From 95155e9e93050bc4d8721fcac5190c92bc5c1e15 Mon Sep 17 00:00:00 2001
From: Jimbo <jimbo@jimbosfiles.com>
Date: Fri, 18 Oct 2024 15:32:32 -0400
Subject: [PATCH] Add Chromebook to the roster

---
 flake.nix                                     |   2 +
 hosts/firefly/home/default.nix                |   2 +-
 hosts/firefly/system/default.nix              |   5 +-
 hosts/lacros/home/default.nix                 |  22 +++++
 hosts/lacros/id_ed25519.pub                   |   1 +
 hosts/lacros/system/default.nix               |  27 ++++++
 hosts/lacros/system/hardware/default.nix      |  78 ++++++++++++++++++
 .../devices/boot/lanzaboote/default.nix       |   6 +-
 variables/secrets/default.nix                 | Bin 2395 -> 2373 bytes
 9 files changed, 137 insertions(+), 6 deletions(-)
 create mode 100644 hosts/lacros/home/default.nix
 create mode 100644 hosts/lacros/id_ed25519.pub
 create mode 100644 hosts/lacros/system/default.nix
 create mode 100644 hosts/lacros/system/hardware/default.nix

diff --git a/flake.nix b/flake.nix
index 350653c5..a4a5f4dd 100644
--- a/flake.nix
+++ b/flake.nix
@@ -38,6 +38,7 @@
       firefly = mkNixos [ ./hosts/firefly/system ];
       cyberspark = mkNixos [ ./hosts/cyberspark/system ];
       shuttleworth = mkNixos [ ./hosts/shuttleworth/system ];
+      lacros = mkNixos [ ./hosts/lacros/system ];
     };
 
     # home-manager switch --flake .#username@hostname
@@ -45,6 +46,7 @@
       "jimbo@firefly" = mkHome [ ./hosts/firefly/home ] nixpkgs.legacyPackages.x86_64-linux;
       "jimbo@cyberspark" = mkHome [ ./hosts/cyberspark/home ] nixpkgs.legacyPackages.x86_64-linux;
       "jimbo@shuttleworth" = mkHome [ ./hosts/shuttleworth/home ] nixpkgs.legacyPackages.aarch64-linux;
+      "jimbo@lacros" = mkHome [ ./hosts/lacros/home ] nixpkgs.legacyPackages.x86_64-linux;
     };
   };
 }
diff --git a/hosts/firefly/home/default.nix b/hosts/firefly/home/default.nix
index 4bd077bd..d6d513d2 100644
--- a/hosts/firefly/home/default.nix
+++ b/hosts/firefly/home/default.nix
@@ -8,9 +8,9 @@
     ../../../modules/home/settings
     ../../../modules/home/programs
     ../../../modules/home/programs/misc/production
-    ../../../modules/home/programs/misc/school
     ../../../modules/home/programs/misc/gaming/launchers
     ../../../modules/home/programs/misc/gaming/xash3d
+    ../../../modules/home/programs/misc/school
     ../../../modules/home/sway
     ../../../modules/home/utils
 
diff --git a/hosts/firefly/system/default.nix b/hosts/firefly/system/default.nix
index 343e7f97..652005e3 100644
--- a/hosts/firefly/system/default.nix
+++ b/hosts/firefly/system/default.nix
@@ -1,4 +1,4 @@
-{ lanzaboote, ... }:
+{ ... }:
 {
   imports = [
     ./hardware
@@ -21,9 +21,6 @@
     # Misc
     ../../../overlays
     ../../../variables
-
