remove last spinning rust

hosts/cube-hardware-configuration.nix

@@ -33,11 +33,6 @@
       fsType = "xfs";
     };
 
-  fileSystems."/storage/muhh" =
-    { device = "/dev/disk/by-uuid/8b716713-359b-4bac-8951-a35405dccd4c";
-      fsType = "xfs";
-    };
-
   swapDevices = [ ];
 
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking

hosts/cube.nix

@@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ config, pkgs, inputs, ... }:
 
 {
   imports =
@@ -113,11 +113,14 @@
       wget
   ];
 
-  fonts.packages = with pkgs; [
-    atkinson-hyperlegible
-    iosevka
-    # secret-config.packages.x86_64-linux.default
-  ];
+  fonts = {
+    enableDefaultPackages = true;
+    packages = with pkgs; [
+      atkinson-hyperlegible
+      nerd-fonts.iosevka
+      # secret-config.packages.x86_64-linux.default
+    ];
+  };
 
 
   programs = {
@@ -144,12 +147,12 @@
     # };
   };
   virtualisation = {
-    docker.enable = true;
+    docker.enable = false;
     libvirtd = {
       enable = true;
     };
     podman = {
-      enable = false;
+      enable = true;
       dockerCompat = true;
     };
   };

hosts/ze-hardware-configuration.nix

@@ -0,0 +1,9 @@
+{ modulesPath, ... }:
+{
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+  boot.loader.grub.device = "/dev/sda";
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
+  boot.initrd.kernelModules = [ "nvme" ];
+  fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
+
+}

hosts/ze-networking.nix

@@ -0,0 +1,33 @@
+{ lib, ... }: {
+  # This file was populated at runtime with the networking
+  # details gathered from the active system.
+  networking = {
+    nameservers = [ "8.8.8.8"
+ ];
+    defaultGateway = "172.31.1.1";
+    defaultGateway6 = {
+      address = "fe80::1";
+      interface = "eth0";
+    };
+    dhcpcd.enable = false;
+    usePredictableInterfaceNames = lib.mkForce false;
+    interfaces = {
+      eth0 = {
+        ipv4.addresses = [
+          { address="188.34.164.224"; prefixLength=32; }
+        ];
+        ipv6.addresses = [
+          { address="2a01:4f8:c013:2152::1"; prefixLength=64; }
+{ address="fe80::9400:3ff:fe70:5f0d"; prefixLength=64; }
+        ];
+        ipv4.routes = [ { address = "172.31.1.1"; prefixLength = 32; } ];
+        ipv6.routes = [ { address = "fe80::1"; prefixLength = 128; } ];
+      };
+
+    };
+  };
+  services.udev.extraRules = ''
+    ATTR{address}=="96:00:03:70:5f:0d", NAME="eth0"
+
+  '';
+}

hosts/ze.nix

@@ -0,0 +1,115 @@
+{ config, pkgs, inputs, ... }:
+
+{
+  imports =
+    [ 
+      ./ze-hardware-configuration.nix
+      ./ze-networking.nix
+      ./common.nix
+    ];
+
+  # Bootloader.
+  boot.loader.systemd-boot.enable = false;
+  boot.loader.grub = {
+    enable = true;
+    device = "nodev";
+    efiSupport = true;
+    useOSProber = true;
+  };
+
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "ze"; # Define your hostname.
+  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
+
+  # Configure network proxy if necessary
+  # networking.proxy.default = "http://user:password@proxy:port/";
+  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+  # Enable networking
+  networking.networkmanager.enable = true;
+
+  networking.hosts = {
+  #   "178.63.121.197" = ["www.boell.de"];
+  };
+
+  # Workaround for broken networkmanager/systemd thing
+  # https://github.com/NixOS/nixpkgs/issues/180175#issuecomment-1658731959
+  systemd.services.NetworkManager-wait-online = {
+    serviceConfig = {
+      ExecStart = [ "" "${pkgs.networkmanager}/bin/nm-online -q" ];
+    };
+  };
+
+  security = {
+    sudo = {
+      wheelNeedsPassword = false;
+    };
+  };
+  services.openssh = {
+    enable = true;
+    settings.PasswordAuthentication = true;
+    settings.PubkeyAuthentication = true;
+  };
+  services.tailscale = {
+    enable = true;
+    authKeyFile = config.sops.secrets.tailscale_auth_key.path;
+  };
+
+  sops.defaultSopsFile = ../secrets/secrets.yaml;
+  sops.age.keyFile = "/home/muhh/.config/sops/age/keys.txt";
+  sops.secrets.tailscale_auth_key = {};
+  # Define a user account. Don't forget to set a password with ‘passwd’.
+  users.users.muhh = {
+    isNormalUser = true;
+    name = "muhh";
+    description = "Markus Heurung";
+    extraGroups = [ "audio" "docker" "libvirtd" "input" "networkmanager" "plugdev" "qemu-libvirtd" "video" "wheel"];
+    shell = pkgs.fish;
+    linger = true;
+  };
+
+  nixpkgs.config = {
+    allowUnfree = true;
+    allowUnfreePredicate = pkg: true;
+  };
+
+  environment.shells = with pkgs; [ bash fish zsh ];
+  environment.systemPackages = with pkgs; [
+      git
+      home-manager
+      mosh
+      neovim
+      vim
+      wget
+  ];
+
+  programs = {
+    fish.enable = true;
+  };
+  virtualisation = {
+    docker.enable = false;
+    libvirtd = {
+      enable = true;
+    };
+    podman = {
+      enable = true;
+      dockerCompat = true;
+    };
+  };
+
+  # Open ports in the firewall.
+  # FIREWALL IS ENABLED BY DEFAULT - muhh
+  # networking.firewall.allowedTCPPorts = [ 19132 ];
+  # networking.firewall.allowedUDPPorts = [ 19132 ];
+  # Or disable the firewall altogether.
+  # networking.firewall.enable = false;
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "23.11"; # Did you read the comment?
+}