# hosts/focalor/configuration.nix (or default.nix) { config, lib, system, pkgs, modulesPath, inputs, ... }: { # ============================================================================= # IMPORTS # ============================================================================= imports = [ # Host-specific hardware ./hardware.nix ./secrets.nix ./vfio.nix # Common modules shared across hosts ../../common/system.nix ../../common/users.nix ../../common/services.nix ../../common/efi.nix ../../common/bluetooth.nix # Desktop modules ../../common/desktop/core.nix ../../common/desktop/sway.nix ../../common/desktop/vnc.nix # Hardware-specific ../../common/nvidia.nix # Common secrets ../../host-secrets.nix ]; # ============================================================================= # SYSTEM CONFIGURATION # ============================================================================= system.stateVersion = "25.05"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; # Cross-compilation support boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; nix.settings.extra-platforms = config.boot.binfmt.emulatedSystems; # ============================================================================= # NETWORKING # ============================================================================= networking = { hostName = "focalor"; hostId = "84bdc587"; firewall.enable = false; firewall.trustedInterfaces = [ "tailscale0" ]; nameservers = [ "10.0.0.210" "1.1.1.1" ]; }; # Systemd networking with bridge systemd.network = { enable = true; netdevs."br0" = { netdevConfig = { Name = "br0"; Kind = "bridge"; }; }; networks = { "10-lan" = { matchConfig.Name = ["enp5s0" "vm-*"]; networkConfig = { Bridge = "br0"; }; }; "10-lan-bridge" = { matchConfig.Name = "br0"; networkConfig = { Address = ["10.0.0.34/24" "2601:5c2:8400:26c0:aaa1:59ff:fe94:5aba/64"]; Gateway = "10.0.0.1"; DNS = ["10.0.0.210" "1.1.1.1"]; IPv6AcceptRA = true; }; linkConfig.RequiredForOnline = "routable"; }; }; }; # DNS resolution services.resolved = { enable = true; dnssec = "true"; domains = [ "~." ]; fallbackDns = [ "10.0.0.210" "1.0.0.1#one.one.one.one" ]; dnsovertls = "true"; }; # ============================================================================= # FILESYSTEM & STORAGE # ============================================================================= boot.supportedFilesystems = [ "nfs" ]; fileSystems."/mnt/storage" = { device = "valefar:/storage"; fsType = "nfs"; }; # ============================================================================= # SERVICES # ============================================================================= services.vscode-server = { enable = true; nodejsPackage = pkgs.nodejs_20; }; # ============================================================================= # PROGRAMS & APPLICATIONS # ============================================================================= programs.steam.enable = true; programs.obs-studio = { enable = true; enableVirtualCamera = true; plugins = with pkgs.obs-studio-plugins; [ droidcam-obs ]; }; # ============================================================================= # VIRTUALIZATION # ============================================================================= virtualisation.docker = { enable = true; enableOnBoot = true; package = pkgs.docker.override { buildGoModule = pkgs.buildGo123Module; }; }; # ============================================================================= # DESKTOP ENVIRONMENT # ============================================================================= # Vulkan renderer for Wayland environment.sessionVariables.WLR_RENDERER = "vulkan"; # XDG Portals xdg.portal = { enable = true; wlr.enable = true; extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-gnome ]; }; # ============================================================================= # PACKAGES # ============================================================================= environment.systemPackages = with pkgs; [ inputs.agenix.packages.x86_64-linux.default prismlauncher ]; # ============================================================================= # COMMENTED OUT / DISABLED # ============================================================================= # ZFS support (disabled for this host) # boot.supportedFilesystems = [ "zfs" ]; # boot.kernelModules = [ "nct6775" "coretemp" ]; # services.zfs.autoScrub.enable = true; # services.zfs.trim.enable = true; # Additional packages (commented out) # lm_sensors # code-server # DHCP (disabled in favor of systemd-networkd) # useDHCP = true; # firewall.allowedTCPPorts = [22 80 443 2456 2457 9000 9001 9002]; }