Compare commits
2 commits
692fa8cd20
...
3e3f4331d2
Author | SHA1 | Date | |
---|---|---|---|
Antoine Martin | 3e3f4331d2 | ||
Antoine Martin | 2a2275a87a |
126
flake.lock
126
flake.lock
|
@ -3,14 +3,16 @@
|
||||||
"agenix": {
|
"agenix": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"darwin": "darwin",
|
"darwin": "darwin",
|
||||||
"nixpkgs": "nixpkgs"
|
"home-manager": "home-manager",
|
||||||
|
"nixpkgs": "nixpkgs",
|
||||||
|
"systems": "systems"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1677969766,
|
"lastModified": 1707830867,
|
||||||
"narHash": "sha256-AIp/ZYZMNLDZR/H7iiAlaGpu4lcXsVt9JQpBlf43HRY=",
|
"narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=",
|
||||||
"owner": "ryantm",
|
"owner": "ryantm",
|
||||||
"repo": "agenix",
|
"repo": "agenix",
|
||||||
"rev": "03b51fe8e459a946c4b88dcfb6446e45efb2c24e",
|
"rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -27,11 +29,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1673295039,
|
"lastModified": 1700795494,
|
||||||
"narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=",
|
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
|
||||||
"owner": "lnl7",
|
"owner": "lnl7",
|
||||||
"repo": "nix-darwin",
|
"repo": "nix-darwin",
|
||||||
"rev": "87b9d090ad39b25b2400029c64825fc2a8868943",
|
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -46,11 +48,11 @@
|
||||||
"nixpkgs": "nixpkgs_2"
|
"nixpkgs": "nixpkgs_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1702479765,
|
"lastModified": 1708910350,
|
||||||
"narHash": "sha256-wjNYsFhciYoJkZ/FBKvFj55k+vkLbu6C2qYQ7K+s8pI=",
|
"narHash": "sha256-cTuJVlOm05aQFIgGuYikgkrI61P2vTO2OfXwIRWEzUg=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "disko",
|
"repo": "disko",
|
||||||
"rev": "bd8fbc3f274288ac905bcea66bc2a5428abde458",
|
"rev": "a13f36255cf4ce99cc4236a34251c2e7106e101d",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -61,17 +63,20 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-utils": {
|
"flake-utils": {
|
||||||
|
"inputs": {
|
||||||
|
"systems": "systems_2"
|
||||||
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1653893745,
|
"lastModified": 1709126324,
|
||||||
"narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=",
|
"narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-utils",
|
||||||
"rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1",
|
"rev": "d465f4819400de7c8d874d50b982301f28a84605",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"ref": "master",
|
"ref": "main",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-utils",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
@ -79,31 +84,52 @@
|
||||||
"home-manager": {
|
"home-manager": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
"agenix",
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1706981411,
|
"lastModified": 1703113217,
|
||||||
"narHash": "sha256-cLbLPTL1CDmETVh4p0nQtvoF+FSEjsnJTFpTxhXywhQ=",
|
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "652fda4ca6dafeb090943422c34ae9145787af37",
|
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"ref": "release-23.11",
|
"repo": "home-manager",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"home-manager_2": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1708988456,
|
||||||
|
"narHash": "sha256-RCz7Xe64tN2zgWk+MVHkzg224znwqknJ1RnB7rVqUWw=",
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "home-manager",
|
||||||
|
"rev": "1d085ea4444d26aa52297758b333b449b2aa6fca",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"ref": "master",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixos-hardware": {
|
"nixos-hardware": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1695887975,
|
"lastModified": 1709110790,
|
||||||
"narHash": "sha256-u3+5FR12dI305jCMb0fJNQx2qwoQ54lv1tPoEWp0hmg=",
|
"narHash": "sha256-qUk0G9vWX90beOKB1EtLFdeImXAujNi5SP5zTyIEATc=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixos-hardware",
|
"repo": "nixos-hardware",
|
||||||
"rev": "adcfd6aa860d1d129055039696bc457af7d50d0e",
|
"rev": "01467901ec51dd92774040f2b3dff4f21f4e1c45",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -115,11 +141,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1677676435,
|
"lastModified": 1703013332,
|
||||||
"narHash": "sha256-6FxdcmQr5JeZqsQvfinIMr0XcTyTuR7EXX0H3ANShpQ=",
|
"narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "a08d6979dd7c82c4cef0dcc6ac45ab16051c1169",
|
"rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -131,11 +157,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-unstable-small": {
|
"nixpkgs-unstable-small": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1678510587,
|
"lastModified": 1709109332,
|
||||||
"narHash": "sha256-Jb6/OsFlvUotDhs9Xtk/G5SLXCHsnVnVdn5trgSiNQA=",
|
"narHash": "sha256-v2rVOs9d+A+t3ZFgWCq/31gontLcJc9K0raI7fDuu34=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "1e21dd61028bca1ed1d70a76bc8bd988ae366275",
|
"rev": "c1fe227b486d4bfffb319fd225a95ea574d398bf",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -147,11 +173,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1697915759,
|
"lastModified": 1708815994,
|
||||||
"narHash": "sha256-WyMj5jGcecD+KC8gEs+wFth1J1wjisZf8kVZH13f1Zo=",
|
"narHash": "sha256-hL7N/ut2Xu0NaDxDMsw2HagAjgDskToGiyZOWriiLYM=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "51d906d2341c9e866e48c2efcaac0f2d70bfd43e",
|
"rev": "9a9dae8f6319600fa9aebde37f340975cab4b8c0",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -163,16 +189,16 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_3": {
|
"nixpkgs_3": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1707650010,
|
"lastModified": 1708984720,
|
||||||
"narHash": "sha256-dOhphIA4MGrH4ElNCy/OlwmN24MsnEqFjRR6+RY7jZw=",
|
"narHash": "sha256-gJctErLbXx4QZBBbGp78PxtOOzsDaQ+yw1ylNQBuSUY=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "809cca784b9f72a5ad4b991e0e7bcf8890f9c3a6",
|
"rev": "13aff9b34cc32e59d35c62ac9356e4a41198a538",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"ref": "nixos-23.11",
|
"ref": "nixos-unstable",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
@ -182,11 +208,41 @@
|
||||||
"agenix": "agenix",
|
"agenix": "agenix",
|
||||||
"disko": "disko",
|
"disko": "disko",
|
||||||
"flake-utils": "flake-utils",
|
"flake-utils": "flake-utils",
|
||||||
"home-manager": "home-manager",
|
"home-manager": "home-manager_2",
|
||||||
"nixos-hardware": "nixos-hardware",
|
"nixos-hardware": "nixos-hardware",
|
||||||
"nixpkgs": "nixpkgs_3",
|
"nixpkgs": "nixpkgs_3",
|
||||||
"nixpkgs-unstable-small": "nixpkgs-unstable-small"
|
"nixpkgs-unstable-small": "nixpkgs-unstable-small"
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
"systems": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1681028828,
|
||||||
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"systems_2": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1681028828,
|
||||||
|
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"root": "root",
|
"root": "root",
|
||||||
|
|
15
flake.nix
15
flake.nix
|
@ -5,7 +5,7 @@
|
||||||
type = "github";
|
type = "github";
|
||||||
owner = "NixOS";
|
owner = "NixOS";
|
||||||
repo = "nixpkgs";
|
repo = "nixpkgs";
|
||||||
ref = "nixos-23.11";
|
ref = "nixos-unstable";
|
||||||
};
|
};
|
||||||
|
|
||||||
nixpkgs-unstable-small = {
|
nixpkgs-unstable-small = {
|
||||||
|
@ -25,7 +25,7 @@
|
||||||
type = "github";
|
type = "github";
|
||||||
owner = "nix-community";
|
owner = "nix-community";
|
||||||
repo = "home-manager";
|
repo = "home-manager";
|
||||||
ref = "release-23.11";
|
ref = "master";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -33,7 +33,7 @@
|
||||||
type = "github";
|
type = "github";
|
||||||
owner = "numtide";
|
owner = "numtide";
|
||||||
repo = "flake-utils";
|
repo = "flake-utils";
|
||||||
ref = "master";
|
ref = "main";
|
||||||
};
|
};
|
||||||
|
|
||||||
nixos-hardware = {
|
nixos-hardware = {
|
||||||
|
@ -155,6 +155,15 @@
|
||||||
++ sharedModules;
|
++ sharedModules;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
talos = nixpkgs.lib.nixosSystem {
|
||||||
|
inherit system;
|
||||||
|
modules = [
|
||||||
|
inputs.nixos-hardware.nixosModules.framework-13-7040-amd
|
||||||
|
disko.nixosModules.default
|
||||||
|
./talos.nix
|
||||||
|
] ++ sharedModules;
|
||||||
|
};
|
||||||
|
|
||||||
thanatos = nixpkgs.lib.nixosSystem {
|
thanatos = nixpkgs.lib.nixosSystem {
|
||||||
inherit system;
|
inherit system;
|
||||||
modules =
|
modules =
|
||||||
|
|
106
hosts/talos/default.nix
Normal file
106
hosts/talos/default.nix
Normal file
|
@ -0,0 +1,106 @@
|
||||||
|
# Edit this configuration file to define what should be installed on
|
||||||
|
# your system. Help is available in the configuration.nix(5) man page, on
|
||||||
|
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
|
||||||
|
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports =
|
||||||
|
[ # Include the results of the hardware scan.
