feat: dragonwell

Signed-off-by: jolheiser <john.olheiser@gmail.com>

apps/common.nix

@@ -0,0 +1,46 @@
+{
+  pkgs,
+  config,
+  ...
+}: {
+  imports = [
+    ./bat.nix
+    ./bottom.nix
+    ./exa.nix
+    ./fzf.nix
+    ./gpg.nix
+    ./git.nix
+    ./helix.nix
+    ./jq.nix
+    ./lazygit.nix
+    ./nushell.nix
+    ./oh-my-posh.nix
+    ./ssh.nix
+    ./xdg.nix
+    ./zoxide.nix
+  ];
+  home = {
+    packages = with pkgs; [
+      # Tools
+      age
+      bitwarden-cli
+      duf
+      du-dust
+      fd
+      just
+      ripgrep
+
+      # LSPs
+      nil
+
+      # Formatters
+      alejandra
+    ];
+    activation.report-changes = config.lib.dag.entryAnywhere ''
+      ${pkgs.nvd}/bin/nvd --nix-bin-dir=${pkgs.nix}/bin diff $oldGenPath $newGenPath
+    '';
+    stateVersion = "22.11";
+  };
+
+  programs = {home-manager.enable = true;};
+}

apps/default.nix

@@ -1,58 +1,30 @@
-{
-  pkgs,
-  config,
-  ...
-}: {
+{pkgs, ...}: {
   imports = [
-    ./bat.nix
-    ./bottom.nix
-    ./exa.nix
+    ./common.nix
+
     ./firefox.nix
-    ./fzf.nix
-    ./gpg.nix
-    ./git.nix
     ./go.nix
     ./gtk.nix
-    ./helix.nix
-    ./jq.nix
-    ./lazygit.nix
-    ./nushell.nix
-    ./oh-my-posh.nix
     ./spotifyd.nix
-    ./ssh.nix
     ./tiny.nix
     ./wezterm.nix
-    ./xdg.nix
-    ./zoxide.nix
   ];
   home = {
     packages = with pkgs; [
       # Tools
-      age
-      bitwarden-cli
       delve
       discord
-      duf
-      du-dust
-      fd
-      just
       obsidian
       spotify-tui
-      ripgrep
-      usql
 
       # LSPs
       gopls
       lua-language-server
       marksman
-      nil
       nodePackages.yaml-language-server
 
       # Formatters
       alejandra
-      black
-      gofumpt
-      nodePackages.lua-fmt
 
       # IDEs
       jetbrains.goland
@@ -65,11 +37,5 @@
       nur.repos.jolheiser.tclip
       nur.repos.jolheiser.tmpl
     ];
-    activation.report-changes = config.lib.dag.entryAnywhere ''
-      ${pkgs.nvd}/bin/nvd --nix-bin-dir=${pkgs.nix}/bin diff $oldGenPath $newGenPath
-    '';
-    stateVersion = "22.11";
   };
-
-  programs = {home-manager.enable = true;};
 }

