diff --git a/machines/arcadia/default.nix b/machines/arcadia/default.nix new file mode 100644 index 0000000..b63ef9e --- /dev/null +++ b/machines/arcadia/default.nix @@ -0,0 +1,90 @@ +{ + pkgs, + inputs, + ... +}: + +{ + imports = [ + ./hardware.nix + ./home-julien.nix + ]; + + machine.meta = { + arch = "x86_64-linux"; + nixpkgs_version = inputs.unstable; + hm_version = inputs.home-manager-unstable; + # TODO: Fix colmena deployment + ips.public.ipv4 = "127.0.0.1"; + + }; + + environment.persistence."/persistent" = { + hideMounts = true; + directories = [ + "/var/lib" + "/var/log" + "/etc/NetworkManager/system-connections" + ]; + files = [ + "/etc/machine-id" + "/etc/ssh/ssh_host_ed25519_key" + "/etc/ssh/ssh_host_ed25519_key.pub" + ]; + }; + programs.fuse.userAllowOther = true; + + fileSystems."/persistent".neededForBoot = true; + + disko = import ./disko.nix; + + boot.loader.systemd-boot.enable = true; + + networking.wireless.enable = false; + + services.tailscale.enable = true; + + networking.networkmanager.enable = true; + + networking.networkmanager.dns = "systemd-resolved"; + services.resolved.enable = true; + + services.dbus.enable = true; + + programs.dconf.enable = true; + + security.polkit.enable = true; + + nix = { + distributedBuilds = true; + buildMachines = [ + { + hostName = "epyc.infra.newtype.fr"; + maxJobs = 100; + systems = [ "x86_64-linux" ]; + sshUser = "root"; + supportedFeatures = [ + "kvm" + "nixos-test" + ]; + sshKey = "/home/julien/.ssh/id_ed25519"; + speedFactor = 2; + } + ]; + }; + + environment.systemPackages = with pkgs; [ + tailscale + brightnessctl + sbctl + ]; + + security.pam.services.swaylock = { }; + + programs.ssh.startAgent = true; + + services.xserver.desktopManager.gnome.enable = true; + + services.gnome.gnome-keyring.enable = true; + system.stateVersion = "25.05"; +} diff --git a/machines/arcadia/disko.nix b/machines/arcadia/disko.nix new file mode 100644 index 0000000..10afd5c --- /dev/null +++ b/machines/arcadia/disko.nix @@ -0,0 +1,90 @@ +{ + devices = { + disk = { + main = { + type = "disk"; + device = "/dev/disk/by-id/nvme-PNY_CS2241_4TB_SSD_PNY23362309060100017"; + content = { + type = "gpt"; + partitions = { + boot = { + size = "1M"; + type = "EF02"; + }; + ESP = { + size = "10G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + swap = { + size = "16G"; + content = { + type = "swap"; + discardPolicy = "both"; + }; + }; + luks = { + size = "100%"; + content = { + type = "luks"; + name = "crypted"; + extraOpenArgs = [ ]; + passwordFile = "/tmp/secret.key"; + settings = { + # if you want to use the key for interactive login be sure there is no trailing newline + # for example use `echo -n "password" > /tmp/secret.key` + allowDiscards = true; + }; + content = { + type = "lvm_pv"; + vg = "mainpool"; + }; + }; + }; + }; + }; + }; + }; + lvm_vg = { + mainpool = { + type = "lvm_vg"; + lvs = { + root = { + size = "500G"; + pool = "mainpool"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + mountOptions = [ "defaults" ]; + }; + }; + persistent = { + size = "1T"; + pool = "mainpool"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/persistent"; + mountOptions = [ "defaults" ]; + }; + }; + + store = { + size = "2T"; + pool = "mainpool"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/nix"; + }; + }; + }; + }; + }; + }; +} diff --git a/machines/arcadia/hardware.nix b/machines/arcadia/hardware.nix new file mode 100644 index 0000000..a1695a4 --- /dev/null +++ b/machines/arcadia/hardware.nix @@ -0,0 +1,33 @@ +{ + config, + lib, + modulesPath, + ... +}: + +{ + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "nvme" + "usb_storage" + "sd_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/machines/arcadia/home-julien.nix b/machines/arcadia/home-julien.nix new file mode 100644 index 0000000..8bfbbd8 --- /dev/null +++ b/machines/arcadia/home-julien.nix @@ -0,0 +1,69 @@ +{ pkgs, ... }: +{ + + luj.hmgr.julien = { + home.stateVersion = "25.05"; + luj.programs.neovim.enable = true; + luj.programs.ssh-client.enable = true; + luj.programs.git.enable = true; + luj.programs.gtk.enable = true; + luj.programs.kitty.enable = true; + luj.programs.dunst.enable = true; + luj.programs.fish.enable = true; + luj.programs.firefox.enable = true; + luj.programs.pass.enable = true; + + programs.direnv = { + enable = true; + nix-direnv.enable = true; + }; + + home.pointerCursor = { + name = "Adwaita"; + package = pkgs.adwaita-icon-theme; + size = 15; + x11 = { + enable = true; + defaultCursor = "Adwaita"; + }; + }; + + home.packages = + with pkgs; + [ + du-dust + kitty + jq + lazygit + fira-code + feh + meld + emacs + vlc + jftui + libreoffice + font-awesome + cantarell-fonts + roboto + htop + evince + mosh + zotero + flameshot + kitty + networkmanagerapplet + xdg-utils + step-cli + gh + signal-desktop + scli + texlive.combined.scheme-full + ] + ++ builtins.filter lib.attrsets.isDerivation (builtins.attrValues pkgs.nerd-fonts); + fonts.fontconfig.enable = true; + + home.keyboard = { + layout = "fr"; + }; + }; +}