From 33dd6d1d0ca06339cce2521f16aa7d0e04efaaaa Mon Sep 17 00:00:00 2001
From: Nathan <nathanblunkall5@gmail.com>
Date: Wed, 7 Jan 2026 00:01:06 -0600
Subject: [PATCH] first

---
 .sops.yaml                 |   7 +++
 configuration.nix          | 103 +++++++++++++++++++++++++++++++++++++
 flake.nix                  |  38 ++++++++++++++
 hardware-configuration.nix |  39 ++++++++++++++
 secrets.yaml               |  18 +++++++
 5 files changed, 205 insertions(+)
 create mode 100644 .sops.yaml
 create mode 100644 configuration.nix
 create mode 100644 flake.nix
 create mode 100644 hardware-configuration.nix
 create mode 100644 secrets.yaml

diff --git a/.sops.yaml b/.sops.yaml
new file mode 100644
index 0000000..19a8b0a
--- /dev/null
+++ b/.sops.yaml
@@ -0,0 +1,7 @@
+keys:
+  - &laptop age1yqgyp2uxz4lzrc9f9ka0mfjl5fr6ahf8nf24nlmran2wulg6fpvq9hyp9q
+creation_rules:
+  - path_regex: ^secrets.yaml$
+    key_groups:
+    - age:
+      - *laptop
diff --git a/configuration.nix b/configuration.nix
new file mode 100644
index 0000000..a1092b2
--- /dev/null
+++ b/configuration.nix
@@ -0,0 +1,103 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, ... }:
+
+{
+
+    imports = [ # Include the results of the hardware scan.
+        ./hardware-configuration.nix
+    ];
+
+    config = {
+  
+        boot.kernelParams = [ "snd-intel-dspcfg.dsp_driver=1" ];
+
+        hardware.nvidia = {
+            modesetting.enable = true;
+            powerManagement.enable = true;
+            powerManagement.finegrained = true;
+            open = false;
+            nvidiaSettings = true;
+            package = config.boot.kernelPackages.nvidiaPackages.stable;
+
+            prime = {
+# Make sure to use the correct Bus ID values for your system!
+                intelBusId = "PCI:0:2:0";
+                nvidiaBusId = "PCI:1:0:0";
+# WARNING: sync and offload are mutually exclusive.
+# You can only pick one!!
+#sync.enable = true;
+                offload = {
+                    enable = true;
+                    enableOffloadCmd = true;
+                };
+            };
+        };
+
+        sops = {
+            defaultSopsFile = ./secrets.yaml;
+            secrets = {
+                "nathan/pass" = {
+                    neededForUsers = true;
+                };
+
+                remoteBuildKey = {};
+            };
+        };
+
+        sysconfig = {
+            users = {
+                nathan = {
+                    isSuperuser = true;
+                    extraGroups = [ "networkmanager" ];
+                    hashedPasswordFile = config.sops.secrets."nathan/pass".path;
+                    shell = pkgs.zsh;
+                    home-manager = {
+                        enable = true;
+                        standalone = false;
+                        extraModules = [
+                        {
+                            homeconfig = {
+                                minimal = false;
+                                hyprland.enable = true;
+                                hyprlock.enable = true;
+                                wal.enable = true;
+                                mpd.enable = true;
+                                hyprpanel.enable = true;
+                                calcurse.enable = true;
+                                rofi.enable = true;
+                                firefox.enable = true;
+                                git.enable = true;
+                                nh.enable = true;
+                            };
+
+                            #monitor=eDP-1, addreserved, 40,0,0,0
+                            wayland.windowManager.hyprland.extraConfig = ''
+                                monitor=eDP-1,1920x1080@60,0x0,1
+                                bind = CTRL SHIFT, XF86Launch2, exec, bash -c 'if [[ $(hyprctl monitors | grep 0x0 | sed -n -e "s/\t*1920x1080@//" -e "s/.[1234567890]* at 0x0//p") == 300 ]]; then pkexec --user root /nix/var/nix/profiles/system/bin/switch-to-configuration switch; else pkexec --user root /nix/var/nix/profiles/system/specialisation/docked/bin/switch-to-configuration switch; fi'
+                                bind = ALT, Escape, exec, if [[ $(hyprctl monitors | grep 0x0 | sed -n -e "s/\t*1920x1080@//" -e "s/.[1234567890]* at 0x0//p") == 300 ]]; then hyprctl keyword monitor eDP-1,1920x1080@60,0x0,1; else hyprctl keyword monitor eDP-1,1920x1080@300,0x0,1; fi
+                            '';
+
+                        } 
+                        ];
+                    };
+                };
+            };
+        };
+
+
+        services.xserver.videoDrivers = [ "nvidia" ];
+
+
+# This value determines the NixOS release from which the default
+# settings for stateful data, like file locations and database versions
+# on your system were taken. It‘s perfectly fine and recommended to leave
+# this value at the release version of the first install of this system.
+# Before changing this value read the documentation for this option
+# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+        system.stateVersion = "23.05"; # Did you read the comment?
