Restructure

hosts/case/configuration.nix

@@ -0,0 +1,38 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, inputs, ... }:
+
+{
+  imports =
+    [ # Include the results of the hardware scan.
+      ./hardware-configuration.nix
+      ../modules/base.nix
+      ../modules/desktop.nix
+    ];
+
+  # Bootloader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "case"; # Define your hostname.
+  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
+
+  # run locutus every hour
+  services.cron = {
+    enable = true;
+    systemCronJobs = [
+      "27 * * * * root locutus backup 2>&1 | logger -t locutus-backup"
+    ];
+  };
+  environment.etc."locutus/locutus.toml".source = ./locutus.toml;
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "25.05"; # Did you read the comment?
+}

hosts/case/hardware-configuration.nix

@@ -0,0 +1,42 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "uas" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/aae2c333-b946-4b26-9e1d-131f9f5867b4";
+      fsType = "btrfs";
+      options = [ "subvol=@" ];
+    };
+
+  boot.initrd.luks.devices."luks-956ea314-17ec-4d83-9374-b53898121c8c".device = "/dev/disk/by-uuid/956ea314-17ec-4d83-9374-b53898121c8c";
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/6517-A052";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

hosts/case/locutus.toml

@@ -0,0 +1,60 @@
+[includes]
+paths = [
+	"/etc",
+	"/root",
+	"/srv",
+	"/var/spool",
+	"/home"
+]
+
+[excludes]
+paths = [
+	"*.bak",
+	"*.venv",
+	"*.mypy_cache",
+	"*/.cache",
+	"*.config/*Cache/",
+	"*.config/*cache/",
+	"*.config/borg/security/",
+	"*.config/Signal",
+	"*.config/discord",
+	"*.config/microsoft-edge",
+	"*/Cache*",
+	"*/mnt",
+	"/home/*/.cache",
+	"/home/*/.cargo",
+	"/home/*/.local/*/Trash",
+	"/home/*/.local/lib",
+	"/home/*/.local/pipx",
+	"/home/*/.local/share/atuin",
+	"/home/*/.local/share/nvim",
+	"/home/*/.local/share/uv",
+	"/home/*/.mozilla",
+	"/home/*/.npm",
+	"/home/*/CMakeFiles",
+	"/home/*/Downloads",
+	"/home/*/downloads",
+	"/home/*/nextcloud",
+	"/home/*/snap",
+	"/home/*/software",
+	"/home/*/venv",
+	"/home/*/workspace/*.obj",
+	"/home/*/workspace/*.obj.d",
+	"/home/*/workspace/_*",
+	"/home/*/.rustup",
+	"/nix",
+	"/dev",
+	"/proc",
+	"/sys",
+	"/tmp",
+	"/run"
+]
+
+[prune]
+keep_last    = 7
+keep_daily   = 7
+keep_weekly  = 4
+keep_monthly = 6
+
+[compact]
+enabled = true

