feat(system/limits): add reusable system limits module

- Created a `limits` module to centralize system limit configurations.
- Replaced inlined user and systemd limits with the new module on aarch64 and x86_64 platforms.
- Simplifies maintenance and ensures consistency across configurations.

systems/x86_64-linux/x1/default.nix

@@ -21,6 +21,16 @@ with lib.metacfg;
     podman.enable = true;
     secureboot.enable = true;
     homeprinter.enable = true;
+
+    system = {
+      limits = {
+        enable = true;
+        nofileLimit = 32768;
+        memlockLimit = 32768;
+      };
+    };
+
+    # User configuration
     tools = {
       direnv.enable = true;
     };
@@ -77,23 +87,6 @@ with lib.metacfg;
 
   services.trezord.enable = true;
 
-  systemd.user.extraConfig = "DefaultLimitNOFILE=32768";
-
-  security.pam.loginLimits = [
-    {
-      domain = "*";
-      item = "nofile";
-      type = "-";
-      value = "32768";
-    }
-    {
-      domain = "*";
-      item = "memlock";
-      type = "-";
-      value = "32768";
-    }
-  ];
-
   services.ollama = {
     enable = false;
     acceleration = "rocm";