Compare commits
No commits in common. "528463e3d01b63e1e8aedce3d7c4c3ad7be9a9d4" and "82b25755db618428601f3c12b8b7da7cbff8fd66" have entirely different histories.
528463e3d0
...
82b25755db
7
data.nix
7
data.nix
@ -9,10 +9,6 @@
|
|||||||
password.file = ./secrets/machines/bicboye/password.age;
|
password.file = ./secrets/machines/bicboye/password.age;
|
||||||
root-password.file = ./secrets/machines/bicboye/root-password.age;
|
root-password.file = ./secrets/machines/bicboye/root-password.age;
|
||||||
};
|
};
|
||||||
smolboye = {
|
|
||||||
password.file = ./secrets/machines/smolboye/password.age;
|
|
||||||
root-password.file = ./secrets/machines/smolboye/root-password.age;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
monitoring = {
|
monitoring = {
|
||||||
grafana = {
|
grafana = {
|
||||||
@ -27,9 +23,6 @@
|
|||||||
gitea = {
|
gitea = {
|
||||||
password.file = ./secrets/services/gitea/password.age;
|
password.file = ./secrets/services/gitea/password.age;
|
||||||
};
|
};
|
||||||
mailserver = {
|
|
||||||
watashi.password.file = ./secrets/services/mailserver/watashi.age;
|
|
||||||
};
|
|
||||||
miniflux = {
|
miniflux = {
|
||||||
password.file = ./secrets/services/miniflux/password.age;
|
password.file = ./secrets/services/miniflux/password.age;
|
||||||
};
|
};
|
||||||
|
306
flake.lock
306
flake.lock
@ -25,22 +25,6 @@
|
|||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"blobs": {
|
|
||||||
"flake": false,
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1604995301,
|
|
||||||
"narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=",
|
|
||||||
"owner": "simple-nixos-mailserver",
|
|
||||||
"repo": "blobs",
|
|
||||||
"rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265",
|
|
||||||
"type": "gitlab"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "simple-nixos-mailserver",
|
|
||||||
"repo": "blobs",
|
|
||||||
"type": "gitlab"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"cachix": {
|
"cachix": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1635350005,
|
"lastModified": 1635350005,
|
||||||
@ -57,6 +41,29 @@
|
|||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"chaotic": {
|
||||||
|
"inputs": {
|
||||||
|
"fenix": "fenix",
|
||||||
|
"flake-schemas": "flake-schemas",
|
||||||
|
"home-manager": "home-manager",
|
||||||
|
"jovian": "jovian",
|
||||||
|
"nixpkgs": "nixpkgs"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1728001451,
|
||||||
|
"narHash": "sha256-Ost5YHSZZE4ZIKBcWsXC1c7g7n3kIqaNNjs5ula/lAI=",
|
||||||
|
"owner": "chaotic-cx",
|
||||||
|
"repo": "nyx",
|
||||||
|
"rev": "25f420d9cf70929455ba14642b92ae715ae8d792",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "chaotic-cx",
|
||||||
|
"ref": "nyxpkgs-unstable",
|
||||||
|
"repo": "nyx",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"crane": {
|
"crane": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
@ -129,11 +136,11 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728334376,
|
"lastModified": 1727977578,
|
||||||
"narHash": "sha256-CTKEKPzD/j8FK6H4DO3EjyixZd3HHvgAgfnCwpGFP5c=",
|
"narHash": "sha256-DBORKcmQ7ZjA4qE1MsnF1MmZSokOGrw4W9vTCioOv2U=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "disko",
|
"repo": "disko",
|
||||||
"rev": "d39ee334984fcdae6244f5a8e6ab857479cbaefe",
|
"rev": "574400001b3ffe555c7a21e0ff846230759be2ed",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -142,6 +149,28 @@
|
|||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"fenix": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"chaotic",
|
||||||
|
"nixpkgs"
|
||||||
|
],
|
||||||
|
"rust-analyzer-src": "rust-analyzer-src"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1727937235,
|
||||||
|
"narHash": "sha256-Ih4RD65WZZDgtla9Uh8zm6gQJ1zgkXkiU4HKtEwQjvI=",
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "fenix",
|
||||||
|
"rev": "381781f96b880c2ced9019a9e2406b31ccea82b4",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "fenix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"firefox": {
|
"firefox": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"cachix": "cachix",
|
"cachix": "cachix",
|
||||||
@ -153,11 +182,11 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728447673,
|
"lastModified": 1728004272,
|
||||||
"narHash": "sha256-j4rc9wVALYe2YlnwSBZKE0EUzZBtXTPpyYR0fbEkUUo=",
|
"narHash": "sha256-7UCbRuv1/G27sVwyTtkYO6Jjdnqx182SzofIvw7FmEs=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "flake-firefox-nightly",
|
"repo": "flake-firefox-nightly",
|
||||||
"rev": "3754282f60a0fdfe100f524e28cb763b027e2b4c",
|
"rev": "6237aca65390a09acf0c51e3f31448db080066f4",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -214,22 +243,6 @@
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-compat_4": {
|
"flake-compat_4": {
|
||||||
"flake": false,
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1696426674,
|
|
||||||
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
|
||||||
"owner": "edolstra",
|
|
||||||
"repo": "flake-compat",
|
|
||||||
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "edolstra",
|
|
||||||
"repo": "flake-compat",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"flake-compat_5": {
|
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1650374568,
|
"lastModified": 1650374568,
|
||||||
@ -266,6 +279,20 @@
|
|||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"flake-schemas": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1721999734,
|
||||||
|
"narHash": "sha256-G5CxYeJVm4lcEtaO87LKzOsVnWeTcHGKbKxNamNWgOw=",
|
||||||
|
"rev": "0a5c42297d870156d9c57d8f99e476b738dcd982",
|
||||||
|
"revCount": 75,
|
||||||
|
"type": "tarball",
|
||||||
|
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/flake-schemas/0.1.5/0190ef2f-61e0-794b-ba14-e82f225e55e6/source.tar.gz"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"type": "tarball",
|
||||||
|
"url": "https://flakehub.com/f/DeterminateSystems/flake-schemas/%3D0.1.5.tar.gz"
|
||||||
|
}
|
||||||
|
},
|
||||||
"flake-utils": {
|
"flake-utils": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"systems": "systems_3"
|
"systems": "systems_3"
|
||||||
@ -434,15 +461,16 @@
|
|||||||
"home-manager": {
|
"home-manager": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
"chaotic",
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728337164,
|
"lastModified": 1727817100,
|
||||||
"narHash": "sha256-VdRTjJFyq4Q9U7Z/UoC2Q5jK8vSo6E86lHc2OanXtvc=",
|
"narHash": "sha256-dlyV9/eiWkm/Y/t2+k4CFZ29tBvCANmJogEYaHeAOTw=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "038630363e7de57c36c417fd2f5d7c14773403e4",
|
"rev": "437ec62009fa8ceb684eb447d455ffba25911cf9",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -451,6 +479,48 @@
|
|||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"home-manager_2": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1728026342,
|
||||||
|
"narHash": "sha256-3mGqKM1jSkc2DrJvR/HCTav0Chd1n8/s1eJ9Y5GzNVM=",
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "home-manager",
|
||||||
|
"rev": "30e04f3d477256de3eb6a7cff608e220087537d4",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "home-manager",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"jovian": {
|
||||||
|
"inputs": {
|
||||||
|
"nix-github-actions": "nix-github-actions",
|
||||||
|
"nixpkgs": [
|
||||||
|
"chaotic",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1727865565,
|
||||||
|
"narHash": "sha256-SBcqfosxb0XlKdIz6QGXCnK4W/TEVHLDZHkRHZ8Me60=",
|
||||||
|
"owner": "Jovian-Experiments",
|
||||||
|