|
||||||
|
./hardware-configuration.nix
|
||||||
|
./disko-config.nix
|
||||||
|
|
||||||
|
./home.nix
|
||||||
|
./secrets.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
hardware.amdgpu.opencl = false;
|
||||||
|
|
||||||
|
boot.kernelPackages = pkgs.linuxPackages_6_6;
|
||||||
|
|
||||||
|
# Use the systemd-boot EFI boot loader.
|
||||||
|
boot.loader.systemd-boot.enable = true;
|
||||||
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
|
||||||
|
boot.tmp.useTmpfs = true;
|
||||||
|
|
||||||
|
services.btrfs = {
|
||||||
|
autoScrub = {
|
||||||
|
enable = true;
|
||||||
|
fileSystems = ["/"];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.hostName = "talos"; # Define your hostname.
|
||||||
|
networking.domain = "alarsyo.net";
|
||||||
|
# Pick only one of the below networking options.
|
||||||
|
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||||||
|
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
|
||||||
|
|
||||||
|
# Set your time zone.
|
||||||
|
time.timeZone = "Europe/Paris";
|
||||||
|
|
||||||
|
# Configure network proxy if necessary
|
||||||
|
# networking.proxy.default = "http://user:password@proxy:port/";
|
||||||
|
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
|
||||||
|
|
||||||
|
programs = {
|
||||||
|
dconf.enable = true;
|
||||||
|
light.enable = true;
|
||||||
|
};
|
||||||
|
services = {
|
||||||
|
fwupd.enable = true;
|
||||||
|
openssh.enable = true;
|
||||||
|
};
|
||||||
|
virtualisation = {
|
||||||
|
docker.enable = true;
|
||||||
|
libvirtd.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
my.services = {
|
||||||
|
tailscale = {
|
||||||
|
enable = true;
|
||||||
|
useRoutingFeatures = "client";
|
||||||
|
};
|
||||||
|
|
||||||
|
pipewire.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
my.gui.enable = true;
|
||||||
|
my.displayManager.sddm.enable = lib.mkForce false;
|
||||||
|
|
||||||
|
hardware.bluetooth = {
|
||||||
|
enable = true;
|
||||||
|
powerOnBoot = false;
|
||||||
|
settings.General.Experimental = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
# Configure console keymap
|
||||||
|
console.keyMap = "us";
|
||||||
|
|
||||||
|
# Select internationalisation properties.
|
||||||
|
i18n.defaultLocale = "en_US.UTF-8";
|
||||||
|
i18n.extraLocaleSettings = {
|
||||||
|
LC_ADDRESS = "fr_FR.UTF-8";
|
||||||
|
LC_IDENTIFICATION = "fr_FR.UTF-8";
|
||||||
|
LC_MEASUREMENT = "fr_FR.UTF-8";
|
||||||
|
LC_MONETARY = "fr_FR.UTF-8";
|
||||||
|
LC_NAME = "fr_FR.UTF-8";
|
||||||
|
LC_PAPER = "fr_FR.UTF-8";
|
||||||
|
LC_TELEPHONE = "fr_FR.UTF-8";
|
||||||
|
};
|
||||||
|
|
||||||
|
# Enable the X11 windowing system.
|
||||||
|
services.xserver.enable = true;
