feat: initial NixOS home lab infrastructure setup

- Add modular flake-based NixOS configuration - Implement GitOps foundation with CI/CD pipeline - Create comprehensive documentation and branching strategy - Add modular desktop environments (GNOME, Cosmic, Sway) - Configure virtualization stack (Incus, Libvirt, Podman) - Set up development tools and hardware-specific modules - Establish user configuration with literate programming support This commit represents the completion of Phase 1: Flakes Migration with modular configuration, virtualization, and GitOps foundation.
2025-06-04 16:10:13 +02:00 · 2025-06-04 16:10:13 +02:00 · f30013723e
commit f30013723e
43 changed files with 4220 additions and 0 deletions
--- a/machines/sleeper-service/configuration.nix
+++ b/machines/sleeper-service/configuration.nix
@ -0,0 +1,73 @@
+{ config, pkgs, inputs, unstable, ... }: {
+  imports = [
+    ./hardware-configuration.nix
+  ];
+
+  # Boot configuration
+  boot.loader.grub = {
+    enable = true;
+    efiSupport = true;
+    efiInstallAsRemovable = true;
+    devices = [ "nodev" ];
+  };
+
+  # Network configuration
+  networking.hostName = "sleeper-service";
+  networking.networkmanager.enable = true;
+  services.tailscale.enable = true;
+  networking.firewall.enable = true;
+
+  # Time and locale
+  time.timeZone = "Europe/Oslo";
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  # Console configuration
+  console = {
+    font = "Lat2-Terminus16";
+    keyMap = "no";
+  };
+
+  # Enable unfree packages
+  nixpkgs.config.allowUnfree = true;
+
+  # SSH access (headless server)
+  services.openssh = {
+    enable = true;
+    settings = {
+      PermitRootLogin = "no";
+      PasswordAuthentication = false;
+    };
+  };
+
+  # Basic system packages
+  environment.systemPackages = with pkgs; [
+    wget
+    curl
+    git
+    htop
+    eza
+    bat
+    ripgrep
+    du-dust
+    fd
+    ncdu
+    tree
+  ];
+
+  # Users
+  users.users.geir = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" "networkmanager" ];
+    shell = pkgs.zsh;
+    openssh.authorizedKeys.keys = [
+      # Add SSH public keys here
+    ];
+  };
+
+  programs.zsh.enable = true;
+
+  # Firewall configuration
+  networking.firewall.allowedTCPPorts = [ 22 ];
+
+  system.stateVersion = "25.05";
+}