Rename systems folder to hosts

2025-04-22 21:34:44 +02:00
parent fb2626372f
commit 3f9442fd02
8 changed files with 0 additions and 0 deletions
--- a/hosts/aspi/default.nix
+++ b/hosts/aspi/default.nix
@ -0,0 +1,157 @@
+{
+  # Snowfall Lib provides a customized `lib` instance with access to your flake's library
+  # as well as the libraries available from your flake's inputs.
+  lib,
+  # An instance of `pkgs` with your overlays and packages applied is also available.
+  pkgs,
+  # You also have access to your flake's inputs.
+  inputs,
+
+  # Additional metadata is provided by Snowfall Lib.
+  namespace, # The namespace used for your flake, defaulting to "internal" if not set.
+  system, # The system architecture for this host (eg. `x86_64-linux`).
+  target, # The Snowfall Lib target for this system (eg. `x86_64-iso`).
+  format, # A normalized name for the system target (eg. `iso`).
+  virtual, # A boolean to determine whether this system is a virtual target using nixos-generators.
+  systems, # An attribute map of your defined hosts.
+
+  # All other arguments come from the system system.
+  config,
+  ...
+}:
+{
+  imports = [ ./hardware-configuration.nix ];
+
+  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
+  boot.blacklistedKernelModules = [ "pcspkr" ]; # Disables "beep"
+
+  networking.hostName = "aspi";
+  networking.networkmanager.enable = true;
+  # networking.networkmanager.dns = "systemd-resolved";
+  services.resolved.enable = true;
+
+  topology.self = {
+    hardware.info = "ThinkPad L430, 8GB RAM";
+  };
+
+  time.timeZone = "Europe/Berlin";
+
+  sops.secrets = {
+    "password/aspi".neededForUsers = true; # necessary for setting password
+  };
+
+  modules = {
+    sops.enable = true;
+    nix-settings.enable = true;
+    xserver-defaults.enable = true;
+    keymap.enable = true;
+    builder.enable = true;
+    system.boot-efi.enable = true;
+    sound.enable = true;
+
+    locales.enable = true;
+    # thunar.enable = true;
+    pcmanfm.enable = true;
+
+    i3.enable = true;
+    gdm.enable = true;
+    # tuigreet.enable = true;
+    redshift.enable = true;
+
+    # wayland.enable = true;
+    # hyprland.enable = true;
+    # tuigreet.enable = true;
+
+    virtualbox.enable = true;
+    users-julian.enable = true;
+    syncthing = {
+      enable = true;
+      overrideSettings = false;
+    };
+    xdg-portal.enable = true;
+    polkit.enable = true;
+    keyring.enable = true;
+  };
+
+  users.mutableUsers = false;
+  users.users.julian.hashedPasswordFile = config.sops.secrets."password/aspi".path;
+
+  services.blueman.enable = true;
+  services.upower.enable = true;
+
+  programs.steam.enable = true;
+
+  programs.dconf.enable = true;
+  services.logind.lidSwitch = "lock";
+  services.logind.lidSwitchDocked = "lock";
+
+  programs.kdeconnect.enable = true;
+
+  # Enable touchpad support (enabled default in most desktopManager).
+  services.libinput.enable = true;
+
+  # This interface is started on boot / switch
+  networking.wg-quick.interfaces = {
+    julian = {
+      configFile = "/etc/wireguard/julian.conf";
+    };
+  };
+
+  # List services that you want to enable:
+  services.openssh.enable = false;
+  services.flatpak.enable = true;
+
+  security.krb5.enable = true;
+  security.krb5.settings = {
+    # domain_realm = {
+    #   ".julian-mutter.de" = "julian-mutter.de";
+    #   "julian-mutter.de" = "julian-mutter.de";
+    # };
+    libdefaults = {
+      default_realm = "julian-mutter.de";
+      #   dns_lookup_realm = true;
+      #   dns_lookup_kdc = true;
+      #   ticket_lifetime = "24h";
+      #   renew_lifetime = "7d";
+    };
+    realms = {
+      "julian-mutter.de" = {
+        kdc = [ "kerberos.julian-mutter.de" ];
+        admin_server = "kerberos-admin.julian-mutter.de";
+        default_domain = "julian-mutter.de";
+      };
+    };
+  };
+
+  virtualisation.docker.enable = true;
+  # hardware.nvidia-container-toolkit.enable = true;
+  # services.xserver.videoDrivers = [ "nvidia" ];
+  hardware.nvidia.open = false;
+
+  # Do not alway generate man-cache, making builds much faster
+  documentation.man.generateCaches = false;
+
+  # MDNS on local network
+  services.avahi = {
+    enable = true;
+    nssmdns4 = true;
+  };
+
+  # Packages needed as root
+  environment.systemPackages = with pkgs; [
+    vim
+    htop
+    mc
+    xorg.xhost
+    pavucontrol
+    frajul.pulseaudio-popup
+    gparted-xhost # needs to be installed as system package so it can be actually opened
+    xclip
+
+    brightnessctl
+  ];
+
+  # ======================== DO NOT CHANGE THIS ========================
+  system.stateVersion = "24.05";
+  # ======================== DO NOT CHANGE THIS ========================
+}
--- a/hosts/aspi/hardware-configuration.nix
+++ b/hosts/aspi/hardware-configuration.nix
@ -0,0 +1,62 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "vmd" "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
+  boot.initrd.kernelModules = [ "dm-snapshot" ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  boot.initrd.luks.devices = {
+    root = {
+      device = "/dev/disk/by-uuid/a4dc9a2c-725b-4252-8fbb-093a271c31ba";
+      preLVM = true;
+      allowDiscards = true;
+    };
+  };
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/bbc45be3-75f5-40c5-8427-2a425de8422c";
+      fsType = "btrfs";
+      options = [ "subvol=root" "compress=zstd" ];
+    };
+
+  fileSystems."/home" =
+    { device = "/dev/disk/by-uuid/bbc45be3-75f5-40c5-8427-2a425de8422c";
+      fsType = "btrfs";
+      options = [ "subvol=home" "compress=zstd" ];
+    };
+
+  fileSystems."/nix" =
+    { device = "/dev/disk/by-uuid/bbc45be3-75f5-40c5-8427-2a425de8422c";
+      fsType = "btrfs";
+      options = [ "subvol=nix" "compress=zstd" "noatime" ];
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/7040-F37C";
+      fsType = "vfat";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/26140b4a-0579-406d-a484-35aa31b32e80"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}