All the updates after this mess, should be good now
This commit is contained in:
parent
28c916d0ef
commit
a4f8f48f4b
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
/result
|
45
disko/queen/default.nix
Normal file
45
disko/queen/default.nix
Normal file
|
@ -0,0 +1,45 @@
|
|||
{
|
||||
disko.devices = {
|
||||
disk = {
|
||||
nvme0n1 = {
|
||||
type = "disk";
|
||||
device = "/dev/disk/by-path/pci-0000:00:05.0-scsi-0:0:0:0";
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
ESP = {
|
||||
size = "512M";
|
||||
type = "EF00";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
mountOptions = [
|
||||
"defaults"
|
||||
];
|
||||
};
|
||||
};
|
||||
swap = {
|
||||
size = "16G";
|
||||
content = {
|
||||
type = "swap";
|
||||
resumeDevice = true; # resume from hiberation from this device
|
||||
};
|
||||
};
|
||||
root = {
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "ext4";
|
||||
mountpoint = "/";
|
||||
mountOptions = [
|
||||
"defaults"
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
78
flake.nix
78
flake.nix
|
@ -20,8 +20,12 @@
|
|||
# catpuccin theme
|
||||
catppuccin.url = "github:catppuccin/nix";
|
||||
|
||||
# catpuccin theme
|
||||
catppuccin.url = "github:catppuccin/nix";
|
||||
|
||||
# Conduit fork without all the fuss and drama
|
||||
conduit = {
|
||||
url = "github:girlbossceo/conduwuit";
|
||||
url = "github:girlbossceo/conduwuit";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
@ -30,6 +34,10 @@
|
|||
nix-index-database.url = "github:nix-community/nix-index-database";
|
||||
nix-index-database.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
# Nix index database files
|
||||
nix-index-database.url = "github:nix-community/nix-index-database";
|
||||
nix-index-database.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
# Secret management with sops
|
||||
sops-nix.url = "github:Mic92/sops-nix";
|
||||
|
||||
|
@ -61,6 +69,8 @@
|
|||
|
||||
zjstatus.url = "github:dj95/zjstatus";
|
||||
|
||||
zjstatus.url = "github:dj95/zjstatus";
|
||||
|
||||
# Fix for steam cursor not being visible under wayland
|
||||
|
||||
# Add any other flake you might need
|
||||
|
@ -71,6 +81,10 @@
|
|||
# url = "github:mindsbackyard/linger-flake";
|
||||
# inputs.flake-utils.follows = "flake-utils";
|
||||
# };
|
||||
# linger = {
|
||||
# url = "github:mindsbackyard/linger-flake";
|
||||
# inputs.flake-utils.follows = "flake-utils";
|
||||
# };
|
||||
|
||||
# pihole = {
|
||||
# url = "github:mindsbackyard/pihole-flake";
|
||||
|
@ -78,6 +92,12 @@
|
|||
# inputs.flake-utils.follows = "flake-utils";
|
||||
# inputs.linger.follows = "linger";
|
||||
# };
|
||||
# pihole = {
|
||||
# url = "github:mindsbackyard/pihole-flake";
|
||||
# inputs.nixpkgs.follows = "nixpkgs";
|
||||
# inputs.flake-utils.follows = "flake-utils";
|
||||
# inputs.linger.follows = "linger";
|
||||
# };
|
||||
};
|
||||
|
||||
outputs = {
|
||||
|
@ -85,6 +105,7 @@
|
|||
nixpkgs,
|
||||
nixos-generators,
|
||||
catppuccin,
|
||||
catppuccin,
|
||||
disko,
|
||||
home-manager,
|
||||
sops-nix,
|
||||
|
@ -93,10 +114,14 @@
|
|||
zjstatus,
|
||||
# linger,
|
||||
# pihole,
|
||||
zjstatus,
|
||||
# linger,
|
||||
# pihole,
|
||||
lanzaboote,
|
||||
jovian,
|
||||
nixos-hardware,
|
||||
nix-index-database,
|
||||
nix-index-database,
|
||||
conduit,
|
||||
...
