move profiles to use haumea

.sops.yaml

@@ -10,18 +10,18 @@ creation_rules:
     key_groups:
       - age:
         - *xun
-  - path_regex: secrets/global
+  - path_regex: profiles/secrets/global
     key_groups:
       - age:
         - *xun
         - *nixdesk
         - *hopper
-  - path_regex: secrets/nixdesk
+  - path_regex: profiles/secrets/nixdesk
     key_groups:
       - age:
         - *xun
         - *nixdesk
-  - path_regex: secrets/hopper
+  - path_regex: profiles/secrets/hopper
     key_groups:
       - age:
         - *xun

hosts/default.nix

@@ -77,12 +77,10 @@ in {
       imports = lib.flatten [
         ./nixdesk
 
-        (rootPaths [
-          "secrets"
-          "secrets/nixdesk"
-        ])
-
         (with profiles; [
+          secrets.default
+          secrets.nixdesk.default
+
           core.default
           core.tools
           core.compat
@@ -103,7 +101,7 @@ in {
           network.tailscale
           network.goldberg
 
-          desktop.default
+          desktop.ly
           desktop.awesome
           desktop.sway
           #..desktop.hyprland
@@ -144,43 +142,19 @@ in {
       imports = lib.flatten [
         ./hopper
 
-        (rootPaths [
+        (with profiles; [
-          "secrets"
+          secrets.default
-          "secrets/hopper"
+          secrets.hopper.default
+
+          core.default
+          core.tools
+
+          network.avahi
+          network.networkd
+          network.tailscale
+
+          services.syncthing
         ])
-
-        (modulePaths [
-          "core"
-          "core/tools.nix"
-
-          #"programs"
-          #"programs/steam.nix"
-
-          #"desktop"
-          #"desktop/awesome.nix"
-
-          #"hardware/graphics.nix"
-          #"hardware/steam-hardware.nix"
-          #"hardware/bluetooth.nix"
-          #"hardware/qmk.nix"
-
-          "network/avahi.nix"
-          "network/networkd.nix"
-          "network/tailscale.nix"
-
-          #"services"
-          #"services/pipewire.nix"
-          "services/syncthing.nix"
-          #"services/containers/server"
-          # "services/containers/experimental" # TODO maybe reenable this?? or just abandon it and move fully to systemd network namespace
-        ])
-
-        #{
-        #  home-manager = {
-        #    users.xun.imports = homeImports."xun@hopper";
-        #    extraSpecialArgs = specialArgs;
-        #  };
-        #}
       ];
     };
     liveiso = {
@@ -188,11 +162,10 @@ in {
       imports = lib.flatten [
         ./liveiso
 
-        (modulePaths [
+        (with profiles; [
-          "/nix"
+          nix.default
-          "/core/security.nix"
+          core.security
-          "/services"
+          services.default
-          "/desktop"
         ])
       ];
     };

profiles/network/tailscale.nix

@@ -1,4 +1,8 @@
-{config, ...}: {
+{
+  self,
+  super,
+  root,
+}: {config, ...}: {
   services.tailscale = {
     enable = true;
     openFirewall = true;

profiles/secrets/default.nix

@@ -1,4 +1,4 @@
-{inputs, ...}: {
+_: {inputs, ...}: {
   imports = [
     inputs.sops-nix.nixosModules.sops
     ./global

profiles/secrets/hopper/default.nix

@@ -1,5 +1,5 @@
 ## TODO use defaultSopsFile mayb
-{config, ...}: let
+_: {config, ...}: let
   autheliaUser = config.services.authelia.instances.main.user;
 in {
   sops.secrets = {