Add Saurosuchus system configuration
Change-Id: I0238c3eba8e1f0ec833f810b3c05cd1b558e442f
Reviewed-on: https://git.clicks.codes/c/Chimera/NixFiles/+/641
Tested-by: Samuel Shuert <coded@clicks.codes>
Reviewed-by: Skyler Grey <minion@clicks.codes>
diff --git a/systems/x86_64-linux/saurosuchus/console/default.nix b/systems/x86_64-linux/saurosuchus/console/default.nix
new file mode 100644
index 0000000..f4dfde3
--- /dev/null
+++ b/systems/x86_64-linux/saurosuchus/console/default.nix
@@ -0,0 +1,4 @@
+{ ... }:
+{
+ console.keyMap = "uk";
+}
diff --git a/systems/x86_64-linux/saurosuchus/default.nix b/systems/x86_64-linux/saurosuchus/default.nix
new file mode 100644
index 0000000..a0106ab
--- /dev/null
+++ b/systems/x86_64-linux/saurosuchus/default.nix
@@ -0,0 +1,15 @@
+{ ... }:
+{
+ imports = [
+ ./console
+ ./games
+ ./hardware/boot
+ ./hardware/cpu
+ ./hardware/filesystems
+ ./networking
+ ./openrgb
+ ./users
+ ./time
+ ./yubikey
+ ];
+}
diff --git a/systems/x86_64-linux/saurosuchus/games/default.nix b/systems/x86_64-linux/saurosuchus/games/default.nix
new file mode 100644
index 0000000..aa603bc
--- /dev/null
+++ b/systems/x86_64-linux/saurosuchus/games/default.nix
@@ -0,0 +1,3 @@
+{ ... }: {
+ chimera.games.steam.enable = true;
+}
\ No newline at end of file
diff --git a/systems/x86_64-linux/saurosuchus/hardware/boot/default.nix b/systems/x86_64-linux/saurosuchus/hardware/boot/default.nix
new file mode 100644
index 0000000..360a866
--- /dev/null
+++ b/systems/x86_64-linux/saurosuchus/hardware/boot/default.nix
@@ -0,0 +1,41 @@
+{ config, ... }:
+{
+ boot.initrd.availableKernelModules = [
+ "nvme"
+ "xhci_pci"
+ "ahci"
+ "usbhid"
+ "sd_mod"
+ "ext4"
+ ];
+ boot.initrd.kernelModules = [
+ "kvm-amd"
+ ];
+ boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
+ boot.kernelModules = [
+ "nvidia"
+ "v4l2loopback"
+ ];
+ boot.kernel.sysctl."kernel.sysrq" = 1;
+
+ boot.loader.systemd-boot.enable = true;
+ boot.loader.efi.canTouchEfiVariables = true;
+
+ boot.initrd = {
+ systemd.enable = true; # Needed for the way we do our YubiKey
+ luks.devices."key".device = "/dev/disk/by-uuid/f3547d7f-707e-4b17-a22b-d31b6af0a67a";
+ luks.devices."MAIN" = { # NVME, main storage, boot, etc (1TB)
+ device = "/dev/disk/by-uuid/5183512d-92c1-4272-a746-8518ff7cde4b";
+ keyFile = "/key:/dev/mapper/key";
+ };
+ luks.devices."LFS" = { # PS3 HDD (0.5TB)
+ device = "/dev/disk/by-uuid/2c636fd7-c664-46f7-986d-448d3ed60d28";
+ keyFile = "/key:/dev/mapper/key";
+ };
+ # Commenting this out as it's the drive that's running while I'm writing the config
+ # luks.devices."BACKUP" = { # HDD (1TB)
+ # device = "/dev/disk/by-uuid/CHANGE_ME";
+ # keyFile = "/key:/dev/mapper/key";
+ # };
+ };
+}
diff --git a/systems/x86_64-linux/saurosuchus/hardware/cpu/default.nix b/systems/x86_64-linux/saurosuchus/hardware/cpu/default.nix
new file mode 100644
index 0000000..c019598
--- /dev/null
+++ b/systems/x86_64-linux/saurosuchus/hardware/cpu/default.nix
@@ -0,0 +1,4 @@
+{ lib, config, ... }:
+{
+ hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