|
||||
} @ inputs: let
|
||||
|
@ -112,6 +137,11 @@
|
|||
in {
|
||||
# Your custom packages
|
||||
# Accessible through 'nix build', 'nix shell', etc
|
||||
packages = forAllSystems (system:
|
||||
import ./pkgs (import nixpkgs {
|
||||
inherit system;
|
||||
config.allowUnfree = true;
|
||||
}));
|
||||
packages = forAllSystems (system:
|
||||
import ./pkgs (import nixpkgs {
|
||||
inherit system;
|
||||
|
@ -147,11 +177,17 @@
|
|||
home-manager.nixosModules.home-manager
|
||||
nix-index-database.nixosModules.nix-index
|
||||
catppuccin.nixosModules.catppuccin
|
||||
nix-index-database.nixosModules.nix-index
|
||||
catppuccin.nixosModules.catppuccin
|
||||
{
|
||||
home-manager.sharedModules = [
|
||||
inputs.catppuccin.homeManagerModules.catppuccin
|
||||
inputs.plasma-manager.homeManagerModules.plasma-manager
|
||||
];
|
||||
home-manager.sharedModules = [
|
||||
inputs.catppuccin.homeManagerModules.catppuccin
|
||||
inputs.plasma-manager.homeManagerModules.plasma-manager
|
||||
];
|
||||
}
|
||||
];
|
||||
};
|
||||
|
@ -168,11 +204,17 @@
|
|||
home-manager.nixosModules.home-manager
|
||||
nix-index-database.nixosModules.nix-index
|
||||
catppuccin.nixosModules.catppuccin
|
||||
nix-index-database.nixosModules.nix-index
|
||||
catppuccin.nixosModules.catppuccin
|
||||
{
|
||||
home-manager.sharedModules = [
|
||||
inputs.catppuccin.homeManagerModules.catppuccin
|
||||
inputs.plasma-manager.homeManagerModules.plasma-manager
|
||||
];
|
||||
home-manager.sharedModules = [
|
||||
inputs.catppuccin.homeManagerModules.catppuccin
|
||||
inputs.plasma-manager.homeManagerModules.plasma-manager
|
||||
];
|
||||
}
|
||||
];
|
||||
};
|
||||
|
@ -192,6 +234,12 @@
|
|||
inputs.catppuccin.homeManagerModules.catppuccin
|
||||
];
|
||||
}
|
||||
catppuccin.nixosModules.catppuccin
|
||||
{
|
||||
home-manager.sharedModules = [
|
||||
inputs.catppuccin.homeManagerModules.catppuccin
|
||||
];
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
|
@ -207,11 +255,16 @@
|
|||
jovian.nixosModules.jovian
|
||||
home-manager.nixosModules.home-manager
|
||||
catppuccin.nixosModules.catppuccin
|
||||
catppuccin.nixosModules.catppuccin
|
||||
{
|
||||
home-manager.sharedModules = [
|
||||
inputs.plasma-manager.homeManagerModules.plasma-manager
|
||||
inputs.catppuccin.homeManagerModules.catppuccin
|
||||
];
|
||||
home-manager.sharedModules = [
|
||||
inputs.plasma-manager.homeManagerModules.plasma-manager
|
||||
inputs.catppuccin.homeManagerModules.catppuccin
|
||||
];
|
||||
}
|
||||
];
|
||||
};
|
||||
|
@ -227,11 +280,36 @@
