move stuff

2025-08-26 17:20:27 -05:00
parent f66c0726b0
commit d15762b199
68 changed files with 24 additions and 25 deletions
--- a/systems/x86_64-linux/jallen-nas/default.nix
+++ b/systems/x86_64-linux/jallen-nas/default.nix
@@ -0,0 +1,121 @@
+# Edit this configuration file to define what should be installed on
+# your system. Help is available in the configuration.nix(5) man page, on
+# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
+
+{
+  pkgs,
+  namespace,
+  ...
+}:
+{
+  imports = [
+    # Include the results of the hardware scan.
+    ./hardware-configuration.nix
+    ./filesystems.nix
+    ./boot.nix
+    ./apps.nix
+    ./grafana.nix
+    ./networking.nix # - moved to modules/nixos/network
+    ./ups.nix
+    ./users.nix
+    ./samba.nix
+    ./services.nix
+    ./sops.nix
+  ];
+
+  services.kmscon.enable = true;
+
+  powerManagement.cpuFreqGovernor = "powersave";
+
+  ${namespace} = {
+    bootloader.lanzaboote.enable = true;
+    impermanence.enable = true;
+    desktop.cosmic.enable = false;
+    development = {
+      enable = true;
+      includeLanguages = [
+        "python"
+        "c"
+      ];
+      includeContainers = true;
+    };
+    monitoring.enable = true;
+    hardware.nvidia = {
+      enable = true;
+      enableBeta = true;
+      enableOpen = true;
+      nvidiaSettings = true;
+      enableNvidiaDocker = true;
+    };
+    network = {
+      ipv4 = {
+        address = "10.0.1.3/24";
+        method = "manual";
+        gateway = "10.0.1.1";
+        interface = "wlp6s0";
+      };
+      useNetworkd = true;
+      hostId = "4b501480";
+      nat = {
+        enable = true;
+        internalInterfaces = [ "ve-+" ];
+        externalInterface = "wlp6s0";
+        enableIPv6 = true;
+      };
+      firewall = {
+        enable = true;
+        allowPing = true;
+        trustedInterfaces = [ "tailscale0" ];
+      };
+    };
+    user = {
+      name = "admin";
+      linger = true;
+    };
+  };
+
+  security.tpm2 = {
+    enable = true;
+  };
+
+  # Configure environment
+  environment = {
+    systemPackages = with pkgs; [
+      attic-client
+      bcachefs-tools
+      cryptsetup
+      clevis
+      deconz
+      duperemove
+      efibootmgr
+      ffmpeg
+      ipset
+      llama-cpp
+      networkmanagerapplet
+      nut
+      packagekit
+      pass
+      protonmail-bridge
+      protonvpn-cli
+      python3Packages.llama-cpp-python
+      qrencode
+      rcon
+      sbctl
+      tigervnc
+      tpm2-tools
+      tpm2-tss
+    ];
+  };
+
+  # Configure programs
+  programs = {
+    virt-manager.enable = true;
+    coolercontrol = {
+      enable = true;
+      nvidiaSupport = true;
+    };
+  };
+
+  # Additional virtualization beyond what's in development module
+  virtualisation.libvirtd.enable = true;
+}