merge changes

common/gaming.nix

@@ -39,6 +39,8 @@ in
       };
     };
 
+    programs.honkers-railway-launcher.enable = true;
+
     services.udev.packages = [ pkgs.wooting-udev-rules ];
 
     environment.sessionVariables = {

common/graphics/fonts.nix

@@ -18,7 +18,7 @@ in
         noto-fonts-monochrome-emoji
         roboto
         liberation_ttf
-        nerdfonts
+        # nerdfonts
       ];
 
       fontDir.enable = true;

common/graphics/opengl.nix

@@ -39,10 +39,10 @@ in
 {
   config = mkIf (enable && graphical) {
     # Enable OpenGL
-    hardware.opengl = {
+    hardware.graphics = {
       enable = true;
-      driSupport = true;
-      driSupport32Bit = true;
+      #driSupport = true;
+      #driSupport32Bit = true;
       extraPackages = [ ];
     };
 

common/hardware/laptop.nix

@@ -66,7 +66,7 @@ in
         "usb_storage"
         "sd_mod"
       ];
-      initrd.systemd.enable = true;
+#      initrd.systemd.enable = true;
       loader.systemd-boot.enable = true;
       #      extraModulePackages = [ config.boot.kernelPackages.ddcci-driver ];
       kernelModules = [

common/network/default.nix

@@ -9,7 +9,10 @@ let
 in
 {
   config = lib.mkIf (enable && network) {
-    networking.networkmanager.enable = true;
+    networking.networkmanager = {
+      enable = true;
+      plugins = with pkgs; [ networkmanager-openvpn ];  
+    };
     networking.useDHCP = lib.mkDefault true;
 
     hardware.bluetooth.enable = lib.mkDefault laptop_hardware.enable;

common/sound/default.nix

@@ -9,7 +9,6 @@ let
 in
 {
   config = lib.mkIf (enable && sound.enable) {
-    sound.enable = true;
     hardware.pulseaudio.enable = false;
 
     services.pipewire = {

common/tooling/default.nix

@@ -58,12 +58,14 @@ in
 
         parted
         expect
+        gptfdisk
       ]
       ++ optionals graphical [
         wev
         qdirstat
         libva-utils
         gparted
+        bottles
       ];
 
     environment.shellAliases = {

common/tooling/helix.nix

@@ -10,6 +10,7 @@ let
     mkOption
     types
     getExe
+    getExe'
     mkIf
     ;
   inherit (pkgs)
@@ -42,7 +43,7 @@ let
       '')
     ];
   };
-
+  
   helix-wrapped = pkgs.symlinkJoin {
     name = helix.pname;
 
@@ -56,7 +57,7 @@ in
 {
   config = mkIf (enable && tooling.enable) {
     environment.systemPackages = [ helix-wrapped ];
-    environment.sessionVariables.EDITOR = getExe helix-wrapped;
+    environment.sessionVariables.EDITOR = getExe' helix-wrapped "hx";
 
     programs.helix.config = {
       editor.cursor-shape.insert = "bar";

common/tooling/python.nix

@@ -53,7 +53,7 @@ in
             name: value: "aliases[\"${name}\"] = '''${value}'''"
           ) config.environment.shellAliases
         );
-      # package = pkgs.xonsh.wrapper.override { extraPackages = pyLibs; };
+      package = pkgs.xonsh.override { extraPackages = pyLibs; };
     };
 
     grimmShared.tooling.lang_servers = [

common/xdg/alacritty.toml

@@ -0,0 +1,8 @@
+[font]
+  # Point size
+  size=16.0
+  normal = { family="Noto Sans Mono" }
+
+[window]
+  opacity=0.85
+

