rearrange common nix config, add optimising and garbage collecting

hosts/nixos/default.nix

@@ -5,47 +5,71 @@
   inputs,
   ...
 }: {
-
   imports = [
     inputs.autoaspm.nixosModules.default
   ];
 
+  # set timezone
+  time.timeZone = "America/Chicago";
+
+  nix = {
+    # garbage collect & remove builds older then 14 days
+    gc = {
+      automatic = true;
+      dates = "daily";
+      options = "--delete-older-than 14d";
+      persistent = true;
+    };
+    # optimise nix store, dedupe and such
+    optimise = {
+      automatic = true;
+      dates = [ "daily" ];
+    };
+    # the goats
+    settings.experimental-features = lib.mkDefault [
+      "nix-command"
+      "flakes"
+    ];
+  };
+
+  # allow proprietary packages
+  nixpkgs = {
+    config = {
+      allowUnfree = true;
+      allowUnfreePredicate = _: true;
+    };
+  };
+
+  # power management
+  services.autoaspm.enable = true;
+  powerManagement.powertop.enable = true;
+
+  # things are better this way
+  users.defaultUserShell = pkgs.zsh;
+
   # base system package install list
   environment.systemPackages = with pkgs; [
     wget
     curl
     dig
+    nmap
     rsync
+    iperf3
+    jq
     git
     age
-    fzf
-    cifs-utils
-    neofetch
-    usbutils
-    pciutils
-    python3
     vim
-    lf
+    ncdu
     btop
     powertop
-    dig
+    iotop
+    cifs-utils
+    usbutils
+    pciutils
+    lm_sensors
   ];
 
-  # set timezone
+  # nice to have passwordless sudo
-  time.timeZone = "America/Chicago";
-
-  # allow proprietary packages
-  nixpkgs.config.allowUnfree = true;
-
-  # power management
-  services.autoaspm.enable = true;
-  powerManagement.powertop.enable = true;
-
-  # enable flakes
-  nix.settings.experimental-features = ["nix-command" "flakes"];
-  users.defaultUserShell = pkgs.zsh;
-
-  # passwordless rebuild
   security.sudo = {
     extraRules = [
       {

hosts/nixos/yveltal/configuration.nix

@@ -1,8 +1,15 @@
-{ pkgs, config, lib, modulesPath, inputs, stable_pkgs, unstable_pkgs, ... }:
-
 {
-  imports =
+  pkgs,
-    [ # Include the results of the hardware scan.
+  config,
+  lib,
+  modulesPath,
+  inputs,
+  stable_pkgs,
+  unstable_pkgs,
+  ...
+}: {
+  imports = [
+    # Include the results of the hardware scan.
     (modulesPath + "/installer/scan/not-detected.nix")
     #./hardware-configuration.nix
     ../../nixos
@@ -11,10 +18,7 @@
     ../../../modules/system
   ];
 
-  home-manager.users.blake.imports = [
+  # home grown nixos modules
-  ../../../users/blake/hosts/yveltal.nix
-  ];
-
   system = {
     ssh.enable = true;
     sops.enable = true;
@@ -26,13 +30,11 @@
       vendor = "intel";
     };
   };
-
   desktop = {
     pipewire.enable = true;
     hypr.enable = true;
     greetd.enable = true;
   };
-
   gaming = {
     steam.enable = true;
     lutris.enable = true;
@@ -41,7 +43,13 @@
     mangohud.enable = true;
   };
 
+  # import home grown host specific home-manager modules
+  home-manager.users.blake.imports = [
+    ../../../users/blake/hosts/yveltal.nix
+  ];
+
   # fix power buttons
+  # move this to a laptops file at some point
   services.logind.settings.Login = {
     HandlePowerKey = "suspend-then-hibernate";
     HandleLidSwitch = "suspend-then-hibernate";
@@ -53,53 +61,47 @@
 
   # boot (systemd is growing on me)
   boot = {
-    kernelModules = [ "kvm-intel" ];
+    kernelModules = ["kvm-intel"];
-    extraModulePackages = [ ];
+    extraModulePackages = [];
     loader = {
       systemd-boot.enable = true; # systemd your pretty cool ya know
       efi.canTouchEfiVariables = true;
     };
     initrd = {
       systemd.enable = true; # better logging
-      availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage" "sd_mod" ];
+      availableKernelModules = ["xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage" "sd_mod"];
-      kernelModules = [ ];
+      kernelModules = [];
     };
   };
 
