system: replace host detection with capabilities module

Replace scattered osConfig.system.name comparisons with a declarative
host.capabilities module. This improves maintainability and semantic
clarity by expressing what capabilities a host has rather than checking
its name.

Changes:
- Add system/host-capabilities.nix with options for hardware, form factor,
  UI behavior, services, and backup configuration
- Configure capabilities in hosts/gunter and hosts/magicman
- Migrate 6 files to use capabilities: packages, waybar, ssh, backup-home
- Remove redundant host name check for pciutils in gunter config
- Make backup-home service conditionally enabled based on capabilities

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

home/hyprland/waybar/default.nix

@@ -14,8 +14,9 @@ let
     dontUnpack = true;
     installPhase = "install -Dm755 ${./arrhist.py} $out/bin/arrhist";
   };
-  withArrhist = if (osConfig.system.name == "gunter") then true else false;
-  withBattery = if (osConfig.system.name == "magicman") then true else false;
+  cfg = osConfig.host.capabilities;
+  withArrhist = cfg.enableArrhist;
+  withBattery = cfg.hasBattery;
 in
 {
   sops.secrets."sonarr_base_url" = { };
@@ -153,7 +154,7 @@ in
     settings = [
       (
         let
-          volInterval = if (osConfig.system.name == "gunter") then "5" else "1";
+          volInterval = toString cfg.volumeScrollStep;
         in
         {
           "layer" = "top";

home/packages/default.nix

@@ -1,6 +1,6 @@
 { pkgs, osConfig, ... }:
 let
-  withCuda = if (osConfig.system.name == "gunter") then true else false;
+  withCuda = osConfig.host.capabilities.hasCuda;
 in
 {
   imports = [

home/services/backup-home.nix

@@ -1,5 +1,14 @@
-{ pkgs, config, ... }:
+{
+  pkgs,
+  config,
+  lib,
+  osConfig,
+  ...
+}:
 let
+  cfg = osConfig.host.capabilities;
+  backupEnabled = cfg.backupRepository != null && cfg.backupPassword != null;
+
   # Backup home script
   backup-home = pkgs.writeShellApplication {
     name = "backup-home";
@@ -12,8 +21,8 @@ let
     ];
     text = ''
       echo "========== BACKUP HOME STARTING =========="
-      export RESTIC_PASSWORD="gunter.home.2rjus.net"
-      export RESTIC_REPOSITORY="rest:http://10.69.12.52:8000/gunter.home.2rjus.net"
+      export RESTIC_PASSWORD="${cfg.backupPassword}"
+      export RESTIC_REPOSITORY="${cfg.backupRepository}"
       SECRET_PATH="$XDG_CONFIG_HOME/sops-nix/secrets/gotify_backup_home"
 
       if ! [ -f "$SECRET_PATH" ]; then
@@ -53,7 +62,7 @@ let
           retval=$?
           if [ $retval -ne 0 ]; then
             curl "https://gotify.t-juice.club/message?token=$GOTIFY_TOKEN" \
-              -F "title=Backup of home@gunter failed!" \
+              -F "title=Backup of home@${osConfig.networking.hostName} failed!" \
               -F "message=Please check status of backup-home service"
           fi
       fi
@@ -92,9 +101,9 @@ let
   };
 in
 {
-  sops.secrets."gotify_backup_home" = { };
+  sops.secrets."gotify_backup_home" = lib.mkIf backupEnabled { };
 
-  systemd.user.services.backup-home = {
+  systemd.user.services.backup-home = lib.mkIf backupEnabled {
     Unit = {
       Description = "Backup home directory";
       After = [
@@ -107,7 +116,7 @@ in
       ExecStart = "${backup-home}/bin/backup-home";
     };
   };
-  systemd.user.timers.backup-home = {
+  systemd.user.timers.backup-home = lib.mkIf backupEnabled {
     Unit = {
       Description = "Backup home directory";
       After = [ "network.target" ];

home/ssh/config.nix

@@ -22,7 +22,7 @@ in
 
     matchBlocks = {
       "bmo.uio.no-on-eduroam" = (
-        lib.mkIf (osConfig.system.name == "magicman") (
+        lib.mkIf (osConfig.host.capabilities.hasEduroamAccess) (
           lib.hm.dag.entryBefore [ "bmo.uio.no" "*" ] {
             match = "host bmo.uio.no exec \"nmcli -g GENERAL.STATE c s eduroam|grep -q -E '\\bactiv'\"";
             hostname = "bmo.uio.no";