hosts/modules/base.nix

@@ -0,0 +1,123 @@
+{ config, pkgs, inputs, ... }:
+{
+  # Define a user account. Don't forget to set a password with ‘passwd’.
+  users.users.alex = {
+    isNormalUser = true;
+    description = "Alexander Wainwright";
+    extraGroups = [ "networkmanager" "wheel" ];
+    packages = with pkgs; [
+    #  thunderbird
+    ];
+    shell = pkgs.fish;
+  };
+
+  # Enable networking
+  networking.networkmanager.enable = true;
+
+  networking.firewall.allowedTCPPorts = [ 8000 ];
+
+  # Set your time zone.
+  time.timeZone = "Australia/Brisbane";
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "en_GB.UTF-8";
+
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "en_AU.UTF-8";
+    LC_IDENTIFICATION = "en_AU.UTF-8";
+    LC_MEASUREMENT = "en_AU.UTF-8";
+    LC_MONETARY = "en_AU.UTF-8";
+    LC_NAME = "en_AU.UTF-8";
+    LC_NUMERIC = "en_AU.UTF-8";
+    LC_PAPER = "en_AU.UTF-8";
+    LC_TELEPHONE = "en_AU.UTF-8";
+    LC_TIME = "en_AU.UTF-8";
+  };
+
+  # Configure console keymap
+  console.keyMap = "dvorak";
+
+  # fish shell
+  programs.fish.enable = true;
+
+  # Create a library path that only applies to unpackaged programs by using
+  # nix-ldo
+  # https://nix.dev/guides/faq#how-to-run-non-nix-executables
+  programs.nix-ld.enable = true;
+  programs.nix-ld.libraries = with pkgs; [
+    # Add any missing dynamic libraries for unpackaged programs
+    # here, NOT in environment.systemPackages
+  ];
+
+  # Allow unfree packages
+  nixpkgs.config.allowUnfree = true;
+
+  # Enable the Flakes feature and the accompanying new nix command-line tool
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+
+  # Enable zeroconf
+  services.avahi = {
+    enable = true;
+    nssmdns4 = true; # Enables Avahi for name service lookups (e.g., in /etc/nsswitch.conf)
+    publish = {
+      enable = true;
+      addresses = true; # Publish your laptop's IP addresses
+      workstation = true; # Publish your laptop as a workstation
+      # You might also want:
+      # domain = true; # Announce the locally used domain name (usually .local)
+      # userServices = true; # Publish services advertised by users
+    };
+    # If you're using systemd-resolved alongside Avahi, ensure mDNS is also enabled there:
+    # services.resolved.enable = true;
+    # services.resolved.extraConfig = "MulticastDNS=yes";
+  };
+
+  environment.variables.EDITOR = "nvim";
+
+  # Some programs need SUID wrappers, can be configured further or are
+  # started in user sessions.
+  # programs.mtr.enable = true;
+  # programs.gnupg.agent = {
+  #   enable = true;
+  #   enableSSHSupport = true;
+  # };
+
+  # Enable the OpenSSH daemon.
+  services.openssh.enable = true;
+
+  # Open ports in the firewall.
+  # networking.firewall.allowedTCPPorts = [ ... ];
+  # networking.firewall.allowedUDPPorts = [ ... ];
+  # Or disable the firewall altogether.
+  # networking.firewall.enable = false;
+
+  # Packages
+  environment.systemPackages = with pkgs; [
+    avahi
+    bat
+    borgbackup
+    cifs-utils
+    duf
+    dust
+    entr
+    fd
+    git
+    neovim
+    python314
+    ripgrep
+    rsync
+    silver-searcher
+    tldr
+    unzip
+    uv
+    wget
+    zip
+
+    binutils
+    cmake
+    gcc
+    clang
+    gnumake
+    libtool
+  ];
+}

hosts/modules/desktop.nix

@@ -0,0 +1,48 @@
+{ config, pkgs, inputs, ... }:
+{
+  # Enable the X11 windowing system.
+  services.xserver.enable = true;
+
+  # Enable the GNOME Desktop Environment.
+  services.xserver.displayManager.gdm.enable = true;
+  services.xserver.desktopManager.gnome.enable = true;
+
+  # Configure keymap in X11
+  services.xserver.xkb = {
+    layout = "us";
+    variant = "dvorak";
+  };
+
+  # Enable CUPS to print documents.
+  services.printing.enable = true;
+
+  # Enable sound with pipewire.
+  services.pulseaudio.enable = false;
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+    # If you want to use JACK applications, uncomment this
+    #jack.enable = true;
+
+    # use the example session manager (no others are packaged yet so this is enabled by default,
+    # no need to redefine it in your config for now)
+    #media-session.enable = true;
+  };
+
+  # Mullvad vpn
+  services.mullvad-vpn.package = pkgs.mullvad-vpn;
+
+  # Enable touchpad support (enabled default in most desktopManager).
+  # services.xserver.libinput.enable = true;
+
+  # Install firefox.
+  programs.firefox.enable = true;
+
+  environment.systemPackages = with pkgs; [
+    inputs.locutus.packages.${pkgs.system}.default
+    mullvad-vpn
+  ];
+}