diff --git a/systems/x86_64-linux/saurosuchus/hardware/filesystems/default.nix b/systems/x86_64-linux/saurosuchus/hardware/filesystems/default.nix
new file mode 100644
index 0000000..112b07e
--- /dev/null
+++ b/systems/x86_64-linux/saurosuchus/hardware/filesystems/default.nix
@@ -0,0 +1,28 @@
+{ ... }:
+{
+ fileSystems."/" = {
+ device = "/dev/mapper/MAIN";
+ fsType = "btrfs";
+ };
+
+ fileSystems."/lfs" = {
+ device = "/dev/mapper/LFS";
+ fsType = "ext4";
+ };
+
+ # fileSystems."/backups" = {
+ # device = "/dev/mapper/BACKUP";
+ # fsType = "btrfs";
+ # };
+
+ fileSystems."/boot" = {
+ device = "/dev/disk/by-uuid/DCBE-AA38";
+ fsType = "vfat";
+ };
+
+ swapDevices = [
+ {
+ device = "/dev/disk/by-uuid/c956d054-0dda-42c1-950d-26aefd3a8135";
+ }
+ ];
+}
diff --git a/systems/x86_64-linux/saurosuchus/hardware/video/default.nix b/systems/x86_64-linux/saurosuchus/hardware/video/default.nix
new file mode 100644
index 0000000..93a7b51
--- /dev/null
+++ b/systems/x86_64-linux/saurosuchus/hardware/video/default.nix
@@ -0,0 +1,3 @@
+{ ... }: {
+ chimera.nvidia.enable = true;
+}
diff --git a/systems/x86_64-linux/saurosuchus/networking/default.nix b/systems/x86_64-linux/saurosuchus/networking/default.nix
new file mode 100644
index 0000000..54a83a9
--- /dev/null
+++ b/systems/x86_64-linux/saurosuchus/networking/default.nix
@@ -0,0 +1,7 @@
+{ lib, ... }:
+{
+ networking = {
+ hostName = "saurosuchus";
+ useDHCP = lib.mkDefault true;
+ };
+}
diff --git a/systems/x86_64-linux/saurosuchus/openrgb/default.nix b/systems/x86_64-linux/saurosuchus/openrgb/default.nix
new file mode 100644
index 0000000..ab557ed
--- /dev/null
+++ b/systems/x86_64-linux/saurosuchus/openrgb/default.nix
@@ -0,0 +1 @@
+{ services.hardware.openrgb.enable = true; }
diff --git a/systems/x86_64-linux/saurosuchus/time/default.nix b/systems/x86_64-linux/saurosuchus/time/default.nix
new file mode 100644
index 0000000..00089de
--- /dev/null
+++ b/systems/x86_64-linux/saurosuchus/time/default.nix
@@ -0,0 +1,3 @@
+{ ... }: {
+ time.timeZone = "Europe/London";
+}
diff --git a/systems/x86_64-linux/saurosuchus/users/default.nix b/systems/x86_64-linux/saurosuchus/users/default.nix
new file mode 100644
index 0000000..110aaad
--- /dev/null
+++ b/systems/x86_64-linux/saurosuchus/users/default.nix
@@ -0,0 +1,17 @@
+{ config, ... }:
+{
+ users.users.pinea.hashedPasswordFile =
+ config.sops.secrets."systems/x86_64-linux/saurosuchus/users/passwords.sops.pinea.json:pinea".path;
+
+ chimera.yubikey.pam.enable = true;
+
+ sops.secrets."systems/x86_64-linux/saurosuchus/users/passwords.sops.pinea.json:pinea" = {
+ mode = "0400";
+ owner = config.users.users.root.name;
+ group = config.users.users.root.group;
+ sopsFile = ./passwords.sops.pinea.json;
+ format = "json";
+ key = "pinea";
+ neededForUsers = true;
+ };
+}
diff --git a/systems/x86_64-linux/saurosuchus/users/passwords.sops.pinea.json b/systems/x86_64-linux/saurosuchus/users/passwords.sops.pinea.json
new file mode 100644
index 0000000..58fbc91
--- /dev/null
+++ b/systems/x86_64-linux/saurosuchus/users/passwords.sops.pinea.json
@@ -0,0 +1,26 @@
+{
