chore: merge remote-tracking branch 'refs/remotes/origin/master'

2025-12-04 15:00:13 +01:00 · 2025-09-08 22:17:19 +02:00 · 2025-09-08 22:17:19 +02:00 · fef39fd540
commit fef39fd540
parent 34b09d01ab e7e637b2f6
74 changed files with 2141 additions and 1042 deletions
--- a/hosts/daisy/default.nix
+++ b/hosts/daisy/default.nix
@ -0,0 +1,48 @@
+{
+  pkgs,
+  config,
+  lib,
+  ...
+}:
+{
+  imports = [
+    ./hardware-configuration.nix
+    ./../../modules/core/default.server.nix
+    # ./../../modules/services/violet.nix
+  ];
+
+  networking = {
+    hostName = "daisy";
+    networkmanager.enable = true;
+    firewall = {
+      allowedTCPPorts = [
+        # 80
+        # 443
+        # 25565
+        9123
+      ];
+    };
+  };
+
+  time.timeZone = "Europe/Amsterdam";
+
+  environment.systemPackages = with pkgs; [
+    pkgs.kitty.terminfo
+  ];
+
+  boot = {
+    loader.grub = {
+      enable = true;
+      device = "/dev/sdb";
+      useOSProber = true;
+    };
+    kernelModules = [ "acpi_call" ];
+    extraModulePackages =
+      with config.boot.kernelPackages;
+      [
+        acpi_call
+        cpupower
+      ]
+      ++ [ pkgs.cpupower-gui ];
+  };
+}
--- a/hosts/desktop/hardware-configuration.nix
+++ b/hosts/desktop/hardware-configuration.nix
@ -8,23 +8,18 @@
    [ (modulesPath + "/installer/scan/not-detected.nix")
    ];

-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "uhci_hcd" "hpsa" "mpt3sas" "usb_storage" "usbhid" "sd_mod" ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];

  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/6b518d54-a144-42fe-b500-b6651038bbcc";
+    { device = "/dev/disk/by-uuid/02aaca49-be45-42ad-ba44-6f5dbfe9032e";
      fsType = "ext4";
    };

-  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/D1A5-9B92";
-      fsType = "vfat";
-    };
-
  swapDevices =
-    [ { device = "/dev/disk/by-uuid/2d69abc2-3d44-481b-ada8-b436c2b9c8c2"; }
+    [ { device = "/dev/disk/by-uuid/40aff86f-c371-4f7f-ab62-5665c4f1c071"; }
    ];

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
@ -32,10 +27,11 @@
  # still possible to use this option, but it's recommended to use it in conjunction
  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno2.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno3.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno4.useDHCP = lib.mkDefault true;

  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }
--- a/hosts/dandelion/default.nix
+++ b/hosts/dandelion/default.nix
@ -14,10 +14,9 @@

  users.users.liv.openssh.authorizedKeys.keys = [
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOLdcB5JFWx6OK2BAr8J0wPHNhr2VP2/Ci6fv3a+DPfo liv@violet" # allow violet to log in over ssh to do back ups
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDi8gt51xGRzLSqaNr1LKSdrJ0VHps8U8FME71YCrs6K liv@posy" # allow posy to log in over ssh to mount music folder
  ];

-  networking.hostName = "dandelion";
-
  liv.server.enable = true;

  nixpkgs.config.permittedInsecurePackages = [
@ -27,8 +26,34 @@

  time.timeZone = "Europe/Amsterdam";

+  networking = {
+    hostName = "dandelion";
+    firewall = {
+      allowedTCPPorts = [
+        5201
+      ];
+      allowedUDPPorts = [
+        5201
+      ];
+      interfaces."ens4s1".allowedTCPPorts = [
+        # allow everything for local link
+        {
+          from = 1;
+          to = 65354;
+        }
+      ];
+      interfaces."ens4s1".allowedUDPPorts = [
+        # allow everything for local link
+        {
+          from = 1;
+          to = 65354;
+        }
+      ];
+    };
+  };
+
  systemd.network.networks."99-local" = {
-    matchConfig.name = "ens3s1";
+    matchConfig.name = "ens4s1";
    address = [
      "192.168.1.100/24"
    ];
@ -60,10 +85,22 @@
    trim.enable = true;
  };