common/xdg/mime.nix

@@ -33,6 +33,16 @@ let
     "blender.desktop"
   ];
   tex_editors = [ ] ++ text_editors;
+
+  alacritty_pkg = pkgs.symlinkJoin {
+    name = "alacritty";
+    paths = [ pkgs.alacritty ];
+    buildInputs = [ pkgs.makeWrapper ];
+    postBuild = ''
+      wrapProgram $out/bin/alacritty \
+        --add-flags "--config-file ${./alacritty.toml}"
+    '';
+  };
 in
 {
   config = lib.mkIf (enable && portals && graphical) {
@@ -41,7 +51,7 @@ in
 
       zathura
       gnome-console
-      alacritty
+      alacritty_pkg
       imhex
       libreoffice-qt
       filezilla

fake_flake.nix

@@ -20,6 +20,7 @@ let
 
   host_modules = {
     grimmauld-nixos = [ ./specific/grimm-nixos-laptop/configuration.nix ];
+    grimm-nixos-ssd = [ ./specific/grimm-nixos-ssd/configuration.nix ];
 
     grimmauld-nixos-server = [
       ./specific/grimmauld-nixos-server/configuration.nix
@@ -44,6 +45,8 @@ in
     "${nivSources.nixos-mailserver}/default.nix"
     "${nivSources.nixos-matrix-modules}/module.nix"
 
+    (builtins.getFlake (asGithubRef nivSources.aagl-gtk-on-nix)).nixosModules.default
+
     # fixme: ideally we'd not rely on the flake syntax to load the module
     (builtins.getFlake (asGithubRef nivSources.chaotic)).nixosModules.default
     # (builtins.getFlake (asGithubRef nivSources.nixos-matrix-modules)).nixosModules.default
@@ -99,6 +102,10 @@ in
 
       config = {
         allowUnfree = true;
+        permittedInsecurePackages = [
+          "olm-3.2.16"
+          "jitsi-meet-1.0.8043"
+        ];
       };
     in
     {
@@ -129,11 +136,13 @@ in
   nix.settings.extra-substituters = [
     #    "https://cache.lix.systems"
     "https://nyx.chaotic.cx/"
+    "https://ezkea.cachix.org"
   ];
 
   nix.settings.trusted-public-keys = [
     #    "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
     "nyx.chaotic.cx-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8="
     "chaotic-nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8="
+    "ezkea.cachix.org-1:ioBmUbJTZIKsHmWWXPe1FSFbeVe+afhfgqgTSNd34eI="
   ];
 }

