Initial commit of flake-based NixOS config for the whole haus

hosts/puter/cronjobs.nix

@@ -0,0 +1,26 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  systemd.timers."kondo" = {
+    wantedBy = ["timers.target"];
+    timerConfig = {
+      #OnBootSec = "5m";
+      #OnUnitActiveSec = "5m";
+      Unit = "kondo.service";
+      OnCalendar = "weekly";
+      Persistent = true;
+    };
+  };
+
+  systemd.services."kondo" = {
+    script = ''
+      kondo --all --ignored-dirs dev/current
+    '';
+    serviceConfig = {
+      Type = "oneshot";
+      User = "root";
+    };
+  };
+}

hosts/puter/de/default.nix

@@ -0,0 +1,30 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  imports = [./gnome.nix ./sway.nix];
+
+  services.xserver = {
+    enable = true;
+    displayManager.gdm.enable = true;
+    layout = "us";
+    xkbVariant = "";
+  };
+
+  # Enable sound with pipewire.
+  hardware.pulseaudio.enable = false;
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+    # If you want to use JACK applications, uncomment this
+    #jack.enable = true;
+
+    # use the example session manager (no others are packaged yet so this is en>
+    # no need to redefine it in your config for now)
+    #media-session.enable = true;
+  };
+}

hosts/puter/de/gnome.nix

@@ -0,0 +1,35 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  services.xserver.desktopManager.gnome.enable = true;
+  programs.kdeconnect.enable = true;
+
+  environment.systemPackages = with pkgs; [
+    gnome-tweaks
+    # GNOME-specific packages
+    bustle
+    collision
+    commit
+    dialect
+    fretboard
+    #gaphor
+    hieroglyphic
+    junction
+    keypunch
+    letterpress
+    gnome-obfuscate
+    shortwave
+    solanum
+    wike
+    commit
+    wl-clipboard
+    gnomeExtensions.gsconnect
+    gnomeExtensions.astra-monitor
+    lm_sensors
+    iotop
+    gtop
+    wirelesstools
+  ];
+}

hosts/puter/de/sway.nix

@@ -0,0 +1,17 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  programs.sway = {
+    enable = true;
+    wrapperFeatures.gtk = true;
+  };
+
+  environment.systemPackages = with pkgs; [
+    mako # Notification daemon for Sway
+    playerctl
+    # Other Sway-specific packages
+  ];
+  programs.light.enable = true; # For brightness control
+}

hosts/puter/default.nix

@@ -0,0 +1,21 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  imports = [
+    ./hardware-configuration.nix
+    ./cronjobs.nix
+    ./syncthing.nix
+    ./packages.nix
+    ./de/default.nix
+    ../../modules/common/nix.nix
+    ../../modules/common/networking.nix
+    ../../modules/common/shell.nix
+    ../../modules/common/utils.nix
+    ../../modules/common/security.nix
+  ];
+  networking.hostName = "puter";
+  # This will be overridden by system/default.nix
+  system.stateVersion = "24.05";
+}