|
||||||
|
|
||||||
|
# Enable the KDE Plasma Desktop Environment.
|
||||||
|
services.xserver.displayManager.sddm.enable = true;
|
||||||
|
services.xserver.desktopManager.plasma5.enable = true;
|
||||||
|
services.power-profiles-daemon.enable = true;
|
||||||
|
|
||||||
|
# Copy the NixOS configuration file and link it from the resulting system
|
||||||
|
# (/run/current-system/configuration.nix). This is useful in case you
|
||||||
|
# accidentally delete configuration.nix.
|
||||||
|
# system.copySystemConfiguration = true;
|
||||||
|
}
|
||||||
|
|
63
hosts/talos/disko-config.nix
Normal file
63
hosts/talos/disko-config.nix
Normal file
|
@ -0,0 +1,63 @@
|
||||||
|
{
|
||||||
|
disko.devices = {
|
||||||
|
disk = {
|
||||||
|
nvme0n1 = {
|
||||||
|
type = "disk";
|
||||||
|
device = "/dev/nvme0n1";
|
||||||
|
content = {
|
||||||
|
type = "gpt";
|
||||||
|
partitions = {
|
||||||
|
ESP = {
|
||||||
|
size = "512M";
|
||||||
|
type = "EF00";
|
||||||
|
content = {
|
||||||
|
type = "filesystem";
|
||||||
|
format = "vfat";
|
||||||
|
mountpoint = "/boot";
|
||||||
|
mountOptions = [
|
||||||
|
"defaults"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
luks = {
|
||||||
|
size = "100%";
|
||||||
|
content = {
|
||||||
|
type = "luks";
|
||||||
|
name = "crypted";
|
||||||
|
# disable settings.keyFile if you want to use interactive password entry
|
||||||
|
passwordFile = "/tmp/secret.key"; # Interactive
|
||||||
|
settings = {
|
||||||
|
allowDiscards = true;
|
||||||
|
#keyFile = "/tmp/secret.key";
|
||||||
|
};
|
||||||
|
#additionalKeyFiles = [ "/tmp/additionalSecret.key" ];
|
||||||
|
content = {
|
||||||
|
type = "btrfs";
|
||||||
|
extraArgs = [ "-f" ];
|
||||||
|
subvolumes = {
|
||||||
|
"/root" = {
|
||||||
|
mountpoint = "/";
|
||||||
|
mountOptions = [ "compress=zstd" "noatime" ];
|
||||||
|
};
|
||||||
|
"/home" = {
|
||||||
|
mountpoint = "/home";
|
||||||
|
mountOptions = [ "compress=zstd" "noatime" ];
|
||||||
|
};
|
||||||
|
"/nix" = {
|
||||||
|
mountpoint = "/nix";
|
||||||
|
mountOptions = [ "compress=zstd" "noatime" ];
|
||||||
|
};
|
||||||
|
"/swap" = {
|
||||||
|
mountpoint = "/.swapvol";
