Add initial Nix flake configuration for PC and Laptop with Home Manager support

- Create flake.nix to define NixOS configurations for PC and Laptop
- Add README.md with setup instructions and layout overview
- Implement common NixOS settings in modules/common.nix
- Configure Home Manager for user-specific settings in home/users/user/home.nix
- Set up hardware configurations for both PC and Laptop
- Enable Home Manager integration in host configurations
- Introduce Zen Browser package definition

README.md

@@ -0,0 +1,62 @@
+# Nix flake for PC and Laptop
+
+This flake provides two NixOS hosts (pc and laptop) with shared modules and Home Manager.
+
+## Layout
+
+- `flake.nix` — Flake inputs/outputs, two `nixosConfigurations` (pc, laptop)
+- `modules/common.nix` — Common NixOS settings for both hosts
+- `hosts/pc` — PC host config + its `hardware-configuration.nix`
+- `hosts/laptop` — Laptop host config + its `hardware-configuration.nix`
+- `home/users/user/home.nix` — Home Manager configuration for the user
+
+## Quick start
+
+1) Update variables:
+
+- In `flake.nix`, set `user = "<your-username>"`.
+- Rename `home/users/user/` to `home/users/<your-username>/` and edit `home.nix` accordingly.
+- In each host's `configuration.nix`, the Home Manager import uses `${user}` so it will follow automatically once the flake variable is set.
+- Set `networking.hostName` per host if you want different names.
+
+2) Generate real hardware configs on each device:
+
+On each machine, clone this repo and inside that host folder run:
+
+```bash
+sudo nixos-generate-config --show-hardware-config > hosts/<host>/hardware-configuration.nix
+```
+
+Replace the placeholder UUIDs and modules in the template with the generated content.
+
+3) Switch configuration on the machine:
+
+From the repo root on the machine you are configuring:
+
+```bash
+sudo nixos-rebuild switch --flake .#pc
+# or
+sudo nixos-rebuild switch --flake .#laptop
+```
+
+If building from another machine for a remote target, add `--target-host` and optionally `--use-remote-sudo`.
+
+4) Home Manager only (optional):
+
+Home Manager is integrated as a NixOS module. If you want to apply only HM changes after login:
+
+```bash
+home-manager switch --flake .#<username>@<host>
+```
+
+5) Format the repo (optional):
+
+```bash
+nix fmt
+```
+
+## Notes
+
+- This flake targets x86_64-linux only. If you need ARM support, you'll need to add an aarch64 system and review the inputs.
+- Update `system.stateVersion` and `home.stateVersion` only when you deliberately accept new defaults.
+- To pin a newer NixOS release, change inputs `nixpkgs` and `home-manager` to the latest stable branch and review release notes.

flake.nix

@@ -0,0 +1,58 @@
+{
+  description = "Nix flake for PC and laptop with shared modules and Home Manager";
+
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; # You can bump to a newer release later (e.g., nixos-24.11)
+
+    home-manager = {
+      url = "github:nix-community/home-manager/release-24.05";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+  };
+
+  outputs = { self, nixpkgs, home-manager, ... }:
+    let
+      # Change this to your preferred login name once you clone on the machine(s)
+      user = "user";
+
+      mkFormatter = system: let pkgs = import nixpkgs { inherit system; }; in pkgs.alejandra;
+    in
+    {
+  # Two NixOS hosts. This flake targets x86_64-linux only.
+      nixosConfigurations = {
+        pc = nixpkgs.lib.nixosSystem {
+          system = "x86_64-linux";
+          specialArgs = {
+            inherit user;
+            # Only pass what host modules need from inputs to stay tidy
+            inputs = { inherit home-manager; };
+          };
+          modules = [ ./hosts/pc/configuration.nix ];
+        };
+
+        laptop = nixpkgs.lib.nixosSystem {
+          system = "x86_64-linux";
+          specialArgs = {
+            inherit user;
+            inputs = { inherit home-manager; };
+          };
+          modules = [ ./hosts/laptop/configuration.nix ];
+        };
+      };
+
+      # `nix fmt` support
+      formatter = {
+        x86_64-linux = mkFormatter "x86_64-linux";
+      };
+
+      # Expose custom packages
+      packages = {
+        x86_64-linux = let
+nixpkgs48 = nixpkgs; # alias
+          pkgs = import nixpkgs { system = "x86_64-linux"; };
+        in {
+          zen-browser = pkgs.callPackage ./packages/zen-browser.nix { inherit (pkgs) buildMozillaMach buildNpmPackage fetchFromGitHub lib fetchurl git pkg-config python3 vips runtimeShell writeScriptBin; };
+        };
+      };
+    };
+}