-  # boot.zfs.extraPools = [ "terrabite" ];
+  boot.zfs.extraPools = [
+    "spinners"
+  ];

-  # fileSystems."/terrabite/main" = {
-  #   device = "terrabite/main";
-  #   fsType = "zfs";
+  # fileSystems = {
+  #   "/spinners/rootvol" = {
+  #     device = "spinners/rootvol";
+  #     fsType = "zfs";
+  #   };
+  #   "/spinners/ahwx" = {
+  #     device = "spinners/ahwx";
+  #     fsType = "zfs";
+  #   };
+  #   "/spinners/violet" = {
+  #     device = "spinners/violet";
+  #     fsType = "zfs";
+  #   };
  # };
 }
--- a/hosts/desktop/default.nix
+++ b/hosts/desktop/default.nix
@ -1,15 +0,0 @@
-{ pkgs, ... }:
-{
-  imports = [
-    ./hardware-configuration.nix
-    ./../../modules/core
-  ];
-
-  nixpkgs.config.permittedInsecurePackages = [
-    "jitsi-meet-1.0.8043"
-    "olm-3.2.16"
-  ];
-
-  liv.desktop.enable = true;
-  liv.gui.enable = true;
-}
--- a/hosts/hazel/default.nix
+++ b/hosts/hazel/default.nix
@ -0,0 +1,49 @@
+{
+  pkgs,
+  config,
+  lib,
+  inputs,
+  ...
+}:
+{
+  imports = [
+    ./hardware-configuration.nix
+    ./disko.nix
+    ./../../modules/core/default.server.nix
+    # ./../../modules/services/hazel.nix
+  ];
+
+  networking.hostName = "hazel";
+
+  nixpkgs.config.permittedInsecurePackages = [
+    "jitsi-meet-1.0.8043"
+    "olm-3.2.16"
+  ];
+
+  time.timeZone = lib.mkForce "Europe/Paris";
+
+  environment.systemPackages = with pkgs; [
+    kitty.terminfo
+  ];
+
+  services = {
+    smartd = {
+      enable = true;
+      autodetect = true;
+    };
+  };
+
+  networking.firewall = {
+    allowedTCPPorts = [
+      9123
+    ];
+  };
+
+  #boot = {
+  #  loader.grub = {
+  #    enable = true;
+  #    device = "/dev/sda";
+  #    useOSProber = true;
+  #  };
+  #};
+}
--- a/hosts/hazel/disko.nix
+++ b/hosts/hazel/disko.nix
@ -0,0 +1,32 @@
+{ inputs, ... }:
+{
+  imports = [
+    inputs.disko.nixosModules.disko
+  ];
+  disko.devices = {
+    disk = {
+      sda = {
+        device = "/dev/sda";
+        type = "disk";
+        content = {
+          type = "gpt";
+          partitions = {
+            boot = {
+              size = "1M";
+              type = "EF02";
+              priority = 1;
+            };
+            root = {
+              size = "100%";
+              content = {
+                type = "filesystem";
+                format = "ext4";
+                mountpoint = "/";
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}
--- a/hosts/hazel/hardware-configuration.nix
+++ b/hosts/hazel/hardware-configuration.nix
@ -0,0 +1,45 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:
+
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  boot.initrd.availableKernelModules = [
+    "ehci_pci"
+    "ahci"
+    "usbhid"
+    "sd_mod"
+  ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  # fileSystems."/" = {
+  #   device = "/dev/disk/by-uuid/864dfbec-81f0-460f-b970-27693a0ad0e6";
+  #   fsType = "ext4";
+  # };
+
+  # fileSystems."/boot" = {
+  #   device = "/dev/disk/by-uuid/E141-F5CE";
+  #   fsType = "vfat";
+  #   options = [
+  #     "fmask=0077"
+  #     "dmask=0077"
+  #   ];
+  # };
+
+  # swapDevices = [ ];
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
--- a/hosts/ichiyo/default.nix
+++ b/hosts/ichiyo/default.nix
@ -12,9 +12,6 @@
    ./../../modules/services/tailscale.nix
  ];

