wip: feat: Add deertopia.net host

hosts/deertopia.net/configuration.nix

@@ -0,0 +1,88 @@
+{ config, pkgs, lib, disko, sydnix-cli, ... }:
+{
+  imports = [
+    ./hardware-configuration.nix
+    ./disko-config.nix
+  ];
+
+  sydnix = {
+    filesystemType = "btrfs";
+
+    users.users = [
+      "hause"
+    ];
+
+    impermanence = {
+      # enable = true;
+      directories = [
+        # "Warning: Neither /var/lib/nixos nor any of its parents are persisted.
+        # This means all users/groups without specified uids/gids will have them
+        # reassigned on reboot."
+        "/var/lib/nixos"
+        # We don't want to have different ssh keys on reboot, because ssh keys
+        # are expected to consistently identify machines... I think.  I mostly
+        # just think it's annoying to edit ~/.ssh/known_hosts all the time.
+        "/etc/ssh"
+      ];
+      rollback = {
+        # enable = true;
+        device = "/dev/sda2";
+        subvolume = "rootfs";
+      };
+    };
+  };
+
+  boot = {
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = false;
+    };
+  };
+
+  time.timeZone = "America/Denver";
+
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  console = {
+    font = "Lat2-Terminus16";
+    # keyMap = "us";
+    useXkbConfig = true; # use xkb.options in tty.
+  };
+
+  services.xserver.xkb.layout = "us";
+  services.xserver.xkb.options = "caps:escape";
+
+  environment.systemPackages = with pkgs; [
+    neovim
+    git
+    sydnix-cli.packages.x86_64-linux.default
+  ];
+
+  services.openssh.enable = true;
+  services.openssh.settings.PermitRootLogin = "yes";
+
+  # TODO: Move to defaults.
+  users.mutableUsers = false;
+
+  # This option defines the first version of NixOS you have installed on this
+  # particular machine, and is used to maintain compatibility with application
+  # data (e.g. databases) created on older NixOS versions.
+  #
+  # Most users should NEVER change this value after the initial install, for any
+  # reason, even if you've upgraded your system to a new NixOS release.
+  #
+  # This value does NOT affect the Nixpkgs version your packages and OS are
+  # pulled from, so changing it will NOT upgrade your system - see
+  # https://nixos.org/manual/nixos/stable/#sec-upgrading for how to actually do
+  # that.
+  #
+  # This value being lower than the current NixOS release does NOT mean your
+  # system is out of date, out of support, or vulnerable.
+  #
+  # Do NOT change this value unless you have manually inspected all the changes
+  # it would make to your configuration, and migrated your data accordingly.
+  #
+  # For more information, see `man configuration.nix` or
+  # https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
+  system.stateVersion = "24.05"; # Did you read the comment?
+}

hosts/deertopia.net/disko-config.nix

@@ -0,0 +1,73 @@
+# sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/latest -- --mode disko /persist/dots/hosts/nixos-testbed/disko-config.nix
+# time sudo nixos-install --flake /persist/dots#nixos-testbed
+{ lib, ... }:
+{
+  # imports = [ disko.nixosModules.disko ];
+  boot.initrd.supportedFilesystems.btrfs = true;
+  boot.supportedFilesystems.btrfs = true;
+
+  # From Impermanence's README: "Important note: Make sure your persistent
+  # volumes are marked with neededForBoot, otherwise you will run into
+  # problems."
+  fileSystems."/persist".neededForBoot = true;
+
+  disko.devices = {
+    disk = {
+      bootroot = {
+        type = "disk";
+        device = "/dev/sda";
+        content = {
+          type = "gpt";
+          partitions = {
+            ESP = {
+              size = "512M";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+                mountOptions = [ "umask=0077" ];
+              };
+            };
+            root = {
+              size = "100%";
+              content = {
+                type = "btrfs";
+
+                mountpoint = "/root-partition";
+                swap.swapfile.size = "4G";
+
+                # Override existing partitions.
+                extraArgs = [ "-f" ];
+
+                # Subvolumes must set a mountpoint in order to be mounted,
+                # *unless their parent is mounted*.
+                subvolumes = {
+                  # Subvolume names do not necessarily correspond to
+                  # mountpoints, despite the structural resemblance to a file
+                  # path.
+                  "/rootfs" = {
+                    mountpoint = "/";
+                  };
+                  "/nix" = {
+                    mountpoint = "/nix";
+                  };
+                  "/persist" = {
+                    mountpoint = "/persist";
+                  };
+                  "/persist/home" = {
+                    mountpoint = "/persist/home";
+                  };
+                  "/swap" = {
+                    mountpoint = "/.swapvol";
+                    swap.swapfile.size = "4G";
+                  };
+                };
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}

users/hause/default.nix

@@ -0,0 +1,25 @@
+{
+  systemConfiguration = { config, ... }: {
+    isNormalUser = true;
+    # TODO: Don't hard-code `persist`.  Use
+    # config.sydnix.impermanence.persistGroupName.
+    extraGroups = [ "wheel" "persist" ];
+    initialHashedPassword =
+      "$y$j9T$aEFDDwdTZbAc6VQRXrkBJ0$K8wxTGTWDihyX1wxJ.ZMH//wmQFfrGGUkLkxIU0Lyq8";
+  };
+
+  homeConfiguration = { config, lib, pkgs, ... }: {
+    imports = [
+    ];
+
+    sydnix = {
+      sops = {
+        # enable = true;
+        keyFile = "/persist/vault/${config.home.username}/keys/primary";
+      };
+    };
+
+    # Don't touch!
+    home.stateVersion = "18.09";
+  };
+}