1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

diff --git a/apps/common.nix b/apps/common.nix
new file mode 100644
index 0000000000000000000000000000000000000000..aa971bd3d1b83547455fd326f6a86442f94a03c5
--- /dev/null
+++ b/apps/common.nix
@@ -0,0 +1,46 @@
+{
+  pkgs,
+  config,
+  ...
+}: {
+  imports = [
+    ./bat.nix
+    ./bottom.nix
+    ./exa.nix
+    ./fzf.nix
+    ./gpg.nix
+    ./git.nix
+    ./helix.nix
+    ./jq.nix
+    ./lazygit.nix
+    ./nushell.nix
+    ./oh-my-posh.nix
+    ./ssh.nix
+    ./xdg.nix
+    ./zoxide.nix
+  ];
+  home = {
+    packages = with pkgs; [
+      # Tools
+      age
+      bitwarden-cli
+      duf
+      du-dust
+      fd
+      just
+      ripgrep
+
+      # LSPs
+      nil
+
+      # Formatters
+      alejandra
+    ];
+    activation.report-changes = config.lib.dag.entryAnywhere ''
+      ${pkgs.nvd}/bin/nvd --nix-bin-dir=${pkgs.nix}/bin diff $oldGenPath $newGenPath
+    '';
+    stateVersion = "22.11";
+  };
+
+  programs = {home-manager.enable = true;};
+}

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78

diff --git a/apps/default.nix b/apps/default.nix
index 35a50ecb8f6bd421220ad6d554098253133c27ce..08c7d47fd76bd9ef409eb7af9ee5002503f403b0 100644
--- a/apps/default.nix
+++ b/apps/default.nix
@@ -1,58 +1,30 @@
-{
-  pkgs,
-  config,
-  ...
-}: {
+{pkgs, ...}: {
   imports = [
-    ./bat.nix
-    ./bottom.nix
-    ./exa.nix
+    ./common.nix
+
     ./firefox.nix
-    ./fzf.nix
-    ./gpg.nix
-    ./git.nix
     ./go.nix
     ./gtk.nix
-    ./helix.nix
-    ./jq.nix
-    ./lazygit.nix
-    ./nushell.nix
-    ./oh-my-posh.nix
     ./spotifyd.nix
-    ./ssh.nix
     ./tiny.nix
     ./wezterm.nix
-    ./xdg.nix
-    ./zoxide.nix
   ];
   home = {
     packages = with pkgs; [
       # Tools
-      age
-      bitwarden-cli
       delve
       discord
-      duf
-      du-dust
-      fd
-      just
       obsidian
       spotify-tui
-      ripgrep
-      usql
 
       # LSPs
       gopls
       lua-language-server
       marksman
-      nil
       nodePackages.yaml-language-server
 
       # Formatters
       alejandra
-      black
-      gofumpt
-      nodePackages.lua-fmt
 
       # IDEs
       jetbrains.goland
@@ -65,11 +37,5 @@       nur.repos.jolheiser.kv
       nur.repos.jolheiser.tclip
       nur.repos.jolheiser.tmpl
     ];
-    activation.report-changes = config.lib.dag.entryAnywhere ''
-      ${pkgs.nvd}/bin/nvd --nix-bin-dir=${pkgs.nix}/bin diff $oldGenPath $newGenPath
-    '';
-    stateVersion = "22.11";
   };
-
-  programs = {home-manager.enable = true;};
 }

