init new host

Signed-off-by: pph <pph@pph.pph>
2026-04-02 11:12:09 +02:00 · 2026-02-05 19:57:56 +01:00
parent 5736c8ccf2
commit 87778bd3fa
7 changed files with 247 additions and 0 deletions
--- a/flake.nix
+++ b/flake.nix
@@ -53,6 +53,21 @@
            ./hosts/laptop/configuration.nix # CHANGEME: change the path to match your host folder
          ];
        };
+
+      pph =
+        nixpkgs.lib.nixosSystem {
+          modules = [
+            {
+              nixpkgs.overlays = [];
+              _module.args = {
+                inherit inputs;
+              };
+            }
+            inputs.home-manager.nixosModules.home-manager
+            inputs.stylix.nixosModules.stylix
+            ./hosts/pph/configuration.nix 
+          ];
+        };
      # Jack is my server
      jack = nixpkgs.lib.nixosSystem {
        modules = [
--- a/hosts/pph/configuration.nix
+++ b/hosts/pph/configuration.nix
@@ -0,0 +1,25 @@
+{config, ...}: {
+  imports = [
+    # Mostly system related configuration
+    ../../nixos/audio.nix
+    ../../nixos/bluetooth.nix
+    ../../nixos/fonts.nix
+    ../../nixos/home-manager.nix
+    ../../nixos/nix.nix
+    ../../nixos/systemd-boot.nix
+    ../../nixos/sddm.nix
+    ../../nixos/users.nix
+    ../../nixos/utils.nix
+    ../../nixos/hyprland.nix
+    ../../nixos/docker.nix
+
+    # You should let those lines as is
+    ./hardware-configuration.nix
+    ./variables.nix
+  ];
+
+  home-manager.users."${config.var.username}" = import ./home.nix;
+
+  # Don't touch this
+  system.stateVersion = "24.05";
+}
--- a/hosts/pph/hardware-configuration.nix
+++ b/hosts/pph/hardware-configuration.nix
@@ -0,0 +1,31 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/5dbf85d3-d236-4af8-b489-d6066bfe1eb7";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/043E-1755";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices = [ ];
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
--- a/hosts/pph/home.nix
+++ b/hosts/pph/home.nix
@@ -0,0 +1,75 @@
+{
+  pkgs,
+  config,
+  ...
+}: {
+  imports = [
+    # Programs
+    ../../home/programs/brave
+    ../../home/programs/ghostty
+    ../../home/programs/nvf
+    ../../home/programs/shell
+    ../../home/programs/fetch
+    ../../home/programs/git
+    ../../home/programs/git/lazygit.nix
+    ../../home/programs/thunar
+    ../../home/programs/nixy
+    ../../home/programs/zathura
+    ../../home/programs/nightshift
+    ../../home/programs/group/cybersecurity.nix
+
+    # System (Desktop environment like stuff)
+    ../../home/system/hyprland
+    ../../home/system/caelestia-shell
+    ../../home/system/hyprpaper
+    ../../home/system/mime
+    ../../home/system/udiskie
+
+    ./variables.nix # Mostly user-specific configuration
+    ./secrets
+  ];
+
+  home = {
+    packages = with pkgs; [
+      # Apps
+      vlc # Video player
+      blanket # White-noise app
+      obsidian # Note taking app
+      textpieces # Manipulate texts
+      resources # Ressource monitor
+      gnome-clocks # Clocks app
+      gnome-text-editor # Basic graphic text editor
+      mpv # Video player
+
+      # Dev
+      go
+      bun
+      docker
+      nodejs
+      python3
+      jq
+      just
+      air
+      duckdb
+
+      # Just cool
+      peaclock
+      cbonsai
+      pipes
+      cmatrix
+      fastfetch
+
+      # Backup
+      vscode
+      vivaldi
+    ];
+
+    inherit (config.var) username;
+    homeDirectory = "/home/" + config.var.username;
+
+    # Don't touch this
+    stateVersion = "24.05";
+  };
+
+  programs.home-manager.enable = true;
+}
--- a/hosts/pph/secrets/default.nix
+++ b/hosts/pph/secrets/default.nix
@@ -0,0 +1,42 @@
+# Those are my secrets, encrypted with sops
+# You shouldn't import this file, unless you edit it
+{
+  pkgs,
+  inputs,
+  ...
