restructure flake, remove ona-book

partially based on https://codeberg.org/kiara/cfg
2025-03-15 11:03:03 +01:00 · 2025-03-15 11:03:03 +01:00 · 7153f0836a
parent a620f86204
commit 7153f0836a
17 changed files with 189 additions and 337 deletions
--- a/flake.nix
+++ b/flake.nix
@ -22,33 +22,34 @@
      lix-module,
      nixos-hardware,
    }:
+    let
+      devices = {
+        vinzenz-lpt2 = "x86_64-linux";
+        vinzenz-pc2 = "x86_64-linux";
+        hetzner-vpn2 = "aarch64-linux";
+        forgejo-runner-1 = "aarch64-linux";
+      };
+      forDevice = f: nixpkgs.lib.mapAttrs f devices;
+    in
    {
-      nixosConfigurations =
-        let
-          host-params = {
-            inherit nixpkgs;
-            inherit home-manager;
-            inherit lix-module;
-            inherit nixos-hardware;
-            common-modules = [
-              lix-module.nixosModules.default
-              ./common
-            ];
-            desktop-modules = [
-              home-manager.nixosModules.home-manager
-              ./home
-              ./modules/desktop-environment.nix
-              ./modules/desktop-hardware.nix
-            ];
-          };
-        in
-        {
-          vinzenz-lpt2 = import ./hosts/vinzenz-lpt2 host-params;
-          vinzenz-pc2 = import ./hosts/vinzenz-pc2 host-params;
-          hetzner-vpn2 = import ./hosts/hetzner-vpn2 host-params;
-          forgejo-runner-1 = import ./hosts/forgejo-runner-1 host-params;
-          ona-book = import ./hosts/ona-book host-params;
-        };
+      nixosConfigurations = forDevice (
+        device: system:
+        nixpkgs.lib.nixosSystem {
+          inherit system;
+          modules = [
+            lix-module.nixosModules.default
+            home-manager.nixosModules.home-manager
+
+            { networking.hostName = device; }
+
+            ./common
+
+            ./hosts/${device}/hardware.nix
+            ./hosts/${device}/imports.nix
+            ./hosts/${device}/configuration.nix
+          ];
+        }
+      );

      formatter = {
        x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixfmt-rfc-style;
--- a/hosts/forgejo-runner-1/configuration.nix
+++ b/hosts/forgejo-runner-1/configuration.nix
@ -0,0 +1,15 @@
+{ pkgs, ... }:
+{
+  # uncomment for build check on non arm system (requires --impure)
+  # nixpkgs.buildPlatform = builtins.currentSystem;
+  services.tailscale.useRoutingFeatures = "both";
+  system.autoUpgrade.allowReboot = true;
+
+  users.users = {
+    root.openssh.authorizedKeys.keys = [
+      ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH''
+      ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming''
+      ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming''
+    ];
+  };
+}
--- a/hosts/forgejo-runner-1/default.nix
+++ b/hosts/forgejo-runner-1/default.nix
@ -1,27 +0,0 @@
-{ nixpkgs, common-modules, ... }:
-nixpkgs.lib.nixosSystem {
-  system = "aarch64-linux";
-  modules = common-modules ++ [
-    ./hardware.nix
-    ../../users/vinzenz.nix
-    ../../modules/podman.nix
-    ./forgejo-runner.nix
-    { networking.hostName = "forgejo-runner-1"; }
-    {
-      # uncomment for build check on non arm system (requires --impure)
-      # nixpkgs.buildPlatform = builtins.currentSystem;
-    }
-    {
-      services.tailscale.useRoutingFeatures = "both";
-      system.autoUpgrade.allowReboot = true;
-
-      users.users = {
-        root.openssh.authorizedKeys.keys = [
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH''
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming''
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming''
-        ];
-      };
-    }
-  ];
-}
--- a/hosts/forgejo-runner-1/imports.nix
+++ b/hosts/forgejo-runner-1/imports.nix
@ -0,0 +1,7 @@
+{
+  imports = [
+    ../../users/vinzenz.nix
+    ../../modules/podman.nix
