initial commit after reorganisation

nixos/laptop/configuration.nix

@@ -0,0 +1,183 @@
+{
+  config,
+  lib,
+  pkgs,
+  mypkgs,
+  ...
+}: {
+  imports = [./hardware-configuration.nix];
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+  boot.initrd.luks.devices = {
+    cryptlvm = {
+      device = "/dev/disk/by-uuid/1b3b8818-6085-4dd3-ab5e-c97cc49d2773";
+      allowDiscards = true;
+      preLVM = true;
+    };
+  };
+  boot.kernelPackages = pkgs.linuxPackages_6_5;
+
+  i18n.defaultLocale = "en_US.UTF-8";
+  time.timeZone = "Europe/Berlin";
+
+  hardware = {
+    bluetooth.enable = true;
+
+    opengl = {
+      enable = true;
+      driSupport = true;
+      driSupport32Bit = true;
+    };
+
+    printers = {
+      ensureDefaultPrinter = "Kyocera_FS-1370DN";
+
+      ensurePrinters = [
+        {
+          name = "Kyocera_FS-1370DN";
+          location = "HWLAB_DC3";
+          deviceUri = "socket://10.3.32.10";
+          model = "Kyocera/Kyocera_FS-1370DN.ppd";
+        }
+      ];
+    };
+  };
+
+  networking = {
+    useDHCP = false;
+    networkmanager = {
+      enable = true;
+      plugins = with pkgs; [
+        networkmanager-openvpn
+      ];
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    vim
+    wget
+  ];
+
+  networking.firewall.enable = false;
+
+  services = {
+    blueman.enable = true;
+    fprintd.enable = true;
+    illum.enable = true;
+    tlp.enable = true;
+
+    printing = {
+      enable = true;
+      drivers = [
+        mypkgs.cups-kyocera-fs1370dn
+      ];
+    };
+
+    openssh = {
+      enable = true;
+      ports = [222];
+      openFirewall = true;
+      settings = {
+        PasswordAuthentication = false;
+        PermitRootLogin = "prohibit-password";
+        KbdInteractiveAuthentication = false;
+      };
+      hostKeys = [
+        {
+          path = "/etc/ssh/ssh_host_ed25519_key";
+          type = "ed25519";
+        }
+      ];
+    };
+
+    logind = {
+      lidSwitch = "suspend";
+      lidSwitchDocked = "ignore";
+      lidSwitchExternalPower = "ignore";
+      extraConfig = ''
+        HoldoffTimeoutSec=300s
+      '';
+    };
+
+    pipewire = {
+      enable = true;
+      alsa.enable = true;
+      alsa.support32Bit = true;
+      pulse.enable = true;
+    };
+
+    xserver = {
+      enable = true;
+      libinput.enable = true;
+
+      windowManager.awesome = {
+        enable = true;
+        package = pkgs.callPackage ../../overrides/awesome.nix {};
+      };
+
+      displayManager = {
+        sddm.enable = true;
+        defaultSession = "none+awesome";
+      };
+    };
+
+    clamav = {
+      daemon.enable = true;
+      updater.enable = true;
+    };
+  };
+
+  security.sudo.configFile = ''
+    Defaults lecture=always
+    Defaults lecture_file=${../../misc/sudo_lecture}
+  '';
+
+  fonts.packages = with pkgs; [
+    font-awesome
+    (nerdfonts.override {fonts = ["FiraMono"];})
+    mypkgs.comic-mono
+  ];
+
+  programs.fish.enable = true;
+
+  users.users.patrick = {
+    isNormalUser = true;
+    extraGroups = ["networkmanager" "wheel"];
+    shell = pkgs.nushellFull;
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP8zNAXScQ4FoWNxF4+ALJXMSi3EbpqZP5pO9kfg9t8o patrick"
+    ];
+  };
+
+  virtualisation.podman.enable = true;
+
+  # nix = {
+  #   gc = {
+  #     automatic = true;
+  #     dates = "weekly";
+  #     options = "--delete-older-than 7d";
+  #   };
+
+  #   package = pkgs.nixVersions.stable;
+  #   # registry.nixpkgs.flake = inputs.nixpkgs;
+
+  #   settings = {
+  #     auto-optimise-store = true;
+
+  #     experimental-features = ["nix-command" "flakes"];
+
+  #     # Avoid unwanted garbage collection when using nix-direnv
+  #     keep-outputs = true;
+  #     keep-derivations = true;
+  #   };
+  # };
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "22.11"; # Did you read the comment?
+}

nixos/laptop/hardware-configuration.nix

@@ -0,0 +1,46 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}: {
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "rtsx_pci_sdmmc"];
+  boot.initrd.kernelModules = ["dm-snapshot"];
+  boot.kernelModules = ["kvm-amd"];
+  boot.extraModulePackages = [];
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/a43c3c5f-5d24-485a-a6a0-ae5c9f984e72";
+    fsType = "ext4";
+  };
+
+  fileSystems."/home" = {
+    device = "/dev/disk/by-uuid/9ea5cd0a-2b78-4bf1-a8b2-e00cf495271a";
+    fsType = "ext4";
+  };
+
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/A060-5378";
+    fsType = "vfat";
+  };
+
+  swapDevices = [];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}