|
|||
home-manager.nixosModules.home-manager
|
||||
nix-index-database.nixosModules.nix-index
|
||||
catppuccin.nixosModules.catppuccin
|
||||
nix-index-database.nixosModules.nix-index
|
||||
catppuccin.nixosModules.catppuccin
|
||||
{
|
||||
home-manager.sharedModules = [
|
||||
inputs.plasma-manager.homeManagerModules.plasma-manager
|
||||
inputs.catppuccin.homeManagerModules.catppuccin
|
||||
];
|
||||
home-manager.sharedModules = [
|
||||
inputs.plasma-manager.homeManagerModules.plasma-manager
|
||||
inputs.catppuccin.homeManagerModules.catppuccin
|
||||
];
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
iso_server = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
specialArgs = {inherit inputs outputs;};
|
||||
modules = [
|
||||
"${nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix"
|
||||
"${nixpkgs}/nixos/modules/installer/cd-dvd/channel.nix"
|
||||
./nixos/hosts/iso_server/configuration.nix
|
||||
sops-nix.nixosModules.sops
|
||||
home-manager.nixosModules.home-manager
|
||||
nix-index-database.nixosModules.nix-index
|
||||
catppuccin.nixosModules.catppuccin
|
||||
{
|
||||
home-manager.sharedModules = [
|
||||
inputs.catppuccin.homeManagerModules.catppuccin
|
||||
];
|
||||
}
|
||||
];
|
||||
};
|
||||
|
|
|
@ -18,6 +18,7 @@
|
|||
# ./nvim.nix
|
||||
./package-configs/plasma-desktop.nix
|
||||
./package-configs/firefox.nix
|
||||
./package-configs/konsole
|
||||
];
|
||||
nixpkgs = {
|
||||
# You can add overlays here
|
||||
|
@ -44,6 +45,19 @@
|
|||
customUIColors = {};
|
||||
});
|
||||
})
|
||||
(final: prev: {
|
||||
catppuccin-vsc = final.catppuccin-vsc.overrideAttrs (oldAttrs: {
|
||||
accent = "mauve";
|
||||
boldKeywords = true;
|
||||
italicComments = true;
|
||||
italicKeywords = true;
|
||||
extraBordersEnabled = false;
|
||||
workbenchMode = "default";
|
||||
bracketMode = "rainbow";
|
||||
colorOverrides = {};
|
||||
customUIColors = {};
|
||||
});
|
||||
})
|
||||
];
|
||||
# Configure your nixpkgs instance
|
||||
config = {
|
||||
|
@ -66,6 +80,7 @@
|
|||
direnv
|
||||
git
|
||||
git-credential-manager
|
||||
git-credential-manager
|
||||
ruff
|
||||
kate
|
||||
|
||||
|
@ -105,8 +120,17 @@
|
|||
})
|
||||
catppuccin-sddm-corners
|
||||
|
||||
# Theming:
|
||||
catppuccin-cursors
|
||||
(catppuccin-kde.override {
|
||||
flavour = ["macchiato"];
|
||||
accents = ["mauve"];
|
||||
})
|
||||
catppuccin-sddm-corners
|
||||
|
||||
# Web browsing:
|
||||
firefoxpwa
|
||||
firefoxpwa
|
||||
ungoogled-chromium
|
||||
];
|
||||
|
||||
|
@ -114,6 +138,8 @@
|
|||
enable = true;