-    # Imports
-    lanzaboote.nixosModules.lanzaboote
   ];
 
   networking.hostName = "firefly";
diff --git a/hosts/lacros/home/default.nix b/hosts/lacros/home/default.nix
new file mode 100644
index 00000000..75cd42ea
--- /dev/null
+++ b/hosts/lacros/home/default.nix
@@ -0,0 +1,22 @@
+{ config, nur, ... }:
+{
+  imports = [
+    # Apps and programs
+    ../../../modules/home
+    ../../../modules/home/users
+    ../../../modules/home/files
+    ../../../modules/home/settings
+    ../../../modules/home/programs
+    ../../../modules/home/programs/misc/remote-desktop
+    ../../../modules/home/sway
+    ../../../modules/home/utils
+
+    # Misc
+    ../../../overlays
+    ../../../variables
+    ../../../variables/look/colors/purple
+
+    # Imports
+    nur.nixosModules.nur
+  ];
+}
diff --git a/hosts/lacros/id_ed25519.pub b/hosts/lacros/id_ed25519.pub
new file mode 100644
index 00000000..84c223ca
--- /dev/null
+++ b/hosts/lacros/id_ed25519.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBk6ALxn+zKrRys6/c1oYSoWJaUUEo3nAM224ElhjJQR jimbo@lacros
diff --git a/hosts/lacros/system/default.nix b/hosts/lacros/system/default.nix
new file mode 100644
index 00000000..2e8ad70d
--- /dev/null
+++ b/hosts/lacros/system/default.nix
@@ -0,0 +1,27 @@
+{ config, ... }:
+{
+  imports = [
+    ./hardware
+
+    # Apps and programs
+    ../../../modules/system
+    ../../../modules/system/accounts
+    ../../../modules/system/desktop
+    ../../../modules/system/programs
+    ../../../modules/system/services
+
+    # Devices and hardware
+    ../../../modules/system/devices
+    ../../../modules/system/devices/boot/lanzaboote
+    ../../../modules/system/devices/networking/wireless
+    ../../../modules/system/devices/networking/firewall/pc
+    ../../../modules/system/devices/networking/wireguard/pc
+
+    # Extras
+    ../../../overlays
+    ../../../variables
+  ];
+
+  networking.hostName = "lacros";
+  networking.wireguard.interfaces."${config.ips.wgInt}".ips = [ "${config.ips.wgSpan}.18/24" ];
+}
diff --git a/hosts/lacros/system/hardware/default.nix b/hosts/lacros/system/hardware/default.nix
new file mode 100644
index 00000000..021d994b
--- /dev/null
+++ b/hosts/lacros/system/hardware/default.nix
@@ -0,0 +1,78 @@
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  boot = {
+    initrd = {
+      availableKernelModules = [
+        "xhci_pci"
+        "usb_storage"
+        "sd_mod"
+        "sdhci_pci"
+      ];
+      kernelModules = [
+        "dm-snapshot"
+        "kvm-intel"
+      ];
+
+      # Encryption and TPM
+      systemd.enable = true;
+      luks.devices = {
+        crypt-mmc = {
+          device = "/dev/disk/by-uuid/5906e176-7ad3-41e5-bc45-ae65664eb10c";
+          preLVM = true;
+          allowDiscards = true;
+        };
+      };
