From 95155e9e93050bc4d8721fcac5190c92bc5c1e15 Mon Sep 17 00:00:00 2001
From: Jimbo <jimbo@jimbosfiles.com>
Date: Fri, 18 Oct 2024 15:32:32 -0400
Subject: [PATCH] Add Chromebook to the roster

---
 flake.nix                                     |   2 +
 hosts/firefly/home/default.nix                |   2 +-
 hosts/firefly/system/default.nix              |   5 +-
 hosts/lacros/home/default.nix                 |  22 +++++
 hosts/lacros/id_ed25519.pub                   |   1 +
 hosts/lacros/system/default.nix               |  27 ++++++
 hosts/lacros/system/hardware/default.nix      |  78 ++++++++++++++++++
 .../devices/boot/lanzaboote/default.nix       |   6 +-
 variables/secrets/default.nix                 | Bin 2395 -> 2373 bytes
 9 files changed, 137 insertions(+), 6 deletions(-)
 create mode 100644 hosts/lacros/home/default.nix
 create mode 100644 hosts/lacros/id_ed25519.pub
 create mode 100644 hosts/lacros/system/default.nix
 create mode 100644 hosts/lacros/system/hardware/default.nix

diff --git a/flake.nix b/flake.nix
index 350653c..a4a5f4d 100644
--- a/flake.nix
+++ b/flake.nix
@@ -38,6 +38,7 @@
       firefly = mkNixos [ ./hosts/firefly/system ];
       cyberspark = mkNixos [ ./hosts/cyberspark/system ];
       shuttleworth = mkNixos [ ./hosts/shuttleworth/system ];
+      lacros = mkNixos [ ./hosts/lacros/system ];
     };
 
     # home-manager switch --flake .#username@hostname
@@ -45,6 +46,7 @@
       "jimbo@firefly" = mkHome [ ./hosts/firefly/home ] nixpkgs.legacyPackages.x86_64-linux;
       "jimbo@cyberspark" = mkHome [ ./hosts/cyberspark/home ] nixpkgs.legacyPackages.x86_64-linux;
       "jimbo@shuttleworth" = mkHome [ ./hosts/shuttleworth/home ] nixpkgs.legacyPackages.aarch64-linux;
+      "jimbo@lacros" = mkHome [ ./hosts/lacros/home ] nixpkgs.legacyPackages.x86_64-linux;
     };
   };
 }
diff --git a/hosts/firefly/home/default.nix b/hosts/firefly/home/default.nix
index 4bd077b..d6d513d 100644
--- a/hosts/firefly/home/default.nix
+++ b/hosts/firefly/home/default.nix
@@ -8,9 +8,9 @@
     ../../../modules/home/settings
     ../../../modules/home/programs
     ../../../modules/home/programs/misc/production
-    ../../../modules/home/programs/misc/school
     ../../../modules/home/programs/misc/gaming/launchers
     ../../../modules/home/programs/misc/gaming/xash3d
+    ../../../modules/home/programs/misc/school
     ../../../modules/home/sway
     ../../../modules/home/utils
 
diff --git a/hosts/firefly/system/default.nix b/hosts/firefly/system/default.nix
index 343e7f9..652005e 100644
--- a/hosts/firefly/system/default.nix
+++ b/hosts/firefly/system/default.nix
@@ -1,4 +1,4 @@
-{ lanzaboote, ... }:
+{ ... }:
 {
   imports = [
     ./hardware
@@ -21,9 +21,6 @@
     # Misc
     ../../../overlays
     ../../../variables
-
-    # Imports
-    lanzaboote.nixosModules.lanzaboote
   ];
 
   networking.hostName = "firefly";
diff --git a/hosts/lacros/home/default.nix b/hosts/lacros/home/default.nix
new file mode 100644
index 0000000..75cd42e
--- /dev/null
+++ b/hosts/lacros/home/default.nix
@@ -0,0 +1,22 @@
+{ config, nur, ... }:
+{
+  imports = [
+    # Apps and programs
+    ../../../modules/home
+    ../../../modules/home/users
+    ../../../modules/home/files
+    ../../../modules/home/settings
+    ../../../modules/home/programs
+    ../../../modules/home/programs/misc/remote-desktop
+    ../../../modules/home/sway
+    ../../../modules/home/utils
+
+    # Misc
+    ../../../overlays
+    ../../../variables
+    ../../../variables/look/colors/purple
+
+    # Imports
+    nur.nixosModules.nur
+  ];
+}
diff --git a/hosts/lacros/id_ed25519.pub b/hosts/lacros/id_ed25519.pub
new file mode 100644
index 0000000..84c223c
--- /dev/null
+++ b/hosts/lacros/id_ed25519.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBk6ALxn+zKrRys6/c1oYSoWJaUUEo3nAM224ElhjJQR jimbo@lacros
diff --git a/hosts/lacros/system/default.nix b/hosts/lacros/system/default.nix
