feat(hosts): add cmdframe

initial cmdframe configuration
feat(home): update felschr-work config
2025-06-04 18:35:07 +02:00 · 2025-06-04 18:33:55 +02:00 · 2025-06-04 18:33:55 +02:00
7 changed files with 211 additions and 30 deletions
--- a/flake.lock
+++ b/flake.lock
@ -10,11 +10,11 @@
        "systems": "systems"
      },
      "locked": {
-        "lastModified": 1747514353,
+        "lastModified": 1747575206,
-        "narHash": "sha256-E1WjB+zvDw4x058mg3MIdK5j2huvnNpTEEt2brhg2H8=",
+        "narHash": "sha256-NwmAFuDUO/PFcgaGGr4j3ozG9Pe5hZ/ogitWhY+D81k=",
        "owner": "ryantm",
        "repo": "agenix",
-        "rev": "6697e8babbd8f323dfd5e28f160a0128582c128b",
+        "rev": "4835b1dc898959d8547a871ef484930675cb47f1",
        "type": "github"
      },
      "original": {
@ -100,6 +100,27 @@
        "type": "github"
      }
    },
    "disko": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1746728054,
        "narHash": "sha256-eDoSOhxGEm2PykZFa/x9QG5eTH0MJdiJ9aR00VAofXE=",
        "owner": "nix-community",
        "repo": "disko",
        "rev": "ff442f5d1425feb86344c028298548024f21256d",
        "type": "github"
      },
      "original": {
        "owner": "nix-community",
        "ref": "latest",
        "repo": "disko",
        "type": "github"
      }
    },
    "firefox-addons": {
      "inputs": {
        "nixpkgs": [
@ -108,11 +129,11 @@
      },
      "locked": {
        "dir": "pkgs/firefox-addons",
-        "lastModified": 1747541019,
+        "lastModified": 1749009805,
-        "narHash": "sha256-j3GieFJQqdtDLQmGMVhtiPy/3gP3PjlPybKywN4hOOQ=",
+        "narHash": "sha256-eRv4m89aPJvIAX9mZQcJM+l3sYG+OJvcLsiHvAvXalg=",
        "owner": "rycee",
        "repo": "nur-expressions",
-        "rev": "830ffcdb44051917600abb79007e8593e9effc53",
+        "rev": "622c38d004cdded682d9a5ab7323181dc6efb0c1",
        "type": "gitlab"
      },
      "original": {
@ -177,11 +198,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1743550720,
+        "lastModified": 1748821116,
-        "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=",
+        "narHash": "sha256-F82+gS044J1APL0n4hH50GYdPRv/5JWm34oCJYmVKdE=",
        "owner": "hercules-ci",
        "repo": "flake-parts",
-        "rev": "c621e8422220273271f52058f618c94e405bb0f5",
+        "rev": "49f0870db23e8c1ca0b5259734a02cd9e1e371a1",
        "type": "github"
      },
      "original": {
@ -278,11 +299,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1747556831,
+        "lastModified": 1748665073,
-        "narHash": "sha256-Qb84nbYFFk0DzFeqVoHltS2RodAYY5/HZQKE8WnBDsc=",
+        "narHash": "sha256-RMhjnPKWtCoIIHiuR9QKD7xfsKb3agxzMfJY8V9MOew=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "d0bbd221482c2713cccb80220f3c9d16a6e20a33",
+        "rev": "282e1e029cb6ab4811114fc85110613d72771dea",
        "type": "github"
      },
      "original": {
@ -332,11 +353,11 @@
    },
    "nixos-hardware": {
      "locked": {
-        "lastModified": 1747129300,
+        "lastModified": 1748942041,
-        "narHash": "sha256-L3clA5YGeYCF47ghsI7Tcex+DnaaN/BbQ4dR2wzoiKg=",
+        "narHash": "sha256-HEu2gTct7nY0tAPRgBtqYepallryBKR1U8B4v2zEEqA=",
        "owner": "NixOS",
        "repo": "nixos-hardware",
-        "rev": "e81fd167b33121269149c57806599045fd33eeed",
+        "rev": "fc7c4714125cfaa19b048e8aaf86b9c53e04d853",
        "type": "github"
      },
      "original": {
@ -347,11 +368,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1747428706,
+        "lastModified": 1749024892,
-        "narHash": "sha256-XVds9FkRrY59xRNNq14FNsFGqDiexXX/mlHcX4hPyyk=",
+        "narHash": "sha256-OGcDEz60TXQC+gVz5sdtgGJdKVYr6rwdzQKuZAJQpCA=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "2e1496bf8652ff4af4e4d4737277f71e4a4f5cb2",
+        "rev": "8f1b52b04f2cb6e5ead50bd28d76528a2f0380ef",