|
||||
package = pkgs.vscodium;
|
||||
extensions = with pkgs.vscode-extensions; [
|
||||
catppuccin.catppuccin-vsc
|
||||
catppuccin.catppuccin-vsc-icons
|
||||
catppuccin.catppuccin-vsc
|
||||
catppuccin.catppuccin-vsc-icons
|
||||
charliermarsh.ruff
|
||||
|
@ -158,6 +184,7 @@
|
|||
"*.vscode"
|
||||
".envrc"
|
||||
"venv"
|
||||
"venv"
|
||||
];
|
||||
};
|
||||
|
||||
|
|
|
@ -0,0 +1,96 @@
|
|||
[Background]
|
||||
Color=36,39,58
|
||||
|
||||
[BackgroundFaint]
|
||||
Color=36,39,58
|
||||
|
||||
[BackgroundIntense]
|
||||
Color=36,39,58
|
||||
|
||||
[Color0]
|
||||
Color=110,115,141
|
||||
|
||||
[Color0Faint]
|
||||
Color=110,115,141
|
||||
|
||||
[Color0Intense]
|
||||
Color=110,115,141
|
||||
|
||||
[Color1]
|
||||
Color=237,135,150
|
||||
|
||||
[Color1Faint]
|
||||
Color=237,135,150
|
||||
|
||||
[Color1Intense]
|
||||
Color=237,135,150
|
||||
|
||||
[Color2]
|
||||
Color=166,218,149
|
||||
|
||||
[Color2Faint]
|
||||
Color=166,218,149
|
||||
|
||||
[Color2Intense]
|
||||
Color=166,218,149
|
||||
|
||||
[Color3]
|
||||
Color=238,212,159
|
||||
|
||||
[Color3Faint]
|
||||
Color=238,212,159
|
||||
|
||||
[Color3Intense]
|
||||
Color=238,212,159
|
||||
|
||||
[Color4]
|
||||
Color=138,173,244
|
||||
|
||||
[Color4Faint]
|
||||
Color=138,173,244
|
||||
|
||||
[Color4Intense]
|
||||
Color=138,173,244
|
||||
|
||||
[Color5]
|
||||
Color=198,160,246
|
||||
|
||||
[Color5Faint]
|
||||
Color=198,160,246
|
||||
|
||||
[Color5Intense]
|
||||
Color=198,160,246
|
||||
|
||||
[Color6]
|
||||
Color=137,220,227
|
||||
|
||||
[Color6Faint]
|
||||
Color=137,220,227
|
||||
|
||||
[Color6Intense]
|
||||
Color=137,220,227
|
||||
|
||||
[Color7]
|
||||
Color=202,211,245
|
||||
|
||||
[Color7Faint]
|
||||
Color=202,211,245
|
||||
|
||||
[Color7Intense]
|
||||
Color=202,211,245
|
||||
|
||||
[Foreground]
|
||||
Color=202,211,245
|
||||
|
||||
[ForegroundFaint]
|
||||
Color=202,211,245
|
||||
|
||||
[ForegroundIntense]
|
||||
Color=202,211,245
|
||||
|
||||
[General]
|
||||
Blur=false
|
||||
ColorRandomization=false
|
||||
Description=Catppuccin Macchiato
|
||||
Opacity=1
|
||||
Wallpaper=
|
|
@ -0,0 +1,8 @@
|
|||
[Appearance]
|
||||
ColorScheme=Catppuccin-Macchiato
|
||||
|
||||
[General]
|
||||
Name=Catppuccin
|
||||
Parent=FALLBACK/
|
||||
StartInCurrentSessionDir=true
|
||||
TerminalRows=30
|
25
home-manager/desktop/package-configs/konsole/default.nix
Normal file
25
home-manager/desktop/package-configs/konsole/default.nix
Normal file
|
@ -0,0 +1,25 @@
|
|||
{
|
||||
lib,
|
||||
pkgs,
|
||||
inputs,
|
||||
...
