chore: migrate cube host

modules/linux/endlessh-go.nix

@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }: let
   inherit (lib) enabled mkEnableOption mkIf mkOption types;
 
-  fakeSSHPort    = 22;
+  portFakeSSH = 22;
 in {
   config.services.prometheus.exporters.endlessh-go = mkIf config.isServer <| enabled {
     listenAddress = "[::]";
@@ -10,11 +10,11 @@ in {
   # `services.endlessh-go.openFirewall` exposes both the Prometheus
   # exporters port and the SSH port, and we don't want the metrics
   # to leak, so we manually expose this like so.
-  config.networking.firewall.allowedTCPPorts = mkIf config.isServer <| [ fakeSSHPort ];
+  config.networking.firewall.allowedTCPPorts = mkIf config.isServer <| [ portFakeSSH ];
 
   config.services.endlessh-go = mkIf config.isServer <| enabled {
     listenAddress = "[::]";
-    port          = fakeSSHPort;
+    port          = portFakeSSH;
 
     extraOptions = [
       "-alsologtostderr"

modules/linux/hyprland/hyprland.nix

@@ -8,12 +8,12 @@ in merge <| mkIf config.isDesktop {
   xdg.portal = enabled {
     config.common.default = "*";
 
-    extraPortals = with pkgs; [
-      xdg-desktop-portal-hyprland
+    extraPortals = [
+      pkgs.xdg-desktop-portal-hyprland
     ];
 
-    configPackages = with pkgs; [
-      hyprland
+    configPackages = [
+      pkgs.hyprland
     ];
   };
 
@@ -50,7 +50,7 @@ in merge <| mkIf config.isDesktop {
         enableXdgAutostart = true;
       };
 
-      # plugins = with pkgs; [ hyprcursors ];
+      # plugins = [ pkgs.hyprcursors ];
 
       # settings.plugin.dynamic-cursors = {
       #   mode  = "rotate";

modules/linux/ip.nix

@@ -3,14 +3,12 @@
   inherit (lib) optionals;
 in {
   networking.interfaces.${interface} = {
-    ipv4.addresses = optionals (config.networking.ipv4 != null) [{
-      address      = config.networking.ipv4;
-      prefixLength = 22;
+    ipv4.addresses = optionals (config.networking.ipv4.address != null) [{
+      inherit (config.networking.ipv4) address prefixLength;
     }];
 
-    ipv6.addresses = optionals (config.networking.ipv4 != null)  [{
-      address      = config.networking.ipv6;
-      prefixLength = 64;
+    ipv6.addresses = optionals (config.networking.ipv4.address != null)  [{
+      inherit (config.networking.ipv6) address prefixLength;
     }];
   };
 }

modules/linux/resolved.nix

@@ -1,14 +1,14 @@
 { config, lib, ... }: let
-  inherit (lib) enabled concatStringsSep map;
+  inherit (lib) enabled concatStringsSep;
 in {
   services.resolved = enabled {
     dnssec     = "true";
     dnsovertls = "true";
 
-    extraConfig = config.dnsServers
+    extraConfig = config.networking.dns.servers
       |> map (server: "DNS=${server}")
       |> concatStringsSep "\n";
 
-    fallbackDns = config.fallbackDnsServers;
+    fallbackDns = config.networking.dns.serversFallback;
   };
 }

modules/linux/restic/default.nix

@@ -1,11 +1,11 @@
 { config, lib, ... }: let
   inherit (lib) genAttrs mkConst mkIf remove;
 in{
-  options.resticHosts = mkConst <| remove config.networking.hostName [ "cube" "disk" "nine" ];
+  options.services.restic.hosts = mkConst <| remove config.networking.hostName [ "cube" "disk" "nine" ];
 
   config.secrets.resticPassword.file = mkIf config.isServer ./password.age;
 
-  config.services.restic.backups =  mkIf config.isServer <| genAttrs config.resticHosts (host: {
+  config.services.restic.backups =  mkIf config.isServer <| genAttrs config.services.restic.hosts (host: {
     repository   = "sftp:backup@${host}:${config.networking.hostName}-backup";
     passwordFile = config.secrets.resticPassword.path;
     initialize   = true;