machines: rename to 'hosts/nixos'

This will be more consistent in the future if I want to introduce darwin
or home-manager configurations.

hosts/nixos/aramis/boot.nix

@@ -0,0 +1,32 @@
+{ ... }:
+{
+  boot = {
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+
+    initrd = {
+      availableKernelModules = [
+        "nvme"
+        "sd_mod"
+        "sdhci_pci"
+        "usb_storage"
+        "usbhid"
+        "xhci_pci"
+      ];
+      kernelModules = [
+        "dm-snapshot"
+      ];
+      luks.devices.crypt = {
+        device = "/dev/nvme0n1p1";
+        preLVM = true;
+      };
+    };
+
+    kernelModules = [
+      "kvm-intel"
+    ];
+    extraModulePackages = [ ];
+  };
+}

hosts/nixos/aramis/default.nix

@@ -0,0 +1,29 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ ... }:
+
+{
+  imports = [
+    ./boot.nix
+    ./hardware.nix
+    ./home.nix
+    ./networking.nix
+    ./profiles.nix
+    ./programs.nix
+    ./services.nix
+    ./sound.nix
+  ];
+
+  # Set your time zone.
+  time.timeZone = "Europe/London";
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "20.09"; # Did you read the comment?
+}

hosts/nixos/aramis/hardware.nix

@@ -0,0 +1,40 @@
+{ lib, modulesPath, ... }:
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-label/nixos";
+      fsType = "ext4";
+    };
+
+    "/boot" = {
+      device = "/dev/disk/by-label/boot";
+      fsType = "vfat";
+    };
+  };
+
+  swapDevices = [
+    { device = "/dev/disk/by-label/swap"; }
+  ];
+
+  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+
+  my.hardware = {
+    firmware = {
+      cpuFlavor = "intel";
+    };
+  };
+
+  hardware = {
+    trackpoint = {
+      enable = true;
+
+      emulateWheel = true; # Holding middle buttons allows scrolling
+
+      device = "TPPS/2 Elan TrackPoint"; # Use the correct device name
+    };
+  };
+}

hosts/nixos/aramis/home.nix

@@ -0,0 +1,31 @@
+{ pkgs, ... }:
+{
+  my.home = {
+    # Some amount of social life
+    discord.enable = true;
+    # Image viewver
+    feh.enable = true;
+    # Firefo profile and extensions
+    firefox.enable = true;
+    # Blue light filter
+    gammastep.enable = true;
+    # Use a small popup to enter passwords
+    gpg.pinentry = "gtk2";
+    # Machine specific packages
+    packages.additionalPackages = with pkgs; [
+      element-desktop # Matrix client
+      jellyfin-media-player # Wraps the webui and mpv together
+      pavucontrol # Audio mixer GUI
+      quasselClient # IRC client
+      transgui # Transmission remote
+    ];
+    # Minimal video player
+    mpv.enable = true;
+    # Network-Manager applet
+    nm-applet.enable = true;
+    # Terminal
+    terminal.program = "alacritty";
+    # Zathura document viewer
+    zathura.enable = true;
+  };
+}

hosts/nixos/aramis/install.sh

@@ -0,0 +1,53 @@
+#!/bin/sh
+
+set -eu
+
+if [ "$(id -u)" -ne 0 ]; then
+    echo "This script must be run as root" >&2
+    exit 1
+fi
+
+SWAP_SIZE=16GiB
+
+parted /dev/nvme0n1 --script -- \
+    mklabel gpt \
+    mkpart primary 512MiB 100% \
+    mkpart ESP fat32 1MiB 512MiB \
+    set 2 esp on
+
+cryptsetup luksFormat /dev/nvme0n1p1
+cryptsetup open /dev/nvme0n1p1 crypt
+
+pvcreate /dev/mapper/crypt
+vgcreate lvm /dev/mapper/crypt
+lvcreate -L "$SWAP_SIZE" -n swap lvm
+lvcreate -l 100%FREE -n root lvm
+
+mkfs.ext4 -L nixos /dev/lvm/root
+mkswap -L swap /dev/lvm/swap
+mkfs.vfat -n boot /dev/nvme0n1p2
+
+mount /dev/disk/by-label/nixos /mnt
+mkdir /mnt/boot
+mount /dev/nvme0n1p2 /mnt/boot
+swapon /dev/lvm/swap
+
+cat << EOF
+# Run the following commands as setup user
+nixos-generate-config --root /mnt
+
+# Change uuids to labels
+vim /mnt/etc/nixos/hardware-configuration.nix
+
+# Install system
+mkdir -p /mnt/home/ambroisie/git/nix/config
+cd /mnt/home/ambroisie/git/nix/config
+
+git clone <this-repo> .
+# Assuming you set up GPG key correctly
+git crypt unlock
+
+# Setup LUKS with 'boot.initrd.luks.devices.crypt', device is /dev/nvme0n1p1, preLVM = true
+
+# Use 'nixos-install --flake .#aramis --root /mnt --impure' because of home-manager issue
+EOF

hosts/nixos/aramis/networking.nix

@@ -0,0 +1,19 @@
+{ ... }:
+{
+  networking = {
+    hostName = "aramis";
+
+    # The global useDHCP flag is deprecated, therefore explicitly set to false here.
+    # Per-interface useDHCP will be mandatory in the future, so this generated config
+    # replicates the default behaviour.
+    useDHCP = false;
+  };
+
+  my.hardware.networking = {
+    # Which interface is used to connect to the internet
+    externalInterface = "enp0s3";
+
+    # Enable WiFi integration
+    wireless.enable = true;
+  };
+}

hosts/nixos/aramis/profiles.nix

@@ -0,0 +1,19 @@
+{ ... }:
+{
+  my.profiles = {
+    # Bluetooth configuration and GUI
+    bluetooth.enable = true;
+    # Mouse and keyboard configuration
+    devices.enable = true;
+    # GTK theme configuration
+    gtk.enable = true;
+    # Laptop specific configuration
+    laptop.enable = true;
+    # Printers are hell, but so is the unability to print
+    printing.enable = true;
+    # i3 configuration
+    wm.windowManager = "i3";
+    # X configuration
+    x.enable = true;
+  };
+}

hosts/nixos/aramis/programs.nix

@@ -0,0 +1,7 @@
+{ ... }:
+{
+  my.programs = {
+    # Steam configuration
+    steam.enable = true;
+  };
+}

hosts/nixos/aramis/services.nix

@@ -0,0 +1,8 @@
+{ ... }:
+{
+  config.my.services = {
+    wireguard = {
+      enable = true;
+    };
+  };
+}

hosts/nixos/aramis/sound.nix

@@ -0,0 +1,8 @@
+{ ... }:
+{
+  my.hardware.sound = {
+    pipewire = {
+      enable = true;
+    };
+  };
+}