|
||||
}: {
|
||||
home.file = {
|
||||
"profile" = {
|
||||
source = ./Catppuccin.profile;
|
||||
target = ".local/share/konsole/Catppuccin.profile";
|
||||
};
|
||||
};
|
||||
home.file = {
|
||||
"colorscheme" = {
|
||||
source = ./Catppuccin-Macchiato.colorscheme;
|
||||
target = ".local/share/konsole/Catppuccin-Macchiato.colorscheme";
|
||||
};
|
||||
};
|
||||
home.file = {
|
||||
"konsolerc" = {
|
||||
source = ./konsolerc;
|
||||
target = ".config/konsolerc";
|
||||
};
|
||||
};
|
||||
}
|
15
home-manager/desktop/package-configs/konsole/konsolerc
Normal file
15
home-manager/desktop/package-configs/konsole/konsolerc
Normal file
|
@ -0,0 +1,15 @@
|
|||
[Desktop Entry]
|
||||
DefaultProfile=Catppuccin.profile
|
||||
|
||||
[General]
|
||||
ConfigVersion=1
|
||||
|
||||
[MainWindow]
|
||||
1920x1080 screen: Height=524
|
||||
1920x1080 screen: Width=911
|
||||
RestorePositionForNextInstance=false
|
||||
State=AAAA/wAAAAD9AAAAAQAAAAAAAAAAAAAAAPwCAAAAAvsAAAAcAFMAUwBIAE0AYQBuAGEAZwBlAHIARABvAGMAawAAAAAA/////wAAAREA////+wAAACIAUQB1AGkAYwBrAEMAbwBtAG0AYQBuAGQAcwBEAG8AYwBrAAAAAAD/////AAABcgD///8AAAOPAAAB3gAAAAQAAAAEAAAACAAAAAj8AAAAAQAAAAIAAAACAAAAFgBtAGEAaQBuAFQAbwBvAGwAQgBhAHIBAAAAAP////8AAAAAAAAAAAAAABwAcwBlAHMAcwBpAG8AbgBUAG8AbwBsAGIAYQByAQAAAOj/////AAAAAAAAAAA=
|
||||
ToolBarsMovable=Disabled
|
||||
|
||||
[UiSettings]
|
||||
ColorScheme=
|
13
home-manager/hosts/iso_server/default.nix
Normal file
13
home-manager/hosts/iso_server/default.nix
Normal file
|
@ -0,0 +1,13 @@
|
|||
{
|
||||
inputs,
|
||||
outputs,
|
||||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
# You can import other home-manager modules here
|
||||
imports = [
|
||||
./lillian.nix
|
||||
];
|
||||
}
|
29
home-manager/hosts/iso_server/lillian.nix
Normal file
29
home-manager/hosts/iso_server/lillian.nix
Normal file
|
@ -0,0 +1,29 @@
|
|||
# This is your home-manager configuration file
|
||||
# Use this to configure your home environment (it replaces ~/.config/nixpkgs/home.nix)
|
||||
{
|
||||
inputs,
|
||||
outputs,
|
||||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
# You can import other home-manager modules here
|
||||
imports = [
|
||||
# If you want to use modules your own flake exports (from modules/home-manager):
|
||||
# outputs.homeManagerModules.example
|
||||
|
||||
# Or modules exported from other flakes (such as nix-colors):
|
||||
# inputs.nix-colors.homeManagerModules.default
|
||||
|
||||
# You can also split up your configuration and import pieces of it here:
|
||||
# ./nvim.nix
|
||||
../../shared
|
||||
];
|
||||
|
||||
home.packages = with pkgs; [
|
||||
];
|
||||
|
||||
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
|
||||
home.stateVersion = "24.05";
|
||||
}
|
127
nixos/hosts/iso_server/configuration.nix
Normal file
127
nixos/hosts/iso_server/configuration.nix
Normal file
|
@ -0,0 +1,127 @@
|
|||
{
|
||||
inputs,
|
||||
outputs,
|
||||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
nixpkgs-stable,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
# If you want to use modules your own flake exports (from modules/home-manager):
|
||||
# outputs.homeManagerModules.example
|
||||
# outputs.nixosModules.contabo.wan
|
||||
inputs.home-manager.nixosModules.home-manager
|
||||