+    };
+  };
+
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
+      fsType = "btrfs";
+      options = [ "subvol=@" "noatime" "nodiratime" "discard" ];
+    };
+    "/home" = {
+      device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
+      fsType = "btrfs";
+      options = [ "subvol=@home" "noatime" "nodiratime" "discard" ];
+    };
+    "/var" = {
+      device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
+      fsType = "btrfs";
+      options = [ "subvol=@var" "noatime" "nodiratime" "discard" ];
+    };
+    "/nix" = {
+      device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
+      fsType = "btrfs";
+      options = [ "subvol=@nix" "noatime" "nodiratime" "discard" ];
+    };
+    "/.snapshots" = {
+      device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
+      fsType = "btrfs";
+      options = [ "subvol=@snapshots" "noatime" "nodiratime" "discard" ];
+    };
+    "/boot" = {
+      device = "/dev/disk/by-uuid/1C76-1006";
+      fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" ];
+    };
+    "/home/jimbo/JimboNFS" = {
+      device = "${config.ips.wgSpan}.1:/export/JimboNFS";
+      fsType = "nfs4";
+      options = ["x-systemd.automount" "_netdev" "nofail" "noauto"];
+    };
+  };
+
+  swapDevices = [
+    { device = "/dev/disk/by-uuid/54a9cc22-4a2c-4e04-a968-313c34481489"; }
+  ];
+
+  networking.useDHCP = lib.mkDefault true;
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
diff --git a/modules/system/devices/boot/lanzaboote/default.nix b/modules/system/devices/boot/lanzaboote/default.nix
index 7a622270..9ba80ba1 100644
--- a/modules/system/devices/boot/lanzaboote/default.nix
+++ b/modules/system/devices/boot/lanzaboote/default.nix
@@ -1,5 +1,9 @@
-{ ... }:
+{ lanzaboote, ... }:
 {
+  imports = [
+    lanzaboote.nixosModules.lanzaboote
+  ];
+
   boot.lanzaboote = {
     enable = true;
     pkiBundle = "/etc/secureboot";
diff --git a/variables/secrets/default.nix b/variables/secrets/default.nix
index 38b50a76672facba1208f7fbdf18fa7ebfc8b26d..8b87e6caa270d84f550b321ba00f71ac8873ce8b 100644
GIT binary patch
literal 2373
zcmb<c$jMC7QAp0uOUq2xQP9)VQ>eA#s^(Hq$S)|#%+D*<D^5)=N-Zf?um!2q%gy!&
ziz|SXC@7Rv7NkODK+Iyj#FCPtVrwo11qFqa)U?FXoDv0Fh3Z<6NUb#&mjcu#BvT;<
zDJ!_7re)@(Dx~D+CT8XpgH6cF%yj{C6>JrhvNCg%@{7|lb5e`-lJj$wz@{lEC@X{(
zrxqy`Bo-H!=NF|E>nNnB=A{-TmZYXAlxLP?D5&RVgC$cGbaNGoGZJ-84UN=c#wX=F
zCMO3Z7K6N}q++I$9$Db3SKzK+6%di0nP*_8Vw7E(lI4<?V&H9N<dTtQ8DJ3LR_2uv
z<X2@@;pwcO<Pn*erXLYmSm~YYQyJw~6%bfZX;E5fS>ha&92}XGWmsPBlu;E{5)xGD
zSyG;u<?rF_nq`1+ymL-|X-Zm7Vo|DsV}PeZc4{TqX<!k@f=ut!N|4_@okKGXqp}QA
z<CF58vr|L8k|F{uQ@l!x%i;?o;;S;e!voy|lHF1f=7wh$rKXoA7NvlU#0->@j8uj4
zbcN*n+}y;x6tI=$>A|T*WvN90MVVzFJHtIHDl$!tBMU72f}%1)w4DO;%AC!NoRYKs
zQ{4?KjDr2kvcq$74NBbeZIwXrtDpckqBIF)LSdeNh<;9lzn5=fV7g0aN<=|rntPO!
