Create proxmox configuration, create izanagi config, update readme, move configurations to /machines/

.envrc

@@ -0,0 +1 @@
+use flake

.gitignore

@@ -5,3 +5,5 @@ tmp/
 
 
 result
+.direnv
+*.local.md

README.org

@@ -15,7 +15,7 @@ This guide documents the process for a minimal installation of NixOS on a Proxmo
 2. *Deploy NixOS:* From your workstation, run =nixos-anywhere=, pointing to your flake and the VM's IP address.
    #+begin_src sh
    nix run github:nix-community/nixos-anywhere -- \
-     --flake .#your-machine-name \
+     --flake .#susano-minimal \
      --target-host root@<vm-ip-address>
    #+end_src
 

flake.lock

@@ -75,6 +75,42 @@
         "type": "github"
       }
     },
+    "nixlib": {
+      "locked": {
+        "lastModified": 1736643958,
+        "narHash": "sha256-tmpqTSWVRJVhpvfSN9KXBvKEXplrwKnSZNAoNPf/S/s=",
+        "owner": "nix-community",
+        "repo": "nixpkgs.lib",
+        "rev": "1418bc28a52126761c02dd3d89b2d8ca0f521181",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "nixpkgs.lib",
+        "type": "github"
+      }
+    },
+    "nixos-generators": {
+      "inputs": {
+        "nixlib": "nixlib",
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1751903740,
+        "narHash": "sha256-PeSkNMvkpEvts+9DjFiop1iT2JuBpyknmBUs0Un0a4I=",
+        "owner": "nix-community",
+        "repo": "nixos-generators",
+        "rev": "032decf9db65efed428afd2fa39d80f7089085eb",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "nixos-generators",
+        "type": "github"
+      }
+    },
     "nixos-hardware": {
       "locked": {
         "lastModified": 1753122741,
@@ -127,9 +163,11 @@
         "copyparty": "copyparty",
         "disko": "disko",
         "home-manager": "home-manager",
+        "nixos-generators": "nixos-generators",
         "nixos-hardware": "nixos-hardware",
         "nixpkgs": "nixpkgs_2",
-        "sops-nix": "sops-nix"
+        "sops-nix": "sops-nix",
+        "unstable": "unstable"
       }
     },
     "sops-nix": {
@@ -151,6 +189,22 @@
         "repo": "sops-nix",
         "type": "github"
       }
+    },
+    "unstable": {
+      "locked": {
+        "lastModified": 1753694789,
+        "narHash": "sha256-cKgvtz6fKuK1Xr5LQW/zOUiAC0oSQoA9nOISB0pJZqM=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "dc9637876d0dcc8c9e5e22986b857632effeb727",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
     }
   },
   "root": "root",

flake.nix

@@ -4,7 +4,12 @@
   inputs = {
     # Nixpkgs
     nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
+    unstable.url = "github:nixos/nixpkgs/nixos-unstable";
     nixos-hardware.url = "github:NixOS/nixos-hardware/master";
+    nixos-generators = {
+      url = "github:nix-community/nixos-generators";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
     disko = {
       url = "github:nix-community/disko";
       inputs.nixpkgs.follows = "nixpkgs";
@@ -25,6 +30,7 @@
     self,
     nixpkgs,
     nixos-hardware,
+    nixos-generators,
     disko,
     home-manager,
     sops-nix,
@@ -34,6 +40,8 @@
     extraHomeModules = [
       ./hm-modules
     ];
+
+    upkgs = import inputs.unstable { system = "x86_64-linux"; config.allowUnfree = true; };
   in {
     nixosConfigurations = {
       susano-minimal = nixpkgs.lib.nixosSystem {
@@ -41,7 +49,7 @@
         modules = [
           disko.nixosModules.disko
           home-manager.nixosModules.home-manager
-          ./minimal
+          ./machines/susano-minimal
         ];
       };
 
@@ -53,10 +61,61 @@
           sops-nix.nixosModules.sops
           inputs.copyparty.nixosModules.default
 
