "lastModified": 1737062831,
-        "narHash": "sha256-Tbk1MZbtV2s5aG+iM99U8FqwxU/YNArMcWAv6clcsBc=",
-        "owner": "nixos",
-        "repo": "nixpkgs",
-        "rev": "5df43628fdf08d642be8ba5b3625a6c70731c19c",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nixos",
-        "ref": "nixos-unstable",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
     "nur": {
       "inputs": {
         "flake-parts": "flake-parts",
-        "nixpkgs": "nixpkgs_2",
+        "nixpkgs": [
+          "nixpkgs"
+        ],
         "treefmt-nix": "treefmt-nix"
       },
       "locked": {

flake.nix

@@ -1,5 +1,5 @@
 {
-  description = "My system";
+  description = "An opinionated flake containing the NixOS, nix-darwin, and home-manager configurations for multiple systems.";
 
   # Other flakes that we want to pull from
   inputs = {
@@ -29,7 +29,10 @@
     };
 
     # Community packages; used for Firefox extensions
-    nur.url = "github:nix-community/nur";
+    nur = {
+      url = "github:nix-community/nur";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
 
     # Use official Firefox binary for macOS
     firefox-darwin = {

modules/common/default.nix

@@ -171,14 +171,6 @@
     in
     {
 
-      # Basic common system packages for all devices
-      environment.systemPackages = with pkgs; [
-        git
-        vim
-        wget
-        curl
-      ];
-
       # Allow specified unfree packages (identified elsewhere)
       # Retrieves package object based on string name
       nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) config.unfreePackages;

pkgs/tools/misc/format-root/format-root.sh

@@ -0,0 +1,30 @@
+#!/usr/bin/env bash
+
+set -e
+
+DISK=$1
+
+if [ -z "${DISK}" ]; then
+    gum style --width 50 --margin "1 2" --padding "2 4" \
+        --foreground "#fb4934" \
+        "Missing required parameter." \
+        "Usage: format-root -- <disk>" \
+        "Flake example: nix run github:nmasur/dotfiles#format-root -- nvme0n1"
+    echo "(exiting)"
+    exit 1
+fi
+
+disko \
+    --mode create \
+    --dry-run \
+    --flake "path:$(pwd)#root" \
+    --arg disk \""/dev/${DISK}"\"
+
+gum confirm \
+    "This will ERASE ALL DATA on the disk /dev/${DISK}. Are you sure you want to continue?" \
+    --default=false
+
+disko \
+    --mode create \
+    --flake "path:$(pwd)#root" \
+    --arg disk "/dev/${DISK}"

pkgs/tools/misc/format-root/package.nix

@@ -0,0 +1,10 @@
+{ pkgs, ... }:
+
+pkgs.writeShellApplication {
+  name = "format-root";
+  runtimeInputs = [
+    pkgs.gum
+    pkgs.disko
+  ];
+  text = builtins.readFile ./format-root.sh;
+}

platforms/home-manager/modules/nmasur/presets/programs/zoxide.nix

@@ -1,6 +1,5 @@
 {
   config,
-  pkgs,
   lib,
   ...
 }:

platforms/home-manager/modules/nmasur/profiles/extra.nix

@@ -31,6 +31,8 @@ in
       pkgs.duf # Basic disk information (df)
       pkgs.pandoc # Convert text documents
       pkgs.mpd # TUI slideshows
+      pkgs.doggo # DNS client (dig)
+      pkgs.bottom # System monitor (top)
     ];
 
     programs.fish.shellAliases = {

platforms/nixos/modules/nmasur/profiles/base.nix

@@ -1,5 +1,6 @@
 {
   config,
+  pkgs,
   lib,
   ...
 }:
@@ -31,6 +32,14 @@ in
       ];
     };
 
+    # Basic common system packages for all devices
+    environment.systemPackages = [
+      pkgs.git
+      pkgs.vim
+      pkgs.wget
+      pkgs.curl
+    ];
+
     # Include home-manager config in NixOS
     home-manager = {
       sharedModules = [ ../../../../home-manager ];

platforms/nixos/modules/nmasur/profiles/home.nix

@@ -6,12 +6,13 @@
 }:
 
 let
-  cfg = config.nmasur.profiles.on-premises;
+  cfg = config.nmasur.profiles.home;
 in
 
 {
 
-  options.nmasur.profiles.on-premises.enable = lib.mkEnableOption "on-premises machine settings";
+  options.nmasur.profiles.home.enable =
+    lib.mkEnableOption "home (on-premises, physical) machine settings";
 
   config = lib.mkIf cfg.enable {