feat: initial NixOS home lab infrastructure setup

- Add modular flake-based NixOS configuration
- Implement GitOps foundation with CI/CD pipeline
- Create comprehensive documentation and branching strategy
- Add modular desktop environments (GNOME, Cosmic, Sway)
- Configure virtualization stack (Incus, Libvirt, Podman)
- Set up development tools and hardware-specific modules
- Establish user configuration with literate programming support

This commit represents the completion of Phase 1: Flakes Migration
with modular configuration, virtualization, and GitOps foundation.

machines/congenital-optimist/About.org

@@ -0,0 +1,103 @@
+#+TITLE: CongenitalOptimist Workstation
+#+DESCRIPTION: AMD Threadripper 1920X based development workstation for Home-lab
+#+AUTHOR: geir
+#+DATE: 2024
+
+* CongenitalOptimist: A GSV, for a machine you hope will always perform well.
+
+** Hardware Specifications
+- *CPU*: AMD Ryzen Threadripper 1920X @ 3.50GHz (12 cores, 24 threads)
+- *GPU*: AMD Radeon RX Vega [Discrete]
+- *RAM*: 64GB DDR4 (currently 28.85 GiB used / 62.68 GiB total)
+- *Architecture*: x86_64
+- *Platform*: AMD TR4 Socket
+- *Form Factor*: High-End Desktop (HEDT)
+
+** Role & Purpose
+CongenitalOptimist serves as the primary development workstation and creative powerhouse for the Home-lab infrastructure. True to its Culture name, it approaches every computational challenge with unwavering optimism and substantial processing capability.
+
+*** Primary Functions
+- Software development and compilation
+- Virtual machine hosting and testing
+- Container orchestration and development
+- Creative workloads (video editing, 3D rendering)
+- Multi-desktop environment testing
+
+*** Secondary Functions
+- Network storage client (NFS from SleeperService)
+- Build server for NixOS configurations
+- Media consumption and streaming
+- Gaming and entertainment
+- System administration hub
+
+** Software Configuration
+- *OS*: NixOS 25.05
+- *Hostname*: congenital-optimist
+- *Desktop Environments*: GNOME, Cosmic, Sway
+- *Shell*: Zsh with modern CLI tools
+- *Editor Stack*: Emacs, Neovim, VSCode, Zed
+- *Containerization*: Podman, Incus
+- *Virtualization*: libvirt/KVM with virt-manager
+
+** Network Configuration
+- *Tailscale*: Enabled for secure remote access
+- *NFS Client*: Mounts from SleeperService file server
+- *SSH*: Enabled for remote development
+- *Firewall*: NFTables with restrictive default rules
+- *DNS*: Systemd-resolved with custom entries
+
+** Storage Architecture
+- *Root Filesystem*: ZFS (zpool/root)
+- *Nix Store*: ZFS (zpool/nix) 
+- *User Data*: ZFS (zpool/home)
+- *Variable Data*: ZFS (zpool/var)
+- *Games*: ZFS (stuffpool/games)
+- *VMs*: ZFS (stuffpool/virtual)
+- *Network Storage*: NFS mount from SleeperService
+
+** Development Environment
+CongenitalOptimist embodies the Culture's optimistic approach to problem-solving. With 24 threads of Threadripper processing power and abundant memory, it tackles complex development tasks with confidence and capability.
+
+*** Configured Development Tools
+- Multiple language runtimes (Rust, Python, Go, Guile)
+- Language servers for intelligent code completion
+- Container development with Podman
+- VM development with libvirt
+- Git workflow with GitHub CLI integration
+- AI-assisted development with GitHub Copilot
+
+*** Desktop Experience
+- GNOME: Full-featured desktop for productivity
+- Cosmic: Modern System76 desktop experience
+- Sway: Tiling window manager for focused development
+- Consistent theming and font configuration
+- Modern CLI tools (eza, bat, ripgrep, starship)
+
+** Culture Context
+Like its namesake GSV, CongenitalOptimist believes that with sufficient processing power and well-designed software, any problem can be solved. It maintains an optimistic outlook even during intensive compilation tasks or complex virtualization scenarios.
+
+The Threadripper architecture mirrors the Culture's philosophy of abundant resources applied intelligently - why have 4 cores when you can have 24? Why settle for basic graphics when you can have Vega-class rendering?
+
+** Operational Philosophy
+- *Performance*: Leverage all 24 threads for parallel workloads
+- *Reliability*: ZFS ensures data integrity and snapshot capabilities
+- *Flexibility*: Multiple desktop environments for different tasks
+- *Integration*: Seamless interaction with SleeperService file server
+- *Optimization*: NixOS configuration management for reproducible setups
+
+** Power Profile
+- High-performance desktop configuration
+- Always-on development environment
+- Efficient resource utilization across cores
+- Temperature monitoring for sustained workloads
+- Balanced performance and power consumption
+
+** Future Expansion
+- Additional memory for larger virtual machine workloads
+- NVMe storage expansion for local high-speed storage
+- GPU compute acceleration for AI/ML workloads
+- Network upgrade for faster SleeperService connectivity
+- Multi-monitor setup expansion
+
+* "The ship had been constructed to be a tool, to do a job of work; and the fact that it had been invested with intelligence had not changed the essence of what it was."
+*- Iain M. Banks, describing the optimistic spirit that drives CongenitalOptimist*

