From 1e78a09448415305a21571d1d3615f20cd8aa6cf Mon Sep 17 00:00:00 2001
From: kB01 <kb01@kb-one.de>
Date: Thu, 26 Dec 2024 02:13:44 +0100
Subject: [PATCH] Added Host LANA9Z, Updated Flake

---
 flake.lock                               |  38 +++---
 homes/x86_64-linux/kb@LANA9Z/default.nix | 144 +++++++++++++++++++++++
 systems/x86_64-linux/LANA9Z/default.nix  | 109 +++++++++++++++++
 systems/x86_64-linux/LANA9Z/hardware.nix |  37 ++++++
 4 files changed, 309 insertions(+), 19 deletions(-)
 create mode 100644 homes/x86_64-linux/kb@LANA9Z/default.nix
 create mode 100644 systems/x86_64-linux/LANA9Z/default.nix
 create mode 100644 systems/x86_64-linux/LANA9Z/hardware.nix

diff --git a/flake.lock b/flake.lock
index e9d5f7c..2ded55f 100644
--- a/flake.lock
+++ b/flake.lock
@@ -127,11 +127,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1734622215,
-        "narHash": "sha256-OOfI0XhSJGHblfdNDhfnn8QnZxng63rWk9eeJ2tCbiI=",
+        "lastModified": 1734992499,
+        "narHash": "sha256-f9UyHMTb+BwF6RDZ8eO9HOkSlKeeSPBlcYhMmV1UNIk=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "1395379a7a36e40f2a76e7b9936cc52950baa1be",
+        "rev": "f1b1786ea77739dcd181b920d430e30fb1608b8a",
         "type": "github"
       },
       "original": {
@@ -168,7 +168,7 @@
         "narHash": "sha256-6U0CyPycIBc04hbYy2hBINnVso58n/ZyywY2BD3hu+s=",
         "rev": "9098ac95768f7006d7e070b88bae76939f6034e6",
         "type": "tarball",
-        "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/9098ac95768f7006d7e070b88bae76939f6034e6.tar.gz"
+        "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/9098ac95768f7006d7e070b88bae76939f6034e6.tar.gz?rev=9098ac95768f7006d7e070b88bae76939f6034e6"
       },
       "original": {
         "type": "tarball",
@@ -184,11 +184,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1734314370,
-        "narHash": "sha256-9PhjDAAuXP4tuJg+kM1AozKwBFyHHJ8ZqhQD+peqGtg=",
+        "lastModified": 1735004788,
+        "narHash": "sha256-4fR1BPM2IJWbCaoAQqkVr+DhDzpgGhbfLcl7V2fd0ME=",
         "owner": "Infinidoge",
         "repo": "nix-minecraft",
-        "rev": "616634de04e87b621bc3d495af114c4e9c6ccd36",
+        "rev": "cc5f59e353d94a907cd9e06919aaecb093b59d46",
         "type": "github"
       },
       "original": {
@@ -199,11 +199,11 @@
     },
     "nixlib": {
       "locked": {
-        "lastModified": 1734224914,
-        "narHash": "sha256-hKWALzQ/RxxXdKWsLKXULru6XTag9Cc5exgVyS4a/AE=",
+        "lastModified": 1734829460,
+        "narHash": "sha256-dPhc+f2wkmhMqMIfq+hColJdysgVxKP9ilZ5bR0NRZI=",
         "owner": "nix-community",
         "repo": "nixpkgs.lib",
-        "rev": "538697b664a64fade8ce628d01f35d1f1fd82d77",
+        "rev": "0a31e8d833173ae63e43fd9dbff1ccf09c4f778c",
         "type": "github"
       },
       "original": {
@@ -220,11 +220,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1734570415,
-        "narHash": "sha256-kcsDNcEr4hYuDc8l+ox41FvEPpmQTV3/3hgdx3tuxHw=",
+        "lastModified": 1734915500,
+        "narHash": "sha256-A7CTIQ8SW0hfbhKlwK+vSsu4pD+Oaelw3v6goX6go+U=",
         "owner": "nix-community",
         "repo": "nixos-generators",
-        "rev": "b8f266f26bb757e7aec18adeee6919db6666c4f6",
+        "rev": "051d1b2dda3b2e81b38d82e2b691e5c2f4d335f4",
         "type": "github"
       },
       "original": {
@@ -235,11 +235,11 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1734352517,
-        "narHash": "sha256-mfv+J/vO4nqmIOlq8Y1rRW8hVsGH3M+I2ESMjhuebDs=",
+        "lastModified": 1734954597,
+        "narHash": "sha256-QIhd8/0x30gEv8XEE1iAnrdMlKuQ0EzthfDR7Hwl+fk=",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "b12e314726a4226298fe82776b4baeaa7bcf3dcd",
+        "rev": "def1d472c832d77885f174089b0d34854b007198",
         "type": "github"
       },
       "original": {
@@ -251,11 +251,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1734424634,
-        "narHash": "sha256-cHar1vqHOOyC7f1+tVycPoWTfKIaqkoe1Q6TnKzuti4=",
+        "lastModified": 1734649271,
+        "narHash": "sha256-4EVBRhOjMDuGtMaofAIqzJbg4Ql7Ai0PSeuVZTHjyKQ=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "d3c42f187194c26d9f0309a8ecc469d6c878ce33",
+        "rev": "d70bd19e0a38ad4790d3913bf08fcbfc9eeca507",
         "type": "github"
       },
       "original": {
diff --git a/homes/x86_64-linux/kb@LANA9Z/default.nix b/homes/x86_64-linux/kb@LANA9Z/default.nix
new file mode 100644
index 0000000..55ccd43
--- /dev/null
+++ b/homes/x86_64-linux/kb@LANA9Z/default.nix
@@ -0,0 +1,144 @@