+    ./forgejo-runner.nix
+  ];
+}
--- a/hosts/hetzner-vpn2/configuration.nix
+++ b/hosts/hetzner-vpn2/configuration.nix
@ -0,0 +1,27 @@
+{ pkgs, ... }:
+{
+  # uncomment for build check on non arm system (requires --impure)
+  # nixpkgs.buildPlatform = builtins.currentSystem;
+
+  services.tailscale.useRoutingFeatures = "both";
+
+  users.users = {
+    root.openssh.authorizedKeys.keys = [
+      ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf''
+      ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH''
+      ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming''
+      ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming''
+    ];
+    vinzenz.openssh.authorizedKeys.keys = [
+      ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf''
+      ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH''
+      ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming''
+      ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming''
+    ];
+    ronja.openssh.authorizedKeys.keys = [
+      ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key''
+    ];
+  };
+
+  system.autoUpgrade.allowReboot = true;
+}
--- a/hosts/hetzner-vpn2/default.nix
+++ b/hosts/hetzner-vpn2/default.nix
@ -1,40 +0,0 @@
-{ nixpkgs, common-modules, ... }:
-nixpkgs.lib.nixosSystem {
-  system = "aarch64-linux";
-  modules = common-modules ++ [
-    ./hardware.nix
-    ./nginx.nix
-    ../../users/vinzenz.nix
-    ../../users/ronja.nix
-    { networking.hostName = "hetzner-vpn2"; }
-    {
-      # uncomment for build check on non arm system (requires --impure)
-      # nixpkgs.buildPlatform = builtins.currentSystem;
-    }
-    {
-      services.tailscale.useRoutingFeatures = "both";
-    }
-    {
-      users.users = {
-        root.openssh.authorizedKeys.keys = [
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf''
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH''
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming''
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming''
-        ];
-        vinzenz.openssh.authorizedKeys.keys = [
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf''
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH''
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming''
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming''
-        ];
-        ronja.openssh.authorizedKeys.keys = [
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key''
-        ];
-      };
-    }
-    {
-      system.autoUpgrade.allowReboot = true;
-    }
-  ];
-}
--- a/hosts/hetzner-vpn2/imports.nix
+++ b/hosts/hetzner-vpn2/imports.nix
@ -0,0 +1,7 @@
+{
+  imports = [
+    ./nginx.nix
+    ../../users/vinzenz.nix
+    ../../users/ronja.nix
+  ];
+}
--- a/hosts/ona-book/default.nix
+++ b/hosts/ona-book/default.nix
@ -1,46 +0,0 @@
-{
-  nixpkgs,
-  common-modules,
-  desktop-modules,
-  nixos-hardware,
-  home-manager,
-  ...
-}:
-nixpkgs.lib.nixosSystem {
-  system = "x86_64-linux";
-  modules = common-modules ++ [
-    home-manager.nixosModules.home-manager
-    ../../home
-    ../../modules/desktop-environment.nix
-
-    nixos-hardware.nixosModules.apple-macbook-pro-14-1
-    { allowedUnfreePackages = [ "b43-firmware" ]; }
-
-    ./hardware.nix
-    ../../home/gnome.nix
-    ../../users/ronja.nix
-    ../../modules/gnome.nix
-
-    {
-      networking = {
-        hostName = "ona-book";
-        networkmanager.enable = true;
-      };
-      services.xserver.xkb = {
-        layout = "us";
-        options = "eurosign:e,caps:escape";
-      };
-    }
-
-    {
-      home-manager.users.ronja = import ../../home/ronja;
-
-      users.users.ronja.openssh.authorizedKeys.keys = [
-      ];
-    }
-
-    {
-
-    }
-  ];
-}
--- a/hosts/ona-book/hardware.nix
+++ b/hosts/ona-book/hardware.nix
@ -1,79 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  modulesPath,
-  ...
