diff --git a/machines/gallifrey/default.nix b/machines/gallifrey/default.nix
new file mode 100644
index 0000000..305af32
--- /dev/null
+++ b/machines/gallifrey/default.nix
@@ -0,0 +1,103 @@
+{
+ config,
+ pkgs,
+ inputs,
+ ...
+}:
+
+{
+ imports = [
+ ./hardware.nix
+ ./home-julien.nix
+ ];
+
+ machine.meta = {
+ arch = "x86_64-linux";
+ nixpkgs_version = inputs.unstable;
+ hm_version = inputs.home-manager-unstable;
+ };
+
+ networking.hostName = "gallifrey";
+ boot.loader.systemd-boot.enable = true;
+ boot.loader.efi.canTouchEfiVariables = true;
+
+ networking.networkmanager.enable = true;
+
+ networking.networkmanager.dns = "systemd-resolved";
+ services.resolved.enable = true;
+ services.userborn.enable = true;
+
+ services.displayManager.autoLogin = {
+ enable = true;
+ user = "julien";
+ };
+
+ disko = import ./disko.nix;
+
+ services.xserver = {
+ enable = true;
+ displayManager = {
+ gdm.enable = true;
+ };
+ desktopManager.gnome.enable = true;
+ videoDrivers = [ "nvidia" ];
+ };
+
+ hardware.opengl.enable = true;
+ boot.extraModulePackages = [ config.boot.kernelPackages.nvidia_x11 ];
+
+ hardware.nvidia = {
+ modesetting.enable = true;
+ powerManagement.enable = false;
+ powerManagement.finegrained = false;
+ open = true;
+ nvidiaSettings = true;
+ package = config.boot.kernelPackages.nvidiaPackages.stable;
+ };
+
+ programs.xwayland.enable = true;
+ services.postgresql.enable = true;
+
+ programs.dconf.enable = true;
+ services.emacs = {
+ enable = true;
+ package = pkgs.emacs29-gtk3;
+ };
+
+ services.udev.packages = [ pkgs.nitrokey-udev-rules ];
+
+ security.polkit.enable = true;
+
+ nix = {
+ distributedBuilds = true;
+ buildMachines = [
+ {
+ hostName = "epyc.infra.newtype.fr";
+ maxJobs = 100;
+ systems = [ "x86_64-linux" ];
+ sshUser = "root";
+ supportedFeatures = [
+ "kvm"
+ "nixos-test"
+ "benchmark"
+ "big-parallel"
+ ];
+ sshKey = "/home/julien/.ssh/id_ed25519";
+ speedFactor = 2;
+ }
+ ];
+ };
+
+ networking.networkmanager.plugins = [ pkgs.networkmanager-openvpn ];
+ programs.ssh.startAgent = true;
+
+ environment.systemPackages = with pkgs; [
+ tailscale
+ brightnessctl
+ sbctl
+ ddcutil
+ xorg.xinit
+ ];
+
+ system.stateVersion = "24.11";
+}
diff --git a/machines/gallifrey/disko.nix b/machines/gallifrey/disko.nix
new file mode 100644
index 0000000..2ebf2b7
--- /dev/null
+++ b/machines/gallifrey/disko.nix
@@ -0,0 +1,90 @@
+{
+ devices = {
+ disk = {
+ main = {
+ type = "disk";
+ device = "/dev/disk/by-id/nvme-CT2000P3PSSD8_2316E6CBA6BA";
+ content = {
+ type = "gpt";
+ partitions = {
+ boot = {
+ size = "1M";
+ type = "EF02";
+ };
+ ESP = {
+ size = "10G";
+ type = "EF00";
+ content = {
+ type = "filesystem";
+ format = "vfat";
+ mountpoint = "/boot";
+ };
+ };
+ swap = {
+ size = "16G";
+ content = {
+ type = "swap";
+ discardPolicy = "both";
+ };
+ };
+ luks = {
+ size = "100%";
+ content = {
+ type = "luks";
+ name = "crypted";
+ extraOpenArgs = [ ];
+ passwordFile = "/tmp/secret.key";
+ settings = {
+ # if you want to use the key for interactive login be sure there is no trailing newline
+ # for example use `echo -n "password" > /tmp/secret.key`
+ allowDiscards = true;
+ };
+ content = {
+ type = "lvm_pv";
+ vg = "mainpool";
+ };
+ };
+ };
+ };
+ };
+ };
+ };
+ lvm_vg = {
+ mainpool = {
