Refactor some parts into separate files

Move some logically independent and consisitent parts into separate
modules (files):

        1. Nix config :
           Package, experimental options, automatic garbage-collection config
        2. Backups :
           Restic + rclone + systemd services for backup notifications

This has reduced main configuration.nix by 100+ lines. These parts are also
unlikely to be touched in tandem with other configuration and hence can be
separated out.

flake.nix

@@ -19,9 +19,11 @@
         system = "x86_64-linux";
         modules = [
           ./hosts/enterprise/configuration.nix
-          { nixpkgs.overlays = [ emacs-overlay.overlay ]; }
+          (import ./nix.nix)
           (import ./hosts/enterprise/sound.nix)
+          (import ./hosts/enterprise/backup.nix)
           (import ./cachix.nix)
+          { nixpkgs.overlays = [ emacs-overlay.overlay ]; }
           home-manager.nixosModules.home-manager
           {
             home-manager.useGlobalPkgs = true;

hosts/enterprise/backup.nix

@@ -0,0 +1,116 @@
+{ config, pkgs, options, ... }:
+
+# Automated Backup and backup notification configuration for NixOS
+# Using:
+#   1. Restic:        encryption, snapshots, dedeuplication
+#   2. Rclone:        access to free storages (Google Drive, OneDrive etc)
+#   3. Systemd/NixOS: automation, notifications etc
+#   4. (DBus) :       desktop notifications, provided by Plasma desktop
+let
+  payas = "payas";
+in
+{
+  # Le Backups!! Test them every month or so, just to be sure
+  services.restic.backups =
+    let
+      defaultPruneOpts = [
+        "--keep-last 10"
+        "--keep-hourly 3"
+        "--keep-daily 3"
+        "--keep-weekly 2"
+        "--keep-monthly 2"
+      ];
+      defaultBackupFrequency = "hourly";
+    in
+    {
+      syncthing_googledrive = {
+        user = payas;
+        repository = "rclone:relekarpayas_googledrive:/syncthing";
+        initialize = false; # for now, I want to control repo intialization myself
+        passwordFile = "/home/payas/.secrets/syncthing_relekarpayas_googledrive";
+        paths = [ "/home/payas/Syncthing/" ];
+        # Ignore Media dir because it contains non-essential and heavy media files
+        extraBackupArgs = [ "--exclude=/home/payas/Syncthing/Media" ];
+        # Run our nice little service every hour. If this proves too taxing, increase duration or give out fixed time.
+        timerConfig.OnCalendar = defaultBackupFrequency;
+        pruneOpts = defaultPruneOpts;
+      };
+
+      org_googledrive = {
+        user = payas;
+        repository = "rclone:relekarpayas_googledrive:/org";
+        initialize = false; # for now, I want to control repo intialization myself
+        passwordFile = "/home/payas/.secrets/org_relekarpayas_googledrive";
+        paths = [ "/home/payas/org/" ];
+        # Run our nice little service every hour. If this proves too taxing, increase duration or give out fixed time.
+        timerConfig.OnCalendar = defaultBackupFrequency;
+        pruneOpts = defaultPruneOpts;
+      };
+    };
+
+  # Le Backup notifications : So I find out about success/failure of backups without having to check logs every now and then
+  # This generates actual desktop notifications, and integrates nicely (as long as DBus is accessible to service)
+  systemd.services =
+    let
+      defaultBackupServiceEnv = {
+        DBUS_SESSION_BUS_ADDRESS = "unix:path=/run/user/1000/bus";
+      };
+      backupDescrDefault = "Backup notification";
+      backupDescrSuccess = ": Success";
+      backupDescrFailure = ": Failure";
+      backupDescrOrg = ": Org";
+      backupDescrSyncthing = ": Syncthing";
+      backupExecBin = "${pkgs.libnotify}/bin/notify-send";
+      backupExecHint = " --hint='string:desktop-entry:org.kde.konsole' ";
+      quote = "'";
+    in
+    {
+      # Syncthing failure notification
+      backup-failure-alert-syncthing = {
+        description = backupDescrDefault + backupDescrFailure + backupDescrSyncthing;
+        environment = defaultBackupServiceEnv;
+        serviceConfig = {
+          ExecStart = backupExecBin + backupExecHint + quote + backupDescrDefault + backupDescrFailure + backupDescrSyncthing + quote;
+          User = payas;
+        };
+      };
+      # Syncthing success notification
+      backup-success-notify-syncthing = {
+        description = backupDescrDefault + backupDescrSuccess + backupDescrSyncthing;
+        environment = defaultBackupServiceEnv;
+        serviceConfig = {
+          ExecStart = backupExecBin + backupExecHint + quote + backupDescrDefault + backupDescrSuccess + backupDescrSyncthing + quote;
+          User = payas;
+        };
+      };
+      # Configure notification services for restic backup service
+      restic-backups-syncthing_googledrive = {
+        onFailure = [ "backup-failure-alert-syncthing.service" ];
+        unitConfig.OnSuccess = [ "backup-success-notify-syncthing.service" ];
+      };
+
+      # Org failure notification
+      backup-failure-alert-org = {
+        description = backupDescrDefault + backupDescrFailure + backupDescrOrg;
+        environment = defaultBackupServiceEnv;
+        serviceConfig = {
+          ExecStart = backupExecBin + backupExecHint + quote + backupDescrDefault + backupDescrFailure + backupDescrOrg + quote;
+          User = payas;
+        };
+      };
+      # Org success notification
+      backup-success-notify-org = {
+        description = backupDescrDefault + backupDescrSuccess + backupDescrOrg;
+        environment = defaultBackupServiceEnv;
+        serviceConfig = {
+          ExecStart = backupExecBin + backupExecHint + quote + backupDescrDefault + backupDescrSuccess + backupDescrOrg + quote;
+          User = payas;
+        };
+      };
+      # Configure notification services for restic backup service
+      restic-backups-org_googledrive = {
+        onFailure = [ "backup-failure-alert-org.service" ];
+        unitConfig.OnSuccess = [ "backup-success-notify-org.service" ];
+      };
+    };
+}

