flake.nix

@@ -125,6 +125,9 @@
           inherit specialArgs;
           modules = common_modules ++ [
             ./hosts/monolith
+            ./system/monolith-gitlab-runner.nix
+            ./system/monolith-forgejo-runner.nix
+            ./system/nix-serve.nix
           ];
         };
         double-rainbow = lib.nixosSystem {

hosts/monolith/default.nix

@@ -27,8 +27,6 @@ in
     ./factorio-server.nix
     ./nebula-vpn.nix
     ./minio.nix
-    ./monolith-forgejo-runner.nix
-    ./monolith-gitlab-runner.nix
   ];
   boot.initrd.availableKernelModules = [
     "nvme"

system/gnome.nix

@@ -8,9 +8,10 @@
   options.my.gnome.enable = lib.mkEnableOption { };
 
   config = lib.mkIf config.my.gnome.enable {
-    services.xserver.enable = true;
+    services.xserver = {
-    services.displayManager.gdm.enable = true;
+      enable = true;
-    services.desktopManager.gnome = {
+      displayManager.gdm.enable = true;
+      desktopManager.gnome = {
         enable = true;
         # Enable VRR (Variable Refresh Rate)
         extraGSettingsOverridePackages = with pkgs; [ mutter ];
@@ -19,6 +20,7 @@
           experimental-features=['variable-refresh-rate', 'scale-monitor-framebuffer']
         '';
       };
+    };
 
     # Workaround for https://github.com/NixOS/nixpkgs/issues/103746
     systemd.services."getty@tty1".enable = false;

system/kde.nix

@@ -11,8 +11,8 @@
     # Enable the X11 windowing system.
     services.xserver.enable = true;
     # Enable the KDE Desktop Environment.
-    services.displayManager.sddm.enable = true;
+    services.xserver.displayManager.sddm.enable = true;
-    services.desktopManager.plasma6.enable = true;
+    services.xserver.desktopManager.plasma5.enable = true;
     # services.xserver.displayManager.autologin.user = "lelgenio";
     programs.dconf.enable = true;
   };

system/monolith-gitlab-runner.nix

@@ -5,10 +5,7 @@
   ...
 }:
 let
-  inherit (pkgs.callPackage ../../system/gitlab-runner.nix { inherit inputs; })
+  inherit (pkgs.callPackage ./gitlab-runner.nix { inherit inputs; }) mkNixRunner mkNixRunnerFull;
-    mkNixRunner
-    mkNixRunnerFull
-    ;
 in
 {
   boot.kernel.sysctl."net.ipv4.ip_forward" = true;
@@ -41,11 +38,23 @@ in
   systemd.services.gitlab-runner.serviceConfig.Nice = 10;
 
   sops.secrets = {
-    "gitlab-runners/thoreb-telemetria-nix" = { };
+    "gitlab-runners/thoreb-telemetria-nix" = {
-    "gitlab-runners/thoreb-itinerario-nix" = { };
+      sopsFile = ../secrets/monolith/default.yaml;
-    "gitlab-runners/docker-images-token" = { };
+    };
-    "gitlab-runners/wopus-gitlab-nix" = { };
+    "gitlab-runners/thoreb-itinerario-nix" = {
-    "gitlab-runners/wopus-ssh-nix-cache-pk" = { };
+      sopsFile = ../secrets/monolith/default.yaml;
-    "gitlab-runners/wopus-ssh-nix-cache-pub" = { };
+    };
+    "gitlab-runners/docker-images-token" = {
+      sopsFile = ../secrets/monolith/default.yaml;
+    };
+    "gitlab-runners/wopus-gitlab-nix" = {
+      sopsFile = ../secrets/monolith/default.yaml;
+    };
+    "gitlab-runners/wopus-ssh-nix-cache-pk" = {
+      sopsFile = ../secrets/monolith/default.yaml;
+    };
+    "gitlab-runners/wopus-ssh-nix-cache-pub" = {
+      sopsFile = ../secrets/monolith/default.yaml;
+    };
   };
 }

system/nix-serve.nix

@@ -0,0 +1,14 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+{
+  services.nix-serve = {
+    enable = true;
+    secretKeyFile = config.sops.secrets."nix-serve/private-key".path;
+  };
+
+  sops.secrets."nix-serve/private-key" = { };
+}

user/variables.nix

@@ -115,7 +115,7 @@ rec {
   };
 
   dmenu = "bmenu";
-  desktop = "gnome";
+  desktop = "sway";
   browser = "firefox-devedition";
   editor = "kakoune";
 }