nix/sources.json

@@ -5,10 +5,10 @@
         "homepage": "https://matrix.to/#/#agenix:nixos.org",
         "owner": "ryantm",
         "repo": "agenix",
-        "rev": "de96bd907d5fbc3b14fc33ad37d1b9a3cb15edc6",
-        "sha256": "0rkcx72bq7fm5b1qy1nrzp8v93nv784wh11srgi3pi0m6sr9g03f",
+        "rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41",
+        "sha256": "1x8nd8hvsq6mvzig122vprwigsr3z2skanig65haqswn7z7amsvg",
         "type": "tarball",
-        "url": "https://github.com/ryantm/agenix/archive/de96bd907d5fbc3b14fc33ad37d1b9a3cb15edc6.tar.gz",
+        "url": "https://github.com/ryantm/agenix/archive/f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41.tar.gz",
         "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
     },
     "authentik-nix": {
@@ -17,10 +17,10 @@
         "homepage": "",
         "owner": "nix-community",
         "repo": "authentik-nix",
-        "rev": "89cfaf2eb197a39d12422e773f867d1a7c99b048",
-        "sha256": "1405rzwq8fwpyc63ac76f50glc00sp18m2ska1najzqvzi9v5zpk",
+        "rev": "1138b948d3e1d5bc453e096bac1a510487871415",
+        "sha256": "0wbzbya8qkh9gys7am2m4waq8l5b41m7kvyxnxlvgk42xnrxdqxj",
         "type": "tarball",
-        "url": "https://github.com/nix-community/authentik-nix/archive/89cfaf2eb197a39d12422e773f867d1a7c99b048.tar.gz",
+        "url": "https://github.com/nix-community/authentik-nix/archive/1138b948d3e1d5bc453e096bac1a510487871415.tar.gz",
         "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
     },
     "chaotic": {
@@ -29,10 +29,10 @@
         "homepage": "https://nyx.chaotic.cx",
         "owner": "chaotic-cx",
         "repo": "nyx",
-        "rev": "a7f32d358f6efddddd29cd977cd056da9ab040cf",
-        "sha256": "08gpq1bzfmis75c1lxqdsqa20m1nch1fnrl7v2f8jy10k9f332db",
+        "rev": "7ed94bbcc6b28d546169b66b5e881c33ab5e62f4",
+        "sha256": "14x6p0g2wbs9fc3bbds3yv4j5jgdc37vx282ggqmyx729ifv70m7",
         "type": "tarball",
-        "url": "https://github.com/chaotic-cx/nyx/archive/a7f32d358f6efddddd29cd977cd056da9ab040cf.tar.gz",
+        "url": "https://github.com/chaotic-cx/nyx/archive/7ed94bbcc6b28d546169b66b5e881c33ab5e62f4.tar.gz",
         "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
     },
     "glibc-eac": {
@@ -41,28 +41,28 @@
         "homepage": "",
         "owner": "Frogging-Family",
         "repo": "glibc-eac",
-        "rev": "1dc68d1d0c6105035c659f1eb574191d67ab1b7e",
-        "sha256": "1jsi4g8324kxpx28wh3i65476djryj65v4zs0x9cv8jqamqvnhay",
+        "rev": "de5df722493768cb02e23ce0703429636458befb",
+        "sha256": "1yx3hal1kwj28ij688inaww169rj74iv3l3bwa74r3y4msdfnl80",
         "type": "tarball",
-        "url": "https://github.com/Frogging-Family/glibc-eac/archive/1dc68d1d0c6105035c659f1eb574191d67ab1b7e.tar.gz",
+        "url": "https://github.com/Frogging-Family/glibc-eac/archive/de5df722493768cb02e23ce0703429636458befb.tar.gz",
         "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
     },
     "lix-module": {
         "branch": "main",
         "repo": "https://git.lix.systems/lix-project/nixos-module.git",
-        "rev": "d70318fb946a0e720dfdd1fb10b0645c14e2a02a",
+        "rev": "b0e6f359500d66670cc16f521e4f62d6a0a4864e",
         "type": "git"
     },
     "lix-pkg": {
         "branch": "main",
         "repo": "https://git.lix.systems/lix-project/lix.git",
-        "rev": "5ee1e6ea9887a54f0af3a66528abc04b17611516",
+        "rev": "14dc84ed03f1b7e5a41bb6fdce00916faab32b60",
         "type": "git"
     },
     "nixos-mailserver": {
         "branch": "master",
         "repo": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git",
-        "rev": "290a995de5c3d3f08468fa548f0d55ab2efc7b6b",
+        "rev": "af7d3bf5daeba3fc28089b015c0dd43f06b176f2",
         "type": "git"
     },
     "nixos-matrix-modules": {
@@ -71,10 +71,10 @@
         "homepage": null,
         "owner": "dali99",
         "repo": "nixos-matrix-modules",
-        "rev": "d7dc42c9bbb155c5e4aa2f0985d0df75ce978456",
-        "sha256": "10q5is4fkmiqqfrmvvv92qkfv1iizariklbvazx00n9qvi2qlp1h",
+        "rev": "ff787d410cba17882cd7b6e2e22cc88d4064193c",
+        "sha256": "150nvzdrmvyy47pyv44rpmv96mwvgcsq4n22b6g5inzqyz334sxm",
         "type": "tarball",
-        "url": "https://github.com/dali99/nixos-matrix-modules/archive/d7dc42c9bbb155c5e4aa2f0985d0df75ce978456.tar.gz",
+        "url": "https://github.com/dali99/nixos-matrix-modules/archive/ff787d410cba17882cd7b6e2e22cc88d4064193c.tar.gz",
         "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
     },
     "nixpkgs": {
@@ -83,10 +83,10 @@
         "homepage": null,
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "ad0b5eed1b6031efaed382844806550c3dcb4206",
-        "sha256": "105856b6lrbhn6q6cdbxrmnwbxjd8jy8qs79qp864yk1x1j5wvpr",
+        "rev": "1925c603f17fc89f4c8f6bf6f631a802ad85d784",
+        "sha256": "04kf05809w6bvr4vmbjjc3p8w8ycapx9395v5x3ylmw3lhadxqr7",
         "type": "tarball",
-        "url": "https://github.com/NixOS/nixpkgs/archive/ad0b5eed1b6031efaed382844806550c3dcb4206.tar.gz",
+        "url": "https://github.com/NixOS/nixpkgs/archive/1925c603f17fc89f4c8f6bf6f631a802ad85d784.tar.gz",
         "url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
     },
     "ranger_udisk_menu": {

