From f2712b48227599d378ffea8eb43b5a36b49e7a13 Mon Sep 17 00:00:00 2001
From: irl <iain@learmonth.me>
Date: Tue, 10 Jun 2025 21:45:02 +0100
Subject: [PATCH] feat: new host homeserver

---
 flake.lock                                    | 37 ++++++++++++++
 flake.nix                                     | 18 ++++++-
 nixos/hosts/homeserver/default.nix            | 29 +++++++++++
 .../homeserver/hardware-configuration.nix     | 51 +++++++++++++++++++
 4 files changed, 134 insertions(+), 1 deletion(-)
 create mode 100644 nixos/hosts/homeserver/default.nix
 create mode 100644 nixos/hosts/homeserver/hardware-configuration.nix

diff --git a/flake.lock b/flake.lock
index 25e4a8a..042f8d1 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1,5 +1,41 @@
 {
   "nodes": {
+    "apple-silicon": {
+      "inputs": {
+        "flake-compat": "flake-compat",
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1748659443,
+        "narHash": "sha256-dav2hzyCmXZ3n6lEZrfZBG51+g6PUhkzRl3d6Ypd9x0=",
+        "owner": "tpwrules",
+        "repo": "nixos-apple-silicon",
+        "rev": "3ddc251d2acce5019b0fa770e224d068610a34e4",
+        "type": "github"
+      },
+      "original": {
+        "owner": "tpwrules",
+        "repo": "nixos-apple-silicon",
+        "type": "github"
+      }
+    },
+    "flake-compat": {
+      "locked": {
+        "lastModified": 1688025799,
+        "narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=",
+        "owner": "nix-community",
+        "repo": "flake-compat",
+        "rev": "8bf105319d44f6b9f0d764efa4fdef9f1cc9ba1c",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
     "flake-parts": {
       "inputs": {
         "nixpkgs-lib": [
@@ -98,6 +134,7 @@
     },
     "root": {
       "inputs": {
+        "apple-silicon": "apple-silicon",
         "flake-utils": "flake-utils",
         "home-manager": "home-manager",
         "nixpkgs": "nixpkgs",
diff --git a/flake.nix b/flake.nix
index 52bd761..9caea5f 100644
--- a/flake.nix
+++ b/flake.nix
@@ -3,6 +3,10 @@
 
   inputs = {
     nixpkgs.url = "github:nixos/nixpkgs";
+    apple-silicon = {
+      url = "github:tpwrules/nixos-apple-silicon";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
     flake-utils.url = "github:numtide/flake-utils";
     home-manager = {
       url = "github:nix-community/home-manager";
@@ -16,11 +20,12 @@
   outputs =
     {
       nixpkgs,
+      apple-silicon,
       flake-utils,
       home-manager,
       nur,
       ...
-    }:
+    }@inputs:
     let
       supportedSystems = [
         "x86_64-linux"
@@ -29,6 +34,7 @@
       ];
       forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
       overlays = [
+        apple-silicon.overlays.apple-silicon-overlay
         nur.overlays.default
       ];
     in
@@ -42,6 +48,16 @@
             ./nixos/hosts/laptop/hardware-configuration.nix
           ];
         };
+        homeserver = nixpkgs.lib.nixosSystem {
+          system = "aarch64-linux";
+          modules = [
+            ./nixos/common.nix
+            ./nixos/hosts/homeserver/default.nix
+            ./nixos/hosts/homeserver/hardware-configuration.nix
+            apple-silicon.nixosModules.apple-silicon-support
+          ];
+          specialArgs = inputs;
+        };
       };
       homeConfigurations = nixpkgs.lib.foldl' (
         acc: system:
diff --git a/nixos/hosts/homeserver/default.nix b/nixos/hosts/homeserver/default.nix
new file mode 100644
index 0000000..9c2b076
--- /dev/null
+++ b/nixos/hosts/homeserver/default.nix
@@ -0,0 +1,29 @@
+{
+  config,
+  lib,
+  pkgs,
+  apple-silicon,
+  ...
+}:
+
+{
+  nixpkgs.overlays = [ apple-silicon.overlays.apple-silicon-overlay ];
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = false;
+
+  hardware.asahi.useExperimentalGPUDriver = true;
+  hardware.asahi.extractPeripheralFirmware = true;
+
+  networking.hostName = "homeserver";
+  networking.networkmanager.enable = true;
+
+  services.xserver.xkb.layout = "us";
+
+  services.openssh.enable = true;
+
+  networking.firewall.allowedTCPPorts = [ 22 ];
+  networking.firewall.allowedUDPPorts = [ ];
+
+  system.stateVersion = "25.11";
+}
diff --git a/nixos/hosts/homeserver/hardware-configuration.nix b/nixos/hosts/homeserver/hardware-configuration.nix
new file mode 100644
index 0000000..aef56ac
--- /dev/null
+++ b/nixos/hosts/homeserver/hardware-configuration.nix
@@ -0,0 +1,51 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:
+
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "usb_storage"
+    "usbhid"
+  ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/d82c7bbb-e496-414c-a96b-4b4ca457bdfd";
+    fsType = "ext4";
+  };
+
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/3B58-1BF7";
+    fsType = "vfat";
+    options = [
+      "fmask=0022"
+      "dmask=0022"
+    ];
+  };
+
+  swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.end0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
+}