porthos: move files into 'machines' directory

But keep 'porthos.nix' at the root of the repository. I feel like it is
cleaner to keep device specific files at the root.

machines/porthos/boot.nix

@@ -0,0 +1,23 @@
+# Boot configuration
+{ ... }:
+
+{
+  boot = {
+    # Use the GRUB 2 boot loader.
+    loader.grub = {
+      enable = true;
+      version = 2;
+      # Define on which hard drive you want to install Grub.
+      device = "/dev/sda";
+    };
+
+    initrd = {
+      availableKernelModules = [ "uhci_hcd" "ahci" "usbhid" ];
+      kernelModules = [ "dm-snapshot" ];
+    };
+
+    kernelModules = [ "kvm-intel" ];
+
+    extraModulePackages = [ ];
+  };
+}

machines/porthos/default.nix

@@ -0,0 +1,12 @@
+# Porthos specific settings
+{ ... }:
+
+{
+  imports = [
+    ./boot.nix
+    ./hardware.nix
+    ./networking.nix
+    ./services.nix
+    ./users.nix
+  ];
+}

machines/porthos/hardware.nix

@@ -0,0 +1,19 @@
+# Hardware configuration
+{ lib, modulesPath, ... }:
+
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/d89efc61-6b03-4190-b488-301c919e2431";
+    fsType = "ext4";
+  };
+
+  swapDevices = [
+    { device = "/dev/disk/by-uuid/1a261204-2e78-496f-8a8d-d29bfa770306"; }
+  ];
+
+  powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
+}

machines/porthos/networking.nix

@@ -0,0 +1,32 @@
+# Networking configuration
+{ ... }:
+
+{
+  networking = {
+    hostName = "porthos"; # Define your hostname.
+    domain = "belanyi.fr"; # Define your domain.
+
+
+    # The global useDHCP flag is deprecated, therefore explicitly set to false here.
+    # Per-interface useDHCP will be mandatory in the future, so this generated config
+    # replicates the default behaviour.
+    useDHCP = false;
+
+    interfaces = {
+      bond0.useDHCP = true;
+      bonding_masters.useDHCP = true;
+      dummy0.useDHCP = true;
+      erspan0.useDHCP = true;
+      eth0.useDHCP = true;
+      eth1.useDHCP = true;
+      gre0.useDHCP = true;
+      gretap0.useDHCP = true;
+      ifb0.useDHCP = true;
+      ifb1.useDHCP = true;
+      ip6tnl0.useDHCP = true;
+      sit0.useDHCP = true;
+      teql0.useDHCP = true;
+      tunl0.useDHCP = true;
+    };
+  };
+}

machines/porthos/services.nix

@@ -0,0 +1,78 @@
+# Deployed services
+{ config, ... }:
+let
+  my = config.my;
+in
+{
+  # List services that you want to enable:
+  my.services = {
+    # Backblaze B2 backup
+    backup = {
+      enable = true;
+      repository = "b2:porthos-backup";
+      # Backup every 6 hours
+      timerConfig = {
+        OnActiveSec = "6h";
+        OnUnitActiveSec = "6h";
+      };
+      # Insecure, I don't care.
+      passwordFile =
+        builtins.toFile "password.txt" my.secrets.backup.password;
+      credentialsFile =
+        builtins.toFile "creds.env" my.secrets.backup.credentials;
+    };
+    # My blog and related hosts
+    blog.enable = true;
+    drone = {
+      enable = true;
+      runners = [ "docker" ];
+      # Insecure, I don't care.
+      secretFile =
+        builtins.toFile "gitea.env" my.secrets.drone.gitea;
+      sharedSecretFile =
+        builtins.toFile "rpc.env" my.secrets.drone.secret;
+    };
+    # Gitea forge
+    gitea.enable = true;
+    # Meta-indexers
+    indexers = {
+      jackett.enable = true;
+      nzbhydra.enable = true;
+    };
+    # Jellyfin media server
+    jellyfin.enable = true;
+    # Matrix backend and Element chat front-end
+    matrix = {
+      enable = true;
+      secret = my.secrets.matrix.secret;
+    };
+    # Nextcloud self-hosted cloud
+    nextcloud = {
+      enable = true;
+      password = my.secrets.nextcloud.password;
+    };
+    # The whole *arr software suite
+    pirate.enable = true;
+    # Regular backups
+    postgresql-backup.enable = true;
+    # An IRC client daemon
+    quassel.enable = true;
+    # RSS provider for websites that do not provide any feeds
+    rss-bridge.enable = true;
+    # Usenet client
+    sabnzbd.enable = true;
+    # Because I stilll need to play sysadmin
+    ssh-server.enable = true;
+    # Torrent client and webui
+    transmission = {
+      enable = true;
+      username = "Ambroisie";
+      password = my.secrets.transmission.password;
+    };
+  };
+
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+  };
+}

machines/porthos/users.nix

@@ -0,0 +1,15 @@
+# User setup
+{ config, ... }:
+let
+  my = config.my;
+in
+{
+  users.users.blog = {
+    description = "Blog Publisher";
+    isNormalUser = true;
+    group = "nginx";
+    createHome = false; # Messes with permissions
+    home = "/var/www/";
+    openssh.authorizedKeys.keys = [ my.secrets.drone.ssh.publicKey ];
+  };
+}