|
||||||
|
swap.swapfile.size = "8G";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
25
hosts/talos/hardware-configuration.nix
Normal file
25
hosts/talos/hardware-configuration.nix
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
|
# and may be overwritten by future invocations. Please make changes
|
||||||
|
# to /etc/nixos/configuration.nix instead.
|
||||||
|
{ config, lib, pkgs, modulesPath, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports =
|
||||||
|
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||||
|
];
|
||||||
|
|
||||||
|
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ];
|
||||||
|
boot.initrd.kernelModules = [ ];
|
||||||
|
boot.kernelModules = [ "kvm-amd" ];
|
||||||
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||||
|
# still possible to use this option, but it's recommended to use it in conjunction
|
||||||
|
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||||
|
networking.useDHCP = lib.mkDefault true;
|
||||||
|
# networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true;
|
||||||
|
|
||||||
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
|
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||||
|
}
|
46
hosts/talos/home.nix
Normal file
46
hosts/talos/home.nix
Normal file
|
@ -0,0 +1,46 @@
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
home-manager.users.alarsyo = {
|
||||||
|
my.home.laptop.enable = true;
|
||||||
|
|
||||||
|
# Keyboard settings & i3 settings
|
||||||
|
my.home.x.enable = true;
|
||||||
|
my.home.x.i3bar.temperature.chip = "k10temp-pci-*";
|
||||||
|
my.home.x.i3bar.temperature.inputs = ["Tctl"];
|
||||||
|
my.home.x.i3bar.networking.throughput_interfaces = ["wlp1s0"];
|
||||||
|
my.home.emacs.enable = true;
|
||||||
|
|
||||||
|
my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight;
|
||||||
|
|
||||||
|
# TODO: place in global home conf
|
||||||
|
services.dunst.enable = true;
|
||||||
|
|
||||||
|
home.packages = builtins.attrValues {
|
||||||
|
inherit
|
||||||
|
(pkgs)
|
||||||
|
# some websites only work there :(
|
||||||
|
|
||||||
|
chromium
|
||||||
|
darktable
|
||||||
|
# dev
|
||||||
|
|
||||||
|
rustup
|
||||||
|
gdb
|
||||||
|
valgrind
|
||||||
|
arandr
|
||||||
|
zotero
|
||||||
|
;
|
||||||
|
|
||||||
|
#inherit
|
||||||
|
# (pkgs.packages)
|
||||||
|
# ansel
|
||||||
|
# spot
|
||||||
|
# ;
|
||||||
|
|
||||||
|
inherit (pkgs.wineWowPackages) stable;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
23
hosts/talos/secrets.nix
Normal file
23
hosts/talos/secrets.nix
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
options,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
config.age = {
|
||||||
|
secrets = let
|
||||||
|
toSecret = name: {...} @ attrs:
|
||||||
|
{
|
||||||
|
file = ./../../modules/secrets + "/${name}.age";
|
||||||
|
}
|
||||||
|
// attrs;
|
||||||
|
in
|
||||||
|
lib.mapAttrs toSecret {
|
||||||
|
#"restic-backup/hephaestus-credentials" = {};
|
||||||
|
#"restic-backup/hephaestus-password" = {};
|
||||||
|
|
||||||
|
"users/alarsyo-hashed-password" = {};
|
||||||
|
"users/root-hashed-password" = {};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -5,9 +5,10 @@ let
|
||||||
boreal = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAagal1aqZh52wEmgsw7fkCzO41o4Cx+nV4wJGZuX1RP root@boreal";
|
boreal = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAagal1aqZh52wEmgsw7fkCzO41o4Cx+nV4wJGZuX1RP root@boreal";
|
||||||
hades = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMxw8CtKUPAiPdKDEnuS7UyRrZN5BkUwsy5UPVF8V+lt root@hades";
|
hades = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMxw8CtKUPAiPdKDEnuS7UyRrZN5BkUwsy5UPVF8V+lt root@hades";
|
||||||
hephaestus = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA7Cp+n5+huof68QlAoJV8bVf5h5p9kEZFAVpltWopdL root@hephaestus";
|
hephaestus = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA7Cp+n5+huof68QlAoJV8bVf5h5p9kEZFAVpltWopdL root@hephaestus";
|
||||||
|
talos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMBYcmL9HZJ9SqB9OJwQ0Nt6ZbvHZTS+fzM8A6D5MPZs root@talos";
|
||||||
thanatos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID8JEAWk/8iSl8fN6/f76JkmVFwtyixTpLol4zSVsnVw root@thanatos";
|
thanatos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID8JEAWk/8iSl8fN6/f76JkmVFwtyixTpLol4zSVsnVw root@thanatos";
|
||||||
|
|
||||||
machines = [boreal hades hephaestus thanatos];
|
machines = [boreal hades hephaestus talos thanatos];
|
||||||
|
|
||||||
all = users ++ machines;
|
all = users ++ machines;
|
||||||
in {
|
in {
|
||||||
|
|
Binary file not shown.