        "type": "github"
      },
      "original": {
@ -363,11 +384,11 @@
    },
    "nixpkgs-unstable": {
      "locked": {
-        "lastModified": 1747327360,
+        "lastModified": 1748929857,
-        "narHash": "sha256-LSmTbiq/nqZR9B2t4MRnWG7cb0KVNU70dB7RT4+wYK4=",
+        "narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "e06158e58f3adee28b139e9c2bcfcc41f8625b46",
+        "rev": "c2a03962b8e24e669fb37b7df10e7c79531ff1a4",
        "type": "github"
      },
      "original": {
@ -402,11 +423,11 @@
        "systems": "systems_3"
      },
      "locked": {
-        "lastModified": 1747556457,
+        "lastModified": 1749025503,
-        "narHash": "sha256-L1iSnAQYsveQs1haZ9CcidvYKhYotchzgM9GqYie0Rg=",
+        "narHash": "sha256-Me3mk/wLz4msOQAASCaf2+mQizje1Q37rgNfExJse6M=",
        "owner": "astro",
        "repo": "nix-openwrt-imagebuilder",
-        "rev": "568956f921869b6f36af3809fab4a914ed17082c",
+        "rev": "1b157ee2f34fc67f365a62c5a4fca63ba86040c6",
        "type": "github"
      },
      "original": {
@ -442,6 +463,7 @@
        "agenix": "agenix",
        "arkenfox-userjs": "arkenfox-userjs",
        "deploy-rs": "deploy-rs",
        "disko": "disko",
        "firefox-addons": "firefox-addons",
        "flake-parts": "flake-parts",
        "flake-utils": "flake-utils",
--- a/flake.nix
+++ b/flake.nix
@ -19,6 +19,11 @@ rec {
    nixos-hardware.url = "github:NixOS/nixos-hardware";
    disko = {
      url = "github:nix-community/disko/latest";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    flake-parts = {
      url = "github:hercules-ci/flake-parts";
      inputs.nixpkgs-lib.follows = "nixpkgs";
--- a/home/felschr-work.nix
+++ b/home/felschr-work.nix
@ -17,6 +17,7 @@ with pkgs;
    ./signal.nix
    ./browsers
    ./planck.nix
    ./services/easyeffects.nix
  ];
  programs.gpg.enable = true;
@ -25,7 +26,7 @@ with pkgs;
    enable = true;
    enableSshSupport = true;
    # use auth subkey's keygrip: gpg2 -K --with-keygrip
-    sshKeys = [ "8A6213DCDAF86BD3A63549FCFDF71B2C92DAE02C" ];
+    sshKeys = [ "70DBD13E3BCAF806D416647D9C51321E2F1312CF" ];
    defaultCacheTtl = 600;
    defaultCacheTtlSsh = 600;
    pinentry.package = pkgs.pinentry-gnome3;
@ -36,20 +37,18 @@ with pkgs;
  programs.ssh.enable = true;
-  programs.git = {
+  programs.git.defaultProfile = "work";
    defaultProfile = "work";
  };
  home.packages = with pkgs; [
    fh
    # system
    gparted
    gnome-firmware-updater
    mission-center
    # productivity
    obsidian
    libreoffice-fresh
    curtail
    # dev & admin
    pods
@ -61,11 +60,20 @@ with pkgs;
    collision
    metadata-cleaner
    raider
    gnome-obfuscate
    yubikey-manager
    yubioath-flutter
    localsend
    onionshare-gui
    # entertainment
    celluloid
    # ai
    unstable.alpaca
    # other
    zotero
    emblem
  ];
--- a/hosts/cmdframe/default.nix
+++ b/hosts/cmdframe/default.nix
@ -0,0 +1,42 @@
 { config, ... }:
 {
  imports = [
    ./disk-config.nix
    ../../hardware/base.nix
    ../../hardware/bluetooth.nix
    ../../system/desktop.nix
    ../../system/printing/home.nix
    ../../desktop
    ../../desktop/cosmic.nix
    ../../virtualisation/containers.nix
    ../../virtualisation/podman.nix
    ../../virtualisation/libvirt.nix
    ../../modules/systemdNotify.nix
  ];
  services.fprintd.enable = true;
  programs.zsh.enable = true;
  services.openssh = {
    enable = true;
    settings = {
      KbdInteractiveAuthentication = false;
      PasswordAuthentication = false;
      PermitRootLogin = "no";
    };
  };
  services.tailscale.extraUpFlags = [
    "--accept-routes"
    "--operator=felschr"
  ];
  systemd.notify.enable = true;
  systemd.notify.method = "libnotify";
  systemd.notify.libnotify.user = "felschr";
