add yoga

flake.nix

@@ -21,6 +21,34 @@
           modules = [ (./. + "/nixos/boxes/${hostname}") ];
           specialArgs = { inherit inputs; };
         };
+       mkKiosk = pkgs: system: hostname:
+        pkgs.lib.nixosSystem {
+          inherit system;
+          modules = [
+            (./. + "/nixos/boxes/${hostname}")
+
+            sops.nixosModules.sops
+
+            home-manager.nixosModules.home-manager
+            {
+              home-manager.useGlobalPkgs = true;
+              home-manager.useUserPackages = true;
+              home-manager.users.cyryl = {
+                imports =
+[ ./nixos/home-manager ./nixos/home-manager/linux.nix ];
+                _module.args.inputs = inputs;
+              };
+            }
+
+          ];
+          specialArgs = {
+            inherit inputs system;
+            nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable {
+              inherit system;
+              config = { allowUnfree = true; };
+            };
+          };
+        };
       mkWorkstation = pkgs: system: hostname:
         pkgs.lib.nixosSystem {
           inherit system;
@@ -120,6 +148,7 @@
         bolty = mkServer nixpkgs-stable "x86_64-linux" "bolty";
         vultr1 = mkServer nixpkgs-stable "x86_64-linux" "vultr1";
         vpsfree1 = mkServer nixpkgs-stable "x86_64-linux" "vpsfree1";
+        yoga = mkKiosk nixpkgs-stable "x86_64-linux" "yoga";
         homescreen = mkRaspi nixpkgs-stable "homescreen";
 
         bootstrap = nixpkgs-stable.lib.nixosSystem rec {

nixos/boxes/yoga/default.nix

@@ -0,0 +1,79 @@
+{ config, pkgs, inputs, lib, nixpkgs-nixos-unstable-and-unfree, ... }: {
+  networking.hostName = "yoga";
+
+  imports = [ ./hardware-configuration.nix ../../boot.nix ../../git ];
+
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+
+  hardware.trackpoint.enable = true;
+  services.hardware.bolt.enable = true;
+
+  services.fprintd = { enable = true; };
+
+  home-manager.users.cyryl = { ... }: {
+    home.packages = with pkgs; [ firefox vim gnome3.gedit git ];
+  };
+
+  networking.networkmanager.enable = true;
+
+  time.timeZone = "Europe/London";
+
+  i18n.defaultLocale = "en_GB.utf8";
+
+  services.xserver.enable = true;
+
+  services.xserver.displayManager.gdm.enable = true;
+  services.xserver.desktopManager.gnome.enable = true;
+
+  services.xserver = {
+    layout = "pl";
+    xkbVariant = "";
+  };
+
+  console.keyMap = "pl2";
+
+  services.printing.enable = true;
+
+  sound.enable = true;
+  hardware.pulseaudio.enable = false;
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+  };
+  services.xserver.libinput.enable = true;
+
+  users.users.cyryl = {
+    isNormalUser = true;
+    description = "cyryl";
+    extraGroups = [ "networkmanager" "wheel" ];
+    packages = with pkgs;
+      [
+
+      ];
+  };
+
+  services.fwupd.enable = true;
+
+  services.xserver.displayManager.autoLogin.enable = true;
+  services.xserver.displayManager.autoLogin.user = "cyryl";
+
+  # Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229
+  systemd.services."getty@tty1".enable = false;
+  systemd.services."autovt@tty1".enable = false;
+
+  nix = {
+    autoOptimiseStore = true;
+    gc.automatic = true;
+    optimise.automatic = true;
+    package = pkgs.nixUnstable;
+    extraOptions = ''
+      experimental-features = nix-command flakes
+    '';
+  };
+
+  system = { stateVersion = "22.05"; };
+
+}

nixos/boxes/yoga/hardware-configuration.nix

@@ -0,0 +1,44 @@
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports = [ ];
+
+  boot.initrd.availableKernelModules =
+    [ "xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+  boot.loader.efi.efiSysMountPoint = "/boot/efi";
+
+  boot.initrd.secrets = { "/crypto_keyfile.bin" = null; };
+
+  boot.initrd.luks.devices."luks-e6cb9de6-a571-4462-ba9e-6f8dafdd3d21".device =
+    "/dev/disk/by-uuid/e6cb9de6-a571-4462-ba9e-6f8dafdd3d21";
+  boot.initrd.luks.devices."luks-e6cb9de6-a571-4462-ba9e-6f8dafdd3d21".keyFile =
+    "/crypto_keyfile.bin";
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/d19afedb-d03b-4a85-9ad7-d99d2ed057c5";
+    fsType = "ext4";
+  };
+
+  boot.initrd.luks.devices."luks-10f9ad25-cff6-4a5c-ae92-4847e1374b2d".device =
+    "/dev/disk/by-uuid/10f9ad25-cff6-4a5c-ae92-4847e1374b2d";
+
+  fileSystems."/boot/efi" = {
+    device = "/dev/disk/by-uuid/5A4D-EDA3";
+    fsType = "vfat";
+  };
+
+  swapDevices =
+    [{ device = "/dev/disk/by-uuid/5c9ab30b-9128-4c31-b392-785e7acbc0d2"; }];
+
+  networking.useDHCP = lib.mkDefault true;
+
+  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+  hardware.cpu.intel.updateMicrocode =
+    lib.mkDefault config.hardware.enableRedistributableFirmware;
+}