feat: initialize repo with NixOS and Home Manager configs

- Add .gitignore for common languages, tools, and OS/editor artifacts - Configure .gitattributes for Git LFS (fonts, images, archives, ISOs) - Add README with repo description - Add flake.nix defining inputs and outputs for NixOS, Home Manager, and related modules - Introduce home-manager configs: - Base home.nix with packages, services, and programs - Hyprland WM configuration (waybar, fuzzel, keybindings, theming) - Vim (nixvim) setup with LSP and plugins - Zsh setup with aliases, Oh My Zsh, clipboard helpers - Systemd user services (e.g., librespot) - Add scripts (GPU monitor, RAM build helper, install automation) - Add host configurations: - Nixbook (Apple laptop) with hardware, disko, and install script - Nixstation (desktop) with firewall, virtualization, Btrfs scrub timer - Nixtest (test VM) with QEMU + Alpine-based install test harness - Common modules (network, NVIDIA, rclone, screen, keychron, users) - Include statix config for linting
2025-08-20 21:55:46 -03:00 · 2025-08-20 21:55:46 -03:00 · d0b63ce601
commit d0b63ce601
34 changed files with 1954 additions and 0 deletions
--- a/hosts/Nixbook/apple.nix
+++ b/hosts/Nixbook/apple.nix
@ -0,0 +1,19 @@
+{ config
+, lib
+, pkgs
+, ...
+}:
+
+{
+  boot.kernelParams = [
+    "hid_apple.iso_layout=0"
+  ];
+  powerManagement = {
+    cpuFreqGovernor = "schedutil";
+    powerUpCommands = lib.mkBefore "${pkgs.kmod}/bin/modprobe brcmfmac";
+    powerDownCommands = lib.mkBefore "${pkgs.kmod}/bin/rmmod brcmfmac";
+  };
+  hardware.facetimehd.enable = lib.mkDefault (config.nixpkgs.config.allowUnfree or false);
+
+  services.mbpfan.enable = lib.mkDefault true;
+}
--- a/hosts/Nixbook/default.nix
+++ b/hosts/Nixbook/default.nix
@ -0,0 +1,56 @@
+{ pkgs, ... }:
+{
+
+  imports = [
+    ../common/default.nix
+    ./apple.nix
+    ./hardware-configuration.nix
+  ];
+
+  networking.hostName = "Nixbook";
+
+  programs.hyprland.enable = true;
+  programs.hyprland.withUWSM = true;
+
+  environment.sessionVariables = {
+    NIXOS_OZONE_WL = "1";
+  };
+
+  services = {
+    xserver.enable = true;
+
+    displayManager.sddm = {
+      enable = true;
+      wayland.enable = true;
+    };
+
+    libinput = {
+      enable = true;
+      touchpad.clickMethod = "clickfinger";
+    };
+
+    openssh = {
+      enable = true;
+      settings = {
+        PermitRootLogin = "yes";
+        PasswordAuthentication = false;
+      };
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    exfat
+    gcsfuse
+    git
+    home-manager
+    hwinfo
+    libinput
+    neovim
+    nil
+    nixpkgs-fmt
+    rclone
+    wget
+  ];
+
+  system.stateVersion = "23.11";
+}
--- a/hosts/Nixbook/disko.nix
+++ b/hosts/Nixbook/disko.nix
@ -0,0 +1,68 @@
+{ config, lib, ... }:
+
+{
+  disko.devices = {
+    disk.main = {
+      type = "disk";
+      device = "/dev/nvme0n1";
+      content = {
+        type = "gpt";
+        partitions = {
+          esp = {
+            size = "512M";
+            start = "1M";
+            type = "EF00";
+            label = "EFI";
+            content = {
+              type = "filesystem";
+              format = "vfat";
+              mountpoint = "/boot";
+            };
+          };
+          swap = {
+            size = "16G";
+            type = "8200";
+            label = "Swap";
+            content = {
+              type = "swap";
+              randomEncryption = false;
+            };
+          };
+
+          root = {
+            type = "8300";
+            label = "NixOS";
+            size = "870G";
+            content = {
+              type = "btrfs";
+              mountpoint = "/";
+              subvolumes = {
+                "@root" = {
+                  mountpoint = "/";
+                };
+                "@nix" = {
+                  mountpoint = "/nix";
+                };
+                "@home" = {
+                  mountpoint = "/home";
+                };
+                "@log" = {
+                  mountpoint = "/var/log";
+                };
+              };
+              extraArgs = [
+                "-L"
+                "nixos-root"
+              ];
+              mountOptions = [
+                "compress=zstd"
+                "noatime"
+              ];
+            };
+          };
+
+        };
+      };
+    };
+  };
+}
--- a/hosts/Nixbook/hardware-configuration.nix
+++ b/hosts/Nixbook/hardware-configuration.nix
@ -0,0 +1,32 @@
+{ config
+, lib
+, pkgs
+, modulesPath
+, inputs
+, ...