new file mode 100644
index 0000000..2e8ad70
--- /dev/null
+++ b/hosts/lacros/system/default.nix
@@ -0,0 +1,27 @@
+{ config, ... }:
+{
+  imports = [
+    ./hardware
+
+    # Apps and programs
+    ../../../modules/system
+    ../../../modules/system/accounts
+    ../../../modules/system/desktop
+    ../../../modules/system/programs
+    ../../../modules/system/services
+
+    # Devices and hardware
+    ../../../modules/system/devices
+    ../../../modules/system/devices/boot/lanzaboote
+    ../../../modules/system/devices/networking/wireless
+    ../../../modules/system/devices/networking/firewall/pc
+    ../../../modules/system/devices/networking/wireguard/pc
+
+    # Extras
+    ../../../overlays
+    ../../../variables
+  ];
+
+  networking.hostName = "lacros";
+  networking.wireguard.interfaces."${config.ips.wgInt}".ips = [ "${config.ips.wgSpan}.18/24" ];
+}
diff --git a/hosts/lacros/system/hardware/default.nix b/hosts/lacros/system/hardware/default.nix
new file mode 100644
index 0000000..021d994
--- /dev/null
+++ b/hosts/lacros/system/hardware/default.nix
@@ -0,0 +1,78 @@
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  boot = {
+    initrd = {
+      availableKernelModules = [
+        "xhci_pci"
+        "usb_storage"
+        "sd_mod"
+        "sdhci_pci"
+      ];
+      kernelModules = [
+        "dm-snapshot"
+        "kvm-intel"
+      ];
+
+      # Encryption and TPM
+      systemd.enable = true;
+      luks.devices = {
+        crypt-mmc = {
+          device = "/dev/disk/by-uuid/5906e176-7ad3-41e5-bc45-ae65664eb10c";
+          preLVM = true;
+          allowDiscards = true;
+        };
+      };
+    };
+  };
+
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
+      fsType = "btrfs";
+      options = [ "subvol=@" "noatime" "nodiratime" "discard" ];
+    };
+    "/home" = {
+      device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
+      fsType = "btrfs";
+      options = [ "subvol=@home" "noatime" "nodiratime" "discard" ];
+    };
+    "/var" = {
+      device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
+      fsType = "btrfs";
+      options = [ "subvol=@var" "noatime" "nodiratime" "discard" ];
+    };
+    "/nix" = {
+      device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
+      fsType = "btrfs";
+      options = [ "subvol=@nix" "noatime" "nodiratime" "discard" ];
+    };
+    "/.snapshots" = {
+      device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
+      fsType = "btrfs";
+      options = [ "subvol=@snapshots" "noatime" "nodiratime" "discard" ];
+    };
+    "/boot" = {
+      device = "/dev/disk/by-uuid/1C76-1006";
+      fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" ];
+    };
+    "/home/jimbo/JimboNFS" = {
+      device = "${config.ips.wgSpan}.1:/export/JimboNFS";
+      fsType = "nfs4";
+      options = ["x-systemd.automount" "_netdev" "nofail" "noauto"];
+    };
+  };
+
+  swapDevices = [
+    { device = "/dev/disk/by-uuid/54a9cc22-4a2c-4e04-a968-313c34481489"; }
+  ];
+
+  networking.useDHCP = lib.mkDefault true;
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
diff --git a/modules/system/devices/boot/lanzaboote/default.nix b/modules/system/devices/boot/lanzaboote/default.nix
index 7a62227..9ba80ba 100644
--- a/modules/system/devices/boot/lanzaboote/default.nix
+++ b/modules/system/devices/boot/lanzaboote/default.nix
@@ -1,5 +1,9 @@
-{ ... }:
+{ lanzaboote, ... }:
 {
+  imports = [
+    lanzaboote.nixosModules.lanzaboote
+  ];
+
   boot.lanzaboote = {
     enable = true;
     pkiBundle = "/etc/secureboot";
diff --git a/variables/secrets/default.nix b/variables/secrets/default.nix
index 38b50a76672facba1208f7fbdf18fa7ebfc8b26d..8b87e6caa270d84f550b321ba00f71ac8873ce8b 100644
GIT binary patch
literal 2373
zcmZWr*>amo5Pi>AOl;k9mE#~lthtp33A7-Dgf?q=h>K;|cLoWR%D-PgaunaZAkp1(
z`gBjv8GeGm)n9-SN0w{901U&xuWz4zegYs)kQ+ximO~?hC<ou0NG$XhtsOKW0H7*?