-}:
-{
-  imports = [
-    (modulesPath + "/hardware/network/broadcom-43xx.nix")
-    (modulesPath + "/installer/scan/not-detected.nix")
-  ];
-
-  config = {
-    boot = {
-      initrd.availableKernelModules = [
-        "xhci_pci"
-        "nvme"
-        "usb_storage"
-        "sd_mod"
-      ];
-      initrd.kernelModules = [ ];
-      kernelModules = [
-        "kvm-intel"
-        "snd_hda_codec_cs8409"
-        "hci_uart"
-        "bluetooth"
-        "btbcm"
-      ];
-      extraModulePackages = [ ];
-      blacklistedKernelModules = [ ];
-      kernelParams = [];
-      loader = {
-        efi.canTouchEfiVariables = true;
-        systemd-boot = {
-          enable = true;
-          editor = false; # do not allow changing kernel parameters
-          consoleMode = "max";
-        };
-      };
-    };
-
-    fileSystems = {
-      "/" = {
-        device = "/dev/disk/by-uuid/15220182-5617-4963-814e-19ff29b7db8c";
-        fsType = "btrfs";
-      };
-
-      "/boot" = {
-        device = "/dev/disk/by-uuid/1C7D-07C1";
-        fsType = "vfat";
-        options = [
-          "fmask=0077"
-          "dmask=0077"
-        ];
-      };
-    };
-
-    swapDevices = [
-      { device = "/dev/disk/by-uuid/e4c91c7e-8b62-48e4-923d-4d750ebbc7db"; }
-    ];
-
-    # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-    # (the default) this is the recommended approach. When using systemd-networkd it's
-    # still possible to use this option, but it's recommended to use it in conjunction
-    # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-    networking.useDHCP = lib.mkDefault true;
-    # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
-
-    nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-    hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-
-    hardware.enableAllFirmware = true;
-    nixpkgs.config.allowUnfree = true;
-    hardware.enableRedistributableFirmware = true;
-
-    hardware.facetimehd.enable = true;
-  };
-}
--- a/hosts/vinzenz-lpt2/configuration.nix
+++ b/hosts/vinzenz-lpt2/configuration.nix
@ -0,0 +1,34 @@
+{
+  pkgs,
+  ...
+}:
+{
+  imports = [ ./nginx.nix ];
+  networking.networkmanager.enable = true;
+  nix.settings.extra-platforms = [
+    "aarch64-linux"
+    "i686-linux"
+  ];
+
+  services.xserver.xkb = {
+    # Configure keymap in X11
+    layout = "de";
+    variant = "";
+  };
+
+  # Configure console keymap
+  console.keyMap = "de";
+
+  home-manager.users.vinzenz = import ../../home/vinzenz;
+
+  users.users.vinzenz.openssh.authorizedKeys.keys = [
+    ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH''
+    ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming''
+  ];
+
+  #users.users.ronja.openssh.authorizedKeys.keys = [
+  #  ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key''
+  #];
+
+  programs.adb.enable = true;
+}
--- a/hosts/vinzenz-lpt2/default.nix
+++ b/hosts/vinzenz-lpt2/default.nix
@ -1,60 +0,0 @@
-{
-  nixpkgs,
-  common-modules,
-  desktop-modules,
-  ...
-}:
-nixpkgs.lib.nixosSystem {
-  system = "x86_64-linux";
-  modules =
-    common-modules
-    ++ desktop-modules
-    ++ [
-      ./hardware.nix
-      ./nginx.nix
-
-      ../../home/gnome.nix
-      ../../users/vinzenz.nix
-      ../../modules/gnome.nix
-      ../../modules/gaming.nix
-      ../../modules/printing.nix
-      ../../modules/podman.nix
-
-      {
-        networking = {
-          hostName = "vinzenz-lpt2";
-          networkmanager.enable = true;
-        };
-        nix.settings.extra-platforms = [
-          "aarch64-linux"
-          "i686-linux"
-        ];
-
-        services.xserver.xkb = {
-          # Configure keymap in X11
-          layout = "de";
-          variant = "";
-        };
-
-        # Configure console keymap
-        console.keyMap = "de";
-      }
-
-      {
-        home-manager.users.vinzenz = import ../../home/vinzenz;
-
-        users.users.vinzenz.openssh.authorizedKeys.keys = [
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH''
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming''
-        ];
-
-        #users.users.ronja.openssh.authorizedKeys.keys = [
-        #  ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key''
-        #];
-      }
-
-      {
-        programs.adb.enable = true;
-      }
-    ];
-}
--- a/hosts/vinzenz-lpt2/imports.nix
+++ b/hosts/vinzenz-lpt2/imports.nix
@ -0,0 +1,15 @@
+{
+  imports = [
+    ../../home/gnome.nix
+    ../../users/vinzenz.nix
+    ../../modules/gnome.nix
+    ../../modules/gaming.nix
+    ../../modules/printing.nix
+    ../../modules/podman.nix
+
+    ../../home
+    ../../modules/desktop-environment.nix
+    ../../modules/desktop-hardware.nix
+
+  ];
+}
--- a/hosts/vinzenz-pc2/configuration.nix
+++ b/hosts/vinzenz-pc2/configuration.nix
@ -0,0 +1,40 @@
+{
+  pkgs,
+  ...
