Do all the iso setup
This commit is contained in:
parent
a7c2609666
commit
5db19b9f23
6 changed files with 54 additions and 44 deletions
|
|
@ -10,20 +10,20 @@
|
|||
# outputs.homeManagerModules.example
|
||||
# outputs.nixosModules.contabo.wan
|
||||
inputs.home-manager.nixosModules.home-manager
|
||||
outputs.nixosModules.vpn-ip
|
||||
# Or modules exported from other flakes (such as nix-colors):
|
||||
# inputs.nix-colors.homeManagerModules.defaults
|
||||
|
||||
# Import shared settings
|
||||
../../shared
|
||||
];
|
||||
|
||||
programs.command-not-found.enable = lib.mkForce false;
|
||||
programs.nix-index.enable = true;
|
||||
programs.nix-index-database.comma.enable = true;
|
||||
# programs.command-not-found.enable = lib.mkForce false;
|
||||
# programs.nix-index.enable = true;
|
||||
# programs.nix-index-database.comma.enable = true;
|
||||
|
||||
boot.tmp.cleanOnBoot = true;
|
||||
zramSwap.enable = false;
|
||||
networking.domain = "";
|
||||
# boot.tmp.cleanOnBoot = true;
|
||||
# zramSwap.enable = false;
|
||||
# networking.domain = "";
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
# require public key authentication for better security
|
||||
|
|
@ -45,7 +45,9 @@
|
|||
#Set up sops config, and configure where the keyfile is, then set the mode for the unencrypted keys
|
||||
sops.defaultSopsFile = ./secrets/sops.yaml;
|
||||
|
||||
services.desktopManager.plasma6.enable = true;
|
||||
services.vpn-ip.enable = false;
|
||||
|
||||
# services.desktopManager.plasma6.enable = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
# Custom tools
|
||||
|
|
@ -65,7 +67,6 @@
|
|||
sbctl
|
||||
tpm2-tools
|
||||
tpm2-tss
|
||||
waydroid
|
||||
zsh
|
||||
|
||||
# KDE/QT
|
||||
|
|
@ -81,13 +82,14 @@
|
|||
kdePackages.plasma-pa
|
||||
kdePackages.sddm-kcm
|
||||
kdePackages.dolphin-plugins
|
||||
libportal-qt5
|
||||
libportal
|
||||
];
|
||||
|
||||
# Enable networking
|
||||
networking.networkmanager.enable = true;
|
||||
|
||||
networking.hostName = "iso";
|
||||
|
||||
# Contabo ipv6 nameservers: "2a02:c207::1:53" "2a02:c207::2:53"
|
||||
|
||||
networking.firewall.enable = true;
|
||||
|
|
@ -106,24 +108,24 @@
|
|||
# Enable bluetooth hardware
|
||||
hardware.bluetooth.enable = true;
|
||||
|
||||
security.tpm2.enable = true;
|
||||
security.tpm2.pkcs11.enable = true; # expose /run/current-system/sw/lib/libtpm2_pkcs11.so
|
||||
security.tpm2.tctiEnvironment.enable = true; # TPM2TOOLS_TCTI and TPM2_PKCS11_TCTI env variables
|
||||
users.users.lillian.extraGroups = ["tss"]; # tss group has access to TPM devices
|
||||
# security.tpm2.enable = true;
|
||||
# security.tpm2.pkcs11.enable = true; # expose /run/current-system/sw/lib/libtpm2_pkcs11.so
|
||||
# security.tpm2.tctiEnvironment.enable = true; # TPM2TOOLS_TCTI and TPM2_PKCS11_TCTI env variables
|
||||
# users.users.lillian.extraGroups = ["tss"]; # tss group has access to TPM devices
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Amsterdam";
|
||||
|
||||
programs.git = {
|
||||
enable = true;
|
||||
};
|
||||
# programs.git = {
|
||||
# enable = true;
|
||||
# };
|
||||
|
||||
programs.direnv = {
|
||||
enable = true;
|
||||
};
|
||||
# programs.direnv = {
|
||||
# enable = true;
|
||||
# };
|
||||
|
||||
# Enable completion of system packages by zsh
|
||||
environment.pathsToLink = ["/share/zsh"];
|
||||
# # Enable completion of system packages by zsh
|
||||
# environment.pathsToLink = ["/share/zsh"];
|
||||
|
||||
# kde power settings do not turn off screen
|
||||
systemd = {
|
||||
