First attempt at NixOS build

These configurations were copied[1] and heavily modified.
The general modification strategy was to remove as much
as I could without breaking things. Later, I'll add
customizations back go the nixos configurations.

The VMware build comes from comments[2]. This commit tests
if the vmware build works. I am editing from a Mac, so
I am relying on Github actions to test the nixos and
vmware artifact build.

References:
1. https://github.com/mitchellh/nixos-config/tree/01fcaea3bdcd47540da39446d80e85d042a70cc1
2. mitchellh/nixos-config#1

Author: jwieringa

.github/workflows/nix.yml

@@ -0,0 +1,17 @@
+name: Nix
+ on:
+   push:
+     branches:
+       - main
+   pull_request:
+ jobs:
+   build:
+     runs-on: ubuntu-22.04
+     steps:
+       - uses: actions/checkout@v2
+       - run: nix flake check
+       - run: nix build .#nixosConfigurations.vm-intel
+       - uses: actions/upload-artifact@v2
+         with:
+           name: vmware
+           path: ./result/*.vmdk

flake.nix

@@ -0,0 +1,52 @@
+# Credit: https://github.com/mitchellh/nixos-config/blob/501f9aa0a669479c34d8d036f52a15b04002d259/flake.nix
+
+{
+  description = "NixOS systems and tools by jwieringa";
+
+  inputs = {
+    # Pin our primary nixpkgs repository. This is the main nixpkgs repository
+    # we'll use for our configurations. Be very careful changing this because
+    # it'll impact your entire system.
+    nixpkgs.url = "github:nixos/nixpkgs/release-22.11";
+
+    # I don't know if I need this yet, so I've disabled it.
+    # We use the unstable nixpkgs repo for some packages.
+    # nixpkgs-unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable";
+
+    home-manager = {
+      url = "github:nix-community/home-manager/release-22.11";
+
+      # We want home-manager to use the same set of nixpkgs as our system.
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+  };
+
+  outputs = { self, nixpkgs, home-manager, ... }@inputs: let
+    mkVM = import ./lib/mkvm.nix;
+
+    # Overlays is the list of overlays we want to apply from flake inputs.
+    overlays = [];
+  in {
+    nixosConfigurations.vm-intel = mkVM "vm-intel" rec {
+      inherit nixpkgs home-manager overlays;
+      system = "x86_64-linux";
+      user   = "jason";
+    };
+
+    # Use this to prepare a new VMWare image.
+    #
+    # $ nix build .#vmwareImage -L
+    # $ open ./result/*.vmdk
+
+    # Enable for M1 build?
+    # packages.aarch64-linux = {
+    #   vmwareImage =
+    #     self.nixosConfigurations.vm-aarch64.config.system.build.vmwareImage;
+    # };
+
+    packages.x86_64-linux = {
+      vmwareImage =
+        self.nixosConfigurations.vm-intel.config.system.build.vmwareImage;
+    };
+  };
+}

hardware/vm-intel.nix

@@ -0,0 +1,16 @@
+# This file is normally automatically generated. Since we build a VM
+# and have full control over that hardware I can hardcode this into my
+# repository.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports = [ "${modulesPath}/virtualisation/vmware-image.nix" ];
+
+  boot.initrd.availableKernelModules = [
+    "ata_piix" "mptspi" "uhci_hcd" "ehci_pci" "sd_mod" "sr_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  swapDevices = [ ];
+}

lib/mkvm.nix

@@ -0,0 +1,38 @@
+# This function creates a NixOS system based on our VM setup for a
+# particular architecture.
+#
+# I am only building one architecture, so this function was modified
+# to handle only x86_64-linux.
+name: { nixpkgs, home-manager, system, user, overlays }:
+
+nixpkgs.lib.nixosSystem rec {
+  inherit system;
+
+  modules = [
+    # Apply our overlays. Overlays are keyed by system type so we have
+    # to go through and apply our system type. We do this first so
+    # the overlays are available globally.
+    { nixpkgs.overlays = overlays; }
+
+    # For both hardware and machines, I have not yet taken the time
+    # to understand what they do exactly. So I've copied them verbatim.
+    # One difference, I've only copied for the VMs and arch that I
+    # currently use.
+    ../hardware/${name}.nix
+    ../machines/${name}.nix
+    home-manager.nixosModules.home-manager {
+      home-manager.useGlobalPkgs = true;
+      home-manager.useUserPackages = true;
+      home-manager.users.${user} = import ../users/${user}/home-manager.nix;
+    }
+
+    # We expose some extra arguments so that our modules can parameterize
+    # better based on these values.
+    {
+      config._module.args = {
+        currentSystemName = name;
+        currentSystem = system;
+      };
+    }
+  ];
+}

