Live: Improve the module.

Makefile

@@ -56,9 +56,14 @@ install-hm:
 installer:
 	nix build -o installer $(options) $(flake)#nixosConfigurations.installer.config.system.build.isoImage
 
+.PHONY: isolation
+isolation:
+	nix build -o isolation $(options) $(flake)#nixosConfigurations.isolation.config.system.build.isoImage
+
 .PHONY: live
 live:
-	nix build -o installer $(options) $(flake)#nixosConfigurations.live.config.system.build.isoImage
+	nix build -o iso/live $(options) $(flake)#nixosConfigurations.live.config.system.build.isoImage
+
 no-nixconf:
 	mv /etc/nix/nix.conf /etc/nix/nix.conf_ || true
 
@@ -67,8 +72,7 @@ reboot: boot
 
 .PHONY: recovery
 recovery:
-	nix build -o installer $(options) $(flake)#nixosConfigurations.recovery.config.system.build.isoImage
-
+	nix build -o recovery $(options) $(flake)#nixosConfigurations.recovery.config.system.build.isoImage
 
 show:
 	nix flake show
@@ -79,7 +83,6 @@ switch:
 update:
 	nix flake update
 
-# NOTE: Run `housekeep` target to fix git fsck issues.
 verify: housekeep
 	git verify-commit HEAD
 	git fsck

config/Live.nix

@@ -0,0 +1,15 @@
+{ config, lib, ... }:
+let
+  cfg = config.module.live;
+in
+{
+  config = lib.mkIf cfg.enable {
+    services.rogue.enable = true;
+    services.mingetty = {
+      autologinUser = "live";
+      helpLine = ''
+        Welcome! Both live and root users have password "live". Enjoy!
+      '';
+    };
+  };
+}

home/NixOs.nix

@@ -12,12 +12,15 @@ let
   env = import ./env args;
   file = import ./file args;
   program = import ./program args;
+  purpose = config.module.purpose;
 in
 {
   imports = (util.ls <user>);
 
   options.home.nixos = {
-    enable = lib.mkEnableOption "the NixOS user setup.";
+    enable = lib.mkEnableOption "the NixOS user setup." // {
+      default = with purpose; desktop || laptop || live || server;
+    };
     users = lib.mkOption {
       default = [ ];
       type = with lib.types; listOf attrs;

host/x86_64-linux/dasha/default.nix

@@ -1,10 +1,6 @@
 { ... }:
 {
-  home.nixos.enable = true;
-  user = {
-    dasha = true;
-    root = true;
-  };
+  user.dasha = true;
 
   module = {
     amd.gpu.enable = true;

host/x86_64-linux/desktop/default.nix

@@ -1,10 +1,6 @@
 { ... }:
 {
-  home.nixos.enable = true;
-  user = {
-    root = true;
-    voronind = true;
-  };
+  user.voronind = true;
 
   module = {
     builder.client.enable = true;

host/x86_64-linux/home/default.nix

@@ -1,10 +1,6 @@
 { ... }:
 {
-  home.nixos.enable = true;
-  user = {
-    root = true;
-    voronind = true;
-  };
+  user.voronind = true;
 
   module = {
     builder.server.enable = true;

host/x86_64-linux/installer/default.nix

@@ -1,10 +1,16 @@
-{ inputs, lib, pkgs, ... }:
+{
+  inputs,
+  lib,
+  pkgs,
+  ...
+}:
 {
   imports = [
     "${inputs.nixpkgs}/nixos/modules/installer/cd-dvd/channel.nix"
     "${inputs.nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix"
   ];
 
+  # Required for live iso.
   networking.wireless.enable = lib.mkForce false;
 
   # Override my settings to allow SSH logins using root password.
@@ -14,20 +20,13 @@
   };
 
   # Needed by installer smh.
+  # TODO: Find out what it downloads.
   environment.systemPackages = with pkgs; [
     # tor-browser # NOTE: ???
     ghc
   ];
 
-  # Root user setup.
-  home.nixos.enable = true;
-  user.root = true;
-
   module = {
-    keyd.enable = true;
     package.all = true;
-    purpose = {
-      live = true;
-    };
   };
 }

host/x86_64-linux/live/default.nix

@@ -2,18 +2,12 @@
 {
   imports = [ "${inputs.nixpkgs}/nixos/modules/installer/cd-dvd/iso-image.nix" ];
 