-  # Enable fancy boot animations
-  boot.plymouth.enable = true;
-
  powerManagement = {
    enable = true;
    # powertop.enable = true;
--- a/hosts/iris/default.nix
+++ b/hosts/iris/default.nix
@ -0,0 +1,68 @@
+{
+  inputs,
+  pkgs,
+  config,
+  lib,
+  ...
+}:
+{
+  imports = [
+    ./hardware-configuration.nix
+    ./../../modules/core
+    # ./../../modules/home/nfs.nix
+    ./../../modules/core/virtualization.nix
+    ./../../modules/services/tailscale.nix
+    ./../../modules/services/mpd.nix
+  ];
+
+  powerManagement = {
+    enable = true;
+    # powertop.enable = true;
+    cpuFreqGovernor = lib.mkDefault "performance";
+  };
+
+  networking = {
+    hostName = "iris";
+    networkmanager.enable = true;
+  };
+
+  systemd.network.networks."99-local" = {
+    matchConfig.name = "enp68s0";
+    address = [
+      "192.168.1.100/24"
+    ];
+    routes = [
+      {
+        Gateway = "172.16.10.1";
+        GatewayOnLink = false;
+      }
+    ];
+  };
+
+  liv = {
+    desktop.enable = true;
+    creative.enable = true;
+    amdgpu.enable = true;
+    wine.enable = false; # use VM for this
+    gui.enable = true;
+  };
+
+  boot = {
+    kernelParams = [ ];
+    kernelModules = [ "acpi_call" ];
+    kernelPackages = pkgs.linuxPackages_latest;
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+      systemd-boot.configurationLimit = 10;
+    };
+    extraModulePackages =
+      with config.boot.kernelPackages;
+      [
+        acpi_call
+        cpupower
+        v4l2loopback
+      ]
+      ++ [ pkgs.cpupower-gui ];
+  };
+}
--- a/hosts/iris/hardware-configuration.nix
+++ b/hosts/iris/hardware-configuration.nix
@ -5,19 +5,27 @@

 {
  imports =
-    [ (modulesPath + "/profiles/qemu-guest.nix")
+    [ (modulesPath + "/installer/scan/not-detected.nix")
    ];

-  boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];

  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/631775ef-6851-4fe7-997f-189372f87437";
+    { device = "/dev/disk/by-uuid/6609be3d-2dda-4961-9247-6463349f196c";
      fsType = "ext4";
    };

+  boot.initrd.luks.devices."luks-e8a36fde-6d6f-4650-b0dc-3152ef561c99".device = "/dev/disk/by-uuid/e8a36fde-6d6f-4650-b0dc-3152ef561c99";
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/1793-F35D";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
  swapDevices = [ ];

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
@ -25,7 +33,11 @@
  # still possible to use this option, but it's recommended to use it in conjunction
  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
+  # networking.interfaces.ens4f0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.ens4f1.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;

  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }
--- a/hosts/posy/default.nix
+++ b/hosts/posy/default.nix
@ -0,0 +1,41 @@
+{ config, pkgs, lib, ... }:
+{
+  imports = [
+    ./../../modules/core/default.server.nix
+    ./../../modules/services/mpd.nix
+  ];
+
+  networking.hostName = "posy";
+
+  time.timeZone = "Europe/Amsterdam";
+
+  environment.systemPackages = with pkgs; [
+    pkgs.kitty.terminfo
+  ];
+
+  boot = {
+    kernelPackages = pkgs.linuxKernel.packages.linux_rpi4;
+    initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" ];
+    loader = {
+      grub.enable = false;
+      generic-extlinux-compatible.enable = true;
+    };
+  };
+
+  services = {
+    smartd = {
+      enable = lib.mkForce false;
+      autodetect = lib.mkForce false;
+    };
+  };
+
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-label/NIXOS_SD";
+      fsType = "ext4";
+      options = [ "noatime" ];
+    };
+  };
+
+  hardware.enableRedistributableFirmware = true;
+}
--- a/hosts/sakura/default.nix
+++ b/hosts/sakura/default.nix
@ -12,6 +12,7 @@
    ./../../modules/core/virtualization.nix
    ./../../modules/services/tailscale.nix
    ./../../modules/services/mpd.nix
+    ./../../modules/services/smart-monitoring.nix
    inputs.nixos-hardware.nixosModules.framework-13-7040-amd
  ];

