{ description = "Black Start essential infrastructure for cloud operations"; nixConfig = { substituters = [ "https://nix-cache.dubyatp.xyz/duby" "https://cache.nixos.org/" ]; trusted-public-keys = [ "duby:IUVsFbQu499JOaHmUpi/mwhZEVQK7soFn7H6lD2/2T4=" "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" ]; }; inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11"; disko = { url = "github:nix-community/disko/v1.13.0"; inputs.nixpkgs.follows = "nixpkgs"; }; sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; }; outputs = { self, nixpkgs, disko, sops-nix, ... }: { nixosConfigurations = { weyma-bs = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ disko.nixosModules.disko { disko.devices.disk.main.device = "/dev/vda"; } ./common/core.nix ./security/security.nix ./disko/uefi-nosecure.nix ./users/users.nix { config.boot = { loader = { systemd-boot = { enable = true; }; efi = { canTouchEfiVariables = false; }; timeout = 5; }; initrd = { verbose = false; systemd.enable = true; }; }; config.fileSystems = { "/" = { options = ["noatime" "nodiratime" "discard"]; }; }; options.my.hostname = nixpkgs.lib.mkOption { type = nixpkgs.lib.types.str; default = "weyma-bs"; description = "Machine hostname"; }; } ({config, lib, pkgs, modulesPath, ...}: { imports = [(modulesPath + "/profiles/qemu-guest.nix")]; boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "sr_mod" "virtio_blk" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; swapDevices = [ ]; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; }) ]; specialArgs = { inputs = { inherit self nixpkgs disko sops-nix; }; }; }; }; packages.x86_64-linux.attic = nixpkgs.legacyPackages.x86_64-linux.attic-client; }; }