refactor: shared config metadata

modules/features/bitwarden.nix

@@ -3,7 +3,7 @@
   ...
 }:
 let
-  metaLib = config.meta.lib;
+  metaRepo = config.meta.lib.repo;
 in
 {
   flake.modules.homeManager.bitwarden =
@@ -19,7 +19,7 @@ in
       programs.rbw = {
         enable = true;
         settings = {
-          base_url = metaLib.repo.services.vaultwarden.url;
+          base_url = metaRepo.services.vaultwarden.url;
           email = user.primaryEmail.address;
           pinentry = pkgs.pinentry-gnome3;
         };

modules/features/local-apps.nix

@@ -1,20 +1,32 @@
+{ config, ... }:
+let
+  metaRepo = config.meta.lib.repo;
+in
 {
   flake.modules.homeManager.local-apps =
     { pkgs, ... }:
+    let
+      browserPackage = config.meta.lib.resolvePackagePath {
+        inherit pkgs;
+        path = metaRepo.desktop.browser.packagePath;
+      };
+    in
     {
-      home.sessionVariables.BROWSER = "vivaldi";
+      home.sessionVariables.BROWSER = metaRepo.desktop.browser.command;
 
-      home.packages = with pkgs; [
-        brave
-        vivaldi
-        postman
-        spotify
-        calcure
-        planify
-        unzip
-        gimp
-        dbeaver-bin
-      ];
+      home.packages =
+        with pkgs;
+        [
+          brave
+          postman
+          spotify
+          calcure
+          planify
+          unzip
+          gimp
+          dbeaver-bin
+        ]
+        ++ [ browserPackage ];
 
       programs.imv.enable = true;
       programs.sioyek.enable = true;

modules/features/meta.nix

@@ -25,16 +25,20 @@ let
       user.sourceControl.projectScope
     ];
 
-  hasRequiredScopedEmail =
-    scope: user: scopeEmailCount scope user == 1;
+  hasRequiredScopedEmail = scope: user: scopeEmailCount scope user == 1;
 
   primaryEmailFallback = {
     address = "";
     primary = false;
     scope = null;
-    type = "";
+    type = "mxrouting";
   };
 
+  emailProviderType = lib.types.enum [
+    "mxrouting"
+    "office365"
+  ];
+
   sourceControlScopeType = lib.types.enum [
     "personal"
     "work"
@@ -67,10 +71,11 @@ let
 
         primary = lib.mkOption {
           type = lib.types.bool;
+          default = false;
         };
 
         type = lib.mkOption {
-          type = lib.types.str;
+          type = emailProviderType;
         };
 
         scope = mkNullableOption sourceControlScopeType;
@@ -300,6 +305,29 @@ let
       };
     }
   );
+
+  mkUserEmailAssertions =
+    userName: user:
+    [
+      {
+        assertion = hasSinglePrimaryEmail user;
+        message = "User `${userName}` must define exactly one primary email entry.";
+      }
+    ]
+    ++ (map
+      (scope: {
+        assertion = hasAtMostOneScopedEmail scope user;
+        message = "User `${userName}` may define at most one `${scope}` scoped email entry.";
+      })
+      [
+        "personal"
+        "work"
+      ]
+    )
+    ++ map (scope: {
+      assertion = hasRequiredScopedEmail scope user;
+      message = "User `${userName}` must define exactly one `${scope}` scoped email entry.";
+    }) (requiredSourceControlScopes user);
 in
 {
   flake.modules.nixos.meta =
@@ -309,25 +337,7 @@ in
         type = hostType;
       };
 
-      config.assertions = lib.mapAttrsToList (userName: user: {
-        assertion = hasSinglePrimaryEmail user;
-        message = "User `${userName}` must define exactly one primary email entry.";
-      }) config.meta.host.users
-      ++ lib.flatten (
-        lib.mapAttrsToList (userName: user:
-          (map (scope: {
-            assertion = hasAtMostOneScopedEmail scope user;
-            message = "User `${userName}` may define at most one `${scope}` scoped email entry.";
-          }) [
-            "personal"
-            "work"
-          ])
-          ++ map (scope: {
-            assertion = hasRequiredScopedEmail scope user;
-            message = "User `${userName}` must define exactly one `${scope}` scoped email entry.";
-          }) (requiredSourceControlScopes user)
-        ) config.meta.host.users
-      );
+      config.assertions = lib.flatten (lib.mapAttrsToList mkUserEmailAssertions config.meta.host.users);
     };
 
   flake.modules.homeManager.meta =
@@ -345,22 +355,8 @@ in
         };
       };
 