"repo": "Jovian-NixOS",
|
||||||
|
"rev": "703c0ac8432f3758987e0788248ddc1a8e0bf412",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "Jovian-Experiments",
|
||||||
|
"repo": "Jovian-NixOS",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"lanzaboote": {
|
"lanzaboote": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"crane": "crane",
|
"crane": "crane",
|
||||||
@ -463,11 +533,11 @@
|
|||||||
"rust-overlay": "rust-overlay"
|
"rust-overlay": "rust-overlay"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728199407,
|
"lastModified": 1727792571,
|
||||||
"narHash": "sha256-x4G0ja//3pT/epOvwxKR1XB7GAW7Yuwiy6RYCOgRjuQ=",
|
"narHash": "sha256-KBzRQVE1j2vrSg8WfYJ+vEvFBC25+2VsFSK7VL2kc1M=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "lanzaboote",
|
"repo": "lanzaboote",
|
||||||
"rev": "0bc127c631999c9555cae2b0cdad2128ff058259",
|
"rev": "e2365a1d8dccdcf4bca5111672e80df67d90957d",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -482,11 +552,11 @@
|
|||||||
"nixpkgs-lib": "nixpkgs-lib"
|
"nixpkgs-lib": "nixpkgs-lib"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728216729,
|
"lastModified": 1727710043,
|
||||||
"narHash": "sha256-HsisE2yMld0LckvQ3v/00bXFg11E5Q2XI8taPUewDPA=",
|
"narHash": "sha256-NpTnTg8oOVvntlTi/t8BUe5msrMmkiZFiOW22fc7B+g=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "lib-aggregate",
|
"repo": "lib-aggregate",
|
||||||
"rev": "6c4cf448d33ce86bcc06c6d50bcecc33666105ee",
|
"rev": "d03a5f88a345d26ca13918071d42dcc960233183",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -569,82 +639,67 @@
|
|||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixos-hardware": {
|
"nix-github-actions": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"chaotic",
|
||||||
|
"jovian",
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728269138,
|
"lastModified": 1690328911,
|
||||||
"narHash": "sha256-oKxDImsOvgUZMY4NwXVyUc/c1HiU2qInX+b5BU0yXls=",
|
"narHash": "sha256-fxtExYk+aGf2YbjeWQ8JY9/n9dwuEt+ma1eUFzF8Jeo=",
|
||||||
"owner": "nixos",
|
"owner": "zhaofengli",
|
||||||
"repo": "nixos-hardware",
|
"repo": "nix-github-actions",
|
||||||
"rev": "ecfcd787f373f43307d764762e139a7cdeb9c22b",
|
"rev": "96df4a39c52f53cb7098b923224d8ce941b64747",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "nixos",
|
"owner": "zhaofengli",
|
||||||
"repo": "nixos-hardware",
|
"ref": "matrix-name",
|
||||||
|
"repo": "nix-github-actions",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixos-mailserver": {
|
"nixos-hardware": {
|
||||||
"inputs": {
|
|
||||||
"blobs": "blobs",
|
|
||||||
"flake-compat": "flake-compat_4",
|
|
||||||
"nixpkgs": [
|
|
||||||
"nixpkgs"
|
|
||||||
],
|
|
||||||
"nixpkgs-24_05": "nixpkgs-24_05"
|
|
||||||
},
|
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1722877200,
|
"lastModified": 1727665282,
|
||||||
"narHash": "sha256-qgKDNJXs+od+1UbRy62uk7dYal3h98I4WojfIqMoGcg=",
|
"narHash": "sha256-oKtfbQB1MBypqIyzkC8QCQcVGOa1soaXaGgcBIoh14o=",
|
||||||
"owner": "simple-nixos-mailserver",
|
"owner": "nixos",
|
||||||
"repo": "nixos-mailserver",
|
"repo": "nixos-hardware",
|
||||||
"rev": "af7d3bf5daeba3fc28089b015c0dd43f06b176f2",
|
"rev": "11c43c830e533dad1be527ecce379fcf994fbbb5",
|
||||||
"type": "gitlab"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "simple-nixos-mailserver",
|
"owner": "nixos",
|
||||||
"repo": "nixos-mailserver",
|
"repo": "nixos-hardware",
|
||||||
"type": "gitlab"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728241625,
|
"lastModified": 1727802920,
|
||||||
"narHash": "sha256-yumd4fBc/hi8a9QgA9IT8vlQuLZ2oqhkJXHPKxH/tRw=",
|
"narHash": "sha256-HP89HZOT0ReIbI7IJZJQoJgxvB2Tn28V6XS3MNKnfLs=",
|
||||||
"owner": "nixos",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "c31898adf5a8ed202ce5bea9f347b1c6871f32d1",
|
"rev": "27e30d177e57d912d614c88c622dcfdb2e6e6515",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "nixos",
|
"owner": "NixOS",
|
||||||
"ref": "nixos-unstable",
|
"ref": "nixos-unstable",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs-24_05": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1717144377,
|
|
||||||
"narHash": "sha256-F/TKWETwB5RaR8owkPPi+SPJh83AQsm6KrQAlJ8v/uA=",
|
|
||||||
"owner": "NixOS",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "805a384895c696f802a9bf5bf4720f37385df547",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"id": "nixpkgs",
|
|
||||||
"ref": "nixos-24.05",
|
|
||||||
"type": "indirect"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"nixpkgs-lib": {
|
"nixpkgs-lib": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728176478,
|
"lastModified": 1727571693,
|
||||||
"narHash": "sha256-px3Q0W//c+mZ4kPMXq4poztsjtXM1Ja1rN+825YMDUQ=",
|
"narHash": "sha256-b7sFVeqMtz8xntCL3tBY3O8suTg5PeF53LTL3eCcKyc=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixpkgs.lib",
|
"repo": "nixpkgs.lib",
|
||||||
"rev": "b61309c3c1b6013d36299bc8285612865b3b9e4c",
|
"rev": "bb58a3bf239e03fca9d51062e2fe028a4ea5a3d1",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -669,13 +724,29 @@
|
|||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"nixpkgs_2": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1727802920,
|
||||||
|
"narHash": "sha256-HP89HZOT0ReIbI7IJZJQoJgxvB2Tn28V6XS3MNKnfLs=",
|
||||||
|
"owner": "nixos",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "27e30d177e57d912d614c88c622dcfdb2e6e6515",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nixos",
|
||||||
|
"ref": "nixos-unstable",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"nur": {
|
"nur": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728456140,
|
"lastModified": 1728027550,
|
||||||
"narHash": "sha256-40f5wx98+EgmkOhOWcAYKnKaFM1hZ2wZK6mptjdNcwo=",
|
"narHash": "sha256-be13RazohHlmNJPH/zK9SGns8O0iLfwYzk77sZDB30o=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nur",
|
"repo": "nur",
|
||||||
"rev": "61ba1d0514cc732cd0079a33d3b605d836600503",
|
"rev": "c9c5e4e57b475f94fa0ba622611428b8fa3bd1cc",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -714,22 +785,39 @@
|
|||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"agenix": "agenix",
|
"agenix": "agenix",
|
||||||
|
"chaotic": "chaotic",
|
||||||
"deploy-rs": "deploy-rs",
|
"deploy-rs": "deploy-rs",
|
||||||
"disko": "disko",
|
"disko": "disko",
|
||||||
"firefox": "firefox",
|
"firefox": "firefox",
|
||||||
"home-manager": "home-manager",
|
"home-manager": "home-manager_2",
|
||||||
"lanzaboote": "lanzaboote",
|
"lanzaboote": "lanzaboote",
|
||||||
"maych-in": "maych-in",
|
"maych-in": "maych-in",
|
||||||
"nil": "nil",
|
"nil": "nil",
|
||||||
"nixos-hardware": "nixos-hardware",
|
"nixos-hardware": "nixos-hardware",
|
||||||
"nixos-mailserver": "nixos-mailserver",
|
"nixpkgs": "nixpkgs_2",
|
||||||
"nixpkgs": "nixpkgs",
|
|
||||||
"nur": "nur",
|
"nur": "nur",
|
||||||
"snowfall-lib": "snowfall-lib",
|
"snowfall-lib": "snowfall-lib",
|
||||||
"srvos": "srvos",
|
"srvos": "srvos",
|
||||||
"wezterm": "wezterm"
|
"wezterm": "wezterm"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"rust-analyzer-src": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1727778987,
|
||||||
|
"narHash": "sha256-OTI1eKQ3WIkj6q8PROpPY1vhaxYRdiS1btSfBowQPps=",
|
||||||
|
"owner": "rust-lang",
|
||||||
|
"repo": "rust-analyzer",
|
||||||
|
"rev": "e1a76671af2fbc74c84c18ba18fcda5e653d7531",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "rust-lang",
|
||||||
|
"ref": "nightly",
|
||||||
|
"repo": "rust-analyzer",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"rust-overlay": {
|