hosts/puter/hardware-configuration.nix

@@ -0,0 +1,87 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}: {
+  imports = [(modulesPath + "/installer/scan/not-detected.nix")];
+
+  boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
+  boot.initrd.kernelModules = [];
+  boot.kernelModules = ["kvm-intel" "wl"];
+  boot.extraModulePackages = [config.boot.kernelPackages.broadcom_sta];
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/19a0aa4c-8d49-4545-9ed6-cd4a952f9353";
+    fsType = "ext4";
+  };
+
+  boot.initrd.luks.devices."luks-08992355-1404-44dc-9bb4-fd32f1d0b62d".device = "/dev/disk/by-uuid/08992355-1404-44dc-9bb4-fd32f1d0b62d";
+
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/F54E-7011";
+    fsType = "vfat";
+    options = ["fmask=0022" "dmask=0022"];
+  };
+
+  swapDevices = [{device = "/dev/disk/by-uuid/c9b7b195-d072-4574-8e39-a5e4f90ca84d";}];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.ens9.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode =
+    lib.mkDefault config.hardware.enableRedistributableFirmware;
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+  boot.initrd.luks.devices."luks-d27fc6c5-7edd-4c18-ab70-3ca02a28abcc".device = "/dev/disk/by-uuid/d27fc6c5-7edd-4c18-ab70-3ca02a28abcc";
+
+  nixpkgs.config.packageOverrides = pkgs: {
+    intel-vaapi-driver =
+      pkgs.intel-vaapi-driver.override {enableHybridCodec = true;};
+  };
+
+  hardware.opengl = {
+    enable = true;
+    extraPackages = with pkgs; [
+      intel-media-driver
+      intel-vaapi-driver
+      libvdpau-va-gl
+    ];
+  };
+
+  environment.sessionVariables = {LIBVA_DRIVER_NAME = "iHD";};
+
+  hardware.facetimehd = {
+    enable = true;
+    withCalibration = true;
+  };
+
+  services.logind = {
+    #  lidSwitch = "ignore";
+    #  lidSwitchDocked = "ignore";
+    #  lidSwitchExternalPower = "ignore";
+    extraConfig = ''
+      HandlePowerKey=ignore
+      HandleSuspendKey=ignore
+    '';
+    # This goes in the extraConfig section  IdleAction=ignore
+  };
+  environment.systemPackages = with pkgs; [
+    mbpfan
+    thermald
+  ];
+
+  boot.kernelModules = ["wl"];
+  boot.blacklistedKernelModules = ["b43" "ssb" "brcmfmac" "brcmsmac" "bcma"];
+  boot.extraModulePackages = [config.boot.kernelPackages.broadcom_sta];
+}

hosts/puter/packages.nix

@@ -0,0 +1,61 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  users.users.user = {
+    isNormalUser = true;
+    description = "user";
+    extraGroups = ["networkmanager" "wheel" "video" "libvirtd"];
+    nixpkgs.config = {chromium = {enableWideVine = true;};};
+    packages = with pkgs; [
+      # stuff needed by neovim
+      fzf
+      lazygit
+      tree-sitter
+      neovim
+      mcfly
+      luajitPackages.luarocks-nix
+
+      # Dev stuff, most of it might be replaced by devenvs later on
+      ghostty
+      tealdeer
+      vscodium
+      gcc
+      python
+      alejandra
+      starship
+      devenv
+      nodejs
+      mermaid-cli
+      rustup
+      delta
+      just
+      kondo
+
+      # Productivity apps
+      obsidian
+      onlyoffice-desktopeditors
+      keepassxc
+      evolution
+      signal-desktop
+      anki-bin
+      pomodoro-gtk
+      ticker
+      newsboat
+
+      # web browsers
+      ungoogled-chromium
+      tor-browser-bundle-bin
+      transmission_4-gtk
+
+      # multimedia
+      vlc
+      mpv
+      yt-dlp
+      freetube
+    ];
+  };
+  #ciscoPacketTracer8
+  #parallel-disk-usage
+}

hosts/puter/syncthing.nix

@@ -0,0 +1,33 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  services.syncthing = {
+    enable = true;
+    openDefaultPorts = true;
+    dataDir = "/home/user/Documents/syncthing/";
+    configDir = "/home/user/.config/syncthing";
+    user = "user";
+    # Optional: GUI credentials (can be set in the browser instead if you don't want plaintext credentials in your configuration.nix file)
+    # or the password hash can be generated with "syncthing generate --config <path> --gui-password=<password>"
+    settings.gui = {
+      user = "user";
+      password = "user";
+    };
+    settings = {
+      devices = {
+        "phone" = {
+          id = "N3RII7R-4YOKJ46-HY6NSTD-TPE7SW4-N66CWVQ-J2JVW7E-NARRMBF-JG27YQ7";
+        };
+      };
+      folders = {
+        "brain_zero" = {
+          # Name of folder in Syncthing, also the folder ID
+          path = "/home/user/brain_zero/"; # Which folder to add to Syncthing
+          devices = ["phone"]; # Which devices to share the folder with
+        };
+      };
+    };
+  };
+}