-      config.assertions = lib.optional (config.meta.user != null) {
-        assertion = hasSinglePrimaryEmail config.meta.user;
-        message = "User `${config.meta.user.name}` must define exactly one primary email entry.";
-      }
-      ++ lib.optionals (config.meta.user != null) (
-        (map (scope: {
-          assertion = hasAtMostOneScopedEmail scope config.meta.user;
-          message = "User `${config.meta.user.name}` may define at most one `${scope}` scoped email entry.";
-        }) [
-          "personal"
-          "work"
-        ])
-        ++ map (scope: {
-          assertion = hasRequiredScopedEmail scope config.meta.user;
-          message = "User `${config.meta.user.name}` must define exactly one `${scope}` scoped email entry.";
-        }) (requiredSourceControlScopes config.meta.user)
+      config.assertions = lib.optionals (config.meta.user != null) (
+        mkUserEmailAssertions config.meta.user.name config.meta.user
       );
     };
 }

modules/features/niri/_bindings.nix

@@ -1,4 +1,5 @@
 {
+  browserCommand,
   lib,
   terminalPackage,
 }:
@@ -8,7 +9,7 @@
     hotkey-overlay.title = "Terminal";
   };
   "Mod+B" = {
-    action.spawn = "vivaldi";
+    action.spawn = browserCommand;
     hotkey-overlay.title = "Browser";
   };
   "Mod+Space" = {

modules/features/niri/default.nix

@@ -5,6 +5,7 @@
 }:
 let
   metaLib = config.meta.lib;
+  metaRepo = metaLib.repo;
 in
 {
   flake.modules.nixos.niri =
@@ -30,7 +31,12 @@ in
       ...
     }:
     let
-      repoTheme = metaLib.repo.theme.kanagawa;
+      repoTheme = metaRepo.theme.kanagawa;
+      browserCommand = metaRepo.desktop.browser.command;
+      fileManagerPackage = metaLib.resolvePackagePath {
+        inherit pkgs;
+        path = metaRepo.desktop.fileManager.packagePath;
+      };
       outputs = lib.mapAttrs (
         _: display:
         {
@@ -69,12 +75,14 @@ in
         };
       };
 
-      home.packages = with pkgs; [
-        playerctl
-        nautilus
-        brightnessctl
-        xwayland-satellite
-      ];
+      home.packages =
+        with pkgs;
+        [
+          playerctl
+          brightnessctl
+          xwayland-satellite
+        ]
+        ++ [ fileManagerPackage ];
 
       programs.niri.settings = {
         inherit outputs;
@@ -149,6 +157,7 @@ in
           if terminal.hasMainProgram then
             import ./_bindings.nix {
               inherit
+                browserCommand
                 lib
                 ;
               terminalPackage = terminal.package;

modules/features/pim.nix

@@ -3,7 +3,7 @@
   ...
 }:
 let
-  metaLib = config.meta.lib;
+  metaRepo = config.meta.lib.repo;
 in
 {
   flake.modules.homeManager.pim =
@@ -51,7 +51,7 @@ in
           };
 
           remote = {
-            url = metaLib.repo.services.radicale.url;
+            url = metaRepo.services.radicale.url;
             type = "caldav";
             userName = config.home.username;
             passwordCommand = [

modules/features/services/actual.nix

@@ -1,7 +1,8 @@
 { config, ... }:
 let
+  metaRepo = config.meta.lib.repo;
   metaLib = config.meta.lib;
-  service = metaLib.repo.services.actual;
+  service = metaRepo.services.actual;
 in
 {
   flake.modules.nixos.actual =

modules/features/services/caddy.nix

@@ -1,12 +1,12 @@
 { config, ... }:
 let
-  metaLib = config.meta.lib;
+  metaRepo = config.meta.lib.repo;
 in
 {
   flake.modules.nixos.caddy = {
     services.caddy = {
       enable = true;
-      email = metaLib.repo.contact.email;
+      email = metaRepo.contact.email;
       openFirewall = true;
     };
   };

modules/features/services/gitea.nix

@@ -1,7 +1,8 @@
 { config, ... }:
 let
+  metaRepo = config.meta.lib.repo;
   metaLib = config.meta.lib;
-  service = metaLib.repo.services.gitea;
+  service = metaRepo.services.gitea;
 in
 {
   flake.modules.nixos.gitea =

modules/features/services/radicale.nix

@@ -1,7 +1,8 @@
 { config, ... }:
 let
+  metaRepo = config.meta.lib.repo;
   metaLib = config.meta.lib;
-  service = metaLib.repo.services.radicale;
+  service = metaRepo.services.radicale;
 in
 {
   flake.modules.nixos.radicale =

modules/features/services/vaultwarden.nix

@@ -1,7 +1,8 @@
 { config, ... }:
 let
+  metaRepo = config.meta.lib.repo;
   metaLib = config.meta.lib;
-  service = metaLib.repo.services.vaultwarden;
+  service = metaRepo.services.vaultwarden;
 in
 {
   flake.modules.nixos.vaultwarden =

modules/features/source-control.nix

@@ -16,9 +16,7 @@ in
       hostSourceControlUsers = host.sourceControl.users;
       hostUserSourceControl = hostSourceControlUsers.${user.name} or { };
 
-      scopeEmails =
-        scope:
-        lib.filter (email: email.scope == scope) (builtins.attrValues user.emails);
+      scopeEmails = scope: lib.filter (email: email.scope == scope) (builtins.attrValues user.emails);
 
       emailForScope =
         scope:
@@ -53,30 +51,30 @@ in
         in
         if keyConfig == null then null else keyConfig.publicKey;
 
