feat: Flake | revamp entire flake (#1)

Reviewed-on: #1

hosts/nixos/rihla/default.nix

@@ -0,0 +1,92 @@
+{
+  inputs,
+  lib,
+  ...
+}:
+
+{
+  imports = lib.flatten [
+    #
+    # ========= Hardware =========
+    #
+    ./hardware-configuration.nix
+    inputs.nixos-hardware.nixosModules.common-cpu-amd
+    inputs.nixos-hardware.nixosModules.common-gpu-amd
+    inputs.nixos-hardware.nixosModules.common-pc-ssd
+    inputs.nixos-hardware.nixosModules.framework-13-7040-amd
+
+    #
+    # ======== Secure Boot =========
+    #
+    inputs.lanzaboote.nixosModules.lanzaboote
+
+    #
+    # ========= Disk Layout =========
+    #
+    inputs.disko.nixosModules.disko
+    (lib.custom.relativeToRoot "hosts/common/disks/rihla.nix")
+
+    #
+    # ========= Required Configs =========
+    #
+    (map lib.custom.relativeToRoot [
+      "hosts/common/core"
+    ])
+
+    #
+    # ========= Optional Configs =========
+    #
+    (map (config: lib.custom.relativeToRoot "hosts/common/optional/${config}.nix") [
+      "1password"
+      "dconf"
+      "docker"
+      "gaming"
+      "hyprland"
+      "nix-ld"
+      "secure-boot"
+      "yubikey"
+    ])
+
+    #
+    # ========= Optional Services =========
+    #
+    (map (service: lib.custom.relativeToRoot "hosts/common/optional/services/${service}.nix") [
+      "audio"
+      "bluetooth"
+      "firmware"
+      "greetd"
+      "openssh"
+      "printing"
+      "smart-card"
+    ])
+  ];
+
+  #
+  # ========= Host specification =========
+  #
+  hostSpec = {
+    hostName = "rihla";
+  };
+
+  networking = {
+    networkmanager.enable = true;
+    enableIPv6 = false;
+  };
+
+  boot = {
+    loader = {
+      # Set this to true on first install. This must be false for secure boot.
+      systemd-boot.enable = lib.mkForce false;
+      efi.canTouchEfiVariables = true;
+    };
+
+    lanzaboote = {
+      enable = true;
+      pkiBundle = "/var/lib/sbctl";
+    };
+  };
+
+  security.rtkit.enable = true;
+
+  system.stateVersion = "25.05";
+}

hosts/nixos/rihla/hardware-configuration.nix

@@ -0,0 +1,47 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{
+  pkgs,
+  config,
+  lib,
+  modulesPath,
+  ...
+}: {
+  imports = [(modulesPath + "/installer/scan/not-detected.nix")];
+
+  boot = {
+    initrd = {
+      availableKernelModules = [
+        "nvme"
+        "xhci_pci"
+        "ahci"
+        "usbhid"
+        "thunderbolt"
+        "usb_storage"
+        "sd_mod"
+      ];
+      kernelModules = [];
+    };
+
+    kernelModules = ["kvm-amd"];
+    extraModulePackages = [];
+  };
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp193s0f3u2.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware = {
+    cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+    graphics = {
+      enable = true;
+      extraPackages = with pkgs; [amdvlk];
+    };
+  };
+}