+}: {
+  imports = [inputs.sops-nix.homeManagerModules.sops];
+
+  sops = {
+    age.keyFile = "/home/hadrien/.config/sops/age/keys.txt";
+    defaultSopsFile = ./secrets.yaml;
+    secrets = {
+      ssh-config = {path = "/home/hadrien/.ssh/config";};
+      github-key = {path = "/home/hadrien/.ssh/github";};
+    };
+  };
+
+  home.file.".config/nixos/.sops.yaml".text = ''
+    keys:
+      - &primary age12yvtj49pfh3fqzqflscm0ek4yzrjhr6cqhn7x89gdxnlykq0xudq5c7334
+      - &work age1c8pawdsxptfslgrz2c56s39mrtnjzc5mm3hfzgr2wdwu2v6vfsdsupjsq6
+    creation_rules:
+      - path_regex: hosts/laptop/secrets/secrets.yaml$
+        key_groups:
+          - age:
+            - *primary
+      - path_regex: hosts/server/secrets/secrets.yaml$
+        key_groups:
+          - age:
+            - *primary
+      - path_regex: hosts/pph/secrets/secrets.yaml$
+        key_groups:
+          - age:
+            - *work
+  '';
+
+  systemd.user.services.mbsync.Unit.After = ["sops-nix.service"];
+  home.packages = with pkgs; [sops age];
+
+  wayland.windowManager.hyprland.settings.exec-once = ["systemctl --user start sops-nix"];
+}
--- a/hosts/pph/secrets/secrets.yaml
+++ b/hosts/pph/secrets/secrets.yaml
@@ -0,0 +1,17 @@
+ssh-config: ENC[AES256_GCM,data:Lumo+F66f212HZPAu61nO3Wqf/0uBPL5tL/p1SaAGDrWxq3ELlM/zMdF0q9UTcCdX2l7ech08oo2J94m3Z3IWn2u3Ooeu35L9beaRvOcrXuUz3SZDL311hY59tpENLPk6FmSDfMtoOG52Q2jvEo4+6EQ7+5Vl28fZQwRaixOOA==,iv:YrpcQb14UKndXKudZq93efky3f5K1HOaVutpx0iQ3YE=,tag:2w/UVzwgkYoCpq0aj/+7Iw==,type:str]
+github-key: ENC[AES256_GCM,data:GmZfleQssslbVIiqyzhszhsfXHZcuBgkCREna7AHtP95lyG2F/0u8LUmliQePxwMirJLHCMnl5z0QIvAIsOtXsb6oKEk+Zc9BRapE/d+vmaKqWH06ip5TIEkGHOzxPziR1KmaLPw6RpgyC84p00jiNy6uNPq8iEibdsLA/YPSxfiYCon+i3qZ4qEDws2ZBacEvYCt6A/vyXSTpv3mZCpAUP2Ageghy4mYioIxjt/AG/QwJaN3excyoPPITZ7kMrnJ1t/6vSu0rb15i0sWULFIuOLaniTpp3N3mw7A9t5W+z9POBUIoL9L/m3DMRKsl6Fck8s/Fp+5XvpkSCTZIqG+lJVz/eemZcsr/mR9rvsFmCKNjS7Fa54WZ8O/yABWjIV2e4DCdMgUnq/MlOePmPWJROTqjIjRACrgzco2s9KwCvBAfZJIOenc0sMIhgn0VA1gnxTHC1ycJp5T5awTfTVTImxCACnUZK8nChCEpiK1QGSpnxTD3a9RoaHiE3pBiINmYVK7eU3VWqVh1K9wvIODfTK1zASr3ere8Rvx3xmIiK6NKx5GFQ4DazZsyv1zDZYb/kOVu33sSlmGuoMvJ9QadN0+fu8sTj0hi9OBH6qpTIrSw9SWhJnX4fXMN6mbwC2QJB+jJYrh/G10J3xAZwxlrujVz9t7fFzv31Xitk8zSkvFpfJFbJWcGZArvyvTP4xPDh/2+eXqK01nQ002puv7XIIEJaF0kOcASR0w7qjDXG598IGBwypFyj+oljBWluMkjNV+M9Gc+YhbsDYSyI56fqqraC3Vqek8dXK8PmNFfQ62zZtZ3OMBzMjwe+tq0Q6LKdzaJR3N4pF2wqj9df37S/onJFCpU3+XkU5Ur9fk94bs8McvY5Y5k0r6TZNbz6Ye08yHVZa/MzPQG9dXpc38hHdfldDj6gz87XkHQDbABzqQ+j1RL0N7NUMsa9tR3hJZPV2lZYm5TNQYfAa8jDnuO2NwhGrGoD/jFycVElulyHV2F1goMag9MRGK7obpoVUN2RtnSj1eYlH0E6uGuCwBe8GAjhIVCnXQIn5hErJjh7VWeeastdfMlw5z3JzKMaTPXusLY0BoGejDIvRh8NE+R9vv4kO4PDJk/dTYTGfBhgcjdD+nD/uf1mdpzlV/ojaGbH2JxylQ8LkWVd7rwIhS4skLwcE+9NHuBVTkc2eP9i0FnTxsJOlX1RWQn3OewxrcnNuVaGMnZisIk/hXz4Qj1I32+5vD1w5vzRZyXy9QZBGlED6ggbj7SDuSBKze6KYq2saIf4d0n8pScyiziSjGzaKdjW9k7T15XOg6O4kbwuG+fOQSOLGB0lY173gA5P5hy4SRF12Yyk4fK1N/T80SudI/DTy5Zj+e1uvPcBseAw0EGDUoyWeqSTCMSdk4q+B6mdvFPx3002EuhVKE6saNMzTZ/5CweLQlYFSp4fmIVhkih7XKcNSOamjsUFFVjjg5QNY9lDuvJ25DTIhvD9xhr7VHgyVSV6CoyUUkOpOA0GWW4Qx+xvv+NrDjsVVlmKUlGRsX7HNPZIyS4RiR7ikP/jLVNYYig63vXqvuIqXeLLAdyrO6DwfcnM51u0Q6Dpsb9OJbNR1zjxK9MSyVyHMP6RNs1oQgPfypa67eQMJ7Tw9JEHIH/VMVL/Ha7dfThB3mkAM5HRbnUA6eSMkwYdBjRF27ERXLSywCitIVx9xsN//FcR8yg0iDQvmp+HPWQkL4zJo6lPLblIhgNWsp7i23F554G4KpbosKZU6RwG7xNaqMF0ATAxt2l0oIU7DGmO6iH7W1kyiLmBBAqFOR+43ikSZOqgJh/PjlFLE0hdoDzL3jerFPA7CCU4bmcspBO3afS/wLO1AaQ6i9rLlRpjY+8HRpB6PKEPOVUrAoaef88vICQDN39/Z3a4IfUIqJ6bEYZRhoVrMJF0FXGDpO7hk0cfXabj3VKG7n0LtDFD6vzydhfh2E3sIY6sSUNtSWJ9DOWk0MtrVhuZoHB9XPiXPShm25BitaHJsB6tin+8AUMhLz1kfDO1Qo6FUpNKnFXBVuYL05J2nqG7RRYwXZq9mqwhHLmsUtVjhndpwHK929WeQ/PR1A2OOJPuXWARjp2XhhBlrbrYy1RnY528joLc8wWtQGQVx4LmJKA8lxFtdb3Ina57N8R/U1Vvf//vBBb1blfgYY7w6zfwxeAjtbqnGVhWb3pdM2hAou/5M9rMOJxE+CyUtLibahO7sfZ9nnMb4gltQfKmN4LnwXPmaILz0xx0eJvsbN/yV+CLnmBqJ8D+dJg6ANGrTbMSveWvgIifr3NIIy1t2l6hQyYRava8XhoRCW7xmxTNzQzUh3xY17Z4cw5YJ4ac139Le836mzCKl9yscI5R2a97g7tnGOruQP/PCu6DIUaLRoitfpnEorZBLuVwUU00QW1RUb4ooKrvGap