From fe6cd64f9dde7f4876eaf941eb0cabb083e6375b Mon Sep 17 00:00:00 2001
From: David Morgan <djm_uk@protonmail.com>
Date: Tue, 8 Nov 2022 16:19:24 +0000
Subject: [PATCH] Add config for some machines

---
 nix-conf/machines/djmuk1/configuration.nix    |  67 +++++++
 .../djmuk1/hardware-configuration.nix         |  12 ++
 nix-conf/machines/edrahil/configuration.nix   |  82 ++++++++
 .../edrahil/hardware-configuration.nix        |   9 +
 nix-conf/machines/egalmoth/configuration.nix  | 189 ++++++++++++++++++
 .../egalmoth/hardware-configuration.nix       |  31 +++
 6 files changed, 390 insertions(+)
 create mode 100644 nix-conf/machines/djmuk1/configuration.nix
 create mode 100644 nix-conf/machines/djmuk1/hardware-configuration.nix
 create mode 100644 nix-conf/machines/edrahil/configuration.nix
 create mode 100644 nix-conf/machines/edrahil/hardware-configuration.nix
 create mode 100644 nix-conf/machines/egalmoth/configuration.nix
 create mode 100644 nix-conf/machines/egalmoth/hardware-configuration.nix

diff --git a/nix-conf/machines/djmuk1/configuration.nix b/nix-conf/machines/djmuk1/configuration.nix
new file mode 100644
index 0000000..74e252a
--- /dev/null
+++ b/nix-conf/machines/djmuk1/configuration.nix
@@ -0,0 +1,67 @@
+{ config, pkgs, ... }: {
+  imports = [
+    ./hardware-configuration.nix
+  ];
+
+  boot.cleanTmpDir = true;
+
+  networking.hostName = "djmuk1";
+  networking.firewall = {
+    enable = true;
+    allowedTCPPorts = [ 113 ];
+  };
+
+  services.openssh = {
+    enable = true;
+    permitRootLogin = "no";
+    passwordAuthentication = false;
+    kbdInteractiveAuthentication = false;
+    extraConfig = ''
+      #AllowTcpForwarding yes
+      X11Forwarding no
+      AllowAgentForwarding no
+      AllowStreamLocalForwarding no
+      AuthenticationMethods publickey
+      AllowUsers djm
+    '';
+  };
+  services.sshguard.enable = true;
+  services.oidentd.enable = true;
+
+  services.locate = {
+    enable = true;
+    locate = pkgs.plocate;
+    localuser = null;
+  };
+
+  users.users.djm =
+   { isNormalUser = true;
+     home = "/home/djm";
+     description = "David Morgan";
+     extraGroups = [ "wheel" "plocate" ];
+     shell = pkgs.zsh;
+     openssh.authorizedKeys.keys = [
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCurCpxZCHtByB5wXzsjTXwMyDSB4+B8rq5XY6EGss58NwD8jc5cII4i+QUbCOGTiAggSZUSC9YIP24hjpOeNT/IYs5m7Qn1B9MtBAiUSrIYew8eDwnMLlPzN+k2x9zCrJeCHIvGJaFHPXTh1Lf5Jt2fPVGW9lksE/XUVOe6ht4N/b+nqqszXFhc8Ug6le2bC1YeTCVEf8pjlh/I7DkDBl6IB8uEXc3X2vxxbV0Z4vlBrFkkAywcD3j5VlS/QYfBr4BICNmq/sO3fMkbMbtAPwuFxeL4+h6426AARQZiSS0qVEc8OoFRBVx3GEH5fqVAWfB1geyLzei22HbjUcT9+xN davidmo@gendros" 
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK9UDTaVnUOU/JknrNdihlhhGOk53LmHq9I1ASri3aga djm@gaius"
+     ];
+   };
+
+   security.sudo.extraConfig = ''
+     djm ALL=(ALL) NOPASSWD: ALL
+   '';
+   security.doas = {
+     enable = true;
+     extraRules = [ { users = [ "djm" ]; noPass = true; keepEnv = true; } ];
