Rebase to flake parts #13

2026-05-30 21:26:13 -03:00
parent 9a4ed1b04b
commit dcdd2c2d90
9 changed files with 245 additions and 46 deletions
@@ -96,6 +96,8 @@ services.cloudflare-warp.enable = true;
        gaming.launchers.enableBottles = false;
        gaming.gamescope.enable = true;
        gaming.steam.steamTinkerLaunch.enable = true;
+        gaming.sunshine.enable = true;
+        gaming.sunshine.cudaSupport = true;

        monitorInput.enable = true;

@@ -0,0 +1,69 @@
+{ self, inputs, ... }: {
+  flake.nixosModules.r5500Configuration =
+    {
+      self,
+      config,
+      lib,
+      pkgs,
+      ...
+    }:
+    {
+      imports = [
+        self.nixosModules.r5500Hardware
+        inputs.sops-nix.nixosModules.sops
+        self.nixosModules.system
+        self.nixosModules.users
+      ];
+
+      boot.loader.grub = {
+        enable = true;
+        efiSupport = false;
+        device = "/dev/sda";
+      };
+
+      services.openssh = {
+        enable = true;
+        settings = {
+          PasswordAuthentication = true;
+          KbdInteractiveAuthentication = false;
+          PermitRootLogin = "no";
+          UseDns = false;
+        };
+      };
+
+      sops = {
+        defaultSopsFile = ../../../secrets/secrets.yaml;
+        defaultSopsFormat = "yaml";
+        age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+      };
+
+      sops.secrets."users/server/hashedPassword".neededForUsers = true;
+
+      security.sudo.wheelNeedsPassword = true;
+
+      nix.settings = {
+        experimental-features = [ "nix-command" "flakes" ];
+        trusted-users = [ "root" "@wheel" ];
+        allowed-users = [ "root" "@wheel" ];
+      };
+
+      chiasson.system = {
+        networking = {
+          hostName = "r5500";
+          networkManager.enable = true;
+        };
+        extraPackages = with pkgs; [ btop git ];
+      };
+
+      chiasson.users = {
+        enabled = [ "server" ];
+        hostOverrides.server = {
+          hashedPasswordFile = config.sops.secrets."users/server/hashedPassword".path;
+        };
+      };
+
+      services.xserver.enable = lib.mkDefault false;
+
+      system.stateVersion = "25.11";
+    };
+}
@@ -0,0 +1,13 @@
+{ self, inputs, ... }: {
+  flake.nixosConfigurations.r5500 = inputs.nixpkgs.lib.nixosSystem {
+    system = "x86_64-linux";
+    specialArgs = {
+      inherit self inputs;
+      host = "r5500";
+      system = "x86_64-linux";
+    };
+    modules = [
+      self.nixosModules.r5500Configuration
+    ];
+  };
+}
@@ -0,0 +1,51 @@
+{ ... }: {
+  flake.nixosModules.r5500Hardware =
+    {
+      config,
+      lib,
+      pkgs,
+      modulesPath,
+      ...
+    }:
+    {
+      imports = [
+        (modulesPath + "/installer/scan/not-detected.nix")
+      ];
+
+      boot.initrd.availableKernelModules = [
+        "uhci_hcd"
+        "ehci_pci"
+        "ahci"
+        "usb_storage"
+        "usbhid"
+        "sd_mod"
+      ];
+      boot.initrd.kernelModules = [ ];
+      boot.kernelModules = [ "kvm-intel" ];
+      boot.extraModulePackages = [ ];
+
+      fileSystems."/" = {
+        device = "/dev/disk/by-uuid/934a5ec3-4bab-49c3-96c9-c857c50076ba";
+        fsType = "btrfs";
+        options = [ "subvol=@" ];
+      };
+
+      fileSystems."/home" = {
+        device = "/dev/disk/by-uuid/934a5ec3-4bab-49c3-96c9-c857c50076ba";
+        fsType = "btrfs";
+        options = [ "subvol=@home" ];
+      };
+
+      fileSystems."/boot" = {
+        device = "/dev/disk/by-uuid/6399d086-687b-4ca9-ad34-da1dd85203d5";
+        fsType = "ext4";
+      };
+
+      swapDevices = [
+        { device = "/dev/disk/by-uuid/ddb9fea1-7c44-44bc-bc74-79a3adb6cc35"; }
+      ];
+
+      nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+      hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+    };
+}