jopejoe1/nix-conf
1
0
Fork 0
mirror of https://codeberg.org/jopejoe1/nix-conf.git synced 2025-01-01 18:36:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

add impernance to hetzner

Browse source
This commit is contained in:
Johannes Jöns 2024-04-18 17:26:19 +02:00
parent b5a3ffe099
commit 9490e11b82
3 changed files with 98 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
flake.nix
View file

@ -37,6 +37,7 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs-stable.follows = "nixpkgs"; inputs.nixpkgs-stable.follows = "nixpkgs";
}; };
impermanence.url = "github:nix-community/impermanence";
# Packages # Packages
tela-icon-theme = { tela-icon-theme = {

4
home-modules/firefox/default.nix
View file

@ -1,4 +1,4 @@
{ config, lib, pkgs, self, ... }: { config, lib, pkgs, inputs, ... }:
let cfg = config.jopejoe1.firefox; let cfg = config.jopejoe1.firefox;
in { in {
@ -193,7 +193,7 @@ in {
}; };
profiles = { profiles = {
default = { default = {
extensions = with self.inputs.firefox-addons.packages.${pkgs.stdenv.hostPlatform.system}; [ extensions = with pkgs.firefox-addons; [
ublock-origin ublock-origin
privacy-badger privacy-badger
bitwarden bitwarden

98
systems/hetzner/default.nix
View file

@ -6,6 +6,7 @@
self.inputs.srvos.nixosModules.server self.inputs.srvos.nixosModules.server
self.inputs.srvos.nixosModules.hardware-hetzner-online-amd self.inputs.srvos.nixosModules.hardware-hetzner-online-amd
self.inputs.srvos.nixosModules.mixins-nginx self.inputs.srvos.nixosModules.mixins-nginx
self.inputs.impermanence.nixosModules.impermanence
]; ];
jopejoe1 = { jopejoe1 = {
@ -36,7 +37,92 @@
services.openssh.ports = [ 22 ]; services.openssh.ports = [ 22 ];
users.mutableUsers = false;
users.users.jopejoe1.hashedPassword = "$2b$05$Uk84TY/RHlH8DIigUlFYjeorjTlCMEY9wN2pAcw5BLaPoc7dKiSsC";
users.users.root.hashedPassword = "$2b$05$Uk84TY/RHlH8DIigUlFYjeorjTlCMEY9wN2pAcw5BLaPoc7dKiSsC";
home-manager.users = {
jopejoe1 = {
imports = [ self.inputs.impermanence.nixosModules.home-manager.impermanence ];
home.persistence."/nix/persistent/users/jopejoe1" = {
allowOther = false;
directories = [
"Downloads"
"Music"
"Pictures"
"Documents"
"Videos"
".gnupg"
".ssh"
".nixops"
".local/share/keyrings"
".local/share/direnv"
];
files = [
".screenrc"
];
};
};
root = {
imports = [ self.inputs.impermanence.nixosModules.home-manager.impermanence ];
home.persistence."/nix/persistent/users/root" = {
allowOther = false;
directories = [
"Downloads"
"Music"
"Pictures"
"Documents"
"Videos"
".gnupg"
".ssh"
".nixops"
".local/share/keyrings"
".local/share/direnv"
];
files = [
".screenrc"
];
};
};
};
environment.persistence."/nix/persistent/system" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/bluetooth"
"/var/lib/nixos"
"/var/lib/systemd/coredump"
"/etc/NetworkManager/system-connections"
{ directory = "/var/lib/colord"; user = "colord"; group = "colord"; mode = "u=rwx,g=rx,o="; }
];
files = [
"/etc/machine-id"
{ file = "/var/keys/secret_file"; parentDirectory = { mode = "u=rwx,g=,o="; }; }
{ file = "/etc/nix/id_rsa"; parentDirectory = { mode = "u=rwx,g=,o="; }; }
];
};
fileSystems = {
"/nix" = {
neededForBoot = true;
};
"/nix/persistent" = {
neededForBoot = true;
};
};
disko.devices = { disko.devices = {
nodev = {
"/" = {
fsType = "tmpfs";
mountOptions = [
"defaults"
"size=25%"
"mode=755"
];
};
};
disk = { disk = {
vdb = { vdb = {
type = "disk"; type = "disk";
@ -89,9 +175,15 @@
primary = { primary = {
size = "100%"; size = "100%";
content = { content = {
type = "filesystem"; type = "btrfs";
format = "ext4"; extraArgs = [ "-f" ];
mountpoint = "/"; subvolumes = {
"/nix" = {
mountOptions = [ "compress=zstd" "noatime" ];
mountpoint = "/nix";
};
"/nix/persistent" = {};
};
}; };
}; };
}; };