idk

flake.nix

@@ -405,6 +405,65 @@
             desktop-nixos-hardware.nixosModules.common-pc
           ];
         };
+        
+        # Desktop
+        "matt-netboot" = desktop-nixpkgs.lib.nixosSystem {
+          system = "x86_64-linux";
+          specialArgs = {
+            inherit inputs outputs;
+          };
+          modules = [
+            ./base/base-nogui
+            ./base/base-gui
+            ./hosts/desktop/netboot.nix
+            ./modules/desktop-environments/gnome
+
+            # Chaotic Nyx
+            desktop-chaotic.nixosModules.default
+
+            desktop-sops-nix.nixosModules.sops
+
+            # Home Manager
+            desktop-home-manager.nixosModules.home-manager
+            {
+              home-manager.useGlobalPkgs = true;
+              home-manager.useUserPackages = true;
+              home-manager.users.matt =
+                { ... }:
+                {
+                  imports = [
+                    ./hosts/desktop/home.nix
+                    ./share/home/defaults.nix
+                    ./share/home/git.nix
+                    ./share/home/gnome.nix
+                    ./share/home/librewolf.nix
+                    ./share/home/office.nix
+                    ./share/home/shell.nix
+                    ./share/home/vscode.nix
+                    desktop-steam-rom-manager.homeManagerModules.default
+                    desktop-sops-nix.homeManagerModules.sops
+                  ];
+                };
+              home-manager.users.root =
+                { ... }:
+                {
+                  imports = [
+                    ./share/root-user
+                    desktop-sops-nix.homeManagerModules.sops
+                  ];
+                };
+              home-manager.backupFileExtension = "backup";
+            }
+
+            # nixos hardware
+            desktop-nixos-hardware.nixosModules.common-cpu-amd
+            desktop-nixos-hardware.nixosModules.common-cpu-amd-pstate
+            desktop-nixos-hardware.nixosModules.common-cpu-amd-zenpower
+            desktop-nixos-hardware.nixosModules.common-gpu-amd
+            desktop-nixos-hardware.nixosModules.common-hidpi
+            desktop-nixos-hardware.nixosModules.common-pc
+          ];
+        };
 
         # NAS
         "jallen-nas" = nas-nixpkgs.lib.nixosSystem {

hosts/desktop/boot.nix

@@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ config, pkgs, ... }:
 let
   configLimit = 5;
   # default = "@saved";

hosts/desktop/netboot.nix

@@ -0,0 +1,206 @@
+{ config, lib, pkgs, ... }:
+let
+  pkgsVersion = pkgs; #.unstable;
+  kernel = pkgs.linuxPackages_cachyos;
+  environmentVariables = {
+    STEAM_FORCE_DESKTOPUI_SCALING = "1.0";
+    GDK_SCALE = "1";
+    EDITOR = "${pkgs.vscodium}/bin/codium --wait";
+    VISUAL = "${pkgs.vscodium}/bin/codium --wait";
+  };
+  systemPackages = with pkgsVersion; [
+    aha
+    aspell
+    aspellDicts.en
+    aspellDicts.en-computers
+    aspellDicts.en-science
+    borgbackup
+    # brscan5
+    efibootmgr
+    kdePackages.ksvg
+    memtest86-efi
+    memtest86plus
+    # occt
+    os-prober
+    nil
+    qemu_full
+    rclone
+    rclone-browser
+    restic
+    restic-browser
+    restic-integrity
+    sane-frontends
+    sbctl
+    tpm2-tools
+    tpm2-tss
+    udisks2
+    unzip
+    winetricks
+
+    edk2-uefi-shell
+  ];
+  lactConfig = ''
+    daemon:
+      log_level: info
+      admin_groups:
+      - wheel
+      - sudo
+      disable_clocks_cleanup: false
+    apply_settings_timer: 5
+    gpus:
+      1002:73BF-1002:0E3A-0000:03:00.0:
+        fan_control_enabled: true
+        fan_control_settings:
+          mode: curve
+          static_speed: 1.0
+          temperature_key: edge
+          interval_ms: 500
+          curve:
+            30: 0.0
+            40: 0.2
+            50: 0.35
+            60: 0.5
+            70: 0.75
+            80: 1.0
+          spindown_delay_ms: 0
+          change_threshold: 0
+        pmfw_options: {}
+        power_cap: 293.0
+        performance_level: auto
+        voltage_offset: 0
+        power_states: {}
+  '';
+in
+{
+  imports = [
+    ./filesystems.nix
+    ./networking.nix
+    ./nix.nix
+    ./services.nix
+    ./sops.nix
+    ./users.nix
+    ../default.nix
+    ../../share/amd
+  ];
+
+  nix = {
+    settings = {
+      substituters = [
+        "https://cache.mjallen.dev"
+      ];
+      trusted-public-keys = [
+        "cache.mjallen.dev-1:IzFmKCd8/gggI6lcCXsW65qQwiCLGFFN9t9s2iw7Lvc="
+      ];
+    };
+  };
+
+  chaotic.mesa-git.enable = true;
+
+  # Environment configuration
+  environment = {
+    systemPackages = systemPackages;
+
+    etc."lact/config.yaml".text = lactConfig;
+
+    variables = environmentVariables;
+  };
+
+  # Hardware configuration
+  hardware = {
+    # Enable the QMK firmware flashing tool.
+    keyboard = {
+      qmk.enable = true;
+    };
+
+    # Enable Sane and Brother printer support.
+    sane = {
+      enable = true;
+      brscan5.enable = false;
+      # extraBackends = [ pkgsVersion.brscan5 ];
+    };
+  };
+
+  # Common Configuration
+  share = {
+    gaming.enable = true;
+    hardware.amd = {
+      enable = lib.mkDefault true;
+      lact.enable = lib.mkDefault true;
+    };
+  };
+
+  programs.coolercontrol.enable = true;
+
+  # Time configuration
+  time = {
+    hardwareClockInLocalTime = lib.mkDefault false;
+  };
+
+  # Virtualisation configuration
+  virtualisation = {
+    libvirtd.enable = lib.mkDefault true;
+    waydroid.enable = lib.mkDefault true;
+  };
+
+  # Network boot specifics
+  boot = {
+    initrd = {
+      network.enable = true;
+      supportedFilesystems = [ "tmpfs" "squashfs" ];
+      # extraFiles."/.ro-store".source = "${config.system.build.toplevel}";
+      systemd.enable = true;
+      availableKernelModules = [
+        "xhci_pci"
+        "nvme"
+        "ahci"
+        "usbhid"
+        "uas"
+        "usb_storage"
+        "sd_mod"
+      ];
+    };
+
+    loader = {
+      grub.enable = lib.mkForce false;
+      systemd-boot.enable = lib.mkForce false; # already replaced by lanzaboote; included explicitly for clarity
+      generic-extlinux-compatible.enable = lib.mkForce true; # required for PXE NetBoot
+      timeout = 0;
+      efi.canTouchEfiVariables = lib.mkForce false;
+    };
+    kernelModules = [
+      "nct6775"
+      "kvm-amd"
+    ];
+    kernelParams = [
+      "ip=dhcp"
+      "boot.shell_on_fail"
+      "quiet"
+      "splash"
+      # needed cause ssd powersaving is broken af I guess
+      "nvme_core.default_ps_max_latency_us=0"
+      "pcie_aspm=off"
+    ];
+
+    plymouth = {
+      enable = true;
+    };
+  };
+
+  zramSwap.enable = true;
+
+  networking.hostName = lib.mkForce "matt-netboot";
+
+  # Stateless filesystem (tmpfs)
+  fileSystems = lib.mkForce {
+    "/" = {
+      device = "tmpfs";
+      fsType = "tmpfs";
+      options = [ "defaults" "size=25%" ];
+    };
+    # "/nix" = {
+    #   device = "/.ro-store";
+    #   fsType = "none";
+    #   options = [ "bind" "ro" ];
+    # };
+  };
+}

