From 7e99ce9e7206bffb391c9066f8402501cea349ef Mon Sep 17 00:00:00 2001
From: Corwin Perren <caperren@gmail.com>
Date: Fri, 26 Dec 2025 23:24:19 -0800
Subject: [PATCH] Added cap-apollo-n01

---
 .sops.yaml                                    |  3 ++
 flake.nix                                     | 10 ++++++
 hosts/cap-apollo-n01/configuration.nix        | 25 +++++++++++++++
 .../cap-apollo-n01/hardware-configuration.nix | 31 +++++++++++++++++++
 hosts/cap-clust-01/configuration.nix          |  2 --
 modules/system/cpu-intel.nix                  |  4 +++
 6 files changed, 73 insertions(+), 2 deletions(-)
 create mode 100644 hosts/cap-apollo-n01/configuration.nix
 create mode 100644 hosts/cap-apollo-n01/hardware-configuration.nix
 create mode 100644 modules/system/cpu-intel.nix

diff --git a/.sops.yaml b/.sops.yaml
index 971baf8..9fb79c2 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -5,6 +5,8 @@ keys:
     - &personal:
       - &cap_slim7    age1a5aqj3jr3rqpjet9a7y077ak0ymstjjdnyfgn5m2ad4l2yuxr4aqym7d3d
       - &cap_nr200p   age1g45zy9m5g4e20cjejgd3x40722rlddgkmhtddrl8wyf63kt5kg7s9ke390
+    - &apollo:
+      - &cap_apollo_n01 age1ljcy90uwlfngc7vqwlf2x2ckgsdfg90c0r9yvjzpl90jkwf9g48q2leudt
     - &cluster:
       - &cap_clust_01 age1649y4antwgfe4fu02eppnx5gr0yc3g4lj4kwd6v9guxgxgj06y9qk7l4wl
       - &cap_clust_02 age1k085uuy4fv9rfpy0ne6zl9fq0j05a4fykqe26psx2ngxqrcxcu5sksxa9u
@@ -28,6 +30,7 @@ creation_rules:
           - *caperren
           - *cap_slim7
           - *cap_nr200p
+          - *cap_apollo_n01
           - *cap_clust_01
           - *cap_clust_02
           - *cap_clust_03
diff --git a/flake.nix b/flake.nix
index 9bb69e3..eecac96 100644
--- a/flake.nix
+++ b/flake.nix
@@ -108,6 +108,16 @@
         ];
       };
 
+      nixosConfigurations.cap-apollo-n01 = nixpkgs.lib.nixosSystem {
+        system = "x86_64-linux";
+        specialArgs = { inherit inputs; };
+        modules = [
+          ./hosts/cap-apollo-n01/configuration.nix
+          sops-nix.nixosModules.sops
+          inputs.home-manager.nixosModules.default
+        ];
+      };
+
       nixosConfigurations.cap-slim7 = nixpkgs.lib.nixosSystem {
         system = "x86_64-linux";
         specialArgs = { inherit inputs; };
diff --git a/hosts/cap-apollo-n01/configuration.nix b/hosts/cap-apollo-n01/configuration.nix
new file mode 100644
index 0000000..db865f3
--- /dev/null
+++ b/hosts/cap-apollo-n01/configuration.nix
@@ -0,0 +1,25 @@
+{ config, pkgs, ... }:
+{
+  imports = [
+    # Hardware Scan
+    ./hardware-configuration.nix
+
+    # Users
+    ../../users/cluster-admin/caperren.nix
+
+    # System Configuration
+    ../system/cpu-intel.nix
+    ../system/fonts.nix
+    ../system/home-manager-settings.nix
+    ../system/internationalization.nix
+    ../system/networking.nix
+    ../system/nix-settings.nix
+    ../system/security.nix
+    ../system/systemd-boot.nix
+
+    # Application Groups
+    ../application-groups/system-utilities-cluster.nix
+  ];
+
+  networking.hostName = "cap-apollo-n01";
+}
diff --git a/hosts/cap-apollo-n01/hardware-configuration.nix b/hosts/cap-apollo-n01/hardware-configuration.nix
new file mode 100644
index 0000000..1b86c77
--- /dev/null
+++ b/hosts/cap-apollo-n01/hardware-configuration.nix
@@ -0,0 +1,31 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "uhci_hcd" "hpsa" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/1fa744fd-82d2-4997-a757-28ae96461a96";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/F57E-AA2D";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices = [ ];
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
diff --git a/hosts/cap-clust-01/configuration.nix b/hosts/cap-clust-01/configuration.nix
index e3dad93..9148a2e 100644
--- a/hosts/cap-clust-01/configuration.nix
+++ b/hosts/cap-clust-01/configuration.nix
@@ -11,7 +11,5 @@
     ../../modules/application-groups/k3s-primary.nix
   ];
 
-#  sops.secrets.k3s_token.sopsFile = ../../secrets/cluster.yaml;
-
   networking.hostName = "cap-clust-01";
 }
diff --git a/modules/system/cpu-intel.nix b/modules/system/cpu-intel.nix
new file mode 100644
index 0000000..e42e90b
--- /dev/null
+++ b/modules/system/cpu-intel.nix
@@ -0,0 +1,4 @@
+{ config, lib, ... }:
+{
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}