+    };
+
+}
diff --git a/flake.nix b/flake.nix
new file mode 100644
index 0000000..408e3a7
--- /dev/null
+++ b/flake.nix
@@ -0,0 +1,38 @@
+{
+
+    description = "System Configuration";
+
+    inputs = {
+
+        nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11";
+
+        home-manager = {
+            url = "github:nix-community/home-manager/release-25.11";
+            inputs.nixpkgs.follows = "nixpkgs";
+        };
+
+        olympus = {
+            #url = "git+https://gitea.esotericbytes.com/Blunkall-Technologies/Olympus";
+            url = "git+file:///home/nathan/Projects/Olympus";
+            inputs.nixpkgs.follows = "nixpkgs";
+            inputs.home-manager.follows = "home-manager";
+        };
+    };
+
+    outputs = { self, nixpkgs, olympus, ... }: let
+        host = "laptop";
+
+    in {
+
+        nixosConfigurations."${host}" = nixpkgs.lib.nixosSystem {
+
+            specialArgs = olympus.inputs;
+
+            modules = [
+                { sysconfig.host = host; }
+                ./configuration.nix
+                olympus.profiles.laptop
+            ];
+        };
+    };
+}
diff --git a/hardware-configuration.nix b/hardware-configuration.nix
new file mode 100644
index 0000000..3edf5cb
--- /dev/null
+++ b/hardware-configuration.nix
@@ -0,0 +1,39 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "sdhci_pci" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/78c0964d-c09e-4e31-8a73-eb719d79917a";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/AE5E-AC86";
+      fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" ];
+    };
+
+  swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
diff --git a/secrets.yaml b/secrets.yaml
new file mode 100644
index 0000000..fa2e25d
--- /dev/null
+++ b/secrets.yaml
@@ -0,0 +1,18 @@
+nathan:
+    pass: ENC[AES256_GCM,data:H/duNPyclGoCF/Z90TQcqaUymowHOLRDmcfDxSubNGdmijknsCq+UH5PaWUmXGZ7uZqcpYWBcsVbYfQO/98OHH/kbwAFD/Hgkw==,iv:74M2PQqVzAgMXA8Z4RVLJKawt0Lzh94IKbn8YCTx3tY=,tag:B/xgA4mrhWEccaXQ+qvjCA==,type:str]
+remoteBuildKey: ENC[AES256_GCM,data:CN7AyOCV4iYzYrwVh2Af5YB0nwR4raXfj5FbbeIZg5Bfha0sUPnLAG+oqVUyzVQA3yftFhfwPGaALOyb6VlT13pTifG+uEoyiq1dQP6dimlmk/p/6kVtg4aiETJ/61EUeQF/HTVTZ3F7akgQRsKNFQYbF2srcurPQSY0Q2gjlkkFA3A3aLoN2LrkFPJvtnNP6SJzXDFHVOTPmbc/DvF9UbMiYu0viIlfiPqeBs26lAqcOWhrYlOxKqEL2IoP3kADDncedxT42c1rCPB/2kGvKg+mXSlaIH3a0Hb8hrnjVUB0edyqYnNCurVhPF8mg2yoqrtyaxRkZKvUsa5LBZwS+iL9bYQdU/4hxT9c7wRC+ZtWkwF4l/gy8Ggc+VuB+YT9JUCJY96o8f2wKFup0BS+oiYLGJKpcOLMFrPJLEtOMrqPN/Z6+gZ9LVbhlSliIV/yUTJAa26el0w6tP9Ebs6tHiFakpkMahsBbRxmHBmqkHW5zfa5YpvD5Ii/EC+F8Vb/Efn6LkBZBwSB6K33NSOy,iv:4i0bGQe7wiDSvmygY2VNSEhuYfYIi9YY1g7qLgDTcMo=,tag:MJqOovOcZ97COsVjxZus8w==,type:str]
+sops:
+    age:
+        - recipient: age1yqgyp2uxz4lzrc9f9ka0mfjl5fr6ahf8nf24nlmran2wulg6fpvq9hyp9q
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2MEIyRjR0a25UU3hnR2Zw
+            WXFaaXJYNWFSMmZsR1FsYVB1WlBkZWptSHhzCkRGRitnNkc3MEtjV05KRXlXT3RR
+            TVhnVlpUdzFiSEwxbHNOT3dyQ0dzbG8KLS0tIElMc3g4SHRxZTVnOCtVcktRb25D
+            Y2ZpR25VNGVoMi9ibW8wbW5rYTQ3R00Ka6/KLXSSRP9WJDV0RBHHS5nALfd/3xDu
+            y+QS+Ueh56kQT2zbYpYBRIPDgI3LZgwlTifQCDJ9ZPq0LGgu4XbEqQ==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-08-23T03:46:50Z"
+    mac: ENC[AES256_GCM,data:QJLMqnmkrgtTqqmLN9NCfV8PPm5N/F0gtGw/XlX+nnfbesGVeYubSjtHmYWmY7ha41jEvLYu8rmIXaxDepfogyOf4wzuRPLkJxO7Wu0UVdr5uZlHNrcxZh4Ex6YGgg8Lbcjs0iVCev66lWfuhuxuvPOKsGLZvoNTq0V1hLpo/Fw=,iv:VFrL0L6tC1JvWM3BOJP4Dh+q1xSMBecCtPnNcY/loAU=,tag:p5VmBaGPTxyTmm1Ha9Le3Q==,type:str]
+    unencrypted_suffix: _unencrypted
+    version: 3.10.2