zH&637$25ep{NL7RLQ5+GRJ(uvYAp4meqJ;EfqDgc1R}KD2m&(>H8;vz1kVk{_O-@%
zs9*Frx7?u4V#MJ?iw3|W*yb<;iI(T*I5YDXV8aMz8iFP`yT}1gq2D@9@HGUvqkW|b
z^64F3kNbw9)@z##9j0R+k|CCiyBBqDyAjTGNWU^Y(K2zFAw|dHRa_mNrp{`9VM<Bp
z>XU<Jb@zv~l8sq)oL|&sQgKDaBVlE%4}nLV&jaW3iZ-iCLTAleOoX9_-^mL>T$om%
zWf1gL3HY#TskN4V;>xgUm`TFcC5|2r-}G4U;dZL;Ro<Ky`ROg)zg--8w;Zd+2;Omb
zZU*f_%ghGy@1`IJg0o$3Mi^?5*`_?(YnYv2re^M`$+?@9rAzk?2{&IIoz0iQGCBzi
zIWYVM91|tEUYz`05aMVYf3Nd4)9@Rj&>Ms_T5P((elb<Fr7dpFeNtKD<A9Wg)iy3x
z9wfuAE<nC0xjTXoxG+NRBovvit3Cww>5FpY^YvlD2))2c*G4i^&&D7f8vc}xS+u48
zg1C}c$lFQRVGir<N}^6S+#KblNYKkX)hgT6HxUu`cb8?tukkyA>XtCz)hmLj3djo?
zRx_2O5LGi`LC(Gu+l7y>bg$2Ey2wF9_9Zoje{fi2ni0So!cmZe!z5q}*%Md!NfIZ#
zGqYVqNJ@FkO(Pb!y>p1nbmcc3+Fm{a$$*BIqZg0_^@%{RM6IK-_07<Y-p6))=2Z^u
zI&lco#|$3(9sP$VR{ZPywk^$ybzEcyd|x8_BM~b2dLqr9bLO*2mCqWbKk7z$Pp>*L
zij&OE!~ZjAjUOo3S#Rx2>3ZOaVU<+n_Vdx>pM@#4zvC$y%G?s%<fJVnY)$J{V48u^
zp~jjzO>!Dfn;c2f25mt`w|J5vD2`w($eTTa;u)PLaMQ9_PA3?gGc3KwSRAR{>NVZm
zsHI>KBS~yv36f<wmZC_SBXFLesa|scn}NMYZekxsO|Y_&dh?6jn~Te8zOhS1^vn5X
zc~Sb<_!L>;96N{e@ib@Og2az6U-uJV8mf-sP^@C*t7E8Jqu0fTyBFRLlU2*nwe%Md
z7C8bs1U(WMj#du}f>{oNII>$(Ni%$P{PpZVJ@r-fO&%V;@AwqD5rfmT&yUU1d90gL
zW>+p*VwTZ_v3z>^Jvy6Ai}KLT^IE|{E#GE+q+Bhib>QPHp+Dk;I&4&{Yu$vWt3Cp7
z)#j#C4_RV-Eo!BWv=BagyUFpxOUw9oKr6I$>zjb{KTBO29-Y{wJm=YaR%Put^JSlB
z9&U?%wZDJR9@f$yfco5MSu^f;QEvmIID<)0H8b2OeY06~m<*Gi`Xgfc|71Pu5>5N`
zz42E#%`oC3Lcq~-2mY;uAFc=8$f^WgtG}gFYD$xOX_Kx)>K&Z!u&=IejO2Yqk1Rgl
