From e98ac9bb851bd7be4b686750d986af7c49166c7d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matej=20Jane=C5=BEi=C4=8D?= <janezic.mj@gmail.com>
Date: Fri, 10 Apr 2026 16:06:09 +0200
Subject: [PATCH] feat: prepare initial fortress host

---
 flake/hosts.nix                  | 15 ++++++
 hosts/fortress/configuration.nix | 82 ++++++++++++++++++++++++++++++++
 2 files changed, 97 insertions(+)
 create mode 100644 hosts/fortress/configuration.nix

diff --git a/flake/hosts.nix b/flake/hosts.nix
index 338fb59..a0ec121 100644
--- a/flake/hosts.nix
+++ b/flake/hosts.nix
@@ -100,6 +100,21 @@ in
       ];
     };
 
+    fortress = mkHost "fortress" {
+      system = "x86_64-linux";
+      user = "matej";
+      features = [
+        "localisation"
+        "gnupg"
+        "shell-minimal"
+        "desktop-minimal"
+        "sway"
+        "greeter"
+        "networkmanager"
+        "yubikey"
+      ];
+    };
+
     ephvm = mkHost "ephvm" {
       system = "x86_64-linux";
       user = "matej";
diff --git a/hosts/fortress/configuration.nix b/hosts/fortress/configuration.nix
new file mode 100644
index 0000000..fbc7703
--- /dev/null
+++ b/hosts/fortress/configuration.nix
@@ -0,0 +1,82 @@
+{
+  pkgs,
+  inputs,
+  ...
+}:
+
+{
+  imports = [
+    inputs.disko.nixosModules.disko
+    inputs.nixos-hardware.nixosModules.framework-16-amd-ai-300-series
+  ];
+
+  localisation = {
+    timeZone = "Europe/Ljubljana";
+    defaultLocale = "en_US.UTF-8";
+  };
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  # TODO:(@janezicmatej) replace device path with actual SSD device
+  disko.devices.disk.main = {
+    type = "disk";
+    device = "/dev/nvme1n1";
+    content = {
+      type = "gpt";
+      partitions = {
+        esp = {
+          size = "512M";
+          type = "EF00";
+          content = {
+            type = "filesystem";
+            format = "vfat";
+            mountpoint = "/boot";
+          };
+        };
+        luks = {
+          size = "100%";
+          content = {
+            type = "luks";
+            name = "cryptlvm";
+            settings.allowDiscards = true;
+            content = {
+              type = "lvm_pv";
+              vg = "vg";
+            };
+          };
+        };
+      };
+    };
+  };
+
+  disko.devices.lvm_vg.vg = {
+    type = "lvm_vg";
+    lvs = {
+      root = {
+        size = "100%FREE";
+        content = {
+          type = "filesystem";
+          format = "ext4";
+          mountpoint = "/";
+        };
+      };
+      swap = {
+        size = "32G";
+        content = {
+          type = "swap";
+        };
+      };
+    };
+  };
+
+  networking.firewall.enable = true;
+
+  environment.systemPackages = with pkgs; [
+    google-chrome
+    firefox
+    vim
+  ];
+
+  system.stateVersion = "25.11";
+}