move example installer testbed

utilities/nixos-installers/examples/testbed/flake.nix

@@ -0,0 +1,135 @@
+{
+  inputs = {
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
+    home-manager.url = "github:rycee/home-manager/release-25.05";
+
+    common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/common";
+    de_plasma.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/de_plasma";
+    ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim";
+
+    impermanence.url = "github:nix-community/impermanence";
+  };
+
+  outputs =
+    {
+      nixpkgs,
+      home-manager,
+      common,
+      ros_neovim,
+      ...
+    }@inputs:
+    let
+      configurationName = "testbed";
+      system = "x86_64-linux";
+      primaryUser = "luser";
+      configLocation = "/home/${primaryUser}/.config/nixos-config/utilities/nixos-installers/examples/${configurationName}";
+      # configLocation = "/home/${primaryUser}/.config/nixos-config/hosts/${configurationName}";
+      lib = nixpkgs.lib;
+    in
+    {
+      nixosConfigurations = {
+        "${configurationName}" = (
+          lib.nixosSystem {
+            inherit system;
+            specialArgs = {
+              inherit inputs;
+            };
+            modules = [
+              inputs.impermanence.nixosModules.impermanence
+              inputs.home-manager.nixosModules.default
+
+              inputs.de_plasma.nixosModules.default
+              ros_neovim.nixosModules.default
+              (
+                { ... }:
+                {
+                  ringofstorms-nvim.includeAllRuntimeDependencies = true;
+                }
+              )
+
+              common.nixosModules.essentials
+              common.nixosModules.git
+              common.nixosModules.tmux
+              common.nixosModules.boot_systemd
+              common.nixosModules.hardening
+              common.nixosModules.jetbrains_font
+              common.nixosModules.nix_options
+              common.nixosModules.no_sleep
+              common.nixosModules.timezone_auto
+              common.nixosModules.tty_caps_esc
+              common.nixosModules.zsh
+
+              ./hardware-configuration.nix
+              ./impermanence.nix
+              ./plasma.nix
+              (
+                {
+                  config,
+                  pkgs,
+                  upkgs,
+                  lib,
+                  ...
+                }:
+                rec {
+                  system.stateVersion = "25.05";
+                  services.openssh.settings.PasswordAuthentication = lib.mkForce true;
+
+                  myPlasma = {
+                    enable = true;
+                    gpu.intel.enable = true;
+                    sddm.autologinUser = "luser";
+                  };
+
+                  # Home Manager
+                  home-manager = {
+                    useUserPackages = true;
+                    useGlobalPkgs = true;
+                    backupFileExtension = "bak";
+                    # add all normal users to home manager so it applies to them
+                    users = lib.mapAttrs (name: user: {
+                      home.stateVersion = "25.05";
+                      programs.home-manager.enable = true;
+                    }) (lib.filterAttrs (name: user: user.isNormalUser or false) users.users);
+
+                    sharedModules = [
+                      common.homeManagerModules.tmux
+                      common.homeManagerModules.atuin
+                      common.homeManagerModules.direnv
+                      common.homeManagerModules.git
+                      common.homeManagerModules.postgres_cli_options
+                      common.homeManagerModules.starship
+                      common.homeManagerModules.zoxide
+                      common.homeManagerModules.zsh
+                    ];
+
+                    extraSpecialArgs = {
+                      inherit inputs;
+                      inherit upkgs;
+                    };
+                  };
+
+                  # System configuration
+                  networking.hostName = configurationName;
+                  programs.nh.flake = configLocation;
+                  nixpkgs.config.allowUnfree = true;
+                  users.mutableUsers = false;
+                  users.users = {
+                    "${primaryUser}" = {
+                      isNormalUser = true;
+                      hashedPassword = "$y$j9T$v1QhXiZMRY1pFkPmkLkdp0$451GvQt.XFU2qCAi4EQNd1BEqjM/CH6awU8gjcULps6"; # "test" password
+                      extraGroups = [
+                        "wheel"
+                        "networkmanager"
+                      ];
+                      openssh.authorizedKeys.keys = [
+                      ];
+                    };
+                  };
+                }
+              )
+            ];
+          }
+        );
+      };
+    };
+}

