feat: new host - shoukei

Makefile

@@ -13,9 +13,15 @@
 i3: 
 	nixos-rebuild switch --flake .#ai_i3 --use-remote-sudo
 
+s-i3:
+	nixos-rebuild switch --flake .#shoekei_i3 --use-remote-sudo
+
 hypr:
 	nixos-rebuild switch --flake .#ai_hyprland --use-remote-sudo
 
+s-hypr:
+	nixos-rebuild switch --flake .#shoukei_hyprland --use-remote-sudo
+
 i3-debug:
 	nixos-rebuild switch --flake .#ai_i3 --use-remote-sudo --show-trace --verbose
 

README.md

@@ -83,7 +83,7 @@ See [./secrets](./secrets) for details.
 
 For NixOS:
 
-> To deploy this flake from NixOS's official ISO image(purest installation method), please refer to [./hosts/idols/ai/nixos-installer/](./hosts/idols/ai/nixos-installer/)
+> To deploy this flake from NixOS's official ISO image(purest installation method), please refer to [./nixos-installer/](./nixos-installer/)
 
 > Need to restart the machine when switching between `wayland` and `xorg`.
 

flake.nix

@@ -95,18 +95,13 @@
     # nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
     nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
 
-    # add git hooks to format nix code before commit
-    pre-commit-hooks = {
-      url = "github:cachix/pre-commit-hooks.nix";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
-
     # for macos
     nixpkgs-darwin.url = "github:nixos/nixpkgs/nixpkgs-23.11-darwin";
     nix-darwin = {
       url = "github:lnl7/nix-darwin";
       inputs.nixpkgs.follows = "nixpkgs-darwin";
     };
+    nixos-hardware.url = "github:NixOS/nixos-hardware/master";
 
     # home-manager, used for managing user configuration
     home-manager = {
@@ -153,6 +148,12 @@
       inputs.nixpkgs.follows = "nixpkgs";
     };
 
+    # add git hooks to format nix code before commit
+    pre-commit-hooks = {
+      url = "github:cachix/pre-commit-hooks.nix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
     ########################  Some non-flake repositories  #########################################
 
     # AstroNvim is an aesthetic and feature-rich neovim config.

hosts/12kingdoms/shoukei/brcm-firmware/default.nix

@@ -0,0 +1,10 @@
+{pkgs, ...}:
+pkgs.stdenvNoCC.mkDerivation {
+  name = "brcm-firmware";
+  nativeBuildInputs = with pkgs; [gnutar xz];
+  buildCommand = ''
+    dir="$out/lib/"
+    mkdir -p "$dir"
+    tar -axvf ${./firmware.tar.xz} -C "$dir"
+  '';
+}

hosts/12kingdoms/shoukei/brcm-firmware/flake.nix

@@ -0,0 +1,10 @@
+{
+  # a flake for testing
+  inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
+  outputs = {nixpkgs, ...}: let
+    system = "x86_64-linux";
+    pkgs = import nixpkgs {inherit system;};
+  in {
+    packages."${system}".default = pkgs.callPackage ./default.nix {};
+  };
+}

hosts/12kingdoms/shoukei/default.nix

@@ -0,0 +1,48 @@
+{
+  pkgs,
+  nixos-hardware,
+  ...
+} @ args:
+#############################################################
+#
+#  Shoukei - NixOS running on Macbook Pro 2020 I5 16G
+#   https://github.com/NixOS/nixos-hardware/tree/master/apple/t2
+#
+#############################################################
+{
+  imports = [
+    nixos-hardware.nixosModules.apple-t2
+    {hardware.apple-t2.enableAppleSetOsLoader = true;}
+
+    ./hardware-configuration.nix
+    ./impermanence.nix
+  ];
+
+  networking = {
+    hostName = "shoukei"; # Define your hostname.
+    # configures the network interface(include wireless) via `nmcli` & `nmtui`
+    networkmanager.enable = true;
+
+    # Configure network proxy if necessary
+    # proxy.default = "http://user:password@proxy:port/";
+    # proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+    # Configure network proxy if necessary
+    # proxy.default = "http://user:password@proxy:port/";
+    # proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+    defaultGateway = "192.168.5.201";
+    nameservers = [
+      "119.29.29.29" # DNSPod
+      "223.5.5.5" # AliDNS
+    ];
+  };
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "23.11"; # Did you read the comment?
+}

