From eb34097b7b4f417384e5cce73d2c976af09534cf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ga=C3=ABl=20Reyrol?= <me@gaelreyrol.dev>
Date: Sun, 7 Apr 2024 18:37:17 +0200
Subject: [PATCH] feat(hosts): add iso build

---
 Makefile                             |  3 +++
 flake.nix                            |  6 +++++
 hosts/iso/configuration.nix          | 15 +++++++++++++
 hosts/iso/hardware-configuration.nix | 22 +++++++++++++++++++
 lib/os/default.nix                   | 21 +++++++++---------
 mixins/nix/default.nix               |  1 +
 users/nixos/configuration.nix        | 16 ++++++++++++++
 users/nixos/home.nix                 | 33 ++++++++++++++++++++++++++++
 8 files changed, 107 insertions(+), 10 deletions(-)
 create mode 100644 hosts/iso/configuration.nix
 create mode 100644 hosts/iso/hardware-configuration.nix
 create mode 100644 users/nixos/configuration.nix
 create mode 100644 users/nixos/home.nix

diff --git a/Makefile b/Makefile
index 01c8941..f957d2d 100644
--- a/Makefile
+++ b/Makefile
@@ -34,3 +34,6 @@ pi0-deploy:
 
 apu-deploy:
 	nixos-rebuild switch -j auto --flake .#apu --target-host router@192.168.1.19 --use-remote-sudo -v
+
+iso:
+	nix build .#nixosConfigurations.iso.config.system.build.isoImage
diff --git a/flake.nix b/flake.nix
index cc1e932..686f584 100644
--- a/flake.nix
+++ b/flake.nix
@@ -122,6 +122,12 @@
           host = "thinkpad";
           user = "gael";
         }
+        {
+          system = "x86_64-linux";
+          host = "iso";
+          user = "nixos";
+          iso = true;
+        }
       ];
 
       packages = forSystems ({ pkgs, system }: pkgs.myPkgs);
diff --git a/hosts/iso/configuration.nix b/hosts/iso/configuration.nix
new file mode 100644
index 0000000..c3d9b86
--- /dev/null
+++ b/hosts/iso/configuration.nix
@@ -0,0 +1,15 @@
+{ lib, pkgs, ... }:
+
+{
+  imports = [
+    ./hardware-configuration.nix
+  ];
+
+  console.keyMap = "fr";
+
+  environment.systemPackages = [
+    pkgs.fwupd
+    pkgs.lshw
+    pkgs.tmux
+  ];
+}
diff --git a/hosts/iso/hardware-configuration.nix b/hosts/iso/hardware-configuration.nix
new file mode 100644
index 0000000..62d07a7
--- /dev/null
+++ b/hosts/iso/hardware-configuration.nix
@@ -0,0 +1,22 @@
+{ lib, modulesPath, pkgs, ... }:
+
+{
+  imports = [
+    (modulesPath + "/installer/cd-dvd/installation-cd-minimal.nix")
+    (modulesPath + "/installer/cd-dvd/channel.nix")
+  ];
+
+  nixpkgs.config.allowUnfree = true;
+
+  boot = {
+    kernelPackages = pkgs.unstable.linuxKernel.packages.linux_6_8;
+
+    # Needed for https://github.com/NixOS/nixpkgs/issues/58959
+    supportedFilesystems = lib.mkForce [ "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "ntfs" "cifs" ];
+  };
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+
+  hardware.enableAllFirmware = true;
+  hardware.enableRedistributableFirmware = true;
+}
diff --git a/lib/os/default.nix b/lib/os/default.nix
index 050364f..6686731 100644
--- a/lib/os/default.nix
+++ b/lib/os/default.nix
@@ -4,7 +4,7 @@ let
   inherit (inputs) self nixpkgs sops-nix nur home-manager udev-nix;
 in
 rec {
-  mkNixosSystem = { system, host, user, ... }: nixpkgs.lib.nixosSystem {
+  mkNixosSystem = { system, host, user, iso ? false, ... }: nixpkgs.lib.nixosSystem {
     inherit system;
 
     specialArgs = {
@@ -47,29 +47,30 @@ rec {
         );
       })
 
-      ../../mixins/nix
-      ../../mixins
       ../../hosts/${host}/configuration.nix
       ../../users/${user}/configuration.nix
 
-      sops-nix.nixosModules.sops
-
       home-manager.nixosModules.home-manager
       nur.nixosModules.nur
-      {
+      ({
         home-manager = {
           useGlobalPkgs = true;
           useUserPackages = true;
           users.${user} = builtins.import ../../users/${user}/home.nix;
-          sharedModules = [
+          sharedModules = [] ++ (nixpkgs.lib.optionals (!iso) [
             sops-nix.homeManagerModules.sops
-          ];
+          ]);
         };
+      } // (nixpkgs.lib.optionalAttrs (!iso) {
         sops = {
           defaultSopsFile = ../../secrets/default.yaml;
         };
-      }
-    ];
+      }))
+    ] ++ (nixpkgs.lib.optionals (!iso) [
+      ../../mixins/nix
+      ../../mixins
+      sops-nix.nixosModules.sops
+    ]);
   };
 
   mkNixosSystems = systems: builtins.listToAttrs (
diff --git a/mixins/nix/default.nix b/mixins/nix/default.nix
index 7c0e6c4..f51243a 100644
--- a/mixins/nix/default.nix
+++ b/mixins/nix/default.nix
@@ -40,6 +40,7 @@
         "gael"
         "lab"
         "router"
+        "nixos"
       ];
       secret-key-files = "/var/nix/cache-priv-key.pem";
       trusted-public-keys = [
diff --git a/users/nixos/configuration.nix b/users/nixos/configuration.nix
new file mode 100644
index 0000000..3d98ed5
--- /dev/null
+++ b/users/nixos/configuration.nix
@@ -0,0 +1,16 @@
+{ config, pkgs, ... }:
+
+{
+  users.users.nixos = {
+    isNormalUser = true;
+    description = "NixOS";
+    extraGroups = [ "wheel" "networkmanager" ];
+    shell = pkgs.bash;
+    password = "nixos";
+
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG8l0V91as58J0G8USUuxqnYZH0InHK317UnTurWgkAK gael@tower"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEDaOQVs/WLWCIahRTfAmolgLV2jWL6EasDM6O++rq1M gael@thinkpad"
+    ];
+  };
+}
diff --git a/users/nixos/home.nix b/users/nixos/home.nix
new file mode 100644
index 0000000..fedc955
--- /dev/null
+++ b/users/nixos/home.nix
@@ -0,0 +1,33 @@
+{ config, pkgs, ... }:
+
+{
+  imports = [
+    ../../mixins/activation/home-report-changes.nix
+  ];
+
+  home = {
+    stateVersion = "23.11";
+    sessionVariables = {
+      EDITOR = "vim";
+    };
+  };
+
+  programs = {
+    home-manager.enable = true;
+
+    vim.enable = true;
+    jq.enable = true;
+
+    fzf = {
+      enable = true;
+      tmux.enableShellIntegration = true;
+    };
+
+    tmux = {
+      enable = true;
+      plugins = with pkgs; [
+        tmuxPlugins.tmux-fzf
+      ];
+    };
+  };
+}