-          ./main
+          ./machines/susano
           ./modules
         ];
       };
+
+      izanagi-minimal =
+        let
+          username = "izanagi";
+        in nixpkgs.lib.nixosSystem {
+          specialArgs = {inherit inputs outputs extraHomeModules username;};
+          modules = [
+            disko.nixosModules.disko
+            home-manager.nixosModules.home-manager
+            ./machines/izanagi-minimal
+          ];
+        };
+    };
+
+    packages.x86_64-linux = {
+      izanami-proxmox = nixos-generators.nixosGenerate {
+        system = "x86_64-linux";
+        modules = [
+          home-manager.nixosModules.home-manager
+
+          ./iso/proxmox
+        ];
+
+        specialArgs = {
+          inherit inputs;
+
+          username = "izanami";
+          extraHomeModules = [
+            ./hm-modules
+          ];
+        };
+
+        format = "proxmox";
+      };
+    };
+
+    devShells = {
+      "x86_64-linux" = {
+        default = upkgs.mkShell {
+          buildInputs = with upkgs; [
+
+            # AI Coding agents
+            gemini-cli
+            opencode
+            claude-code
+          ];
+
+          shellHook = ''
+          '';
+        };
+      };
     };
   };
 }

iso/proxmox/default.nix

@@ -0,0 +1,123 @@
+{ config, pkgs, extraHomeModules, inputs, lib, username, ... }:
+
+let flakeInputs = lib.filterAttrs (_: lib.isType "flake") inputs;
+in {
+  imports = [ # Include the results of the hardware scan.
+    ./hardware-configuration.nix
+  ];
+
+  nixpkgs = {
+    # You can add overlays here
+    overlays = [ ];
+    # Configure your nixpkgs instance
+    config = {
+      # Disable if you don't want unfree packages
+      allowUnfree = true;
+    };
+  };
+
+  nix = {
+    settings = {
+      # Enable flakes and new 'nix' command
+      experimental-features = "nix-command flakes";
+      # Opinionated: disable global registry
+      flake-registry = "";
+      # Workaround for https://github.com/NixOS/nix/issues/9574
+      nix-path = config.nix.nixPath;
+
+      # Allow user to reubild nixos without sudo
+      trusted-users = [ "root" username ];
+    };
+    # Opinionated: disable channels
+    channel.enable = false;
+
+    # Opinionated: make flake registry and nix path match flake inputs
+    registry = lib.mapAttrs (_: flake: { inherit flake; }) flakeInputs;
+    nixPath = lib.mapAttrsToList (n: _: "${n}=flake:${n}") flakeInputs;
+  };
+
+  # Bootloader.
+  boot.loader.grub = {
+    enable = true;
+    useOSProber = true;
+  };
+
+  networking = {
+    hostName = username;
+    networkmanager.enable = true;
+  };
+
+  # Set your time zone.
+  time.timeZone = "Europe/Warsaw";
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "en_GB.UTF-8";
+    LC_IDENTIFICATION = "en_GB.UTF-8";
+    LC_MEASUREMENT = "en_GB.UTF-8";
+    LC_MONETARY = "en_GB.UTF-8";
+    LC_NAME = "en_GB.UTF-8";
+    LC_NUMERIC = "en_GB.UTF-8";
+    LC_PAPER = "en_GB.UTF-8";
+    LC_TELEPHONE = "en_GB.UTF-8";
+    LC_TIME = "en_GB.UTF-8";
+  };
+
+  security = {
+    rtkit.enable = true;
+    sudo.extraRules = [{
+      users = [ username ];
+      commands = [{
+        command = "ALL";
+        options =
+          [ "NOPASSWD" ]; # "SETENV" # Adding the following could be a good idea
+      }];
+    }];
+  };
+
+  users.users.${username} = {
+    isNormalUser = true;
+    description = "NixOS Proxmox Base Image";
+    hashedPassword =
+      "$6$YhcYhZA4dn.DKxfg$PFUomdcTMxM6wQx5indT9paO7TQAoT/a85NZ2.T2wR5OtRhsRgFnySQSlAp5qSjzrwsAY2T40Js7gHkGe5chZ/";
+    extraGroups = [ "networkmanager" "wheel" ];
+    packages = with pkgs; [ ];
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBcGhVpjmWEw1GEw0y/ysJPa2v3+u/Rt/iES/Se2huH2 alexander0derevianko@gmail.com"
+    ];
+
+    shell = pkgs.zsh;
+  };
+
+  environment.systemPackages = with pkgs; [ vim wget ripgrep ];
+
+  services.openssh = {
+    enable = true;
+    settings = {
+      # Opinionated: forbid root login through SSH.
+      PermitRootLogin = "no";
+      # Opinionated: use keys only.
+      # Remove if you want to SSH using passwords
+      PasswordAuthentication = false;
+    };
+  };
+
+  programs = { zsh.enable = true; };
+
+  ###
+  # Home Manger configuration
+  ###
+  home-manager = {
+    useGlobalPkgs = true;
+    useUserPackages = true;
+    backupFileExtension = "backup";
+    extraSpecialArgs = { inherit inputs username; };
+
+    users."${username}" = { imports = [ ./home.nix ] ++ extraHomeModules; };
+  };
+
+  # DO NOT CHANGE AT ANY POINT!
+  system.stateVersion = "25.05";
+}