zDo#({4d8n3OVNG~wZ5pagkpB{Gon|5Pv`75QpnrHwYS(uOszwZozn!4q-d2`2^J*Q
zs_SzJnnNS+U6Abgt4+o`8pK7FtA=ypIFS`HFB`dUS|1dV_7Sq`5O~MW2Ub`Vu_x@J
z%P36-Vm$0F;_<OcEft#;G3f^Ed1s^(7*6ceNtUL|+#szC!ukwFA7QW64@daswa4!-
zn}aHuyG5)-0krpAI`fT5xvh|Y>LWT|iOV4or$v9XNt@fcVT#<S`Uu$;ufw!^T=bmP
zg$~0p<b~6z<ce-SpBmolBv>wKtvqqkAT+1iiNPb*D&&S~i&+b$`ulT1Qi*1xcpf7u
z79&^|qk6a8b>}6OY`g?VVFX2CEQ1mJ&D-=)QX4NzU|hYFq%e|vZ%5OLtG6~Y490U9
MamB4aYJPqC4-Tf!pa1{>

literal 2395
zcmV-h38eM_M@dveQdv+`0C1|rkX3eNQWxJ@nN8I#zGKW}up}fuC=GM9<dy^Vu!jgt
zomL<)FY2YMJx7_a9-#e8%>S`L^xCeC8lGo3i%9Ex7v_XjbD}!`q(FVqn3#fN%;CS+
zg-Ip^zrZxq>Tryf`z9IiwJ`Z?J<|U&YMM;QExj4Qi!8_zr4V*HAyBvCy};#Z=B_b<
zWy`K9kM&U^Vopr7&sY58{W1hTQ%?%@tRNm5qQIz9p2q@3RF;kbW~n}}AG?Sxlgur8
zP52Lf5k@M|fdamOojjaIuDEg=4yenN->`Ox{zi}v44_w*v*2^>99cT#;m&``j0jvR
zi~>ZV@sOHBi?Z%u60lAPs7y?S3|zm?npbhIpKM);ydaHd6=afBYV9bq*y30*#Znh(
zFo0_Z^fI0)farhT%Dt|7mbjG5_sW{xUjH(=;@T=adAB!_6W+lT{udo>bTsd^z#V0<
zd*`vnI=;h;6!`!U+wiv3+6}bww5>QDc~6Xn!>=dJALGREG}n3QG1X|O@Q$obx1J1g
z_$cu|f0co`js!$5lOa*k8-ZkGT4DBag%L}GRbWk=F;D5CnC3H-KOW5Fy*!tOakftZ
z)K0BW2EtYUlK0q-Vq3$N{Dv*~E$T>7$D5h(Y&Im!VS8o(38XJ$2(&SbnXUnUMb~~f
zVr){rIhE3~^}zBqpWW@$Sq*IX$cX>&infJkk*4HrWE7pJUT2N?XE&Mc9?Qa$L6+z|
ztWa`CGXGE#R{rOo(|`m0n2%1aMWf6}JGSGrQb)hp(zCUtbWz2K!daaBxyi0+%8<*s
z?d&U2#O^9yK1(D0Oonzj7k@g#{&ngp1o1*#K#a|}a9Vvw>poTtE>r)*TvQZWVcw1F
z4H=z7nir2o5DXfZD`V|Rfz|OB0h`INQjfdI!)I<;@Yj%&WaG0ZD+MIYMj>-heV5p!
