feature/muffinman_implementation (#2)

Co-authored-by: MFlossmann <michael.flossmann@posteo.net>
Reviewed-on: http://192.168.178.49:3000/prunebutt/nixConfig/pulls/2

flake.nix

@@ -46,6 +46,7 @@
 
     nixosConfigurations = {
       remus = helperLib.mkSystem ./hosts/remus/configuration.nix;
+      muffinman = helperLib.mkSystem ./hosts/muffinman/configuration.nix;
     };
 
     homeConfigurations = {

hosts/muffinman/configuration.nix

@@ -0,0 +1,134 @@
+{ 
+  config, 
+  pkgs,
+  outputs,
+  ... 
+}: 
+let
+  hostName = "muffinman";
+  static_ip = "192.168.178.2";
+  gateway = "192.168.178.1";
+in
+{
+  imports = [
+    ./hardware-configuration.nix
+    outputs.nixosModules.default
+  ];
+
+  # Bootloader.
+  boot = {
+    loader.grub = {
+      enable = true;
+      device = "nodev";
+      efiSupport = true;
+    };
+    # systemd-boot.enable = true;
+    loader.efi.canTouchEfiVariables = true;
+
+    kernelParams = [ "ip=${static_ip}::${gateway}:255.255.255.0:${hostName}:" ];
+    initrd = {
+      availableKernelModules = [ "igb" ];
+      # systemd.users.root.shell = "/bin/conspy";
+      network = {
+        enable = true;
+        ssh = {
+          enable = true;
+          port = 2222;
+          authorizedKeys = [ 
+            "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJlwh35h9AfYwTJ94V4UNo08o/Nt0qXrg8axNWsw0JlF prunebutt@remus"
+            "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHxf7B+zlQWPqKZ0LSHHCKUSWORIvbCOd0vwbsYinXcD prunebutt@LittleUmbrella"
+          ];
+          hostKeys = [ "/etc/secrets/initrd/ssh_host_rsa_key" ];
+          extraConfig = ''ForceCommand cryptsetup-askpass'';
+        };
+      };
+    };
+  };
+
+  networking = {
+    hostName = hostName;
+    networkmanager.enable = true;
+
+    interfaces = {
+      eno2.ipv4.addresses = [
+      {
+        address = static_ip;
+        prefixLength = 24;
+      }
+      ];
+    };
+    defaultGateway = gateway;
+    nameservers = [
+      gateway
+      "9.9.9.9"
+    ];
+  };
+
+  services.xserver.enable = false;
+
+  console = {
+    font = "ter-powerline-v16b";
+    packages = [
+      pkgs.terminus_font
+      pkgs.powerline-fonts
+    ];
+  };
+
+  myNixOS = {
+    services.syncthing = {
+      enable = true;
+      remoteGui = true;
+    };
+
+    home-users = {
+      "prunebutt" = {
+        userConfig = ./home.nix;
+        userSettings = {
+          extraGroups = ["networkmanager" "wheel" "libvirtd" "docker"];
+        };
+      };
+    };
+  };
+
+
+  # Allow unfree packages
+  nixpkgs.config.allowUnfree = true;
+
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
+  environment.systemPackages = with pkgs; [
+   vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
+   wget
+   git
+
+   mdadm
+  ];
+
+  # Some programs need SUID wrappers, can be configured further or are
+  # started in user sessions.
+  # programs.mtr.enable = true;
+  # programs.gnupg.agent = {
+  #   enable = true;
+  #   enableSSHSupport = true;
+  # };
+
+  # List services that you want to enable:
+
+  # Enable the OpenSSH daemon.
+  services.openssh.enable = true;
+
+  # Open ports in the firewall.
+  # networking.firewall.allowedTCPPorts = [ ... ];
+  # networking.firewall.allowedUDPPorts = [ ... ];
+  # Or disable the firewall altogether.
+  # networking.firewall.enable = false;
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "24.05"; # Did you read the comment?
+
+}

hosts/muffinman/hardware-configuration.nix

@@ -0,0 +1,41 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/8163a747-43d8-41e1-8514-69c42d37a165";
+      fsType = "ext4";
+    };
+
+  boot.initrd.luks.devices."luks-7c776e51-99b0-402e-9254-c5310b5bfa17".device = "/dev/disk/by-uuid/7c776e51-99b0-402e-9254-c5310b5bfa17";
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/E43C-FE83";
+      fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" ];
+    };
+
+  swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno2.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

hosts/muffinman/home.nix

@@ -0,0 +1,50 @@
+{
+  config,
+  pkgs,
+  inputs,
+  ...
+}: {
+  # home.username = "prunebutt";
+  # home.homeDirectory = "/home/prunebutt";
+  home = let
+    user = "prunebutt";
+  in {
+    username = "${user}";
+    homeDirectory = "/home/${user}";
+    # You should not change this value, even if you update Home Manager. If you do
+    # want to update the value, then make sure to first check the Home Manager
+    # release notes.
+    stateVersion = "24.11"; # Please read the comment before changing.
+
+    # The home.packages option allows you to install Nix packages into your
+    # environment.
+    packages = [
+      # # It is sometimes useful to fine-tune packages, for example, by applying
+      # # overrides. You can do that directly here, just don't forget the
+      # # parentheses. Maybe you want to install Nerd Fonts with a limited number of
+      # # fonts?
+      # (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; })
+
+      # # You can also create simple shell scripts directly inside your
+      # # configuration. For example, this adds a command 'my-hello' to your
+      # # environment:
+      # (pkgs.writeShellScriptBin "my-hello" ''
+      #   echo "Hello, ${config.home.username}!"
+      # '')
+
+      ## GNOME
+
+      inputs.nixvim-config.packages.${pkgs.system}.default 
+    ];
+  };
+
+  # myHomeManager = {
+  #   bundles = {
+  #   };
+  # };
+
+  programs.zsh.enable = true;
+
+  # Let Home Manager install and manage itself.
+  # programs.home-manager.enable = true;
+}

hosts/remus/configuration.nix

@@ -2,10 +2,7 @@
   config,
   pkgs,
   lib,
-  inputs,
   outputs,
-  system,
-  helperLib,
   ...
 }: {
   imports = [

modules/home/bundles/core.nix

@@ -19,6 +19,8 @@
     nil
     nh
 
+    tldr
+
     git
     lazygit
 

modules/nixOS/services/syncthing/default.nix

@@ -11,7 +11,7 @@
   secretsSet = builtins.fromJSON (builtins.readFile ./${secretsFile});
   devices = builtins.attrNames secretsSet.syncthing.devices;
 in {
-  options = {
+  options.myNixOS.services.syncthing = {
     rootDir = lib.mkOption {
       type = lib.types.path;
       default = "/home/${cfg.myNixOS.sharedSettings.mainUser}/sync";
@@ -34,6 +34,7 @@ in {
         "pixelRoot" = {id = "PO7U5SE-DYKTOM2-TFDS3BM-A25VK7V-MQ3VPFM-EFX3J4D-B3UDCX4-3XQAIAC";};
         "pixelDefault" = {id = "HC3CKC7-OUZBLU3-JIKTRYG-DPJE6EC-7POCWNS-6VNOPDU-L7OWYWO-PL332AY";};
         "pixelGooglor" = {id = "OWDM4I2-O6STMIS-H3EXF65-FSM26K3-5FLQXRN-VOK7JGC-T6H76IR-QAVO3QK";};
+        "remus" = {id = "XATHQZF-XO27XG2-65BT5EO-PZQWGMG-BDOYXID-AI5YPDU-ZACUPB4-UTXLPA3";};
       };
 
       folders = {