+   };
+
+   environment.systemPackages = with pkgs; [
+     #procmail
+     vim
+     wget
+   ];
+   environment.variables = { EDITOR = "vim"; VISUAL = "vim"; };
+
+   nix.trustedUsers = [ "root" "djm" ];
+
+   system.stateVersion = "22.05";
+}
diff --git a/nix-conf/machines/djmuk1/hardware-configuration.nix b/nix-conf/machines/djmuk1/hardware-configuration.nix
new file mode 100644
index 0000000..4d5ccf9
--- /dev/null
+++ b/nix-conf/machines/djmuk1/hardware-configuration.nix
@@ -0,0 +1,12 @@
+{ modulesPath, ... }:
+{
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+  boot.loader.grub = {
+    efiSupport = true;
+    efiInstallAsRemovable = true;
+    device = "nodev";
+  };
+  fileSystems."/boot" = { device = "/dev/disk/by-uuid/C149-C30B"; fsType = "vfat"; };
+  boot.initrd.kernelModules = [ "nvme" ];
+  fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
+}
diff --git a/nix-conf/machines/edrahil/configuration.nix b/nix-conf/machines/edrahil/configuration.nix
new file mode 100644
index 0000000..a23c420
--- /dev/null
+++ b/nix-conf/machines/edrahil/configuration.nix
@@ -0,0 +1,82 @@
+{ config, pkgs,... }: {
+  imports = [
+    ./hardware-configuration.nix
+  ];
+
+  boot.cleanTmpDir = true;
+  zramSwap.enable = true;
+
+  networking.hostName = "edrahil";
+  networking.firewall = {
+    enable = true;
+    allowedTCPPorts = [ 113 2222 ];
+  };
+  networking = {
+  interfaces.ens3.ipv6.addresses = [{
+    address = "2a01:4f8:c0c:2be9::1";
+    prefixLength = 64;
+  }];
+  defaultGateway6 = {
+    address = "fe80::1";
+    interface = "ens3";
+  };
+};
+
+  services.openssh = {
+    enable = true;
+    ports = [ 2222 ];
+    permitRootLogin = "no";
+    passwordAuthentication = false;
+    allowSFTP = true;
+    kbdInteractiveAuthentication = false;
+    extraConfig = ''
+      #AllowTcpForwarding yes
+      X11Forwarding no
+      AllowAgentForwarding no
+      AllowStreamLocalForwarding no
+      AuthenticationMethods publickey
+      AllowUsers djm
+    '';
+  };
+  services.sshguard.enable = true;
+  services.oidentd.enable = true;
+
+  services.locate = {
+    enable = true;
+    locate = pkgs.plocate;
+    localuser = null;
+  };
+
+  users.users.djm =
+   { isNormalUser = true;
+     home = "/home/djm";
+     description = "David Morgan";
+     extraGroups = [ "wheel" "plocate" ];
+     shell = pkgs.zsh;
+     openssh.authorizedKeys.keys = [
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCurCpxZCHtByB5wXzsjTXwMyDSB4+B8rq5XY6EGss58NwD8jc5cII4i+QUbCOGTiAggSZUSC9YIP24hjpOeNT/IYs5m7Qn1B9MtBAiUSrIYew8eDwnMLlPzN+k2x9zCrJeCHIvGJaFHPXTh1Lf5Jt2fPVGW9lksE/XUVOe6ht4N/b+nqqszXFhc8Ug6le2bC1YeTCVEf8pjlh/I7DkDBl6IB8uEXc3X2vxxbV0Z4vlBrFkkAywcD3j5VlS/QYfBr4BICNmq/sO3fMkbMbtAPwuFxeL4+h6426AARQZiSS0qVEc8OoFRBVx3GEH5fqVAWfB1geyLzei22HbjUcT9+xN davidmo@gendros"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK9UDTaVnUOU/JknrNdihlhhGOk53LmHq9I1ASri3aga djm@gaius"
+     ];
+   };
+
+   security.sudo.extraConfig = ''