iso/proxmox/home.nix

@@ -0,0 +1,29 @@
+{ config, lib, pkgs, username, ... }:
+
+{
+  home = {
+    inherit username;
+    stateVersion = "25.05";
+    homeDirectory = "/home/${username}";
+  };
+
+  dov = {
+    shell = {
+      zsh = {
+        enable = true;
+        shellAliases = {
+          ll = "eza -al";
+          sc = "source $HOME/.zshrc";
+          psax = "ps ax | grep";
+          cp = "rsync -ah --progress";
+        };
+      };
+    };
+  };
+
+  programs.home-manager.enable = true;
+
+  home.packages = with pkgs; [
+    eza
+  ];
+}

machines/izanagi-minimal/default.nix

@@ -0,0 +1,131 @@
+{
+  config,
+  pkgs,
+  extraHomeModules,
+  inputs,
+  lib,
+  username,
+  ...
+}:
+
+let
+  flakeInputs = lib.filterAttrs (_: lib.isType "flake") inputs;
+in {
+  imports =
+    [
+      ./hardware-configuration.nix
+      ./disko-config.nix
+    ];
+
+  nixpkgs = {
+    # You can add overlays here
+    overlays = [
+    ];
+    # Configure your nixpkgs instance
+    config = {
+      # Disable if you don't want unfree packages
+      allowUnfree = true;
+    };
+  };
+
+  nix = {
+    settings = {
+      # Enable flakes and new 'nix' command
+      experimental-features = "nix-command flakes";
+      # Opinionated: disable global registry
+      flake-registry = "";
+      # Workaround for https://github.com/NixOS/nix/issues/9574
+      nix-path = config.nix.nixPath;
+
+      # Allow user to reubild nixos without sudo
+      trusted-users = [ "root" username ];
+    };
+    # Opinionated: disable channels
+    channel.enable = false;
+
+    # Opinionated: make flake registry and nix path match flake inputs
+    registry = lib.mapAttrs (_: flake: {inherit flake;}) flakeInputs;
+    nixPath = lib.mapAttrsToList (n: _: "${n}=flake:${n}") flakeInputs;
+  };
+
+  # Bootloader.
+  boot.loader.grub.enable = true;
+  boot.loader.grub.useOSProber = true;
+
+  networking.hostName = username;
+  networking.networkmanager.enable = true;
+
+  # Set your time zone.
+  time.timeZone = "Europe/Warsaw";
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "en_GB.UTF-8";
+    LC_IDENTIFICATION = "en_GB.UTF-8";
+    LC_MEASUREMENT = "en_GB.UTF-8";
+    LC_MONETARY = "en_GB.UTF-8";
+    LC_NAME = "en_GB.UTF-8";
+    LC_NUMERIC = "en_GB.UTF-8";
+    LC_PAPER = "en_GB.UTF-8";
+    LC_TELEPHONE = "en_GB.UTF-8";
+    LC_TIME = "en_GB.UTF-8";
+  };
+
+  security.rtkit.enable = true;
+
+  users.users.${username} = {
+    isNormalUser = true;
+    description = "NixOS Proxmox DevMachine";
+    hashedPassword = "$6$fgXNf1aUOgGn7QWQ$rOcVKUnBC7td/KVdyLzknQy4LjgQDETKPIxivi1yWd4boWbRgITr/.iYlekZOuRuC6m.WydgV9PviqlrioDF91";
+    extraGroups = [ "networkmanager" "wheel" ];
+    packages = with pkgs; [
+    ];
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBcGhVpjmWEw1GEw0y/ysJPa2v3+u/Rt/iES/Se2huH2 alexander0derevianko@gmail.com"