-  # Root user setup.
-  home.nixos.enable = true;
-  user.root = true;
-
   module = {
-    keyd.enable = true;
     purpose = {
       live = true;
     };
     package = {
       common = true;
-      core = true;
       desktop = true;
     };
   };

host/x86_64-linux/max/default.nix

@@ -1,16 +1,14 @@
 # SEE: https://github.com/Sabrina-Fox/WM2-Help
 { __findFile, pkgs, ... }:
 {
-  home.nixos.enable = true;
-  user = {
-    root = true;
-    voronind = true;
-  };
+  user.voronind = true;
 
   module = {
     builder.client.enable = true;
+    display.primary = "eDP-1";
     package.all = true;
     print.enable = true;
+    sway.extraConfig = [ "output eDP-1 scale 1.75" ];
     syncthing.enable = true;
     purpose = {
       creative = true;
@@ -18,10 +16,6 @@
       laptop = true;
       work = true;
     };
-    display = {
-      primary = "eDP-1";
-    };
-    sway.extraConfig = [ "output eDP-1 scale 1.75" ];
     hwmon = {
       file = "temp1_input";
       path = "/sys/devices/pci0000:00/0000:00:18.3/hwmon";

host/x86_64-linux/msi/default.nix

@@ -1,9 +1,7 @@
 { ... }:
 {
-  home.nixos.enable = true;
   user = {
     dasha = true;
-    root = true;
     voronind = true;
   };
 
@@ -24,11 +22,11 @@
     };
     amd = {
       compute.enable = true;
+      gpu.enable = true;
       cpu = {
         enable = true;
         powersave = true;
       };
-      gpu.enable = true;
     };
   };
 }

host/x86_64-linux/recovery/default.nix

@@ -2,12 +2,7 @@
 {
   imports = [ "${inputs.nixpkgs}/nixos/modules/installer/cd-dvd/iso-image.nix" ];
 
-  # Root user setup.
-  home.nixos.enable = true;
-  user.root = true;
-
   module = {
-    keyd.enable = true;
     purpose = {
       live = true;
     };

host/x86_64-linux/thinkbook/default.nix

@@ -1,10 +1,6 @@
 { ... }:
 {
-  home.nixos.enable = true;
-  user = {
-    root = true;
-    voronind = true;
-  };
+  user.voronind = true;
 
   module = {
     builder.client.enable = true;

host/x86_64-linux/thinkpad/default.nix

@@ -1,19 +1,17 @@
 { ... }:
 {
-  home.nixos.enable = true;
   user = {
     dasha = true;
-    root = true;
     voronind = true;
   };
 
   module = {
+    builder.client.enable = true;
     display.primary = "eDP-1";
-    package.extra = true;
+    package.all = true;
+    powerlimit.thinkpad.enable = true;
     print.enable = true;
     syncthing.enable = true;
-    builder.client.enable = true;
-    powerlimit.thinkpad.enable = true;
     purpose = {
       creative = true;
       disown = true;

option/Keyd.nix

@@ -4,6 +4,6 @@ let
 in
 {
   options.module.keyd.enable = lib.mkEnableOption "the keyboard remaps." // {
-    default = with purpose; desktop || laptop;
+    default = with purpose; desktop || laptop || live || server;
   };
 }

option/Live.nix

@@ -0,0 +1,9 @@
+{ config, lib, ... }:
+let
+  purpose = config.module.purpose;
+in
+{
+  options.module.live.enable = lib.mkEnableOption "the live modules." // {
+    default = purpose.live;
+  };
+}