zXQlMDDBf^35V4+XB-*kdW^cLfe%(w26&M8{GMB;i<6kCsdv9<o0|PYMA)5E@ZW0Hh
zs;6EV-FhoPAsRZs+#B8Y+RF}iZ9AgW(TJ7~ZH#7ApWTHqMB(run?r_1*(v|!(-J?z
z<vv=G%jK)FJY$W{;266_FEUI>5tB*JT!?~alYo}JD50e}JC71OGn~*;`XiX^rR?1M
zRFm4}YLIaisqva>TBiB`!?0{5zPTAUgdZ;E2Nxf7Na(M4FNV$!FlioT>K}$c0w3}>
z0=TpRQwmDLJX^!PYL<dg!cs+<1q@Bx`be3w_OHds?1ETO6!ZcLLLq6@$wg(*n5y53
zWAqo~_P2TC-GPY;Xrk1V_qAzyZ~}+<Q$Da7Z@&}Sj}5`S)2Mqn-}f~=>hK+7UtKr|
zGux@oYY2J@B{&)f--TnC0Klv1#Up<<xTW)C9I|OOOl9)2lH=4--v?Nrt~AzOfoLNo
zk5jry8t@TL`3Y!Y4cW^8k#62xp_n=!keW`oVgTis9o-RgZ|4QW?r7!}C3l6_9w8Lj
zcy%dk0{?zo2!P`vOHM>slOWFjQc<vWa5l(!Pe#vZarvV_D-y66A;DX>wgoSv5*(5c
z=cdZv&Zecnp;ELU_M_eBDt&y8gKf_@vMnHG0D#1hB?QaI8tXO&E{(kU7!n!XTj>*5
zhV_}b;Am~wSih|*px^sLJo~`84M&SUIVfa6ooKq;i>R-;cq>I=PHlk@wp*KbN}BNL
zhQ=BZwTjY<3J<%mAfqlFn2$vj`6*o6lFf!qTjCD*;vUowl^;p4dM@#kqoRkPt+=Ub
zTnTq#hB$>zS27UOgZaI5s}Lif@EJSa)55BJf_Rw{&!IssFOA^sX~gwWNzdo)_NT>R
z4GNnc>I5ies*$2Hik2n3b{Z~Pb^T(&+%YfC3ECPLRO>AN1qL<}=u~%PP@w;rLbbiP
z&?()WaO1AD%k>j<L7#8%y4U$gVX>O0EFFmsoZjfFl#Xa8S)kjLR9H3?Y(7laZe%Kh
zkw=Qh_I15WkRi99>L!ixllRT>COkRdbMzZ0ISeQ;2Bk7?uSI>>=bu5N1KKxifSY1(
zQFf>t53fie&2zJ3vU=w0z8;0jE!_j7B_yYGBwG3qzair#&-A>}XqD`<6OunT%0G?#
z4gAqs^)j=+NqB@9I8jr3D&_Q$7;$Z&%j_{Y`FMBnk!w=}HD^-iB?J!~A+#jMcodE=
zvT~_=Y>RaR@go<duToddBt``uy8a(W83MewrN(6@ka)Vcvf3QM3w{p@(k}O%x*xhU
zOY)K?FG&leN45@Bq{1|<&Al&ZJt^I0f{Q?n_I8VyZWW$^*+l%ht9>aq6PP9nzx5j&
z_L|x(B&(`Za++6<Vb=jdG@%WcSqNLnPNj=Mf9g?PA-9HIdV5_&-ycQEXgJu0QOcrn
z9}H!64C|+sv9k?yxYq91OZM6M?)#A%DdLb}a&=JdjMET|nv;{_O7ioOpG9E?P4?NY
zbFet`FlcRzXYavek+)^i@P37U`U4;7W}EDmI1Mmjt6=#^yUX2lT!t`ikZ{p<hB2CD
z9@vXGvy)mg>vHif^5rEZEuCRoatn*#L@~S`hZ1*-=8qsqAuWR9iD5H9zpl0Z6i8m<
zdflYCG1qO-1Mz#iIVXO}VzgIzFUu)F3um{L16KyaH0L1y?}oomNBFX5?Ft{H7^8Iq
zGomK+`pN{}IE&sF+mW6RIneapcn>IO(HG<IzGP7D+4w)$;Tee0-Qu@LRMPObSF-oK
zDkeV!pk~NfDs9Ejzw=l$9C%scsO@;78qua{rFg|1?PA%&IJvCnxtUr9Aji#W5+@l2
z5nT`B#fd8!ap<#Kene5D5_|%`=Z90S(rw9<a=5*2p*VS@NFdD7()AuPGKwuMZ?h0g
zMpF;oM)n;ctJW!DS|&wZ2Ea<^?T_rI0^sl2J{#Hfn_--0QGxIa%ThK@Vgek?AV))s
zDy%sMW61^y#>iCwG$Zkjc-&@Ssu7Hc|BDd7_NM@32jQbpb%WY=Fa2+KZU0VI_HDnS
z+w5ex#L}Xgl?+hxreHJek3~%5?LmFiw342zZxD(d@`1Z+(%qRbu?>{A7h3x8@r6Dj
z(W4JH*=r>CE7^3TQ1O{~5et<M2=LVX1o3|_0&#_T1S%&{Mld0Ek@lTm=n|5^!mV;S
Ngwo?xsSIMDoVWj-p~wIL