"rust-overlay": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
@ -795,7 +883,7 @@
|
|||||||
},
|
},
|
||||||
"snowfall-lib": {
|
"snowfall-lib": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-compat": "flake-compat_5",
|
"flake-compat": "flake-compat_4",
|
||||||
"flake-utils-plus": "flake-utils-plus",
|
"flake-utils-plus": "flake-utils-plus",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixpkgs"
|
"nixpkgs"
|
||||||
@ -822,11 +910,11 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1728372701,
|
"lastModified": 1727991738,
|
||||||
"narHash": "sha256-n+o0AChteJB6UQjHvvhL1BNgE9npEFSFXEgDd+3C5wk=",
|
"narHash": "sha256-bNy/zyUOp381G/KMiIfM5qD9fD+gMs2y3IdSlTKT4r8=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "srvos",
|
"repo": "srvos",
|
||||||
"rev": "a2a8f68d881be57c8898c305438aa50cf71ae4b1",
|
"rev": "c20ad69680e9f62fabc32c511c3964b8af55f955",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -972,11 +1060,11 @@
|
|||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"dir": "nix",
|
"dir": "nix",
|
||||||
"lastModified": 1728322634,
|
"lastModified": 1727585736,
|
||||||
"narHash": "sha256-cUnwLCSc59Sx3E+meVlVUMfyROr0aToWPID7UA6PZvg=",
|
"narHash": "sha256-vEkcyKdFpfWbrtZlB5DCjNCmI2GudIJuHstWo3F9gL8=",
|
||||||
"owner": "wez",
|
"owner": "wez",
|
||||||
"repo": "wezterm",
|
"repo": "wezterm",
|
||||||
"rev": "ed430415ee69279ea692358525196ad7d4c965b8",
|
"rev": "a2f2c07a29f5c98f6736cde0c86b24887f9fd48a",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
19
flake.nix
19
flake.nix
@ -19,8 +19,10 @@
|
|||||||
|
|
||||||
systems.modules.nixos = with inputs; [
|
systems.modules.nixos = with inputs; [
|
||||||
agenix.nixosModules.age
|
agenix.nixosModules.age
|
||||||
|
chaotic.nixosModules.default
|
||||||
disko.nixosModules.disko
|
disko.nixosModules.disko
|
||||||
srvos.nixosModules.common
|
srvos.nixosModules.common
|
||||||
|
srvos.nixosModules.mixins-systemd-boot
|
||||||
inputs.lanzaboote.nixosModules.lanzaboote
|
inputs.lanzaboote.nixosModules.lanzaboote
|
||||||
];
|
];
|
||||||
|
|
||||||
@ -31,19 +33,11 @@
|
|||||||
inherit userdata;
|
inherit userdata;
|
||||||
};
|
};
|
||||||
# TODO: setup atticd
|
# TODO: setup atticd
|
||||||
systems.hosts.bicboye.modules = [
|
systems.hosts.bicboye.modules = [inputs.srvos.nixosModules.server];
|
||||||
inputs.srvos.nixosModules.server
|
|
||||||
inputs.srvos.nixosModules.mixins-systemd-boot
|
|
||||||
];
|
|
||||||
systems.hosts.bicboye.specialArgs = {
|
systems.hosts.bicboye.specialArgs = {
|
||||||
inherit userdata;
|
inherit userdata;
|
||||||
};
|
};
|
||||||
systems.hosts.smolboye.modules = [
|
systems.hosts.smolboye.modules = [inputs.srvos.nixosModules.server];
|
||||||
inputs.nixos-hardware.nixosModules.common-cpu-intel
|
|
||||||
];
|
|
||||||
systems.hosts.smolboye.specialArgs = {
|
|
||||||
inherit userdata;
|
|
||||||
};
|
|
||||||
|
|
||||||
homes.modules = with inputs; [
|
homes.modules = with inputs; [
|
||||||
nur.hmModules.nur
|
nur.hmModules.nur
|
||||||
@ -80,6 +74,8 @@
|
|||||||
agenix.inputs.nixpkgs.follows = "nixpkgs";
|
agenix.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
agenix.inputs.home-manager.follows = "nixpkgs";
|
agenix.inputs.home-manager.follows = "nixpkgs";
|
||||||
|
|
||||||
|
chaotic.url = "github:chaotic-cx/nyx/nyxpkgs-unstable";
|
||||||
|
|
||||||
deploy-rs.url = "github:serokell/deploy-rs";
|
deploy-rs.url = "github:serokell/deploy-rs";
|
||||||
deploy-rs.inputs.nixpkgs.follows = "nixpkgs";
|
deploy-rs.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
|
||||||
@ -107,9 +103,6 @@
|
|||||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||||
nixos-hardware.url = "github:nixos/nixos-hardware";
|
nixos-hardware.url = "github:nixos/nixos-hardware";
|
||||||
|
|
||||||
nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver";
|
|
||||||
nixos-mailserver.inputs.nixpkgs.follows = "nixpkgs";
|
|
||||||
|
|
||||||
nur.url = "github:nix-community/nur";
|
nur.url = "github:nix-community/nur";
|
||||||
|
|
||||||
snowfall-lib.url = "github:snowfallorg/lib";
|
snowfall-lib.url = "github:snowfallorg/lib";
|
||||||
|
@ -2,6 +2,7 @@ _: {
|
|||||||
snowfallorg.user.enable = true;
|
snowfallorg.user.enable = true;
|
||||||
snowfallorg.user.name = "server";
|
snowfallorg.user.name = "server";
|
||||||
|
|
||||||
|
# snowflake.development.git.enable = true;
|
||||||
snowflake.development.helix.enable = true;
|
snowflake.development.helix.enable = true;
|
||||||
snowflake.development.tmux.enable = true;
|
snowflake.development.tmux.enable = true;
|
||||||
snowflake.shell.fish.enable = true;
|
snowflake.shell.fish.enable = true;
|
||||||
|
@ -1,10 +0,0 @@
|
|||||||
_: {
|
|
||||||
snowfallorg.user.enable = true;
|
|
||||||
snowfallorg.user.name = "server";
|
|
||||||
|
|
||||||
snowflake.development.helix.enable = true;
|
|
||||||
snowflake.development.tmux.enable = true;
|
|
||||||
snowflake.shell.fish.enable = true;
|
|
||||||
|
|
||||||
home.stateVersion = "24.11";
|
|
||||||
}
|
|
@ -20,11 +20,6 @@
|
|||||||
description = "Timezone to use for the system";
|
description = "Timezone to use for the system";
|
||||||
default = "Asia/Kolkata";
|
default = "Asia/Kolkata";
|
||||||
};
|
};
|
||||||
bootloader = lib.mkOption {
|
|
||||||
type = lib.types.enum ["systemd-boot" "grub"];
|
|
||||||
description = "Bootloader to use, can be either `systemd-boot` or `grub`";
|
|
||||||
default = "systemd-boot";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
@ -43,7 +38,7 @@
|
|||||||
snowflake.core.sshd.enable = lib.mkDefault true;
|
snowflake.core.sshd.enable = lib.mkDefault true;
|
||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
initrd.systemd.enable = config.snowflake.bootloader == "systemd-boot";
|
initrd.systemd.enable = true;
|
||||||
initrd.verbose = false;
|
initrd.verbose = false;
|
||||||
# Default to the latest kernel package.
|
# Default to the latest kernel package.
|
||||||
kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
|
kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
|
||||||
@ -55,16 +50,10 @@
|
|||||||
efi.canTouchEfiVariables = true;
|
efi.canTouchEfiVariables = true;
|
||||||
# Use systemd-boot for all systems.
|
# Use systemd-boot for all systems.
|
||||||
systemd-boot = {
|
systemd-boot = {
|
||||||
enable = config.snowflake.bootloader == "systemd-boot";
|
enable = true;
|
||||||
# Show only last 5 configurations in the boot menu.
|
# Show only last 5 configurations in the boot menu.
|
||||||
configurationLimit = lib.mkDefault 5;
|
configurationLimit = lib.mkDefault 5;
|
||||||
};
|
};
|
||||||
|
|
||||||
grub = {
|
|
||||||
enable = config.snowflake.bootloader == "grub";
|
|
||||||
efiSupport = true;
|
|
||||||
forceInstall = true;
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -32,6 +32,8 @@
|
|||||||
enable = true;
|
enable = true;
|
||||||
enable32Bit = true;
|
enable32Bit = true;
|
||||||
extraPackages = with pkgs; [
|
extraPackages = with pkgs; [
|
||||||
|
vaapiIntel
|
||||||
|
libvdpau-va-gl
|
||||||
vaapiVdpau
|
vaapiVdpau
|
||||||
intel-media-driver
|
intel-media-driver
|
||||||
];
|
];
|
||||||
|
@ -28,7 +28,7 @@
|
|||||||
withVpl = true;
|
withVpl = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
intel-vaapi-driver = pkgs.intel-vaapi-driver.override {enableHybridCodec = true;};
|
vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;};
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
@ -1,95 +0,0 @@
|
|||||||
{
|
|
||||||
config,
|
|
||||||
inputs,
|
|
||||||
lib,
|
|
||||||
...
