From 8b8c9cf585ed4292077f26f73bcd476381009165 Mon Sep 17 00:00:00 2001
From: foxora <foxora@noreply.tearforge.net>
Date: Sun, 15 Feb 2026 10:42:00 +0000
Subject: [PATCH] added lyra + moved stuff around :3

---
 hosts/arcturus/default.nix            | 115 ++++++++++++++------------
 hosts/lyra/default.nix                | 112 +++++++++++++++++++++++++
 hosts/lyra/hardware-configuration.nix |  33 ++++++++
 snow.nix                              |   9 ++
 4 files changed, 216 insertions(+), 53 deletions(-)
 create mode 100644 hosts/lyra/default.nix
 create mode 100644 hosts/lyra/hardware-configuration.nix

diff --git a/hosts/arcturus/default.nix b/hosts/arcturus/default.nix
index 44be041..cdbc104 100644
--- a/hosts/arcturus/default.nix
+++ b/hosts/arcturus/default.nix
@@ -6,15 +6,38 @@
 
   networking.hostName = "arcturus";
 
-  # Enable the Flakes feature and the accompaying new nix command-line tool
   nix.settings = {
     experimental-features = ["nix-command" "flakes"];
     download-buffer-size = 524288000;
     trusted-users = ["root" "@wheel"];
   };
 
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
+  time.timeZone = "Europe/London";
+  i18n.defaultLocale = "en_US.UTF-8";
+  console = {
+    font = "Lat2-Terminus16";
+    keyMap = "us";
+  };
+
+  boot = {
+    kernelPackages = pkgs.linuxPackages_latest;
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+  };
+
+  security = {
+    sudo = {
+      enable = true;
+      wheelNeedsPassword = true;
+    };
+
+    pam = {
+      sshAgentAuth.enable = true;
+      services.sudo.sshAgentAuth = true; # pam_ssh_agent_auth module
+    };
+  };
 
   networking = {
     useNetworkd = false;
@@ -35,15 +58,15 @@
     netdevs = {
       "10-bond0" = {
         netdevConfig = {
-	  Kind = "bond";
-	  Name = "bond0";
-	};
-	bondConfig = {
-	  Mode = "802.3ad";
-	  TransmitHashPolicy = "layer3+4";
-	  LACPTransmitRate = "fast";
-	  MIIMonitorSec = "100ms";
-	};
+          Kind = "bond";
+          Name = "bond0";
+        };
+        bondConfig = {
+          Mode = "802.3ad";
+          TransmitHashPolicy = "layer3+4";
+          LACPTransmitRate = "fast";
+          MIIMonitorSec = "100ms";
+        };
       };
     };
 
@@ -58,43 +81,16 @@
       };
       "40-bond0" = {
         matchConfig.Name = "bond0";
-	linkConfig = {
-	  RequiredForOnline = "carrier";
-	};
-	networkConfig.LinkLocalAddressing = "no";
-	networkConfig.DHCP = "yes";
-	vlan = [ "vlan1" ];
+        linkConfig = {
+          RequiredForOnline = "carrier";
+        };
+        networkConfig.LinkLocalAddressing = "no";
+        networkConfig.DHCP = "yes";
+        vlan = [ "vlan1" ];
       };
     };
   };
 
-  time.timeZone = "Europe/London";
-
-  i18n.defaultLocale = "en_US.UTF-8";
-  console = {
-    font = "Lat2-Terminus16";
-    keyMap = "us";
-  };
-
-  users.users.foxora = {
-    isNormalUser = true;
-    extraGroups = [ "wheel" ];
-
-    packages = with pkgs; [
-      tree
-    ];
-
-    openssh.authorizedKeys.keys = [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE7NLaT/J1S/lwFp0YRHN5oTGhFoDYd2yaRKKsBVpqIv aurora@nixarawrui"
-    ];
-  };
-
-  environment.systemPackages = with pkgs; [
-    git
-    neovim
-    wget
-  ];
-
   services = {
     openssh = {
       enable = true;
@@ -110,15 +106,28 @@
     };
   };
 
-  security = {
-    sudo = {
-      enable = true;
-      wheelNeedsPassword = true;
-    };
+  users.users.foxora = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" ];
 
