Initial release

features/base.nix

@@ -0,0 +1,45 @@
+{ pkgs, ... }: {
+  users.mutableUsers = false;
+  nixpkgs.config.allowUnfree = true;
+
+  services.smartd.enable = true;
+
+  boot.supportedFilesystems = [ "zfs" "ntfs" ];
+
+  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
+
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+
+  nix.channel.enable = false;
+
+  # TODO: ????
+  networking.wireless.enable = false;
+
+  # Basic Services
+  services.uptimed.enable = true;
+
+  services.openssh.enable = true;
+  services.openssh.settings.PermitRootLogin = "no";
+
+  # Basic Utilities
+  environment.systemPackages = with pkgs; [
+    # Basic Utilities
+    bc pv killall unzip unrar-wrapper unar
+
+    # System Monitoring / TUI QoL Tools
+    btop iotop tmux byobu
+
+    # Security / Cryptography
+    ssss gnupg pwgen qrencode diceware
+
+    # Applications
+    vim_configurable
+
+    # asdf
+    git ffmpeg restic rclone nixos-generators
+    # samba libvirt tinc_pre
+
+    # File Systems
+    nfs-utils cifs-utils exfatprogs
+  ];
+}

features/br0.nix

@@ -0,0 +1,23 @@
+{ ... }: {
+  networking.useNetworkd = true;
+  systemd.network = {
+    enable = true;
+    netdevs."20-br0".netdevConfig = {
+      Kind = "bridge";
+      Name = "br0";
+    };
+    networks = {
+      "40-br0" = {
+        matchConfig.Name = "br0";
+        bridgeConfig = {};
+        linkConfig = {
+          RequiredForOnline = "routable";
+        };
+        networkConfig = {
+          DHCP = "ipv4";
+          IPv6AcceptRA = true;
+        };
+      };
+    };
+  };
+}

features/docker.nix

@@ -0,0 +1,3 @@
+{ ... }: {
+  virtualisation.docker.enable = true;
+}

features/dockge.nix

@@ -0,0 +1,21 @@
+{ ... }: {
+  virtualisation.oci-containers.backend = "docker";
+  virtualisation.oci-containers.containers = {
+    dockge = {
+      image = "louislam/dockge";
+      ports = [
+        "5001:5001"
+      ];
+      volumes = [
+        "/var/run/docker.sock:/var/run/docker.sock"
+        "/opt/stacks/dockge/data:/app/data"
+        "/root/.docker/:/root/.docker"
+        "/opt/stacks:/opt/stacks"
+      ];
+      environment = {
+        DOCKGE_STACKS_DIR = "/opt/stacks";
+      };
+    };
+  };
+
+}

features/embedded.nix

@@ -0,0 +1,44 @@
+{ pkgs, unstable, ... }: {
+  nixpkgs.config.allowUnfree = true;
+  nixpkgs.config.segger-jlink.acceptLicense = true;
+
+  # TODO: whygodwhy.jpg
+  nixpkgs.config.permittedInsecurePackages = [ "segger-jlink-qt4-796s" ];
+
+  environment.systemPackages = with pkgs; [
+    unstable.platformio # https://github.com/NixOS/nixpkgs/commit/0ba947ba44fc17c7cc94be2374dbfb939900cecd
+    segger-jlink
+
+    arduino-ide
+    stm32cubemx
+
+    avrdude
+    esptool
+    stlink
+    stlink-gui
+    (kicad-small.override { addons=[kicadAddons.kikit kicadAddons.kikit-library]; })
+    kikit
+    screen
+    prusa-slicer
+    esphome
+    librecad
+    pulseview
+    sigrok-cli
+  ];
+
+  services.udev.packages = with pkgs; [
+    platformio
+    platformio-core
+
+    openocd
+    stlink
+    esptool
+    avrdude
+  ];
+
+  services.udev.extraRules = ''
+    SUBSYSTEM=="usb", ATTR{idVendor}="1a86", ATTR{idProduct}=="8010", MODE="0666"
+    SUBSYSTEM=="usb", ATTR{idVendor}="4348", ATTR{idProduct}=="55e0", MODE="0666"
+    SUBSYSTEM=="usb", ATTR{idVendor}="1a86", ATTR{idProduct}=="8012", MODE="0666"
+  '';
+}

