Add host veil

flake.nix

@@ -36,6 +36,12 @@
             ./hosts/lift
           ];
         };
+        veil = nixpkgs.lib.nixosSystem {
+          inherit system;
+          modules = [
+            ./hosts/veil
+          ];
+        };
         tien = nixpkgs.lib.nixosSystem {
           inherit system;
           modules = [
@@ -58,14 +64,16 @@
             inherit ghostty;
           };
         };
-        "rothe@johannes-powermachine" = home-manager.lib.homeManagerConfiguration {
+        "rothe@veil" = home-manager.lib.homeManagerConfiguration {
           inherit pkgs;
           modules = [
             ./home/terminal
+            ./home/wayland
             nixvim.homeManagerModules.nixvim
           ];
           extraSpecialArgs = {
             mail = nixpkgs.lib.strings.concatStrings ["mail" "@" "johannes-rothe.de"];
+            inherit ghostty;
           };
         };
         "rothe@pdemu1cml000301" = home-manager.lib.homeManagerConfiguration {

hosts/lift/configuration.nix

@@ -26,27 +26,6 @@
   # bluetooth
   hardware.bluetooth.enable = true;
 
-  security.rtkit.enable = true;
-
-  # Define a user account. Don't forget to set a password with ‘passwd’.
-  users.users.rothe = {
-    isNormalUser = true;
-    description = "rothe";
-    extraGroups = [ "networkmanager" "wheel" "video" "scanner" "lp" "incus-admin" "dialout" ];
-    shell = pkgs.fish;
-    packages = with pkgs; [
-      chromium
-      firefox
-      logseq
-      thunderbird
-    ];
-  };
-
-  nixpkgs.config.permittedInsecurePackages = [
-    "electron-27.3.11"
-  ];
-  nixpkgs.config.allowUnfree = true;
-
   environment.systemPackages = with pkgs; [
     avrdude
     cryptsetup
@@ -67,9 +46,7 @@
   services.passSecretService.enable = true;
   services.gvfs.enable = true;
 
-
   services.blueman.enable = true;
-  services.fwupd.enable = true;
 
   networking.nftables = {
     enable = true;

hosts/lift/default.nix

@@ -4,6 +4,7 @@
     ./configuration.nix
     ./hardware-configuration.nix
     ../../modules/terminal/base.nix
+    ../../modules/terminal/user.nix
     ../../modules/graphical/base.nix
     ../../modules/graphical/printing.nix
     ../../modules/graphical/steam.nix

hosts/veil/configuration.nix

@@ -0,0 +1,19 @@
+{ ... }:
+
+{
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "veil";
+
+  networking.networkmanager.enable = true;
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "24.11"; # Did you read the comment?
+
+}

hosts/veil/default.nix

@@ -0,0 +1,13 @@
+{...}:
+{
+  imports = [
+    ./configuration.nix
+    ./hardware-configuration.nix
+    ../../modules/terminal/base.nix
+    ../../modules/terminal/user.nix
+    ../../modules/graphical/amdgpu.nix
+    ../../modules/graphical/base.nix
+    ../../modules/graphical/printing.nix
+    ../../modules/graphical/steam.nix
+  ];
+}

hosts/veil/hardware-configuration.nix

@@ -0,0 +1,41 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/efaa7991-10ec-4c9b-b8e1-f8494f1786f9";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/5DB3-F970";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/4dbfb986-1e81-4fcb-abea-21dd933cf581"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp7s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp6s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

modules/graphical/amdgpu.nix

@@ -0,0 +1,6 @@
+{...}:
+{
+  boot.initrd.kernelModules = [ "amdgpu" ];
+  # for Southern Islands (SI i.e. GCN 1) cards
+  boot.kernelParams = [ "radeon.si_support=0" "amdgpu.si_support=1" ];
+}

modules/graphical/base.nix

@@ -5,21 +5,25 @@
 
   environment.systemPackages = with pkgs; [
     calibre
+    chromium
     dracula-theme
-    evince
-    gimp
     eog
-    nautilus
+    evince
-    simple-scan
+    firefox
+    gimp
     inkscape
     libreoffice
+    logseq
+    nautilus
     pavucontrol
     portfolio
     prusa-slicer
     pulseaudio
     signal-desktop
+    simple-scan
     spotify
     syncthing
+    thunderbird
     vlc
     wayshot
     wdisplays
@@ -28,11 +32,18 @@
     yt-dlp
   ];
 
+  # Workaround for logseq
+  nixpkgs.config.permittedInsecurePackages = [
+    "electron-27.3.11"
+  ];
+
   programs = {
     light.enable = true;
     sway.enable = true;
   };
 
+  security.rtkit.enable = true;
+
   services = {
     dbus.enable = true;
     greetd = {

modules/terminal/base.nix

@@ -19,6 +19,7 @@
   };
 
   console.keyMap = "de-latin1-nodeadkeys";
+  nixpkgs.config.allowUnfree = true;
 
   environment.systemPackages = with pkgs; [
     bind
@@ -45,6 +46,7 @@
   };
 
   services = {
+    fwupd.enable = true;
     resolved.enable = true;
     tailscale.enable = true;
   };

modules/terminal/user.nix

@@ -0,0 +1,10 @@
+{pkgs, ...}:
+{
+
+  users.users.rothe = {
+    isNormalUser = true;
+    description = "rothe";
+    extraGroups = [ "networkmanager" "wheel" "video" "scanner" "lp" "incus-admin" "dialout" ];
+    shell = pkgs.fish;
+  };
+}