flake.nix

@@ -36,7 +36,7 @@
         };
       };
     };
-    commonConfig = {
+    commonConfig = {server ? false}: {
       config,
       pkgs,
       ...
@@ -46,23 +46,33 @@
         owner = username;
       };
     in {
-      config = {
-        nixpkgs.overlays = [overlays];
-        home-manager = {
-          useGlobalPkgs = true;
-          useUserPackages = true;
-          users.${username}.imports = [./apps];
-          extraSpecialArgs = {
-            flakePath = "/home/${username}/.config/nixpkgs";
+      config =
+        {
+          nixpkgs.overlays = [overlays];
+          home-manager = {
+            useGlobalPkgs = true;
+            useUserPackages = true;
+            users.${username}.imports =
+              if !server
+              then [./apps]
+              else [./apps/common.nix];
+            extraSpecialArgs = {
+              flakePath = "/home/${username}/.config/nixpkgs";
+            };
           };
-        };
-        age.secrets = {
-          ssh-config = userSecret ./secrets/shared/ssh-config.age;
-          ssh-config-work = userSecret ./secrets/shared/ssh-config-work.age;
-          spotify-pw = userSecret ./secrets/shared/spotify-pw.age;
-          irc-pw = userSecret ./secrets/shared/irc-pw.age;
-        };
-      };
+        }
+        // (
+          if !server
+          then {
+            age.secrets = {
+              ssh-config = userSecret ./secrets/shared/ssh-config.age;
+              ssh-config-work = userSecret ./secrets/shared/ssh-config-work.age;
+              spotify-pw = userSecret ./secrets/shared/spotify-pw.age;
+              irc-pw = userSecret ./secrets/shared/irc-pw.age;
+            };
+          }
+          else {}
+        );
     };
     username = "jolheiser";
   in
@@ -113,6 +123,14 @@
             commonConfig
           ];
         };
+        "dragonwell" = nixpkgs.lib.nixosSystem {
+          system = "x86_64-linux";
+          modules = [
+            home-manager.nixosModules.home-manager
+            ./machines/dragonwell
+            (commonConfig {server = true;})
+          ];
+        };
       };
     }
     // inputs.flake-utils.lib.eachDefaultSystem (system: let

machines/dragonwell/default.nix

@@ -0,0 +1,53 @@
+{pkgs, ...}: let
+  username = "jolheiser";
+in {
+  imports = [./hardware.nix];
+
+  nixpkgs.config.allowUnfree = true;
+
+  nix = {
+    gc.automatic = true;
+    package = pkgs.nixVersions.nix_2_15;
+    settings = {
+      experimental-features = ["flakes" "nix-command" "repl-flake"];
+      auto-optimise-store = true;
+      warn-dirty = false;
+    };
+  };
+
+  system.activationScripts.diff = {
+    supportsDryActivation = true;
+    text = ''
+      ${pkgs.nvd}/bin/nvd --nix-bin-dir=${pkgs.nix}/bin diff /run/current-system "$systemConfig"
+    '';
+  };
+
+  boot.tmp.cleanOnBoot = true;
+  zramSwap.enable = true;
+
+  networking = {
+    hostName = "dragonwell";
+
+    firewall.enable = true;
+  };
+
+  services = {
+    openssh = {
+      enable = true;
+    };
+
+    tailscale.enable = true;
+  };
+
+  virtualisation.docker.enable = true;
+
+  users.users."${username}" = {
+    extraGroups = ["wheel" "docker" "storage"];
+    isNormalUser = true;
+    openssh.authorizedKeys.keys = [
+      ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfKqCWtDlS3tgvfT6hQN+ii8UtabIZ+ZNmYN+bLwIa8PHOEW5MbfaqXSlhKkSi4+7SfQDCHphw0SMfhsQ4qMEcoywZ+4niDgKlQEVkl+S/VGbLuPe92NRStkyreZBLPr3Rh7ScNlGHcmHmoV9v7725fMnsMmabGVhpGO84PwNHOfJyv2tx2h6LxFbAV8S44UQu2lc8YLWCK2UvKuRnBerBXLnDQThUUX8UuCFzb786gQzD5XDU0MENbByxiy0XdVGAC+tFXEiSIgFZlFbFYyShgdTP9MzX2MOglEi+ae+1UIFncraW7ptUey7qHFJylpHWWWvE+GTwsg2G50i0FvFj jolheiser@jolheiser''
+    ];
+  };
+
+  system.stateVersion = "22.11";
+}

machines/dragonwell/hardware.nix

@@ -0,0 +1,10 @@
+{modulesPath, ...}: {
+  imports = [(modulesPath + "/profiles/qemu-guest.nix")];
+  boot.loader.grub.device = "/dev/sda";
+  boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi"];
+  boot.initrd.kernelModules = ["nvme"];
+  fileSystems."/" = {
+    device = "/dev/sda1";
+    fsType = "ext4";
+  };
+}