From e1346274d46abd7a7b68cc8747a993854ea90166 Mon Sep 17 00:00:00 2001
From: Paul-Henri Froidmont <git.contact-57n2p@froidmont.org>
Date: Thu, 26 Feb 2026 11:16:03 +0100
Subject: [PATCH] Add wsl

---
 common.nix            |   2 +-
 flake.lock            |  55 +++++++++++++++-
 flake.nix             |   1 +
 hosts/wsl/default.nix | 144 ++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 200 insertions(+), 2 deletions(-)
 create mode 100644 hosts/wsl/default.nix

diff --git a/common.nix b/common.nix
index 9e8aa52..3a48765 100644
--- a/common.nix
+++ b/common.nix
@@ -45,7 +45,7 @@
 
   zramSwap.enable = true;
   zramSwap.memoryPercent = 300;
-  systemd.oomd.enable = true;
+  systemd.oomd.enable = lib.mkDefault true;
 
   console = {
     keyMap = lib.mkDefault "fr";
diff --git a/flake.lock b/flake.lock
index 6c133c6..4439c90 100644
--- a/flake.lock
+++ b/flake.lock
@@ -41,6 +41,22 @@
         "type": "github"
       }
     },
+    "flake-compat": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1767039857,
+        "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=",
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
     "home-manager": {
       "inputs": {
         "nixpkgs": [
@@ -82,6 +98,26 @@
         "type": "github"
       }
     },
+    "nixos-wsl": {
+      "inputs": {
+        "flake-compat": "flake-compat",
+        "nixpkgs": "nixpkgs_3"
+      },
+      "locked": {
+        "lastModified": 1771562016,
+        "narHash": "sha256-inwX/56pWam4urjLpkhdarSsLUNgf0q0tHvJ5jeZEXo=",
+        "owner": "nix-community",
+        "repo": "NixOS-WSL",
+        "rev": "818599c8c2bd6dd1801bed5130067a141014bdd8",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "ref": "release-24.11",
+        "repo": "NixOS-WSL",
+        "type": "github"
+      }
+    },
     "nixpkgs": {
       "locked": {
         "lastModified": 1771369470,
@@ -131,6 +167,22 @@
       }
     },
     "nixpkgs_3": {
+      "locked": {
+        "lastModified": 1751274312,
+        "narHash": "sha256-/bVBlRpECLVzjV19t5KMdMFWSwKLtb5RyXdjz3LJT+g=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "50ab793786d9de88ee30ec4e4c24fb4236fc2674",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-24.11",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_4": {
       "locked": {
         "lastModified": 1771369470,
         "narHash": "sha256-0NBlEBKkN3lufyvFegY4TYv5mCNHbi5OmBDrzihbBMQ=",
@@ -151,7 +203,8 @@
         "emacs-overlay": "emacs-overlay",
         "home-manager": "home-manager",
         "llm-agents": "llm-agents",
-        "nixpkgs": "nixpkgs_3",
+        "nixos-wsl": "nixos-wsl",
+        "nixpkgs": "nixpkgs_4",
         "vim-org-roam": "vim-org-roam"
       }
     },
diff --git a/flake.nix b/flake.nix
index b5faa85..b9936ef 100644
--- a/flake.nix
+++ b/flake.nix
@@ -11,6 +11,7 @@
       flake = false;
     };
     llm-agents.url = "github:numtide/llm-agents.nix";
+    nixos-wsl.url = "github:nix-community/NixOS-WSL/release-24.11";
   };
 