  # only change this when specified in release notes
  system.stateVersion = "25.05";
 }
--- a/hosts/cmdframe/disk-config.nix
+++ b/hosts/cmdframe/disk-config.nix
@ -0,0 +1,69 @@
 {
  disko.devices = {
    disk = {
      main = {
        type = "disk";
        device = "/dev/nvme0n1";
        content = {
          type = "gpt";
          partitions = {
            ESP = {
              size = "2G";
              type = "EF00";
              content = {
                type = "filesystem";
                format = "vfat";
                mountpoint = "/boot";
                mountOptions = [ "umask=0077" ];
              };
            };
            luks = {
              size = "100%";
              content = {
                type = "luks";
                name = "enc";
                settings = {
                  allowDiscards = true;
                };
                content = {
                  type = "btrfs";
                  extraArgs = [ "-f" ];
                  subvolumes = {
                    "@" = {
                      mountpoint = "/";
                      mountOptions = [
                        "compress-force=zstd:1"
                        "noatime"
                      ];
                    };
                    "@/nix" = {
                      mountpoint = "/nix";
                      mountOptions = [
                        "compress-force=zstd:1"
                        "noatime"
                      ];
                    };
                    "@home" = {
                      mountpoint = "/home";
                      mountOptions = [
                        "compress-force=zstd:1"
                        "noatime"
                      ];
                    };
                    "@snapshots" = {
                      mountpoint = "/.snapshots";
                      mountOptions = [
                        "compress-force=zstd:1"
                        "noatime"
                      ];
                    };
                  };
                };
              };
            };
          };
        };
      };
    };
  };
 }
--- a/hosts/cmdframe/hardware.nix
+++ b/hosts/cmdframe/hardware.nix
@ -0,0 +1,5 @@
 _:
 # TODO
 {
 }
--- a/hosts/flake-module.nix
+++ b/hosts/flake-module.nix
@ -1,6 +1,9 @@
 { self, inputs, ... }:
 {
  flake = {
    diskoConfigurations = {
      cmdframe = import ./cmdframe/disk-config.nix;
    };
    nixosConfigurations = {
      home-pc = inputs.nixpkgs.lib.nixosSystem {
        system = "x86_64-linux";
@ -73,6 +76,33 @@
          inherit inputs;
        };
      };
      cmdframe = inputs.nixpkgs.lib.nixosSystem {
        system = "x86_64-linux";
        modules = [
          inputs.disko.nixosModules.disko
          inputs.nixpkgs.nixosModules.notDetected
          inputs.nixos-hardware.nixosModules.framework-amd-ai-300-series
          (self.lib.createSystemModule "cmdframe" {
            hardwareConfig = ../hosts/cmdframe/hardware.nix;
            config = ../hosts/cmdframe/default.nix;
          })
          (self.lib.createUserModule "felschr" {
            homeModule = self.homeModules.felschr-work;
            user.extraGroups = [
              "wheel"
              "networkmanager"
              "audio"
              "disk"
              "libvirtd"
              "qemu-libvirtd"
            ];
            usesContainers = true;
          })
        ];
        specialArgs = {
          inherit inputs;
        };
      };
    };
    deploy.nodes.home-server = {
Author	SHA1	Message	Date
Felix Schröter	43c35fb2a8	feat(hosts): add cmdframe initial cmdframe configuration	2025-06-04 18:35:07 +02:00
Felix Schröter	67f8fa2cb5	feat(home): update felschr-work config	2025-06-04 18:33:55 +02:00
Felix Schröter	1ceb05f7c1	chore(flake): update inputs	2025-06-04 18:33:55 +02:00