From 807f8ab44241cfd98beaf8ea297c34d531ec5e79 Mon Sep 17 00:00:00 2001
From: tux <t@tux.rs>
Date: Sun, 5 Jan 2025 02:15:53 +0530
Subject: [PATCH] feat: add new host homelab

---
 flake.nix                                |   5 +
 hosts/homelab/default.nix                | 131 +++++++++++++++++++++++
 hosts/homelab/disko.nix                  |  48 +++++++++
 hosts/homelab/hardware-configuration.nix |  26 +++++
 hosts/homelab/home.nix                   |  16 +++
 5 files changed, 226 insertions(+)
 create mode 100755 hosts/homelab/default.nix
 create mode 100644 hosts/homelab/disko.nix
 create mode 100755 hosts/homelab/hardware-configuration.nix
 create mode 100644 hosts/homelab/home.nix

diff --git a/flake.nix b/flake.nix
index 8ed4e1c..7a8a81f 100755
--- a/flake.nix
+++ b/flake.nix
@@ -93,6 +93,11 @@
         specialArgs = {inherit inputs outputs username email;};
         modules = [./hosts/isoImage];
       };
+
+      homelab = nixpkgs.lib.nixosSystem {
+        specialArgs = {inherit inputs outputs username email;};
+        modules = [./hosts/homelab];
+      };
     };
 
     # Standalone home-manager configuration entrypoint
diff --git a/hosts/homelab/default.nix b/hosts/homelab/default.nix
new file mode 100755
index 0000000..01d35ea
--- /dev/null
+++ b/hosts/homelab/default.nix
@@ -0,0 +1,131 @@
+{
+  inputs,
+  username,
+  pkgs,
+  lib,
+  ...
+}: {
+  imports = [
+    inputs.disko.nixosModules.default
+
+    (import ./disko.nix {device = "/dev/nvme0n1";})
+    ./hardware-configuration.nix
+
+    ../common
+    ../../modules/nixos/desktop
+    ../../modules/nixos/virtualisation
+  ];
+
+  networking = {
+    hostName = "homelab";
+    networkmanager = {
+      enable = true;
+      wifi.powersave = false;
+    };
+    firewall = {
+      enable = true;
+    };
+  };
+
+  boot = {
+    consoleLogLevel = 0;
+    initrd.verbose = false;
+
+    kernelPackages = pkgs.linuxPackages_zen;
+
+    initrd.systemd = {
+      enable = lib.mkForce true;
+
+      services.wipe-my-fs = {
+        wantedBy = ["initrd.target"];
+        after = ["initrd-root-device.target"];
+        before = ["sysroot.mount"];
+        unitConfig.DefaultDependencies = "no";
+        serviceConfig.Type = "oneshot";
+        script = ''
+          mkdir /btrfs_tmp
+          mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
+
+          if [[ -e /btrfs_tmp/root ]]; then
+              mkdir -p /btrfs_tmp/old_roots
+              timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
+              mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
+          fi
+
+          delete_subvolume_recursively() {
+              IFS=$'\n'
+              for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
+                  delete_subvolume_recursively "/btrfs_tmp/$i"
+              done
+              btrfs subvolume delete "$1"
+          }
+
+          for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
+              delete_subvolume_recursively "$i"
+          done
+
+          btrfs subvolume create /btrfs_tmp/root
+          umount /btrfs_tmp
+        '';
+      };
+    };
+
+    loader = {
+      systemd-boot = {
+        enable = true;
+        configurationLimit = 5;
+      };
+      efi.canTouchEfiVariables = true;
+      timeout = 1;
+    };
+  };
+
+  hardware = {
+    graphics.enable32Bit = true;
+  };
+
+  security = {
+    sudo.wheelNeedsPassword = false;
+    rtkit.enable = true;
+  };
+
+  programs = {
+    nix-ld = {
+      enable = true;
+      package = pkgs.nix-ld-rs;
+    };
+  };
+
+  services = {
+    tailscale = {
+      enable = true;
+      extraUpFlags = ["--login-server https://hs.tux.rs"];
+    };
+  };
+
+  programs.fuse.userAllowOther = true;
+  fileSystems."/persist".neededForBoot = true;
+  environment.persistence."/persist" = {
+    hideMounts = true;
+    directories = [
+      "/var/log"
+      "/var/lib/tailscale"
+      "/var/lib/nixos"
+      "/etc/NetworkManager/system-connections"
+    ];
+    files = [
+      "/etc/ssh/ssh_host_ed25519_key"
+      "/etc/ssh/ssh_host_ed25519_key.pub"
+      "/etc/ssh/ssh_host_rsa_key"
+      "/etc/ssh/ssh_host_rsa_key.pub"
+    ];
+  };
+
+  home-manager.users.${username} = {
+    imports = [
+      ./home.nix
+    ];
+  };
+
+  system.stateVersion = "24.11";
+}
diff --git a/hosts/homelab/disko.nix b/hosts/homelab/disko.nix
new file mode 100644
index 0000000..cb6eb32
--- /dev/null
+++ b/hosts/homelab/disko.nix
@@ -0,0 +1,48 @@
+{device ? throw "Set this to the disk device, e.g. /dev/nvme0n1", ...}: {
+  disko.devices.disk.primary = {
+    inherit device;
+    type = "disk";
+    content = {
+      type = "gpt"; # GPT partitioning scheme
+      partitions = {
+        # EFI Partition
+        ESP = {
+          size = "512M";
+          type = "EF00";
+          content = {
+            type = "filesystem";
+            format = "vfat";
+            mountpoint = "/boot";
+            mountOptions = ["defaults" "umask=0077"];
+          };
+        };
+        # Btrfs Root Partition
+        root = {
+          size = "100%"; # Use remaining space
+          type = "8300"; # Linux filesystem type
+          content = {
+            type = "btrfs";
+            subvolumes = {
+              "/root" = {
+                mountOptions = ["compress=zstd"]; # Compression for better performance
+                mountpoint = "/"; # Root subvolume
+              };
+              "/persist" = {
+                mountOptions = ["compress=zstd"]; # Compression for persistent data
+                mountpoint = "/persist"; # Persistent subvolume
+              };
+              "/nix" = {
+                mountOptions = [
+                  "compress=zstd"
+                  "noatime"
+                  "noacl"
+                ]; # Optimize for Nix store
+                mountpoint = "/nix"; # Nix subvolume
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}
diff --git a/hosts/homelab/hardware-configuration.nix b/hosts/homelab/hardware-configuration.nix
new file mode 100755
index 0000000..60b5722
--- /dev/null
+++ b/hosts/homelab/hardware-configuration.nix
@@ -0,0 +1,26 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
diff --git a/hosts/homelab/home.nix b/hosts/homelab/home.nix
new file mode 100644
index 0000000..e5a1e11
--- /dev/null
+++ b/hosts/homelab/home.nix
@@ -0,0 +1,16 @@
+{username, ...}: {
+  home.persistence."/persist/home/${username}" = {
+    directories = [
+      "Projects"
+      "Stuff"
+      ".ssh"
+    ];
+    files = [
+      ".zsh_history"
+      ".zcompdump"
+    ];
+    allowOther = true;
+  };
+
+  home.stateVersion = "24.11";
+}