   outputs =
diff --git a/hosts/wsl/default.nix b/hosts/wsl/default.nix
new file mode 100644
index 0000000..d38761b
--- /dev/null
+++ b/hosts/wsl/default.nix
@@ -0,0 +1,144 @@
+{
+  inputs,
+  pkgs,
+  config,
+  lib,
+  ...
+}:
+{
+
+  imports = [
+    inputs.nixos-wsl.nixosModules.default
+  ];
+
+  user.name = "nixos";
+
+  wsl = {
+    enable = true;
+    wslConf = {
+      network.generateHosts = false;
+      network.generateResolvConf = false;
+      wsl2.memory = "24GB";
+      interop.appendWindowsPath = false;
+    };
+  };
+
+  networking = {
+    nameservers = [
+      "10.33.0.100"
+      "10.33.1.30"
+      "1.1.1.1"
+    ];
+    proxy = {
+      httpProxy = "http://127.0.0.1:3128";
+      httpsProxy = "http://127.0.0.1:3128";
+      noProxy = ".lefoyer.lu,.foyer.lu,.foyer.cloud,localhost,127.0.0.1";
+    };
+  };
+
+  services.tinyproxy = {
+    enable = true;
+    settings = {
+      LogLevel = "Info";
+      Port = 2345;
+      Listen = "0.0.0.0";
+      Upstream = [
+        ''upstream socks5 127.0.0.1:5080 ".tailscale.com"''
+        ''upstream socks5 127.0.0.1:5080 "hs.banditlair.com"''
+        # ''upstream http 127.0.0.1:3128 "hs.banditlair.com"''
+        ''upstream http 127.0.0.1:3128 "login.microsoftonline.com"''
+      ];
+    };
+  };
+
+  services.tailscale = {
+    enable = true;
+    useRoutingFeatures = "both";
+  };
+
+  systemd.services.tailscaled.serviceConfig.Environment = [
+    "HTTPS_PROXY=http://127.0.0.1:2345"
+  ];
+
+  modules = {
+    editor = {
+      vim.enable = true;
+    };
+    desktop.file-manager.enable = true;
+    desktop.zsh.enable = true;
+  };
+
+  environment.systemPackages = with pkgs; [
+    scala-cli
+    jdk17
+    httpie
+    zsh-syntax-highlighting
+    tldr
+    nil
+    coursier
+    nodejs
+    imagemagick
+    (sbt.override { jre = jdk17; })
+    mill
+    kafkactl
+  ];
+
+  security.pki.certificateFiles = [
+    "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
+    ../../modules/services/certs/Foyer-Group-Root-CA.crt
+    ../../modules/services/certs/Foyer-Sub-CA.crt
+  ];
+
+  environment.variables = {
+    JAVAX_NET_SSL_TRUSTSTORE = "/mnt/c/Users/RDO/scoop/apps/java21/current/lib/security/cacerts";
+    JAVA_OPTS = "-Dhttp.proxyHost=localhost -Dhttp.proxyPort=3128 -Dhttps.proxyHost=localhost -Dhttps.proxyPort=3128 -Djavax.net.ssl.trustStore=/mnt/c/Users/RDO/scoop/apps/java21/current/lib/security/cacerts -Djavax.net.ssl.trustStorePassword=changeit";
+  };
+
+  home-manager.users.${config.user.name} = {
+    home.file.".sbt/repositories".text = ''
+      [repositories]
+        local
+        maven-local
+        nexus-maven: https://nexus.foyer.lu/repository/mvn-all/
+        nexus-ivy: https://nexus.foyer.lu/repository/ivy-all/, [organization]/[module]/(scala_[scalaVersion]/)(sbt_[sbtVersion]/)[revision]/[type]s/[artifact](-[classifier]).[ext]
+        nexus-ivy-sbt: https://nexus.foyer.lu/repository/ivy-all/, [organization]/[module]/(scala_[scalaVersion]/)(sbt_[sbtVersion]/)[revision]/[artifact](-[classifier])-[type].[ext]
+    '';
+
+    programs = {
+      git = {
+        enable = true;
+        userName = "Paul-Henri Froidmont";
+        userEmail = "rdo@foyer.lu";
+        extraConfig = {
+          init.defaultBranch = "master";
+          http.sslVerify = false;
+        };
+      };
+      bat.enable = true;
+      jq.enable = true;
+      fzf.enable = true;
+      lesspipe.enable = true;
+      pazi.enable = true;
+      broot = {
+        enable = true;
+        enableZshIntegration = true;
+      };
+      command-not-found.enable = true;
+      direnv = {
+        enable = true;
+        enableZshIntegration = true;
+        nix-direnv.enable = true;
+      };
+    };
+  };
+
+  services.openssh = {
+    enable = true;
+    settings = {
+      PasswordAuthentication = true;
+      # LogLevel = "DEBUG";
+    };
+  };
+
+  system.stateVersion = "24.05";
+}