features/factorio.nix

@@ -0,0 +1,13 @@
+{ pkgs, ... }: {
+  environment.systemPackages = with pkgs; [
+    (factorio.override {
+      username = "";
+      token = "";
+
+      releaseType = "alpha";
+      version = "1.1.107";
+
+      # nix-prefetch-url "file:///run/media/lauren_lagarde/Lauren%20USB/Applications/factorio/factorio_alpha_x64_1.1.107.tar.xz" --name factorio_alpha_x64-1.1.107.tar.xz
+    })
+  ];
+}

features/headless.nix

@@ -0,0 +1,67 @@
+{ config, lib, pkgs, callPackage, ... }: {
+
+  ##############################################################################
+  ##############################################################################
+  ##############################################################################
+  # Packages
+
+  environment.systemPackages = with pkgs; [
+    # Basic Utilities
+    bc pv killall unzip unrar-wrapper unar
+
+    # System Monitoring / TUI QoL Tools
+    btop iotop tmux byobu
+
+    # Backup Tools
+    restic rclone
+
+    # Networking Utilities
+    dig tinc_pre traceroute wireguard-tools iperf3
+
+    # Security / Cryptography
+    (pass.withExtensions (ext: with ext; [ pass-otp pass-update ]))
+    ssss gnupg pwgen qrencode diceware
+
+    # NixOS Helpers
+    nixos-generators nix-index nix-search-cli
+
+    # Applications
+    vim_configurable
+
+    # File Systems
+    nfs-utils cifs-utils exfatprogs
+
+    # Multimedia Utilities
+    ffmpeg imagemagick
+
+    # Services
+    podman-compose
+
+    units usbutils pciutils
+  ];
+
+  ##############################################################################
+  ##############################################################################
+  ##############################################################################
+  # Services
+  # TODO: Split this out further
+
+  services.uptimed.enable = true;
+
+  services.openssh = {
+    enable = true;
+    settings = {
+      PermitRootLogin = lib.mkForce "no";
+      PasswordAuthentication = false;
+    };
+  };
+
+  # TODO: Attempt to use podman
+  virtualisation.docker.enable = true;
+  virtualisation.containers.enable = true;
+  virtualisation.podman = {
+    enable = true;
+    dockerCompat = false;
+    defaultNetwork.settings.dns_enabled = true;
+  };
+}

features/i3.nix

@@ -0,0 +1,71 @@
+{ pkgs, lib, unstable, ... }: {
+
+  hardware.graphics.enable32Bit = true;
+
+  ##############################################################################
+  ##############################################################################
+  ##############################################################################
+  # Display Server Config
+
+  services.xserver = {
+    enable = true;
+
+    desktopManager = {
+      xterm.enable = false;
+      gnome.enable = true;
+    };
+
+    windowManager.i3.enable = true;
+  };
+
+  services.displayManager = {
+    defaultSession = "none+i3";
+  };
+
+  ##############################################################################
+  ##############################################################################
+  ##############################################################################
+  # Packages
+
+  programs.virt-manager.enable = true;
+
+  environment.systemPackages = with pkgs; [
+    # Polybar
+    siji
+    polybar
+    font-awesome
+    font-awesome_5
+    networkmanagerapplet
+
+    # Apps
+    gnome-terminal
+    chromium
+    qtpass
+    unstable.yt-dlp
+
+    rofi
+    i3status
+    i3lock
+    i3blocks
+    nemo-with-extensions
+    dunst
+    pinentry-qt
+    brightnessctl
+    openscad-unstable
+    shutter
+    pavucontrol
+    arandr
+    blueman
+    sublime-merge
+    libreoffice
+    gparted
+    loupe
+    gthumb
+    vlc
+    mpv
+
+    ledger
+    xorg.xkill
+    sound-juicer
+  ];
+}

features/intelgpu.nix

@@ -0,0 +1,16 @@
+{ pkgs, ... }: {
+  nixpkgs.config.packageOverrides = pkgs: {
+    intel-vaapi-driver = pkgs.intel-vaapi-driver.override { enableHybridCodec = true; };
+  };
+
+  hardware.graphics = {
+    enable = true;
+    extraPackages = with pkgs; [
+      intel-media-driver
+      intel-vaapi-driver
+      libvdpau-va-gl
+    ];
+  };
+
+  environment.sessionVariables = { LIBVA_DRIVER_NAME = "iHD"; };
+}