+}:
+
+{
+  imports = [
+    (modulesPath + "/hardware/network/broadcom-43xx.nix")
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  boot = {
+    initrd.availableKernelModules = [
+      "xhci_pci"
+      "nvme"
+      "usbhid"
+      "usb_storage"
+      "sd_mod"
+    ];
+    initrd.kernelModules = [ ];
+    kernelModules = [ "kvm-intel" ];
+    extraModulePackages = [ ];
+  };
+
+  networking.useDHCP = lib.mkDefault true;
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+
+}
--- a/hosts/Nixbook/scripts/install.sh
+++ b/hosts/Nixbook/scripts/install.sh
@ -0,0 +1,68 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+### CONFIGURATION ###
+TARGET_IP="192.168.1.65"
+INSTALL_USER="nixos"
+INSTALL_PASS="123456"
+SSH_KEY="$HOME/.ssh/id_rsa.pub"
+FLAKE_PATH="./#Nixbook"
+
+# Export variables needed inside nix-shell
+export TARGET_IP INSTALL_USER INSTALL_PASS SSH_KEY FLAKE_PATH HOME
+
+### Prerequisites Check ###
+# Removed check, sshpass will be provided by nix-shell
+
+### 0. Ensure SSH key is available ###
+if [ ! -f "$SSH_KEY" ]; then
+  echo "❌ SSH key not found at $SSH_KEY"
+  exit 1
+fi
+
+### 1. Remove existing SSH known_hosts entry if it exists ###
+echo "🧹 Checking for existing SSH known_hosts entry for $TARGET_IP..."
+if grep -q "$TARGET_IP" ~/.ssh/known_hosts; then
+  echo "🔄 Removing existing SSH known_hosts entry for $TARGET_IP..."
+  ssh-keygen -R "$TARGET_IP"
+else
+  echo "✅ No existing SSH known_hosts entry found for $TARGET_IP."
+fi
+
+### 2, 3, 4: Run commands requiring Nix-provided packages ###
+# Use a single nix-shell environment for sshpass, openssh, and nixos-anywhere
+nix-shell -p nixos-anywhere sshpass openssh --run '
+  # Re-set options for this subshell
+  set -euo pipefail
+
+  ### 2. Add SSH key to remote temporary user ###
+  echo "🔐 Copying SSH key to $INSTALL_USER@$TARGET_IP..."
+  # sshpass and ssh-copy-id are from nix-shell environment
+  sshpass -p "$INSTALL_PASS" ssh-copy-id -i "$SSH_KEY" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null "$INSTALL_USER@$TARGET_IP"
+
+  ### 3. Grant temporary user passwordless sudo on target machine ###
+  echo "🔧 Configuring sudo access for $INSTALL_USER on target..."
+  # ssh is from nix-shell environment
+  ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null "$INSTALL_USER@$TARGET_IP" <<EOF
+# Ensure the sudoers.d directory exists
+sudo mkdir -p /etc/sudoers.d
+# Write the sudo rule
+echo "$INSTALL_USER ALL=(ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/90-$INSTALL_USER
+sudo chmod 0440 /etc/sudoers.d/90-$INSTALL_USER
+EOF
+
+  ### 4. Run nixos-anywhere ###
+  echo "🚀 Starting nixos-anywhere install to $TARGET_IP..."
+  # nixos-anywhere is from nix-shell environment
+  nixos-anywhere \
+    -i ~/.ssh/id_rsa \
+    --ssh-option User=$INSTALL_USER \
+    --ssh-option StrictHostKeyChecking=no \
+    --ssh-option UserKnownHostsFile=/dev/null \
+    --flake $FLAKE_PATH \
+    --build-on-remote \
+    $TARGET_IP
+'
+
+echo "✅ Installation complete!"