From 2c36272339d97377be6c9006e78bfd3c761e1422 Mon Sep 17 00:00:00 2001
From: Felix Albrigtsen <felix@albrigtsen.it>
Date: Tue, 3 Jun 2025 08:37:13 +0200
Subject: [PATCH] WIP: new host fa-t14-2025

---
 flake.nix                           |  3 +
 hosts/fa-t14-2025/configuration.nix | 59 +++++++++++++++++++
 hosts/fa-t14-2025/desktop.nix       | 56 ++++++++++++++++++
 hosts/fa-t14-2025/home.nix          | 90 +++++++++++++++++++++++++++++
 4 files changed, 208 insertions(+)
 create mode 100644 hosts/fa-t14-2025/configuration.nix
 create mode 100644 hosts/fa-t14-2025/desktop.nix
 create mode 100644 hosts/fa-t14-2025/home.nix

diff --git a/flake.nix b/flake.nix
index 9f5b830..a5e8ec6 100644
--- a/flake.nix
+++ b/flake.nix
@@ -103,6 +103,9 @@
         # Work desktop
         felixalbpc = normalSys "felixalbpc" { };
 
+        # Work laptop
+        felixalbpc = normalSys "fa-t14-2025" { };
+
         # Web host
         malcolm = normalSys "malcolm" { };
 
diff --git a/hosts/fa-t14-2025/configuration.nix b/hosts/fa-t14-2025/configuration.nix
new file mode 100644
index 0000000..873f638
--- /dev/null
+++ b/hosts/fa-t14-2025/configuration.nix
@@ -0,0 +1,59 @@
+{ config, pkgs, lib, ... }:
+
+{
+  imports =
+    [
+      ../../base.nix
+      ./hardware-configuration.nix
+
+      ./desktop.nix
+  ];
+
+  networking = {
+    networkmanager.enable = true;
+    # interfaces.eno1 = {
+    #   useDHCP = true;
+    #   tempAddress = "disabled";
+    # };
+
+    tempAddresses = "disabled";
+    hostName = "fa-t14-2025";
+    nameservers = [ "1.1.1.1" "1.0.0.1" ];
+    domain = "mktv.local";
+    hostId = "f458d6aa";
+
+    search = [
+      "mktv.no"
+      "mktv.local"
+    ];
+
+    # firewall.extraCommands = ''
+    #   # IT VPN
+    #   iptables -I nixos-fw -p tcp -m tcp --dport 22 --source 129.241.117.0/24 -j nixos-fw-accept
+    #   ip6tables -I nixos-fw -p tcp -m tcp --dport 22 --source 2001:700:301:12::/63 -j nixos-fw-accept
+    # '';
+
+    # firewall.extraStopCommands = ''
+    #   iptables -F nixos-fw
+    #   ip6tables -F nixos-fw
+    # '';
+  };
+
+  console.keyMap = "no";
+
+  nixpkgs.config = {
+    allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
+      "copilot.vim"
+    ];
+  };
+
+  services.openssh.openFirewall = false;
+
+  users.users.felixalb = {
+    uid = 1000;
+    openssh.authorizedKeys.keys = [ ];
+    extraGroups = [ "networkmanager" ];
+  };
+
+  system.stateVersion = "25.05";
+}
diff --git a/hosts/fa-t14-2025/desktop.nix b/hosts/fa-t14-2025/desktop.nix
new file mode 100644
index 0000000..753d525
--- /dev/null
+++ b/hosts/fa-t14-2025/desktop.nix
@@ -0,0 +1,56 @@
+{ config, pkgs, lib, ... }:
+{
+  hardware.graphics.enable = true;
+  services.xserver = {
+    enable = true;
+    xkb = {
+      options = "ctrl:nocaps";
+      layout = "no";
+    };
+  };
+  services.displayManager.ly.enable = true;
+  services.gnome.gnome-keyring.enable = true;
+
+  programs.hyprland = {
+    enable = true;
+    xwayland.enable = true;
+  };
+
+  # Audio
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    pulse.enable = true;
+    jack.enable = true;
+  };
+  hardware.pulseaudio.enable = false;
+
+
+  # Fonts
+  fonts = {
+    fontDir.enable = true;
+    packages = with pkgs; [
+      noto-fonts
+      noto-fonts-emoji
+      noto-fonts-cjk-sans
+      font-awesome
+      fira-code
+      hack-font
+      (nerdfonts.override {
+        fonts = [
+          "Hack"
+        ];
+      })
+    ];
+  };
+
+  # Misc:
+  xdg.portal = {
+    enable = true;
+    wlr.enable = true;
+  };
+  location.provider = "geoclue2";
+  security.polkit.enable = true;
+  services.dbus.packages = [ pkgs.gcr ];
+  services.openssh.settings.X11Forwarding = true;
+}
diff --git a/hosts/fa-t14-2025/home.nix b/hosts/fa-t14-2025/home.nix
new file mode 100644
index 0000000..cfb669b
--- /dev/null
+++ b/hosts/fa-t14-2025/home.nix
@@ -0,0 +1,90 @@
+{ pkgs, lib, ... }:
+let
+  emailAddress = "felix.albrigtsen@mktv.no";
+in {
+  imports = [
+    ./../../home/base.nix
+    ./../../home/alacritty.nix
+  ];
+
+  home.packages = with pkgs; [
+    bc
+    catimg
+    chromium
+    dig
+    element-desktop
+    hunspellDicts.en_US
+    hunspellDicts.nb_NO
+    jq
+    libreoffice
+    mpv
+    oauth2ms
+    openssl
+    pwgen
+    traceroute
+    virt-manager
+    w3m
+
+    # Window Manager Extras
+    bibata-cursors
+    cliphist
+    hyprcursor
+    hypridle
+    hyprlock
+    hyprpaper
+    hyprshot
+    hyprswitch
+    nautilus
+    rofi-rbw-wayland
+    swaynotificationcenter
+    waybar
+    wl-clipboard
+
+    (python312.withPackages (ps: with ps; [
+      numpy
+      pycryptodome
+      requests
+    ]))
+  ];
+
+  programs = {
+    aerc = {
+      enable = true;
+      package = pkgs.aerc;
+    };
+    firefox.enable = true;
+    git.extraConfig.user.email = emailAddress;
+    rbw = {
+      enable = true;
+      settings = {
+        base_url = "https://vault.mktv.no";
+        email = emailAddress;
+        pinentry = pkgs.pinentry-rofi;
+      };
+    };
+    rofi = {
+      enable = true;
+      theme = "iggy";
+    };
+    zsh = {
+      shellAliases."rebuild" = "sudo nixos-rebuild switch --flake /config";
+      prezto.pmodules = [ "ssh" ];
+    };
+
+    neovim.plugins = with pkgs.vimPlugins; [ copilot-vim ];
+  };
+
+  xdg.mimeApps = {
+    enable = true;
+
+    defaultApplications = {
+      "text/html" = "firefox.desktop";
+      "x-scheme-handler/http" = "firefox.desktop";
+      "x-scheme-handler/https" = "firefox.desktop";
+      "x-scheme-handler/about" = "firefox.desktop";
+      "x-scheme-handler/unknown" = "firefox.desktop";
+    };
+  };
+
+  home.stateVersion = "25.05";
+}