@ -45,13 +46,17 @@
  # Disable light sensors and accelerometers as they are not used and consume extra battery
  hardware.sensor.iio.enable = lib.mkForce false;

-  networking.hostName = "sakura";
+  networking = {
+    hostName = "sakura";
+    # networkmanager.ethernet.macAddress = "13:37:6a:8a:ed:a4";
+  };

  powerManagement = {
    enable = true;
    # powertop.enable = true;
    cpuFreqGovernor = lib.mkDefault "ondemand";
  };
+
  # change battery led to blue on suspend to indicate device is in suspend mode
  systemd.services."suspend-led-set" = {
    description = "blue led for sleep";
@ -71,8 +76,11 @@
      ${pkgs.fw-ectool}/bin/ectool led battery auto
    '';
  };
+  systemd.sleep.extraConfig = ''
+    HibernateDelaySec=30m
+  '';
+  services.logind.lidSwitch = "suspend";
  boot = {
-    plymouth.enable = true;
    kernelParams = [
      "mem_sleep_default=deep"
      "acpi_osi=\"!Windows 2020\"" # otherwise GPU does weird shit that makes the computer look like the RAM is broken
@ -89,7 +97,11 @@
      [
        acpi_call
        cpupower
+        v4l2loopback
      ]
      ++ [ pkgs.cpupower-gui ];
+    extraModprobeConfig = ''
+      options v4l2loopback devices=1 video_nr=1 card_label="OBS Cam" exclusive_caps=1
+    '';
  };
 }
--- a/hosts/violet/default.nix
+++ b/hosts/violet/default.nix
@ -22,7 +22,8 @@
  time.timeZone = "Europe/Amsterdam";

  environment.systemPackages = with pkgs; [
-    pkgs.kitty.terminfo
+    kitty.terminfo
+    cifs-utils
  ];

  services = {
@ -33,6 +34,18 @@
    xserver.videoDrivers = [ "nvidia" ];
  };

+  networking.firewall = {
+    allowedTCPPorts = [
+      80
+      443
+      25565
+      5201
+    ];
+    allowedUDPPorts = [
+      5201
+    ];
+  };
+
  liv.nvidia.enable = true;

  boot = {
@ -50,4 +63,14 @@
      ]
      ++ [ pkgs.cpupower-gui ];
  };
+
+  fileSystems."/mnt/nfs/violet" = {
+    device = "//172.16.10.130/spinners/violet"; # not ideal, should get the static IP from dandelion from a config attribute but whatever...
+    fsType = "cifs";
+    options = [
+      "x-systemd.automount"
+      "noauto"
+      "credentials=${config.sops.secrets.smbLoginDetails.path}"
+    ];
+  };
 }
--- a/hosts/vm/default.nix
+++ b/hosts/vm/default.nix
@ -1,36 +0,0 @@
-{ pkgs, config, lib, ... }: 
-{
-  imports = [
-    ./hardware-configuration.nix
-    ./../../modules/core
-  ];
-
-  nixpkgs.config.permittedInsecurePackages = [
-    "jitsi-meet-1.0.8043"
-    "olm-3.2.16"
-  ];
-
-
-  # kvm/qemu doesn't use UEFI firmware mode by default.
-  # so we force-override the setting here 
-  # and configure GRUB instead.
-  boot.loader = {
-    systemd-boot.enable = lib.mkForce false;
-    grub = {
-      enable = true;
-      device = "/dev/vda";
-      useOSProber = false;
-    };
-  };
-
-  # allow local remote access to make it easier to toy around with the system
-  services.openssh = {
-    enable = true;
-    ports = [22];
-    settings = {
-      # PasswordAuthentication = lib.mkOverride true;
-      AllowUsers = null;
-      # PermitRootLogin = "yes";
-    };
-  };
-}
--- a/hosts/yoshino/default.nix
+++ b/hosts/yoshino/default.nix
@ -12,6 +12,7 @@
    # ./../../modules/home/nfs.nix
    ./../../modules/core/virtualization.nix
    ./../../modules/services/tailscale.nix
+    ./../../modules/services/mpd.nix
  ];