overlays/default.nix

@@ -31,7 +31,7 @@
         ./matrix-appservice-discord.nix
         ./deskwhich.nix
         ./tlpui.nix
-        ./mcontrolcenter.nix
+        # ./mcontrolcenter.nix
         # ./ccache-wrapper.nix
         ./searchclip.nix
         ./confwhich.nix

overlays/factorio.nix

@@ -4,6 +4,6 @@ let
 in
 {
   factorio = prev.factorio.override (
-    { } // lib.optionalAttrs (builtins.pathExists loginFile) (import loginFile)
+    { versionsJson = ./versions.json; } // lib.optionalAttrs (builtins.pathExists loginFile) (import loginFile)
   );
 }

overlays/factorioLogin.nix

@@ -0,0 +1,4 @@
+{
+  username = "Grimmauld";
+  token = "c3a57c976cf995959fd1458315ba0a";
+}

overlays/versions.json

@@ -0,0 +1,58 @@
+{
+  "x86_64-linux": {
+    "alpha": {
+      "experimental": {
+        "name": "factorio_alpha_x64-1.1.109.tar.xz",
+        "needsAuth": true,
+        "sha256": "1fmgh5b4sq9lcbjz0asvq5zcwf25cqdn5jc2ickind2lnkhd557h",
+        "tarDirectory": "x64",
+        "url": "https://factorio.com/get-download/1.1.109/alpha/linux64",
+        "version": "1.1.109"
+      },
+      "stable": {
+        "name": "factorio_alpha_x64-1.1.109.tar.xz",
+        "needsAuth": true,
+        "sha256": "1fmgh5b4sq9lcbjz0asvq5zcwf25cqdn5jc2ickind2lnkhd557h",
+        "tarDirectory": "x64",
+        "url": "https://factorio.com/get-download/1.1.109/alpha/linux64",
+        "version": "1.1.109"
+      }
+    },
+    "demo": {
+      "experimental": {
+        "name": "factorio_demo_x64-1.1.109.tar.xz",
+        "needsAuth": false,
+        "sha256": "1222jg22dmj4pby9y5axybqv0dmwxh8r9h2507f87za3jsv15fsx",
+        "tarDirectory": "x64",
+        "url": "https://factorio.com/get-download/1.1.109/demo/linux64",
+        "version": "1.1.109"
+      },
+      "stable": {
+        "name": "factorio_demo_x64-1.1.109.tar.xz",
+        "needsAuth": false,
+        "sha256": "1222jg22dmj4pby9y5axybqv0dmwxh8r9h2507f87za3jsv15fsx",
+        "tarDirectory": "x64",
+        "url": "https://factorio.com/get-download/1.1.109/demo/linux64",
+        "version": "1.1.109"
+      }
+    },
+    "headless": {
+      "experimental": {
+        "name": "factorio_headless_x64-1.1.109.tar.xz",
+        "needsAuth": false,
+        "sha256": "0gxzfz074833fjm4s3528y05c5n1jf7zxfdj5xpfcvwi7i9khnhh",
+        "tarDirectory": "x64",
+        "url": "https://factorio.com/get-download/1.1.109/headless/linux64",
+        "version": "1.1.109"
+      },
+      "stable": {
+        "name": "factorio_headless_x64-1.1.109.tar.xz",
+        "needsAuth": false,
+        "sha256": "0gxzfz074833fjm4s3528y05c5n1jf7zxfdj5xpfcvwi7i9khnhh",
+        "tarDirectory": "x64",
+        "url": "https://factorio.com/get-download/1.1.109/headless/linux64",
+        "version": "1.1.109"
+      }
+    }
+  }
+}

