From eb43deac444ce633cef91fcbe6126d3eefddc218 Mon Sep 17 00:00:00 2001
From: Henry-Hiles <henry@henryhiles.com>
Date: Sat, 18 Oct 2025 13:55:25 -0400
Subject: [PATCH] refactors

---
 clients/nova/{flori.nix => ava.nix}           |  4 +-
 clients/nova/hardware-configuration.nix       | 39 +++++++++--
 .../quadraticpc/hardware-configuration.nix    | 64 ++++++-------------
 clients/quadtop/hardware-configuration.nix    | 46 ++++---------
 modules/common/not-detected.nix               |  6 ++
 modules/server/trusted.nix                    |  2 +-
 6 files changed, 75 insertions(+), 86 deletions(-)
 rename clients/nova/{flori.nix => ava.nix} (89%)
 create mode 100644 modules/common/not-detected.nix

diff --git a/clients/nova/flori.nix b/clients/nova/ava.nix
similarity index 89%
rename from clients/nova/flori.nix
rename to clients/nova/ava.nix
index d4ebc2a..bfbc569 100644
--- a/clients/nova/flori.nix
+++ b/clients/nova/ava.nix
@@ -2,14 +2,14 @@
 {
   users = {
     mutableUsers = lib.mkForce true;
-    users.flori = {
+    users.ava = {
       isNormalUser = true;
       openssh.authorizedKeys.keys = [
         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcXzWUeVwJN7iPxMT/1lhJySY4t6Z2/fH/GHVuzQFr6 cardno:32_241_564"
         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBnstd9HyyIjfXWfGymWDcRlK9nZuqgTIcueiqPUDaQ star@starforge"
       ];
       hashedPasswordFile = config.age.secrets."initialFloriPassword.age".path;
-      description = "Flori";
+      description = "Flori Ava Star";
       extraGroups = [ "wheel" ];
     };
   };
diff --git a/clients/nova/hardware-configuration.nix b/clients/nova/hardware-configuration.nix
index 89720d2..4064169 100644
--- a/clients/nova/hardware-configuration.nix
+++ b/clients/nova/hardware-configuration.nix
@@ -1,7 +1,38 @@
+{ modulesPath, ... }:
 {
-  boot.kernelParams = [ "ip=dhcp" ];
-  boot.initrd.availableKernelModules = [
-    "virtio_pci"
-    "virtio_net"
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+
+  boot = {
+    initrd.luks.devices."luks-ef228969-52cc-4238-b90f-9d97d625bba6".device =
+      "/dev/disk/by-uuid/ef228969-52cc-4238-b90f-9d97d625bba6";
+    kernelParams = [ "ip=dhcp" ];
+    initrd.availableKernelModules = [
+      "sr_mod"
+      "ata_piix"
+      "uhci_hcd"
+      "virtio_pci"
+      "virtio_net"
+      "virtio_blk"
+    ];
+  };
+
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-uuid/3c343e41-ca80-413f-a48c-af513bb28f5c";
+      fsType = "btrfs";
+      options = [ "subvol=@" ];
+    };
+    "/boot" = {
+      device = "/dev/disk/by-uuid/9300-4D1C";
+      fsType = "vfat";
+      options = [
+        "fmask=0077"
+        "dmask=0077"
+      ];
+    };
+  };
+
+  swapDevices = [
+    { device = "/dev/disk/by-uuid/c0c9de6f-9990-4346-b774-5f315b5ea115"; }
   ];
 }
diff --git a/clients/quadraticpc/hardware-configuration.nix b/clients/quadraticpc/hardware-configuration.nix
index 2422470..c27e66a 100644
--- a/clients/quadraticpc/hardware-configuration.nix
+++ b/clients/quadraticpc/hardware-configuration.nix
@@ -1,50 +1,26 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
 {
-  config,
-  lib,
-  pkgs,
-  modulesPath,
-  ...
-}:
-{
-  imports = [
-    (modulesPath + "/installer/scan/not-detected.nix")
-  ];
-
-  boot.initrd.availableKernelModules = [
-    "nvme"
-    "xhci_pci"
-    "ahci"
-    "usb_storage"
-    "usbhid"
-    "sd_mod"
-  ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-amd" ];
-  boot.extraModulePackages = [ ];
-
-  fileSystems."/" = {
-    device = "/dev/disk/by-uuid/7d01741d-d58f-49d4-b3a2-4d37d953873d";
-    fsType = "ext4";
+  boot = {
+    kernelModules = [ "kvm-amd" ];
+    initrd.availableKernelModules = [
+      "nvme"
+      "xhci_pci"
+      "ahci"
+      "usb_storage"
+      "usbhid"
+      "sd_mod"
+    ];
   };
 
-  fileSystems."/boot" = {
-    device = "/dev/disk/by-uuid/E841-063C";
-    fsType = "vfat";
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-uuid/7d01741d-d58f-49d4-b3a2-4d37d953873d";
+      fsType = "ext4";
+    };
+    "/boot" = {
+      device = "/dev/disk/by-uuid/E841-063C";
+      fsType = "vfat";
+    };
   };
 
-  swapDevices = [ ];
-
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp14s0.useDHCP = lib.mkDefault true;
-  # networking.interfaces.wlp15s0.useDHCP = lib.mkDefault true;
-
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+  hardware.cpu.amd.updateMicrocode = true;
 }
diff --git a/clients/quadtop/hardware-configuration.nix b/clients/quadtop/hardware-configuration.nix
index d78365d..f792490 100755
--- a/clients/quadtop/hardware-configuration.nix
+++ b/clients/quadtop/hardware-configuration.nix
@@ -1,18 +1,4 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
 {
-  config,
-  lib,
-  pkgs,
-  modulesPath,
-  ...
-}:
-{
-  imports = [
-    (modulesPath + "/installer/scan/not-detected.nix")
-  ];
-
   boot = {
     initrd = {
       availableKernelModules = [
@@ -29,27 +15,17 @@
     extraModulePackages = [ ];
   };
 
-  fileSystems."/" = {
-    device = "/dev/disk/by-uuid/f4b1301b-c329-4c3c-9f3a-5584bc22d0c1";
-    fsType = "ext4";
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-uuid/f4b1301b-c329-4c3c-9f3a-5584bc22d0c1";
+      fsType = "ext4";
+    };
+    "/boot" = {
+      device = "/dev/disk/by-uuid/3B50-5881";
+      fsType = "vfat";
+    };
   };
 
-  fileSystems."/boot" = {
-    device = "/dev/disk/by-uuid/3B50-5881";
-    fsType = "vfat";
-  };
-
-  swapDevices = [ ];
-
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
-  # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
-
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+  powerManagement.cpuFreqGovernor = "powersave";
+  hardware.cpu.intel.updateMicrocode = true;
 }
diff --git a/modules/common/not-detected.nix b/modules/common/not-detected.nix
new file mode 100644
index 0000000..b82cf79
--- /dev/null
+++ b/modules/common/not-detected.nix
@@ -0,0 +1,6 @@
+{ modulesPath, ... }:
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+}
diff --git a/modules/server/trusted.nix b/modules/server/trusted.nix
index 61244bc..451d25f 100644
--- a/modules/server/trusted.nix
+++ b/modules/server/trusted.nix
@@ -1 +1 @@
-{ nix.settings.trusted-users = [ "quadradical" ]; }
+{ nix.settings.trusted-users = [ "@wheel" ]; }