  powerManagement = {
@ -20,6 +21,24 @@
    cpuFreqGovernor = lib.mkDefault "performance";
  };

+  networking = {
+    hostName = "yoshino";
+    networkmanager.enable = true;
+  };
+
+  systemd.network.networks."99-local" = {
+    matchConfig.name = "enp68s0";
+    address = [
+      "192.168.1.100/24"
+    ];
+    routes = [
+      {
+        Gateway = "172.16.10.1";
+        GatewayOnLink = false;
+      }
+    ];
+  };
+
  liv = {
    desktop.enable = true;
    creative.enable = true;
@ -28,11 +47,6 @@
    gui.enable = true;
  };

-  networking = {
-    hostName = "yoshino";
-    networkmanager.enable = true;
-  };
-
  boot = {
    kernelParams = [ ];
    kernelModules = [ "acpi_call" ];
--- a/hosts/zinnia/default.nix
+++ b/hosts/zinnia/default.nix
@ -0,0 +1,61 @@
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}:
+
+{
+  imports = [
+    ./hardware-configuration.nix
+    ./../../modules/core
+    ./../../modules/services/tailscale.nix
+    ./../../modules/services/mpd.nix
+  ];
+
+  liv = {
+    laptop.enable = true;
+    gui.enable = true;
+    desktop.enable = false;
+    creative.enable = false;
+    amdgpu.enable = false;
+  };
+
+  services = {
+    vnstat.enable = true;
+  };
+
+  networking.hostName = "zinnia";
+
+  powerManagement = {
+    enable = true;
+    powertop.enable = true;
+    cpuFreqGovernor = lib.mkDefault "ondemand";
+  };
+
+  boot.initrd.luks.devices."luks-59aff546-c2c2-4697-a5f2-40a12f259f5a".device =
+    "/dev/disk/by-uuid/59aff546-c2c2-4697-a5f2-40a12f259f5a";
+
+  boot = {
+    kernelParams = [
+      "mem_sleep_default=deep"
+    ];
+    kernelModules = [ "acpi_call" ];
+    kernelPackages = pkgs.linuxPackages_latest;
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+      systemd-boot.configurationLimit = 10;
+    };
+    extraModulePackages =
+      with config.boot.kernelPackages;
+      [
+        acpi_call
+        cpupower
+      ]
+      ++ [ pkgs.cpupower-gui ];
+  };
+
+  time.timeZone = "Europe/Amsterdam";
+  nixpkgs.config.allowUnfree = true;
+}
--- a/hosts/zinnia/hardware-configuration.nix
+++ b/hosts/zinnia/hardware-configuration.nix
@ -0,0 +1,45 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/hardware/network/broadcom-43xx.nix")
+      (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/c9f69c59-2014-41de-b169-53c38c7d9f15";
+      fsType = "ext4";
+    };
+
+  boot.initrd.luks.devices."luks-ad0e2f90-490d-4a2b-8484-8d18bc9bdff5".device = "/dev/disk/by-uuid/ad0e2f90-490d-4a2b-8484-8d18bc9bdff5";
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/0AEC-87AF";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/18a2707c-9fe0-4dc4-a15f-6908cc34f26e"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wwp0s20f0u2c2.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}