fixing up biski config

3 files changed, 219 insertions, 0 deletions

diff --git a/machines/biski/default.nix b/machines/biski/default.nix
new file mode 100644
index 0000000..5dc0bc8
--- /dev/null
+++ b/machines/biski/default.nix
@@ -0,0 +1,84 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running `nixos-help`).
+
+{ config, pkgs, ... }:
+
+{
+  imports =
+    [ # Include the results of the hardware scan.
+      # /home/defin/hardware-configuration.nix
+      ./hardware-configuration.nix
+      # /tmp/etc/nixos/hardware-configuartion.nix
+      ./disko.nix
+
+      ../../modules/nixos/nix-common.nix
+      ../../modules/nixos/environment.nix
+      ../../modules/nixos/tailscale.nix
+      ../../modules/nixos/system-packages.nix
+
+      ../../modules/users/defin.nix
+      ../../modules/users/git.nix
+      ../../modules/users/root.nix
+    ];
+
+  # Use the systemd-boot EFI boot loader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "biski"; # Define your hostname.
+
+  services.tailscale.useRoutingFeatures = "both";
+  
+  security.pam.sshAgentAuth.enable = true;
+
+  # Set your time zone.
+  time.timeZone = "US/Mountain";
+
+  # Configure network proxy if necessary
+  # networking.proxy.default = "http://user:password@proxy:port/";
+  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+  # Select internationalisation properties.
+  # i18n.defaultLocale = "en_US.UTF-8";
+  # console = {
+  #   font = "Lat2-Terminus16";
+  #   keyMap = "us";
+  #   useXkbConfig = true; # use xkbOptions in tty.
+  # };
+
+
+  # Some programs need SUID wrappers, can be configured further or are
+  # started in user sessions.
+  programs.mtr.enable = true;
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+  };
+
+  # Enable the OpenSSH daemon.
+  services.openssh = {
+    enable = true;
+    settings.X11Forwarding = true;
+  };
+
+  # Open ports in the firewall.
+  # networking.firewall.allowedTCPPorts = [ ... ];
+  # networking.firewall.allowedUDPPorts = [ ... ];
+  # Or disable the firewall altogether.
+  # networking.firewall.enable = false;
+
+  # Copy the NixOS configuration file and link it from the resulting system
+  # (/run/current-system/configuration.nix). This is useful in case you
+  # accidentally delete configuration.nix.
+  # system.copySystemConfiguration = true;
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It's perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "24.11"; # Did you read the comment?
+}
+
diff --git a/machines/biski/disko.nix b/machines/biski/disko.nix
new file mode 100644
index 0000000..9f50b2e
--- /dev/null
+++ b/machines/biski/disko.nix
@@ -0,0 +1,64 @@
+{
+   # required by impermanence
+  fileSystems."/persist".neededForBoot = true;
+
+  disko.devices = {
+    disk.sda = {
+      type = "disk";
+      device = "/dev/sda";
+      content = {
+        type = "gpt";
+        partitions = {
+          ESP = {
+            label = "boot";
+            name = "ESP";
+            size = "512M";
+            type = "EF00";
+            content = {
+              type = "filesystem";
+              format = "vfat";
+              mountpoint = "/boot";
+              mountOptions = [
+                "defaults"
+              ];
+            };
+          };
+          root = {
+            size = "100%";
+            label = "root";
+            content = {
+              type = "btrfs";
+              extraArgs = [ "-L" "nixos" "-f"];
+              subvolumes = {
+                "@root" = {
+                  mountpoint = "/";
+                  mountOptions = [ "subvol=root" "compress-force=zstd:2"];
+                };
+                "@home" = {
+                  mountpoint = "/home";
+                  mountOptions = [ "subvol=home" "compress-force=zstd:2"];
+                };
+                "@nix" = {
+                  mountpoint = "/nix";
+                  mountOptions = [ "subvol=nix" "compress-force=zstd:2"];
+                };
+                "@persist" = {
+                  mountpoint = "/persist";
+                  mountOptions = [ "subvol=persist" "compress-force=zstd:2"];
+                };
+                "@log" = {
+                  mountpoint = "/var/log";
+                  mountOptions = [ "subvol=log" "compress-force=zstd:2"];
+                };
+                "@swap" = {
+                  mountpoint = "/swap";
+                  swap.swapfile.size = "8G";
+                };
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}
diff --git a/machines/biski/hardware-configuration.nix b/machines/biski/hardware-configuration.nix
new file mode 100644
index 0000000..9010b7b
--- /dev/null
+++ b/machines/biski/hardware-configuration.nix
@@ -0,0 +1,71 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" "sdhci_pci" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-partlabel/root";
+      fsType = "btrfs";
+      options = [ "subvol=@root" ];
+    };
+
+  fileSystems."/nix" =
+    { device = "/dev/disk/by-partlabel/root";
+      fsType = "btrfs";
+      options = [ "subvol=@nix" ];
+    };
+
+  fileSystems."/persist" =
+    { device = "/dev/disk/by-partlabel/root";
+      fsType = "btrfs";
+      options = [ "subvol=@persist" ];
+    };
+
+  fileSystems."/var/log" =
+    { device = "/dev/disk/by-partlabel/root";
+      fsType = "btrfs";
+      options = [ "subvol=@log" ];
+    };
+
+  fileSystems."/home" =
+    { device = "/dev/disk/by-partlabel/root";
+      fsType = "btrfs";
+      options = [ "subvol=@home" ];
+    };
+
+  fileSystems."/swap" =
+    { device = "/dev/disk/by-partlabel/root";
+      fsType = "btrfs";
+      options = [ "subvol=@swap" ];
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-partlabel/boot";
+      fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" ];
+    };
+
+  swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
+  # networking.interfaces.tailscale0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}