+{ config, pkgs, lib, inputs, ... }:
+let
+  # Firefox Profile Setting States
+  lock-false = {
+    Value = false;
+    Status = "locked";
+  };
+  lock-true = {
+    Value = true;
+    Status = "locked";
+  };
+  lock-empty-string = {
+    Value = "";
+    Status = "locked";
+  };
+in {
+  home.username = "kb";
+  home.homeDirectory = "/home/kb";
+  home.packages = with pkgs; [
+    # System
+    kdePackages.kate
+    kdePackages.kcalc
+    kdePackages.filelight
+    # Office
+    thunderbird
+    libreoffice
+    logseq
+    # Security
+    gnupg
+    keepassxc
+    pass-wayland
+    veracrypt
+    protonvpn-gui
+    # Media
+    freetube
+    inkscape
+    blender
+    obs-studio
+    cheese
+    gimp
+    vlc
+    kid3
+    calibre
+    tidal-hifi
+    # Messengers
+    element-desktop # Matrix Client
+    signal-desktop
+    webcord
+    # Customization
+    firefoxpwa
+    # Development
+    vscodium
+    # Gaming
+    mangohud
+    prismlauncher
+    # Terminal Tools
+    mosh # Fast SSH
+    btop # Task Mgr
+    fastfetch # System Info
+    yazi # File Management 
+    taskwarrior3 # Task Manager
+    zk # Notetaking
+    parted
+  ];
+
+  services.syncthing.enable = true;
+  services.syncthing.extraOptions = [
+    "--config=/home/kb/.config/syncthing"
+    "--data=/home/kb/sync"
+  ];
+
+  services.gpg-agent.enable = true;
+
+  services.ssh-agent.enable = true;
+
+  programs.firefox = {
+    enable = true;
+    nativeMessagingHosts = [ pkgs.firefoxpwa ];
+    policies = {
+      DisableTelemetry = true;
+      DisableFirefoxStudies = true;
+      DisablePocket = true;
+      DisableFirefoxAccounts = true;
+      AutofillAddressEnabled = false;
+      AutofillCreditCardEnabled = false;
+      OfferToSaveLogins = false;
+      FirefoxHome.TopSites = false;
+      FirefoxHome.SponsoredTopSites = false;
+      Preferences = {
+        "browser.newtabpage.pinned" = lock-empty-string;
+        "browser.topsites.contile.enabled" = lock-false;
+      };
+      DontCheckDefaultBrowser = true;
+      DisableProfileImport = true;
+      SearchBar = "unified";
+      SearchEngines.Add = [ # Only Available in ESR Releases https://mozilla.github.io/policy-templates/#searchengines--add
+        {
+          Name = "Brave";
+          URLTemplate = "https://search.brave.com/search?q={SearchTerms}";
+          Alias = "br";
+        }
+      ];
+      ExtensionSettings = { # See https://mozilla.github.io/policy-templates/#extensionsettings
+        "extension@tabliss.io" = {
+          install_url = "https://addons.mozilla.org/firefox/downloads/file/3940751/tabliss-2.6.0.xpi";
+          installation_mode = "normal_installed";
+        };
+        "idcac-pub@guus.ninja" = {
+          install_url = "https://addons.mozilla.org/firefox/downloads/file/4216095/istilldontcareaboutcookies-1.1.4.xpi";
+          installation_mode = "normal_installed";
+        };
+        "uBlock0@raymondhill.net" = {
+          install_url = "https://addons.mozilla.org/firefox/downloads/file/4391011/ublock_origin-1.61.2.xpi";
+          installation_mode = "normal_installed";
+        };
+        "keepassxc-browser@keepassxc.org" = {
+          install_url = "https://addons.mozilla.org/firefox/downloads/file/4395146/keepassxc_browser-1.9.5.xpi";
+          installation_mode = "normal_installed";
+        };
+        "offline-qr-code@rugk.github.io" = {
+          install_url = "https://addons.mozilla.org/firefox/downloads/file/4349427/offline_qr_code_generator-1.9.xpi";
+          installation_mode = "normal_installed";
+        };
+        "addon@darkreader.org" = {
+          install_url = "https://addons.mozilla.org/firefox/downloads/file/4405074/darkreader-4.9.99.xpi";
+          installation_mode = "normal_installed";
+        };
+        "firefoxpwa@filips.si" = {
+          install_url = "https://addons.mozilla.org/firefox/downloads/file/4383345/pwas_for_firefox-2.13.1.xpi";
+          installation_mode = "normal_installed";
+        };
+      };
+      Bookmarks = [
+        {
+          Title = "Syncthing";
+          URL = "localhost:8384";
+          Placement = "toolbar";
+        }
+      ];
+    };
+  };
+
+  home.stateVersion = "24.05";
+}
diff --git a/systems/x86_64-linux/LANA9Z/default.nix b/systems/x86_64-linux/LANA9Z/default.nix
new file mode 100644
index 0000000..575e7a7
--- /dev/null
+++ b/systems/x86_64-linux/LANA9Z/default.nix
@@ -0,0 +1,109 @@
+{ config, pkgs, lib, ... }:
+
+{
+  imports =
+    [ # Include the results of the hardware scan.