utilities/nixos-installers/examples/testbed/hardware-configuration.nix

@@ -0,0 +1,120 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+let
+  NIXBOOT = "/dev/disk/by-uuid/641A-6BDB";
+  NIXROOT ="/dev/disk/by-uuid/ae94db42-ec46-4e2f-a98a-118359428a68"; 
+  cryptroot = "/dev/disk/by-uuid/49f11bf1-d4b7-4188-9203-4d7a42569afa";
+
+  USB_KEY = "/dev/disk/by-uuid/9985-EBD1";
+in
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "sdhci_pci" "ehci_pci" "uas" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/boot" =
+    { device = NIXBOOT;
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  boot.initrd.luks.devices."cryptroot" = {
+    device = NIXROOT;
+
+    # Auto decrypt
+    keyFile = USB_KEY;
+    keyFileSize = 5000;
+    keyFileOffset = 5443;
+
+    tryEmptyPassphrase = true;
+    fallbackToPassword = true;
+    crypttabExtraOpts = [ "tries=2" ];
+  };
+
+  fileSystems."/" =
+    { device = cryptroot;
+      fsType = "btrfs";
+      options = [ "subvol=@root" "compress=zstd" ];
+    };
+
+  fileSystems."/nix" =
+    { device = cryptroot;
+      fsType = "btrfs";
+      options = [ "subvol=@nix" "compress=zstd" "noatime" ];
+    };
+
+  fileSystems."/persist" =
+    { device = cryptroot;
+      neededForBoot = true;
+      fsType = "btrfs";
+      options = [ "subvol=@persist" "compress=zstd" ];
+    };
+
+  fileSystems."/.swap" =
+    { device = cryptroot;
+      fsType = "btrfs";
+      options = [ "subvol=@swap" "noatime" ];
+    };
+
+  fileSystems."/.snapshots" =
+    { device = cryptroot;
+      fsType = "btrfs";
+      options = [ "subvol=@snapshots" "compress=zstd" "noatime"];
+    };
+
+  services.btrfs.autoScrub = {
+    enable = true;
+    # syntax as defined by https://www.freedesktop.org/software/systemd/man/systemd.time.html#Calendar%20Event s
+    interval = "monthly";
+    fileSystems = ["/"];
+  };
+
+  swapDevices = [{
+    device = "/.swap/swapfile"; 
+    size = 8*1024; # Creates an 8GB swap file 
+  }];
+
+  boot.initrd.postResumeCommands = lib.mkAfter ''
+    mkdir /btrfs_tmp
+    mount ${cryptroot} /btrfs_tmp
+    if [[ -e /btrfs_tmp/@root ]]; then
+        mkdir -p /btrfs_tmp/old_roots
+        timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/@root)" "+%Y-%m-%-d_%H:%M:%S")
+        mv /btrfs_tmp/@root "/btrfs_tmp/old_roots/$timestamp"
+    fi
+
+    delete_subvolume_recursively() {
+        IFS=$'\n'
+        for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
+            delete_subvolume_recursively "/btrfs_tmp/$i"
+        done
+        btrfs subvolume delete "$1"
+    }
+
+    for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
+        delete_subvolume_recursively "$i"
+    done
+
+    btrfs subvolume create /btrfs_tmp/@root
+    umount /btrfs_tmp
+  '';
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

utilities/nixos-installers/examples/testbed/impermanence.nix

@@ -0,0 +1,37 @@
+{ ... }:
+{
+  environment.persistence."/persist" = {
+    enable = true;
+    hideMounts = true;
+    directories = [
+      "/var/log"
+      "/var/lib/nixos"
+      "/var/lib/systemd/coredump"
+      "/var/lib/systemd/timers"
+
+      "/etc/nixos"
+      "/etc/ssh"
+
+      "/etc/NetworkManager/system-connections"
+      "/var/lib/bluetooth"
+
+    ];
+    files = [
+      "/etc/machine-id"
+    ];
+    users.luser = {
+      directories = [
+        "projects"
+        ".config/nixos-config"
+
+        ".config/atuin"
+        ".local/share/atuin"
+
+        ".local/share/zoxide"
+      ];
+      files = [
+
+      ];
+    };
+  };
+}