|
|
@ -136,17 +138,17 @@
|
|||
};
|
||||
};
|
||||
|
||||
home-manager = {
|
||||
extraSpecialArgs = {inherit inputs outputs;};
|
||||
users = {
|
||||
# Import your home-manager configuration
|
||||
lillian = import ../../../home-manager/hosts/iso;
|
||||
};
|
||||
};
|
||||
# home-manager = {
|
||||
# extraSpecialArgs = {inherit inputs outputs;};
|
||||
# users = {
|
||||
# # Import your home-manager configuration
|
||||
# lillian = import ../../../home-manager/hosts/iso;
|
||||
# };
|
||||
# };
|
||||
|
||||
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
|
||||
boot.supportedFilesystems = lib.mkForce ["bcachefs" "btrfs" "cifs" "f2fs" "jfs" "ntfs" "reiserfs" "vfat" "xfs"];
|
||||
# boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
|
||||
# boot.supportedFilesystems = lib.mkForce ["bcachefs" "btrfs" "cifs" "f2fs" "jfs" "ntfs" "reiserfs" "vfat" "xfs"];
|
||||
|
||||
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
|
||||
system.stateVersion = "24.11";
|
||||
system.stateVersion = "25.11";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,9 +1,8 @@
|
|||
lillian-password: ENC[AES256_GCM,data:eQzZwGxK9Lw2gc8HDNw57odxPzTH4sa/2O97h3VAghRwLClmCYKT91kxj2F3kQ4iEctBl0GxdS4WoL3H9eE4/CAPffXdTmkdYg==,iv:2ezB4DNHFv5ceJ2gtATV12Azm3vFFDLX1qSSy+cKuMY=,tag:zxb5agUCDpi92bYV7+DmoA==,type:str]
|
||||
ssh-private-key: ENC[AES256_GCM,data:YQ+9aKpBL9XYl0IBxpPttUli6/E25alUhO36dZwPPSIBLI1ehyczocQMxNRYNtB2xKYx4wPaYIndLBhj9VdTUgaOWUd2C6aU6YgXgFAsjgEwqVDZWRp7TrTHojtrS5HnJgfopx6EqPf/uljD9yQsOkubDDUbpYkpWX/3vixm9LJ1eRXxTxXW8D3O5OM2Z1NsqA7meVa1xhvWJokqS4sD5ntp1HT78Xmu62EweHQVGaznUvWZupYh0uCQd0tr6GVTZLHdyCdaFUGHRbRddBcljpBIRWaWkhIrkjejvptUZ4Ht/UN5XM5z+zfU3DxsDOxeJ7m83om9I3WdZSdq1aDXe+VFEfMrx/0QTk2LtAmOvujcN6wO7a77SD4Rpuvq8KH2CeKrwMLlFf2BeGIcGhvAhRYUVxtypM38DEdbf/7xIcw0vQP2zNZN4QWdukUInDndnAxMfbIXKpYI5OPRaZMTVui41hkS86LBfbd5RhTjyzrtIpVSq9XkKRX7d5i8Gcjb4ORpQvrNNYMo+TXCiLNTg3/q0My/jEhfjfTF,iv:EpKC9judTZ1+0Y2LC1OK2YzGH/orRpZNtE7O+ZZyU1E=,tag:S6ju/FkwIBbBA8YU3dRo1A==,type:str]
|
||||
nextcloud-password: ENC[AES256_GCM,data:5u8j1wau5FewTe+t3YZ365Acfcrt09XDgCUNpDbuVKaNZIEW3gdR60XACQeAvsyQeznynILJnz7/txV2,iv:l1xYhUkQGdWYNNy1lG9xB5SgL9cn2FdzAs19iVCohlA=,tag:rT0flG+v9wd8jSUm8DrCjg==,type:str]
|
||||
wg-private-key: ENC[AES256_GCM,data:3JpyscuzK4LG1lfM3oyQNBHy7BQ2WeTaSyaZoaNfS4U7KkpEaCp5EVLBYiY=,iv:odDG8xp+d+O4FuECfeCJn/z2ka4KSzSBvgBCmcMZ0S0=,tag:iPwnqgtap+i44Mru/S7TyA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age12e00qvf4shtmsfq3ujamyaa72pjvad2qhrxkvpl9hryrjvgxev4sjhmkxz
|
||||
enc: |
|
||||
|
|
@ -14,8 +13,7 @@ sops:
|
|||
dXlaN3dWOUl4Mys2V0x3Z3F6UVU4MVUKEJYpX8XhSNcM+7aUuxnIwrokY0/29Cnh
|
||||
yz0HAZkaj8FwvnPnafo5jmwVyi6WXECvX5E0NZfjKH4AF5vTu6Wukg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-03-20T18:17:48Z"
|
||||
mac: ENC[AES256_GCM,data:3UHIoYPHC6n56CHguOVuoFd9VwCjGiD9VCYy2d5W+4XQEZpjnONX8fhwwWRm42COymz89tmqDmpDp88BnSU8uE14IaCIUoxfCaRiZtjAiHjouua2jr50aUV56pwyan8ZiiOjP8oP1VY/tsv1w0jWI9TjSTHvCdNLR8XEcf6bCrk=,iv:/lBJdkQgwZyiztQ9vSoHgY+WxXJKHFI93dxtOSunHNo=,tag:lLwrSdzoN9CzmyIdLOe5ig==,type:str]
|
||||
pgp: []
|
||||
lastmodified: "2025-08-14T18:00:16Z"
|
||||
mac: ENC[AES256_GCM,data:NnX0hMrfeKJucgqgVUIUS0WOHerkDtKe3P+4vvWRCMX3eXg4Tsju8pZySZP7RSZX7+2W3OUHMOUuAum0YrVasTXuhm6jPvlbqvRnVXaVzCNheIUvTCF7LFeJEOQYKS5m8AiVKFRrxz+dGn90DSeijjajSePBjo8AnKyAOQEt1S8=,iv:1iJiqJU0vdDiWnJAYDlbOBBa9lBOODjjdlsRH54aTGI=,tag:JZtgVeLvFN6vcCZkRnuNcQ==,type:str]
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
version: 3.10.2
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue