commit d1a0940ec7a5edd3c211773b8ff20e8a9ebdf3ca
Author: Violet Truchseß <me@v-tr.org>
Date:   Sun Feb 4 16:56:44 2024 +0100

    initial commit

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..fa3803b
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+hardware-configuration.nix
+device-conf.nix
+result
diff --git a/configuration.nix b/configuration.nix
new file mode 100644
index 0000000..1da9118
--- /dev/null
+++ b/configuration.nix
@@ -0,0 +1,126 @@
+# Edit this configuration file to define what should be installed on
+# your system. Help is available in the configuration.nix(5) man page, on
+# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
+
+{ config, lib, pkgs, ... }:
+
+{
+  imports =
+    [ # Include the results of the hardware scan.
+      ./hardware-configuration.nix
+      ./device-conf.nix
+    ];
+
+  # networking.hostName = "nixos"; # Define your hostname.
+  # Pick only one of the below networking options.
+  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
+  # networking.networkmanager.enable = true;  # Easiest to use and most distros use this by default.
+
+  # Set your time zone.
+  time.timeZone = "Europe/Berlin";
+  programs.git.enable = true;
+  programs.git.config = {
+    init = {
+      defaultBranch = "main";
+    };
+  };
+  # Configure network proxy if necessary
+  # networking.proxy.default = "http://user:password@proxy:port/";
+  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "en_US.UTF-8";
+  i18n.extraLocaleSettings = {
+    LC_MESSAGES = "en_US.UTF-8";
+    LC_TIME = "de_DE.UTF-8";
+  };
+  console = {
+  #   font = "Lat2-Terminus16";
+#    keyMap = "us";
+    useXkbConfig = true; # use xkb.options in tty.
+  };
+
+  services.xserver.xkb = {
+    options = "caps:swapescape";
+    layout = "us";
+    variant = "altgr-intl";
+    };
+  # Enable the X11 windowing system.
+  # services.xserver.enable = true;
+
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+  nixpkgs.config.allowUnfree = true; 
+
+  # Configure keymap in X11
+  # services.xserver.xkb.layout = "us";
+  # services.xserver.xkb.options = "eurosign:e,caps:escape";
+
+  # Enable CUPS to print documents.
+  # services.printing.enable = true;
+
+  # Enable sound.
+  # sound.enable = true;
+  # hardware.pulseaudio.enable = true;
+
+  # Enable touchpad support (enabled default in most desktopManager).
+  # services.xserver.libinput.enable = true;
+
+  # Define a user account. Don't forget to set a password with ‘passwd’.
+  programs.fish.enable = true;
+
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
+  environment.systemPackages = with pkgs; [
+    powertop
+    wget
+    vim
+    htop
+    git
+  ];
+
+  #nix.settings.experimental-features = [ "nix-command" "flakes" ];
+
+  # Some programs need SUID wrappers, can be configured further or are
+  # started in user sessions.
+  # programs.mtr.enable = true;
+  # programs.gnupg.agent = {
+  #   enable = true;
+  #   enableSSHSupport = true;
+  # };
+
+  # List services that you want to enable:
+
+  # Enable the OpenSSH daemon.
+  # services.openssh.enable = true;
+
+  # Open ports in the firewall.
+#   networking.firewall.allowedTCPPorts = [ 8000 ];
+  # networking.firewall.allowedUDPPorts = [ ... ];
+  # Or disable the firewall altogether.
+  # networking.firewall.enable = false;
+
+  # Copy the NixOS configuration file and link it from the resulting system
+  # (/run/current-system/configuration.nix). This is useful in case you
+  # accidentally delete configuration.nix.
+  # system.copySystemConfiguration = true;
+
+  # This option defines the first version of NixOS you have installed on this particular machine,
+  # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
+  #
+  # Most users should NEVER change this value after the initial install, for any reason,
+  # even if you've upgraded your system to a new NixOS release.
+  #
+  # This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
+  # so changing it will NOT upgrade your system.
+  #
+  # This value being lower than the current NixOS release does NOT mean your system is
+  # out of date, out of support, or vulnerable.
+  #
+  # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
+  # and migrated your data accordingly.
+  #
+  # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
+  system.stateVersion = "23.11"; # Did you read the comment?
+
+}
+
diff --git a/gridlock.nix b/gridlock.nix
new file mode 100644
index 0000000..2e5f0f5
--- /dev/null
+++ b/gridlock.nix
@@ -0,0 +1,130 @@
+# Edit this configuration file to define what should be installed on
+# your system. Help is available in the configuration.nix(5) man page, on
+# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
+
+{ config, lib, pkgs, ... }:
+
+{
+  imports = [
+    ./workstation.nix
+  ];
+
+  # Use the systemd-boot EFI boot loader.
+  boot.loader.grub.enable = true;
+  boot.loader.grub.efiSupport = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+  boot.loader.efi.efiSysMountPoint = "/boot/EFI";
+  boot.loader.grub.device = "nodev";
+
+  networking.hostName = "gridlock"; # Define your hostname.
+  # Pick only one of the below networking options.
+  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
+  # networking.networkmanager.enable = true;  # Easiest to use and most distros use this by default.
+
+  # Set your time zone.
+  # time.timeZone = "Europe/Amsterdam";
+  boot.initrd.kernelModules = [ "amdgpu" ];
+  services.xserver.videoDrivers = [ "amdgpu" ];
+
+  hardware.opengl.extraPackages = with pkgs; [
+    rocmPackages.clr.icd
+    amdvlk
+  ];
+  environment.variables = {
+    ROC_ENABLE_PRE_VEGA = "1";
+  };
+  hardware.opengl.driSupport = true;
+  # Configure network proxy if necessary
+  # networking.proxy.default = "http://user:password@proxy:port/";
+  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+  # Select internationalisation properties.
+  # i18n.defaultLocale = "en_US.UTF-8";
+  # console = {
+  #   font = "Lat2-Terminus16";
+  #   keyMap = "us";
+  #   useXkbConfig = true; # use xkb.options in tty.
+  # };
+
+  # Enable the X11 windowing system.
+  # services.xserver.enable = true;
+
+
+  hardware.sane.extraBackends = [ pkgs.epkowa ];
+  
+
+  # Configure keymap in X11
+  # services.xserver.xkb.layout = "us";
+  # services.xserver.xkb.options = "eurosign:e,caps:escape";
+
+  # Enable CUPS to print documents.
+  # services.printing.enable = true;
+
+  # Enable sound.
+  # sound.enable = true;
+  # hardware.pulseaudio.enable = true;
+
+  # Enable touchpad support (enabled default in most desktopManager).
+  # services.xserver.libinput.enable = true;
+
+  # Define a user account. Don't forget to set a password with ‘passwd’.
+  # users.users.alice = {
+  #   isNormalUser = true;
+  #   extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
+  #   packages = with pkgs; [
+  #     firefox
+  #     tree
+  #   ];
+  # };
+
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
+  # environment.systemPackages = with pkgs; [
+  #   vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
+  #   wget
+  # ];
+
+  # Some programs need SUID wrappers, can be configured further or are
+  # started in user sessions.
+  # programs.mtr.enable = true;
+  # programs.gnupg.agent = {
+  #   enable = true;
+  #   enableSSHSupport = true;
+  # };
+
+  # List services that you want to enable:
+
+  # Enable the OpenSSH daemon.
+  services.openssh.enable = true;
+
+  # Open ports in the firewall.
+  # networking.firewall.allowedTCPPorts = [ ... ];
+  # networking.firewall.allowedUDPPorts = [ ... ];
+  # Or disable the firewall altogether.
+  # networking.firewall.enable = false;
+
+  # Copy the NixOS configuration file and link it from the resulting system
+  # (/run/current-system/configuration.nix). This is useful in case you
+  # accidentally delete configuration.nix.
