here we go

hosts/common/default.nix

@@ -0,0 +1,64 @@
+# Common configuration for all hosts
+{
+  config,
+  pkgs,
+  lib,
+  inputs,
+  outputs,
+  ...
+}: {
+  imports = [
+    ./extraServices
+    ./users
+    inputs.home-manager.nixosModules.home-manager
+  ];
+
+  home-manager = {
+    useUserPackages = true;
+    extraSpecialArgs = {inherit inputs outputs;};
+  };
+  nixpkgs = {
+    # You can add overlays here
+    overlays = [
+      # Add overlays your own flake exports (from overlays and pkgs dir):
+      outputs.overlays.additions
+      outputs.overlays.modifications
+      outputs.overlays.stable-packages
+
+      # You can also add overlays exported from other flakes:
+      # neovim-nightly-overlay.overlays.default
+
+      # Or define it inline, for example:
+      # (final: prev: {
+      #   hi = final.hello.overrideAttrs (oldAttrs: {
+      #     patches = [ ./change-hello-to-hi.patch ];
+      #   });
+      # })
+    ];
+    # Configure your nixpkgs instance
+    config = {
+      # Disable if you don't want unfree packages
+      allowUnfree = true;
+    };
+  };
+
+  nix = {
+    settings = {
+      experimental-features = "nix-command flakes";
+      trusted-users = [
+        "root"
+        "m3tam3re"
+      ]; # Set users that are allowed to use the flake command
+    };
+    gc = {
+      automatic = true;
+      options = "--delete-older-than 30d";
+    };
+    optimise.automatic = true;
+    registry =
+      (lib.mapAttrs (_: flake: {inherit flake;}))
+      ((lib.filterAttrs (_: lib.isType "flake")) inputs);
+    nixPath = ["/etc/nix/path"];
+  };
+  users.defaultUserShell = pkgs.fish;
+}

hosts/common/extraServices/default.nix

@@ -0,0 +1,8 @@
+{
+  imports = [
+    ./flatpak.nix
+    ./podman.nix
+    ./ollama.nix
+    ./virtualisation.nix
+  ];
+}

hosts/common/extraServices/flatpak.nix

@@ -0,0 +1,20 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+with lib; let
+  cfg = config.extraServices.flatpak;
+in {
+  options.extraServices.flatpak.enable = mkEnableOption "enable podman";
+
+  config = mkIf cfg.enable {
+    services.flatpak.enable = true;
+    xdg.portal = {
+      # xdg desktop intergration (required for flatpak)
+      enable = true;
+      extraPortals = [pkgs.xdg-desktop-portal-gtk];
+    };
+  };
+}

hosts/common/extraServices/ollama.nix

@@ -0,0 +1,24 @@
+{
+  config,
+  lib,
+  ...
+}:
+with lib; let
+  cfg = config.extraServices.ollama;
+in {
+  options.extraServices.ollama.enable = mkEnableOption "enable ollama";
+
+  config = mkIf cfg.enable {
+    services.ollama = {
+      enable = true;
+      acceleration =
+        if config.services.xserver.videoDrivers == ["amdgpu"]
+        then "rocm"
+        else if config.services.xserver.videoDrivers == ["nvidia"]
+        then "cuda"
+        else null;
+      host = "[::]";
+      openFirewall = true;
+    };
+  };
+}

hosts/common/extraServices/podman.nix

@@ -0,0 +1,32 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+with lib; let
+  cfg = config.extraServices.podman;
+in {
+  options.extraServices.podman.enable = mkEnableOption "enable podman";
+
+  config = mkIf cfg.enable {
+    virtualisation = {
+      podman = {
+        enable = true;
+        dockerCompat = true;
+        autoPrune = {
+          enable = true;
+          dates = "weekly";
+          flags = [
+            "--filter=until=24h"
+            "--filter=label!=important"
+          ];
+        };
+        defaultNetwork.settings.dns_enabled = true;
+      };
+    };
+    environment.systemPackages = with pkgs; [
+      podman-compose
+    ];
+  };
+}

hosts/common/extraServices/virtualisation.nix

@@ -0,0 +1,38 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+with lib; let
+  cfg = config.extraServices.virtualisation;
+in {
+  options.extraServices.virtualisation.enable = mkEnableOption "enable virtualisation";
+
+  config = mkIf cfg.enable {
+    virtualisation = {
+      libvirtd = {
+        enable = true;
+        qemu = {
+          package = pkgs.qemu_kvm;
+          runAsRoot = true;
+          swtpm.enable = true;
+          ovmf = {
+            enable = true;
+            packages = [
+              (pkgs.OVMF.override {
+                secureBoot = true;
+                tpmSupport = true;
+              })
+              .fd
+            ];
+          };
+        };
+      };
+    };
+    programs.virt-manager.enable = true;
+    environment.systemPackages = with pkgs; [
+      OVMFFull
+    ];
+  };
+}

hosts/common/users/default.nix

@@ -0,0 +1,3 @@
+{
+  imports = [./m3tam3re.nix];
+}

hosts/common/users/m3tam3re.nix

@@ -0,0 +1,31 @@
+{
+  config,
+  pkgs,
+  inputs,
+  ...
+}: {
+  users.users.m3tam3re = {
+    #initialHashedPassword = "$y$j9T$IoChbWGYRh.rKfmm0G86X0$bYgsWqDRkvX.EBzJTX.Z0RsTlwspADpvEF3QErNyCMC";
+    password = "12345";
+    isNormalUser = true;
+    description = "m3tam3re";
+    extraGroups = [
+      "wheel"
+      "networkmanager"
+      "libvirtd"
+      "flatpak"
+      "audio"
+      "video"
+      "plugdev"
+      "input"
+      "kvm"
+      "qemu-libvirtd"
+    ];
+    openssh.authorizedKeys.keys = [
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3YEmpYbM+cpmyD10tzNRHEn526Z3LJOzYpWEKdJg8DaYyPbDn9iyVX30Nja2SrW4Wadws0Y8DW+Urs25/wVB6mKl7jgPJVkMi5hfobu3XAz8gwSdjDzRSWJrhjynuaXiTtRYED2INbvjLuxx3X8coNwMw58OuUuw5kNJp5aS2qFmHEYQErQsGT4MNqESe3jvTP27Z5pSneBj45LmGK+RcaSnJe7hG+KRtjuhjI7RdzMeDCX73SfUsal+rHeuEw/mmjYmiIItXhFTDn8ZvVwpBKv7xsJG90DkaX2vaTk0wgJdMnpVIuIRBa4EkmMWOQ3bMLGkLQeK/4FUkNcvQ/4+zcZsg4cY9Q7Fj55DD41hAUdF6SYODtn5qMPsTCnJz44glHt/oseKXMSd556NIw2HOvihbJW7Rwl4OEjGaO/dF4nUw4c9tHWmMn9dLslAVpUuZOb7ykgP0jk79ldT3Dv+2Hj0CdAWT2cJAdFX58KQ9jUPT3tBnObSF1lGMI7t77VU= m3tam3re@m3-nix"
+    ];
+    packages = [inputs.home-manager.packages.${pkgs.system}.default];
+  };
+  home-manager.users.m3tam3re =
+    import ../../../home/m3tam3re/${config.networking.hostName}.nix;
+}