add kleiner (wg raspi) configuration

nix/flake.nix

@@ -36,6 +36,15 @@
           nur.modules.nixos.default
         ];
       };
+      kleiner = nixpkgs.lib.nixosSystem {
+        specialArgs = {
+          inherit inputs outputs;
+          hostname = "kleiner";
+        };
+        modules = [
+          ./kleiner.nix
+        ];
+      };
     };
   };
 }

nix/kleiner.nix

@@ -0,0 +1,110 @@
+{ lib, hostname, pkgs, ... }:
+let
+  mkHome = home: "/blk/Cs/home/${home}";
+
+  sshKeys = {
+    zentux = [
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDsDJW7Cb44KNR98JpK2DR6IfnY8w/hi59wF+q/7YRqYkxWouA6qe82q0mtWbTA+KArp2iX1gf3T8X+AtxC3l0jbly5Fd+rCGPe/DQkWOFA7OH6FPYPsx2QS0FWHGn9EIgBr+AmBQTKLJzTrDFuomU8Js43LmShisVvhB6Tz/GLgyWOL8lD9dhsX0jiN+m/w3/ai2DjyBkC/e30sy5YmZlhrSwKLg6jX1axH/Omb6plk9GIRMFMwtfNusK94GpySWedUcCG0Wb5ofRe+wDtiewvpnpiJePesSjMMDouOcPNk9UepB0JXqlvOCBztfuEqzoXjIpLnXN/NHEMUjAt7Qbn sentox@Pink"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINURGekLS+vl+1LvmbMUpIAGpgMI5CcAqTAUld68foZX zentux@lamarr"
+    ];
+    iora = [
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmoWfBVEkZAJVMozRoqdt75kvSHbwsJFqRCo8+qv2WgElVGihCUn6NKOj8po8lY2RRDNVvVVCTrxsz02laUgRQMCX/je127EmDOcWxm9lh+3hdvl+ozlnDnywA/vLnLvSkDC49aJqnEypJDZsKr7skqjL90rA56FNFDHbtQy+wbaqXBzsFnvYPiV5ai6BrMaR2AzmIndW5uDEsmw++ywW+ammq68KG+cKSW+OTPcECi3Kb3Dlzj6xyfSKKPAaZ6RvmyVFad+cOPUdlh+wN1PKdMO7Ro2MXoon0IMIbHKGBt1am6FEsXrv+XLjLj2273gHbvkUtJFc5HD5+jD2pQtrp scosh@localhost"
+    ];
+    jonah = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdodLoRBivHJrEuGVBHhR3W7wQbVBh+fVGBz1+eYT+V jonah@fedora.fritz.box"
+    ];
+  };
+in
+{
+  nix.settings.trusted-users = [ "zentux" ];
+  nixpkgs.hostPlatform = "aarch64-linux";
+  imports = [ ];
+
+  hardware.enableRedistributableFirmware = true;
+  boot.loader.grub.enable = false;
+  boot.loader.generic-extlinux-compatible.enable = true;
+
+  networking = {
+    hostName = "${hostname}";
+    wireless.enable = true;
+    useDHCP = lib.mkDefault true;
+  };
+
+  time.timeZone = "Europe/Berlin";
+
+  users.users = {
+    zentux = {
+      description = "overlord";
+      extraGroups = [ "wheel" "git" ];
+      home = mkHome "zentux";
+      isNormalUser = true;
+      packages = [ ];
+      shell = pkgs.nushell;
+      openssh.authorizedKeys.keys = sshKeys.zentux;
+    };
+
+    git = {
+      description = "git";
+      group = "git";
+      extraGroups = [ ];
+      isSystemUser = true;
+      openssh.authorizedKeys.keys = sshKeys.zentux;
+    };
+    wg = {
+      description = "Wohngemeinschaft Access";
+      group = "wg";
+      isSystemUser = true;
+      openssh.authorizedKeys.keys
+         = sshKeys.iora
+        ++ sshKeys.zentux;
+    };
+
+    iora = {
+      isNormalUser = true;
+      home = mkHome "iora";
+      extraGroups = [ ];
+      packages = [ ];
+      openssh.authorizedKeys.keys = sshKeys.iora;
+    };
+    jonah = {
+      isNormalUser = true;
+      home = mkHome "jonah";
+      extraGroups = [ ];
+      packages = [ ];
+      openssh.authorizedKeys.keys = sshKeys.jonah;
+    };
+  };
+  users.groups.git = {};
+  users.groups.wg = {
+    members = [ "iora" "jonah" "zentux" ];
+  };
+
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
+      fsType = "ext4";
+    };
+    "/blk/Cs" = {
+      device = "/dev/disk/by-uuid/27b7258e-84b3-483e-972f-124657ea2fcf";
+      fsType = "ext4";
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    bat
+    file
+    fzf
+    git
+    helix
+    joshuto
+    jujutsu
+    ripgrep
+    vim
+    wget
+    zellij
+  ];
+
+  services.openssh.enable = true;
+
+  system.stateVersion = "25.05";
+}