utilities/nixos-installers/examples/testbed/plasma.nix

@@ -0,0 +1,233 @@
+{ lib, pkgs, config, ... }:
+
+let
+  inherit (lib) mkOption types mkEnableOption mkIf mkMerge;
+  cfg = config.myPlasma;
+
+  oneGpuEnabled =
+    (lib.length (lib.filter (x: x) [
+      cfg.gpu.nvidia.enable
+      cfg.gpu.amd.enable
+      cfg.gpu.intel.enable
+    ])) <= 1;
+in
+{
+  options.myPlasma = {
+    enable = mkEnableOption "KDE Plasma desktop";
+
+    appearance.breezeDark = {
+      enable = mkOption {
+        type = types.bool;
+        default = true;
+        description = "Apply Breeze Dark system-wide (defaults via /etc/xdg and GTK_THEME).";
+      };
+    };
+
+    wayland = mkOption {
+      type = types.bool;
+      default = true;
+      description = "Enable SDDM Wayland and Plasma Wayland session.";
+    };
+
+    flatpak.enable = mkOption {
+      type = types.bool;
+      default = false;
+      description = "Enable Flatpak.";
+    };
+
+    gpu = {
+      enable32Bit = mkOption {
+        type = types.bool;
+        default = true;
+        description = "Install 32-bit OpenGL/VA-API bits (useful for Steam/Wine).";
+      };
+
+      nvidia = {
+        enable = mkOption { type = types.bool; default = false; };
+        open = mkOption {
+          type = types.bool;
+          default = true;
+          description = "Use NVIDIA open kernel module when available.";
+        };
+        package = mkOption {
+          type = types.package;
+          default = pkgs.linuxPackages.nvidiaPackages.production;
+          description = "NVIDIA driver package.";
+        };
+      };
+
+      amd = {
+        enable = mkOption { type = types.bool; default = false; };
+        useAmdvlk = mkOption {
+          type = types.bool; default = false;
+          description = "Install AMDVLK alongside Mesa (RADV stays default).";
+        };
+      };
+
+      intel = {
+        enable = mkOption { type = types.bool; default = false; };
+        legacyVaapi = mkOption {
+          type = types.bool; default = false;
+          description = "Also add intel-vaapi-driver for very old Intel iGPUs.";
+        };
+      };
+    };
+
+    sddm.autologinUser = mkOption {
+      type = types.nullOr types.str;
+      default = null;
+      description = "Set an autologin user for SDDM (optional).";
+    };
+
+    powerManagement = mkOption {
+      type = types.bool;
+      default = true;
+      description = "Enable ";
+    };
+  };
+
+  config = mkIf cfg.enable (mkMerge [
+    {
+      # Core desktop
+      services.displayManager.sddm = {
+        enable = true;
+        wayland.enable = cfg.wayland;
+        theme = "breeze";
+        autoLogin = mkIf (cfg.sddm.autologinUser != null) {
+          enable = true;
+          user = cfg.sddm.autologinUser;
+        };
+      };
+
+      services.desktopManager.plasma6.enable = true;
+
+      # Portals for sandboxed apps (Wayland, Flatpak)
+      xdg.portal.enable = true;
+      # KDE portal is pulled with Plasma; add GTK for broader app support
+      xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
+
+      # PipeWire + WirePlumber for audio
+      services.pipewire = {
+        enable = true;
+        alsa.enable = true;
+        pulse.enable = true;
+        wireplumber.enable = true;
+      };
+
+      # Good defaults for laptops/desktops
