Rename nix-builder to builder

systems/x86_64-linux/builder/default.nix

@@ -0,0 +1,96 @@
+# sudo nixos-rebuild switch --flake .#builder --target-host root@192.168.3.118
+# or
+# deploy .#builder
+{ config, pkgs, ... }:
+
+{
+  imports = [ ./hardware-configuration.nix ];
+
+  boot.loader.grub.enable = true;
+  boot.loader.grub.device = "/dev/sda";
+
+  # Emulated systems used as alternative to cross-compiling
+  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
+
+  networking.hostName = "builder";
+  networking.networkmanager.enable = true;
+
+  time.timeZone = "Europe/Berlin";
+
+  modules = {
+    keymap.enable = true;
+    locales.enable = true;
+  };
+
+  users.users.nix = {
+    isNormalUser = true;
+    description = "Nix";
+    extraGroups = [
+      "networkmanager"
+      "wheel"
+    ];
+  };
+
+  nix.settings.trusted-users = [ "@wheel" ];
+  nix.settings.experimental-features = [
+    "nix-command"
+    "flakes"
+  ];
+
+  # Setup binary caches
+  nix.settings = {
+    substituters = [
+      "https://nix-community.cachix.org"
+      "https://cache.nixos.org/"
+    ];
+    trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ];
+  };
+
+  # optimize store by hardlinking store files
+  nix.optimise.automatic = true;
+  nix.optimise.dates = [ "03:15" ];
+
+  nix.gc.automatic = true;
+  nix.gc.dates = "weekly";
+  nix.gc.options = "--delete-older-than 30d";
+
+  # Garbage collect up to 30 GiB when only 5 GiB storage left
+  nix.extraOptions = ''
+    min-free = ${toString (5 * 1024 * 1024 * 1024)}
+    max-free = ${toString (30 * 1024 * 1024 * 1024)}
+    min-free-check-interval = 60
+  '';
+
+  environment.systemPackages = with pkgs; [
+    vim
+    htop
+    mc
+  ];
+
+  # services.ollama = {
+  #   enable = true;
+  #   acceleration = "cuda";
+  # };
+  services.open-webui = {
+    enable = true;
+    port = 8080;
+    openFirewall = true;
+  };
+
+  services.openssh = {
+    enable = true;
+    # require public key authentication for better security
+    settings.PasswordAuthentication = false;
+    settings.KbdInteractiveAuthentication = false;
+    settings.PermitRootLogin = "yes";
+  };
+  users.users."root".openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFjSZYdoF/51F+ykcBAYVCzCPTF5EEigWBL1APiR0h+H julian@aspi"
+  ];
+
+  # security.pam.sshAgentAuth.enable = true; # enable sudo via ssh
+
+  # ======================== DO NOT CHANGE THIS ========================
+  system.stateVersion = "23.11";
+  # ======================== DO NOT CHANGE THIS ========================
+}

systems/x86_64-linux/builder/hardware-configuration.nix

@@ -0,0 +1,33 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/f088fe8e-bf3d-4a89-98bd-ead9852d381f";
+      fsType = "ext4";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/ab60b5f0-caaa-4a7e-803f-c4c1a6a076dd"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.ens18.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}