add sigma

flake.nix

@@ -74,6 +74,12 @@
         specialArgs = inputs; # pass flake inputs to modules
         modules = [./hosts/alpha];
       };
+      # Home Server
+      sigma = nixpkgs.lib.nixosSystem {
+        system = "aarch64-linux";
+        specialArgs = inputs; # pass flake inputs to modules
+        modules = [./hosts/sigma];
+      };
       # Tor relay
       tor = nixpkgs.lib.nixosSystem {
         system = "x86_64-linux";

hosts/sigma/default.nix

@@ -0,0 +1,37 @@
+{...}: {
+  imports = [
+    ../../overlays
+    ../../modules/base
+    ../../modules/server
+    ./hardware.nix
+    #./borg.nix
+    #./network.nix
+  ];
+
+  networking.hostName = "sigma";
+
+  boot = {
+    loader = {
+      efi.canTouchEfiVariables = true;
+      systemd-boot.enable = true;
+    };
+    initrd.luks.devices.crypted.device = "/dev/disk/by-label/crypted";
+  };
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It's perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "23.11"; # Did you read the comment?
+
+  # This value determines the Home Manager release that your
+  # configuration is compatible with. This helps avoid breakage
+  # when a new Home Manager release introduces backwards
+  # incompatible changes.
+  # You can update Home Manager without changing this value. See
+  # the Home Manager release notes for a list of state version
+  # changes in each release.
+  home-manager.users.caspervk.home.stateVersion = "23.11"; # Did you read the comment?
+}

hosts/sigma/hardware.nix

@@ -0,0 +1,51 @@
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  nixos-hardware,
+  ...
+}: {
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+    nixos-hardware.nixosModules.common-cpu-amd
+    nixos-hardware.nixosModules.common-cpu-amd-pstate
+    #nixos-hardware.nixosModules.common-gpu-amd
+    nixos-hardware.nixosModules.common-pc
+    nixos-hardware.nixosModules.common-pc-ssd
+  ];
+
+  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = ["dm-snapshot"];
+  boot.kernelModules = ["kvm-amd"];
+  boot.extraModulePackages = [];
+  boot.supportedFilesystems = [];
+
+  # https://elis.nu/blog/2020/05/nixos-tmpfs-as-root/
+  fileSystems."/" = {
+    device = "none";
+    fsType = "tmpfs";
+    options = ["defaults" "size=2G" "mode=755"]; # mode=755 so only root can write to those files
+  };
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-label/BOOT";
+    fsType = "vfat";
+  };
+  fileSystems."/nix" = {
+    device = "/dev/disk/by-label/nix";
+    neededForBoot = true;
+    fsType = "ext4";
+  };
+
+  swapDevices = [
+    {
+      device = "/nix/persist/swapfile";
+      size = 16 * 1024; # 16 GiB
+    }
+  ];
+
+  # Enables DHCP on all ethernet and wireless LAN interfaces.
+  networking.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}