try setting up proxmox

flake.nix

@@ -40,7 +40,7 @@
       inherit (self) outputs;
       system = "x86_64-linux";
       # helper function to create a machine
-      mkHost = { modules, specialArgs ? { pkgsVersion = nixpkgs-unstable; }
+      mkHost = { modules, specialArgs ? { pkgsVersion = nixpkgs-unstable; home-manager-version = home-manager-unstable; }
         , system ? "x86_64-linux", minimal ? false }:
         specialArgs.pkgsVersion.lib.nixosSystem {
           inherit system;
@@ -57,7 +57,7 @@
               ];
             })
           ] ++ (if !minimal then [
-            home-manager-unstable.nixosModules.home-manager
+            specialArgs.home-manager-version.nixosModules.home-manager
             nixos-cosmic.nixosModules.default
             stylix.nixosModules.stylix
             ./modules/graphical/stylix.nix
@@ -126,6 +126,14 @@
           };
           modules = [ ./users/anon ./systems/mini-pc/configuration.nix ];
         };
+        "mini-pc-proxmox" = mkHost {
+          specialArgs = {
+            vars = import ./systems/userdata-default.nix;
+            pkgsVersion = nixpkgs;
+            home-manager-version = home-manager;
+          };
+          modules = [ ./users/anon ./systems/mini-pc-proxmox/configuration.nix ];
+        };
         # build vm -> nixos-rebuild build-vm  --flake .#vm
         "vm" = mkHost {
           specialArgs = {

systems/mini-pc-proxmox/configuration.nix

@@ -0,0 +1,129 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, modulesPath, lib, ... }:
+
+{
+  imports = [ # Include the results of the hardware scan.
+    ../../modules/services/ssh.nix
+    ../../modules/services/step-ca.nix
+    ../../modules/services/syncthing.nix
+    ../../modules/fail2ban.nix
+    ../../modules/logging.nix
+    ../../modules/motd.nix
+    "${toString modulesPath}/virtualisation/proxmox-image.nix"
+    (modulesPath + "/installer/scan/not-detected.nix")
+    (modulesPath + "/profiles/qemu-guest.nix")
+  ];
+
+  proxmox.qemuConf = {
+    memory = 16384;
+    cores = 8;
+    net0 = "virtio=00:00:00:00:00:00,bridge=vmbr0,firewall=1";
+  };
+    boot = {
+      kernelParams = [ "console=tty0" "console=ttyS0" ];
+      loader.timeout = lib.mkForce 1;
+    };
+
+    services.cloud-init = {
+      enable = true;
+      network.enable = true;
+    };
+  networking.firewall.allowedTCPPorts = [ 25565 ];
+
+  mainUser.layout = "de";
+  mainUser.variant = "us";
+  custom = {
+    static-ip = {
+      enable = true;
+      ip = "192.168.0.10";
+      interface = "eth0";
+      dns = "127.0.0.1";
+    };
+    user = {
+      name = "anon";
+      layout = "de";
+      variant = "us";
+    };
+    hardware = {
+      firmware.enable = true;
+      ssd.enable = true;
+    };
+    misc = {
+      docker.enable = true;
+      backup = let
+        kavita = "/data/kavita";
+        gitolite = "/var/lib/gitolite";
+        syncthing = [ "/synced/default/" "/synced/work_drive/" ];
+        syncthingFull = syncthing ++ [ "/synced/fh/" "/synced/books/" ];
+        backupPathsSmall = [ "/home" gitolite ] ++ syncthing;
+        backupPathsMedium = [ "/home" gitolite ] ++ syncthing;
+        backupPathsFull = [ "/home" kavita gitolite ] ++ syncthingFull;
+      in {
+        enable = true;
+        small = backupPathsSmall; # goes to backblaze
+        medium = backupPathsMedium; # goes to gdrive
+        large = backupPathsFull; # goes to local storage medium
+      };
+    };
+    services = {
+      acme.enable = true;
+      gitolite.enable = true;
+      caldav.enable = true;
+      kop-monitor.enable = true;
+      kop-fileshare = {
+        basePath = "/stash";
+        dataDir = "/1tbssd/kop-fileshare";
+        enable = true;
+      };
+      nginx.enable = true;
+      ente.enable = true;
+      kavita = {
+        enable = true;
+        dir = "/data/kavita";
+      };
+      wireguard = {
+        enable = true;
+        ip = "192.168.2.1";
+      };
+      adguard.enable = true;
+    };
+    nftables.enable = true;
+    cli-tools.enable = true;
+    nix = {
+      index.enable = true;
+      ld.enable = true;
+      settings.enable = true;
+    };
+  };
+
+  networking.hostName = "mini-pc"; # Define your hostname.
+
+  # Set your time zone.
+  time.timeZone = "Europe/Vienna";
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "de_AT.UTF-8";
+    LC_IDENTIFICATION = "de_AT.UTF-8";
+    LC_MEASUREMENT = "de_AT.UTF-8";
+    LC_MONETARY = "de_AT.UTF-8";
+    LC_NAME = "de_AT.UTF-8";
+    LC_NUMERIC = "de_AT.UTF-8";
+    LC_PAPER = "de_AT.UTF-8";
+    LC_TELEPHONE = "de_AT.UTF-8";
+    LC_TIME = "de_AT.UTF-8";
+  };
+
+  # Configure console keymap
+  console.keyMap = "de";
+
+  # Allow unfree packages
+  nixpkgs.config.allowUnfree = true;
+
+  system.stateVersion = "23.11"; # Did you read the comment?
+}

systems/pc/configuration.nix

@@ -13,7 +13,7 @@
   ];
 
   custom = {
-    tmpfs.enable = true;
+    #tmpfs.enable = true;
     wireshark.enable = true;
     virt-manager.enable = true;
     nftables.enable = true;

users/anon/default.nix

@@ -18,6 +18,7 @@
     isNormalUser = true;
     description = config.mainUser.name;
     shell = pkgs.zsh;
+    initialPassword = "cooltemporarypw";
     extraGroups = [ "networkmanager" "wheel" "docker" "wireshark"];
     openssh.authorizedKeys.keys = [
       config.mainUser.sshKey