machines/congenital-optimist/configuration.nix

@@ -0,0 +1,54 @@
+{
+  config,
+  pkgs,
+  inputs,
+  unstable,
+  ...
+}: {
+  imports = [
+    ./hardware-configuration.nix
+    
+    # System modules
+    ../../modules/system/fonts.nix
+    ../../modules/system/network.nix
+    ../../modules/system/applications.nix
+    
+    # Hardware modules
+    ../../modules/hardware/amd-workstation.nix
+    
+    # Desktop environments
+    ../../modules/desktop/common.nix
+    ../../modules/desktop/gnome.nix
+    ../../modules/desktop/cosmic.nix
+    ../../modules/desktop/sway.nix
+    
+    # Development tools
+    ../../modules/development/tools.nix
+    
+    # User configuration
+    ../../modules/users/geir.nix
+
+    # Virtualization configuration
+    ../../modules/virtualization/incus.nix
+    ../../modules/virtualization/libvirt.nix
+    ../../modules/virtualization/podman.nix
+  ];
+
+  # Boot configuration
+  boot.loader.grub = {
+    enable = true;
+    zfsSupport = true;
+    efiSupport = true;
+    efiInstallAsRemovable = true;
+    mirroredBoots = [
+      {
+        devices = ["nodev"];
+        path = "/boot";
+      }
+    ];
+  };
+
+  # Basic system configuration
+  nixpkgs.config.allowUnfree = true;
+  system.stateVersion = "23.11"; # DO NOT CHANGE - maintains data compatibility
+}

machines/congenital-optimist/hardware-configuration.nix

@@ -0,0 +1,68 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "zpool/root";
+      fsType = "zfs";
+    };
+
+  fileSystems."/nix" =
+    { device = "zpool/nix";
+      fsType = "zfs";
+    };
+
+  fileSystems."/var" =
+    { device = "zpool/var";
+      fsType = "zfs";
+    };
+
+  fileSystems."/home" =
+    { device = "zpool/home";
+      fsType = "zfs";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/257B-AB7E";
+      fsType = "vfat";
+    };
+  fileSystems."/home/geir/games" =
+    { device = "stuffpool/games";
+      fsType = "zfs";
+    };
+
+  fileSystems."/home/geir/virtual" =
+    { device = "stuffpool/virtual";
+      fsType = "zfs";
+    };
+  fileSystems."/mnt/storage/media" =
+    { device = "files:/mnt/storage";
+      fsType = "nfs";
+      options = [ "x-systemd.automount" "noauto" "x-systemd.idle-timeout=600" ];
+    };
+
+  swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp6s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp5s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}