|
|
||||||
}: {
|
|
||||||
imports = [inputs.nixos-mailserver.nixosModules.mailserver];
|
|
||||||
|
|
||||||
options.snowflake.services.mailserver = {
|
|
||||||
enable = lib.mkEnableOption "Enable mailserver service";
|
|
||||||
|
|
||||||
fqdn = lib.mkOption {
|
|
||||||
type = lib.types.str;
|
|
||||||
description = "FQDN for the mailserver";
|
|
||||||
};
|
|
||||||
|
|
||||||
domains = lib.mkOption {
|
|
||||||
type = lib.types.listOf lib.types.str;
|
|
||||||
default = [];
|
|
||||||
description = "Configuration domains to use for the mailserver";
|
|
||||||
};
|
|
||||||
|
|
||||||
loginAccounts = lib.mkOption {
|
|
||||||
description = "Login accounts for the domain. Every account is mapped to a unix user";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
config = let
|
|
||||||
cfg = config.snowflake.services.mailserver;
|
|
||||||
in
|
|
||||||
lib.mkIf cfg.enable {
|
|
||||||
# Ref: https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/issues/275
|
|
||||||
services.dovecot2.sieve.extensions = ["fileinto"];
|
|
||||||
|
|
||||||
mailserver = {
|
|
||||||
inherit (cfg) enable fqdn domains loginAccounts;
|
|
||||||
|
|
||||||
# Spin up a stripped-down nginx instance on
|
|
||||||
# port 80 to generate a certificate automatically.
|
|
||||||
certificateScheme = "acme-nginx";
|
|
||||||
|
|
||||||
# Enable a better way of storing emails.
|
|
||||||
useFsLayout = true;
|
|
||||||
|
|
||||||
mailboxes = {
|
|
||||||
Archive = {
|
|
||||||
auto = "subscribe";
|
|
||||||
specialUse = "Archive";
|
|
||||||
};
|
|
||||||
Drafts = {
|
|
||||||
auto = "subscribe";
|
|
||||||
specialUse = "Drafts";
|
|
||||||
};
|
|
||||||
Sent = {
|
|
||||||
auto = "subscribe";
|
|
||||||
specialUse = "Sent";
|
|
||||||
};
|
|
||||||
Junk = {
|
|
||||||
auto = "subscribe";
|
|
||||||
specialUse = "Junk";
|
|
||||||
};
|
|
||||||
Trash = {
|
|
||||||
auto = "subscribe";
|
|
||||||
specialUse = "Trash";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# Prefer using ipv4 and use correct ipv6 address
|
|
||||||
# to avoid rDNS issues
|
|
||||||
# NOTE: this needs to be changed on every new system.
|
|
||||||
# TODO: figure out how to handle this case better.
|
|
||||||
services.postfix.extraConfig = ''
|
|
||||||
smtp_bind_address6 = 2a01:4f8:1c1c:90b::
|
|
||||||
smtp_address_preference = ipv4
|
|
||||||
'';
|
|
||||||
|
|
||||||
services.fail2ban.jails = {
|
|
||||||
postfix = {
|
|
||||||
settings = {
|
|
||||||
enabled = true;
|
|
||||||
mode = "extra";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
dovecot = {
|
|
||||||
settings = {
|
|
||||||
enabled = true;
|
|
||||||
filter = "dovecot[mode=aggressive]";
|
|
||||||
maxretry = 3;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,8 +1,10 @@
|
|||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 XInHQA 4zhb+FUVzFXJywxv2uevAKOB7kmpe6Gxsqi5mDLoSms
|
-> ssh-ed25519 XInHQA /NRM0XjHa8w8lmRHi+aTpCuViwJGcUxAVAez0PSGdwQ
|
||||||
FS7stCFve9VwUTj1KNFqh4kNHAEs33PUnJVUZVjdE3s
|
UiW+Vnk2Z1/8apx8JTTXNw0+Mw+txBvwzh3xgQyslig
|
||||||
-> ssh-ed25519 9JjquQ DfIEgyGi5nft7TNIzy9haDuanmQz780158ACnEOvNXQ
|
-> ssh-ed25519 9JjquQ Cd54qelvmj8O4x4eIi0UtWxGhqvlfCIHBqBxtd99h2E
|
||||||
4lE2VklzR5evM+ozTychRT563FCbs1H6VsFlGK1k3/U
|
IdYDmPrOPzAimL/M2foYOFsEMcLXTMUolPOy+0gZxNg
|
||||||
--- N9xA3vBfzQ7BiKwYWUIyIXPHg/sODBroXSfVsxh4usk
|
-> ssh-ed25519 8S096g x1o/dQKQIywGlX/vJ2eQqCuWPb2BQNZsEIO4RkkNRxA
|
||||||
õ<>^HÝýP2r<32>…ìªù˜/L<>p0î'L¶WSW„
|
oijplPOdsYYreti3I7bX1KwdHQrWft63bAJBlUGcSzg
|
||||||
ËBð‰q 8‘R7Ä`ù~:±Ž’4ê%q'»¼÷…Å“çÙJÆ\já
Ú¥{±Ç¹lÙd0ò^wñMS<4D>)¯Ïõß¼Ráà¨ùR¢´PVyF2`–ÈÝC·Ò‘¶KÝÇ
|
--- H78isjmjr1DgBAaq0cuzpxQHEwrdVf7rgbgGSX/K/pQ
|
||||||
|
Ȯ8²D>X€<å X€9 ‹?Ǥ{>ìüšLÌ«ž°üãk·††Œ}݉_ß%×Sµ÷<C2B5>ïÈ\—|-žÊø"Ã䩘#;ÃJŽÁ»£ãÕäÉ2iÚ(ƒ¹ùR3°ÜØÔ(Ð=F’–zü.^‹¦<E280B9>»‚<C2BB>
|
||||||
|
Iž£MLuäãÎ ì©ÙïÜ
'ÕúÚ
|
Binary file not shown.
Binary file not shown.
@ -1,7 +0,0 @@
|
|||||||
age-encryption.org/v1
|
|
||||||
-> ssh-ed25519 XInHQA BeG8hdmEGOcfCJGjZ8ps03XDV4DNPqMfXuFGIXitSVM
|
|
||||||
5lTE5CORKB107B8509PPiLCeYlwP1x80Jyh2CxI0BTg
|
|
||||||
-> ssh-ed25519 H9OGOA gqAqKcTLuE7gJ5lWvTUs/mnmTv4CyN9GWj6ce9YmSz0
|
|
||||||
AVKH1l8QEuBlCJS7dZ8cFxbeWF6qjjZWn9fg3uOF9WU
|
|
||||||
--- U0k1MgVffkdgn+pStscCnCNOFgtlCW8URf5wesIjO5w
|
|
||||||
žYzSº<53>¿úfêÍù““ã†ÂONüP³Ù,N7°¯~” Šb<>=ùK
èiâõ”~•ŠéBkÙO=½¸Ó<19>ï½}}AäNYmÇwíëS>uh\?Z<>%&õ¹ ÞX7a'H˜.+Ø<>6%{¥ôL ŒZýÆõñ¨&T ·ýAµ.¶÷™ã
|
|
Binary file not shown.