home/users/user/home.nix

@@ -0,0 +1,17 @@
+{ config, pkgs, ... }:
+{
+  home.username = "user"; # set by flake variable in system configs; keep consistent
+  home.homeDirectory = "/home/user";
+
+  # Set once on first deploy; bump if you intentionally accept breaking changes
+  home.stateVersion = "24.05";
+
+  programs.home-manager.enable = true;
+
+  programs.bash.enable = true;
+  programs.starship = { enable = true; enableBashIntegration = true; };
+
+  home.packages = with pkgs; [
+    fastfetch
+  ];
+}

hosts/laptop/configuration.nix

@@ -0,0 +1,26 @@
+{ config, lib, pkgs, inputs, user, ... }:
+{
+  imports = [
+    ../../modules/common.nix
+    ./hardware-configuration.nix
+    inputs.home-manager.nixosModules.home-manager
+  ];
+
+  networking.hostName = "laptop";
+
+  # Host-specific tweaks
+  powerManagement.powertop.enable = true; # example: laptop power savings
+  services.tlp.enable = true;
+
+  users.users.${user} = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" "networkmanager" ];
+  };
+
+  # Home Manager user wiring
+  home-manager = {
+    useGlobalPkgs = true;
+    useUserPackages = true;
+    users.${user} = import ../../home/users/${user}/home.nix;
+  };
+}

hosts/laptop/hardware-configuration.nix

@@ -0,0 +1,19 @@
+# NOTE: Replace with the actual generated hardware config from the laptop.
+# Generate on the laptop with:
+#   sudo nixos-generate-config --show-hardware-config > hardware-configuration.nix
+{ config, lib, pkgs, modulesPath, ... }:
+{
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "sr_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/11111111-1111-1111-1111-111111111111";
+      fsType = "ext4";
+    };
+
+  swapDevices = [ ];
+}

hosts/pc/configuration.nix

@@ -0,0 +1,25 @@
+{ config, lib, pkgs, inputs, user, ... }:
+{
+  imports = [
+    ../../modules/common.nix
+    ./hardware-configuration.nix
+    inputs.home-manager.nixosModules.home-manager
+  ];
+
+  networking.hostName = "pc";
+
+  # Host-specific tweaks
+  services.printing.enable = true; # example: enable printing on PC
+
+  users.users.${user} = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" "networkmanager" ];
+  };
+
+  # Home Manager user wiring
+  home-manager = {
+    useGlobalPkgs = true;
+    useUserPackages = true;
+    users.${user} = import ../../home/users/${user}/home.nix;
+  };
+}

hosts/pc/hardware-configuration.nix

@@ -0,0 +1,19 @@
+# NOTE: Replace with the actual generated hardware config from the PC.
+# Generate on the PC with:
+#   sudo nixos-generate-config --show-hardware-config > hardware-configuration.nix
+{ config, lib, pkgs, modulesPath, ... }:
+{
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "sr_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/00000000-0000-0000-0000-000000000000";
+      fsType = "ext4";
+    };
+
+  swapDevices = [ ];
+}

modules/common.nix

@@ -0,0 +1,61 @@
+{ config, lib, pkgs, ... }:
+{
+  nix = {
+    settings = {
+      experimental-features = [ "nix-command" "flakes" ];
+      auto-optimise-store = true;
+    };
+    gc = {
+      automatic = true;
+      dates = "weekly";
+      options = "--delete-older-than 14d";
+    };
+  };
+
+  time.timeZone = "UTC";
+
+  i18n = {
+    defaultLocale = "en_US.UTF-8";
+    extraLocaleSettings = {
+      LC_TIME = "en_US.UTF-8";
+      LC_MONETARY = "en_US.UTF-8";
+      LC_NUMERIC = "en_US.UTF-8";
+      LC_MEASUREMENT = "en_US.UTF-8";
+      LC_PAPER = "en_US.UTF-8";
+    };
+  };
+
+  console = {
+    keyMap = "us";
+    earlySetup = true;
+  };
+
+  networking.networkmanager.enable = true;
+
+  services.openssh = {
+    enable = true;
+    settings = {
+      PasswordAuthentication = false;
+      KbdInteractiveAuthentication = false;
+      PermitRootLogin = "no";
+    };
+  };
+
+  security.sudo.wheelNeedsPassword = false;
+
+  users.defaultUserShell = pkgs.bashInteractive; # change to zsh if preferred
+
+  environment.systemPackages = with pkgs; [
+    alakritty
+    # Custom Zen Browser package (defined in ../packages/zen-browser.nix)
+    (pkgs.callPackage ../packages/zen-browser.nix { inherit (pkgs) buildMozillaMach buildNpmPackage fetchFromGitHub lib fetchurl git pkg-config python3 vips runtimeShell writeScriptBin; })
+  ];
+
+  # Allow proprietary software if needed
+  nixpkgs.config = {
+    allowUnfree = true;
+  };
+
+  # Set the minimal stateVersion. When you upgrade, bump per host.
+  system.stateVersion = "24.05"; # do not change without reading the manual
+}