hosts/enterprise/configuration.nix

@@ -157,112 +157,8 @@ in
       enable = true;
       package = pkgs.fwupd;
     };
-
-    # Le Backups!! Test them every month or so, just to be sure
-    restic.backups =
-      let
-        defaultPruneOpts = [
-          "--keep-last 10"
-          "--keep-hourly 3"
-          "--keep-daily 3"
-          "--keep-weekly 2"
-          "--keep-monthly 2"
-        ];
-        defaultBackupFrequency = "hourly";
-      in
-      {
-        syncthing_googledrive = {
-          user = payas;
-          repository = "rclone:relekarpayas_googledrive:/syncthing";
-          initialize = false; # for now, I want to control repo intialization myself
-          passwordFile = "/home/payas/.secrets/syncthing_relekarpayas_googledrive";
-          paths = [ "/home/payas/Syncthing/" ];
-          # Ignore Media dir because it contains non-essential and heavy media files
-          extraBackupArgs = [ "--exclude=/home/payas/Syncthing/Media" ];
-          # Run our nice little service every hour. If this proves too taxing, increase duration or give out fixed time.
-          timerConfig.OnCalendar = defaultBackupFrequency;
-          pruneOpts = defaultPruneOpts;
-        };
-
-        org_googledrive = {
-          user = payas;
-          repository = "rclone:relekarpayas_googledrive:/org";
-          initialize = false; # for now, I want to control repo intialization myself
-          passwordFile = "/home/payas/.secrets/org_relekarpayas_googledrive";
-          paths = [ "/home/payas/org/" ];
-          # Run our nice little service every hour. If this proves too taxing, increase duration or give out fixed time.
-          timerConfig.OnCalendar = defaultBackupFrequency;
-          pruneOpts = defaultPruneOpts;
-        };
-      };
   };
 
