add iso

nixos/.gitignore

@@ -1 +0,0 @@
-result/

nixos/hosts/thalassa/null/configuration.nix

@@ -88,6 +88,8 @@ in {
   services.gnome.gnome-keyring.enable = true;
 
   fileSystems."/".options = [ "compress=zstd" ];
+  fileSystems."/home".options = [ "compress=zstd" ];
+
   # Filesystem dedup
   services.beesd.filesystems = {
     root = {

nixos/hosts/thalassa/null/hardware-configuration.nix

@@ -8,7 +8,7 @@
     [ (modulesPath + "/installer/scan/not-detected.nix")
     ];
 
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "rtsx_pci_sdmmc" ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];
@@ -31,8 +31,10 @@
   # still possible to use this option, but it's recommended to use it in conjunction
   # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
   networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wg0.useDHCP = lib.mkDefault true;
   # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
 
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
   powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
   hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }

nixos/iso.nix

@@ -0,0 +1,11 @@
+{ pkgs, modulesPath, lib, ... }: {
+  imports = [
+    "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix"
+  ];
+
+  # use the latest Linux kernel
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+
+  # Needed for https://github.com/NixOS/nixpkgs/issues/58959
+  boot.supportedFilesystems = lib.mkForce [ "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "ntfs" "cifs" ];
+}

nixos/util.nix

@@ -0,0 +1,59 @@
+{ nixpkgs, home-manager, hyprland, mailserver, ... }:
+let
+  inherit (nixpkgs) lib;
+  inherit (builtins) filter mapAttrs attrValues concatLists;
+
+  # Helper function to resolve what should be imported depending on the type of config (lxc, vm, bare metal)
+  resolve_imports =
+    let
+      # lookup table
+      import_cases = {
+        "lxc" = [
+          "${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
+          ./nixos/common/generic-lxc.nix
+        ];
+        "vm" = [
+          ./nixos/common/generic-vm.nix
+        ];
+        "local" = [
+          home-manager.nixosModules.home-manager
+          hyprland.nixosModules.default
+        ];
+      };
+    in
+    { hostname, realm, profile ? hostname, type ? "lxc", ... }: [
+      mailserver.nixosModules.mailserver
+      ./nixos/common
+      "${./.}/nixos/hosts/${realm}/${profile}/configuration.nix"
+    ] ++ import_cases.${type};
+in
+{
+  # Add to whatever realm a host belong to its list of tags
+  add_realm_to_tags = realm: hosts: map ({ tags ? [ ], ... }@host: host // { tags = [ realm ] ++ tags; inherit realm; }) hosts;
+  # Flatten all hosts to a single list
+  flatten_hosts = hosts: concatLists (attrValues hosts);
+  # Filter out all hosts which aren't nixos
+  filter_nix_hosts = hosts: filter ({ nix ? true, ... }: nix) hosts;
+
+  # Helper function to build a colmena host definition
+  mkColmenaHost = { ip ? null, hostname, tags, realm, type ? "lxc", ... }@host:
+    let
+      # this makes local apply work a bit nicer
+      name = if realm == "thalassa" then hostname else "${hostname}.${realm}";
+    in
+    {
+      "${name}" = {
+        imports = resolve_imports host;
+        networking = {
+          hostName = hostname;
+          domain = realm;
+        };
+        deployment = {
+          inherit tags;
+          targetHost = ip;
+          allowLocalDeployment = (type == "local");
+          targetUser = null; # Defaults to $USER
+        };
+      };
+    };
+}