refactor: derive host name solely from host directory name

flake.nix

@@ -76,7 +76,10 @@
           nixpkgs.lib.nixosSystem {
             modules = [
               ./hosts/${host}
-              { nixpkgs.hostPlatform = (myUtils.hostMeta ./hosts/${host}).system; }
+              {
+                nixpkgs.hostPlatform = (myUtils.hostMeta ./hosts/${host}).system;
+                host.name = host;
+              }
             ];
             specialArgs = {
               inherit

hosts/andromache/default.nix

@@ -51,9 +51,7 @@ in
     ../../modules/yubikey
   ];
 
-  home-manager.users.${config.host.username} = import ../../home/hosts/andromache;
+  home-manager.users.${config.host.username} = import ../../home/hosts/${config.host.name};
-
-  ssh.authorizedHosts = [ "astyanax" ];
 
   secrets.nixSigningKey.enable = true;
 

hosts/andromache/host.nix

@@ -1,7 +1,7 @@
 {
   host = {
     username = "h";
-    name = "andromache";
     highRam = true;
+    admin = true;
   };
 }

hosts/astyanax/default.nix

@@ -47,9 +47,7 @@ in
     ../../modules/yubikey
   ];
 
-  home-manager.users.${config.host.username} = import ../../home/hosts/astyanax;
+  home-manager.users.${config.host.username} = import ../../home/hosts/${config.host.name};
-
-  ssh.authorizedHosts = [ "andromache" ];
 
   secrets.nixSigningKey.enable = true;
 

hosts/astyanax/host.nix

@@ -1,7 +1,7 @@
 {
   host = {
     username = "h";
-    name = "astyanax";
     highRam = true;
+    admin = true;
   };
 }

hosts/eetion-02/default.nix

@@ -11,13 +11,6 @@
     ../../modules/ssh
   ];
 
-  ssh = {
-    authorizedHosts = [
-      "andromache"
-      "astyanax"
-    ];
-  };
-
   boot = {
     kernelParams = [
       "console=ttyS1,115200n8"

hosts/eetion-02/host.nix

@@ -1,6 +1,5 @@
 {
   host = {
     username = "h";
-    name = "eetion-02";
   };
 }

hosts/eetion/default.nix

@@ -15,13 +15,6 @@
 
   tailscale.enable = true;
 
-  ssh = {
-    authorizedHosts = [
-      "andromache"
-      "astyanax"
-    ];
-  };
-
   boot.loader = {
     grub.enable = false;
     generic-extlinux-compatible.enable = true;

hosts/eetion/host.nix

@@ -1,6 +1,5 @@
 {
   host = {
     username = "h";
-    name = "eetion";
   };
 }

hosts/hecuba/default.nix

@@ -18,13 +18,6 @@
   ];
 
   networking.hostName = config.host.name;
-  ssh = {
-    authorizedHosts = [
-      "andromache"
-      "astyanax"
-    ];
-  };
-
   docker.enable = true;
 
   fileSystems."/" = {

hosts/hecuba/host.nix

@@ -1,6 +1,5 @@
 {
   host = {
     username = "username";
-    name = "hecuba";
   };
 }

hosts/vm/host.nix

@@ -1,6 +1,5 @@
 {
   host = {
     username = "h";
-    name = "vm";
   };
 }

images/sd-image-orange-pi-aarch64.nix

@@ -21,11 +21,6 @@ in
     name = "orange-pi";
   };
 
-  ssh.authorizedHosts = [
-    "andromache"
-    "astyanax"
-  ];
-
   nix.settings.experimental-features = [
     "nix-command"
     "flakes"

images/sd-image-raspberry-pi-aarch64.nix

@@ -21,11 +21,6 @@ in
     name = "raspberry-pi";
   };
 
-  ssh.authorizedHosts = [
-    "andromache"
-    "astyanax"
-  ];
-
   boot.kernelParams = [
     "console=ttyS1,115200n8"
   ];

modules/common/host.nix

@@ -24,5 +24,10 @@
       type = lib.types.bool;
       default = false;
     };
+
+    admin = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+    };
   };
 }

modules/desktops/niri/default.nix

@@ -37,6 +37,20 @@ in
       ];
     };
 
+    #  error:
+    #  Failed assertions:
+    #  - h profile: xdg.portal: since you installed Home Manager via its NixOS module and
+    #  'home-manager.useUserPackages' is enabled, you need to add
+    #
+    #  environment.pathsToLink = [ `/share/applications` `/share/xdg-desktop-portal` ];
+    #
+    #  to your NixOS configuration so that the portal definitions and DE
+    #  provided configurations get linked.
+    environment.pathsToLink = [
+      "/share/applications"
+      "/share/xdg-desktop-portal"
+    ];
+
     services = {
       gnome.gnome-keyring.enable = false;
       dbus.enable = true;

modules/ssh/authorized-keys.nix

@@ -1,7 +1,12 @@
-{ lib, config, ... }:
+{
+  lib,
+  config,
+  ...
+}:
 
 let
   inherit (config.host) username;
+  adminHosts = (import ../../utils { inherit lib; }).adminHosts ../../hosts;
 in
 {
   options.ssh = {
@@ -19,6 +24,6 @@ in
         keyFile = ../../hosts/${hostname}/ssh_user.pub;
       in
       lib.optionals (builtins.pathExists keyFile) (lib.splitString "\n" (builtins.readFile keyFile))
-    ) config.ssh.authorizedHosts
+    ) ((builtins.filter (h: h != config.host.name) adminHosts) ++ config.ssh.authorizedHosts)
   );
 }

utils/default.nix

@@ -1,12 +1,8 @@
 { lib }:
 
 let
-  hosts = import ./hosts.nix;
+  fs = import ./fs.nix { inherit lib; };
+  hosts = import ./hosts.nix { inherit lib; };
   secrets = import ./secrets.nix { inherit lib; };
 in
-{
+fs // hosts // secrets
-  dirNames =
-    path: builtins.attrNames (lib.filterAttrs (_: type: type == "directory") (builtins.readDir path));
-}
-// hosts
-// secrets

utils/fs.nix

@@ -0,0 +1,6 @@
+{ lib }:
+
+{
+  dirNames =
+    path: builtins.attrNames (lib.filterAttrs (_: t: t == "directory") (builtins.readDir path));
+}

utils/hosts.nix

@@ -1,3 +1,8 @@
+{ lib }:
+
+let
+  fs = import ./fs.nix { inherit lib; };
+in
 {
   hostMeta =
     hostDir:
@@ -5,4 +10,10 @@
       import (hostDir + "/meta.nix")
     else
       throw "meta.nix required in ${hostDir}";
+
+  adminHosts =
+    hostsPath:
+    builtins.filter (host: ((import (hostsPath + "/${host}/host.nix")).host.admin or false)) (
+      fs.dirNames hostsPath
+    );
 }