+ type = "lvm_vg";
+ lvs = {
+ root = {
+ size = "300G";
+ pool = "mainpool";
+ content = {
+ type = "filesystem";
+ format = "ext4";
+ mountpoint = "/";
+ mountOptions = [ "defaults" ];
+ };
+ };
+ persistent = {
+ size = "600G";
+ pool = "mainpool";
+ content = {
+ type = "filesystem";
+ format = "ext4";
+ mountpoint = "/persistent";
+ mountOptions = [ "defaults" ];
+ };
+ };
+
+ store = {
+ size = "900G";
+ pool = "mainpool";
+ content = {
+ type = "filesystem";
+ format = "ext4";
+ mountpoint = "/nix";
+ };
+ };
+ };
+ };
+ };
+ };
+}
diff --git a/machines/gallifrey/hardware.nix b/machines/gallifrey/hardware.nix
new file mode 100644
index 0000000..6ac15d7
--- /dev/null
+++ b/machines/gallifrey/hardware.nix
@@ -0,0 +1,30 @@
+# Do not modify this file! It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations. Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ lib, modulesPath, ... }:
+
+{
+ imports = [
+ (modulesPath + "/installer/scan/not-detected.nix")
+ ];
+
+ boot.initrd.availableKernelModules = [
+ "xhci_pci"
+ "nvme"
+ "usb_storage"
+ "usbhid"
+ ];
+ boot.initrd.kernelModules = [ ];
+ boot.kernelModules = [ ];
+ boot.extraModulePackages = [ ];
+
+ # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+ # (the default) this is the recommended approach. When using systemd-networkd it's
+ # still possible to use this option, but it's recommended to use it in conjunction
+ # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+ networking.useDHCP = lib.mkDefault true;
+ # networking.interfaces.enP5p1s0.useDHCP = lib.mkDefault true;
+
+ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+ powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
+}
diff --git a/machines/gallifrey/home-julien.nix b/machines/gallifrey/home-julien.nix
new file mode 100644
index 0000000..8a21341
--- /dev/null
+++ b/machines/gallifrey/home-julien.nix
@@ -0,0 +1,88 @@
+{ pkgs, ... }:
+{
+
+ luj.hmgr.julien = {
+ home.stateVersion = "24.11";
+ luj.programs.neovim.enable = true;
+ luj.programs.ssh-client.enable = true;
+ luj.programs.git.enable = true;
+ luj.programs.kitty.enable = true;
+ luj.programs.emacs.enable = false;
+ luj.emails.enable = true;
+
+ programs.rofi = {
+ enable = true;
+ package = pkgs.rofi-wayland;
+ font = "Fira Font";
+ theme = "DarkBlue";
+ };
+
+ programs.direnv = {
+ enable = true;
+ enableZshIntegration = true;
+ nix-direnv.enable = true;
+ };
+
+ home.pointerCursor = {
+ gtk.enable = true;
+ name = "Adwaita";
+ package = pkgs.gnome.adwaita-icon-theme;
+ size = 15;
+ x11 = {
+ enable = true;
+ defaultCursor = "Adwaita";
+ };
+ };
+
+ programs.obs-studio = {
+ enable = true;
+ plugins = with pkgs; [ obs-studio-plugins.obs-vkcapture ];
+ };
+
+ home.packages = with pkgs; [
+ du-dust
+ kitty
+ jq
+ lazygit
+ fira-code
+ feh
+ meld
+ vlc
+ nerdfonts
+ jetbrains-mono
+ cantarell-fonts
+ unstable.nixd
+ libreoffice
+ signal-desktop
+ font-awesome
+ nodejs
+ htop
+ evince
+ mosh
+ flameshot
+ kitty
+ networkmanagerapplet
+ element-desktop
+ xdg-utils
+ step-cli
+ scli
+ jftui
+ texlive.combined.scheme-full
+ unstable.inochi-creator
+ chromium
+ gh
+ ouch
+ ];
+
+ fonts.fontconfig.enable = true;
+
+ programs.firefox = {
+ enable = true;
+ package = pkgs.firefox;
+ };
+
+ home.keyboard = {
+ layout = "fr";
+ };
+ };
+}