-    pam = {
-      sshAgentAuth.enable = true;
-      services.sudo.sshAgentAuth = true; # pam_ssh_agent_auth module
+    packages = with pkgs; [
+      tree
+    ];
+
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE7NLaT/J1S/lwFp0YRHN5oTGhFoDYd2yaRKKsBVpqIv aurora@nixarawrui"
+    ];
+  };
+
+  environment = {
+    systemPackages = with pkgs; [
+      neovim
+      git
+      wget
+    ];
+
+    variables = {
+      EDITOR = "nvim";
     };
   };
 
diff --git a/hosts/lyra/default.nix b/hosts/lyra/default.nix
new file mode 100644
index 0000000..6f90f17
--- /dev/null
+++ b/hosts/lyra/default.nix
@@ -0,0 +1,112 @@
+{ config, lib, pkgs, ... }:
+{
+  imports = [
+    ./hardware-configuration.nix
+  ];
+
+  networking.hostName = "lyra";
+
+  nix.settings = {
+    experimental-features = ["nix-command" "flakes"];
+    download-buffer-size = 524288000;
+    trusted-users = ["root" "@wheel"];
+  };
+
+  time.timeZone = "Europe/London";
+  i18n.defaultLocale = "en_US.UTF-8";
+  console = {
+    font = "Lat2-Terminus16";
+    keyMap = "us";
+  };
+
+  boot = {
+    kernelPackages = pkgs.linuxPackages_latest;
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+  };
+
+  security = {
+    sudo = {
+      enable = true;
+      wheelNeedsPassword = true;
+    };
+
+    pam = {
+      sshAgentAuth.enable = true;
+      services.sudo.sshAgentAuth = true; # pam_ssh_agent_auth module
+    };
+  };
+
+  networking = {
+    networkmanager.enable = true;
+
+    firewall = {
+      allowedTCPPorts = [
+        2222
+      ];
+    };
+  };
+
+  services = {
+    openssh = {
+      enable = true;
+
+      ports = [2222];
+      settings = {
+        PasswordAuthentication = false;
+        PermitRootLogin = "no";
+        AllowUsers = ["foxora"];
+        UseDns = false; # enables rDNS lookup
+        X11Forwarding = false;
+      };
+    };
+  };
+
+  virtualisation.containers.enable = true;
+  virtualisation = {
+    podman = {
+      enable = true;
+      dockerCompat = true;
+      defaultNetwork.settings.dns_enabled = true;
+    };
+  };
+
+  users.users.foxora = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" ];
+
+    packages = with pkgs; [
+      tree
+    ];
+
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID4d6Pt4fFTP0/ZfesNL+MX+j/OqoMRBOh61gqHNWpnH aurora@nixarawrui"
+    ];
+  };
+
+  programs = {
+    nh = {
+      enable = true;
+      clean.enable = true;
+      clean.extraArgs = "--keep-since 14d --keep 8";
+      flake = "/etc/nixos";
+    };
+  };
+
+  environment = {
+    systemPackages = with pkgs; [
+      neovim
+      git
+      wget
+    ];
+
+    variables = {
+      EDITOR = "nvim";
+    };
+  };
+
+  system.stateVersion = "25.11";
+}
+
diff --git a/hosts/lyra/hardware-configuration.nix b/hosts/lyra/hardware-configuration.nix
new file mode 100644
index 0000000..6dbf2fa
--- /dev/null
+++ b/hosts/lyra/hardware-configuration.nix
@@ -0,0 +1,33 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "megaraid_sas" "usb_storage" "usbhid" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/1bc53888-6db8-46df-aa28-975b710c5de8";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/12CE-A600";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/60643004-6916-46b3-8655-66fdc28cf5ad"; }
+    ];
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
diff --git a/snow.nix b/snow.nix
index 8b9dcad..932b744 100644
--- a/snow.nix
+++ b/snow.nix
@@ -23,6 +23,15 @@ cerulean.mkNexus ./. (self: {
           user = "foxora";
         };
       };
+
+      lyra = {
+        system = "x86_64-linux";
+        deploy.ssh = {
+          host = "10.16.1.58";
+          port = 2222;
+          user = "foxora";
+        };
+      };
     };
   };
 })