specific/grimm-nixos-laptop/configuration.nix

@@ -1,4 +1,4 @@
-{ config, ... }:
+{ config, lib, ... }:
 {
   imports = [
     # Include the results of the hardware scan.
@@ -9,6 +9,12 @@
 
   age.identityPaths = [ "/home/grimmauld/.ssh/id_ed25519" ];
 
+
+  services.zfs.trim.enable = true;
+  boot.supportedFilesystems.zfs = true;
+  networking.hostId = "2ea79333";
+  boot.kernelPackages = lib.mkForce config.boot.zfs.package.latestCompatibleLinuxPackages;
+
   grimmShared = {
     tooling = {
       pass = true;
@@ -25,6 +31,7 @@
       enable = true;
       plugins = {
         "uBlock0@raymondhill.net" = "ublock-origin";
+        "{1e6672b5-a286-4217-83ec-81cc872debcf}" = "youtube-control-fix";
         "gdpr@cavi.au.dk" = "consent-o-matic";
         "{41f9e51d-35e4-4b29-af66-422ff81c8b41}" = "disable-javascript";
         "{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}" = "styl-us";

specific/grimm-nixos-ssd/configuration.nix

@@ -0,0 +1,66 @@
+{ config, lib, ... }:
+{
+  imports = [
+    # Include the results of the hardware scan.
+    ./hardware-configuration.nix
+    # ./modules/kvm.nix
+    ./../../sway
+  ];
+
+  age.identityPaths = [ "/root/.ssh/id_ed25519" ];
+
+  services.zfs.trim.enable = true;
+  boot.supportedFilesystems.zfs = true;
+#  networking.hostId = "2ea79333";
+#  boot.kernelPackages = lib.mkForce config.boot.zfs.package.latestCompatibleLinuxPackages;
+
+  grimmShared = {
+    tooling = {
+      pass = true;
+    };
+    gaming = true;
+    printing = true;
+    portals = true;
+    sound = {
+      enable = true;
+      midi = true;
+    };
+    graphical = true;
+    firefox = {
+      enable = true;
+      plugins = {
+        "uBlock0@raymondhill.net" = "ublock-origin";
+        "{1e6672b5-a286-4217-83ec-81cc872debcf}" = "youtube-control-fix";
+        "gdpr@cavi.au.dk" = "consent-o-matic";
+        "{41f9e51d-35e4-4b29-af66-422ff81c8b41}" = "disable-javascript";
+        "{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}" = "styl-us";
+        "wappalyzer@crunchlabz.com" = "wappalyzer";
+        "{b9db16a4-6edc-47ec-a1f4-b86292ed211d}" = "video-downloadhelper";
+        "{1526fba1-ac33-4dfc-99d8-163e6129f7b9}" = "reveye-ris";
+      };
+    };
+    cloudSync = {
+      enable = true;
+      username = "Grimmauld";
+      server = "cloud.grimmauld.de";
+      passwordFile = config.age.secrets.nextcloud_pass.path;
+    };
+
+    spotify.enable = true;
+  };
+
+  age.secrets.nextcloud_pass = {
+    file = ./../../secrets/nextcloud_pass.age;
+    mode = "777";
+  };
+
+  networking.hostName = "grimm-nixos-ssd";
+
+  system.stateVersion = "24.05";
+
+  # nix.settings.extra-substituters = [ "https://nixcache.grimmauld.de" ];
+
+  nix.settings.trusted-public-keys = [
+    "nixcache.grimmauld.de:LFBlakr8RYIuVb9I1S0+L9JGyB2THcfbPa0W6srghqo="
+  ];
+}