hosts/desktop/networking.nix

@@ -5,7 +5,7 @@ in
 {
   # Networking configs
   networking = {
-    hostName = hostname;
+    hostName = lib.mkDefault hostname;
 
     # Enable Network Manager
     networkmanager = {

hosts/desktop/nix.nix

@@ -6,12 +6,12 @@ in
   nix = {
     settings = {
       substituters = [
-        # "https://cache.mjallen.dev"
+        "https://cache.mjallen.dev"
         "https://nix-community.cachix.org"
         "https://cache.nixos.org/"
       ];
       trusted-public-keys = [
-        # "cache.mjallen.dev-1:IzFmKCd8/gggI6lcCXsW65qQwiCLGFFN9t9s2iw7Lvc="
+        "cache.mjallen.dev-1:IzFmKCd8/gggI6lcCXsW65qQwiCLGFFN9t9s2iw7Lvc="
         "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
       ];
       warn-dirty = lib.mkForce false;
@@ -21,5 +21,16 @@ in
       ];
       trusted-users = [ user ];
     };
+    settings.builders-use-substitutes = true;
+    distributedBuilds = true;
+    buildMachines = [
+      {
+        hostName = "jallen-nas.local";
+        system = "x86_64-linux";
+        maxJobs = 10;
+        sshUser = "admin";
+        supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
+      }
+    ];
   };
 }

hosts/nas/nix-serve.nix

@@ -1,4 +1,7 @@
 { pkgs, ... }:
+let
+  nix-build-mail = pkgs.writeShellScript "echo -e \"Content-Type: text/plain\\r\\nSubject: NixOS cache rebuild failed\\r\\n\\r\\nThe nix-rebuild-cache service failed at $(date).\" | sendmail jalle008@proton.me";
+in 
 {
   # "https://cache.mjallen.dev"
   # "cache.mjallen.dev-1:IzFmKCd8/gggI6lcCXsW65qQwiCLGFFN9t9s2iw7Lvc="
@@ -32,6 +35,7 @@
       gnugrep
       gnused
       openssh
+      nix-build-mail
     ];
     script = ''
       #!/usr/bin/env bash
@@ -66,7 +70,7 @@
       if nix build .\#nixosConfigurations.steamdeck.config.system.build.toplevel --no-link; then
         echo "steamdeck built successfully at $(date)"
         git add .
-        git commit -m "Dteamdeck Updates $(date)"
+        git commit -m "Steamdeck Updates $(date)"
       else
         echo "steamdeck failed to build at $(date)"
         git reset --hard
@@ -117,18 +121,10 @@
         echo "jallen-nas failed to build at $(date)"
         git reset --hard
       fi
-
-      # git push
-    '';
-    # Send an email on failure (optional)
-    startPost = ''
-      if [ $SERVICE_RESULT != "success" ]; then
-        ${pkgs.mailutils}/bin/mail -s "NixOS cache rebuild failed" jalle008@proton.me <<EOF
-      The nix-rebuild-cache service failed at $(date).
-      Please check the logs with: journalctl -u nix-rebuild-cache
-      EOF
-      fi
     '';
+    onSuccess = [ "git push" ];
+    # Send an email on failure
+    # onFailure = [ "nix-build-mail" ];
   };
 
   systemd.timers.nix-rebuild-cache = {