+     djm ALL=(ALL) NOPASSWD: ALL
+   '';
+   security.doas = {
+     enable = true;
+     extraRules = [ { users = [ "djm" ]; noPass = true; keepEnv = true; } ];
+   };
+
+   environment.systemPackages = with pkgs; [
+     #procmail
+     git
+     vim
+     wget
+   ];
+   environment.variables = { EDITOR = "vim"; VISUAL = "vim"; };
+
+   nix.trustedUsers = [ "root" "djm" ];
+
+   system.stateVersion = "22.05";
+
+}
diff --git a/nix-conf/machines/edrahil/hardware-configuration.nix b/nix-conf/machines/edrahil/hardware-configuration.nix
new file mode 100644
index 0000000..f67b9f4
--- /dev/null
+++ b/nix-conf/machines/edrahil/hardware-configuration.nix
@@ -0,0 +1,9 @@
+{ modulesPath, ... }:
+{
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+  boot.loader.grub.device = "/dev/sda";
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "vmw_pvscsi" "xen_blkfront" ];
+  boot.initrd.kernelModules = [ "nvme" ];
+  fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
+  
+}
diff --git a/nix-conf/machines/egalmoth/configuration.nix b/nix-conf/machines/egalmoth/configuration.nix
new file mode 100644
index 0000000..d9e239f
--- /dev/null
+++ b/nix-conf/machines/egalmoth/configuration.nix
@@ -0,0 +1,189 @@
+{ config, pkgs, lib, ... }:
+
+let
+  unstable = import <nixos-unstable> { };
+in
+{
+  imports =
+    [
+      ./hardware-configuration.nix
+    ];
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+  boot.kernelParams = ["intel_pstate=enable"];
+  powerManagement = {
+    enable = true;
+    #cpuFreqGovernor = "powersave";
+    powertop.enable = true;
+  };
+  services.thermald.enable = true;
+  services.power-profiles-daemon.enable = false;
+  services.tlp = {
+    enable = true;
+    settings = {
+      TLP_ENABLE = 1;
+      TLP_DEFAULT_MODE = "BAT";
+      MAX_LOST_WORK_SECS_ON_AC = 15;
+      MAX_LOST_WORK_SECS_ON_BAT = 60;
+      CPU_HWP_ON_AC = "balance_performance";
+      CPU_HWP_ON_BAT = "power";
+      CPU_MAX_PERF_ON_BAT = 40;
+      CPU_BOOST_ON_BAT = 0;
+      SCHED_POWERSAVE_ON_AC = 0;
+      SCHED_POWERSAVE_ON_BAT = 1;
+      ENERGY_PERF_POLICY_ON_AC = "balance-performance";
+      ENERGY_PERF_POLICY_ON_BAT = "power";
+      DISK_DEVICES = "nvme0n1 sda";
+      DISK_APM_LEVEL_ON_AC = "254 254";
+      DISK_APM_LEVEL_ON_BAT = "128 128";
+      SATA_LINKPWR_ON_AC = "med_power_with_dipm max_performance";
+      SATA_LINKPWR_ON_BAT = "med_power_with_dipm min_power";
+      PCIE_ASPM_ON_BAT = "powersave";
+      WIFI_PWR_ON_AC = "off";
+      WIFI_PWR_ON_BAT = "on";
+      WOL_DISABLE = "Y";
+      SOUND_POWER_SAVE_ON_AC = 0;
+      SOUND_POWER_SAVE_ON_BAT = 1;
+      RUNTIME_PM_ON_AC = "on";
+      RUNTIME_PM_ON_BAT = "auto";
+      USB_AUTOSUSPEND = 1;
+      USB_BLACKLIST = "0bda:8153";
+      RESTORE_DEVICE_STATE_ON_STARTUP = 1;
+    };
+  };
+
+  hardware.opengl.enable = true;
+  hardware.opengl.driSupport = true;
+
+  networking.hostName = "egalmoth"; # Define your hostname.
