Add machine kotys

machines/kotys/default.nix

@@ -0,0 +1,95 @@
+{
+  config,
+  pkgs,
+  inputs,
+  nixos-hardware,
+  ...
+}: {
+  imports = [
+    ../../common/users.nix
+    ./hardware-configuration.nix
+  ];
+
+  elss = {
+    # base system
+    base.enable = true;
+    # setup locale and font settings
+    locale.enable = true;
+    # setup sshd
+    sshd.enable = true;
+    # configure zsh
+    zsh.enable = true;
+    # enable X11 with lightdm and i3
+    graphical = {
+      enable = false;
+      # set dpi if used in mobile applications
+      #      dpi = 180;
+    };
+
+    # enable deamon to generate nix-index-db
+    nix-index-db-update.enable = false;
+
+    # add TUD vpn
+    openvpn.enable = false;
+
+    # enable sops
+    sops = {
+      enable = false;
+    };
+
+    # enable server services
+    server = {
+      enable = false;
+      acme.staging = false;
+    };
+
+    # enable wireguard
+    wireguard.enable = false;
+
+    # enable podman
+    container.podman.enable = true;
+
+    # user setup
+    users = {
+      enable = true;
+      admins = ["ellmau"];
+      users = [];
+
+      meta = {
+        ellmau.git = {
+          signDefault = false;
+        };
+      };
+    };
+  };
+  fileSystems."/".options = ["noatime"];
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking = {
+    interfaces.ens3 = {
+      ipv4.addresses = [
+        {
+          address = "213.109.163.8";
+          prefixLength = 22;
+        }
+      ];
+      ipv6.addresses = [
+        {
+          address = "2a03:4000:35:11::";
+          prefixLength = 64;
+        }
+      ];
+    };
+    enableIPv6 = false;
+    defaultGateway = "213.109.160.1";
+    defaultGateway6 = {
+      address = "fe80::1";
+      interface = "ens3";
+    };
+    nameservers = ["8.8.8.8"];
+    # port for a podman container
+    firewall.allowedTCPPorts = [8888];
+  };
+  system.stateVersion = "23.11";
+}

machines/kotys/hardware-configuration.nix

@@ -0,0 +1,38 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/d56cbded-5e03-4fa2-bcfd-3a284bdae664";
+      fsType = "xfs";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/12CE-A600";
+      fsType = "vfat";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/e9ec410f-8e92-4daf-a0b8-90828df6f96f"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.ens3.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}