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78

diff --git a/flake.nix b/flake.nix
index 6b4d8ebe9073a83d5b567efe0e7d26890a900fa2..8d631b9b473de2ef9a330bdeedaa3be3e762487a 100644
--- a/flake.nix
+++ b/flake.nix
@@ -36,7 +36,7 @@           jolheiser = import jolheiser-nur {pkgs = prev;};
         };
       };
     };
-    commonConfig = {
+    commonConfig = {server ? false}: {
       config,
       pkgs,
       ...
@@ -46,23 +46,33 @@         file = path;
         owner = username;
       };
     in {
-      config = {
-        nixpkgs.overlays = [overlays];
-        home-manager = {
-          useGlobalPkgs = true;
-          useUserPackages = true;
-          users.${username}.imports = [./apps];
-          extraSpecialArgs = {
-            flakePath = "/home/${username}/.config/nixpkgs";
+      config =
+        {
+          nixpkgs.overlays = [overlays];
+          home-manager = {
+            useGlobalPkgs = true;
+            useUserPackages = true;
+            users.${username}.imports =
+              if !server
+              then [./apps]
+              else [./apps/common.nix];
+            extraSpecialArgs = {
+              flakePath = "/home/${username}/.config/nixpkgs";
+            };
           };
-        };
-        age.secrets = {
-          ssh-config = userSecret ./secrets/shared/ssh-config.age;
-          ssh-config-work = userSecret ./secrets/shared/ssh-config-work.age;
-          spotify-pw = userSecret ./secrets/shared/spotify-pw.age;
-          irc-pw = userSecret ./secrets/shared/irc-pw.age;
-        };
-      };
+        }
+        // (
+          if !server
+          then {
+            age.secrets = {
+              ssh-config = userSecret ./secrets/shared/ssh-config.age;
+              ssh-config-work = userSecret ./secrets/shared/ssh-config-work.age;
+              spotify-pw = userSecret ./secrets/shared/spotify-pw.age;
+              irc-pw = userSecret ./secrets/shared/irc-pw.age;
+            };
+          }
+          else {}
+        );
     };
     username = "jolheiser";
   in
@@ -111,6 +121,14 @@             agenix.nixosModules.default
             ./machines/common
             ./machines/matcha
             commonConfig
+          ];
+        };
+        "dragonwell" = nixpkgs.lib.nixosSystem {
+          system = "x86_64-linux";
+          modules = [
+            home-manager.nixosModules.home-manager
+            ./machines/dragonwell
+            (commonConfig {server = true;})
           ];
         };
       };

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59

diff --git a/machines/dragonwell/default.nix b/machines/dragonwell/default.nix
new file mode 100644
index 0000000000000000000000000000000000000000..589e707bc4db59f6690d203d6987a0f41a607960
--- /dev/null
+++ b/machines/dragonwell/default.nix
@@ -0,0 +1,53 @@
+{pkgs, ...}: let
+  username = "jolheiser";
+in {
+  imports = [./hardware.nix];
+
+  nixpkgs.config.allowUnfree = true;
+
+  nix = {
+    gc.automatic = true;
+    package = pkgs.nixVersions.nix_2_15;
+    settings = {
+      experimental-features = ["flakes" "nix-command" "repl-flake"];
+      auto-optimise-store = true;
+      warn-dirty = false;
+    };
+  };
+
+  system.activationScripts.diff = {
+    supportsDryActivation = true;
+    text = ''
+      ${pkgs.nvd}/bin/nvd --nix-bin-dir=${pkgs.nix}/bin diff /run/current-system "$systemConfig"
+    '';
+  };
+
+  boot.tmp.cleanOnBoot = true;
+  zramSwap.enable = true;
+
+  networking = {
+    hostName = "dragonwell";
+
+    firewall.enable = true;
+  };
+
+  services = {
+    openssh = {
+      enable = true;
+    };
+
+    tailscale.enable = true;
+  };
+
+  virtualisation.docker.enable = true;
+
+  users.users."${username}" = {
+    extraGroups = ["wheel" "docker" "storage"];
+    isNormalUser = true;
+    openssh.authorizedKeys.keys = [
+      ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfKqCWtDlS3tgvfT6hQN+ii8UtabIZ+ZNmYN+bLwIa8PHOEW5MbfaqXSlhKkSi4+7SfQDCHphw0SMfhsQ4qMEcoywZ+4niDgKlQEVkl+S/VGbLuPe92NRStkyreZBLPr3Rh7ScNlGHcmHmoV9v7725fMnsMmabGVhpGO84PwNHOfJyv2tx2h6LxFbAV8S44UQu2lc8YLWCK2UvKuRnBerBXLnDQThUUX8UuCFzb786gQzD5XDU0MENbByxiy0XdVGAC+tFXEiSIgFZlFbFYyShgdTP9MzX2MOglEi+ae+1UIFncraW7ptUey7qHFJylpHWWWvE+GTwsg2G50i0FvFj jolheiser@jolheiser''
+    ];
+  };
+
+  system.stateVersion = "22.11";
+}

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16

diff --git a/machines/dragonwell/hardware.nix b/machines/dragonwell/hardware.nix
new file mode 100644
index 0000000000000000000000000000000000000000..329ed8a5c0c1e4620550260d9f14a5f4de47258e
--- /dev/null
+++ b/machines/dragonwell/hardware.nix
@@ -0,0 +1,10 @@
+{modulesPath, ...}: {
+  imports = [(modulesPath + "/profiles/qemu-guest.nix")];
+  boot.loader.grub.device = "/dev/sda";
+  boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi"];
+  boot.initrd.kernelModules = ["nvme"];
+  fileSystems."/" = {
+    device = "/dev/sda1";
+    fsType = "ext4";
+  };
+}