Add stellaris host

hosts/stellaris/default.nix

@@ -0,0 +1,116 @@
+{ config, ... }:
+{
+  imports = [ ./hardware-configuration.nix ];
+
+  modules = {
+    desktop.wm.enable = true;
+    editor = {
+      vim.enable = true;
+      emacs.enable = true;
+    };
+    services = {
+      flatpak.enable = true;
+      belgian-eid.enable = true;
+      docker.enable = true;
+      libvirt.enable = true;
+      languagetool.enable = true;
+      work-proxy.enable = true;
+    };
+    media = {
+      mpd.enable = true;
+      ncmpcpp.enable = true;
+    };
+  };
+
+  # Monitor backlight control
+  programs.light.enable = true;
+
+  services.tlp.enable = true;
+
+  hardware.cpu.amd.updateMicrocode = true;
+  hardware.tuxedo-drivers.enable = true;
+  hardware.tuxedo-rs = {
+    enable = true;
+    tailor-gui.enable = true;
+  };
+
+  hardware = {
+    bluetooth = {
+      enable = true;
+      # Enable A2DP Sink
+      settings = {
+        General = {
+          Enable = "Source,Sink,Media,Socket";
+        };
+      };
+    };
+  };
+
+  networking.networkmanager.enable = true;
+
+  services.blueman.enable = true;
+
+  services.logind.lidSwitch = "ignore";
+
+  user.name = "phfroidmont";
+
+  home-manager.users.${config.user.name} =
+    { ... }:
+    {
+      services.network-manager-applet.enable = true;
+      services.blueman-applet.enable = true;
+      wayland.windowManager.hyprland.settings = {
+        monitor = [
+          "eDP-1, 1920x1080, 0x720, 1.5"
+          "DP-1, 1920x1080, 0x0, 1.5"
+        ];
+
+        workspace = [
+          "w[tv1], gapsout:0, gapsin:0"
+          "f[1], gapsout:0, gapsin:0"
+        ];
+        windowrulev2 = [
+          "bordersize 0, floating:0, onworkspace:w[tv1]"
+          "rounding 0, floating:0, onworkspace:w[tv1]"
+          "bordersize 0, floating:0, onworkspace:f[1]"
+          "rounding 0, floating:0, onworkspace:f[1]"
+        ];
+      };
+    };
+
+  services.pipewire.wireplumber.extraConfig = {
+    "monitor.bluez.properties" = {
+      "bluez5.enable-sbc-xq" = true;
+      "bluez5.enable-msbc" = true;
+      "bluez5.enable-hw-volume" = true;
+      "bluez5.roles" = [
+        "hsp_hs"
+        "hsp_ag"
+        "hfp_hf"
+        "hfp_ag"
+      ];
+    };
+  };
+
+  services.tailscale.enable = true;
+
+  services.openssh = {
+    enable = true;
+    settings.PasswordAuthentication = false;
+    listenAddresses = [
+      {
+        # Tailscale interface
+        addr = "100.64.0.5";
+        port = 22;
+      }
+    ];
+  };
+  users.users.${config.user.name} = {
+    openssh.authorizedKeys.keyFiles = [
+      ../../ssh_keys/phfroidmont-desktop.pub
+    ];
+    extraGroups = [ "video" ];
+  };
+
+  system.stateVersion = "25.05";
+}