+  # system.copySystemConfiguration = true;
+
+  # This option defines the first version of NixOS you have installed on this particular machine,
+  # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
+  #
+  # Most users should NEVER change this value after the initial install, for any reason,
+  # even if you've upgraded your system to a new NixOS release.
+  #
+  # This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
+  # so changing it will NOT upgrade your system.
+  #
+  # This value being lower than the current NixOS release does NOT mean your system is
+  # out of date, out of support, or vulnerable.
+  #
+  # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
+  # and migrated your data accordingly.
+  #
+  # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
+  system.stateVersion = "23.11"; # Did you read the comment?
+
+}
+
diff --git a/junk.nix b/junk.nix
new file mode 100644
index 0000000..d0573dc
--- /dev/null
+++ b/junk.nix
@@ -0,0 +1,127 @@
+# Edit this configuration file to define what should be installed on
+# your system. Help is available in the configuration.nix(5) man page, on
+# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
+
+{ config, lib, pkgs, ... }:
+
+{
+
+  imports = [
+    ./server.nix
+  ];
+
+  # Use the GRUB 2 boot loader.
+  boot.loader.grub.enable = true;
+  # boot.loader.grub.efiSupport = true;
+  # boot.loader.grub.efiInstallAsRemovable = true;
+  # boot.loader.efi.efiSysMountPoint = "/boot/efi";
+  # Define on which hard drive you want to install Grub.
+  boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
+  boot.kernel.sysctl = {
+    "net.ipv6.conf.all.forwarding" = 1;
+  };
+
+  networking.hostName = "junk"; # Define your hostname.
+  # Pick only one of the below networking options.
+  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
+
+  #networking.hosts = {
+  #  "fd00:c0fe::11:32ff:fe27:a9a9" = [ "junk.v-tr.org" ];
+  #  "fd00:c0fe::211:32ff:fef7:b835" = [ "nas.v-tr.org" ];
+  #  "b00b:5::69" = [ "boobs.good" ];
+  #};
+
+  # Set your time zone.
+  # time.timeZone = "Europe/Amsterdam";
+
+  # Configure network proxy if necessary
+  # networking.proxy.default = "http://user:password@proxy:port/";
+  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+  # Select internationalisation properties.
+  # i18n.defaultLocale = "en_US.UTF-8";
+  # console = {
+  #   font = "Lat2-Terminus16";
+  #   keyMap = "us";
+  #   useXkbConfig = true; # use xkb.options in tty.
+  # };
+
+  # Enable the X11 windowing system.
+  # services.xserver.enable = true;
+
+
+  
+
+  # Configure keymap in X11
+  # services.xserver.xkb.layout = "us";
+  # services.xserver.xkb.options = "eurosign:e,caps:escape";
+
+  # Enable CUPS to print documents.
+  # services.printing.enable = true;
+
+  # Enable sound.
+  # sound.enable = true;
+  # hardware.pulseaudio.enable = true;
+
+  # Enable touchpad support (enabled default in most desktopManager).
+  # services.xserver.libinput.enable = true;
+
+  # Define a user account. Don't forget to set a password with ‘passwd’.
+  # users.users.alice = {
+  #   isNormalUser = true;
+  #   extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
+  #   packages = with pkgs; [
+  #     firefox
+  #     tree
+  #   ];
+  # };
+
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
+  # environment.systemPackages = with pkgs; [
+  #   vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
+  #   wget
+  # ];
+
+  # Some programs need SUID wrappers, can be configured further or are
+  # started in user sessions.
+  # programs.mtr.enable = true;
+  # programs.gnupg.agent = {
+  #   enable = true;
+  #   enableSSHSupport = true;
+  # };
+
+  # List services that you want to enable:
+
+  # Enable the OpenSSH daemon.
+
+  # Open ports in the firewall.
+  # networking.firewall.allowedTCPPorts = [ ... ];
+  # networking.firewall.allowedUDPPorts = [ ... ];
+  # Or disable the firewall altogether.