+      ./hardware.nix
+    ];
+
+  # Configure Nix
+  nix.package = pkgs.lix;
+  nix.settings = {
+    experimental-features = [ "nix-command" "flakes" ];
+    substituters = [ "https://cache.games01.kb-one.de" ];
+    trusted-users = [ "remotebuild" ];
+    trusted-public-keys = [ 
+      "cache.game01.kb-one.de:JF++7CgrasYciQeB5jlziqT5BTjaknEk9cMeh4lQf30="
+    ];
+  };
+  nixpkgs.config.allowUnfree = false;
+  nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
+    "b43-firmware"
+    "veracrypt"
+  ];
+  nixpkgs.config.permittedInsecurePackages = [
+    "electron-27.3.11"
+  ];
+
+  # Bootloader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "LANA9Z";
+
+  # Enable networking
+  networking.networkmanager.enable = true;
+
+  # Set your time zone.
+  time.timeZone = "Europe/Berlin";
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "de_DE.UTF-8";
+    LC_IDENTIFICATION = "de_DE.UTF-8";
+    LC_MEASUREMENT = "de_DE.UTF-8";
+    LC_MONETARY = "de_DE.UTF-8";
+    LC_NAME = "de_DE.UTF-8";
+    LC_NUMERIC = "de_DE.UTF-8";
+    LC_PAPER = "de_DE.UTF-8";
+    LC_TELEPHONE = "de_DE.UTF-8";
+    LC_TIME = "de_DE.UTF-8";
+  };
+
+  # Enable the X11 windowing system.
+  services.xserver.enable = true;
+
+  # Enable the KDE Plasma Desktop Environment.
+  services.displayManager.sddm.enable = true;
+  services.desktopManager.plasma6.enable = true;
+
+  # Configure keymap in X11
+  services.xserver.xkb = {
+    layout = "de";
+    variant = "";
+  };
+
+  # Configure console keymap
+  console.keyMap = "de";
+
+  # Enable CUPS to print documents.
+  services.printing.enable = true;
+
+  # Enable sound with pipewire.
+  hardware.pulseaudio.enable = false;
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+  };
+
+  users.users.kb = { # Managed by Homemanager
+    isNormalUser = true;
+    description = "kB";
+    extraGroups = [ "networkmanager" "wheel" ];
+  };
+
+  # Enable automatic login for the user.
+  # services.xserver.displayManager.autoLogin.enable = true;
+  # services.xserver.displayManager.autoLogin.user = "kb";
+
+  # services.gpg-agent.enable = true;
+  programs.ssh.startAgent = true;
+
+  # List packages installed in system profile. To search, run: $ nix search wget
+  environment.systemPackages = with pkgs; [
+    vim
+    git
+    mosh
+    internal.numen
+    internal.dotool
+    internal.vosk-model-small-en-us
+  ];
+
+  system.stateVersion = "24.05"; # NEVER Change this!
+
+}
diff --git a/systems/x86_64-linux/LANA9Z/hardware.nix b/systems/x86_64-linux/LANA9Z/hardware.nix
new file mode 100644
index 0000000..b7b5b5c
--- /dev/null
+++ b/systems/x86_64-linux/LANA9Z/hardware.nix
@@ -0,0 +1,37 @@
+{ config, lib, pkgs, modulesPath, inputs, ... }: let
+  inherit (inputs) nixos-hardware;
+in {
+  imports =
+    [ 
+      (modulesPath + "/installer/scan/not-detected.nix")
+      # add your model from this list: https://github.com/NixOS/nixos-hardware/blob/master/flake.nix
+      nixos-hardware.nixosModules.apple-macbook-pro-8-1
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = [ "cryptd" ];
+
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/3a434206-fcdc-40d9-a4db-ae31dc1b9896";
+      fsType = "ext4";
+    };
+
+  boot.initrd.luks.devices."luks-e06e84c8-4934-4cb5-8d84-8889d1a19275".device = "/dev/disk/by-uuid/e06e84c8-4934-4cb5-8d84-8889d1a19275";
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/CD65-0F67";
+      fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" ];
+    };
+
+  swapDevices = [ { device = "/swapfile"; size = 8 * 1024; } ];
+
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}