-      scopesInUse = lib.unique (
-        [
-          "personal"
-          sourceControl.projectScope
-        ]
-      );
+      scopesInUse = lib.unique ([
+        "personal"
+        sourceControl.projectScope
+      ]);
 
-      invalidEmailScopes = builtins.filter (scope: emailForScope scope == null) scopesInUse;
       allowedSignersLines = map (scope: "${emailForScope scope} ${publicKeyForScope scope}") (
         builtins.filter (scope: emailForScope scope != null && scopeHasSigningKey scope) scopesInUse
       );
 
       gitConfigForScope =
         scope:
-        lib.recursiveUpdate {
-          user = {
-            name = user.realName;
-            email = emailForScope scope;
-          };
-        }
-        (lib.optionalAttrs (scopeHasSigningKey scope) {
-          gpg.ssh.allowedSignersFile = "${config.xdg.configHome}/git/allowed_signers";
-          user.signingKey = "${privateKeyPathForScope scope}.pub";
-        });
+        lib.recursiveUpdate
+          {
+            user = {
+              name = user.realName;
+              email = emailForScope scope;
+            };
+          }
+          (
+            lib.optionalAttrs (scopeHasSigningKey scope) {
+              gpg.ssh.allowedSignersFile = "${config.xdg.configHome}/git/allowed_signers";
+              user.signingKey = "${privateKeyPathForScope scope}.pub";
+            }
+          );
 
       gitRoots = [
         {
@@ -92,13 +90,6 @@ in
     {
       imports = [ homeModules.git ];
 
-      assertions = [
-        {
-          assertion = invalidEmailScopes == [ ];
-          message = "Expected exactly one scoped email for `${user.name}` source-control scopes: ${lib.concatStringsSep ", " invalidEmailScopes}.";
-        }
-      ];
-
       xdg.configFile."git/allowed_signers".text = lib.concatStringsSep "\n" (
         allowedSignersLines ++ [ "" ]
       );

modules/features/terminal.nix

@@ -1,6 +1,7 @@
 { config, ... }:
 let
   metaLib = config.meta.lib;
+  metaRepo = metaLib.repo;
 in
 {
   flake.modules.homeManager.terminal =
@@ -11,7 +12,7 @@ in
       ...
     }:
     let
-      repoTheme = metaLib.repo.theme.kanagawa;
+      repoTheme = metaRepo.theme.kanagawa;
       palette = repoTheme.palette;
       terminal = metaLib.resolveUserTerminal {
         inherit pkgs;

modules/features/theme.nix

@@ -4,6 +4,7 @@
 }:
 let
   metaLib = config.meta.lib;
+  metaRepo = metaLib.repo;
 in
 {
   flake.modules.nixos.theme =
@@ -12,7 +13,7 @@ in
       ...
     }:
     let
-      repoTheme = metaLib.repo.theme;
+      repoTheme = metaRepo.theme;
       cursorTheme = repoTheme.cursor // {
         package = metaLib.resolvePackagePath {
           inherit pkgs;
@@ -34,7 +35,7 @@ in
   flake.modules.homeManager.theme =
     { config, pkgs, ... }:
     let
-      repoTheme = metaLib.repo.theme;
+      repoTheme = metaRepo.theme;
       cursorTheme = repoTheme.cursor // {
         package = metaLib.resolvePackagePath {
           inherit pkgs;

modules/features/vicinae.nix

@@ -1,6 +1,6 @@
 { config, ... }:
 let
-  metaLib = config.meta.lib;
+  metaRepo = config.meta.lib.repo;
 in
 {
   flake.modules.homeManager.vicinae =
@@ -10,7 +10,7 @@ in
       ...
     }:
     let
-      repoTheme = metaLib.repo.theme.kanagawa;
+      repoTheme = metaRepo.theme.kanagawa;
       palette = repoTheme.palette;
     in
     {

modules/features/xdg.nix

@@ -1,7 +1,20 @@
+{ config, ... }:
+let
+  metaLib = config.meta.lib;
+  metaRepo = metaLib.repo;
+in
 {
   flake.modules.homeManager.xdg =
     { config, pkgs, ... }:
     let
+      browserPackage = metaLib.resolvePackagePath {
+        inherit pkgs;
+        path = metaRepo.desktop.browser.packagePath;
+      };
+      fileManagerPackage = metaLib.resolvePackagePath {
+        inherit pkgs;
+        path = metaRepo.desktop.fileManager.packagePath;
+      };
       homeDir = config.home.homeDirectory;
       localDir = "${homeDir}/.local";
       mediaDir = "${homeDir}/media";
@@ -33,13 +46,17 @@
 
         mimeApps = {
           enable = true;
-          defaultApplicationPackages = with pkgs; [
-            sioyek
-            imv
-            vivaldi
-            neovim
-            nautilus
-          ];
+          defaultApplicationPackages =
+            with pkgs;
+            [
+              sioyek
+              imv
+              neovim
+            ]
+            ++ [
+              browserPackage
+              fileManagerPackage
+            ];
         };
       };
     };