big refactor of a lot of files

2024-12-22 22:48:13 +01:00 · 2024-12-22 22:48:13 +01:00 · 6c64a962f4
commit 6c64a962f4
parent 7ee9d954ce
12 changed files with 875 additions and 893 deletions
--- a/nixos/hosts/queen/configuration.nix
+++ b/nixos/hosts/queen/configuration.nix
@ -26,16 +26,17 @@
    # Import disko
    # ../../../disko/queen
  ];
-
-  boot.tmp.cleanOnBoot = true;
  zramSwap.enable = false;
-  networking.domain = "";
-  services.openssh = {
-    enable = true;
-    # require public key authentication for better security
-    settings.PasswordAuthentication = false;
-    settings.KbdInteractiveAuthentication = false;
-    settings.PermitRootLogin = "no";
+  services = {
+    openssh = {
+      enable = true;
+      settings = {
+        # require public key authentication for better security
+        PasswordAuthentication = false;
+        KbdInteractiveAuthentication = false;
+        PermitRootLogin = "no";
+      };
+    };
  };

  nixpkgs = {
@ -88,58 +89,63 @@
    sqlite
    rocksdb
  ];
+  networking = {
+    domain = "";

-  # Create an auto-update systemd service that runs every day
-  # system.autoUpgrade = {
-  # flake = "git+https://git.lillianviolet.dev/Lillian-Violet/NixOS-Config.git";
-  # dates = "daily";
-  # enable = true;
-  # };
+    # Create an auto-update systemd service that runs every day
+    # system.autoUpgrade = {
+    # flake = "git+https://git.lillianviolet.dev/Lillian-Violet/NixOS-Config.git";
+    # dates = "daily";
+    # enable = true;
+    # };

-  # systemd.services.systemd-networkd.serviceConfig.Environment = "SYSTEMD_LOG_LEVEL=debug";
-  # Enable networking
-  # networking.networkmanager.enable = true;
-  # networking.nat.enable = true;
-  # networking.nat.internalInterfaces = ["ve-+"];
-  # networking.nat.externalInterface = "ens18";
-  networking.enableIPv6 = lib.mkForce true;
-  networking.nameservers = ["2a02:c207::1:53" "2a02:c207::2:53"];
+    # systemd.services.systemd-networkd.serviceConfig.Environment = "SYSTEMD_LOG_LEVEL=debug";
+    # Enable networking
+    # networking.networkmanager.enable = true;
+    # networking.nat.enable = true;
+    # networking.nat.internalInterfaces = ["ve-+"];
+    # networking.nat.externalInterface = "ens18";
+    enableIPv6 = lib.mkForce true;
+    nameservers = ["2a02:c207::1:53" "2a02:c207::2:53"];

-  # networking.interfaces.ens18.ipv4.addresses = [
-  #   {
-  #     address = "62.171.160.195";
-  #     prefixLength = 32;
-  #   }
-  # ];
+    # networking.interfaces.ens18.ipv4.addresses = [
+    #   {
+    #     address = "62.171.160.195";
+    #     prefixLength = 32;
+    #   }
+    # ];

-  networking.interfaces.ens18.ipv6.addresses = [
-    {
-      address = "2a02:c207:2063:2448::1";
-      prefixLength = 64;
-    }
-  ];
-  networking.defaultGateway6 = {
-    address = "fe80::1";
-    interface = "ens18";
-  };
-
-  # Open ports in the firewall.
-  networking.firewall = {
-    enable = true;
-    allowPing = false;
-    allowedTCPPorts = [
-      22 # SSH
-      5349 # STUN tls
-      5350 # STUN tls alt
-      80 # http
-      443 # https
-    ];
-    allowedUDPPortRanges = [
+    interfaces.ens18.ipv6.addresses = [
      {
-        from = 49152;
-        to = 49999;
-      } # TURN relay
+        address = "2a02:c207:2063:2448::1";
+        prefixLength = 64;
+      }
    ];
+    defaultGateway6 = {
+      address = "fe80::1";
+      interface = "ens18";
+    };
+    firewall = {
+      # Open ports in the firewall.
+
+      enable = true;
+      allowPing = false;
+      allowedTCPPorts = [
+        22 # SSH
+        5349 # STUN tls
+        5350 # STUN tls alt
+        80 # http
+        443 # https
+      ];
+      allowedUDPPortRanges = [
+        {
+          from = 49152;
+          to = 49999;
+        } # TURN relay
+      ];
+    };
+
+    hostName = "queen";
  };

  # networking.useNetworkd = true;
@ -179,12 +185,14 @@
      lillian = import ../../../home-manager/hosts/queen;
    };
  };
-
-  networking.hostName = "queen";
-
-  boot.loader.grub.enable = true;
-  boot.loader.grub.configurationLimit = 3;
-  boot.loader.efi.canTouchEfiVariables = true;
+  boot = {
+    tmp.cleanOnBoot = true;
+    loader.grub = {
+      enable = true;
+      configurationLimit = 3;
+    };
+    loader.efi.canTouchEfiVariables = true;
+  };

  # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
  system.stateVersion = "24.11";