@ -1,9 +1,7 @@
|
|||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 XInHQA K+oxMLahFGchNXHvAFdyimz2Apy9Er0RYo4QaiGKlRA
|
-> ssh-ed25519 XInHQA YlsFWaxt61N+2wkCBCq4Er7bJkX9eNE4F9QbzfYGZFE
|
||||||
AjuOBPwS1B3GYHIv/rHAggIunpnxn4ZjrrXm/FY71Fc
|
zy8p5Ulj5SYSFJAmvqH7M6bmYAJTAQB5+WtZExTGw9E
|
||||||
-> ssh-ed25519 XbzZEw 54MejQADu15FohnVY4AoJ0QIunva88wTdVAu3n5Qj0A
|
-> ssh-ed25519 XbzZEw /ClsbbHS1B3QBCj7fZCF3KpMCegACxcFBp/HaBuUJns
|
||||||
l4Rou2LJWD/H+0P0PVEPPJRfMxUAvZ627nF1H45fN5w
|
TLQLCXSxaC7gjVUJzIwnjTcB7tSTwohQBthQwJY/gRA
|
||||||
-> ssh-ed25519 wWcc7w avZmPAmK1wxBGme/QOpN2NNG607rIuO4V5TTG3NPohw
|
--- 37R1nYNXpPHsMh8Ilpc4pAIM0/2qcZhzpWcQIC3zB8I
|
||||||
mQ5EhtKXdoWCe9DPOq6YGMvzOyzSYJupVUwI426UfH4
|
ÈŽExÿ£
œvà€ß@Cø÷î¥]<5D><12>Ú‚ô—Á¤ÎžIàè9y/<2F>Aš—AŸbvû‘hö²œÂ3¸Ì2AÅ–+œ÷ØÉÇ¿@ýÊ[†zðœš=Þ‘Îä¹™Ÿê: $œT7œœ<>'ŠKø¥]K¯àk<C3A0>.ü£`ÎBÈÈlð÷MŠÃ¶´7oÁØøÕQ
|
||||||
--- CPxwqeO5n/4hL/W/FLoNa/q/MPy+MDGoEvj+/+4xM90
|
|
||||||
-‘D¤¶<KX²ç¢ó*ÖÙ;®ëŸ”ýíV<C3AD>¥‘㜔‰%ö+òèpcóR<C3B3>’W.³•à˜6CÅ705Ì~m‘{ uB MÅt£ÇË%é‰Õö#nUÿ?œKßñTÒ͆Ê1ß„fÝ™`CŸï½\”ñ¿Ô¼wÞ,©§ƒ½ýVq”ÁöØ‘
|
|
@ -1,7 +1,7 @@
|
|||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 XInHQA V3BAG1j/P2HejGlz7uuJI6s0jjEFRj4Tid3jok+SwiU
|
-> ssh-ed25519 XInHQA k39Tpe44MbIY/fa8Sf3f9JXjTlQN849nKWI3G+c4plA
|
||||||
fSigrUqR7NftZoExPCLHCPeM7IL78/aKh3rdWH8Zf0M
|
Y05ZLbNPJePRU1mLV87KuhQceWZC3LcpM/qX5mOMHg8
|
||||||
-> ssh-ed25519 9JjquQ GfdotrSLXOMsZdBZ3PkaPkB7BhAUZ1bpxJk9CulByG4
|
-> ssh-ed25519 9JjquQ Si+4zoaU6TMP0cymWGQdc54fDhLisYGIi1EXZ9+vbmY
|
||||||
gVFvs1mko1CsAVTuVBtslxQo4+zWJPdvG0xbjeMSo0g
|
cMRoa1Owu1zwhnT6HPwGKk6y3vtHBi8rCnyJfbrAPZY
|
||||||
--- 1r3YAISrWtrMIqQIB4ATNjDyQtIIoJilYW9Vo7vhAjE
|
--- Y27ZK2+ekW1WKGZqTV6Q3mrNNzVWXA7v8JPOylZWYdE
|
||||||
{»uÁ[§¾Hq™nÖ(æ?9ÈÕãƒá<C692>+ƒŒã¹3-IòWФG<C2A4>l¨xFÉÙ?ÄÎ+Kùüà³Õ±»yÍãåc
|
‹> âQà0lZy±¼jÈI|TVÖ KPæ[ìþ˜ªFàI*~LŒÅܯK|b ™!|ÏÅ,é¯ûö´e™G
|
@ -24,15 +24,12 @@ in {
|
|||||||
"machines/thonkpad/root-password.age".publicKeys = thunderbottom ++ thonkpad;
|
"machines/thonkpad/root-password.age".publicKeys = thunderbottom ++ thonkpad;
|
||||||
"machines/bicboye/password.age".publicKeys = thunderbottom ++ bicboye;
|
"machines/bicboye/password.age".publicKeys = thunderbottom ++ bicboye;
|
||||||
"machines/bicboye/root-password.age".publicKeys = thunderbottom ++ bicboye;
|
"machines/bicboye/root-password.age".publicKeys = thunderbottom ++ bicboye;
|
||||||
"machines/smolboye/password.age".publicKeys = thunderbottom ++ smolboye;
|
|
||||||
"machines/smolboye/root-password.age".publicKeys = thunderbottom ++ smolboye;
|
|
||||||
"monitoring/grafana/password.age".publicKeys = thunderbottom ++ bicboye;
|
"monitoring/grafana/password.age".publicKeys = thunderbottom ++ bicboye;
|
||||||
"services/backups/environment.age".publicKeys = thunderbottom ++ bicboye;
|
"services/backup/environment.age".publicKeys = thunderbottom ++ bicboye;
|
||||||
"services/backups/password.age".publicKeys = thunderbottom ++ bicboye;
|
"services/backup/password.age".publicKeys = thunderbottom ++ bicboye;
|
||||||
"services/gitea/password.age".publicKeys = thunderbottom ++ bicboye;
|
"services/gitea/password.age".publicKeys = thunderbottom ++ bicboye;
|
||||||
"services/maddy/password.age".publicKeys = thunderbottom ++ bicboye;
|
"services/maddy/password.age".publicKeys = thunderbottom ++ bicboye;
|
||||||
"services/maddy/user-watashi.age".publicKeys = thunderbottom ++ servers;
|
"services/maddy/user-watashi.age".publicKeys = thunderbottom ++ servers;
|
||||||
"services/mailserver/watashi.age".publicKeys = thunderbottom ++ smolboye;
|
|
||||||
"services/miniflux/password.age".publicKeys = thunderbottom ++ bicboye;
|
"services/miniflux/password.age".publicKeys = thunderbottom ++ bicboye;
|
||||||
"services/paperless/password.age".publicKeys = users ++ bicboye;
|
"services/paperless/password.age".publicKeys = users ++ bicboye;
|
||||||
"services/unifi-unpoller/password.age".publicKeys = users ++ bicboye;
|
"services/unifi-unpoller/password.age".publicKeys = users ++ bicboye;
|
||||||
|
Binary file not shown.
Binary file not shown.
@ -1,9 +1,11 @@
|
|||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 XInHQA WP015mlZCrAnZyk2WofQjH1GXWd25bzsqApPZOx8r3k
|
-> ssh-ed25519 XInHQA RfnooKxGudC9db3TeLiHCeBAQmoBMKQYwne1kPwBB3Y
|
||||||
iZ4zz2WmAoauBkkdzXxlTxt5sioUztazaEbwRNVmdAg
|
Cy7nE5t4HksIkTGiE5A5eWugtPpLLgKg675a9QAJ1OQ
|
||||||
-> ssh-ed25519 9JjquQ CBeSho6W8pqjX2stzABIbsNH+1rCeSaANNqqDJxhNzI
|
-> ssh-ed25519 9JjquQ IXrC89snSDyCk0/cHfZxK3I7VBDOkMB7RqLikSzFfhc
|
||||||
fbvXxdwB8zvPvabAeWwhLdf/L7Uu3c6JeXxRCGWJy5E
|
gJUgWJT00puABYjKgSlQIScxwIzLzw9G04MeYq5skMw
|
||||||
-> ssh-ed25519 H9OGOA VUkG3NHaLG+qKBLEm8RP1blNZ0mDPIC2UQRk1yYxHh0
|
-> ssh-ed25519 8S096g euxCvoiDEsR3+X5YsbTeDluRA8f5iLFV7KOC1aLwH3U
|
||||||
oJVTSqh4R/85xdhVsQGOIJ5ZOcBWE/rFjmUQU50h0K8
|
TDIIZoqkh2DPUVno76U16Y/9HaU5dCL/AqgbqBNF/BU
|
||||||
--- eRstd/AHMaZSZcf27Z+iNTvLQwC3IjLv2TP796qmSn4
|
-> ssh-ed25519 H9OGOA VmODcaMxRDUeD0sbrtFNTAiuI/gI7+zVEQwfhC7gT1s
|
||||||
?W#ÔR†¾Ply—}Ž_G<>ÝW\Wú“³Æ"å£(Ô(H¦ÏSÇØiA$%ºùËiÜ×ã.~Gî Á]8
|
p95/aXRwH3PdgsiMMxR/pEFlithxc68STelHRxAZoKM
|
||||||
|
--- WVxsIeOZysNFXyQiihNL527CpfNy6WuSVw7UnrMEmAU
|
||||||
|
Ì ¦=K+t¹zf8
coœÈÅQZ÷<5A>ÀŸ.ý²/xðSç«Yª?ÜÊÂ<=^Ny€‘¿`'ŠÜù¯Z¸¾ŠÚà7
|
@ -1,7 +0,0 @@
|
|||||||
<EFBFBD>
|
|
||||||
<EFBFBD>
|
|
||||||
<EFBFBD>
|
|
||||||
<EFBFBD>
|
|
||||||
<EFBFBD>
|
|
||||||
<EFBFBD>
|
|
||||||
<EFBFBD>
|
|
Binary file not shown.