5/GjqglsVdiZQJrml+REmZyJRtoBT29zXU/JI6UYZrwRvXhRu4mWaxrLEmrrqQ5ABqpwy4ednuxQbHZPY3Hy1tXEtc3zeloT877cLgmgJ5CaYHnyXindpHzQBtPBMmbE8zHHs1lyZ11Jz1hfGc5h48U5YjyrXQqpbLSf6DC53ysXDl/JE4lD0WElqUmq15VpTZ2Ue43CEfasbXbP4mAZ7ixQXj3qVZZNz1tZ8Y5MZYqvtZC1YDn/tAWtd0SuUwK5qdq7mRo7d/dLASnkTGQfdg7QD2+EsWPtT2wtmVsPVQyatP3isM6wLO8LY+h/1hZyPyyJ6X9LXbac+/SGXECP6nvxbDkhzbcwQBZDHNopAeVbLQ9TyruvIxqDlyOjBgygigJlOiWA2zihf7ujn+bBjQVV/wNROfFS9IrKgITgWgeInGeWs0fXW4KoJNMqI7ftk7VWcKBonoNItanEHin2pwDRZM+v5xxjbjA5K4ZOqSMnwIPMr7WceKy14OMZN0o1MRmFOV9i128KkcppZAKt5++CmndtLsHfJ4sl+AfoYhLJcX9JTPLMD9sKqtZl086I+dI+rS3RAFkKdzgkY2BMXaOCWg33fC3S8olno4y8qFTnI+6UT/M+EZtsIoh1rG2MX3TdVNH1yppPK+1UluYxmPZxNSLJajUmFgAixq7AqFd40ULrHs/nCozoIgs772ttzo55Ri/7BCO+INtnyBp0MeNCHWC8g+UOwH/vGqdsRIQE28udwrmDIdt3Bh+tK9r5+6GvZN8gC89ZaorI+5uaLxFsjwMM3pNpIMfilahN47tbfcqXKRWpOSNbWo75L9bv0I1U2YPQ5JpKTjPveM5gL5l/8dMARrGfQ7qLB54x7kQRG6HCQmAnQr3t6HWU5bTKL1NKbb4HlqUai11k4/yAAPu8JrJjvDkIcNXILKQkN8wNQYZE91ALo/EsvnFO57+ev9jy1bYfkJkwp+qbirh7w/150qGZpADIWU4u8sirPofqj0aTZQI/53iPiuvhV8B50ZATCL8So3dFV8iQjfHp4jJdjoc6HatQMfuAsSi4PUBDv9Deh7NXRdfjXGwjvDZj03EnTty13qUE/caYxKKcUwbxzlmxLU/BxWL4/Zn6/MK9fCjcT4EBvSQQPNvYgmLUZrAEzL46X4sO7dKaZxvEelHzO2SeNbeW9fYUqL2tQ4ChnC46oKvIF+XT5xfGS1er7Mske6Y2JVs7loOMNpDfzIHZEWNA3iSmFGnhGU51itsWP3DmJAE+/dVRA/lkPiQmP/XofZtuLPyY3JKD/CHmKMvkuDrB+Q6ZZjUONfH7KZcTrBPM0RcNze2xJEk8xjUtL6XQm5tUYyy2RDYl7yVPDn5a1olgATkv+4BroxOLBpQ0HkQpnsj549sa+40IEMOZUDNoExjvs6ukEgax4/Fi8slTc++vRCv7kyMGl6DeFV3oAVzvkTK/vQfG0C8yXwuYG9wN9Ihn9GSgPejXBb4uxuZoFpa0/BfJBa5xYM1c+ewf7qIQA5I0Tnm3W9YXqZ6XHK+TaduqJ6xQcD9MrD79sJpeR7GoMIi7vHGEJU8ZN8AGX1/qpM5dwbB4CfgYk0AQauHhdaVzgYym2AueywyUaaRzit2dn9oIvDfksHqXV+QVfXXBuLbt6x5O7KNGZwuQhaRamPHl/SckxW5Tm+tZjsizs3hB2f+JWCO+BuboxDbO0YfolasX2YUDBfrvtqeCZ/WAt+VQYLJ3fzXtmVafeIWDWmNhi6FfkuZ1gCwmubQzSBMYG4Usc2T6OTUN51cbSx/IGSCIBeJ+goOWCc1hpjyqrvaoH+brTgR0gwbczI5h5ukfi1ZrXuL5Bwqj9mwyK1vkLYBcF2uNL2KDrRTgGBVMbHwc2/5KdCnMTmjmghDtRJxzFkaSsHODjapW8or7wJpMYDDaTLQgGWQ+weUDNrilhWau3HWo2T/V8SlyFRcrGvs2WLhF2o5/4a5lpnZZGcnp22iX5GVU4jBaqraSd9W5DuXIxXGRLCkONrxz82Vw3rzB3hop362O1zSS2ygFLxF/QPk3tspWWNyMMKlXByLne6oqmVRK5etxoNbqYeOiO80fWqXNv7FAG8zjIj+gpQfIQEGQsmpeufKAVgQlczPzglzpR0hcA=,iv:7SuHnThyDeOMpDMZ5/LCiyxsFvzkNwEV8xpL56FI/qw=,tag:4CLUrclfHQU+2M1OxLtw7w==,type:str]
