chore: update Nix configurations for Nixcloud and common hosts

- Add Nixcloud host configurations including networking, hardware, and system settings - Refactor existing configurations for clarity and organization - Remove unused podman configuration from home-manager - Update SSH agent settings and session variables in Nixbook host
2025-10-17 17:18:35 -03:00 · 2025-10-17 17:18:35 -03:00 · e9a77fccb7
commit e9a77fccb7
parent ab832834a8
11 changed files with 240 additions and 39 deletions
--- a/hosts/Nixcloud/default.nix
+++ b/hosts/Nixcloud/default.nix
@ -0,0 +1,95 @@
+{
+  config,
+  inputs,
+  lib,
+  pkgs,
+  ...
+}:
+{
+  imports = [ ./users/nimbus/default.nix ];
+
+  boot.loader.systemd-boot.enable = true;
+
+  nixpkgs.overlays = [
+    (final: prev: {
+      libnitrokey = prev.libnitrokey.overrideAttrs (old: {
+        cmakeFlags = (old.cmakeFlags or [ ]) ++ [
+          "-DCMAKE_POLICY_VERSION_MINIMUM=3.5"
+        ];
+      });
+    })
+  ];
+
+  environment = {
+    shells = with pkgs; [ bash ];
+    etc = lib.mapAttrs' (name: value: {
+      name = "nix/path/${name}";
+      value.source = value.flake;
+    }) config.nix.registry;
+    systemPackages = with pkgs; [
+      ccid
+      exfat
+      file
+      fuse3
+      gcsfuse
+      git
+      gnupg
+      libnitrokey
+      libusb1
+      nix-ld
+      opensc
+      pciutils
+      pcsc-safenet
+      pcsclite
+      pcsctools
+      pkcs11helper
+      rclone
+      sops
+      wget
+    ];
+  };
+
+  nix = {
+    registry = (lib.mapAttrs (_: flake: { inherit flake; })) (
+      (lib.filterAttrs (_: lib.isType "flake")) inputs
+    );
+
+    nixPath = [ "/etc/nix/path" ];
+
+    settings = {
+      download-buffer-size = "512M";
+      experimental-features = "nix-command flakes";
+      auto-optimise-store = true;
+    };
+  };
+
+  nixpkgs.config.allowUnfree = true;
+  programs = {
+    gnupg = {
+      agent = {
+        enableSSHSupport = true;
+        enable = true;
+        pinentryPackage = pkgs.pinentry-tty;
+      };
+    };
+    nix-ld = {
+      enable = true;
+      libraries = with pkgs; [
+        glibc
+        zlib
+      ];
+    };
+  };
+  services = {
+    pcscd.enable = true;
+    # xserver.displayManager.sessionCommands =
+    #   "${pkgs.xorg.xmodmap}/bin/xmodmap -e 'keycode 64 = Alt_L'";
+
+    udev.packages = [
+      pkgs.nitrokey-udev-rules
+    ];
+  };
+  users.groups.scard = { };
+
+  time.timeZone = "America/Sao_Paulo";
+}