machines/vm-intel.nix

@@ -0,0 +1,24 @@
+{ config, pkgs, ... }: {
+  imports = [
+    ./vm-shared.nix
+  ];
+
+  virtualisation.vmware.guest.enable = true;
+
+  # Interface is this on Intel Fusion
+  networking.interfaces.ens33.useDHCP = true;
+
+  # Shared folder to host works on Intel
+  fileSystems."/host" = {
+    fsType = "fuse./run/current-system/sw/bin/vmhgfs-fuse";
+    device = ".host:/";
+    options = [
+      "umask=22"
+      "uid=1000"
+      "gid=1000"
+      "allow_other"
+      "auto_unmount"
+      "defaults"
+    ];
+  };
+}

machines/vm-shared.nix

@@ -0,0 +1,104 @@
+{ config, pkgs, lib, currentSystem, currentSystemName,... }:
+
+{
+  # Be careful updating this.
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+
+  nix = {
+    # use unstable nix so we can access flakes
+    package = pkgs.nixUnstable;
+    extraOptions = ''
+      experimental-features = nix-command flakes
+      keep-outputs = true
+      keep-derivations = true
+    '';
+
+    # TODO: Disabled - figure out caching later
+    # public binary cache that I use for all my derivations. You can keep
+    # this, use your own, or toss it. Its typically safe to use a binary cache
+    # since the data inside is checksummed.
+    # settings = {
+    #   substituters = ["https://mitchellh-nixos-config.cachix.org"];
+    #   trusted-public-keys = ["mitchellh-nixos-config.cachix.org-1:bjEbXJyLrL1HZZHBbO4QALnI5faYZppzkU4D2s0G8RQ="];
+    # };
+  };
+
+  # We expect to run the VM on hidpi machines.
+  hardware.video.hidpi.enable = true;
+
+  # Use the systemd-boot EFI boot loader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  # VMware, Parallels both only support this being 0 otherwise you see
+  # "error switching console mode" on boot.
+  boot.loader.systemd-boot.consoleMode = "0";
+
+  # Define your hostname.
+  networking.hostName = "dev";
+
+  # Set your time zone.
+  time.timeZone = "US/Central";
+
+  # The global useDHCP flag is deprecated, therefore explicitly set to false here.
+  # Per-interface useDHCP will be mandatory in the future, so this generated config
+  # replicates the default behaviour.
+  networking.useDHCP = false;
+
+  # Don't require password for sudo
+  security.sudo.wheelNeedsPassword = false;
+
+  # Virtualization settings
+  virtualisation.docker.enable = true;
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  # setup windowing environment
+  services.xserver = {
+    enable = true;
+    layout = "us";
+    dpi = 220;
+
+    desktopManager = {
+      xterm.enable = false;
+      wallpaper.mode = "fill";
+    };
+
+    # TODO: Select a windows manager
+    # displayManager = {
+    #   defaultSession = "none+i3";
+    #   lightdm.enable = true;
+
+    #   # AARCH64: For now, on Apple Silicon, we must manually set the
+    #   # display resolution. This is a known issue with VMware Fusion.
+    #   sessionCommands = ''
+    #     ${pkgs.xorg.xset}/bin/xset r rate 200 40
+    #   '';
+    # };
+
+    # windowManager = {
+    #   i3.enable = true;
+    # };
+  };
+
+  # Define a user account. Don't forget to set a password with ‘passwd’.
+  users.mutableUsers = false;
+
+  # Enable the OpenSSH daemon.
+  services.openssh.enable = true;
+  services.openssh.passwordAuthentication = true;
+  services.openssh.permitRootLogin = "no";
+
+  # Disable the firewall since we're in a VM and we want to make it
+  # easy to visit stuff in here. We only use NAT networking anyways.
+  networking.firewall.enable = false;
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "22.11";
+}