+  networking.firewall.enable = false;
+
+  # Copy the NixOS configuration file and link it from the resulting system
+  # (/run/current-system/configuration.nix). This is useful in case you
+  # accidentally delete configuration.nix.
+  # system.copySystemConfiguration = true;
+
+  # This option defines the first version of NixOS you have installed on this particular machine,
+  # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
+  #
+  # Most users should NEVER change this value after the initial install, for any reason,
+  # even if you've upgraded your system to a new NixOS release.
+  #
+  # This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
+  # so changing it will NOT upgrade your system.
+  #
+  # This value being lower than the current NixOS release does NOT mean your system is
+  # out of date, out of support, or vulnerable.
+  #
+  # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
+  # and migrated your data accordingly.
+  #
+  # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
+
+}
+
diff --git a/push-junk.sh b/push-junk.sh
new file mode 100755
index 0000000..e3c108a
--- /dev/null
+++ b/push-junk.sh
@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+
+scp ./configuration.nix junk:/etc/nixos
+scp ./server.nix junk:/etc/nixos
+scp ./junk.nix junk:/etc/nixos
+scp ./dnsmasq.hosts junk:/
+
+ssh junk nixos-rebuild switch
diff --git a/server.nix b/server.nix
new file mode 100644
index 0000000..e89c0c2
--- /dev/null
+++ b/server.nix
@@ -0,0 +1,23 @@
+{ config, lib, pkgs, ... }:
+
+{
+  services.openssh.enable = true;
+  users.users.root = {
+    openssh.authorizedKeys.keys = [
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCnGYYJ8gQfv/lskDeG0DNo4ExgMTMycsg+Fwg4poxzcunQ6OYt+tuzgRuhixU59y2Wt9MFvffZtpE1OkJ/NxHJvvZO0AmXd3YcaKth65SV5AB5pLVLl+9xi/DSfjG8JS7MesnkFcOeXaGiP7j5XztRmiT+jX8Icaz91Yn2pna6S8Lt9RAMxiXQig3qEqA7DYvGl0GTlw6gTHXl9IKnART0v2TjPuio/kZ0brUCl+nFpLRJiUnt4ND5nmhszrvgGA6mshZqqBrYu1zPMIgqWmjVl4p/BrGY8uv8HRtLCvD0NOyXTDhA511ktc1NTVQsX6KjePMYORqdx57heSEvv/eoaroA5+KCTFPxlBKis1M4gLp2rV96EUDYhxnfDgN34hozZWRmgB1ktFH3gz9tby+H8ZPSgp8s+B/6VOjdwKxfy005I3wiyU13BPYOJP1yTLKoL3HVnrUGZ2fSTxkE0dgqxbI/aSoCrQK4NOYnoiQlWcuDd/d36oC5IqtUPAFlPa8= vi@cyberboobs"
+    ];
+    createHome = true;
+  };
+  environment.systemPackages = with pkgs; [
+    tmux
+    mosh
+    dnsutils
+  ];
+  networking.firewall.allowedUDPPortRanges = [
+    {
+      from = 60000;
+      to = 61000;
+    }
+  ];
+  networking.tempAddresses = "disabled";
+}
diff --git a/workstation.nix b/workstation.nix
new file mode 100644
index 0000000..1dbf6a4
--- /dev/null
+++ b/workstation.nix
@@ -0,0 +1,84 @@
+{ config, lib, pkgs, ... }:
+
+{
+  fileSystems = {
+    "/home".options = [ "compress=lzo" ];
+    "/etc/nixos" = {
+      device = "/etc/nixos/";
+      fsType = "fuse.bindfs";
+      mountPoint = "/home/vi/nixos";
+      options = [ "map=root/vi" ];
+    };
+    "/".options = [ "compress=lzo" ];
+  };
+  users.users.vi = {
+    isNormalUser = true;
+    extraGroups = [ "scanner" "wheel" "networkmanager" "adbusers" ]; # Enable ‘sudo’ for the user.
