commit 24e1cf0cbd3fe84d3806cc93617b12453c35b07a
Author: Dennis Schoepf <me@dnsc.io>
Date:   Wed Dec 25 19:41:33 2024 +0100

    Initial commit

diff --git a/flake.lock b/flake.lock
new file mode 100644
index 0000000..8f9a569
--- /dev/null
+++ b/flake.lock
@@ -0,0 +1,49 @@
+{
+  "nodes": {
+    "home-manager": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1734366194,
+        "narHash": "sha256-vykpJ1xsdkv0j8WOVXrRFHUAdp9NXHpxdnn1F4pYgSw=",
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "rev": "80b0fdf483c5d1cb75aaad909bd390d48673857f",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "ref": "release-24.11",
+        "repo": "home-manager",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1734991663,
+        "narHash": "sha256-8T660guvdaOD+2/Cj970bWlQwAyZLKrrbkhYOFcY1YE=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "6c90912761c43e22b6fb000025ab96dd31c971ff",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-24.11",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "home-manager": "home-manager",
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/flake.nix b/flake.nix
new file mode 100644
index 0000000..275cbf0
--- /dev/null
+++ b/flake.nix
@@ -0,0 +1,26 @@
+{
+  description = "dnsc-server NixOS flake";
+
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
+    home-manager = {
+      url = "github:nix-community/home-manager/release-24.11";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+  };
+
+  outputs = {
+    self,
+    nixpkgs,
+    home-manager,
+    ...
+  } @ inputs: let
+    inherit (self) outputs;
+  in {
+    nixosConfigurations.dnsc-server = nixpkgs.lib.nixosSystem {
+      system = "x86_64-linux";
+      specialArgs = {inherit inputs outputs;};
+      modules = [./hosts/dnsc-server/configuration.nix];
+    };
+  };
+}
diff --git a/hosts/dnsc-server/configuration.nix b/hosts/dnsc-server/configuration.nix
new file mode 100644
index 0000000..0a8343b
--- /dev/null
+++ b/hosts/dnsc-server/configuration.nix
@@ -0,0 +1,93 @@
+{
+  inputs,
+  outputs,
+  lib,
+  config,
+  pkgs,
+  ...
+}: {
+  imports =
+    [
+      ./hardware-configuration.nix
+      inputs.home-manager.nixosModules.home-manager
+    ];
+
+  # General
+  time.timeZone = "Europe/Berlin";
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  # Boot
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  # Networking
+  networking.hostName = "dnsc-server";
+  networking.networkmanager.enable = true;
+
+  # My user account
+  users.users.dennis = {
+    description = "dennis";
+    isNormalUser = true;
+    extraGroups = [ "wheel" "networkmanager" ];
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILvXWZOPOJJDAoF+Sx/ZLoAVu6G/7/MAWoknBgMAzjul dennis@dnsc-mac"
+    ];
+  };
+
+  # Home Manager Setup
+  home-manager = {
+    extraSpecialArgs = { inherit inputs outputs; };
+    users = {
+      dennis = import ./home.nix;
+    };
+  };
+
+  # Enable new Nix CLI and flakes
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+
+  # Install system wide packages
+  environment.systemPackages = with pkgs; [
+    git
+    btop
+    neovim
+    wget
+  ];
+
+  # Programs
+  # GnuPG
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+  };
+
+  # Services
+  # SSH Settings
+  services.openssh = {
+    enable = true;
+    settings = {
+      X11Forwarding = false;
+      PermitRootLogin = "no";
+      PasswordAuthentication = false;
+    };
+    openFirewall = true;
+  };
+
+  # Firewall Settings
+  networking.firewall.enable = true;
+  # networking.firewall.allowedTCPPorts = [ ... ];
+  # networking.firewall.allowedUDPPorts = [ ... ];
+
+  # Environment variables
+  environment.variables.EDITOR = "nvim";
+
+  # Copy the NixOS configuration file and link it from the resulting system
+  # (/run/current-system/configuration.nix). This is useful in case you
+  # accidentally delete configuration.nix.
+  # system.copySystemConfiguration = true;
+
+  # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
+  # and migrated your data accordingly.
+  # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
+  system.stateVersion = "24.11";
+}
+
diff --git a/hosts/dnsc-server/hardware-configuration.nix b/hosts/dnsc-server/hardware-configuration.nix
new file mode 100644
index 0000000..57a0d37
--- /dev/null
+++ b/hosts/dnsc-server/hardware-configuration.nix
@@ -0,0 +1,40 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "vmd" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/89318ceb-c0c6-47f2-9cad-99612498bd75";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/EE6C-978E";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/9c843b67-418a-4d11-8700-6a0eb866c02c"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp2s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
diff --git a/hosts/dnsc-server/home.nix b/hosts/dnsc-server/home.nix
new file mode 100644
index 0000000..00927b4
--- /dev/null
+++ b/hosts/dnsc-server/home.nix
@@ -0,0 +1,25 @@
+{ config, pkgs, ... }:
+
+{
+  home.username = "dennis";
+  home.homeDirectory = "/home/dennis";
+  home.stateVersion = "24.11";
+
+  home.packages = with pkgs; [
+    neofetch
+    zip
+    unzip
+    ripgrep
+    fzf
+    iotop
+    iftop
+  ];
+
+  programs.home-manager.enable = true;
+
+  programs.git = {
+    enable = true;
+    userName = "Dennis Schoepf";
+    userEmail = "me@dnsc.io";
+  };
+}