+    ];
+
+    shell = pkgs.zsh;
+  };
+
+  environment.systemPackages = with pkgs; [
+    vim
+    wget
+    ripgrep
+  ];
+
+  services.openssh = {
+    enable = true;
+    settings = {
+      # Opinionated: forbid root login through SSH.
+      PermitRootLogin = "no";
+      # Opinionated: use keys only.
+      # Remove if you want to SSH using passwords
+      PasswordAuthentication = false;
+    };
+  };
+
+  programs = {
+    zsh.enable = true;
+  };
+
+  ###
+  # Home Manger configuration
+  ###
+  home-manager = {
+    useGlobalPkgs = true;
+    useUserPackages = true;
+    backupFileExtension = "backup";
+    extraSpecialArgs = { inherit inputs username; };
+
+    users."${username}" = {
+      imports = [
+        ./home.nix
+      ] ++ extraHomeModules;
+    };
+  };
+
+  # DO NOT CHANGE AT ANY POINT!
+  system.stateVersion = "25.05";
+}

machines/izanagi-minimal/disko-config.nix

@@ -0,0 +1,28 @@
+{ username, ... }:
+{
+  disko.devices = {
+    disk = {
+      main = {
+        device = "/dev/sda";
+        type = "disk";
+        content = {
+          type = "gpt";
+          partitions = {
+            boot = {
+              size = "1M";
+              type = "EF02"; # for grub MBR
+            };
+            root = {
+              size = "100%";
+              content = {
+                type = "filesystem";
+                format = "ext4";
+                mountpoint = "/";
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}

machines/izanagi-minimal/home.nix

@@ -0,0 +1,34 @@
+{ config, lib, pkgs, username, ... }:
+
+let
+in {
+  imports = [
+  ];
+
+
+  home = {
+    inherit username;
+    stateVersion = "25.05";
+    homeDirectory = "/home/${username}";
+  };
+
+  dov = {
+    shell = {
+      zsh = {
+        enable = true;
+        shellAliases = {
+          ll = "eza -al";
+          sc = "source $HOME/.zshrc";
+          psax = "ps ax | grep";
+          cp = "rsync -ah --progress";
+        };
+      };
+    };
+  };
+
+  programs.home-manager.enable = true;
+
+  home.packages = with pkgs; [
+    eza
+  ];
+}

machines/susano-minimal/hardware-configuration.nix

@@ -0,0 +1,28 @@
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  # fileSystems."/" =
+  #   { device = "/dev/disk/by-uuid/301d5990-7186-4a90-94aa-997044007358";
+  #     fsType = "ext4";
+  #   };
+
+  # swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.ens18.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}

machines/susano/hardware-configuration.nix

@@ -0,0 +1,28 @@
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  # fileSystems."/" =
+  #   { device = "/dev/disk/by-uuid/301d5990-7186-4a90-94aa-997044007358";
+  #     fsType = "ext4";
+  #   };
+
+  # swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.ens18.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}