big refactor of a lot of files

2024-12-22 22:48:13 +01:00 · 2024-12-22 22:48:13 +01:00 · 6c64a962f4
commit 6c64a962f4
parent 7ee9d954ce
12 changed files with 875 additions and 893 deletions
--- a/nixos/hosts/GLaDOS/configuration.nix
+++ b/nixos/hosts/GLaDOS/configuration.nix
@ -28,26 +28,36 @@
    # Import your generated (nixos-generate-config) hardware configuration
    ./hardware-configuration.nix
  ];
+  sops = {
+    defaultSopsFile = ./secrets/sops.yaml;

-  sops.defaultSopsFile = ./secrets/sops.yaml;
+    secrets."wg-private-key".mode = "0440";
+    secrets."wg-private-key".owner = config.users.users.root.name;
+
+    secrets."ssh-private-key" = {
+      mode = "0600";
+      owner = config.users.users.lillian.name;
+      path = "/home/lillian/.ssh/id_ed25519";
+    };
+  };

  environment.systemPackages = with pkgs; [
  ];

  services.xserver.videoDrivers = ["amdgpu"];
-
-  # Add vulkan support to GPU
-  hardware.graphics.extraPackages = with pkgs; [
-    amdvlk
-  ];
-  # For 32 bit applications
-  hardware.graphics.extraPackages32 = with pkgs; [
-    driversi686Linux.amdvlk
-  ];
-
-  programs.gamemode = {
-    enable = true;
-    settings = {
+  hardware = {
+    # Add vulkan support to GPU
+    graphics.extraPackages = with pkgs; [
+      amdvlk
+    ];
+    # For 32 bit applications
+    graphics.extraPackages32 = with pkgs; [
+      driversi686Linux.amdvlk
+    ];
+  };
+  programs = {
+    gamemode.enable = true;
+    gamemode.settings = {
      general = {
        renice = 10;
      };
@ -65,9 +75,10 @@
      };
    };
  };
-
-  boot.loader.systemd-boot.enable = true;
-  boot.binfmt.emulatedSystems = ["aarch64-linux"];
+  boot = {
+    loader.systemd-boot.enable = true;
+    binfmt.emulatedSystems = ["aarch64-linux"];
+  };

  # boot.lanzaboote = {
  #   enable = true;
@ -83,36 +94,28 @@
      lillian = import ../../../home-manager/hosts/GLaDOS;
    };
  };
+  networking = {
+    # virtualisation.waydroid.enable = false;
+    hostName = "GLaDOS";

-  # virtualisation.waydroid.enable = false;
-  networking.hostName = "GLaDOS";
+    wireguard.enable = true;

-  sops.secrets."wg-private-key".mode = "0440";
-  sops.secrets."wg-private-key".owner = config.users.users.root.name;
-
-  sops.secrets."ssh-private-key" = {
-    mode = "0600";
-    owner = config.users.users.lillian.name;
-    path = "/home/lillian/.ssh/id_ed25519";
-  };
-
-  networking.wireguard.enable = true;
-
-  networking.wg-quick.interfaces = {
-    wg0 = {
-      autostart = true;
-      address = ["10.0.0.2/24" "fdc9:281f:04d7:9ee9::2/64"];
-      dns = ["10.0.0.1" "fdc9:281f:04d7:9ee9::1"];
-      listenPort = 51821;
-      privateKeyFile = config.sops.secrets."wg-private-key".path;
-      peers = [
-        {
-          publicKey = "A02sO7uLdgflhPIRd0cbJONIaPP4z8HTxDkmX4NegFg=";
-          endpoint = "84.87.146.85:51821";
-          allowedIPs = ["0.0.0.0/0" "::/0"];
-          persistentKeepalive = 25;
-        }
-      ];
+    wg-quick.interfaces = {
+      wg0 = {
+        autostart = true;
+        address = ["10.0.0.2/24" "fdc9:281f:04d7:9ee9::2/64"];
+        dns = ["10.0.0.1" "fdc9:281f:04d7:9ee9::1"];
+        listenPort = 51821;
+        privateKeyFile = config.sops.secrets."wg-private-key".path;
+        peers = [
+          {
+            publicKey = "A02sO7uLdgflhPIRd0cbJONIaPP4z8HTxDkmX4NegFg=";
+            endpoint = "84.87.146.85:51821";
+            allowedIPs = ["0.0.0.0/0" "::/0"];
+            persistentKeepalive = 25;
+          }
+        ];
+      };
    };
  };