+  networking.networkmanager.enable = true;
+
+  time.timeZone = "Europe/London";
+
+  networking.useDHCP = false;
+  networking.interfaces.enp45s0.useDHCP = true;
+  networking.interfaces.wlp46s0.useDHCP = true;
+
+  services.xserver.enable = true;
+  services.xserver.exportConfiguration = true;
+
+
+  services.xserver.displayManager.gdm.enable = true;
+  services.xserver.desktopManager.gnome.enable = true;
+  services.xserver.displayManager.sessionPackages = [ pkgs.sway ];
+  #services.xserver.displayManager.defaultSession = "none+i3";
+  services.xserver.displayManager.defaultSession = "sway";
+
+  services.xserver.windowManager.i3.enable = true;
+  services.upower.enable = true;
+
+  services.xserver.layout = "gb";
+
+  services.printing.enable = true;
+  services.printing.drivers = [ pkgs.gutenprint pkgs.hplipWithPlugin ];
+
+  nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
+     "hplip"
+  ];
+
+  hardware.sane.enable = true;
+
+  services.udev.packages = [
+    (pkgs.writeTextFile {
+      name = "epson_udev";
+      text = ''
+        ATTRS{idVendor}=="04b8", ATTRS{idProduct}=="084a", MODE="0664", GROUP="lp", ENV{libsane_matched}="yes"
+      '';
+
+      destination = "/etc/udev/rules.d/99-printer.rules";
+    })
+  ];
+
+  services.xserver.libinput = {
+    enable = true;
+    touchpad = {
+      clickMethod = "clickfinger";
+      naturalScrolling = true;
+      #tappingButtonMap = "lrm";
+      #tappingButtonMap = "lmr";
+    };
+  };
+
+  services.dbus.enable = true;
+
+  users.users.djm =
+   { isNormalUser = true;
+     description = "David Morgan";
+     extraGroups = [ "wheel" "networkmanager" "scanner" "lp" "plocate" "cdrom" ];
+     shell = pkgs.zsh;
+     openssh.authorizedKeys.keys = [
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCurCpxZCHtByB5wXzsjTXwMyDSB4+B8rq5XY6EGss58NwD8jc5cII4i+QUbCOGTiAggSZUSC9YIP24hjpOeNT/IYs5m7Qn1B9MtBAiUSrIYew8eDwnMLlPzN+k2x9zCrJeCHIvGJaFHPXTh1Lf5Jt2fPVGW9lksE/XUVOe6ht4N/b+nqqszXFhc8Ug6le2bC1YeTCVEf8pjlh/I7DkDBl6IB8uEXc3X2vxxbV0Z4vlBrFkkAywcD3j5VlS/QYfBr4BICNmq/sO3fMkbMbtAPwuFxeL4+h6426AARQZiSS0qVEc8OoFRBVx3GEH5fqVAWfB1geyLzei22HbjUcT9+xN davidmo@gendros"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK9UDTaVnUOU/JknrNdihlhhGOk53LmHq9I1ASri3aga djm@gaius"
+     ];
+   };
+   security.sudo.extraConfig = ''
+     djm ALL=(ALL) NOPASSWD: ALL
+   '';
+   security.doas = {
+     enable = true;
+     extraRules = [ { users = [ "djm" ]; noPass = true; keepEnv = true; } ];
+   };
+
+
+  services.locate = {
+    enable = true;
+    locate = pkgs.plocate;
+    localuser = null;
+  };
+
+  environment.systemPackages = with pkgs; [
+    acpi
+    acpitool
+    bemenu
+    #dbus-sway-environment
+    firefox
+    foot
+    ghostscript
+    git
+    i3
+    imagemagick
+    lm_sensors
+    playerctl
+    rofi
+    st
+    sway
+    vim
+    wayland
+    wayst
+    wezterm
+    wl-clipboard
+    wget
+    xclip
+    xurls
+    xst
+  ];
+
+  fonts.fonts = with pkgs; [
+    unstable.iosevka-comfy.comfy
+    iosevka-bin
+    jetbrains-mono
+    meslo-lgs-nf
+  ];
+
+  programs.sway = {
+    enable = true;
+    wrapperFeatures.gtk = true;
+  };
+
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+  };
+
+  services.openssh.enable = true;
+
+  system.stateVersion = "21.05"; # Did you read the comment?
+
+}
+
diff --git a/nix-conf/machines/egalmoth/hardware-configuration.nix b/nix-conf/machines/egalmoth/hardware-configuration.nix
new file mode 100644
index 0000000..4a5ae74
--- /dev/null
+++ b/nix-conf/machines/egalmoth/hardware-configuration.nix
@@ -0,0 +1,31 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/b2189909-19fe-4f58-a8ff-4de288199843";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/6ED1-F330";
+      fsType = "vfat";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/a130cacb-d7e0-4fb8-a312-a34d19f00796"; }
+    ];
+
+  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+}