1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
{
system = "x86_64-linux";
nixpkgsStable = true;
domain = "infra.zaphyra.eu";
sshPubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBGgd/59d8wyU9kE6iRSMvTmev8z5dq4YtjeBlEoAI4S";
hardware = {
cpuVendor = "intel";
allowHibernation = true;
};
networking = {
hasDN42 = true;
dn42Address = "fd6b:6174:6a61::3";
};
configuration =
{
modulesPath,
config,
pkgs,
lib,
...
}:
{
imports = [
(modulesPath + "/profiles/minimal.nix")
];
boot.initrd.systemd.emergencyAccess = true;
sops.secrets."environments/networkManagerProfiles/cccdaWifi" = { };
modules = {
filesystem = {
impermanence.system.enable = true;
impermanence.home.enable = true;
rootDisk = {
enable = true;
encrypt = true;
type = "zfs";
path = "/dev/disk/by-id/nvme-SKHynix_HFS512GDE9X081N_FYB8N034411508M5G";
reservedSpace = "3G";
parts = {
nix = true;
};
swap = {
enable = true;
size = "8G";
};
};
};
hardware = {
video.intel.enable = true;
cpu.updateMicrocode = true;
fprint.enable = true;
fprint.disableOnLidClose = true;
quirks.thinkpad.enable = true;
};
presets = {
base.enable = true;
zaphyra = {
enable = true;
networkManagerProfiles = {
dn42.enable = true;
};
};
graphical.enable = true;
graphical.type = "gnomeMinimal";
networkManagerProfiles = {
voidPhoneWifi.enable = true;
voidHomeWifi.enable = true;
zaphyraPhoneWifi.enable = true;
zaphyraHomeWifi.enable = true;
grogHomeWifi.enable = true;
cccdaWifi = {
enable = true;
username = "zaphyra";
envFile = config.sops.secrets."environments/networkManagerProfiles/cccdaWifi".path;
};
};
};
services = {
earlyoom.enable = true;
systemd-oomd.enable = true;
greetd.autoLogin = {
enable = true;
user = "zaphyra";
};
};
programs = {
AusweisApp.enable = true;
yubikey.enable = true;
};
users.zaphyra.enable = true;
};
networking = {
useNetworkd = false;
hosts."127.0.0.1" = [ config.networking.fqdn ];
modemmanager.fccUnlockScripts = [
{
id = "2c7c:030a";
path = "${pkgs.modemmanager}/share/ModemManager/fcc-unlock.available.d/2c7c";
}
];
};
hardware.bluetooth.settings = {
General.Experimental = true;
};
services = {
resolved.enable = true;
printing.enable = true;
gnome.at-spi2-core.enable = false;
#required for gnome-calendar
gnome.evolution-data-server.enable = true;
gnome.gnome-online-accounts.enable = true;
};
system.stateVersion = "25.05";
home-manager.users.zaphyra.home.stateVersion = "25.05";
};
}