+ "pinea": "ENC[AES256_GCM,data:LCV4tGRvf9VMbZ5rLH5G8T/yMClFD5mp5OnuUsgJ93XYo4HvoBIo9djRhKtCbYakwPfCQ+q0Etr1J/bLgg4o8hwJSFHqpuTU8tIhXfIQq4rvImmHHA9gxHyYjbdkG2QCgWEQMNeBw+ZXaw==,iv:SMhZlyZRDVf3V52pbHU1DLQ+O78khF5P6QiLrrKapA0=,tag:t+SWc16wCpSq4jusIlwLrg==,type:str]",
+ "sops": {
+ "kms": null,
+ "gcp_kms": null,
+ "azure_kv": null,
+ "hc_vault": null,
+ "age": null,
+ "lastmodified": "2024-03-29T22:35:23Z",
+ "mac": "ENC[AES256_GCM,data:ZgNPXGqiocR6ISjxRCAU9ZS62MpPP8Y16pu4zhd0nr6nwoUrDOaAnLoJN2Wpaly2tACbztT26izwvU4nuYOUBksWoE3KnxLJ4TgtpqYS7sVraSEQpBECEe533Nv32ejsCrzLy8HeDB/e1/WRFnBySjXzS+sS4BJE03Ndp+G1mZs=,iv:UO0MroyvSTSML+SSgunTtsDG2tZB7hGC6Dx0tbw3nTw=,tag:Lc0Rvy/wFN6YRCCwUEsFqA==,type:str]",
+ "pgp": [
+ {
+ "created_at": "2024-04-16T17:03:30Z",
+ "enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA9bzf+GUl7kkARAAyo9BEO5nrHM4gul3+fgLvcvpFxWXNGEpHQNdRcrglUVj\nfDKhJsRsnZcojhvQRvlbzFbdG/uerQZBOpvdh0Ry4+w8dVjo53Qv6LsvwBP8ESuk\njWByiP2IZ70H03mN2k7Ym79Ys0JAKUX0KbGopgMgzDgXuViXhlGdSr+69GQhHKYD\n1VO3GlmSxAF5Jve52wOz+uXT5cq8ZzS3P9Wy+ulRHEuOYrebabS+ElEbeJoQH9ue\nSkbiYoLUJQPNst5IkICy/+lMlyB0n19KTmXgMXNKeZO8IO4ZlTsQHFhw2WjU6+0a\n5tW5ohGYlEWPVoe06dPJQ0myoEpIjApCStYgbYGXp8Mwtzbq6T3IioeahOtxTY4H\n0qlQ5KWlAO+IS2tGqjbr4fIp7t6NVKoOdIccVgZqSrgyTgVb4ecWFXe4DG8ny+1Y\ntE5GCmTkyibaCED18V7T7y5clJNp0rdIU4dh7B44gYA+8AfJejHnF0/0SE+PY9I1\nLe3Mlh1ZVoOEVVXA/JHqlIh7ggid8QRbeTNtji0wI8umsz86Sd5UgOqKsbCJMW3y\n5kOGAoI8HIw3xZ9grLuULqwK+t0PKIjwdTJfK7Freiqnf2ZvCQNFi+qr208sEv8e\nj0UGKWcnMIMBcqzVy75WHSndfUlgzdISZaILi22GAlHJJbODeAgN+YRuzH96Z9jS\nXAGhKy+N4HaciZvI2luxQOo5o5LA9nAa0Pcu6ZKGU7JmirXUNNywVgmNGGd9O2uf\n6CcwgDibJhvI6w/8NppB/E9ZVFWIqrSlpLfbSPAH/E8pwsMDszAacxCB3LRe\n=Cmv/\n-----END PGP MESSAGE-----",
+ "fp": "8F50789F12AC6E6206EA870CE5E1C2D43B0E4AB3"
+ },
+ {
+ "created_at": "2024-04-16T17:03:30Z",
+ "enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMA99YH4Z5n7B8AQ//fq/jB2UioZsdj3FRnO1Xe8ZAramC1E3hFBivTTZ/qqdQ\ngfxp8rdiJvuwhyA++ie0NhZf8GpjnsGn9it0ff5du1tMtAnqIKCs3pyeN3GI/dMO\nt197d99EkEIMJ057USVGutSOia4V0A6WpAdc655VEABoDJYgvqOqi05yiYPVPJNi\nBUQfIIbu8O0asFIU/Cb/ZKER0R+4IGIpA36xHcjxKFwf/b+pOeqOXbsJvXbnYgb/\n1DA0DGkBz6ZeQZGd2tEUj0lJPXKBeZEBok9FC0IVshq9TUy1oJGOfQmFT8CobDrY\nHPw+jX5ek8Ts2s+N5aGEUux2NQEuWC+3sIPfKCSWR3xeYQbzWuli+2b+I0HoMERG\ns6c+N9k0rrKlLRisGd7h4knRQ9rLIK1MQpqoGzBV4inGo6HbnbqZvIPRojSF8/4B\nOV0ZqpDPUHDC0+drd9/PUQ27oDZk9zSjAbLYD/c0pfBE3d19TciUW0u5KsCDbeoS\n+rmFWgkiicdKX8xIvswAMzr7rCwWyCCBXpBBKBXYg6PUGJzVdbP+srLq5hb4bbix\nbtNDnIHO/DcPHVB6XHrEYqIvEbmHnaRiwxEC4+8HiBE8L/3DPKucIyazu3uIhu9v\nU+he+I+WBEpWC2rYeRSa0G5w8nwUxJTDuwUX8ac87IKE6Fp0U+KN4xDTrFonuUXS\nVgGZqfwQ6yv2iL+3ATC4RSeW/RkZaCNifJ3uC6mNmuIz5RCBwSpEvBbGjMRuKz8r\nq6ZYyQEzrNJbtS7LAU/KLhwZ6cpDAcDY6z+Di1ROqKh73ESW2XUI\n=dZkX\n-----END PGP MESSAGE-----",
+ "fp": "12f47c96d9066c52897cdf9ddf581f86799fb07c"
+ }
+ ],
+ "unencrypted_suffix": "_unencrypted",
+ "version": "3.8.1"
+ }
+}
\ No newline at end of file
diff --git a/systems/x86_64-linux/saurosuchus/yubikey/default.nix b/systems/x86_64-linux/saurosuchus/yubikey/default.nix
new file mode 100644
index 0000000..5194cd7
--- /dev/null
+++ b/systems/x86_64-linux/saurosuchus/yubikey/default.nix
@@ -0,0 +1,5 @@
+{ config, lib, pkgs, ... }:
+
+{
+ chimera.yubikey.enable = true;
+}