mirror of
https://codeberg.org/jopejoe1/nix-conf.git
synced 2025-01-06 11:46:51 +01:00
194 lines
4.5 KiB
Nix
194 lines
4.5 KiB
Nix
{ config, pkgs, lib, self, ... }:
|
|
|
|
{
|
|
|
|
imports = [
|
|
self.inputs.srvos.nixosModules.server
|
|
self.inputs.srvos.nixosModules.hardware-hetzner-online-amd
|
|
self.inputs.srvos.nixosModules.mixins-nginx
|
|
self.inputs.impermanence.nixosModules.impermanence
|
|
];
|
|
|
|
jopejoe1 = {
|
|
local.enable = true;
|
|
nix.enable = true;
|
|
user = {
|
|
jopejoe1.enable = true;
|
|
root.enable = true;
|
|
};
|
|
ssh.enable = true;
|
|
};
|
|
|
|
boot.initrd.availableKernelModules = [ "ahci" "nvme" ];
|
|
boot.initrd.kernelModules = [ ];
|
|
boot.kernelModules = [ "kvm-amd" ];
|
|
boot.extraModulePackages = [ ];
|
|
boot.loader = {
|
|
grub = {
|
|
enable = true;
|
|
};
|
|
};
|
|
|
|
systemd.network.networks."10-uplink".networkConfig.Address = " 2a01:4f8:a0:31e5::/64";
|
|
|
|
time.timeZone = "Europe/Berlin";
|
|
|
|
services.openssh.settings.PermitRootLogin = lib.mkForce "yes";
|
|
|
|
services.openssh.ports = [ 22 ];
|
|
|
|
users.mutableUsers = false;
|
|
users.users.jopejoe1.hashedPassword = "$2b$05$Uk84TY/RHlH8DIigUlFYjeorjTlCMEY9wN2pAcw5BLaPoc7dKiSsC";
|
|
users.users.root.hashedPassword = "$2b$05$Uk84TY/RHlH8DIigUlFYjeorjTlCMEY9wN2pAcw5BLaPoc7dKiSsC";
|
|
|
|
home-manager.users = {
|
|
jopejoe1 = {
|
|
imports = [ self.inputs.impermanence.nixosModules.home-manager.impermanence ];
|
|
home.persistence."/nix/persistent/users/jopejoe1" = {
|
|
allowOther = false;
|
|
directories = [
|
|
"Downloads"
|
|
"Music"
|
|
"Pictures"
|
|
"Documents"
|
|
"Videos"
|
|
".gnupg"
|
|
".ssh"
|
|
".nixops"
|
|
".local/share/keyrings"
|
|
".local/share/direnv"
|
|
];
|
|
files = [
|
|
".screenrc"
|
|
];
|
|
};
|
|
};
|
|
root = {
|
|
imports = [ self.inputs.impermanence.nixosModules.home-manager.impermanence ];
|
|
home.persistence."/nix/persistent/users/root" = {
|
|
allowOther = false;
|
|
directories = [
|
|
"Downloads"
|
|
"Music"
|
|
"Pictures"
|
|
"Documents"
|
|
"Videos"
|
|
".gnupg"
|
|
".ssh"
|
|
".nixops"
|
|
".local/share/keyrings"
|
|
".local/share/direnv"
|
|
];
|
|
files = [
|
|
".screenrc"
|
|
];
|
|
};
|
|
};
|
|
};
|
|
|
|
environment.persistence."/nix/persistent/system" = {
|
|
hideMounts = true;
|
|
directories = [
|
|
"/var/log"
|
|
"/var/lib/bluetooth"
|
|
"/var/lib/nixos"
|
|
"/var/lib/systemd/coredump"
|
|
"/etc/NetworkManager/system-connections"
|
|
{ directory = "/var/lib/colord"; user = "colord"; group = "colord"; mode = "u=rwx,g=rx,o="; }
|
|
];
|
|
files = [
|
|
"/etc/machine-id"
|
|
{ file = "/var/keys/secret_file"; parentDirectory = { mode = "u=rwx,g=,o="; }; }
|
|
{ file = "/etc/nix/id_rsa"; parentDirectory = { mode = "u=rwx,g=,o="; }; }
|
|
];
|
|
};
|
|
|
|
fileSystems = {
|
|
"/nix" = {
|
|
neededForBoot = true;
|
|
};
|
|
"/nix/persistent" = {
|
|
neededForBoot = true;
|
|
};
|
|
};
|
|
|
|
disko.devices = {
|
|
nodev = {
|
|
"/" = {
|
|
fsType = "tmpfs";
|
|
mountOptions = [
|
|
"defaults"
|
|
"size=25%"
|
|
"mode=755"
|
|
];
|
|
};
|
|
};
|
|
disk = {
|
|
vdb = {
|
|
type = "disk";
|
|
device = "/dev/nvme0n1";
|
|
content = {
|
|
type = "gpt";
|
|
partitions = {
|
|
boot = {
|
|
size = "1M";
|
|
type = "EF02"; # for grub MBR
|
|
};
|
|
mdadm = {
|
|
size = "100%";
|
|
content = {
|
|
type = "mdraid";
|
|
name = "raid0";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
vdc = {
|
|
type = "disk";
|
|
device = "/dev/nvme1n1";
|
|
content = {
|
|
type = "gpt";
|
|
partitions = {
|
|
boot = {
|
|
size = "1M";
|
|
type = "EF02"; # for grub MBR
|
|
};
|
|
mdadm = {
|
|
size = "100%";
|
|
content = {
|
|
type = "mdraid";
|
|
name = "raid0";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
mdadm = {
|
|
raid0 = {
|
|
type = "mdadm";
|
|
level = 0;
|
|
content = {
|
|
type = "gpt";
|
|
partitions = {
|
|
primary = {
|
|
size = "100%";
|
|
content = {
|
|
type = "btrfs";
|
|
extraArgs = [ "-f" ];
|
|
subvolumes = {
|
|
"/nix" = {
|
|
mountOptions = [ "compress=zstd" "noatime" ];
|
|
mountpoint = "/nix";
|
|
};
|
|
"/nix/persistent" = {};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|