Add initial media1 host

flake.nix

@@ -263,6 +263,22 @@
             sops-nix.nixosModules.sops
           ];
         };
+        media1 = nixpkgs.lib.nixosSystem {
+          inherit system;
+          specialArgs = {
+            inherit inputs self sops-nix;
+          };
+          modules = [
+            (
+              { config, pkgs, ... }:
+              {
+                nixpkgs.overlays = [ overlay-unstable ];
+              }
+            )
+            ./hosts/media1
+            sops-nix.nixosModules.sops
+          ];
+        };
       };
     };
 }

hosts/media1/configuration.nix

@@ -0,0 +1,81 @@
+{
+  pkgs,
+  ...
+}:
+
+{
+  imports = [
+    ./hardware-configuration.nix
+
+    ../../system
+  ];
+
+  nixpkgs.config.allowUnfree = true;
+
+  # Use the systemd-boot EFI boot loader.
+  boot = {
+    loader.systemd-boot = {
+      enable = true;
+      configurationLimit = 5;
+    };
+    loader.efi.canTouchEfiVariables = true;
+    supportedFilesystems = [ "nfs" ];
+    kernelPackages = pkgs.linuxPackages_latest;
+    kernelParams = [
+      "quiet"
+      "splash"
+      "rd.systemd.show_status=false"
+    ];
+  };
+
+  networking.hostName = "media1";
+  networking.domain = "home.2rjus.net";
+  networking.useNetworkd = true;
+  networking.useDHCP = false;
+  services.resolved.enable = true;
+  networking.nameservers = [
+    "10.69.13.5"
+    "10.69.13.6"
+  ];
+
+  systemd.network.enable = true;
+  systemd.network.networks."enp2s0" = {
+    matchConfig.Name = "enp2s0";
+    address = [
+      "10.69.31.49/24"
+    ];
+    routes = [
+      { Gateway = "10.69.31.1"; }
+    ];
+    linkConfig.RequiredForOnline = "routable";
+  };
+  time.timeZone = "Europe/Oslo";
+
+  # Graphics
+  hardware.graphics = {
+    enable = true;
+    extraPackages = with pkgs; [
+      vaapiVdpau
+      libvdpau-va-gl
+    ];
+  };
+
+  nix.settings.experimental-features = [
+    "nix-command"
+    "flakes"
+  ];
+  nix.settings.tarball-ttl = 0;
+  environment.systemPackages = with pkgs; [
+    vim
+    wget
+    git
+  ];
+
+  # Open ports in the firewall.
+  # networking.firewall.allowedTCPPorts = [ ... ];
+  # networking.firewall.allowedUDPPorts = [ ... ];
+  # Or disable the firewall altogether.
+  networking.firewall.enable = false;
+
+  system.stateVersion = "23.11"; # Did you read the comment?
+}

hosts/media1/default.nix

@@ -0,0 +1,7 @@
+{ ... }:
+{
+  imports = [
+    ./configuration.nix
+    ./kodi.nix
+  ];
+}

hosts/media1/hardware-configuration.nix

@@ -0,0 +1,58 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:
+
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "nvme"
+    "ahci"
+    "usbhid"
+    "usb_storage"
+    "sd_mod"
+    "rtsx_usb_sdmmc"
+  ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/faa60038-b3a4-448a-8909-49857818c955";
+    fsType = "xfs";
+  };
+
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/7A94-A91C";
+    fsType = "vfat";
+    options = [
+      "fmask=0077"
+      "dmask=0077"
+    ];
+  };
+
+  swapDevices = [
+    { device = "/dev/disk/by-uuid/f7a4f85e-0b4b-492d-a611-f50d2b915c2c"; }
+  ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp2s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

hosts/media1/kodi.nix

@@ -0,0 +1,26 @@
+{ pkgs, ... }:
+let
+  kodipkg = pkgs.kodi-wayland.withPackages (
+    p: with p; [
+      jellyfin
+    ]
+  );
+in
+{
+  users.users.kodi = {
+    isNormalUser = true;
+    description = "Kodi Media Center user";
+  };
+  services.xserver = {
+    enable = true;
+  };
+  services.cage = {
+    enable = true;
+    user = "kodi";
+    program = "${kodipkg}/bin/kodi";
+  };
+
+  environment.systemPackages = with pkgs; [
+    firefox
+  ];
+}

services/ns/zones-home-2rjus-net.conf

@@ -1,7 +1,7 @@
 $ORIGIN home.2rjus.net.
 $TTL 1800
 @       IN      SOA     ns1.home.2rjus.net.      admin.test.2rjus.net. (
-                        2047                    ; serial number
+                        2049                    ; serial number
                         3600                    ; refresh
                         900                     ; retry
                         1209600                 ; expire
@@ -78,6 +78,7 @@ gunter              IN      A       10.69.30.105
 
 ; 31
 media               IN      A       10.69.31.50
+media1              IN      A       10.69.31.49
 
 ; 99_MGMT
 sw1                 IN      A       10.69.99.2