Finally switch to flakes.

nixos/modules/base.nix

@@ -0,0 +1,106 @@
+# This is your system's configuration file.
+# Use this to configure your system environment (it replaces /etc/nixos/configuration.nix)
+{
+  inputs,
+  outputs,
+  lib,
+  config,
+  pkgs,
+  ...
+}: {
+  # You can import other NixOS modules here
+  imports = [
+    # My modules
+  ];
+
+  nixpkgs = {
+    # You can add overlays here
+    overlays = [
+      # Add overlays your own flake exports (from overlays and pkgs dir):
+      outputs.overlays.additions
+      outputs.overlays.modifications
+      outputs.overlays.unstable-packages
+    ];
+
+    # Configure your nixpkgs instance
+    config = {
+      allowUnfree = true;
+    };
+  };
+
+  # This will add each flake input as a registry
+  # To make nix commands consistent with your flake
+  nix.registry = (lib.mapAttrs (_: flake: {inherit flake;})) ((lib.filterAttrs (_: lib.isType "flake")) inputs);
+
+  # This will additionally add your inputs to the system's legacy channels
+  # Making legacy nix commands consistent as well, awesome!
+  nix.nixPath = ["/etc/nix/path"];
+  environment.etc =
+    lib.mapAttrs'
+    (name: value: {
+      name = "nix/path/${name}";
+      value.source = value.flake;
+    })
+    config.nix.registry;
+
+  # Enable flakes and garbage collection
+  nix = {
+    settings = {
+      # Enable flakes and new 'nix' command
+      experimental-features = "nix-command flakes";
+      # Deduplicate and optimize nix store
+      auto-optimise-store = true;
+    };
+    gc = {
+      automatic = true;
+      dates = "weekly";
+      options = "--delete-older-than 14d";
+    };
+  };
+
+  # Set timezone
+  time.timeZone = let
+    secrets = import ../common/secrets.nix;
+  in secrets.timeZone;
+
+  # Select internationalisation properties.
+  console = {
+    earlySetup = true;
+    font = "${pkgs.kbd}/share/consolefonts/Lat2-Terminus16.psfu.gz";
+    packages = with pkgs; [
+      terminus_font
+      kbd
+    ];
+    useXkbConfig = true;
+  };
+
+  # Enable git
+  programs.git = {
+    enable = true;
+    lfs.enable = true;
+  };
+
+  # Basic firewall settings
+  networking.nftables.enable = true;
+
+  # Enable the ZSH shell
+  programs.zsh.enable = true;
+
+  # Disable Nano
+  programs.nano.enable = false;
+
+  # Disable the HTML documentation link
+  documentation = {
+    nixos.enable = false;
+    info.enable = false;
+  };
+
+  # Allow binary firmware
+  hardware.enableRedistributableFirmware = true;
+
+  # Force Electron to use Wayland
+  environment.sessionVariables.NIXOS_OZONE_WL = "1";
+
+  # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
+  system.stateVersion = "24.05";
+}

nixos/modules/networking.nix

@@ -0,0 +1,17 @@
+{
+  # Networking settings
+  networking = {
+    # Choose networking method
+    wireless.enable = false;
+    dhcpcd.enable = true;
+
+    # Set hostnames
+    hosts = let
+      ips = import ../common/ips.nix;
+    in {
+      "${ips.server}" = ["server"];
+      "${ips.pc}" = ["pc"];
+      "${ips.vm}" = ["vm"];
+    };
+  };
+}

nixos/modules/security.nix

@@ -0,0 +1,18 @@
+{
+  # Enable AppArmor
+  security = {
+    sudo.enable = false;
+    doas = {
+      enable = true;
+      extraRules = [
+        # Give wheel root access, allow persistant session
+        {
+          groups = ["wheel"];
+          keepEnv = true;
+          persist = true;
+        }
+      ];
+    };
+    apparmor.enable = true;
+  };
+}