commit a33f469099fea315426c7de4df82490b5b58128d
Author: Michael Thomson <michael@michaelthomson.dev>
Date:   Tue Nov 26 12:39:59 2024 -0500

    initial commit

diff --git a/configuration.nix b/configuration.nix
new file mode 100644
index 0000000..cec5c7e
--- /dev/null
+++ b/configuration.nix
@@ -0,0 +1,98 @@
+{
+  config,
+  lib,
+  pkgs,
+  meta,
+  ...
+}: {
+  nix.settings.experimental-features = ["nix-command" "flakes"];
+
+  boot = {
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+    supportedFilesystems = ["nfs"];
+  };
+
+  networking = {
+    hostName = meta.hostname;
+    networkmanager.enable = true;
+    firewall.enable = false;
+  };
+
+  time.timeZone = "America/Toronto";
+
+  environment.systemPackages = with pkgs; [
+    curl
+    neovim
+    git
+    nfs-utils
+  ];
+
+  users = {
+    mutableUsers = false;
+    users = {
+      mthomson = {
+        isNormalUser = true;
+        extraGroups = ["wheel"];
+        hashedPassword = "$y$j9T$z0rPbGIYSfVhMV2O.K4Dv1$sWP1o.2VLv5hDakM65bNp4CxJn8MNxAjcoj3aGRrnZB";
+        openssh.authorizedKeys.keys = [
+          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCqLd5MRSD5GdVmFOgKGRq8t/I8I9xjH2gRMmNHSqtSPYWFx8xT8uOfwyHx1um73tMg99jb4LCs+OpTaTdEyitFygxF/UdSYvAwzP+Lg4p7n6vLljmt0V1i5Zbct3oPM5CKXsUaRZkNyJxB5gJEXe/wKQ3+xj59HV3+m6uw9MO72sI5PKSFIKQFA2LTCYkA2NfO+/VtrLwopcZ+fvIutdUgmaltA3ESWCglocQ+EDXFsdO/h2KUFN6sereT+EBVPC0ePbxWpT9gHZlpeHyPPDnDuj1lUYQisTVKiaRnyFk6FyLYyxquqk+kHX0vSGD/+tBQ/+NoE/ckp2XvjrM48M3+LqtTcOi5RnTHZFuP9NgKxUQyCGOntocNVJ50puLWgr1joFUdHABo3Xjaik0np0FL5QsfYFbNxY6x94OWUxYFUu+/ZRLMWhA3qab6+FcYo4nYB+VszNYv0kE0Lo0jk9EjACoDc/omS0i5P38wvMekwkE2k54U8CkkE+zB3gXtCATE+kN9/ueOy5W4xHhvnoRmMpFza2xO3LPIVB8mVTUiBRfwgz2+psb/AHQwsmORS9BzfA8QdaM1kbbmZo1F1iw8+m1ZCatos2xkcWgMwKfiT2224hZ7DsM+DAZ4IYQzxT7OBYknh7lX3kQeeficqF3Dlg2QLuAlOdnDqb2xyCSDyQ=="
+        ];
+      };
+    };
+  };
+
+  services = {
+    openssh = {
+      enable = true;
+      settings = {
+        PasswordAuthentication = false;
+      };
+    };
+    k3s = {
+      enable = true;
+      role =
+        if meta.hostname == "patrick"
+        then "server"
+        else "agent";
+      clusterInit = meta.hostname == "patrick";
+      serverAddr =
+        if meta.hostname == "patrick"
+        then ""
+        else "https://192.168.2.100:6443";
+      tokenFile =
+        if meta.hostname == "patrick"
+        then /var/lib/rancher/k3s/server/token
+        else /var/lib/rancher/k3s/server/agent-token;
+      extraFlags =
+        [
+          "--kubelet-arg=allowed-unsafe-sysctls=net.ipv4.*"
+        ]
+        ++ (
+          if meta.hostname == "patrick"
+          then [
+            "--disable servicelb"
+            "--disable traefik"
+            "--disable local-storage"
+            "--write-kubeconfig-mode \"0644\""
+          ]
+          else []
+        );
+    };
+    openiscsi = {
+      enable = true;
+      name = "${meta.hostname}-initiatorhost";
+    };
+    rpcbind.enable = true;
+  };
+
+  # Fixes for longhorn path mapping
+  systemd.tmpfiles.rules = [
+    "L+ /usr/local/bin - - - - /run/current-system/sw/bin/"
+  ];
+  virtualisation.docker.logDriver = "json-file";
+
+  system.stateVersion = "24.05";
+}
diff --git a/disk-config.nix b/disk-config.nix
new file mode 100644
index 0000000..7c67624
--- /dev/null
+++ b/disk-config.nix
@@ -0,0 +1,33 @@
+{
+  disko.devices = {
+    disk = {
+      main = {
+        device = "/dev/sda";
+        type = "disk";
+        content = {
+          type = "gpt";
+          partitions = {
+            ESP = {
+              type = "EF00";
+              size = "500M";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+                mountOptions = [ "umask=0077" ];
+              };
+            };
+            root = {
+              size = "100%";
+              content = {
+                type = "filesystem";
+                format = "ext4";
+                mountpoint = "/";
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}
diff --git a/flake.lock b/flake.lock
new file mode 100644
index 0000000..e4c2f8a
--- /dev/null
+++ b/flake.lock
@@ -0,0 +1,48 @@
+{
+  "nodes": {
+    "disko": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1732109232,
+        "narHash": "sha256-iYh6h8yueU8IyOfNclbiBG2+fBFcjjUfXm90ZBzk0c0=",
+        "owner": "nix-community",
+        "repo": "disko",
+        "rev": "a0c384e0a3b8bcaed30a6bcf3783f8a7c8b35be4",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "disko",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1731890469,
+        "narHash": "sha256-D1FNZ70NmQEwNxpSSdTXCSklBH1z2isPR84J6DQrJGs=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "5083ec887760adfe12af64830a66807423a859a7",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixpkgs-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "disko": "disko",
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/flake.nix b/flake.nix
new file mode 100644
index 0000000..2a13104
--- /dev/null
+++ b/flake.nix
@@ -0,0 +1,39 @@
+{
+  description = "Michael's NixOS Homelab Flake";
+
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
+    disko = {
+      url = "github:nix-community/disko";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+  };
+
+  outputs = inputs @ {
+    nixpkgs,
+    disko,
+    ...
+  }: let
+    nodes = [
+      "patrick"
+      "spongebob"
+    ];
+  in {
+    nixosConfigurations = builtins.listToAttrs (map (name: {
+        name = name;
+        value = nixpkgs.lib.nixosSystem {
+          specialArgs = {
+            meta = {hostname = name;};
+          };
+          system = "x86_64-linux";
+          modules = [
+            disko.nixosModules.disko
+            ./hardware-configuration.nix
+            ./configuration.nix
+            ./disk-config.nix
+          ];
+        };
+      })
+      nodes);
+  };
+}
diff --git a/hardware-configuration.nix b/hardware-configuration.nix
new file mode 100644
index 0000000..0500ed5
--- /dev/null
+++ b/hardware-configuration.nix
@@ -0,0 +1,25 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}