add rnix

Signed-off-by: Harald Hoyer <harald@hoyer.xyz>

flake.lock

@@ -403,11 +403,11 @@
     "homebrew-cask": {
       "flake": false,
       "locked": {
-        "lastModified": 1755167362,
-        "narHash": "sha256-fYoBQDup79dJbZxDqPiqS7h2xUI44j6rHatGMs1VXI0=",
+        "lastModified": 1755176765,
+        "narHash": "sha256-jOBxOiAkYxF1B4kcB2Bb0yK7T0Rhi8TZH+uE9/1cZLc=",
         "owner": "homebrew",
         "repo": "homebrew-cask",
-        "rev": "438f89ffde65f1abed39f98b5d703b0190b448b3",
+        "rev": "ccd9fd14dc4b5615a027c5b342381939d2a47531",
         "type": "github"
       },
       "original": {
@@ -419,11 +419,11 @@
     "homebrew-core": {
       "flake": false,
       "locked": {
-        "lastModified": 1755165895,
-        "narHash": "sha256-kW2jyHGjTPuHq17wRS4kWeV299h5cGhJvf/6hz2pBt4=",
+        "lastModified": 1755174160,
+        "narHash": "sha256-0aZ2c++eF2HkGLcu4HtmjokzEhskbH5b23ENUWUVTcg=",
         "owner": "homebrew",
         "repo": "homebrew-core",
-        "rev": "1f36d9191be4078683652edbd2bb7f89c5dcdc54",
+        "rev": "fe9a06826f4e7b88f4856488fe7fc172e5e61d34",
         "type": "github"
       },
       "original": {

homes/aarch64-linux/harald@rnix/default.nix

@@ -0,0 +1,61 @@
+{ lib, config, ... }:
+{
+  home.sessionPath = [ "$HOME/bin" ];
+
+  metacfg = {
+    user = {
+      enable = true;
+      name = config.snowfallorg.user.name;
+    };
+    cli-apps = {
+      bash.enable = true;
+      fish.enable = true;
+      neovim.enable = false;
+      bat.enable = true;
+      starship.enable = true;
+      home-manager.enable = true;
+    };
+    tools = {
+      git.enable = true;
+    };
+  };
+
+  fonts.fontconfig.enable = true;
+
+  dconf.settings = {
+    # ...
+    "org/gnome/shell" = {
+      disable-user-extensions = false;
+
+      # `gnome-extensions list` for a list
+      enabled-extensions = [
+        "Vitals@CoreCoding.com"
+        "appindicatorsupport@rgcjonas.gmail.com"
+        "dash-to-panel@jderose9.github.com"
+        "hibernate-status@dromi"
+        "autohide-battery@sitnik.ru"
+      ];
+
+      favorite-apps = [
+        "org.gnome.Console.desktop"
+        "jetbrains-toolbox.desktop"
+        "org.mozilla.firefox.desktop"
+        "firefox.desktop"
+        "thunderbird.desktop"
+        "org.mozilla.Thunderbird.desktop"
+        "slack.desktop"
+        "keybase.desktop"
+        "spotify.desktop"
+        "org.gnome.Nautilus.desktop"
+        "virt-manager.desktop"
+      ];
+    };
+    "org/virt-manager/virt-manager/connections" = {
+      autoconnect = [ "qemu:///system" ];
+      uris = [ "qemu:///system" ];
+    };
+  };
+
+  xdg.enable = true;
+  xdg.mime.enable = true;
+}

systems/aarch64-linux/rnix/default.nix

@@ -0,0 +1,84 @@
+{ pkgs, lib, ... }:
+with lib;
+with lib.metacfg;
+{
+  imports = [
+    ./hardware-configuration.nix
+  ];
+
+  services.spice-autorandr.enable = true;
+  services.spice-vdagentd.enable = true;
+
+  metacfg = {
+    base.enable = true;
+    gui.enable = true;
+    nix-ld.enable = true;
+    nix.enable = true;
+    podman.enable = true;
+    secureboot.enable = false;
+
+    system = {
+      limits = {
+        enable = true;
+        nofileLimit = 32768;
+        memlockLimit = 32768;
+      };
+    };
+
+    tools = {
+      direnv.enable = true;
+    };
+    user.extraGroups = [
+      "docker"
+      "dialout"
+    ];
+  };
+
+  services.xrdp.enable = true;
+  services.xrdp.defaultWindowManager = "${pkgs.gnome-session}/bin/gnome-session";
+  services.xrdp.openFirewall = true;
+
+  # Disable the GNOME3/GDM auto-suspend feature that cannot be disabled in GUI!
+  # If no user is logged in, the machine will power down after 20 minutes.
+  systemd.targets.sleep.enable = false;
+  systemd.targets.suspend.enable = false;
+  systemd.targets.hibernate.enable = false;
+  systemd.targets.hybrid-sleep.enable = false;
+
+  environment.systemPackages = with pkgs; [
+    azure-cli
+    desktop-file-utils
+    kubectl
+    kubectx
+    k9s
+    attic-client
+    piper
+    gnome-remote-desktop
+    nodejs
+  ];
+
+  security.tpm2.enable = false;
+  security.tpm2.abrmd.enable = false;
+
+  services.ratbagd.enable = true;
+
+  services.resolved.enable = true;
+  #services.resolved.dnssec = "allow-downgrade";
+  services.resolved.extraConfig = ''
+    ResolveUnicastSingleLabel=yes
+  '';
+
+  virtualisation = {
+    docker.enable = true;
+    podman.dockerCompat = false;
+    libvirtd.enable = false;
+  };
+
+  system.autoUpgrade = {
+    enable = true;
+    operation = "boot";
+    allowReboot = false;
+  };
+
+  system.stateVersion = "23.11";
+}

systems/aarch64-linux/rnix/hardware-configuration.nix

@@ -0,0 +1,37 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports = [ ];
+
+  boot.initrd.availableKernelModules = [ "virtio_pci" "xhci_pci" "usbhid" "usb_storage" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/3d6d27a9-1840-45cb-8f6f-88958f8e2f4d";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/0313-3BFB";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/4bfc9e4e-0878-4fd3-878f-950fb4ba6ae8"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp0s1.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
+}