+}:
+{
+  imports = [
+    ./hardware.nix
+    ./vscode-server.nix
+  ];
+  networking.networkmanager.enable = true;
+  nix.settings.extra-platforms = [
+    "aarch64-linux"
+    "i686-linux"
+  ];
+
+  services.xserver.xkb = {
+    # Configure keymap in X11
+    layout = "de";
+    variant = "";
+  };
+
+  # Configure console keymap
+  console.keyMap = "de";
+
+  home-manager.users = {
+    vinzenz = import ../../home/vinzenz;
+    ronja = import ../../home/ronja;
+  };
+
+  users.users.vinzenz.openssh.authorizedKeys.keys = [
+    ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrY6tcgnoC/xbgL7vxSjddEY9MBxRXe9n2cAHt88/TT home roaming''
+    ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH''
+    ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming''
+  ];
+
+  users.users.ronja.openssh.authorizedKeys.keys = [
+    ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key''
+    ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEgN6J8KyVyQqBAz+y3drXDmIsxOPkdPB+ISgpIP9Eld Generated By Termius''
+  ];
+}
--- a/hosts/vinzenz-pc2/default.nix
+++ b/hosts/vinzenz-pc2/default.nix
@ -1,59 +0,0 @@
-{
-  nixpkgs,
-  common-modules,
-  desktop-modules,
-  ...
-}:
-nixpkgs.lib.nixosSystem {
-  system = "x86_64-linux";
-  modules =
-    common-modules
-    ++ desktop-modules
-    ++ [
-      ./hardware.nix
-      ./vscode-server.nix
-      ../../home/gnome.nix
-      ../../users/vinzenz.nix
-      ../../users/ronja.nix
-      ../../modules/gnome.nix
-      ../../modules/gaming.nix
-      ../../modules/printing.nix
-      ../../modules/podman.nix
-      {
-        networking = {
-          hostName = "vinzenz-pc2";
-          networkmanager.enable = true;
-        };
-        nix.settings.extra-platforms = [
-          "aarch64-linux"
-          "i686-linux"
-        ];
-
-        services.xserver.xkb = {
-          # Configure keymap in X11
-          layout = "de";
-          variant = "";
-        };
-
-        # Configure console keymap
-        console.keyMap = "de";
-      }
-      {
-        home-manager.users = {
-          vinzenz = import ../../home/vinzenz;
-          ronja = import ../../home/ronja;
-        };
-
-        users.users.vinzenz.openssh.authorizedKeys.keys = [
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrY6tcgnoC/xbgL7vxSjddEY9MBxRXe9n2cAHt88/TT home roaming''
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH''
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming''
-        ];
-
-        users.users.ronja.openssh.authorizedKeys.keys = [
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key''
-          ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEgN6J8KyVyQqBAz+y3drXDmIsxOPkdPB+ISgpIP9Eld Generated By Termius''
-        ];
-      }
-    ];
-}
--- a/hosts/vinzenz-pc2/imports.nix
+++ b/hosts/vinzenz-pc2/imports.nix
@ -0,0 +1,15 @@
+{
+  imports = [
+    ../../home/gnome.nix
+    ../../users/vinzenz.nix
+    ../../users/ronja.nix
+    ../../modules/gnome.nix
+    ../../modules/gaming.nix
+    ../../modules/printing.nix
+    ../../modules/podman.nix
+
+    ../../home
+    ../../modules/desktop-environment.nix
+    ../../modules/desktop-hardware.nix
+  ];
+}
--- a/modules/gaming.nix
+++ b/modules/gaming.nix
@ -75,6 +75,7 @@
      "steam-original"
      "steam-run"
      "steam-unwrapped"
+      "ut1999"
    ];
  };
 }
--- a/users/vinzenz.nix
+++ b/users/vinzenz.nix
@ -14,6 +14,7 @@
        "podman"
        "nginx"
        "adbusers"
+        "kvm"
      ];
      shell = pkgs.zsh;
      autoSubUidGidRange = true;