NixOs config for catboy-cafe

flake.nix

@@ -55,6 +55,10 @@
       mkDarwin = {system, pkgs}: import ./darwin.nix {
         inherit system pkgs;
       };
+
+      mkNixOsBase = opts: import ./nixos/base.nix opts;
+      mkNixOsGraphical = opts: import ./nixos/graphical.nix opts;
+      mkNixOsNetworking = opts: import ./nixos/networking.nix opts;
     in {
       homeConfigurations."xenia@Joe-Bidens-MacBook-Pro.local" =
         let
@@ -104,5 +108,33 @@
         in nix-darwin.lib.darwinSystem {
           modules = [ darwin ];
         };
+
+      nixosConfigurations."catboy-cafe" =
+        let
+          system = "x86_64-linux";
+          pkgs = mkPkgs system;
+          base = mkNixOsBase {
+            inherit system pkgs;
+            hostname = "catboy-cafe";
+            use-efi = true;
+          };
+          graphical = mkNixOsGraphical {
+            inherit pkgs;
+            background = "pan-wire-3.png";
+          };
+          networking = mkNixOsNetworking {
+            eth-interface = "enp0s31f6";
+            static-ip = "192.168.0.199";
+          };
+        in
+          nixpkgs.lib.nixosSystem {
+            inherit system;
+            modules = [
+              ./nixos/hardware/catboy-cafe.nix
+              base
+              graphical
+              networking
+            ];
+          };
     };
 }

nixos/base.nix

@@ -0,0 +1,68 @@
+{
+  system, pkgs, hostname,
+  use-efi ? false, efi-mountpoint ? "/boot",
+  use-grub ? false, grub-device ? "/dev/sda",
+}:
+{
+  nixpkgs.config.allowUnfree = true; # lol
+
+  networking.hostName = hostname;
+
+  boot.loader = if use-efi
+    then {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+      efi.efiSysMountPoint = efi-mountpoint;
+    } else if use-grub then {
+      grub.enable = true;
+      grub.devce = grub-device;
+    } else throw "Please use either use-efi or use-grub = true";
+
+  networking.networkmanager.enable = true;
+
+  time.timeZone = "Europe/Stockholm";
+
+  services.logind.lidSwitch = "ignore";
+  services.logind.lidSwitchDocked = "ignore";
+
+  services.openssh = {
+    enable = true;
+    ports = [ 24 ]; # TODO: Set up honeypot on port 22
+    settings = {
+      PasswordAuthentication = false;
+      PermitRootLogin = "no";
+    };
+  };
+
+  programs.mosh.enable = true;
+
+  # TODO: Options for more users
+  users.users.coral = { # hi # hi
+    isNormalUser = true;
+    extraGroups = [ "wheel" "docker" ];
+    shell = pkgs.zsh;
+  };
+
+  environment.systemPackages = with pkgs; [
+    binutils
+    coreutils
+
+    home-manager
+  ];
+
+  programs.zsh.enable = true;
+  programs.java = { enable = true; package = pkgs.jdk11; };
+
+  virtualisation.docker.enable = true;
+
+  networking.resolvconf.enable = true;
+  networking.nameservers = [ "8.8.8.8" ];
+  networking.resolvconf.dnsExtensionMechanism = false; # edns seems to be fucky with this enabled
+
+  nix.settings = {
+    experimental-features = [ "nix-command" "flakes" ];
+    auto-optimise-store = true;
+  };
+
+  system.stateVersion = "22.11"; # Did you read the comment?
+}

nixos/boot-efi.nix

@@ -0,0 +1,3 @@
+{mountpoint ? "/boot"}:
+{
+}

nixos/graphical.nix

@@ -0,0 +1,35 @@
+{
+  pkgs,
+  background-image ? "pan-wire-3.png",
+  ...
+}:
+{
+  # Enable the X11 windowing system.
+  services.xserver.enable = true;
+  services.xserver.desktopManager.xfce.enable = true;
+  services.xserver.displayManager = {
+    defaultSession = "xfce";
+    lightdm = {
+      background = ../backgrounds + ("/" + background-image); # only a spoonfull
+      greeters.slick.enable = true;
+    };
+  };
+
+  # Enable sound.
+  sound.enable = true;
+  hardware.pulseaudio.enable = true;
+
+  hardware.bluetooth.enable = true;
+
+  users.users.xenia = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" "docker" ];
+    shell = pkgs.zsh;
+  };
+
+  environment.systemPackages = with pkgs; [
+    stilo-themes
+
+    firefox
+  ];
+}

nixos/hardware/catboy-cafe.nix

@@ -0,0 +1,41 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/43808dbd-13db-4e85-8bd0-4040ab62136b";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/8160-A5C9";
+      fsType = "vfat";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/58dcf93c-f07f-406f-92ef-db792a8a0baf"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

nixos/networking.nix

@@ -0,0 +1,14 @@
+{
+  eth-interface ? "eth0",
+  static-ip ? false, # false, or IPv4 address
+}:
+{
+  networking = if static-ip != false then {
+    useDHCP = false;
+    interfaces.${eth-interface}.ipv4.addresses = [ {
+      address = static-ip;
+      prefixLength = 24;
+    } ];
+  } else {
+  };
+}