+      services.power-profiles-daemon.enable = lib.mkIf cfg.powerManagement true;
+
+      # Flatpak
+      services.flatpak.enable = cfg.flatpak.enable;
+
+      # Wayland-friendly Electron/Chromium (prefer Wayland Ozone)
+      environment.sessionVariables.NIXOS_OZONE_WL = "1";
+
+      # OpenGL/VA-API/Vulkan base
+      hardware.opengl = {
+        enable = true;
+        # driSupport = true;
+        driSupport32Bit = cfg.gpu.enable32Bit;
+      };
+
+      # KDEConnect
+      programs.kdeconnect.enable = true;
+
+      # Useful KDE tools (minimal)
+      environment.systemPackages = with pkgs; [
+        kdePackages.kde-gtk-config
+        kdePackages.konsole
+        kdePackages.dolphin
+        kdePackages.spectacle
+        kdePackages.plasma-browser-integration
+        kdePackages.plasma-workspace-wallpapers
+      ];
+    }
+
+    (mkIf cfg.appearance.breezeDark.enable {
+      # Ensure themes are present
+      environment.systemPackages = with pkgs; [
+        kdePackages.breeze
+        kdePackages.breeze-icons
+        kdePackages.breeze-gtk
+      ];
+
+      # KDE defaults for ALL users (users can still override in ~/.config)
+      environment.etc."xdg/kdeglobals".text = ''
+        [General]
+        ColorScheme=BreezeDark
+
+        [KDE]
+        LookAndFeelPackage=org.kde.breezedark.desktop
+        widgetStyle=Breeze
+
+        [Icons]
+        Theme=breeze-dark
+
+        [Theme]
+        cursorTheme=breeze_cursors
+      '';
+
+      # Make GTK apps dark too
+      environment.sessionVariables.GTK_THEME = "Breeze-Dark";
+      # Nice to have for cursors across toolkits
+      environment.sessionVariables.XCURSOR_THEME = "breeze_cursors";
+    })
+
+    # AMD GPU
+    (mkIf cfg.gpu.amd.enable {
+      services.xserver.videoDrivers = [ "amdgpu" ];
+      hardware.opengl.extraPackages = with pkgs; [
+        vaapiVdpau
+        libvdpau-va-gl
+      ];
+      hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [
+        libva
+        vaapiVdpau
+        libvdpau-va-gl
+      ];
+      environment.systemPackages = lib.optionals cfg.gpu.amd.useAmdvlk [ pkgs.amdvlk ];
+    })
+
+    # Intel GPU
+    (mkIf cfg.gpu.intel.enable {
+      services.xserver.videoDrivers = [ "modesetting" ];
+      hardware.opengl.extraPackages =
+        with pkgs; [
+          intel-media-driver
+          libvdpau-va-gl
+        ] ++ lib.optionals cfg.gpu.intel.legacyVaapi [ vaapiIntel ];
+      hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [
+        libva
+        libvdpau-va-gl
+      ] ++ lib.optionals cfg.gpu.intel.legacyVaapi [ vaapiIntel ];
+    })
+
+    # NVIDIA GPU
+    (mkIf cfg.gpu.nvidia.enable {
+      services.xserver.videoDrivers = [ "nvidia" ];
+      hardware.nvidia = {
+        package = cfg.gpu.nvidia.package;
+        modesetting.enable = true;
+        powerManagement.enable = true;
+        open = cfg.gpu.nvidia.open;
+        nvidiaSettings = true;
+      };
+      # Wayland helpers for wlroots/GBM stacks (harmless otherwise)
+      environment.sessionVariables = {
+        GBM_BACKEND = "nvidia-drm";
+        __GL_GSYNC_ALLOWED = "0";
+        __GL_VRR_ALLOWED = "0";
+      };
+    })
+
+    {
+      assertions = [
+        {
+          assertion = oneGpuEnabled;
+          message = "Enable at most one of myPlasma.gpu.{nvidia,amd,intel}.enable.";
+        }
+      ];
+    }
+  ]);
+}