From 4e0f171a2eabe574925a0005e8a660bdcee64156 Mon Sep 17 00:00:00 2001
From: Price Hiller <price@orion-technologies.io>
Date: Fri, 27 Oct 2023 01:46:14 -0500
Subject: [PATCH] feat(luna): initial luna configuration

---
 flake.nix                         |  8 +++
 hosts/luna/default.nix            |  3 +-
 hosts/luna/modules/networking.nix | 87 +++++++++++++++++++++++++++++++
 hosts/luna/modules/nix.nix        | 16 ++++++
 hosts/luna/modules/programs.nix   | 17 ++++++
 hosts/luna/modules/ssh.nix        | 15 ++++++
 hosts/luna/modules/user.nix       | 15 ++++++
 hosts/luna/os/boot.nix            | 16 ++++++
 hosts/luna/os/default.nix         | 10 ++++
 hosts/luna/os/filesystem.nix      | 16 ------
 10 files changed, 185 insertions(+), 18 deletions(-)
 create mode 100755 hosts/luna/modules/networking.nix
 create mode 100755 hosts/luna/modules/nix.nix
 create mode 100755 hosts/luna/modules/programs.nix
 create mode 100755 hosts/luna/modules/ssh.nix
 create mode 100755 hosts/luna/modules/user.nix
 create mode 100644 hosts/luna/os/boot.nix
 create mode 100644 hosts/luna/os/default.nix

