add rnix

Signed-off-by: Harald Hoyer <harald@hoyer.xyz>

systems/aarch64-linux/rnix/default.nix

@@ -0,0 +1,84 @@
+{ pkgs, lib, ... }:
+with lib;
+with lib.metacfg;
+{
+  imports = [
+    ./hardware-configuration.nix
+  ];
+
+  services.spice-autorandr.enable = true;
+  services.spice-vdagentd.enable = true;
+
+  metacfg = {
+    base.enable = true;
+    gui.enable = true;
+    nix-ld.enable = true;
+    nix.enable = true;
+    podman.enable = true;
+    secureboot.enable = false;
+
+    system = {
+      limits = {
+        enable = true;
+        nofileLimit = 32768;
+        memlockLimit = 32768;
+      };
+    };
+
+    tools = {
+      direnv.enable = true;
+    };
+    user.extraGroups = [
+      "docker"
+      "dialout"
+    ];
+  };
+
+  services.xrdp.enable = true;
+  services.xrdp.defaultWindowManager = "${pkgs.gnome-session}/bin/gnome-session";
+  services.xrdp.openFirewall = true;
+
+  # Disable the GNOME3/GDM auto-suspend feature that cannot be disabled in GUI!
+  # If no user is logged in, the machine will power down after 20 minutes.
+  systemd.targets.sleep.enable = false;
+  systemd.targets.suspend.enable = false;
+  systemd.targets.hibernate.enable = false;
+  systemd.targets.hybrid-sleep.enable = false;
+
+  environment.systemPackages = with pkgs; [
+    azure-cli
+    desktop-file-utils
+    kubectl
+    kubectx
+    k9s
+    attic-client
+    piper
+    gnome-remote-desktop
+    nodejs
+  ];
+
+  security.tpm2.enable = false;
+  security.tpm2.abrmd.enable = false;
+
+  services.ratbagd.enable = true;
+
+  services.resolved.enable = true;
+  #services.resolved.dnssec = "allow-downgrade";
+  services.resolved.extraConfig = ''
+    ResolveUnicastSingleLabel=yes
+  '';
+
+  virtualisation = {
+    docker.enable = true;
+    podman.dockerCompat = false;
+    libvirtd.enable = false;
+  };
+
+  system.autoUpgrade = {
+    enable = true;
+    operation = "boot";
+    allowReboot = false;
+  };
+
+  system.stateVersion = "23.11";
+}