diff options
| -rw-r--r-- | flake.lock | 22 | ||||
| -rw-r--r-- | flake.nix | 11 | ||||
| -rw-r--r-- | machines/biski/default.nix | 82 | ||||
| -rw-r--r-- | machines/biski/disko.nix | 64 | ||||
| -rw-r--r-- | machines/biski/hardware-configuration.nix | 71 | ||||
| -rw-r--r-- | modules/users/defin.nix | 1 |
6 files changed, 251 insertions, 0 deletions
@@ -145,6 +145,27 @@ "type": "github" } }, + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1736864502, + "narHash": "sha256-ItkIZyebGvNH2dK9jVGzJHGPtb6BSWLN8Gmef16NeY0=", + "owner": "nix-community", + "repo": "disko", + "rev": "0141aabed359f063de7413f80d906e1d98c0c123", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "latest", + "repo": "disko", + "type": "github" + } + }, "flake-compat": { "flake": false, "locked": { @@ -682,6 +703,7 @@ "catppuccin-helix": "catppuccin-helix", "catppuccin-hyprland": "catppuccin-hyprland", "catppuccin-starship": "catppuccin-starship", + "disko": "disko", "home-manager": "home-manager", "hyprland": "hyprland", "lix-module": "lix-module", @@ -19,6 +19,12 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + #for device formatting + disko = { + url = "github:nix-community/disko/latest"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + # modern window compositor hyprland = { url = "github:hyprwm/Hyprland"; @@ -223,6 +229,11 @@ home-manager.nixosModules.home-manager { home-manager.users.defin = import ./home-manager/default.nix; } ]; }; + biski = lib.nixosSystem { # another networking server, physical instead of cloud + modules = minimalConfigSettings ++ [ ./machines/biski + disko.nixosModules.disko + ]; + }; picast = lib.nixosSystem { # anger at chromecast modules = minimalConfigSettings ++ [ ./machines/picast home-manager.nixosModules.home-manager { home-manager.users.defin = import ./home-manager/default.nix; } diff --git a/machines/biski/default.nix b/machines/biski/default.nix new file mode 100644 index 0000000..532ebe3 --- /dev/null +++ b/machines/biski/default.nix @@ -0,0 +1,82 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running `nixos-help`). + +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + # /home/defin/hardware-configuration.nix + ./hardware-configuration.nix + # /tmp/etc/nixos/hardware-configuartion.nix + ./disko.nix + + ../../modules/nixos/nix-common.nix + ../../modules/nixos/environment.nix + ../../modules/nixos/tailscale.nix + ../../modules/nixos/system-packages.nix + + ../../modules/users/defin.nix + ../../modules/users/git.nix + ../../modules/users/root.nix + ]; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostName = "biski"; # Define your hostname. + + security.pam.sshAgentAuth.enable = true; + + # Set your time zone. + time.timeZone = "US/Mountain"; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Select internationalisation properties. + # i18n.defaultLocale = "en_US.UTF-8"; + # console = { + # font = "Lat2-Terminus16"; + # keyMap = "us"; + # useXkbConfig = true; # use xkbOptions in tty. + # }; + + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + programs.mtr.enable = true; + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + + # Enable the OpenSSH daemon. + services.openssh = { + enable = true; + settings.X11Forwarding = true; + }; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It's perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "24.11"; # Did you read the comment? +} + diff --git a/machines/biski/disko.nix b/machines/biski/disko.nix new file mode 100644 index 0000000..9f50b2e --- /dev/null +++ b/machines/biski/disko.nix @@ -0,0 +1,64 @@ +{ + # required by impermanence + fileSystems."/persist".neededForBoot = true; + + disko.devices = { + disk.sda = { + type = "disk"; + device = "/dev/sda"; + content = { + type = "gpt"; + partitions = { + ESP = { + label = "boot"; + name = "ESP"; + size = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ + "defaults" + ]; + }; + }; + root = { + size = "100%"; + label = "root"; + content = { + type = "btrfs"; + extraArgs = [ "-L" "nixos" "-f"]; + subvolumes = { + "@root" = { + mountpoint = "/"; + mountOptions = [ "subvol=root" "compress-force=zstd:2"]; + }; + "@home" = { + mountpoint = "/home"; + mountOptions = [ "subvol=home" "compress-force=zstd:2"]; + }; + "@nix" = { + mountpoint = "/nix"; + mountOptions = [ "subvol=nix" "compress-force=zstd:2"]; + }; + "@persist" = { + mountpoint = "/persist"; + mountOptions = [ "subvol=persist" "compress-force=zstd:2"]; + }; + "@log" = { + mountpoint = "/var/log"; + mountOptions = [ "subvol=log" "compress-force=zstd:2"]; + }; + "@swap" = { + mountpoint = "/swap"; + swap.swapfile.size = "8G"; + }; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/machines/biski/hardware-configuration.nix b/machines/biski/hardware-configuration.nix new file mode 100644 index 0000000..dc2e787 --- /dev/null +++ b/machines/biski/hardware-configuration.nix @@ -0,0 +1,71 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" "sdhci_pci" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/8b016d79-af5b-4803-baa1-f1b4c1ba44b4"; + fsType = "btrfs"; + options = [ "subvol=@root" ]; + }; + + fileSystems."/nix" = + { device = "/dev/disk/by-uuid/8b016d79-af5b-4803-baa1-f1b4c1ba44b4"; + fsType = "btrfs"; + options = [ "subvol=@nix" ]; + }; + + fileSystems."/persist" = + { device = "/dev/disk/by-uuid/8b016d79-af5b-4803-baa1-f1b4c1ba44b4"; + fsType = "btrfs"; + options = [ "subvol=@persist" ]; + }; + + fileSystems."/var/log" = + { device = "/dev/disk/by-uuid/8b016d79-af5b-4803-baa1-f1b4c1ba44b4"; + fsType = "btrfs"; + options = [ "subvol=@log" ]; + }; + + fileSystems."/home" = + { device = "/dev/disk/by-uuid/8b016d79-af5b-4803-baa1-f1b4c1ba44b4"; + fsType = "btrfs"; + options = [ "subvol=@home" ]; + }; + + fileSystems."/swap" = + { device = "/dev/disk/by-uuid/8b016d79-af5b-4803-baa1-f1b4c1ba44b4"; + fsType = "btrfs"; + options = [ "subvol=@swap" ]; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/E24B-30F2"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + # networking.interfaces.tailscale0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/modules/users/defin.nix b/modules/users/defin.nix index 2777354..811c851 100644 --- a/modules/users/defin.nix +++ b/modules/users/defin.nix @@ -26,6 +26,7 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAB4QbGvZ0YX5Clw02R1ffDfdWl1xL4dLUdcgIxHeHm0 defin@betsy" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDUIumSjqtj2fhYJvrFOgJGgQ2oEJBbG9ARzunKDX9mH defin@fairphone5" "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCCNKc3MpAm0FkMy9KG2U+Qq5nk/WN/qvVbxUZzEjsFzELEJ/iDF8YQ6K8gyBDe85QQk/AhKBLdzd5ZZPdM5GP8= defin@fairphone5" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB5CATqAUsBWLTIaqtdAS/EO3L/04NwKEmnv7D68vO+a defin@biski" # keys for remote build "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPLx3RgUgbE7THS7hRZypyudEKffj0ppwQfQuxIpPf8H root@zenbook" ]; |