chore: migrate disk host

hosts/disk/default.nix

@@ -0,0 +1,66 @@
+lib: lib.nixosSystem ({ config, keys, lib, ... }: let
+  inherit (lib) collectNix remove;
+in {
+  imports = collectNix ./. |> remove ./default.nix;
+
+  secrets.id.file           = ./id.age;
+  services.openssh.hostKeys = [{
+    type = "ed25519";
+    path = config.secrets.id.path;
+  }];
+
+  secrets.floppyPassword.file = ./password.floppy.age;
+  users.users                 = {
+    root.hashedPasswordFile = config.secrets.floppyPassword.path;
+
+    floppy = {
+      description                 = "Floppy";
+      openssh.authorizedKeys.keys = keys.admins;
+      hashedPasswordFile          = config.secrets.floppyPassword.path;
+      isNormalUser                = true;
+      extraGroups                 = [ "wheel" ];
+    };
+
+    backup = {
+      description                 = "Backup";
+      openssh.authorizedKeys.keys = keys.all;
+      hashedPasswordFile          = config.secrets.floppyPassword.path;
+      isNormalUser                = true;
+    };
+  };
+
+  home-manager.users = {
+    root   = {};
+    floppy = {};
+    backup = {};
+  };
+
+  networking = let
+    interface = "ens32";
+  in {
+    hostName = "disk";
+
+    ipv4 = "23.164.232.40";
+    ipv6 = "2602:f9f7::40";
+
+    domain = "rgbcu.be";
+
+    defaultGateway = {
+      inherit interface;
+
+      address = "23.164.232.1";
+    };
+
+    defaultGateway6 = {
+      inherit interface;
+
+      address = "2602:f9f7::1";
+    };
+  };
+
+  nixpkgs.hostPlatform       = "x86_64-linux";
+  system.stateVersion        = "23.11";
+  home-manager.sharedModules = [{
+    home.stateVersion = "23.11";
+  }];
+})

hosts/disk/hardware.nix

@@ -0,0 +1,36 @@
+{ config, lib, modulesPath, ... }: let
+  inherit (lib) enabled;
+in {
+  imports = [(modulesPath + "/profiles/qemu-guest.nix")];
+
+  boot.loader = {
+    systemd-boot = enabled {
+      editor = false;
+    };
+
+    efi.canTouchEfiVariables = true;
+  };
+
+  boot.initrd.availableKernelModules = [
+    "ahci"
+    "ata_piix"
+    "nvme"
+    "sr_mod"
+  ];
+
+  fileSystems."/" = {
+    device  = "/dev/disk/by-label/root";
+    fsType  = "ext4";
+    options = [ "noatime" ];
+  };
+
+  fileSystems.${config.boot.loader.efi.efiSysMountPoint} = {
+    device  = "/dev/disk/by-label/boot";
+    fsType  = "vfat";
+    options = [ "noatime" ];
+  };
+
+  swapDevices = [{
+    device = "/dev/disk/by-label/swap";
+  }];
+}

hosts/disk/mail.nix

@@ -0,0 +1,11 @@
+{ config, self, ... }: let
+  inherit (config.networking) domain;
+
+  fqdn = "mail1.${domain}";
+in {
+  imports = [(self + /modules/mail)];
+
+  mailserver = {
+    inherit fqdn;
+  };
+} 

hosts/disk/password.floppy.age

@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 spFFQA pJguGLlB7R7iXrGfwKabGxmryMrfY57yvfaCytZG/Fs
+1USXbjiteoTrs7+KEFPTMVBNHpBWFXyHi/iLxFL7tls
+-> ssh-ed25519 CzqbPQ IbK7nvEUn324R2zHDJzfgMV/FDqwLCU/jGZLSjrG4FY
+naDshlcyrpvgLQydqxAXg/hhfFAFov568p163F7wrZ4
+--- MTj/7Zs1N348gDK+G1p01d6EZ21JzpPJnlaUc1ChcBo
+*°<>òluçM¹â=&Á÷à³Z<C2B3>¾›·
×ü0•ï!<21>¶A3eí\ÙB0“ÎVêýÚš¢¦í¢R‹; \6Ö¹®¡ío’÷^ZRÎ}_³›­ç%~›kÑ ™»Ão¹Œž$³O¸$É^…Aâ*¦Ù

hosts/disk/site6.nix

@@ -0,0 +1,7 @@
+{ self, ... }: {
+  imports = [
+    # (self + /modules/acme)
+    # (self + /modules/nginx.nix)
+    # (self + /modules/site.nix)
+  ];
+}