From 81847253a0312df2b90f5fc3917a07fc9c504700 Mon Sep 17 00:00:00 2001
From: Joseph Hanson <joe@veri.dev>
Date: Sun, 1 Sep 2024 16:39:07 -0500
Subject: [PATCH] add incus

---
 flake.nix                                     |  6 ++-
 nixos/home/jahanson/workstation.nix           |  3 +-
 nixos/hosts/gandalf/default.nix               | 38 ++++++++++++++++---
 .../nixos/containers/unifi/default.nix        | 11 ++++--
 nixos/modules/nixos/system/default.nix        |  1 +
 nixos/profiles/role-dev.nix                   |  1 -
 6 files changed, 49 insertions(+), 11 deletions(-)

diff --git a/flake.nix b/flake.nix
index a680f08..cb622a5 100644
--- a/flake.nix
+++ b/flake.nix
@@ -83,10 +83,12 @@
     ghostty = {
       url = "git+ssh://git@github.com/ghostty-org/ghostty";
     };
+
+    vscode-server.url = "github:nix-community/nixos-vscode-server";
   };
 
   outputs =
-    { self, nixpkgs, sops-nix, home-manager, nix-vscode-extensions, impermanence, disko, talhelper, lix-module, ghostty, ... } @ inputs:
+    { self, nixpkgs, sops-nix, home-manager, nix-vscode-extensions, impermanence, disko, talhelper, lix-module, ghostty, vscode-server, ... } @ inputs:
     let
       forAllSystems = nixpkgs.lib.genAttrs [
         "aarch64-linux"
@@ -251,6 +253,8 @@
               ./nixos/profiles/hw-supermicro.nix
             ];
             profileModules = [
+              vscode-server.nixosModules.default
+              ./nixos/profiles/role-dev.nix
               ./nixos/profiles/role-server.nix
               { home-manager.users.jahanson = ./nixos/home/jahanson/server.nix; }
             ];
diff --git a/nixos/home/jahanson/workstation.nix b/nixos/home/jahanson/workstation.nix
index 8a636a3..2ab1cc3 100644
--- a/nixos/home/jahanson/workstation.nix
+++ b/nixos/home/jahanson/workstation.nix
@@ -1,4 +1,4 @@
-{ pkgs, config, ... }:
+{ pkgs, config, inputs, ... }:
 with config;
 {
   imports = [
@@ -40,6 +40,7 @@ with config;
         unstable.peazip
         unstable.telegram-desktop
         unstable.tidal-hifi
+        inputs.ghostty.packages.${pkgs.system}.default
         vlc
 
         # cli
diff --git a/nixos/hosts/gandalf/default.nix b/nixos/hosts/gandalf/default.nix
index e4d64e2..30365e6 100644
--- a/nixos/hosts/gandalf/default.nix
+++ b/nixos/hosts/gandalf/default.nix
@@ -31,6 +31,30 @@ in
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBROTzSefJGJeCNUgNLbE5l4sHHg2fHUO4sCwqvP+zAd root@Gollum"
   ];
 
+  # VSCode Compatibility Settings
+  programs.nix-ld.enable = true;
+  services.vscode-server = {
+    enable = true;
+  };
+
+  # Home Manager
+  home-manager.users.jahanson = {
+    # Git settings
+    # TODO: Move to config module.
+    programs.git = {
+      enable = true;
+      userName = "Joseph Hanson";
+      userEmail = "joe@veri.dev";
+
+      extraConfig = {
+        core.autocrlf = "input";
+        init.defaultBranch = "main";
+        pull.rebase = true;
+        rebase.autoStash = true;
+      };
+    };
+  };
+
   # Network settings
   networking = {
     hostName = "gandalf";
@@ -45,11 +69,11 @@ in
     };
 
     # For VMs
-    bridges = {
-      "br0" = {
-        interfaces = [ "enp130s0f1" ];
-      };
-    };
+    # bridges = {
+    #   "br0" = {
+    #     interfaces = [ "enp130s0f1" ];
+    #   };
+    # };
   };
 
   swapDevices = [ ];
@@ -82,6 +106,10 @@ in
     purpose = "Production";
     system = {
       motd.networkInterfaces = [ "enp130s0f0" "enp130s0f1" ];
+      # Incus
+      incus = {
+        enable = true;
+      };
       # ZFS
       zfs.enable = true;
       zfs.mountPoolsAtBoot = [ "eru" ];
diff --git a/nixos/modules/nixos/containers/unifi/default.nix b/nixos/modules/nixos/containers/unifi/default.nix
index 6be1a99..5175610 100644
--- a/nixos/modules/nixos/containers/unifi/default.nix
+++ b/nixos/modules/nixos/containers/unifi/default.nix
@@ -14,9 +14,14 @@ in
   };
 
   config = mkIf cfg.enable {
-    networking.firewall.interfaces.podman0 = {
-      allowedTCPPorts = [ 8080 8443 8880 8843 ];
-      allowedUDPPorts = [ 3478 ];
+    networking.firewall.interfaces = {
+      enp130s0f0 = {
+        allowedTCPPorts = [ 8443 ];
+      };
+      podman0 = {
+        allowedTCPPorts = [ 8080 8443 8880 8843 ];
+        allowedUDPPorts = [ 3478 ];
+      };
     };
     virtualisation.oci-containers.containers.${app} = {
       image = "ghcr.io/goofball222/unifi:${version}";
diff --git a/nixos/modules/nixos/system/default.nix b/nixos/modules/nixos/system/default.nix
index a3c5cf9..4044571 100644
--- a/nixos/modules/nixos/system/default.nix
+++ b/nixos/modules/nixos/system/default.nix
@@ -3,6 +3,7 @@
     ./borg
     ./fingerprint-laptop-lid.nix
     ./impermanence.nix
+    ./incus
     ./motd
     ./nfs
     ./nix.nix
diff --git a/nixos/profiles/role-dev.nix b/nixos/profiles/role-dev.nix
index 298faa2..eaed197 100644
--- a/nixos/profiles/role-dev.nix
+++ b/nixos/profiles/role-dev.nix
@@ -24,7 +24,6 @@ with config;
     # bind # for dns utils like named-checkconf
     inputs.nix-inspect.packages.${pkgs.system}.default
     inputs.talhelper.packages.${pkgs.system}.default
-    inputs.ghostty.packages.${pkgs.system}.default
   ];
 
   programs.direnv = {