change pub key management again, centralize users, start to modularize lenovo conf

1 files changed, 4 insertions, 65 deletions

diff --git a/machines/lenovo/configuration.nix b/machines/lenovo/configuration.nix
index 1b42b9d..adf0814 100644
--- a/machines/lenovo/configuration.nix
+++ b/machines/lenovo/configuration.nix
@@ -1,11 +1,14 @@
 {
   config,
   lib,
-  pkgs,
   modulesPath,
   machine,
   ...
 }: {
+  imports = [
+    ./impermanence.nix
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
   age.secrets = {
     secret0.file = ../../secrets/secret0.age;
     secret1.file = ../../secrets/secret1.age;
@@ -14,48 +17,6 @@
     efi.canTouchEfiVariables = true;
     systemd-boot.enable = true;
   };
-  environment.persistence."/nix/persist" = {
-    enable = true;
-    hideMounts = true;
-    directories = [
-      "/var/log"
-      "/var/lib/bluetooth"
-      "/var/lib/nixos"
-      "/var/lib/systemd/coredump"
-      "/etc/NetworkManager/system-connections"
-      "/etc/ssh"
-    ];
-    files = [
-      "/etc/machine-id"
-      "/etc/ly/save.txt"
-    ];
-    users."andromeda" = {
-      directories = [
-        ".backups"
-        ".local/share/Anki2"
-        ".local/share/chat.fluffy.fluffychat"
-        ".local/share/zoxide"
-        ".ssh"
-        "conf"
-        "Downloads"
-        "pp"
-      ];
-      files = [
-        ".bash_history"
-        ".brush_history"
-      ];
-    };
-    users."mtgmonkey" = {
-      directories = [
-        ".local/share/zoxide"
-        ".ssh"
-      ];
-      files = [
-        ".bash_history"
-        ".brush_history"
-      ];
-    };
-  };
   hardware.bluetooth = {
     enable = true;
     powerOnBoot = true;
@@ -95,28 +56,6 @@
   };
   system.stateVersion = "26.05";
   time.timeZone = "Europe/Berlin";
-  users.users."andromeda" = {
-    isNormalUser = true;
-    description = "andromeda";
-    hashedPasswordFile = builtins.toString config.age.secrets.secret0.path;
-    extraGroups = [
-      "networkmanager"
-      "wheel"
-    ];
-  };
-  users.users."mtgmonkey" = {
-    isNormalUser = true;
-    description = "mtgmonkey";
-    hashedPasswordFile = builtins.toString config.age.secrets.secret1.path;
-    extraGroups = [
-      "networkmanager"
-      "wheel"
-    ];
-  };
-  imports = [
-    (modulesPath + "/installer/scan/not-detected.nix")
-  ];
-
   boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "sdhci_pci"];
   boot.initrd.kernelModules = [];
   boot.kernelModules = ["kvm-intel"];