@ -1,11 +1,13 @@
|
|||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 XInHQA lBnG5xabcJ/T96pljsvMSYRBWmw1C482pJo8MLyxWAM
|
-> ssh-ed25519 XInHQA UWrsDGlrkZ6xmFFSOCrAZbybIvIYQc1QKhgXhdDSoxY
|
||||||
ruh6EYwb+qm7uxVGK9SUct3bvFs6Mdd5cY2kpkNj4YE
|
5Je6sUO8h71WJkFpof3XcxnIUEexutrEz5TXT1Bwobg
|
||||||
-> ssh-ed25519 K8TEKA ZKVjldfNzm6r2BS7hvaTtZUYbVPmqxtJ9eBwi5SbKzw
|
-> ssh-ed25519 K8TEKA Kxxgpb4qEFVQ+KJpb2wBwKjQc22PwjEEB3Y3ERmm924
|
||||||
eUzxYLCgI8jw1Rsk/0Jlx9bCo+tfWyePlwNTOWsLXpM
|
2O4zzOOyH8SeRScBhGFKopMD5eZKtOF63fWs3YjqC5Q
|
||||||
-> ssh-ed25519 7+Zv5Q 37+4858UVoKzhKlee3ID7+hXXvnU8EmXJm0glFF5ZXI
|
-> ssh-ed25519 7+Zv5Q 3A3v+goiSRXpBhb3hAVJXbHuHdT+L4Xr178ML/pfG2s
|
||||||
gbq7P4g1mav8WjiMlKVW25O8dj6ZSFt7qc//h8zRVWE
|
Ds1qBZlDl2mnlZvRcI0fEvDQ79KmUFAYICoVrcoA+Oc
|
||||||
-> ssh-ed25519 9JjquQ BAEFuSeq6DXdGnMKmTt5fpzmRL5G/3pIsHxxCznlyXY
|
-> ssh-ed25519 9JjquQ 0p+mZLwhphoGDdmpOxgQrzIX+Y2w0RvIdNMlSarL90s
|
||||||
ucGrfwU7iFvt1qjXmhbuKF8VdReA4z79UFu9bkEJTBo
|
8P+l4oPQ3qEtR4KWk7W7wkxGEjroqMA5f70+1eUjdY8
|
||||||
--- H8MN4G5HyR6lQmdKcDSsqzoIVs5AYsTWnfM08LwmSKA
|
-> ssh-ed25519 8S096g 5cTN3f5x+9Qizop1nRdjkqe0pa1S3LjR0pbMTccsPWM
|
||||||
åÝ@(úP+`¿;ß;Ìöu¿:Q¥™³ÆÒ¯`WèŸJSr#fí5«¿*)í¬f»8Ç<PÚ6boðÌ6¹i`¶Ï
|
gGn24WckcR1iCNJH2oB8gekTTty/a4asssRmDlgEpwU
|
||||||
|
--- LCrdBMibVYcT7SAS+jw+IBSb8nHdqvCpP0oe4fVc9OQ
|
||||||
|
<1F>æèQÐÒ<C390>x¥Q,•¹ºÓéS<53>WŠõ<C5A0>$2È’Ó3E“Aîß-×fc‰dæ•wV¿i2ÌvÏŸê >Z
|
@ -1,11 +1,12 @@
|
|||||||
age-encryption.org/v1
|
age-encryption.org/v1
|
||||||
-> ssh-ed25519 XInHQA hYVanXynnpdxjHwiRjiU9FBXMk6IMtRFUpBT3gZe1UU
|
-> ssh-ed25519 XInHQA bMzwX3D3LAeB2oFjeCgQy6NtXfde87lGBBhJN7Nrox4
|
||||||
/kg0btVFvuIPoOM9X3ZwW73H+mxlqX+zMxTU5mY/aVQ
|
h6hwikEijHYMUTWhBuSgz+nxnnj00VlSibTZc2JmnBY
|
||||||
-> ssh-ed25519 K8TEKA Agtc83EZclwand7EfAANze3PfNY6E+nk2cLyM6b6Iyk
|
-> ssh-ed25519 K8TEKA s2cQpiLdC+1XBH5cIE5Z/IUEpsk564jYrsafVZSMgVQ
|
||||||
qsABTxon2mCkgy0ABJRMP6D04FncCZHHTY9wfWEyyO0
|
d5qPoJhyUToxN639uoR0J9kcfvubItuzXGoVk6Sewao
|
||||||
-> ssh-ed25519 7+Zv5Q GCoSL4mMvbanYCCnz1h+iC/p+4Ua/fuFe6rdbl1GSSo
|
-> ssh-ed25519 7+Zv5Q pdOyuEw0qr/owYTSBq1Ewmge/0iGrf5PVQe8nSRKRhk
|
||||||
kbowsEOd6f9Eo/PHW2W1ANMrrd//+XdBsLaz6t6SEVI
|
WWnMY5blWR6JOEz8dcOXdFoz9Vfj7J3EmVfVfb0qAmQ
|
||||||
-> ssh-ed25519 9JjquQ OTiB10cqC5iGmC8+4CxS6keHvuWZllWJ3CpP6BLDSDI
|
-> ssh-ed25519 9JjquQ V82cwaqtAmVTMeyWvd23c0xOUk38tnmwFMKPeNZbbik
|
||||||
9b0LvgFbaLixRH5O6lnGgS50sxL1jD/YJbH/6ZE+aK8
|
iWuQQSWFGf5ZqTyv78YRk7D96W8UXTnbaMLZ6F0ctj8
|
||||||
--- LQ/Rxvwpq7Um2LfV8szBZtj1e6IihTKOHdZS8Dixds4
|
--- PtBBUhavizHrdmvxBF9qcB4rYEcB0A4AWqRl1Wp1Hic
|
||||||
“ƒùZ”[4{@¶¨¤ùuKÅ`ô‰Ánº:>½ïCNØŠsÍÕ«2¿ÄÁIþa
|
ÅêÞ`ÐXj*Ä3U±Ë÷ :¢7…ä´s<C2B4>Zž1eA«
|
||||||
|
ø‰‘µýíRú#ì
|
Binary file not shown.