+    shell = pkgs.fish;
+  };
+  users.users.root.hashedPassword = "!";
+  users.mutableUsers = false;
+  services.gvfs.enable = true;
+
+#  services.flatpak.enable = true;
+
+  hardware.sane.enable = true;
+  hardware.sane.brscan5.enable = true;
+  hardware.sane.brscan5.netDevices = {
+    home = {
+      ip = "172.23.143.29";
+      model = "MFC-L2710DN";
+    };
+  };
+  programs.steam.enable = true;
+#  services.snapper.configs."home" = {
+#    TIMELINE_CREATE = true;
+#    TIMELINE_CLEANUP = true;
+#    SUBVOLUME = /home;
+#    ALLOW_USERS = [ "vi" ];
+#  };
+  programs.xwayland.enable = true;
+  services.xserver.enable = true;
+  services.xserver.displayManager.gdm.enable = true;
+  services.xserver.displayManager.defaultSession = "sway";
+  services.xserver.displayManager.autoLogin.user = "vi";
+  services.xserver.displayManager.autoLogin.enable = true;
+
+  services.udisks2.enable = true;
+  services.printing.enable = true;
+  services.avahi = {
+    enable = true;
+    nssmdns = true;
+    openFirewall = true;
+  };
+
+  programs.adb.enable = true;
+
+  fonts.packages = with pkgs; [
+    ubuntu_font_family
+    noto-fonts-emoji
+    font-awesome
+    nerdfonts
+  ];
+
+  programs.sway.enable = true;
+
+  services.gnome.gnome-keyring.enable = true;
+  services.pipewire.enable = true;
+  services.pipewire.pulse.enable = true;
+
+  networking.networkmanager.enable = true;
+
+  powerManagement.enable = true;
+  environment.systemPackages = with pkgs; [
+    swayfx
+    wget
+    vim
+    wev
+    pulseaudio
+    foot
+    htop
+    bindfs
+    vivaldi
+  ];
+}
diff --git a/x230.nix b/x230.nix
new file mode 100644
index 0000000..4406517
--- /dev/null
+++ b/x230.nix
@@ -0,0 +1,50 @@
+{ config, lib, pkgs, ... }:
+
+{
+  imports =
+    [ # Include the results of the hardware scan.
+      <nixos-hardware/lenovo/thinkpad/x230>
+      ./workstation.nix
+    ];
+
+  # Use the GRUB 2 boot loader.
+  boot.loader.grub.enable = true;
+  # boot.loader.grub.efiSupport = true;
+  # boot.loader.grub.efiInstallAsRemovable = true;
+  # boot.loader.efi.efiSysMountPoint = "/boot/efi";
+  # Define on which hard drive you want to install Grub.
+  boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
+  boot.initrd.luks.devices.crypt.device = "/dev/disk/by-id/md-name-nixos:0-part2";
+  boot.swraid.enable = true;
+  boot.swraid.mdadmConf = ''
+    PROGRAM /run/current-system/sw/bin/false
+  '';
+  boot.resumeDevice = "/dev/disk/by-label/swapdev";
+  swapDevices = [
+    { device = "/dev/disk/by-label/swapdev"; }
+  ];
+  services.logind.powerKey = "hibernate";
+  services.tlp = {
+      enable = true;
+      settings = {
+        CPU_SCALING_GOVERNOR_ON_AC = "performance";
+        CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
+
+        CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
+        CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
+
+        START_CHARGE_THRESH_BAT0 = "90"; 
+        STOP_CHARGE_THRESH_BAT0 = "95";
+      };
+  };
+  powerManagement.powertop.enable = true;
+  hardware.bluetooth.enable = true;
+  networking.hostName = "cyberboobs";
+  environment.systemPackages = with pkgs; [
+    bluez
+    powertop
+  ];
+  services.logind.lidSwitch = "suspend-then-hibernate";
+  systemd.sleep.extraConfig = "HibernateDelaySec=1h";
+#  services.upower.enable = true;
+}