6 files changed, 172 insertions, 0 deletions
diff --git a/hosts/T495/configuration.nix b/hosts/T495/configuration.nix
new file mode 100644
index 0000000..171f746
--- /dev/null
+++ b/hosts/T495/configuration.nix
@@ -0,0 +1,64 @@
+{ config, lib, pkgs, ... }: {
+	imports = [
+		./hardware-configuration.nix
+		./wg.nix
+		../../nixos/archetypes/tjkeller
+	];
+
+	# Setup bootloader
+	boot._loader.enable = true;
+
+	# Enable common options
+	_archetypes = {
+		# Use desktop profile
+		profiles.desktop.enable = true;
+		# Install software
+		collections = {
+			desktop = {
+				extraUtilities.enable = true;
+				cad.enable = true;
+				chromium.enable = true;
+				crypto.enable = true;
+				graphics.enable = true;
+				office.enable = true;
+			};
+			development = {
+				android.enable = true;
+				c.enable = true;
+				docker.enable = true;
+				lua.enable = true;
+				web = {
+					hugo = {
+						enable = true;
+						openFirewall = true;
+					};
+					node.enable = true;
+				};
+			};
+			bluetooth.enable = true;
+		};
+		# Setup user
+		users.primary = {
+			enable = true;
+			autologin.enable = true;
+		};
+		# Enable network drives
+		tjkeller = {
+			nas = {
+				enable = true;
+				office.enable = true;
+			};
+		};
+	};
+
+	# Install spotify
+	nixpkgs.config.allowUnfree = true;
+	environment.systemPackages = with pkgs; [
+		spotify
+	];
+
+	# Use amdgpu driver for x11
+	services.xserver.videoDrivers = [ "amdgpu" ];
+
+	system.stateVersion = "24.05";
+}
diff --git a/hosts/T495/hardware-configuration.nix b/hosts/T495/hardware-configuration.nix
new file mode 100644
index 0000000..6258a83
--- /dev/null
+++ b/hosts/T495/hardware-configuration.nix
@@ -0,0 +1,49 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "nvme" "ehci_pci" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/4256823f-107b-41a9-851d-6bd9939f1f4b";
+      fsType = "btrfs";
+      options = [ "subvol=@" ];
+    };
+
+  boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/f20115a9-0a0e-43d2-9cee-c705b2de43b9";
+
+  fileSystems."/home" =
+    { device = "/dev/disk/by-uuid/4256823f-107b-41a9-851d-6bd9939f1f4b";
+      fsType = "btrfs";
+      options = [ "subvol=@home" ];
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/9441-53B1";
+      fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" ];
+    };
+
+  swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp3s0f0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
diff --git a/hosts/T495/home.nix b/hosts/T495/home.nix
new file mode 100644
index 0000000..f233c08
--- /dev/null
+++ b/hosts/T495/home.nix
@@ -0,0 +1,19 @@
+{ ... }: {
+	imports = [ ../../home ];
+
+	theme = {
+		mint.theme.color = "Dark-Purple";
+		mint.icons.color = "Purple";
+		st = {
+			enable = true;
+			font = "TamzenForPowerline:pixelsize=20";
+		};
+	};
+	wallpapers.enable = true;
+
+	home.file.input-leap-config = {
+		source = ./resources/input-leap;
+		recursive = true;
+		target = "./.config/input-leap";
+	};
+}
diff --git a/hosts/T495/resources/input-leap/input-leap.conf b/hosts/T495/resources/input-leap/input-leap.conf
new file mode 100644
index 0000000..c2d5176
--- /dev/null
+++ b/hosts/T495/resources/input-leap/input-leap.conf
@@ -0,0 +1,12 @@
+section: screens
+	T495:
+	optiplex:
+end
+
+section: links
+	T495:
+		up = optiplex
+
+	optiplex:
+		down = T495
+end
diff --git a/hosts/T495/resources/secrets/wg0.yaml b/hosts/T495/resources/secrets/wg0.yaml
new file mode 100644
index 0000000..6df5ff6
--- /dev/null
+++ b/hosts/T495/resources/secrets/wg0.yaml
@@ -0,0 +1,21 @@
+wg0: ENC[AES256_GCM,data:Zxw98YrH2QYyU8u4sk0geOUQXfOZK9scGPECbKruehcDffJlRspmsS2k3sSahdAIcJjIjauGmZ7usXus2wKAiRnYsl2e4P/0IUVp8L8UJp52iPZVEvT9JRELPYQ9gBBNmp/HDYglxP7uHx2bzcCTvCr4fFdQZgsUSl/pd6pBtSMwupsK5U9Xfz9Sh7JNTlpgpU4jlkl676XnrCo0HyL7rXMp4S6Ruhfve8gwJYP8QLn4DiwnP69Flc54MDQRKSvlvYca8dZIrS1N3h9k6aO1eB/z4I3qPN0/p7yT9pdfemaDpEqf1+byRKGYuED1Ge8P3D0+qRWJBd5GmoSHC8NV9KVV3DrAJ/QLOLCqm8oN0UGxQW5lbWi6lIQ708kodEDOsBREexRPOzjYAjajBr6O6wCtRThgce4yOg9ZwqxVDERqIz1fR034b56LrZtKjOSlJtmkmMCuCGrVkKj4L7JvBfKtCjBN+TOyONsClY/Vhd+XzNWWk8d8FVraOE2rJN4+ss7UL+jBth3DfSbr739cEQDhHRKoMPvXy0FhPVw=,iv:CN82pOBNCtICzM0Ac9Gh+x8pUSK1Fc2v2KmM+de3A78=,tag:KuGiC+Ak550d6njSdX4muA==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1w80rc0dnuu8nw99gw64c596qqetm78jdnsqajr0u7ephykekr39qfz8vnv
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4NEN4NGxDR1oreGVoSGhE
+            TzMxSEY0QVBhS2Z6MW15ci9aVlJ0a3IyVlZBCldPRVNvcUhJSHhWSEk3akd4RjN0
+            ajhUV2d1ZWRsRFU4cTE2dGl6RmM4MGsKLS0tIFhnUjl5aDJqWVB1NE15SlNzR2Iv
+            YTNydURsOUMrSXZGdk9UOUdUQlA0SFUKxEDJRR6tpYva9qpWo9NxwCxk/xpRVoTl
+            YJkmDZzMcXikXXiro96AprP9dXJXvMPKYPGl2Zsal8PlGFPBoHW2GA==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-01-05T18:21:12Z"
+    mac: ENC[AES256_GCM,data:VEtpQLHMoQK7Qg4PT2DkNNMurjRE0ZadyiQ0uYsPJ0K2lS0gD8pPwb8btiq7KXXOGWWZOMYRDaRKOENy44f/k+16GOpO6jaKAfN6eEcidaWlP7zvpeNzt7LImFqn/Sjv4rq1+DmvGxyyNjuK8BwvvAfnZwG6KXbn7Bh6xgfTnLs=,iv:Jf4f5j6BTkDBmah3izIESsAn7wDMUFU6NbsqpFIdui4=,tag:yNg374unwHaDEK43+Y0eWg==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.9.2
diff --git a/hosts/T495/wg.nix b/hosts/T495/wg.nix
new file mode 100644
index 0000000..3881b63
--- /dev/null
+++ b/hosts/T495/wg.nix
@@ -0,0 +1,7 @@
+{ config, pkgs, inputs, ... }: {
+	sops.secrets.wg0.sopsFile = ./resources/secrets/wg0.yaml;
+
+	networking.wg-quick.interfaces = {
+		wg0.configFile = config.sops.secrets.wg0.path;
+	};
+}