zk*8~AXntu>R;p31ev)&lWod;4!UX4>%+$ORm?M0>Ewc<#BXiQrw0)y2i-RNm&76&M
z(h7r<3w#2~lbs4(le4|d^UX^_O)!jrIKtmM)I&eREHXGW$kU`OJvAiCJJ7|@G_bfZ
zu`)d+DJ0J@*D<^*u)s3d0AWHvW<_d_WdOv4lmO?FtXwnm#1!8s=e$ZELw_S5?b1;H
zY=fYrEJw=_{gR9l!y@g%WLG3N_!lK6=cGbSh;sJMiS)=ZFZIrH2`Vo0bn&pv@JY|~
zbuOszcDL}#GdD=jD$gxRDGbU6xd9v<$_k#zsmY1OB{~WPIf<EhC8-r9U<r_zV@hsj
z9xU0qms<u{l!U9~=cX1a7o|oyswBl_xl~$)`9Y%vq$4=Lv?w_hro}tk%_Y^>AlSpx
zN2}OOF~y`pE72rLIVrgik%9s;@=NjyiZY9H(Om!*L~%lTk#TUgXJN2YmP>ABL1jg#
zVpNu;ma~^h1j0Pu#FC=S3I%9!0`^KSSST1=z<?4=Qfi`kN|LFOMWUr?iiMGpX|icr
zs##K+rIDGTiG`tATB>D=v7w2jS(2%tK}uShxkZwpnSn)eT9UC@nuSp!)W0d2#mV_a
zDNgw%o-QC`4UNprEzC_!j7%*I4J-{!O^iVq5L`sTRfgner{;ka`-XTL`&FeI`?&;G
z`h}!d__}0Q_=N;k`8w*km*u79`stPD`nh`*o5$xAWan4uMtEd<x&~zUW|)}!rWFT8
z<tC-Mh53hAAUqCEOlhepP_OGK<dznfC?usS7#k@hXCxLSCYPiZ6)WWA=cR)~r2v%p
z(o$0(d0$=KF(4q`+cnZQ+_Eq=GtbPx)HK`DJ*BMNJt@V@EW9Gn+|Z}U)G#?vT^(K|
zh7={{73XFa7iZ?@DI^!ArljVTWG3bmqsL?kk~-(2)D*YO98htt4k;fMpoKgrq?C#Z
zl66aqQ;YHvb5oV9pvAG04%o$T1>k}<zbFNypj<UD$<s9|BR|t5D?=+wE5JK3$|u`9
z+tN%4s;L%CBRShOH!(9uAvq^Cu?Uph5rsNfVP1YwYC%pVC=G*3dQfDU<`%dX7zf1V
znK`N!8K+g{c{!RQ0v=*qVsdhRX<ms!Mq+VBDrQNDQavOk7gZLNKzt9i&NneL$0M;g
z17w|wQId**sfu}6W>T`7cSNPBTbgBYsBea`ceqn(a74CeUW8w2qN7WqxuI{0esOt;
zX^?ZaX|Z`|p05!!ZGvktR5KG*42@LEJW|~}^MVS}3iNUc(t`A}EecBfQj?2~t4h4H
zvV%g3EHe^Q4O{{&DqZ~yqddHQjfyKk#XTtKb4v3PQH`urF*H!gE_O=GEiKK@at_a{
zaw{xwa>;kq_s@5asw_+k(DNzHH_FU0FAq;H^hnM1NH5GN2u#T|gE}*<C^a=XzbFsY
zScvak-3&s)j4dOoLLvh^Q^Ni8ee-fs(<3YjeX^51DnctuvdbJxOpAkD0$mOB3rii{
zLJC2(HOQqUnR%6{MuI(`lv=1C<!_u3RAri*>z-=qTvk?LQL10;=arll=8+Q^Xqs42
zX5s0So8pyNW@eCQo>uA&aw#}jC@Xjdz?%!60fwN6vb5AQGBMXPG&k2XF@}06D>K(K
zzz8I3XknsfXkwygZl-5w36%wfp=SU{*4$9f!d%bL$VAV`2xJM!-Jqa=$QqgGnVIQX