diff --git a/flake.nix b/flake.nix
index 0bff675..572cfd4 100644
--- a/flake.nix
+++ b/flake.nix
@@ -18,5 +18,13 @@
         impermanence.nixosModules.impermanence
       ];
     };
+    nixosConfigurations.luna = nixpkgs.lib.nixosSystem {
+      system = "x86_64-linux";
+      specialArgs = inputs;
+      modules = [
+        ./hosts/luna
+        impermanence.nixosModules.impermanence
+      ];
+    };
   };
 }
diff --git a/hosts/luna/default.nix b/hosts/luna/default.nix
index da8cde7..90dacc7 100644
--- a/hosts/luna/default.nix
+++ b/hosts/luna/default.nix
@@ -1,9 +1,8 @@
 { config, lib, nixpkgs, ... }:
-
 {
   imports = [
     ./modules
-    ./os/filesystem.nix
+    ./os
   ];
   system.stateVersion = "23.11";
 }
diff --git a/hosts/luna/modules/networking.nix b/hosts/luna/modules/networking.nix
new file mode 100755
index 0000000..8393358
--- /dev/null
+++ b/hosts/luna/modules/networking.nix
@@ -0,0 +1,87 @@
+{ inputs, lib, pkgs, hostname, ... }:
+
+let
+  hostname = "luna";
+  networks_dhcp_use_dns = "no";
+  networks_dhcp = "yes";
+  networks_multicast_dns = "yes";
+  networks_ipv6_privacy = "yes";
+  networks_ipv6_accept_ra = "yes";
+  networks_network_config = {
+    DHCP = networks_dhcp;
+    MulticastDNS = networks_multicast_dns;
+    IPv6PrivacyExtensions = networks_ipv6_privacy;
+    IPv6AcceptRA = networks_ipv6_accept_ra;
+  };
+  resolved_nameservers = [
+    "1.1.1.1#cloudflare-dns.com"
+    "9.9.9.9#dns.quad9.net"
+    "8.8.8.8#dns.google"
+    "2606:4700:4700::1111#cloudflare-dns.com"
+    "2620:fe::9#dns.quad9.net"
+    "2001:4860:4860::8888#dns.google"
+  ];
+  resolved_fallback_nameservers = [ "1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one" ];
+in
+{
+  systemd.network = {
+    enable = true;
+    networks = {
+      "10-wlan" = {
+        matchConfig.Name = [ "wl*" ];
+        networkConfig = networks_network_config;
+        dhcpV4Config = {
+          RouteMetric = 600;
+          UseDNS = networks_dhcp_use_dns;
+        };
+        ipv6AcceptRAConfig = {
+          RouteMetric = 600;
+          UseDNS = networks_dhcp_use_dns;
+        };
+      };
+      "10-ethernet" = {
+        matchConfig.name = [ "en*" "eth*" ];
+        networkConfig = networks_network_config;
+        dhcpV4Config = {
+          RouteMetric = 100;
+          UseDNS = networks_dhcp_use_dns;
+        };
+        ipv6AcceptRAConfig = {
+          RouteMetric = 100;
+          UseDNS = networks_dhcp_use_dns;
+        };
+      };
+      "10-wwan" = {
+        matchConfig.name = [ "ww*" ];
+        networkConfig = networks_network_config;
+        dhcpV4Config = {
+          RouteMetric = 700;
+          UseDNS = networks_dhcp_use_dns;
+        };
+        ipv6AcceptRAConfig = {
+          RouteMetric = 700;
+          UseDNS = networks_dhcp_use_dns;
+        };
+      };
+
+    };
+  };
+
+  services.resolved = {
+    enable = true;
+    dnssec = "true";
+    domains = [ "~." ];
+    fallbackDns = resolved_fallback_nameservers;
+    llmnr = "true";
+    extraConfig = ''
+      MulticastDNS=yes
+      DNSOverTLS=yes
+      CacheFromLocalhost=no
+      Cache=yes
+    '';
+  };
+  networking = {
+    hostName = "${hostname}";
+  };
+
+}
diff --git a/hosts/luna/modules/nix.nix b/hosts/luna/modules/nix.nix
new file mode 100755
index 0000000..edf6fa7
--- /dev/null
+++ b/hosts/luna/modules/nix.nix
@@ -0,0 +1,16 @@
+{ pkgs, ... }:
+
+{
+  nix = {
+    settings = {
+      experimental-features = [ "nix-command" "flakes" ];
+      auto-optimise-store = true;
+      trusted-users = ["@wheel"];
+    };
+    gc = {
+      automatic = true;
+      dates = "weekly";
+      options = "--delete-older-than 7d";
+    };
+  };
+}
diff --git a/hosts/luna/modules/programs.nix b/hosts/luna/modules/programs.nix
new file mode 100755
index 0000000..54265b2
--- /dev/null
+++ b/hosts/luna/modules/programs.nix
@@ -0,0 +1,17 @@
+{ pkgs, ... }:
+
+{
+  nixpkgs.config.allowUnfree = true;
+
+  programs = {
+    zsh.enable = true;
+    neovim = {
+      enable = true;
+      defaultEditor = true;
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    "vim"
+  ];
+}
diff --git a/hosts/luna/modules/ssh.nix b/hosts/luna/modules/ssh.nix
new file mode 100755
index 0000000..504295f
--- /dev/null
+++ b/hosts/luna/modules/ssh.nix
@@ -0,0 +1,15 @@
+{ pkgs, ... }:
+
+{
+  services.openssh = {
+    enable = true;
+    settings = {
+      passwordAuthentication = false;
+      PermitRootLogin = "prohibit-password";
+      startWhenNeeded = true;
+    };
+    ports = [
+      2200
+    ];
+  };
+}
diff --git a/hosts/luna/modules/user.nix b/hosts/luna/modules/user.nix
new file mode 100755
index 0000000..74d69da
--- /dev/null
+++ b/hosts/luna/modules/user.nix
@@ -0,0 +1,15 @@
+{ pkgs, user, ... }:
+
+let
+ user = "price";
+in
+{
+  users.users = {
+    root = {
+      openssh.authorizedKeys.keys = [
+        "no-touch-required sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIJ9ODXLAIfGH/7VNobQsp5nwBvNoh+pQMEH7s2jkHpkqAAAACHNzaDpsdW5h"
+      ];
+      initialPassword = "pass";
+    };
+  };
+}
diff --git a/hosts/luna/os/boot.nix b/hosts/luna/os/boot.nix
new file mode 100644
index 0000000..cb68987
--- /dev/null
+++ b/hosts/luna/os/boot.nix
@@ -0,0 +1,16 @@
+{ ... }:
+{
+    boot = {
+    initrd = {
+      availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
+      kernelModules = [ ];
+    };
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+    kernelModules = [ "kvm-intel" ];
+    extraModulePackages = [ ];
+  };
+
+}
diff --git a/hosts/luna/os/default.nix b/hosts/luna/os/default.nix
new file mode 100644
index 0000000..224a17f
--- /dev/null
+++ b/hosts/luna/os/default.nix
@@ -0,0 +1,10 @@
+{ ... }:
+
+{
+  imports = [
+    ./boot.nix
+    ./filesystem.nix
+  ];
+  system.stateVersion = "23.11";
+}
+
diff --git a/hosts/luna/os/filesystem.nix b/hosts/luna/os/filesystem.nix
index decd922..63f5a82 100644
--- a/hosts/luna/os/filesystem.nix
+++ b/hosts/luna/os/filesystem.nix
@@ -3,22 +3,6 @@
   imports =
     [ (modulesPath + "/profiles/qemu-guest.nix") ];
 
-  boot = {
-    initrd = {
-      availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
-      kernelModules = [ ];
-    };
-    loader = {
-      systemd-boot.enable = true;
-      efi.canTouchEfiVariables = true;
-    };
-    kernelModules = [ "kvm-intel" ];
-    extraModulePackages = [ ];
-  };
-
-  swapDevices = [{ device = "/dev/disk/by-label/NixOS-Swap"; }];
-  swapDevices = [{ device = "/swap/swapfile"; }];
-
   fileSystems = {
     "/" = {
       device = "none";