|
@ -1,15 +1,15 @@
|
||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 YWMQkg i+/8YGSMh0M3Z0qvZebnAmZzr78cnp0TDMUr/FvSyj8
|
-> ssh-ed25519 YWMQkg mb17MHdKPO5SDXOslq38CjHLKy063L1KyN2wT85fGlE
|
||||||
YQm2rXUoM2l1zh4AD6LHBvgDgsRYdiZWgycu1OabiaA
|
3JnWLwx2cNmBC1vpS9KAwZQIy7B/vqLZ9QwQYNY4wMQ
|
||||||
-> ssh-ed25519 pX8y2g Vrn1mB2TH0EGY6uB9hfRu3LaLNp5hjwgLCV4xHQ3UDc
|
-> ssh-ed25519 pX8y2g mvykS4XrUSwe68MteVV52u95oySHdzRlMGVFjhQQrx8
|
||||||
2zZBeLqqs6PAAywIs7v3aLb4tFydwrV6iqGJcZkDbY8
|
ztoGz8OrTMRH/0NPfnQXrVBA0Uyuuc2b0dlOXToq85U
|
||||||
-> ssh-ed25519 SYm+hA PbPD9hhKTAqOFwY0RNtq0tNZnmwC7B0BWCcEp4MBEQ0
|
-> ssh-ed25519 SYm+hA TiL9r8l1nIvOMUpFaYmZ/5d6DRxcMHMICjrTfmbC7Wc
|
||||||
qoXYrSuGtWQX6FlNIgVCkwRy5He/SVi3VHrbPHQvpf0
|
GfivQi5vzTUfYDVjwSxNA8t/tKtRu0QAGE+kPr4u1+I
|
||||||
-> ssh-ed25519 6UUuZw 4pyEkmESRYwA3cURKdWtJ9w5K72y6qNqNXRb+oexoGA
|
-> ssh-ed25519 nh0dAQ 9agb3Zl/7+mAIH7bcIXbY2KrHDZAjugAfKbQ0OAhIQQ
|
||||||
UBa59ClPat1rl4r/BBWHhea1YBLBiyaoHvoYrgnkZhk
|
kPzKALS6Wrr5zUJngqjwGV6w5prKMWlj/WY2qi2ck4M
|
||||||
-> ssh-ed25519 k2gHjw Ef7VgulblvO2b6gUlSa7MqAJMm/0E4z9kOLGuuy+MyY
|
-> ssh-ed25519 6UUuZw 36Uu//D8HuiRHFN0GOAyLxI0J3yBrTSBXuBG9pTVZA8
|
||||||
ede5dtwJpTaDdtFGtNdrv+dfF/V/qmCR+vjC0vhv7WQ
|
KTMmUW8MvVtUm4Xjyz0JGDdz4H7Y5KxLPDeYPc0dfl4
|
||||||
-> 2}s-grease
|
-> ssh-ed25519 k2gHjw D3OD07mu/YnR3xVhhbX4UoChpAWSG4CYIkmQZclsjQc
|
||||||
H1mgdyEhmM8weQ+JKPeLvHRb4XsD+zglY5RI428sqRhUSoOX3P8
|
kgqZizkSgB5p+1ZRd0tP/bBxZ92jt6fvAcNZe3MmgoE
|
||||||
--- F/H59tq65rdlR0xSltrmJ8FJZaLVIQPAiruY0R8xpYM
|
--- ZuL2dvQ6+hac47fRdRWl4VHl2sRIvnF80d37EZKq94I
|
||||||
š‚b’¢ß$‹ <E280B9>(cmQ-:†+'€¥TKakyxÝyÍÃêö._Å5Ò~ïY6†ê„@KÒîéÊ’jõ¢é®8’æÙ„óI '#€®Ñ9W‡<ØÓè'çÖ¨çi’׈ZOñz¥
|
JûÖ)ÁFrÁÞ@+¤·4rFOL5|ãžµ³ÐË®Åq¦[½Pm;a›H¼î<¢fÛÍI8:èÝ
™.°ÑÚâ Ô+Ȥњ6êS Т<C390>ùÏvÍ;õÊ:ÛØÙhøˆû§3úX¢R¹}ÑE^
|
23
talos.nix
Normal file
23
talos.nix
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
{...}: {
|
||||||
|
imports = [
|
||||||
|
# Default configuration
|
||||||
|
./base
|
||||||
|
|
||||||
|
# Module definitions
|
||||||
|
./modules
|
||||||
|
|
||||||
|
# Service definitions
|
||||||
|
./services
|
||||||
|
|
||||||
|
# Host-specific config
|
||||||
|
./hosts/talos
|
||||||
|
];
|
||||||
|
|
||||||
|
# This value determines the NixOS release from which the default
|
||||||
|
# settings for stateful data, like file locations and database versions
|
||||||
|
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||||
|
# this value at the release version of the first install of this system.
|
||||||
|
# Before changing this value read the documentation for this option
|
||||||
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
|
system.stateVersion = "24.05"; # Did you read the comment?
|
||||||
|
}
|
Loading…
Reference in a new issue