From f4890a5d7437303dab4d5324467dd64ca8e9d7ba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= <nikodem@rabulinski.com>
Date: Mon, 2 Oct 2023 19:30:31 +0200
Subject: [PATCH] Continue porting darwin, make settei module(s) more reusable
 by others.

---
 hosts/default.nix                       |  1 +
 modules/darwin/common/default.nix       |  3 +++
 modules/darwin/default.nix              |  1 +
 modules/darwin/settei/sane-defaults.nix |  2 --
 modules/flake/configurations.nix        |  6 +++---
 modules/nixos/common/default.nix        |  7 +++++++
 modules/nixos/settei/sane-defaults.nix  | 25 +++++++++++++++----------
 modules/shared/settei/sane-defaults.nix |  5 ++---
 8 files changed, 32 insertions(+), 18 deletions(-)
 create mode 100644 modules/darwin/common/default.nix

diff --git a/hosts/default.nix b/hosts/default.nix
index 6a325b4..f96dfb8 100644
--- a/hosts/default.nix
+++ b/hosts/default.nix
@@ -84,6 +84,7 @@
           inputs.home-manager.darwinModules.home-manager
           inputs.hercules-ci-agent.darwinModules.agent-service
           self.darwinModules.settei
+          self.darwinModules.common
           sharedOptions
           defaultOptions
           module
diff --git a/modules/darwin/common/default.nix b/modules/darwin/common/default.nix
new file mode 100644
index 0000000..9ec50c5
--- /dev/null
+++ b/modules/darwin/common/default.nix
@@ -0,0 +1,3 @@
+{
+  system.stateVersion = 4;
+}
diff --git a/modules/darwin/default.nix b/modules/darwin/default.nix
index aab4e64..d86d9c6 100644
--- a/modules/darwin/default.nix
+++ b/modules/darwin/default.nix
@@ -1,5 +1,6 @@
 {config, ...}: {
   flake.darwinModules = {
     settei = import ./settei {inherit (config) perInput;};
+    common = ./common;
   };
 }
diff --git a/modules/darwin/settei/sane-defaults.nix b/modules/darwin/settei/sane-defaults.nix
index b58d101..15132e8 100644
--- a/modules/darwin/settei/sane-defaults.nix
+++ b/modules/darwin/settei/sane-defaults.nix
@@ -11,7 +11,5 @@
     security.pam.enableSudoTouchIdAuth = true;
 
     users.users.${username}.home = "/Users/${username}";
-
-    system.stateVersion = 4;
   };
 }
diff --git a/modules/flake/configurations.nix b/modules/flake/configurations.nix
index 79bccba..d65c9fa 100644
--- a/modules/flake/configurations.nix
+++ b/modules/flake/configurations.nix
@@ -31,15 +31,15 @@ with lib; {
 
     configurations = {
       nixos = mkOption {
-        type = types.attrsOf types.deferredModule;
+        type = types.lazyAttrsOf types.deferredModule;
         default = {};
       };
       darwin = mkOption {
-        type = types.attrsOf types.deferredModule;
+        type = types.lazyAttrsOf types.deferredModule;
         default = {};
       };
       home = mkOption {
-        type = types.attrsOf types.deferredModule;
+        type = types.lazyAttrsOf types.deferredModule;
         default = {};
       };
     };
diff --git a/modules/nixos/common/default.nix b/modules/nixos/common/default.nix
index 3d41fec..0bac4c7 100644
--- a/modules/nixos/common/default.nix
+++ b/modules/nixos/common/default.nix
@@ -2,4 +2,11 @@
   imports = [
     ./hercules.nix
   ];
+
+  config = {
+    system.stateVersion = "22.05";
+
+    # https://github.com/NixOS/nixpkgs/issues/254807
+    boot.swraid.enable = false;
+  };
 }
diff --git a/modules/nixos/settei/sane-defaults.nix b/modules/nixos/settei/sane-defaults.nix
index 58904bc..0fe11e9 100644
--- a/modules/nixos/settei/sane-defaults.nix
+++ b/modules/nixos/settei/sane-defaults.nix
@@ -6,11 +6,9 @@
   ...
 } @ args: let
   cfg = config.settei.sane-defaults;
+  nmEnabled = config.networking.networkmanager.enable;
 in {
   config = lib.mkIf cfg.enable {
-    # https://github.com/NixOS/nixpkgs/issues/254807
-    boot.swraid.enable = false;
-
     hardware.enableRedistributableFirmware = true;
 
     services.openssh.enable = true;
@@ -24,12 +22,10 @@ in {
         group = username;
         extraGroups = ["wheel"];
         openssh.authorizedKeys.keys = let
-          filteredKeys = let
-            configName' =
-              args.configurationName
-              or (throw "pass configurationName to module arguments or set users.users.${username}.openssh.authorizedKeys yourself");
-          in
-            lib.filterAttrs (name: _: name != configName') cfg.allSshKeys;
+          configName' =
+            args.configurationName
+            or (throw "pass configurationName to module arguments or set users.users.${username}.openssh.authorizedKeys yourself");
+          filteredKeys = lib.filterAttrs (name: _: name != configName') cfg.allSshKeys;
         in
           lib.mkDefault (lib.attrValues filteredKeys);
       };
@@ -40,6 +36,15 @@ in {
     #       be able to use sudo with no password
     security.sudo.wheelNeedsPassword = false;
 
-    system.stateVersion = "22.05";
+    # When NetworkManager isn't in use, add tailscale DNS address manually
+    networking.nameservers = lib.mkIf (!nmEnabled && config.services.tailscale.enable) [
+      "100.100.100.100"
+      "1.1.1.1"
+      "1.0.0.1"
+    ];
+    # NetworkManager probably means desktop system so we don't want to slow down boot times
+    systemd.services = lib.mkIf nmEnabled {
+      NetworkManager-wait-online.enable = false;
+    };
   };
 }
diff --git a/modules/shared/settei/sane-defaults.nix b/modules/shared/settei/sane-defaults.nix
index 0140d5b..689aa73 100644
--- a/modules/shared/settei/sane-defaults.nix
+++ b/modules/shared/settei/sane-defaults.nix
@@ -1,6 +1,5 @@
-# This module is supposed to be a reusable set of options you probably would want to set anyway
-#
-# Other default options which don't necessairly make sense for other people go into hosts/default.nix
+# This module is supposed to be a reusable set of options you probably would want to set anyway.
+# For options specific to nixos or darwin go to modules/{nixos,darwin}/settei/sane-defaults.nix
 {
   config,
   pkgs,