+sops:
+    age:
+        - recipient: age1c8pawdsxptfslgrz2c56s39mrtnjzc5mm3hfzgr2wdwu2v6vfsdsupjsq6
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvelBDQ2FYR3dvRHl6dUc4
+            UmwyZXhKL3JyS09JSUxZUFEzdmlTQk4xZFJRCm9vQmlzUzlZelZCWlVTVzJEN3N1
+            MXV1RGZSTHN2KzBRVDdvQURGTE1PZUUKLS0tIEp6UlZsZlFORUVSb0w0ZERsQ1pB
+            Szd1TDFqQ016WWd1SFowN0ptcGlyRGcKRH424S/7enLTuACcJyFUdbIgsUl0U/5i
+            6WRrU0kHesh0gcxU1QMvLKiUZdYwo+pFoDWZiocNUKlEt49isncMrQ==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2026-02-05T18:53:31Z"
+    mac: ENC[AES256_GCM,data:nZ4y/ftfZylcwIwQ5G/Ek8U4WCn6Y18zriZEFAD996xEN3r0d73+uxcm5BWgmzmI8sL+u+iyKh3vU6E+yfhY1kT7/rZqKDwrjRG1kBRzxEdc1XLwGazo7LWPzAakhugVOAlcYewg3vq/IO3XzaAnmxXMgpwDDe0m+1wDNr0XeOs=,iv:B8sWrKmumSnyf1ycEZJmrN/MZP0hmO5s5CEtGEuJi+4=,tag:dCQWj3R24n9U5+buNq2plg==,type:str]
+    unencrypted_suffix: _unencrypted
+    version: 3.11.0
--- a/hosts/pph/variables.nix
+++ b/hosts/pph/variables.nix
@@ -0,0 +1,42 @@
+{
+  config,
+  lib,
+  ...
+}: {
+  imports = [
+    # Choose your theme here:
+    ../../themes/rose-pine.nix
+  ];
+
+  config.var = {
+    hostname = "pph";
+    username = "hadrien";
+    configDirectory =
+      "/home/"
+      + config.var.username
+      + "/.config/nixos"; # The path of the nixos configuration directory
+
+    keyboardLayout = "fr";
+
+    location = "Paris";
+    timeZone = "Europe/Paris";
+    defaultLocale = "en_US.UTF-8";
+    extraLocale = "fr_FR.UTF-8";
+
+    git = {
+      username = "pph";
+      email = "pph@pph.pph";
+    };
+
+    autoUpgrade = false;
+    autoGarbageCollector = true;
+  };
+
+  # DON'T TOUCH THIS
+  options = {
+    var = lib.mkOption {
+      type = lib.types.attrs;
+      default = {};
+    };
+  };
+}