hosts/12kingdoms/shoukei/hardware-configuration.nix

@@ -0,0 +1,130 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}: {
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  hardware.firmware = [
+    (import ./brcm-firmware { inherit pkgs;})
+  ];
+
+  boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod"];
+  boot.initrd.kernelModules = [];
+  boot.kernelModules = ["kvm-intel"];
+  boot.extraModulePackages = [];
+
+  # Use the EFI boot loader.
+  boot.loader.efi.canTouchEfiVariables = true;
+  # depending on how you configured your disk mounts, change this to /boot or /boot/efi.
+  boot.loader.efi.efiSysMountPoint = "/boot";
+  boot.loader.systemd-boot.enable = true;
+
+  # Enable binfmt emulation of aarch64-linux, this is required for cross compilation.
+  boot.binfmt.emulatedSystems = ["aarch64-linux" "riscv64-linux"];
+  # supported fil systems, so we can mount any removable disks with these filesystems
+  boot.supportedFilesystems = lib.mkForce [
+    "ext4"
+    "btrfs"
+    "xfs"
+    "ntfs"
+    "fat"
+    "vfat"
+    "cifs" # mount windows share
+  ];
+
+  # clear /tmp on boot to get a stateless /tmp directory.
+  boot.tmp.cleanOnBoot = true;
+  boot.initrd = {
+    # unlocked luks devices via a keyfile or prompt a passphrase.
+    luks.devices."crypted-nixos" = {
+      device = "/dev/nvme0n1p4";
+      # the keyfile(or device partition) that should be used as the decryption key for the encrypted device.
+      # if not specified, you will be prompted for a passphrase instead.
+      #keyFile = "/root-part.key";
+
+      # whether to allow TRIM requests to the underlying device.
+      # it's less secure, but faster.
+      allowDiscards = true;
+    };
+  };
+
+  # equal to `mount -t tmpfs tmpfs /`
+  fileSystems."/" = {
+    device = "tmpfs";
+    fsType = "tmpfs";
+    # set mode to 755, otherwise systemd will set it to 777, which cause problems.
+    # relatime: Update inode access times relative to modify or change time.
+    options = ["relatime" "mode=755"];
+  };
+
+  fileSystems."/boot" = {
+    device = "/dev/nvme0n1p1";
+    fsType = "vfat";
+  };
+
+  fileSystems."/nix" = {
+    device = "/dev/disk/by-uuid/2f4db246-e65d-4808-8ab4-5365f9dea1ef";
+    fsType = "btrfs";
+    options = ["subvol=@nix" "noatime" "compress-force=zstd:1"];
+  };
+
+  fileSystems."/tmp" = {
+    device = "/dev/disk/by-uuid/2f4db246-e65d-4808-8ab4-5365f9dea1ef";
+    fsType = "btrfs";
+    options = ["subvol=@tmp" "noatime" "compress-force=zstd:1"];
+  };
+
+  fileSystems."/persistent" = {
+    device = "/dev/disk/by-uuid/2f4db246-e65d-4808-8ab4-5365f9dea1ef";
+    fsType = "btrfs";
+    options = ["subvol=@persistent" "noatime" "compress-force=zstd:1"];
+    # impermanence's data is required for booting.
+    neededForBoot = true;
+  };
+
+  fileSystems."/snapshots" = {
+    device = "/dev/disk/by-uuid/2f4db246-e65d-4808-8ab4-5365f9dea1ef";
+    fsType = "btrfs";
+    options = ["subvol=@snapshots" "noatime" "compress-force=zstd:1"];
+  };
+
+  # mount swap subvolume in readonly mode.
+  fileSystems."/swap" = {
+    device = "/dev/disk/by-uuid/2f4db246-e65d-4808-8ab4-5365f9dea1ef";
+    fsType = "btrfs";
+    options = ["subvol=@swap" "ro"];
+  };
+
+  # remount swapfile in read-write mode
+  fileSystems."/swap/swapfile" = {
+    # the swapfile is located in /swap subvolume, so we need to mount /swap first.
+    depends = ["/swap"];
+
+    device = "/swap/swapfile";
+    fsType = "none";
+    options = ["bind" "rw"];
+  };
+
+  swapDevices = [
+    {device = "/swap/swapfile";}
+  ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp230s0f1u1.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp229s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}