-  # Le Backup notifications : So I find out about success/failure of backups without having to check logs every now and then
-  # This generates actual desktop notifications, and integrates nicely (as long as DBus is accessible to service)
-  systemd.services =
-    let
-      defaultBackupServiceEnv = {
-        DBUS_SESSION_BUS_ADDRESS = "unix:path=/run/user/1000/bus";
-      };
-      backupDescrDefault = "Backup notification";
-      backupDescrSuccess = ": Success";
-      backupDescrFailure = ": Failure";
-      backupDescrOrg = ": Org";
-      backupDescrSyncthing = ": Syncthing";
-      backupExecBin = "${pkgs.libnotify}/bin/notify-send";
-      backupExecHint = " --hint='string:desktop-entry:org.kde.konsole' ";
-      quote = "'";
-    in
-    {
-      # Syncthing failure notification
-      backup-failure-alert-syncthing = {
-        description = backupDescrDefault + backupDescrFailure + backupDescrSyncthing;
-        environment = defaultBackupServiceEnv;
-        serviceConfig = {
-          ExecStart = backupExecBin + backupExecHint + quote + backupDescrDefault + backupDescrFailure + backupDescrSyncthing + quote;
-          User = payas;
-        };
-      };
-      # Syncthing success notification
-      backup-success-notify-syncthing = {
-        description = backupDescrDefault + backupDescrSuccess + backupDescrSyncthing;
-        environment = defaultBackupServiceEnv;
-        serviceConfig = {
-          ExecStart = backupExecBin + backupExecHint + quote + backupDescrDefault + backupDescrSuccess + backupDescrSyncthing + quote;
-          User = payas;
-        };
-      };
-      # Configure notification services for restic backup service
-      restic-backups-syncthing_googledrive = {
-        onFailure = [ "backup-failure-alert-syncthing.service" ];
-        unitConfig.OnSuccess = [ "backup-success-notify-syncthing.service" ];
-      };
-
-      # Org failure notification
-      backup-failure-alert-org = {
-        description = backupDescrDefault + backupDescrFailure + backupDescrOrg;
-        environment = defaultBackupServiceEnv;
-        serviceConfig = {
-          ExecStart = backupExecBin + backupExecHint + quote + backupDescrDefault + backupDescrFailure + backupDescrOrg + quote;
-          User = payas;
-        };
-      };
-      # Org success notification
-      backup-success-notify-org = {
-        description = backupDescrDefault + backupDescrSuccess + backupDescrOrg;
-        environment = defaultBackupServiceEnv;
-        serviceConfig = {
-          ExecStart = backupExecBin + backupExecHint + quote + backupDescrDefault + backupDescrSuccess + backupDescrOrg + quote;
-          User = payas;
-        };
-      };
-      # Configure notification services for restic backup service
-      restic-backups-org_googledrive = {
-        onFailure = [ "backup-failure-alert-org.service" ];
-        unitConfig.OnSuccess = [ "backup-success-notify-org.service" ];
-      };
-    };
-
   # Activate and set fish shell as default
   programs = {
     fish = {
@@ -337,28 +233,6 @@ in
     };
   };
 
-  nix = {
-    # Enable Flakes systemwide, and set gc-roots for nix-direnv
-    package = pkgs.nixUnstable;
-    extraOptions = ''
-      experimental-features = nix-command flakes ca-derivations
-      keep-outputs = true
-      keep-derivations = true
-    '';
-
-    # Automated gabrage collection
-    gc = {
-      automatic = true;
-      dates = "20:30";
-      options = "--delete-older-than 5d";
-    };
-
-    # Auto-optimize nix-store, create hard-links to save space on /nix/store
-    settings = {
-      auto-optimise-store = true;
-    };
-  };
-
   # Fonts
   fonts = {
     enableDefaultFonts = true;

nix.nix

@@ -0,0 +1,24 @@
+{ config, lib, options, pkgs, ... }:
+{
+  nix = {
+    # Enable Flakes systemwide, and set gc-roots for nix-direnv
+    package = pkgs.nixUnstable;
+    extraOptions = ''
+      experimental-features = nix-command flakes ca-derivations
+      keep-outputs = true
+      keep-derivations = true
+    '';
+
+    # Automated gabrage collection
+    gc = {
+      automatic = true;
+      dates = "20:30";
+      options = "--delete-older-than 5d";
+    };
+
+    # Auto-optimize nix-store, create hard-links to save space on /nix/store
+    settings = {
+      auto-optimise-store = true;
+    };
+  };
+}