4 files changed, 153 insertions, 0 deletions

diff --git a/profiles/defaults.nix b/profiles/defaults.nix
index 7c8a7fb..80292b6 100644
--- a/profiles/defaults.nix
+++ b/profiles/defaults.nix
@@ -16,6 +16,40 @@
     };
   };
 
+  nix = {
+    gc = {
+      automatic = true;
+      options = "--delete-older-than 14d";
+    };
+
+    optimise.automatic = true;
+
+    extraOptions = ''
+      tarball-ttl = 900
+    '';
+
+    package = pkgs.nixVersions.stable;
+
+    settings = {
+      trusted-substituters = [
+        "https://cachix.cachix.org"
+        "https://nixpkgs.cachix.org"
+        "https://nix-community.cachix.org"
+      ];
+      trusted-public-keys = [
+        "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM="
+        "nixpkgs.cachix.org-1:q91R6hxbwFvDqTSDKwDAV4T5PxqXGxswD8vhONFMeOE="
+        "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
+        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+      ];
+      trusted-users = [ "root" ];
+      experimental-features = lib.mkDefault [
+        "nix-command"
+        "flakes"
+      ];
+    };
+  };
+
   networking = {
     useNetworkd = true;
     # Used by systemd-resolved, not directly by resolv.conf.
diff --git a/profiles/hardware/do-droplet.nix b/profiles/hardware/do-droplet.nix
new file mode 100644
index 0000000..0744181
--- /dev/null
+++ b/profiles/hardware/do-droplet.nix
@@ -0,0 +1,67 @@
+{ modulesPath, lib, ... }:
+{
+
+  imports = [
+    (modulesPath + "/virtualisation/digital-ocean-config.nix")
+  ];
+
+  boot.loader.grub = {
+    efiSupport = true;
+    efiInstallAsRemovable = true;
+  };
+
+  networking.useDHCP = lib.mkForce false;
+
+  # this one seems to always be broken
+  systemd.services.growpart.enable = lib.mkForce false;
+
+  # in order to get networking setup we need to enable it in cloud-init
+  # Disables all modules that do not work with NixOS
+  # Based on https://github.com/nix-community/nixos-anywhere-examples/blob/7f945ff0ae676c0eb77360b892add91328dd1f17/digitalocean.nix
+  services.cloud-init = {
+    enable = true;
+    network.enable = true;
+    settings = {
+      datasource_list = [
+        "ConfigDrive"
+        "Digitalocean"
+      ];
+      datasource.ConfigDrive = { };
+      datasource.Digitalocean = { };
+      # Based on https://github.com/canonical/cloud-init/blob/main/config/cloud.cfg.tmpl
+      cloud_init_modules = [
+        "seed_random"
+        "bootcmd"
+        "write_files"
+        "growpart"
+        "resizefs"
+        "set_hostname"
+        "update_hostname"
+        "set_password"
+      ];
+      cloud_config_modules = [
+        "ssh-import-id"
+        "keyboard"
+        "runcmd"
+        "disable_ec2_metadata"
+      ];
+      cloud_final_modules = [
+        "write_files_deferred"
+        "puppet"
+        "chef"
+        "ansible"
+        "mcollective"
+        "salt_minion"
+        "reset_rmc"
+        "scripts_per_once"
+        "scripts_per_boot"
+        "scripts_user"
+        "ssh_authkey_fingerprints"
+        "keys_to_console"
+        "install_hotplug"
+        "phone_home"
+        "final_message"
+      ];
+    };
+  };
+}
diff --git a/profiles/hardware/framework-desktop.nix b/profiles/hardware/framework-desktop.nix
new file mode 100644
index 0000000..85580d1
--- /dev/null
+++ b/profiles/hardware/framework-desktop.nix
@@ -0,0 +1,30 @@
+{ inputs, ... }:
+{
+  imports = [
+    inputs.nixos-hardware.nixosModules.framework-desktop-amd-ai-max-300-series
+  ];
+
+  boot.loader.efi.canTouchEfiVariables = true;
+  boot.loader.systemd-boot.enable = true;
+
+  boot.kernelModules = [
+    "kvm-amd"
+    "k10temp"
+    "nct6775"
+  ];
+
+  boot.initrd.availableKernelModules = [
+    "nvme"
+    "r8169" # ethernet driver
+    "sd_mod"
+    "thunderbolt"
+    "usb_storage"
+    "usbhid"
+    "xhci_pci"
+  ];
+
+  services.fwupd.enable = true;
+
+  hardware.enableRedistributableFirmware = true;
+  hardware.cpu.amd.updateMicrocode = true;
+}
diff --git a/profiles/hardware/synology-vm.nix b/profiles/hardware/synology-vm.nix
new file mode 100644
index 0000000..7d784eb
--- /dev/null
+++ b/profiles/hardware/synology-vm.nix
@@ -0,0 +1,22 @@
+{ lib, modulesPath, ... }:
+{
+  imports = [
+    (modulesPath + "/profiles/qemu-guest.nix")
+  ];
+
+  boot.initrd.availableKernelModules = [
+    "ata_piix"
+    "uhci_hcd"
+    "virtio_pci"
+    "virtio_scsi"
+    "sd_mod"
+    "sr_mod"
+  ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  swapDevices = [ ];
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}