packages/zen-browser.nix

@@ -0,0 +1,114 @@
+{ buildMozillaMach
+, buildNpmPackage
+, fetchFromGitHub
+, lib
+, fetchurl
+, git
+, pkg-config
+, python3
+, vips
+, runtimeShell
+, writeScriptBin
+, ... }:
+
+let
+  zenVersion = "1.12.5b";
+  firefoxVersion = "138.0.3";
+
+  firefoxSrc = fetchurl {
+    url = "https://archive.mozilla.org/pub/firefox/releases/${firefoxVersion}/source/firefox-${firefoxVersion}.source.tar.xz";
+    hash = "sha256-on86tB1jWyodhBgonR3tzWy1MhSMfWPT+Ll8ZkRVE+Q=";
+  };
+
+  patchedSrc = buildNpmPackage {
+    pname = "firefox-zen-browser-src-patched";
+    version = zenVersion;
+
+    src = fetchFromGitHub {
+      owner = "zen-browser";
+      repo = "desktop";
+      tag = zenVersion;
+      hash = "sha256-6CovYcJBbR9QtcNqZEC4tmukWTqra1b4VepmO21TwhM=";
+      fetchSubmodules = true;
+    };
+
+    postUnpack = ''
+      tar xf ${firefoxSrc}
+      mkdir -p source/engine
+      mv firefox-${firefoxVersion} source/engine
+    '';
+
+    npmDepsHash = "sha256-NwX8+gpz66dl70QyvEETTgTwyAtlv+OaqGtgpeCvvUY=";
+
+    makeCacheWritable = true;
+
+    nativeBuildInputs = [
+      git
+      python3
+      pkg-config
+      (writeScriptBin "sips" ''
+        #!${runtimeShell}
+        echo >&2 "$@"
+      '')
+      (writeScriptBin "iconutil" ''
+        #!${runtimeShell}
+        echo >&2 "$@"
+      '')
+    ];
+
+    buildInputs = [ vips ];
+
+    buildPhase = ''
+      npm run surfer ci --brand release --display-version ${zenVersion}
+      npm run import
+      python ./scripts/update_en_US_packs.py
+    '';
+
+    installPhase = ''
+      cp -r engine $out
+
+      cd $out
+      for i in $(find . -type l); do
+        realpath=$(readlink $i)
+        rm $i
+        cp $realpath $i
+      done
+    '';
+
+    dontFixup = true;
+  };
+in
+(
+  (buildMozillaMach {
+    pname = "zen-browser";
+    packageVersion = zenVersion;
+    version = firefoxVersion;
+    applicationName = "Zen Browser";
+    binaryName = "zen";
+    branding = "browser/branding/release";
+    requireSigning = false;
+    allowAddonSideload = true;
+
+    src = patchedSrc;
+
+    extraConfigureFlags = [ "--with-app-basename=Zen" ];
+
+    meta = {
+      description = "Firefox based browser with a focus on privacy and customization";
+      homepage = "https://zen-browser.app/";
+      downloadPage = "https://zen-browser.app/download/";
+      changelog = "https://zen-browser.app/release-notes/#${zenVersion}";
+      license = lib.licenses.mpl20;
+      maintainers = with lib.maintainers; [ matthewpi titaniumtown eveeifyeve ];
+      broken = true;
+      platforms = lib.platforms.unix;
+      mainProgram = "zen";
+    };
+  }).override {
+    pgoSupport = false;
+    crashreporterSupport = false;
+    enableOfficialBranding = false;
+  }
+).overrideAttrs (prev: {
+  patches = builtins.filter (p: !(lib.hasInfix "firefox-mac-missing-vector-header.patch" p)) prev.patches;
+})