hosts/stellaris/disko.nix

@@ -0,0 +1,79 @@
+{ ... }:
+{
+  disko.devices = {
+    disk.main = {
+      type = "disk";
+      # Replace with your device, e.g. /dev/disk/by-id/nvme-Samsung_SSD_980_...
+      device = "/dev/disk/by-id/nvme-Samsung_SSD_9100_PRO_2TB_S7YFNJ0Y612225D";
+      content = {
+        type = "gpt";
+        partitions = {
+          ESP = {
+            type = "ef00";
+            size = "512M";
+            content = {
+              type = "filesystem";
+              format = "vfat";
+              mountpoint = "/boot";
+              mountOptions = [ "umask=0077" ];
+            };
+          };
+          luks = {
+            size = "100%";
+            content = {
+              type = "luks";
+              name = "cryptroot";
+              settings = {
+                allowDiscards = true;
+              };
+              content = {
+                type = "btrfs";
+                extraArgs = [
+                  "-L"
+                  "nixos"
+                ];
+                # Top-level btrfs mountpoint isn't used; subvols below define mounts
+                subvolumes = {
+                  "@".mountpoint = "/";
+                  "@home".mountpoint = "/home";
+                  "@nix".mountpoint = "/nix";
+                  "@log".mountpoint = "/var/log";
+                  "@cache".mountpoint = "/var/cache";
+
+                  # Common, fast, SSD-friendly defaults
+                  "@".mountOptions = [
+                    "compress=zstd"
+                    "noatime"
+                    "ssd"
+                    "autodefrag"
+                  ];
+                  "@home".mountOptions = [
+                    "compress=zstd"
+                    "noatime"
+                    "ssd"
+                    "autodefrag"
+                  ];
+                  "@nix".mountOptions = [
+                    "compress=zstd"
+                    "noatime"
+                    "ssd"
+                  ];
+                  "@log".mountOptions = [
+                    "compress=zstd"
+                    "noatime"
+                    "ssd"
+                  ];
+                  "@cache".mountOptions = [
+                    "compress=zstd"
+                    "noatime"
+                    "ssd"
+                  ];
+                };
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}

hosts/stellaris/hardware-configuration.nix

@@ -0,0 +1,83 @@
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:
+
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  boot.initrd.availableKernelModules = [
+    "nvme"
+    "xhci_pci"
+    "usb_storage"
+    "sd_mod"
+    "sdhci_pci"
+  ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/60093dc5-7e4f-479d-8e6b-d4f5fedcb01f";
+    fsType = "btrfs";
+    options = [ "subvol=@" ];
+  };
+
+  boot.initrd.luks.devices."cryptroot".device =
+    "/dev/disk/by-uuid/46f38e24-f03e-4e3b-9266-652340e1fa41";
+
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/4847-A536";
+    fsType = "vfat";
+    options = [
+      "fmask=0077"
+      "dmask=0077"
+    ];
+  };
+
+  fileSystems."/home" = {
+    device = "/dev/disk/by-uuid/60093dc5-7e4f-479d-8e6b-d4f5fedcb01f";
+    fsType = "btrfs";
+    options = [ "subvol=@home" ];
+  };
+
+  fileSystems."/nix" = {
+    device = "/dev/disk/by-uuid/60093dc5-7e4f-479d-8e6b-d4f5fedcb01f";
+    fsType = "btrfs";
+    options = [ "subvol=@nix" ];
+  };
+
+  fileSystems."/var/cache" = {
+    device = "/dev/disk/by-uuid/60093dc5-7e4f-479d-8e6b-d4f5fedcb01f";
+    fsType = "btrfs";
+    options = [ "subvol=@cache" ];
+  };
+
+  fileSystems."/var/log" = {
+    device = "/dev/disk/by-uuid/60093dc5-7e4f-479d-8e6b-d4f5fedcb01f";
+    fsType = "btrfs";
+    options = [ "subvol=@log" ];
+  };
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = true;
+
+  services.xserver.videoDrivers = [ "nvidia" ];
+
+  hardware.nvidia = {
+    modesetting.enable = true;
+    powerManagement.enable = false;
+    powerManagement.finegrained = false;
+    open = true;
+    nvidiaSettings = true;
+    package = config.boot.kernelPackages.nvidiaPackages.stable;
+  };
+}

modules/desktop/default.nix

@@ -7,7 +7,7 @@
 
 let
   wallpaper = pkgs.fetchurl {
-    url = "https://raw.githubusercontent.com/AngelJumbo/gruvbox-wallpapers/main/wallpapers/irl/houseonthesideofalake.jpg";
+    url = "https://raw.githubusercontent.com/AngelJumbo/gruvbox-wallpapers/main/wallpapers/photography/houseonthesideofalake.jpg";
     sha256 = "sha256-obKI4qZvucogqRCl51lwV9X8SRaMqcbBwWMfc9TupIo=";
   };
 in

modules/options.nix

@@ -13,7 +13,7 @@
   config = {
 
     user = {
-      name = "froidmpa";
+      name = lib.mkDefault "froidmpa";
       description = "The primary user account";
       extraGroups = [
         "wheel"