# Or modules exported from other flakes (such as nix-colors):
|
||||
# inputs.nix-colors.homeManagerModules.defaults
|
||||
|
||||
# Import shared settings
|
||||
../../shared
|
||||
];
|
||||
|
||||
programs.command-not-found.enable = lib.mkForce false;
|
||||
programs.nix-index.enable = true;
|
||||
programs.nix-index-database.comma.enable = true;
|
||||
|
||||
boot.tmp.cleanOnBoot = true;
|
||||
zramSwap.enable = false;
|
||||
networking.domain = "";
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
# require public key authentication for better security
|
||||
settings.PasswordAuthentication = false;
|
||||
settings.KbdInteractiveAuthentication = false;
|
||||
};
|
||||
|
||||
nixpkgs = {
|
||||
# You can add overlays here
|
||||
overlays = [
|
||||
];
|
||||
# Configure your nixpkgs instance
|
||||
config = {
|
||||
# Disable if you don't want unfree packages
|
||||
allowUnfree = true;
|
||||
};
|
||||
};
|
||||
|
||||
#Set up sops config, and configure where the keyfile is, then set the mode for the unencrypted keys
|
||||
sops.defaultSopsFile = ./secrets/sops.yaml;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
# Custom tools
|
||||
dvd
|
||||
dvt
|
||||
servo
|
||||
restart
|
||||
install-nix
|
||||
|
||||
# System tools
|
||||
aha
|
||||
direnv
|
||||
efitools
|
||||
git-filter-repo
|
||||
gnupg
|
||||
pciutils
|
||||
sbctl
|
||||
tpm2-tools
|
||||
tpm2-tss
|
||||
zsh
|
||||
];
|
||||
|
||||
# Contabo ipv6 nameservers: "2a02:c207::1:53" "2a02:c207::2:53"
|
||||
|
||||
networking.firewall.enable = true;
|
||||
|
||||
networking.firewall.allowedTCPPorts = [22];
|
||||
|
||||
# Configure keymap in X11
|
||||
services.xserver.xkb = {
|
||||
layout = "us";
|
||||
variant = "";
|
||||
options = "terminate:ctrl_alt_bksp,compose:caps_toggle";
|
||||
};
|
||||
|
||||
security.tpm2.enable = true;
|
||||
security.tpm2.pkcs11.enable = true; # expose /run/current-system/sw/lib/libtpm2_pkcs11.so
|
||||
security.tpm2.tctiEnvironment.enable = true; # TPM2TOOLS_TCTI and TPM2_PKCS11_TCTI env variables
|
||||
users.users.lillian.extraGroups = ["tss"]; # tss group has access to TPM devices
|
||||
|
||||
# Set your time zone.
|
||||
time.timeZone = "Europe/Amsterdam";
|
||||
|
||||
programs.git = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
programs.direnv = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
# Enable completion of system packages by zsh
|
||||
environment.pathsToLink = ["/share/zsh"];
|
||||
|
||||
# kde power settings do not turn off screen
|
||||
systemd = {
|
||||
services.sshd.wantedBy = pkgs.lib.mkForce ["multi-user.target"];
|
||||
targets = {
|
||||
sleep.enable = false;
|
||||
suspend.enable = false;
|
||||
hibernate.enable = false;
|
||||
hybrid-sleep.enable = false;
|
||||
};
|
||||
};
|
||||
|
||||
home-manager = {
|
||||
extraSpecialArgs = {inherit inputs outputs;};
|
||||
users = {
|
||||
# Import your home-manager configuration
|
||||
lillian = import ../../../home-manager/hosts/iso_server;
|
||||
};
|
||||
};
|
||||
|
||||
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
|
||||
boot.supportedFilesystems = lib.mkForce ["bcachefs" "btrfs" "cifs" "f2fs" "jfs" "ntfs" "reiserfs" "vfat" "xfs"];
|
||||
|
||||
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
|
||||
system.stateVersion = "unstable";