122
systems/x86_64-linux/bicboye/hardware-intel.nix
Normal file
122
systems/x86_64-linux/bicboye/hardware-intel.nix
Normal file
@ -0,0 +1,122 @@
|
|||||||
|
_: {
|
||||||
|
boot = {
|
||||||
|
initrd = {
|
||||||
|
availableKernelModules = [
|
||||||
|
"xhci_pci"
|
||||||
|
"ahci"
|
||||||
|
"ehci_pci"
|
||||||
|
"nvme"
|
||||||
|
"usbhid"
|
||||||
|
"usb_storage"
|
||||||
|
"sd_mod"
|
||||||
|
];
|
||||||
|
luks.devices."cryptroot".device = "/dev/disk/by-uuid/e570c2be-65df-4208-9cac-a03de08a6209";
|
||||||
|
};
|
||||||
|
kernelModules = ["kvm-intel"];
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems = {
|
||||||
|
"/" = {
|
||||||
|
device = "/dev/disk/by-uuid/a1b57a56-16d4-45ea-bac3-daeacd3dbcb2";
|
||||||
|
fsType = "btrfs";
|
||||||
|
options = [
|
||||||
|
"defaults"
|
||||||
|
"compress-force=zstd"
|
||||||
|
"noatime"
|
||||||
|
"ssd"
|
||||||
|
"subvol=@"
|
||||||
|
];
|
||||||
|
neededForBoot = true; # required
|
||||||
|
};
|
||||||
|
|
||||||
|
"/home" = {
|
||||||
|
device = "/dev/disk/by-uuid/a1b57a56-16d4-45ea-bac3-daeacd3dbcb2";
|
||||||
|
fsType = "btrfs";
|
||||||
|
options = [
|
||||||
|
"defaults"
|
||||||
|
"compress-force=zstd"
|
||||||
|
"noatime"
|
||||||
|
"ssd"
|
||||||
|
"subvol=@home"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
"/.snapshots" = {
|
||||||
|
device = "/dev/disk/by-uuid/a1b57a56-16d4-45ea-bac3-daeacd3dbcb2";
|
||||||
|
fsType = "btrfs";
|
||||||
|
options = [
|
||||||
|
"defaults"
|
||||||
|
"compress-force=zstd"
|
||||||
|
"noatime"
|
||||||
|
"ssd"
|
||||||
|
"subvol=@snapshots"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
"/var/log" = {
|
||||||
|
device = "/dev/disk/by-uuid/a1b57a56-16d4-45ea-bac3-daeacd3dbcb2";
|
||||||
|
fsType = "btrfs";
|
||||||
|
options = [
|
||||||
|
"defaults"
|
||||||
|
"compress-force=zstd"
|
||||||
|
"noatime"
|
||||||
|
"ssd"
|
||||||
|
"subvol=@log"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
"/etc/nixos" = {
|
||||||
|
device = "/dev/disk/by-uuid/a1b57a56-16d4-45ea-bac3-daeacd3dbcb2";
|
||||||
|
fsType = "btrfs";
|
||||||
|
options = [
|
||||||
|
"defaults"
|
||||||
|
"compress-force=zstd"
|
||||||
|
"noatime"
|
||||||
|
"ssd"
|
||||||
|
"subvol=@nixos-config"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
"/var/cache" = {
|
||||||
|
device = "/dev/disk/by-uuid/a1b57a56-16d4-45ea-bac3-daeacd3dbcb2";
|
||||||
|
fsType = "btrfs";
|
||||||
|
options = [
|
||||||
|
"defaults"
|
||||||
|
"compress-force=zstd"
|
||||||
|
"noatime"
|
||||||
|
"ssd"
|
||||||
|
"subvol=@cache"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
"/boot" = {
|
||||||
|
device = "/dev/disk/by-uuid/B731-09A3";
|
||||||
|
fsType = "vfat";
|
||||||
|
options = ["fmask=0022" "dmask=0022"];
|
||||||
|
};
|
||||||
|
|
||||||
|
# "/storage/immich" = {
|
||||||
|
# device = "/dev/disk/by-uuid/bae65b7a-4f08-4b0d-963c-72e71bfcff46";
|
||||||
|
# fsType = "btrfs";
|
||||||
|
# options = [
|
||||||
|
# "defaults"
|
||||||
|
# "compress-force=zstd"
|
||||||
|
# "noatime"
|
||||||
|
# "user"
|
||||||
|
# ];
|
||||||
|
# };
|
||||||
|
|
||||||
|
# TODO: delete btrfs subvolume
|
||||||
|
# "/storage/syncthing" = {
|
||||||
|
# device = "/dev/disk/by-uuid/e3a4c251-a3e2-4b5e-a63b-70f53b51836a";
|
||||||
|
# fsType = "btrfs";
|
||||||
|
# options = [
|
||||||
|
# "defaults"
|
||||||
|
# "compress-force=zstd"
|
||||||
|
# "noatime"
|
||||||
|
# "user"
|
||||||
|
# ];
|
||||||
|
# };
|
||||||
|
};
|
||||||
|
swapDevices = [];
|
||||||
|
}
|
@ -1,92 +0,0 @@
|
|||||||
{
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
userdata,
|
|
||||||
...
|
|
||||||
}: {
|
|
||||||
imports = [./disk-config.nix];
|
|
||||||
|
|
||||||
hardware.cpu.intel.updateMicrocode = true;
|
|
||||||
hardware.enableRedistributableFirmware = true;
|
|
||||||
|
|
||||||
networking = {
|
|
||||||
hostName = "smolboye";
|
|
||||||
nameservers = ["1.1.1.1"];
|
|
||||||
useDHCP = lib.mkDefault false;
|
|
||||||
interfaces.enp1s0 = {
|
|
||||||
useDHCP = lib.mkDefault true;
|
|
||||||
ipv6.addresses = [
|
|
||||||
{
|
|
||||||
address = "2a01:4f8:1c1c:90b::";
|
|
||||||
prefixLength = 64;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
defaultGateway6 = {
|
|
||||||
address = "fe80::1";
|
|
||||||
interface = "enp1s0";
|
|
||||||
};
|
|
||||||
firewall.allowedTCPPorts = [80 443];
|
|
||||||
};
|
|
||||||
|
|
||||||
boot = {
|
|
||||||
initrd.availableKernelModules = ["xhci_pci" "ahci" "ehci_pci" "nvme" "usb_storage" "sd_mod"];
|
|
||||||
kernelModules = ["kvm-amd" "virtio_gpu"];
|
|
||||||
kernelParams = ["console=tty"];
|
|
||||||
loader.grub.device = "/dev/sda";
|
|
||||||
supportedFilesystems = ["btrfs"];
|
|
||||||
};
