From 73814bfa47ec3b7e5a813205878415e7509e4320 Mon Sep 17 00:00:00 2001
From: Andrea Ciceri <andrea.ciceri@autistici.org>
Date: Fri, 11 Apr 2025 11:08:47 +0200
Subject: [PATCH] New `pike` host

---
 hosts/default.nix      |  27 +++++++
 hosts/pike/default.nix | 176 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 203 insertions(+)
 create mode 100644 hosts/pike/default.nix

diff --git a/hosts/default.nix b/hosts/default.nix
index 8dedf86..87197a3 100644
--- a/hosts/default.nix
+++ b/hosts/default.nix
@@ -121,6 +121,33 @@
         };
       };
 
+      pike = {
+        vpn = {
+          ip = "10.100.0.8";
+          publicKey = "16ctjunXCXDPLSUhocstJ9z9l45/YuJFxlLkpoxChjI=";
+        };
+        extraModules = [
+          inputs.lix-module.nixosModules.default
+          inputs.catppuccin.nixosModules.catppuccin
+        ];
+        extraHmModules = [
+          inputs.impermanence.homeManagerModules.impermanence
+          "${inputs.homeManagerGitWorkspace}/modules/services/git-workspace.nix"
+          inputs.vscode-server.nixosModules.home
+          inputs.catppuccin.homeManagerModules.catppuccin
+        ];
+        secrets = {
+          "pike-wireguard-private-key" = { };
+          "chatgpt-token".owner = "ccr";
+          "cachix-personal-token".owner = "ccr";
+          "git-workspace-tokens".owner = "ccr";
+          "autistici-password".owner = "ccr";
+          "restic-hetzner-password" = { };
+          "forgejo-runners-token".owner = "nixuser";
+          "forgejo-nix-access-tokens".owner = "nixuser";
+        };
+      };
+
       tpol = {
         extraModules = with inputs; [
           lix-module.nixosModules.default
diff --git a/hosts/pike/default.nix b/hosts/pike/default.nix
new file mode 100644
index 0000000..b41a811
--- /dev/null
+++ b/hosts/pike/default.nix
@@ -0,0 +1,176 @@
+{
+  fleetModules,
+  lib,
+  config,
+  pkgs,
+  ...
+}:
+{
+  imports = fleetModules [
+    "common"
+    "ssh"
+    "ccr"
+    "nix"
+    "networkmanager"
+    "bluetooth"
+    "dbus"
+    "docker"
+    "fonts"
+    "qmk-udev"
+    "mosh"
+    "udisks2"
+    "xdg"
+    "pipewire"
+    "nix-development"
+    "waydroid"
+    "virt-manager"
+    "ssh-initrd"
+    "printing"
+    "pam"
+    "wireguard-client"
+    "binfmt"
+    "greetd"
+    # "syncthing"
+    "hass-poweroff"
+    "forgejo-runners"
+    "teamviewer"
+    "sunshine"
+    "mount-sisko"
+    "adb"
+    "prometheus-exporters"
+    "promtail"
+    "zerotier"
+  ];
+
+  ccr = {
+    enable = true;
+    autologin = false;
+    modules = [
+      "git"
+      "git-workspace"
+      "helix"
+      "shell"
+      "zellij"
+      # "element"
+      "zmkbatx"
+      "tremotesf"
+      "firefox"
+      "gpg"
+      "mpv"
+      "password-store"
+      "slack"
+      "hyprland"
+      "niri"
+      "udiskie"
+      "xdg"
+      # "spotify"
+      "lutris"
+      "wine"
+      "cura"
+      "chrome"
+      "email"
+      "digikam"
+      "dolphin"
+      "tor-browser"
+      "kicad"
+      "monero"
+      # "zulip"
+      "teams"
+      "obs-studio"
+      "calibre"
+      "reinstall-magisk-on-lineage"
+      "vscode-server"
+      "zk"
+      "catppuccin"
+      "freecad"
+      "zathura"
+      "imv"
+      "libreoffice"
+      "emacs"
+      "vial"
+      "chirp"
+      "sdrangel"
+      "discord"
+      # "ib-tws"
+      "zoom"
+      "pantalaimon"
+    ];
+    extraGroups = [ "plugdev" ];
+    backupPaths = [ ];
+  };
+
+  boot.kernelParams = [ "ip=dhcp" ];
+  boot.initrd.kernelModules = [ "amdgpu" ];
+  boot.initrd.availableKernelModules = [
+    "nvme"
+    "xhci_pci"
+    # "ahci"
+    "usbhid"
+    # "r8169"
+    "thunderbolt"
+    "vmd"
+    "usb_storage"
+    "sd_mod"
+  ];
+  boot.kernelModules = [
+    # "kvm-amd"
+    # "ddcci"
+    # "ddcci-backlight"
+    # "i2c-dev" # needed?
+  ];
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  fileSystems."/" = {
+    device = "zpool/root";
+    fsType = "zfs";
+    options = [ "zfsutil" ];
+  };
+
+  fileSystems."/nix" = {
+    device = "zpool/nix";
+    fsType = "zfs";
+    options = [ "zfsutil" ];
+  };
+
+  fileSystems."/var" = {
+    device = "zpool/var";
+    fsType = "zfs";
+    options = [ "zfsutil" ];
+  };
+
+  fileSystems."/home" = {
+    device = "zpool/home";
+    fsType = "zfs";
+    options = [ "zfsutil" ];
+  };
+
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/4AA5-7242";
+    fsType = "vfat";
+    options = [
+      "fmask=0022"
+      "dmask=0022"
+    ];
+  };
+
+  services.zfs.autoScrub.enable = true;
+
+  networking.hostId = "30fc8ed7";
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  powerManagement.cpuFreqGovernor = lib.mkDefault "schedutil";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+  hardware.enableRedistributableFirmware = lib.mkDefault true;
+
+  hardware.graphics = {
+    enable = true;
+    enable32Bit = true;
+  };
+
+  zramSwap = {
+    enable = true;
+    algorithm = "zstd";
+  };
+}