PTId-<%&oQNs^tOz4yMnb

literal 2395
zcmZQ@_Y83kiVO&0C|Gr5LTFiPkof(`nZ8$b_a&c6*`T6gufbcq^~p5muN&GqeCCEJ
z80f!Ry4u!#<_5V1f4$HA-{|<|*1BG)dFdA29<Qs#pS6S*FS7c-#G&@$j2TVIXCCgq
z-s-8wvj2d|l~)Bl(|)T-e%Na8GspJQf1|8fJ|}edN*?IeIU%%Epv+1!VEd!J2cBj=
zTW8pmdU~B^|JOjJBtM@m=fnRz{%gcy7wpgVb&Z0Y)S?3`g617(at)c*$C$R#ZoT~O
z4&BLTbgO)S@Ye~tX<cY!+Sf4GW{%ss9YxZ7D^5?jzoD%2pW6gJo(194Ha{qSD-&t;
z<l(vcQ#~9pT0KlI3qMYn<=nmLU4qaCKaLeXKCL`4`_Ih^FI+c2C$@8sLT|cg%A}C2
zw;G#oJc=+p8YG@+(2&jk#b};p!;AWRr}nO^nzm!g>F=jz-HrQiwDZv|Et|^i<`aeQ
z9TfQ|E}L6o@_y?9+0+fy&o>^k+IP5H<R^o`?GM|o+~VExY0Fv**-HPOw!`by&&oeO
z^1<YK<x9h>87n^Yt?}DFkEiH|#z*`5sf|1PSX}fbD+XSYZcIsuO8i#XD(KxDn&3Of
z(EsJa8PANT*vp-Hve#yMTj4f;#w&hn{n-wM{-5;yMqg6&;i-Sxbbsi+@(4UWd*+86
zGnF%m)oBczOZ1aDwix!zT*p}NdcDpfDJN*3<<v`?z8?5wI{)t5E0Mf8KTdS~|IoFq
zHGSf;C%GvibC<`Z_x?yXpZQkq^r6X)(_YxD2`F+m`X3+^_V4-p%MHwbXY~86bzOYM
z!+P7}EkW-4Z(iEGb!kc9(T+orbN=i+xi0h6gws3UzR?am@=hzx&RhAfPg|L#c)iu(
zf2FT9Sw1?&IP{#|Q4m$@{@N~#M=$vQ;g}GS=)`-yuX!csI?odCcN5@|ny#Jv*0b^I
zM{&m4CpQH3?>>1rJumXZ^$C+x9&c9HW>q=srdS+MJN?Ge^rc_6YTPR@6WBN}Tjka!
zg|z&g@9OUQu!u^q${S5T`1NtTT6uMTfetgX$!*11-{0j4u`gb=JWld%m9~STl+}Sd
z(s#ezI?Y#}YrW{o#g1uwxjkti^Y6AAx;*@#INQ0+?WX4cr<aB74?VSunt1x@>WwzZ
zz2_cC>~_^R^6?Oy?0G(>qbYrI!?e8`3zu42_X}AY&$$rvOL@kdrEl*14w-!GY1V{7
z(Ul)(WkoIf`Ty{S9F=`LCCyvp^`5bd%a?e(SYM&vc8=d5Q!e$De47K4{3mm!9a|WK
zxx5b9L?7OpHLWS|P>}0PRvzCwzdUAc`nLY)$u~_A0U}?RxSSL-uby;Gy)a|d{jTIM
z;!nP9uY7#Bv6Cxf(UmFRw`NuqFtz^-w%Z_;zhC%fKkvc4mseC<-v4fD`|5*ia(t`>
zhw<%|=dwAfxKu5q*zdO{&tN#P`sGpOdb1r%Kc~oS$~5&!{j_P)<12yp*&`OLGr1Pm
zn4zrNAH2&`>Vu%)PtJ@)-kYZxCg$CXSvbQ=e!?uj9Z3vNXUN_aEY5$<diY(&Gf~y@
z*6VVLA~!2aHFKE$*Trx&JXZ4dbBUO&aPEIl;D)jSvlEs6Zs#)!e=c^=7TO@8crbeV
