From 22548339a98243b3d2fa437c3da5eb14d8ab9a38 Mon Sep 17 00:00:00 2001
From: George Kaklamanos <gkaklas@gkaklas.gr>
Date: Sun, 28 Apr 2024 22:10:39 +0300
Subject: [PATCH] Add base system flake and configuration

Signed-off-by: George Kaklamanos <gkaklas@gkaklas.gr>
---
 nixos/configuration.nix          | 79 ++++++++++++++++++++++++++++++++
 nixos/disko.nix                  | 61 ++++++++++++++++++++++++
 nixos/flake.lock                 | 27 +++++++++++
 nixos/flake.nix                  | 20 ++++++++
 nixos/hardware-configuration.nix | 30 ++++++++++++
 5 files changed, 217 insertions(+)
 create mode 100644 nixos/configuration.nix
 create mode 100644 nixos/disko.nix
 create mode 100644 nixos/flake.lock
 create mode 100644 nixos/flake.nix
 create mode 100644 nixos/hardware-configuration.nix

diff --git a/nixos/configuration.nix b/nixos/configuration.nix
new file mode 100644
index 0000000..5cccfa8
--- /dev/null
+++ b/nixos/configuration.nix
@@ -0,0 +1,79 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  imports = [
+    ./hardware-configuration.nix
+
+    "${builtins.fetchTarball {
+      url = "https://github.com/nix-community/disko/archive/refs/tags/v1.5.0.tar.gz";
+      sha256 = "sha256:1d03a0wb710by1m2c3rx758vy67f8r71gnv2h3qn4jj1bx10sdg4";
+    }}/module.nix"
+    ./disko.nix
+  ];
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "kelly";
+  networking.networkmanager.enable = true;
+  time.timeZone = "Europe/Athens";
+
+  system.copySystemConfiguration = false;
+  system.stateVersion = "23.11";
+
+  programs.fish.enable = true;
+  users.users.gkaklas = {
+    isNormalUser = true;
+    extraGroups = ["wheel" "uinput"];
+    shell = pkgs.fish;
+  };
+  users.users.gkaklas.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHRvzNjXbCJ1/lIcZXdJSzkadYOIoAzZ2G2stoxZY7qz gkaklas@onyx"
+  ];
+  #users.groups.uinput = {};
+  security.sudo.wheelNeedsPassword = false;
+  security.pam.services.gkaklas.kwallet.enable = true;
+
+  services.xserver.enable = true;
+  services.desktopManager.plasma6.enable = true;
+  services.displayManager = {
+    sddm.enable = true;
+    sddm.autoLogin.relogin = true;
+    autoLogin.enable = true;
+    autoLogin.user = "gkaklas";
+    defaultSession = "plasma";
+    sddm.wayland.enable = true;
+  };
+
+  services = {
+    openssh.enable = true;
+    openssh.settings.PasswordAuthentication = false;
+
+    pipewire.enable = true;
+    pipewire.pulse.enable = true;
+
+    flatpak.enable = true;
+    fprintd.enable = true;
+    fwupd.enable = true;
+  };
+
+  hardware = {
+    bluetooth.enable = true;
+    sensor.iio.enable = true;
+  };
+
+  powerManagement.enable = true;
+  xdg.portal.enable = true;
+
+  virtualisation.podman.enable = true;
+
+  nix = {
+    package = pkgs.nixFlakes;
+    extraOptions = ''
+      experimental-features = nix-command flakes
+    '';
+  };
+}
diff --git a/nixos/disko.nix b/nixos/disko.nix
new file mode 100644
index 0000000..3ab6acc
--- /dev/null
+++ b/nixos/disko.nix
@@ -0,0 +1,61 @@
+{
+  disko.devices.disk.ssd.type = "disk";
+  disko.devices.disk.ssd.device = "/dev/nvme0n1";
+  disko.devices.disk.ssd.content.type = "gpt";
+  disko.devices.disk.ssd.content.partitions.ESP = {
+    # For storing live images in the future,
+    # instead of creating a bootable USB drive
+    size = "10G";
+    type = "EF00";
+    content = {
+      type = "filesystem";
+      format = "vfat";
+      mountpoint = "/boot";
+      mountOptions = [
+        "defaults"
+      ];
+    };
+  };
+  disko.devices.disk.ssd.content.partitions.luks = {
+    size = "100%";
+    content = {
+      type = "luks";
+      name = "cryptroot";
+      content = {
+        type = "lvm_pv";
+        vg = "VolGroup0";
+      };
+    };
+  };
+  disko.devices.lvm_vg.VolGroup0.type = "lvm_vg";
+  disko.devices.lvm_vg.VolGroup0.lvs.root = {
+    size = "50G";
+    content = {
+      type = "filesystem";
+      format = "btrfs";
+      mountpoint = "/";
+    };
+  };
+  disko.devices.lvm_vg.VolGroup0.lvs.home = {
+    size = "100G";
+    content = {
+      type = "btrfs";
+      subvolumes = {
+        "gkaklas/.local/share/flatpak" = {
+          mountpoint = "/home/gkaklas/.local/share/flatpak";
+          mountOptions = ["defaults" "user"];
+        };
+      };
+      mountpoint = "/home";
+    };
+  };
+  disko.devices.lvm_vg.VolGroup0.lvs.storage = {
+    size = "200G";
+    content = {
+      type = "filesystem";
+      format = "btrfs";
+      mountpoint = "/mnt/storage";
+      mountOptions = ["defaults" "user"];
+    };
+  };
+}
diff --git a/nixos/flake.lock b/nixos/flake.lock
new file mode 100644
index 0000000..1cb431a
--- /dev/null
+++ b/nixos/flake.lock
@@ -0,0 +1,27 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1714253743,
+        "narHash": "sha256-mdTQw2XlariysyScCv2tTE45QSU9v/ezLcHJ22f0Nxc=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "58a1abdbae3217ca6b702f03d3b35125d88a2994",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/nixos/flake.nix b/nixos/flake.nix
new file mode 100644
index 0000000..ce66274
--- /dev/null
+++ b/nixos/flake.nix
@@ -0,0 +1,20 @@
+{
+  description = "NixOS configuration flake";
+
+  inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
+
+  outputs = inputs @ {nixpkgs, ...}: let
+    hostname = "kelly";
+    system = "x86_64-linux";
+    pkgs = import nixpkgs {inherit system;};
+  in {
+    nixosConfigurations = {
+      "kelly" = nixpkgs.lib.nixosSystem {
+        system = "x86_64-linux";
+        modules = [
+          ./configuration.nix
+        ];
+      };
+    };
+  };
+}
diff --git a/nixos/hardware-configuration.nix b/nixos/hardware-configuration.nix
new file mode 100644
index 0000000..61a979d
--- /dev/null
+++ b/nixos/hardware-configuration.nix
@@ -0,0 +1,30 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}: {
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod"];
+  boot.initrd.kernelModules = ["dm-snapshot"];
+  boot.kernelModules = ["kvm-amd"];
+  boot.extraModulePackages = [];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp193s0f3u2c2.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}