   # setup hostname and networking stack
-  services.resolved = {
-    enable = true;
-    fallbackDns = [ "1.1.1.1" "9.9.9.9" ];
-    dnsovertls = "opportunistic";
-  };
   networking = {
     hostName = "yveltal"; # hostname
     useDHCP = lib.mkDefault true;
     interfaces = {
       wlp0s20f3.useDHCP = lib.mkDefault true;
     };
+    firewall = {
+      enable = true;
+      allowedTCPPorts = [22];
+      allowedUDPPorts = [51820]; # wireguard
+    };
     networkmanager = {
       enable = true; # the goat
       dns = "systemd-resolved"; # the backup dancer!
     };
   };
+  services.resolved = {
+    enable = true;
+    fallbackDns = ["1.1.1.1" "9.9.9.9"];
+    dnsovertls = "opportunistic";
+  };
 
   hardware.bluetooth.enable = true;
 
-  # Open ports in the firewall.
-  networking.firewall.allowedTCPPorts = [
-    22
-  ];
-
-  networking.firewall.allowedUDPPorts = [ 51820 ];
-  # Or disable the firewall altogether.
-  networking.firewall.enable = true;
-
   system.stateVersion = "25.05"; # stays here :   )
 
-
   # hardware shit
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
   hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }
-

users/blake/dots/programs/_media-tools/default.nix

@@ -4,24 +4,36 @@
   config,
   ...
 }: let
-  cfg = config.dots.media_tools;
+  cfg = config.dots.media-tools;
 in {
   imports = [
+    ./mpv
+    ./nsxiv
+    ./obs
     ./gimp
-    ./krita
     ./audacity
+    ./krita
     ./kdenlive
   ];
-  options.dots.media_tools = {
+  options.dots.media-tools = {
     enable = lib.mkEnableOption "enables all programs by default";
   };
 
   config = lib.mkIf cfg.enable {
     dots = {
-      audacity.enable = lib.mkDefault true;
+      mpv.enable = lib.mkDefault true;
+      nsxiv.enable = lib.mkDefault true;
+      obs.enable = lib.mkDefault true;
       gimp.enable = lib.mkDefault true;
+      audacity.enable = lib.mkDefault true;
       krita.enable = lib.mkDefault true;
       kdenlive.enable = lib.mkDefault true;
     };
+
+    home.packages = with pkgs; [
+      mediainfo
+      ffmpeg_6
+      imagemagick
+    ];
   };
 }

users/blake/dots/programs/_media-tools/obs/default.nix

@@ -0,0 +1,23 @@
+{
+  pkgs,
+  lib,
+  config,
+  ...
+}: let
+  program = "obs";
+  cfg = config.dots.${program};
+in {
+  options.dots.${program} = {
+    enable = lib.mkEnableOption "enables ${program}";
+  };
+
+  config = lib.mkIf cfg.enable {
+
+    # enable with home-manager
+    programs.obs-studio = {
+      enable = true;
+      plugins = [];
+    };
+
+  };
+}

users/blake/dots/programs/default.nix

@@ -7,6 +7,9 @@
   cfg = config.dots.programs;
 in {
   imports = [
+    ./_media-tools
+    ./_browsers
+
     ./thunderbird
     ./libreoffice
     ./gnucash
@@ -14,13 +17,8 @@ in {
     ./bitwarden
     ./zathura
     ./discord
-    ./mpv
-    ./nsxiv
 
     ./slippi
-
-    ./media_tools
-    ./browsers
   ];
 
   options.dots.programs = {
@@ -29,21 +27,19 @@ in {
 
   config = lib.mkIf cfg.enable {
     dots = {
+      media-tools.enable = lib.mkDefault true;
+      browsers.enable = lib.mkDefault true;
+
       thunderbird.enable = lib.mkDefault true;
       libreoffice.enable = lib.mkDefault true;
       gnucash.enable = lib.mkDefault true;
       qalculate.enable = lib.mkDefault true;
       bitwarden.enable = lib.mkDefault true;
       discord.enable = lib.mkDefault true;
-
       zathura.enable = lib.mkDefault true;
-      mpv.enable = lib.mkDefault true;
-      nsxiv.enable = lib.mkDefault true;
 
       slippi.enable = lib.mkDefault true;
 
-      media_tools.enable = lib.mkDefault true;
-      browsers.enable = lib.mkDefault true;
     };
   };
 }

users/blake/home.nix

@@ -30,9 +30,7 @@ in
     stateVersion = "25.05";
     packages = with pkgs; [
       ripgrep
-      iperf3
       p7zip
-      imagemagick
       sops
       usbutils
     ];