8 files changed, 140 insertions, 0 deletions

diff --git a/modules/common/agenix.nix b/modules/common/agenix.nix
new file mode 100644
index 0000000..189f80e
--- /dev/null
+++ b/modules/common/agenix.nix
@@ -0,0 +1,21 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
+  inherit (lib) mkAliasOptionModule mkIf;
+in {
+  imports = [(mkAliasOptionModule ["secrets"] ["age" "secrets"])];
+
+  age.identityPaths = [
+    "/root/.ssh/id"
+  ];
+
+  environment = {
+    shellAliases.ragenix = "ragenix --identity ~/.ssh/id";
+    systemPackages = [
+      pkgs.ragenix
+    ];
+  };
+}
diff --git a/modules/common/nix.nix b/modules/common/nix.nix
new file mode 100644
index 0000000..fbcbbfd
--- /dev/null
+++ b/modules/common/nix.nix
@@ -0,0 +1,5 @@
+{
+  nix.settings = {
+    experimental-features = ["nix-command" "flakes" "pipe-operators"];
+  };
+}
diff --git a/modules/common/packages.nix b/modules/common/packages.nix
new file mode 100644
index 0000000..3e5b043
--- /dev/null
+++ b/modules/common/packages.nix
@@ -0,0 +1,15 @@
+{
+  pkgs,
+  unstable,
+  ...
+}: {
+  environment.systemPackages = with pkgs;
+    [
+      curl
+      gitMinimal
+      helix
+      jujutsu
+      nushell
+    ]
+    ++ [pkgs.stalwart-mail];
+}
diff --git a/modules/common/qemu.nix b/modules/common/qemu.nix
new file mode 100644
index 0000000..231d13a
--- /dev/null
+++ b/modules/common/qemu.nix
@@ -0,0 +1,6 @@
+{modulesPath, ...}: {
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+    (modulesPath + "/profiles/qemu-guest.nix")
+  ];
+}
diff --git a/modules/common/ssh/default.nix b/modules/common/ssh/default.nix
new file mode 100644
index 0000000..a4c5891
--- /dev/null
+++ b/modules/common/ssh/default.nix
@@ -0,0 +1,9 @@
+{
+  services.openssh = {
+    enable = true;
+    settings = {
+      PermitRootLogin = "yes";
+      PasswordAuthentication = true;
+    };
+  };
+}
diff --git a/modules/common/users.nix b/modules/common/users.nix
new file mode 100644
index 0000000..bb41b02
--- /dev/null
+++ b/modules/common/users.nix
@@ -0,0 +1,20 @@
+{
+  users.groups.siri = {};
+
+  users.users.root = {
+    hashedPassword = "$6$WHOn5nIFRZ/fhc6u$1rMRPwW3anEfWcf.Wd0IxfUoV.ouo5Vm0NxOSyUwtkTP8OKnFfdLL0.OCzS5Dnlp8rIpZNWlUImkqBq7fTZ7i/";
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMrczZPQlkb9TwtLa5YKs6Npu2vXtG4yJa0AWmwOLtfF siri@m4siri"
+    ];
+  };
+
+  users.users.siri = {
+    group = "siri";
+    isNormalUser = true;
+    extraGroups = [ "wheel" ];
+    hashedPassword = "$6$WHOn5nIFRZ/fhc6u$1rMRPwW3anEfWcf.Wd0IxfUoV.ouo5Vm0NxOSyUwtkTP8OKnFfdLL0.OCzS5Dnlp8rIpZNWlUImkqBq7fTZ7i/";
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMrczZPQlkb9TwtLa5YKs6Npu2vXtG4yJa0AWmwOLtfF siri@m4siri"
+    ];
+  };
+}
diff --git a/modules/disks/bcachefs/default.nix b/modules/disks/bcachefs/default.nix
new file mode 100644
index 0000000..97c37c2
--- /dev/null
+++ b/modules/disks/bcachefs/default.nix
@@ -0,0 +1,57 @@
+{lib, ...}: {
+  disko.devices = {
+    disk = {
+      sda = {
+        device = "/dev/sda";
+        type = "disk";
+        content = {
+          type = "gpt";
+          partitions = {
+            boot = {
+              size = "1M";
+              type = "EF02";
+            };
+            sda2 = {
+              size = "1G";
+              content = {
+                type = "filesystem";
+                format = "ext4";
+                mountpoint = "/boot";
+              };
+            };
+
+            sda3 = {
+              size = "100%";
+              content = {
+                type = "bcachefs";
+                filesystem = "mounted_subvolumes_in_multi";
+                label = "group_a.sda2";
+                extraFormatArgs = [];
+              };
+            };
+          };
+        };
+      };
+    };
+    bcachefs_filesystems = {
+      mounted_subvolumes_in_multi = {
+        type = "bcachefs_filesystem";
+        extraFormatArgs = [
+          "--compression=lz4"
+          "--background_compression=lz4"
+        ];
+        subvolumes = {
+          "subvolumes/root" = {
+            mountpoint = "/";
+            mountOptions = [
+              "verbose"
+            ];
+          };
+          "subvolumes/nix" = {
+            mountpoint = "/nix";
+          };
+        };
+      };
+    };
+  };
+}
diff --git a/modules/disks/bcachefs/grub.nix b/modules/disks/bcachefs/grub.nix
new file mode 100644
index 0000000..ba886d2
--- /dev/null
+++ b/modules/disks/bcachefs/grub.nix
@@ -0,0 +1,7 @@
+{
+  boot.loader.grub = {
+    enable = true;
+  };
+
+  boot.supportedFilesystems = ["bcachefs"];
+}