1 files changed, 84 insertions, 0 deletions

diff --git a/hosts/fangorn/default.nix b/hosts/fangorn/default.nix
new file mode 100644
index 0000000..82f9ff9
--- /dev/null
+++ b/hosts/fangorn/default.nix
@@ -0,0 +1,84 @@
+{ config, inputs, lib, outputs, pkgs, ... }: {
+  boot = {
+    kernelPackages = pkgs.linuxPackages_6_12;
+    loader = {
+      efi.canTouchEfiVariables = true;
+      systemd-boot.enable = true;
+      timeout = 3;
+    };
+    supportedFilesystems = [ "zfs" ];
+    zfs = {
+      devNodes = "/dev/disk/by-label";
+      package = pkgs.master.zfs;
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    signal-desktop-source
+    wpa_supplicant
+  ];
+
+  imports = [
+    ./disks.nix
+    ./hardware-configuration.nix
+    ../common/core
+    #../common/optional/db.nix
+    ../common/optional/dev.nix
+    ../common/optional/ebooks.nix
+    #../common/optional/games.nix
+    ../common/optional/misc.nix
+    ../common/optional/multimedia.nix
+    ../common/optional/pipewire.nix
+    ../common/optional/services/nolid.nix
+    ../common/optional/services/openssh.nix
+    #../common/optional/services/tlp.nix
+    ../common/optional/services/xorg.nix
+    ../common/optional/sound.nix
+    ../common/optional/wdt.nix
+    ../common/optional/zfs.nix
+    ../common/users/don
+    ../common/users/nipsy
+    ../common/users/root
+  ];
+
+  networking = {
+    firewall.extraInputRules = ''
+      iifname "wg0" tcp dport ssh counter accept
+    '';
+    hostId = "6f1faddc";
+    hostName = "fangorn";
+    networkmanager.enable = true;
+    nftables.enable = true;
+  };
+
+  nixpkgs = {
+    config.allowUnfree = true;
+    hostPlatform = "x86_64-linux";
+    overlays = [
+      outputs.overlays.additions
+      outputs.overlays.modifications
+      outputs.overlays.master-packages
+      outputs.overlays.stable-packages
+    ];
+  };
+
+  services.openssh = {
+    openFirewall = false;
+    settings.X11Forwarding = true;
+  };
+  services.xserver.desktopManager.xfce.enable = true;
+  services.xserver.videoDrivers = [ "amdgpu" ];
+
+  sops = {
+    age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+    defaultSopsFile = ../secrets/fangorn.yaml;
+
+    secrets = {
+      "nix-access-token-github" = {};
+    };
+  };
+
+  system.stateVersion = "23.11";
+
+  time.timeZone = lib.mkForce "America/Chicago";
+}