secret/default.nix

@@ -1,7 +1,13 @@
 { ... }:
 {
   # Password used for root user.
-  hashedPassword = "$y$j9T$oqCB16i5E2t1t/HAWaFd5.$tTaHtAcifXaDVpTcRv.yH2/eWKxKE9xM8KcqXHfHrD7"; # Use `mkpasswd -s`.
+  # Use `mkpasswd -s`.
+  password = {
+    dasha = "$y$j9T$WGMPv/bRhGBUidcZLZ7CE/$raZhwFFdI/XvegVZVHLILJLMiBkOxSErc6gao/Cxt33";
+    live = "$y$j9T$nPMHO52xsFp6ZShidRwVC1$2w9BWmGsCkopKx3L3QLXOnJNCNwtwTOlQ/BzQJEerp0"; # "live".
+    root = "$y$j9T$oqCB16i5E2t1t/HAWaFd5.$tTaHtAcifXaDVpTcRv.yH2/eWKxKE9xM8KcqXHfHrD7";
+    voronind = "$y$j9T$e/mHHkIIAXc0HuQdR3PE6/$Jbh6gJgd0M/s6zCqnsB284a9tlRdLclZSaaSKurIJjB";
+  };
 
   ssh = {
     # Keys that are allowed to connect via SSH.
@@ -15,11 +21,11 @@
     buildKeys = [
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIENY0NICXvlTOSZEwivRHEGO1PUzgsmoHwf+zqS7WsGV root@max"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEuuw5ek5wGB9KdBhCTxjV+CBpPU6RIOynHkFYC4dau3 root@dasha"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFHBAqquW9mzssSY22XBXvtAsa19WtIgM5xQ+mXZX6W9 root@thinkbook"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFgiYKFkMfiGOZCZIk+O7LtaoF6A3cHEFCqaPwXOM4rR root@thinkpad"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGIf192IxsksM6u8UY+eqpHopebgV+NNq2G03ssdXIgz root@desktop"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJSWdbkYsRiDlKu8iT/k+JN4KY08iX9qh4VyqxlpEZcE root@home"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOaoyC/grc3SfO5blKWRUwW+dLlcfyvuvWjymprfIeqN root@msi"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFHBAqquW9mzssSY22XBXvtAsa19WtIgM5xQ+mXZX6W9 root@thinkbook"
     ];
   };
 

user/Dasha.nix

@@ -2,6 +2,7 @@
   config,
   lib,
   pkgs,
+  secret,
   ...
 }:
 let
@@ -21,7 +22,7 @@ in
     users.users.dasha = {
       createHome = true;
       description = "Daria Dranchak";
-      hashedPassword = "$y$j9T$WGMPv/bRhGBUidcZLZ7CE/$raZhwFFdI/XvegVZVHLILJLMiBkOxSErc6gao/Cxt33";
+      hashedPassword = secret.password.dasha;
       isNormalUser = true;
       uid = 1001;
       extraGroups = [

user/Live.nix

@@ -0,0 +1,35 @@
+{
+  config,
+  lib,
+  secret,
+  ...
+}:
+let
+  cfg = config.user;
+in
+{
+  options.user.live = lib.mkEnableOption "live user.";
+
+  config = lib.mkIf cfg.live {
+    home.nixos.users = [
+      {
+        homeDirectory = "/home/live";
+        username = "live";
+      }
+    ];
+    users.users.live = {
+      createHome = true;
+      description = "Live User";
+      hashedPassword = secret.password.live;
+      isNormalUser = true;
+      uid = 1022;
+      extraGroups = [
+        "input"
+        "keyd"
+        "libvirtd"
+        "networkmanager"
+        "video"
+      ];
+    };
+  };
+}

user/Root.nix

@@ -6,12 +6,16 @@
 }:
 let
   cfg = config.user;
+  purpose = config.module.purpose;
 in
 {
-  options.user.root = lib.mkEnableOption "root.";
+  options.user.root = lib.mkEnableOption "root." // {
+    default = with purpose; desktop || laptop || live || server;
+  };
 
   config = lib.mkIf cfg.root {
-    users.users.root.hashedPassword = secret.hashedPassword;
+    users.users.root.hashedPassword =
+      if purpose.live then secret.password.live else secret.password.root;
     home.nixos.users = [
       {
         homeDirectory = "/root";

user/Voronind.nix

@@ -20,7 +20,7 @@ in
     users.users.voronind = {
       createHome = true;
       description = "Dmitry Voronin";
-      hashedPassword = secret.hashedPassword;
+      hashedPassword = secret.password.voronind;
       isNormalUser = true;
       uid = 1000;
       extraGroups = [