zHdg(`LNb#Co-aFf|J<^r2NnixQTVp_?sKi$n!e`T^X8j$6;c@*j!aNxIelE}wHcdU
z@19>0LXvl*UkZn}eVw`UK}PP4i2ZA|7To{sZ1elTPG0wJJ4=lehq)QM?sTtMzq3Ny
zHPJ7(QD9s2>~gPJA6~W{lM>w8b*Y<+fA<E3#d@+c`dvkTYR252bhgbm`VrrcM{-yA
zr^<V7sM7m5dGVt51#5S#%!=VGPinJh^$Rx=xZM16Z^>!_<@p~Zt?ykvw5q15Vy4jf
zg^qgqy${}I9{C#RdH(s^Z_AG+@^a0Vd&Q!Wwrb)cqpoSHd&;ErqDucJ9lT?xe~$B(
zlz7N%o&T(CW<oDQ%2NUs{GaKxb?=S~ns?_GJYKiu^jF~$$NBjmc3uDJk+^Zzavj-D
zzB%_^teVo7p&q&5_LPtaGm#uSpX+%kTFn#PyN-V=-RnI;ar^vNYP}yPe?R+C&BpRU
z@fT@zOCAjawxvdS>s@PaJfH8lnE94@PQ&b^{J^pmGW_d36welKPTo}Y?Damm)>FE7
znHQ_7EH6=s`X#Vm@v-XpFMBR#OntLic#^%vDf`|(ynil6eKp#=-?O4c!XhxZTI=bT
z2@-|53r@c=wD?(3{&8Y<FtcfT&~sH5ei_9rD#t2B`t&yyt*p-JE@l3xEWUJoQ21FD
zH&(e_|K!~znf7d7dMs6KLdCA_n{LS*<gVlAx}^7g?k@RVCf=VWsp)%iFLB?-7qaA#
z$=b7f^)qZW@1`|%JM?}l>z<J(I<N7j%b#7VYc<V<XQ*-Q|0*r>ZPqOvmDQ_)i)MxQ
zCthcCGFiwwBa$Qfq~FqR$NE=+v5MQ<VymiSUGB@fp3Jbg(H3}WQIR}PYAMg_<<mB9
z<}KNA?cH_nZ#RFw`#n)g^U;LFqSAnOJ(mS~W=)>_$m`SRiSu0(*?hm<Tvxoo;<G_U
zZcqCAgDDfYr(XI{*IM_BS^j0(>^IXacny+PC;ar-efn-mOq)U8go2A@ZHBW_<!*Fa
zY@Qrt{JQ9)-lwOks=9L%ql>t^AGjFqk!u$!?|#;=;GwA7^r$n@*kS*=t^Y(k;vQGs
zU9!{gdhP}0kJY;^)$2|sZ3(Z`KdtG&oxXi4b2!^!ljjQm-?#1ecmJ^|{VkXL5{bp7
z%*Kn<zWh4Ha?hgsp7`yF^Y|?<e7RS_uaR+4{PFvJDFN?p{;<FCP_pCV-ACKqLoR*T
z9=_@O9xXL{mIY}iBDHdlp5OmD!bGMb^3jU76^o=UF3Vh6aa8tg(#=B_JJ&qlIWvk)
z;rQ7sA$3Vs!C3xBM?1A83tw!Gu5$@oEL6j^|9N}xx=Xnyrxfkjo43%Sa*2n+nTwac
z${87T>FVTf7VvQk=D+9mO;&OBHO<5*HP=|S176SH_P<%q^x*wXJL#KWXD7}{3vB$r
zeLBd@FNsO!w1T^Hx7Hd<w&as+oX1XtGMFfT?5ntwmas~&r{jOOz=3be8B*9EE)Fbh
zzE!6GH@`ghzhBt5-2IDgze(9~<kF&9Q+WbDFH10f+wbc0_^o5@l`WIzt;rYYlKs@U
zJNweznFbqqr)(3C`t{*stDVxt#r)<svsJ!p-z-@i@Ns5^Aoo;$jt^J<vV5%9XDV#1
kWYJO&bTd#aoA_;R{0pH;2M(<*vTV8ZICLdX()>Bw0soz$$N&HU