|
||||
}
|
21
nixos/hosts/iso_server/secrets/sops.yaml
Normal file
21
nixos/hosts/iso_server/secrets/sops.yaml
Normal file
|
@ -0,0 +1,21 @@
|
|||
lillian-password: ENC[AES256_GCM,data:kDP9LpmtLR2UEjCY0kgcdHmYAYLipOd/9I3NuiRHzLDhCX44M5QGfbQrle7bi9EOVD4eNB3uNtk+oBClr7cc21E9YtMIp5vg2g==,iv:EWB/hMRtWZfEn48Qmjo/V30BtSLrOsmo/cuEKnfW6Wk=,tag:vjiOkVga18BLKjf3GnZM2Q==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age12e00qvf4shtmsfq3ujamyaa72pjvad2qhrxkvpl9hryrjvgxev4sjhmkxz
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrTFI5MDRiUkp1TGF2eHlG
|
||||
VmwyVEdXQVR4dFJaZTNxeTRXQXZNbkN6T1dRClZyMU1LbFFmY0RwK1pmNDNWY0hW
|
||||
bUJGYXI5ZEFIdDhUak1kMzF1WTE2SGsKLS0tIHpUQUVEWml1a251RmhQSGt1dm5E
|
||||
a1hsN3NaVzNvRXlwcEpPd0RVQndiZk0KJ7/cnWzw1zSmgn+bOJn4Y1xRHqlk+zRM
|
||||
Om0p+V9tUCCS5yGzacp8pFCa2DQNj0OVdyB2ZpjAiOzK7vWY8EU5XA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-05-03T14:29:41Z"
|
||||
mac: ENC[AES256_GCM,data:ezq0K/lFSNSog0UzvsVNNpCewzBKmKJdsXlkWzZ8nhXN7/1lHeoONQnoEooNhNhpmFF1yCvcArZ6Suy7+R4UuybKBky+6r62fyz0BKrAO9y0Xb/HFiAJPAYwP7/5sRFq/jDdtMAbjLxJhoH128md5LoHXhUUc3sws/SIQvdan4I=,iv:/IxAO3rw4lc8ZzDWUtfJb3siGCtzCxid5NfhEnad01Q=,tag:IRg7LV7hnFmWl5WhWD2ZSg==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
|
@ -24,6 +24,9 @@
|
|||
|
||||
# Import server settings
|
||||
../../server
|
||||
|
||||
# Import disko
|
||||
# ../../../disko/queen
|
||||
];
|
||||
|
||||
boot.tmp.cleanOnBoot = true;
|
||||
|
@ -87,34 +90,34 @@
|
|||
];
|
||||
|
||||
# Create an auto-update systemd service that runs every day
|
||||
system.autoUpgrade = {
|
||||
flake = "git+https://git.lillianviolet.dev/Lillian-Violet/NixOS-Config.git";
|
||||
dates = "daily";
|
||||
enable = true;
|
||||
};
|
||||
# system.autoUpgrade = {
|
||||
# flake = "git+https://git.lillianviolet.dev/Lillian-Violet/NixOS-Config.git";
|
||||
# dates = "daily";
|
||||
# enable = true;
|
||||
# };
|
||||
|
||||
systemd.services.systemd-networkd.serviceConfig.Environment = "SYSTEMD_LOG_LEVEL=debug";
|
||||
# systemd.services.systemd-networkd.serviceConfig.Environment = "SYSTEMD_LOG_LEVEL=debug";
|
||||
# Enable networking
|
||||
networking.networkmanager.enable = true;
|
||||
networking.nat.enable = true;
|
||||
networking.nat.internalInterfaces = ["ve-+"];
|
||||
networking.nat.externalInterface = "ens18";
|
||||
networking.enableIPv6 = lib.mkForce true;
|
||||
networking.nameservers = ["79.143.183.251" "79.143.183.252" "2a02:c207::1:53" "2a02:c207::2:53"];
|
||||
# networking.networkmanager.enable = true;
|
||||
# networking.nat.enable = true;
|
||||
# networking.nat.internalInterfaces = ["ve-+"];
|
||||
# networking.nat.externalInterface = "ens18";
|
||||
# networking.enableIPv6 = lib.mkForce true;
|
||||
# networking.nameservers = ["79.143.183.251" "79.143.183.252" "2a02:c207::1:53" "2a02:c207::2:53"];
|
||||
|
||||
networking.interfaces.ens18.ipv4.addresses = [
|
||||
{
|
||||
address = "62.171.160.195";
|
||||
prefixLength = 32;
|
||||
}
|
||||
];
|
||||
# networking.interfaces.ens18.ipv4.addresses = [
|
||||
# {
|
||||
# address = "62.171.160.195";
|
||||
# prefixLength = 32;
|
||||
# }
|
||||
# ];
|
||||
|
||||
networking.interfaces.ens18.ipv6.addresses = [
|
||||
{
|
||||
address = "2a02:c207:2063:2448::1";
|
||||
prefixLength = 64;
|
||||
}
|
||||
];
