From 40fd476f0b937c37d7e649b3646f430f133a3055 Mon Sep 17 00:00:00 2001
From: Stefan Junker <mail@stefanjunker.de>
Date: Mon, 5 Nov 2018 00:05:45 +0100
Subject: [PATCH] nix/os/devices: add steveej-t480s-work

---
 .../steveej-t480s-work/configuration.nix      | 12 +++++
 nix/os/devices/steveej-t480s-work/hw.nix      | 24 +++++++++
 nix/os/devices/steveej-t480s-work/system.nix  | 49 +++++++++++++++++++
 3 files changed, 85 insertions(+)
 create mode 100644 nix/os/devices/steveej-t480s-work/configuration.nix
 create mode 100644 nix/os/devices/steveej-t480s-work/hw.nix
 create mode 100644 nix/os/devices/steveej-t480s-work/system.nix

diff --git a/nix/os/devices/steveej-t480s-work/configuration.nix b/nix/os/devices/steveej-t480s-work/configuration.nix
new file mode 100644
index 0000000..913e25e
--- /dev/null
+++ b/nix/os/devices/steveej-t480s-work/configuration.nix
@@ -0,0 +1,12 @@
+{ ... }:
+
+{
+  imports = [
+    ../../profiles/common/configuration.nix
+    ../../profiles/graphical/configuration.nix
+    ../../modules/encryptedDisk.nix
+
+    ./system.nix
+    ./hw.nix
+  ];
+}
diff --git a/nix/os/devices/steveej-t480s-work/hw.nix b/nix/os/devices/steveej-t480s-work/hw.nix
new file mode 100644
index 0000000..074a132
--- /dev/null
+++ b/nix/os/devices/steveej-t480s-work/hw.nix
@@ -0,0 +1,24 @@
+{ ... }:
+
+{
+  # TASK: new device
+  hardware.encryptedDisk = {
+    enable = true;
+    diskId = "nvme-SAMSUNG_MZVLW256HEHP-000L7_S35ENX0K827498";
+  };
+
+  nix.maxJobs = 3;
+  nix.buildCores = 3;
+
+  hardware.enableAllFirmware = true;
+  hardware.trackpoint.emulateWheel = true;
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModprobeConfig = ''
+    options kvm-intel nested=1
+    options kvm-intel enable_shadow_vmcs=1
+    options kvm-intel enable_apicv=1
+    options kvm-intel ept=1
+  '';
+}
diff --git a/nix/os/devices/steveej-t480s-work/system.nix b/nix/os/devices/steveej-t480s-work/system.nix
new file mode 100644
index 0000000..3c819b8
--- /dev/null
+++ b/nix/os/devices/steveej-t480s-work/system.nix
@@ -0,0 +1,49 @@
+{ pkgs
+, lib
+, ... }:
+
+{
+  # TASK: new device
+  networking.hostName = "steveej-t480s-work"; # Define your hostname.
+
+  # Used for testing local Tectonic clusters
+  environment.etc."NetworkManager/dnsmasq.d/tectonic.conf".text = ''
+    server=/tt.testing/192.168.124.1
+    server=/tectonic-ci.de/192.168.124.1
+    server=/tectonic-ci.lan/192.168.124.1
+  '';
+  networking.firewall.enable = lib.mkForce false;
+  networking.firewall.checkReversePath = false;
+
+  networking.bridges."virbr1".interfaces = [];
+  networking.interfaces."virbr1".ipv4.addresses = [
+      { address = "10.254.254.254"; prefixLength = 24; }
+  ];
+
+  services.printing = {
+    enable = true;
+    drivers = with pkgs; [
+      hplip
+      cups-kyodialog3
+      mfcj6510dwlpr
+      mfcj6510dw-cupswrapper
+    ];
+  };
+
+  services.fprintd.enable = true;
+  security.pam.services = {
+    login.fprintAuth = true;
+    sudo.fprintAuth = true;
+  };
+
+  # Kubernetes
+  # services.kubernetes.roles = ["master" "node"];
+
+  # virtualization
+  virtualisation = {
+    libvirtd.enable = true;
+    virtualbox.host.enable = true;
+    virtualbox.host.addNetworkInterface = true;
+    docker.enable = true;
+  };
+}