features/libvirt.nix

@@ -0,0 +1,3 @@
+{ ... }: {
+  virtualisation.libvirtd.enable = true;
+}

features/nvidia.nix

@@ -0,0 +1,36 @@
+# https://community.frame.work/t/egpu-gtx-1060-6gb-working-great-on-nixos-on-the-12th-gen-framework/40919
+{ config, ... }: {
+  # Enable OpenGL
+  hardware.graphics.enable = true;
+
+  # Load nvidia driver for Xorg and Wayland
+  services.xserver.videoDrivers = ["nvidia"];
+
+  hardware.nvidia = {
+    # Modesetting is required.
+    modesetting.enable = true;
+
+    # Nvidia power management. Experimental, and can cause sleep/suspend to fail.
+    powerManagement.enable = true;
+
+    # Fine-grained power management. Turns off GPU when not in use.
+    # Experimental and only works on modern Nvidia GPUs (Turing or newer).
+    powerManagement.finegrained = false;
+
+    # Use the NVidia open source kernel module (not to be confused with the
+    # independent third-party "nouveau" open source driver).
+    # Support is limited to the Turing and later architectures. Full list of
+    # supported GPUs is at:
+    # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
+    # Only available from driver 515.43.04+
+    # Currently alpha-quality/buggy, so false is currently the recommended setting.
+    open = false;
+
+    # Enable the Nvidia settings menu,
+    # accessible via `nvidia-settings`.
+    nvidiaSettings = true;
+
+    # Optionally, you may need to select the appropriate driver version for your specific GPU.
+    package = config.boot.kernelPackages.nvidiaPackages.stable;
+  };
+}

features/persistent_docker.nix

@@ -0,0 +1,40 @@
+{ pkgs, lib, ... }: {
+  systemd.mounts = [
+    {
+      type = "ext4";
+      options = "rw";
+      what = "/dev/vda";
+      where = "/persistent";
+    }
+  ];
+
+  systemd.automounts = [
+    {
+      wantedBy = [ "multi-user.target" ];
+      where = "/persistent";
+    }
+  ];
+
+  virtualisation.docker.daemon.settings = {
+    data-root = "/persistent/docker-root";
+  };
+
+  virtualisation.oci-containers.backend = "docker";
+  virtualisation.oci-containers.containers = {
+    dockge = {
+      image = "louislam/dockge";
+      ports = [
+        "5001:5001"
+      ];
+      volumes = [
+        "/var/run/docker.sock:/var/run/docker.sock"
+        "/persistent/stacks/dockge/data:/app/data"
+        "/root/.docker/:/root/.docker"
+        "/persistent/stacks:/persistent/stacks"
+      ];
+      environment = {
+        DOCKGE_STACKS_DIR = "/persistent/stacks";
+      };
+    };
+  };
+}

features/printing.nix

@@ -0,0 +1,10 @@
+{ pkgs, ... }: {
+  services.printing.enable = true;
+  services.printing.drivers = with pkgs; [ brlaser hplipWithPlugin ];
+
+  services.avahi = {
+    enable = true;
+    nssmdns4 = true;
+    openFirewall = true;
+  };
+}

features/rtl-sdr.nix

@@ -0,0 +1,12 @@
+{ pkgs, unstable, ... }: {
+  hardware.rtl-sdr.enable = true;
+  users.users.lauren_lagarde.extraGroups = [ "plugdev" ];
+
+  services.udev.packages = [ pkgs.rtl-sdr ];
+
+  environment.systemPackages = with pkgs; [
+    gnuradio
+    soapyrtlsdr
+    gqrx
+  ];
+}

features/stronghold-binary-cache.nix

@@ -0,0 +1,13 @@
+{ ... }: {
+  nix.settings = {
+    substituters = [
+      "http://nix-cache.stronghold.mlaga97.space"
+      "https://nix-community.cachix.org"
+      "https://cache.nixos.org/"
+    ];
+    trusted-public-keys = [
+      "nix-cache.stronghold.mlaga97.space:RR2S/XWXGjACgAeN30qWCgG1wySOyTGtup8Os3yrdQw="
+      "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+    ];
+  };
+}

features/virtualbox.nix

@@ -0,0 +1,10 @@
+{ ... }: {
+  virtualisation.libvirtd.enable = false;
+
+  virtualisation.virtualbox = {
+    host = {
+      enable = true;
+      enableExtensionPack = true;
+    };
+  };
+}

features/yubikey.nix

@@ -0,0 +1,17 @@
+{ pkgs, lib, ... }: {
+  environment.systemPackages = with pkgs; [
+		yubikey-personalization
+  ];
+
+	services.udev.packages = with pkgs; [
+		yubikey-personalization
+  ];
+
+	services.pcscd.enable = true;
+  programs.ssh.startAgent = false;
+
+	programs.gnupg.agent = {
+		enable = true;
+		enableSSHSupport = true;
+  };
+}