feat: init gallifrey

machines/gallifrey/default.nix

@@ -0,0 +1,103 @@
+{
+  config,
+  pkgs,
+  inputs,
+  ...
+}:
+
+{
+  imports = [
+    ./hardware.nix
+    ./home-julien.nix
+  ];
+
+  machine.meta = {
+    arch = "x86_64-linux";
+    nixpkgs_version = inputs.unstable;
+    hm_version = inputs.home-manager-unstable;
+  };
+
+  networking.hostName = "gallifrey";
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.networkmanager.enable = true;
+
+  networking.networkmanager.dns = "systemd-resolved";
+  services.resolved.enable = true;
+  services.userborn.enable = true;
+
+  services.displayManager.autoLogin = {
+    enable = true;
+    user = "julien";
+  };
+
+  disko = import ./disko.nix;
+
+  services.xserver = {
+    enable = true;
+    displayManager = {
+      gdm.enable = true;
+    };
+    desktopManager.gnome.enable = true;
+    videoDrivers = [ "nvidia" ];
+  };
+
+  hardware.opengl.enable = true;
+  boot.extraModulePackages = [ config.boot.kernelPackages.nvidia_x11 ];
+
+  hardware.nvidia = {
+    modesetting.enable = true;
+    powerManagement.enable = false;
+    powerManagement.finegrained = false;
+    open = true;
+    nvidiaSettings = true;
+    package = config.boot.kernelPackages.nvidiaPackages.stable;
+  };
+
+  programs.xwayland.enable = true;
+  services.postgresql.enable = true;
+
+  programs.dconf.enable = true;
+  services.emacs = {
+    enable = true;
+    package = pkgs.emacs29-gtk3;
+  };
+
+  services.udev.packages = [ pkgs.nitrokey-udev-rules ];
+
+  security.polkit.enable = true;
+
+  nix = {
+    distributedBuilds = true;
+    buildMachines = [
+      {
+        hostName = "epyc.infra.newtype.fr";
+        maxJobs = 100;
+        systems = [ "x86_64-linux" ];
+        sshUser = "root";
+        supportedFeatures = [
+          "kvm"
+          "nixos-test"
+          "benchmark"
+          "big-parallel"
+        ];
+        sshKey = "/home/julien/.ssh/id_ed25519";
+        speedFactor = 2;
+      }
+    ];
+  };
+
+  networking.networkmanager.plugins = [ pkgs.networkmanager-openvpn ];
+  programs.ssh.startAgent = true;
+
+  environment.systemPackages = with pkgs; [
+    tailscale
+    brightnessctl
+    sbctl
+    ddcutil
+    xorg.xinit
+  ];
+
+  system.stateVersion = "24.11";
+}

machines/gallifrey/disko.nix

@@ -0,0 +1,90 @@
+{
+  devices = {
+    disk = {
+      main = {
+        type = "disk";
+        device = "/dev/disk/by-id/nvme-CT2000P3PSSD8_2316E6CBA6BA";
+        content = {
+          type = "gpt";
+          partitions = {
+            boot = {
+              size = "1M";
+              type = "EF02";
+            };
+            ESP = {
+              size = "10G";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+              };
+            };
+            swap = {
+              size = "16G";
+              content = {
+                type = "swap";
+                discardPolicy = "both";
+              };
+            };
+            luks = {
+              size = "100%";
+              content = {
+                type = "luks";
+                name = "crypted";
+                extraOpenArgs = [ ];
+                passwordFile = "/tmp/secret.key";
+                settings = {
+                  # if you want to use the key for interactive login be sure there is no trailing newline
+                  # for example use `echo -n "password" > /tmp/secret.key`
+                  allowDiscards = true;
+                };
+                content = {
+                  type = "lvm_pv";
+                  vg = "mainpool";
+                };
+              };
+            };
+          };
+        };
+      };
+    };
+    lvm_vg = {
+      mainpool = {
+        type = "lvm_vg";
+        lvs = {
+          root = {
+            size = "300G";
+            pool = "mainpool";
+            content = {
+              type = "filesystem";
+              format = "ext4";
+              mountpoint = "/";
+              mountOptions = [ "defaults" ];
+            };
+          };
+          persistent = {
+            size = "600G";
+            pool = "mainpool";
+            content = {
+              type = "filesystem";
+              format = "ext4";
+              mountpoint = "/persistent";
+              mountOptions = [ "defaults" ];
+            };
+          };
+
+          store = {
+            size = "900G";
+            pool = "mainpool";
+            content = {
+              type = "filesystem";
+              format = "ext4";
+              mountpoint = "/nix";
+            };
+          };
+        };
+      };
+    };
+  };
+}

machines/gallifrey/hardware.nix

@@ -0,0 +1,30 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ lib, modulesPath, ... }:
+
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "nvme"
+    "usb_storage"
+    "usbhid"
+  ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enP5p1s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
+}

machines/gallifrey/home-julien.nix

@@ -0,0 +1,88 @@
+{ pkgs, ... }:
+{
+
+  luj.hmgr.julien = {
+    home.stateVersion = "24.11";
+    luj.programs.neovim.enable = true;
+    luj.programs.ssh-client.enable = true;
+    luj.programs.git.enable = true;
+    luj.programs.kitty.enable = true;
+    luj.programs.emacs.enable = false;
+    luj.emails.enable = true;
+
+    programs.rofi = {
+      enable = true;
+      package = pkgs.rofi-wayland;
+      font = "Fira Font";
+      theme = "DarkBlue";
+    };
+
+    programs.direnv = {
+      enable = true;
+      enableZshIntegration = true;
+      nix-direnv.enable = true;
+    };
+
+    home.pointerCursor = {
+      gtk.enable = true;
+      name = "Adwaita";
+      package = pkgs.gnome.adwaita-icon-theme;
+      size = 15;
+      x11 = {
+        enable = true;
+        defaultCursor = "Adwaita";
+      };
+    };
+
+    programs.obs-studio = {
+      enable = true;
+      plugins = with pkgs; [ obs-studio-plugins.obs-vkcapture ];
+    };
+
+    home.packages = with pkgs; [
+      du-dust
+      kitty
+      jq
+      lazygit
+      fira-code
+      feh
+      meld
+      vlc
+      nerdfonts
+      jetbrains-mono
+      cantarell-fonts
+      unstable.nixd
+      libreoffice
+      signal-desktop
+      font-awesome
+      nodejs
+      htop
+      evince
+      mosh
+      flameshot
+      kitty
+      networkmanagerapplet
+      element-desktop
+      xdg-utils
+      step-cli
+      scli
+      jftui
+      texlive.combined.scheme-full
+      unstable.inochi-creator
+      chromium
+      gh
+      ouch
+    ];
+
+    fonts.fontconfig.enable = true;
+
+    programs.firefox = {
+      enable = true;
+      package = pkgs.firefox;
+    };
+
+    home.keyboard = {
+      layout = "fr";
+    };
+  };
+}