|
|
||||||
|
|
||||||
# Enable weekly btrfs auto-scrub.
|
|
||||||
services.btrfs.autoScrub = {
|
|
||||||
enable = true;
|
|
||||||
interval = "weekly";
|
|
||||||
fileSystems = ["/"];
|
|
||||||
};
|
|
||||||
|
|
||||||
security.acme.defaults.email = "chinmaydpai@gmail.com";
|
|
||||||
|
|
||||||
age.secrets = {
|
|
||||||
mailserver-watashi.file = userdata.secrets.services.mailserver.watashi.password.file;
|
|
||||||
};
|
|
||||||
|
|
||||||
snowflake = {
|
|
||||||
stateVersion = "24.11";
|
|
||||||
bootloader = "grub";
|
|
||||||
|
|
||||||
core.security.sysctl.enable = lib.mkForce false;
|
|
||||||
|
|
||||||
networking.firewall.enable = true;
|
|
||||||
networking.networkManager.enable = true;
|
|
||||||
networking.resolved.enable = true;
|
|
||||||
|
|
||||||
services = {
|
|
||||||
mailserver = {
|
|
||||||
enable = true;
|
|
||||||
fqdn = "mail.deku.moe";
|
|
||||||
domains = ["deku.moe"];
|
|
||||||
loginAccounts = {
|
|
||||||
"watashi@deku.moe" = {
|
|
||||||
hashedPasswordFile = config.age.secrets.mailserver-watashi.path;
|
|
||||||
aliases = ["@deku.moe"];
|
|
||||||
catchAll = ["deku.moe"];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
user = {
|
|
||||||
enable = true;
|
|
||||||
username = "server";
|
|
||||||
description = "Smolboye Server";
|
|
||||||
userPasswordAgeModule = userdata.secrets.machines.smolboye.password;
|
|
||||||
rootPasswordAgeModule = userdata.secrets.machines.smolboye.root-password;
|
|
||||||
extraAuthorizedKeys = [
|
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG3PeMbehJBkmv8Ee7xJimTzXoSdmAnxhBatHSdS+saM"
|
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOyY8ZkhwWiqJCiTqXvHnLpXQb1qWwSZAoqoSWJI1ogP"
|
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJQWA+bAwpm9ca5IhC6q2BsxeQH4WAiKyaht48b7/xkN"
|
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKJnFvU6nBXEuZF08zRLFfPpxYjV3o0UayX0zTPbDb7C"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,57 +0,0 @@
|
|||||||
{
|
|
||||||
disko.devices = {
|
|
||||||
disk = {
|
|
||||||
sda = {
|
|
||||||
type = "disk";
|
|
||||||
device = "/dev/sda";
|
|
||||||
content = {
|
|
||||||
type = "gpt";
|
|
||||||
partitions = {
|
|
||||||
boot = {
|
|
||||||
priority = 1;
|
|
||||||
name = "ESP";
|
|
||||||
start = "1M";
|
|
||||||
end = "128M";
|
|
||||||
type = "EF00";
|
|
||||||
content = {
|
|
||||||
type = "filesystem";
|
|
||||||
format = "vfat";
|
|
||||||
mountpoint = "/boot";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
root = {
|
|
||||||
size = "100%";
|
|
||||||
content = {
|
|
||||||
type = "btrfs";
|
|
||||||
extraArgs = ["-f"];
|
|
||||||
subvolumes = {
|
|
||||||
"/root" = {
|
|
||||||
mountpoint = "/";
|
|
||||||
mountOptions = ["compress=zstd" "noatime"];
|
|
||||||
};
|
|
||||||
"/home" = {
|
|
||||||
mountpoint = "/home";
|
|
||||||
mountOptions = ["compress=zstd" "noatime"];
|
|
||||||
};
|
|
||||||
"/nix" = {
|
|
||||||
mountpoint = "/nix";
|
|
||||||
mountOptions = ["compress=zstd" "noatime"];
|
|
||||||
};
|
|
||||||
"/swap" = {
|
|
||||||
mountpoint = "/.swapvol";
|
|
||||||
mountOptions = ["nodatacow" "noatime"];
|
|
||||||
swap.swapfile.size = "20M";
|
|
||||||
};
|
|
||||||
"/log" = {
|
|
||||||
mountpoint = "/var/log";
|
|
||||||
mountOptions = ["compress=zstd" "noatime"];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
@ -6,8 +6,13 @@
|
|||||||
}: {
|
}: {
|
||||||
imports = [./hardware.nix];
|
imports = [./hardware.nix];
|
||||||
|
|
||||||
|
chaotic.mesa-git.enable = true;
|
||||||
|
|
||||||
hardware.cpu.intel.updateMicrocode = true;
|
hardware.cpu.intel.updateMicrocode = true;
|
||||||
hardware.enableRedistributableFirmware = true;
|
hardware.enableRedistributableFirmware = true;
|
||||||
|
hardware.graphics.extraPackages = with pkgs; [
|
||||||
|
mesa_git.opencl
|
||||||
|
];
|
||||||
|
|
||||||
networking.hostName = "thonkpad";
|
networking.hostName = "thonkpad";
|
||||||
networking.interfaces.wlan0.useDHCP = lib.mkDefault false;
|
networking.interfaces.wlan0.useDHCP = lib.mkDefault false;
|
||||||
|
136
systems/x86_64-linux/thonkpad/thonkpad-12.nix
Normal file
136
systems/x86_64-linux/thonkpad/thonkpad-12.nix
Normal file
@ -0,0 +1,136 @@
|
|||||||
|
_: {
|
||||||
|
boot = {
|
||||||
|
initrd = {
|
||||||
|
availableKernelModules = [
|
||||||
|
"xhci_pci"
|
||||||
|
"thunderbolt"
|
||||||
|
"nvme"
|
||||||
|
"usb_storage"
|
||||||
|
"sd_mod"
|
||||||
|
];
|
||||||
|
luks.devices."cryptroot".device = "/dev/disk/by-uuid/9de352ea-128f-4d56-a720-36d81dfd9b92";
|
||||||
|
};
|
||||||
|
kernelModules = [
|
||||||
|
"kvm-intel"
|
||||||
|
# "thinkpad_acpi"
|
||||||
|
"iwlwifi"
|
||||||
|
"xe"
|
||||||
|
];
|
||||||
|
kernelParams = [
|
||||||
|
"xe.force_probe=7d45"
|
||||||
|
# "resume_offset=2465529"
|
||||||
|
# "intel_pstate=active"
|
||||||
|
# "thinkpad_acpi.fan_control=1"
|
||||||
|
];
|
||||||
|
# resumeDevice = "/dev/disk/by-uuid/870fde90-a91a-4554-8b1c-d5702c789f4d";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems = {
|
||||||
|
"/" = {
|
||||||
|
device = "/dev/disk/by-uuid/870fde90-a91a-4554-8b1c-d5702c789f4d";
|
||||||
|
fsType = "btrfs";
|
||||||
|
options = [
|
||||||
|
"defaults"
|
||||||
|
"autodefrag"
|
||||||
|
"compress-force=zstd"
|
||||||
|
"noatime"
|
||||||
|
"ssd"
|
||||||
|
"subvol=@"
|
||||||
|
];
|
||||||
|
neededForBoot = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
"/home" = {
|
||||||
|
device = "/dev/disk/by-uuid/870fde90-a91a-4554-8b1c-d5702c789f4d";
|
||||||
|
fsType = "btrfs";
|
||||||
|
options = [
|
||||||
|
"defaults"
|
||||||
|
"autodefrag"
|
||||||
|
"compress-force=zstd"
|
||||||
|
"noatime"
|
||||||
|
"ssd"
|
||||||
|
"subvol=@home"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
"/.snapshots" = {
|
||||||
|
device = "/dev/disk/by-uuid/870fde90-a91a-4554-8b1c-d5702c789f4d";
|
||||||
|
fsType = "btrfs";
|
||||||
|
options = [
|
||||||
|
"defaults"
|
||||||
|
"compress-force=zstd"
|
||||||
|
"noatime"
|
||||||
|
"ssd"
|
||||||
|
"subvol=@snapshots"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
"/var/log" = {
|
||||||
|
device = "/dev/disk/by-uuid/870fde90-a91a-4554-8b1c-d5702c789f4d";
|
||||||
|
fsType = "btrfs";
|
||||||
|
options = [
|
||||||
|
"defaults"
|
||||||
|
"autodefrag"
|
||||||
|
"compress-force=zstd"
|
||||||
|
"noatime"
|
||||||
|
"ssd"
|
||||||
|
"subvol=@log"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
"/var/cache" = {
|
||||||
|
device = "/dev/disk/by-uuid/870fde90-a91a-4554-8b1c-d5702c789f4d";
|
||||||
|
fsType = "btrfs";
|
||||||
|
options = [
|
||||||
|
"defaults"
|
||||||
|
"autodefrag"
|
||||||
|
"compress-force=zstd"
|
||||||
|
"noatime"
|
||||||
|
"ssd"
|
||||||
|
"subvol=@cache"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
"/etc/nixos" = {
|
||||||
|
device = "/dev/disk/by-uuid/870fde90-a91a-4554-8b1c-d5702c789f4d";
|
||||||
|
fsType = "btrfs";
|
||||||
|
options = [
|
||||||
|
"defaults"
|
||||||
|
"compress-force=zstd"
|
||||||
|
"noatime"
|
||||||
|
"ssd"
|
||||||
|
"subvol=@nix-config"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
"/nix" = {
|
||||||
|
device = "/dev/disk/by-uuid/870fde90-a91a-4554-8b1c-d5702c789f4d";
|
||||||
|
fsType = "btrfs";
|
||||||
|
options = [
|
||||||
|
"defaults"
|
||||||
|
"autodefrag"
|
||||||
|
"compress-force=zstd"
|
||||||
|
"noatime"
|
||||||
|
"ssd"
|
||||||
|
"subvol=@nix-store"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
# ref: https://sawyershepherd.org/post/hibernating-to-an-encrypted-swapfile-on-btrfs-with-nixos/
|
||||||
|
# "/swap" = {
|
||||||
|
# device = "/dev/disk/by-uuid/870fde90-a91a-4554-8b1c-d5702c789f4d";
|
||||||
|
# fsType = "btrfs";
|
||||||
|
# options = [
|
||||||
|
# "subvol=@swap"
|
||||||
|
# "noatime"
|
||||||
|
# ];
|
||||||
|
# };
|
||||||
|
|
||||||
|
"/boot" = {
|
||||||
|
device = "/dev/disk/by-uuid/B9A2-7AA6";
|
||||||
|
fsType = "vfat";
|
||||||
|
options = ["fmask=0022" "dmask=0022"];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
swapDevices = [];
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user