Add new host omar

4 files changed, 178 insertions, 0 deletions

diff --git a/flake.nix b/flake.nix
index 0a7d4bf..8fa8788 100644
--- a/flake.nix
+++ b/flake.nix
@@ -90,6 +90,17 @@
           ]
           ++ builtins.attrValues (import ./modules/nixos);
       };
+      omar = nixpkgs.lib.nixosSystem {
+        system = "x86_64-linux";
+        modules =
+          [
+            {_module.args = args;}
+            home-manager.nixosModules.home-manager
+            agenix.nixosModules.default
+            ./hosts/omar/configuration.nix
+          ]
+          ++ builtins.attrValues (import ./modules/nixos);
+      };
     };
 
     # Formatter to be run when `nix fmt` is executed.
diff --git a/hosts/omar/configuration.nix b/hosts/omar/configuration.nix
new file mode 100644
index 0000000..9248c3c
--- /dev/null
+++ b/hosts/omar/configuration.nix
@@ -0,0 +1,81 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  imports = [
+    # Include the results of the hardware scan.
+    ./hardware-configuration.nix
+
+    ../../shared/nixos/common-nix-settings
+    ../../shared/nixos/common-shell-settings
+    ../../shared/nixos/common-hm-settings
+    ../../shared/nixos/zfs-impermenance
+  ];
+
+  boot.loader.grub = {
+    # Use the GRUB 2 boot loader.
+    enable = true;
+
+    # Install grub on the main HDD.
+    device = "/dev/sda";
+
+    # ZFS on root requires GRUB to be able to read the pool.
+    # The pool was created with `-o compatibility=grub2`.
+    zfsSupport = true;
+  };
+
+  # The host id is required by ZFS.
+  # It is used to (among other things) avoid multiple hosts modifying the same dataset unsafely.
+  # This was randomly generated.
+  networking.hostId = "b6e8e80a";
+
+  # Should match containing folder.
+  networking.hostName = "omar";
+
+  # Pick only one of the below networking options.
+  networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
+  # networking.networkmanager.enable = true;  # Easiest to use and most distros use this by default.
+
+  # Create the main user.
+  users.users.linus = {
+    isNormalUser = true;
+    hashedPassword = "$y$j9T$UmZES4WC8FWrjBvdazq2e/$rzneAKZeySwSVKiSZJfXC.fciiQdGqxB5uyRaPQ6OF.";
+    extraGroups = ["wheel"];
+  };
+  users.mutableUsers = false;
+
+  home-manager.users.linus = {
+    imports = [
+      # I am planning on using this host when traveling.
+      ../../shared/home-manager/development-full
+    ];
+  };
+
+  # Enable the X11 windowing system.
+  # services.xserver.enable = true;
+
+  # Configure keymap in X11
+  # services.xserver.xkb.layout = "us";
+  # services.xserver.xkb.options = "eurosign:e,caps:escape";
+
+  # Enable CUPS to print documents.
+  # services.printing.enable = true;
+
+  # Enable sound.
+  # hardware.pulseaudio.enable = true;
+  # OR
+  # services.pipewire = {
+  #   enable = true;
+  #   pulse.enable = true;
+  # };
+
+  # Enable touchpad support (enabled default in most desktopManager).
+  # services.libinput.enable = true;
+
+  # Enable the OpenSSH daemon.
+  services.openssh.enable = true;
+
+  system.stateVersion = "24.11";
+}
diff --git a/hosts/omar/hardware-configuration.nix b/hosts/omar/hardware-configuration.nix
new file mode 100644
index 0000000..611bfa3
--- /dev/null
+++ b/hosts/omar/hardware-configuration.nix
@@ -0,0 +1,54 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}: {
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  boot.initrd.availableKernelModules = ["uhci_hcd" "ehci_pci" "ahci" "usb_storage" "sd_mod"];
+  boot.initrd.kernelModules = [];
+  boot.kernelModules = [];
+  boot.extraModulePackages = [];
+
+  fileSystems."/" = {
+    device = "rpool/local/root";
+    fsType = "zfs";
+  };
+
+  fileSystems."/nix" = {
+    device = "rpool/local/nix";
+    fsType = "zfs";
+  };
+
+  fileSystems."/persist" = {
+    device = "rpool/safe/persist";
+    fsType = "zfs";
+  };
+
+  fileSystems."/home" = {
+    device = "rpool/safe/home";
+    fsType = "zfs";
+  };
+
+  swapDevices = [
+    {device = "/dev/disk/by-uuid/a719dc89-0c69-4384-b9f7-b82b2a0f5cf1";}
+  ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp9s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp5s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
diff --git a/shared/nixos/zfs-impermenance/default.nix b/shared/nixos/zfs-impermenance/default.nix
new file mode 100644
index 0000000..f1789a6
--- /dev/null
+++ b/shared/nixos/zfs-impermenance/default.nix
@@ -0,0 +1,32 @@
+# This module sets up basic impermenance the way I like to do it on my ZFS
+# hosts. It assumes there is a main zpool called rpool, which has a dataset
+# `rpool/local/root` mounted at `/`, and that the dataset has an empty dataset
+# called `@blank`.
+#
+# Here is the dataset structure I use:
+#
+#    rpool
+#    ├── local
+#    │   ├── nix (atime=off, mountpoint=/nix)
+#    │   └── root (mountpoint=/)
+#    └── safe
+#        ├── home (mountpoint=/home)
+#        └── persist (mountpoint=/persist)
+#
+# I usually follow the convention that `rpool/local` isn't backed up and
+# `rpool/safe` is.
+#
+# See: https://grahamc.com/blog/erase-your-darlings/
+{lib, ...}: {
+  # Reset / to empty on boot. This is what achieves the impermenance.
+  # Unlike the holy book (the linked article), I had to use `postResumeCommands`
+  # as this is the step where ZFS imports the dataset (but doesnt't mounted it yet).
+  # See: https://github.com/NixOS/nixpkgs/blob/b681065d0919f7eb5309a93cea2cfa84dec9aa88/nixos/modules/tasks/filesystems/zfs.nix#L627-L659
+  boot.initrd.postResumeCommands = lib.mkAfter ''
+    zfs rollback -r rpool/local/root@blank
+  '';
+
+  # Filesystems with mountpoints at `/` and `/nix` are automatically mounted at boot,
+  # but `/persist` is bespoke, so we have to teach init about that one ourselves.
+  fileSystems."/persist".neededForBoot = true;
+}