|
||||
# networking.interfaces.ens18.ipv6.addresses = [
|
||||
# {
|
||||
# address = "2a02:c207:2063:2448::1";
|
||||
# prefixLength = 64;
|
||||
# }
|
||||
# ];
|
||||
|
||||
# Open ports in the firewall.
|
||||
networking.firewall = {
|
||||
|
|
|
@ -7,12 +7,21 @@
|
|||
}: {
|
||||
imports = [(modulesPath + "/profiles/qemu-guest.nix")];
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi"];
|
||||
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod"];
|
||||
boot.initrd.kernelModules = ["nvme"];
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/sda3";
|
||||
device = "/dev/disk/by-uuid/dc10d09c-9394-4854-acd5-93ceccd2f448";
|
||||
fsType = "ext4";
|
||||
};
|
||||
swapDevices = [{device = "/dev/sda2";}];
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
|
||||
fileSystems."/nix/store" = {
|
||||
device = "/nix/store";
|
||||
fsType = "none";
|
||||
options = ["bind"];
|
||||
};
|
||||
|
||||
swapDevices = [];
|
||||
}
|
||||
|
|
|
@ -3,6 +3,8 @@
|
|||
stdenv,
|
||||
git,
|
||||
gum,
|
||||
git,
|
||||
gum,
|
||||
writeShellApplication,
|
||||
}:
|
||||
writeShellApplication
|
||||
|
@ -16,7 +18,7 @@ writeShellApplication
|
|||
set -e
|
||||
pushd /tmp > /dev/null
|
||||
rm -rf ./install-nix
|
||||
git clone https://git.lillianviolet.dev/Lillian-Violet/NixOS-Config.git ./install-nix
|
||||
git clone https://codeberg.org/Lillian-Violet/NixOS-Config.git ./install-nix
|
||||
pushd ./install-nix/nixos/hosts > /dev/null
|
||||
echo "Please choose the hostname you are installing to from the following list:"
|
||||
i=1
|
||||
|
@ -39,9 +41,11 @@ writeShellApplication
|
|||
"./disko/''${dir}/default.nix"
|
||||
echo "NixOS Installing..."
|
||||
sudo nixos-install --flake .#"''${dir}"
|
||||
sudo nixos-install --flake .#"''${dir}"
|
||||
popd > /dev/null
|
||||
echo "Cleaning up repository in '/tmp/install-nix'..."
|
||||
rm -rf ./install-nix
|
||||
rm -rf ./install-nix
|
||||
popd > /dev/null
|
||||
echo "NixOS Install Succeeded!"
|
||||
'';
|
||||
|
|
|
@ -15,7 +15,7 @@ writeShellApplication
|
|||
set -e
|
||||
pushd /tmp > /dev/null
|
||||
rm -rf ./rebuild
|
||||
git clone https://git.lillianviolet.dev/Lillian-Violet/NixOS-Config.git ./rebuild
|
||||
git clone https://codeberg.org/Lillian-Violet/NixOS-Config.git ./rebuild
|
||||
pushd ./rebuild > /dev/null
|
||||
echo "NixOS Rebuilding..."
|
||||
sudo nixos-rebuild switch --flake .#
|
||||
|
|
|
@ -14,7 +14,7 @@ writeShellApplication
|
|||
set -e
|
||||
pushd /tmp > /dev/null
|
||||
rm -rf ./update
|
||||
git clone forgejo@git.lillianviolet.dev:Lillian-Violet/NixOS-Config.git ./update
|
||||
git clone git@codeberg.org:Lillian-Violet/NixOS-Config.git ./update
|
||||
pushd ./update > /dev/null
|
||||
echo "Updating flake lock..."
|
||||
nix flake update
|
||||
|
|
Loading…
Reference in a new issue