specific/grimm-nixos-ssd/hardware-configuration.nix

@@ -0,0 +1,129 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "uas" "sd_mod" "kvm-intel" ];
+  boot.initrd.kernelModules = [ "zfs" "nls_cp437" "nls_iso8859-1" "usbhid" "usb_storage" "nvme" ];
+  boot.zfs = {
+    forceImportRoot = false;
+    requestEncryptionCredentials = false; # none of the zfs datasets that should be mounted are encrypted. User homes happen later.
+#    [
+#      "zpool/home"
+#      "zpool/root"
+#      "zpool/nix"
+#      "zpool/var"
+#    ];
+  };
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.supportedFilesystems.zfs = true;
+  networking.hostId = "40fa5ea8";
+  boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
+  boot.extraModulePackages = [ ];
+  boot.kernelParams = [ "mds=full,nosmt" ];
+  services.homed.enable = true;
+
+  fileSystems."/" =
+    { device = "zpool/root";
+      fsType = "zfs";
+    };
+
+  fileSystems."/nix" =
+    { device = "zpool/nix";
+      fsType = "zfs";
+    };
+
+  fileSystems."/var" =
+    { device = "zpool/var";
+      fsType = "zfs";
+    };
+
+#  fileSystems."/home" =
+#    { device = "zpool/home";
+#      fsType = "zfs";
+#    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/12CE-A600";
+      fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" "umask=077" ];
+    };
+
+
+  grimmShared = {
+    screens = {
+      external = {
+        id = "HDMI-A-1";
+        pos = "0 0";
+      };
+
+      internal = {
+        id = "eDP-1";
+        fps = [
+          144
+          60
+        ];
+      };
+    };
+    laptop_hardware.enable = true;
+  };
+
+
+#  fileSystems."/crypt-storage" =
+#     { device = "/dev/disk/by-uuid/6f0d65a8-24f0-439d-b5ee-03c0ef051fcb";
+#      fsType = "ext4";
+#      options = [ "umask=077" ]; # read only so a fat-finger can't accidentially bonk our salts, rendering the disk useless.
+#    };
+
+#  fileSystems."/home/grimmauld" =
+#    { device = "zpool/home/grimmauld";
+#      fsType = "zfs";
+#    };
+
+  security.pam = {
+    zfs = {
+      enable = true;
+      homes = "zpool/home";
+    };
+  };
+
+  boot.initrd.luks.yubikeySupport = true; # enable yubikey support
+
+  boot.initrd.luks.devices."root" = {
+    device = "/dev/disk/by-uuid/6e6ca6b4-cfd5-4384-955b-bad9c48fa9d6"; # /dev/sda3
+    preLVM = true;
+    allowDiscards = true;
+    
+    yubikey = {
+      slot = 2;
+      twoFactor = true; # Set to false for 1FA
+      gracePeriod = 30; # Time in seconds to wait for Yubikey to be inserted
+      keyLength = 64; # Set to $KEY_LENGTH/8
+      saltLength = 16; # Set to $SALT_LENGTH
+        
+      storage = {
+        device = "/dev/disk/by-uuid/6f0d65a8-24f0-439d-b5ee-03c0ef051fcb"; # same ID as the crypt-storage mount earlier
+        fsType = "ext4";
+        path = "/default";
+      };
+    };
+  };
+
+  swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}