diff options
Diffstat (limited to '')
| -rw-r--r-- | hosts/kaitain/default.nix | 39 | ||||
| -rw-r--r-- | hosts/kaitain/hardware-configuration.nix | 2 |
2 files changed, 32 insertions, 9 deletions
diff --git a/hosts/kaitain/default.nix b/hosts/kaitain/default.nix index 9a222be..3fba8dc 100644 --- a/hosts/kaitain/default.nix +++ b/hosts/kaitain/default.nix @@ -1,21 +1,25 @@ { config, inputs, lib, outputs, pkgs, ... }: { boot = { initrd.kernelModules = [ "zfs" ]; - kernelPackages = pkgs.linuxPackages_6_12; + kernelPackages = pkgs.master.linuxPackages_7_0; loader = { efi.canTouchEfiVariables = true; - systemd-boot.enable = true; + systemd-boot = { + enable = true; + memtest86.enable = true; + }; timeout = 3; }; supportedFilesystems = [ "zfs" ]; zfs = { devNodes = "/dev/disk/by-label"; - #package = pkgs.master.zfs; + forceImportRoot = false; + package = pkgs.master.zfs_2_4; }; }; - environment.systemPackages = with pkgs; [ - git-review + environment.systemPackages = [ + pkgs.git-review ]; imports = [ @@ -24,6 +28,7 @@ ../common/core #../common/optional/db.nix ../common/optional/dev.nix + ../common/optional/gui.nix ../common/optional/misc.nix #../common/optional/multimedia.nix ../common/optional/pipewire.nix @@ -51,8 +56,23 @@ ]; }; - services.openssh.openFirewall = false; - services.xserver.videoDrivers = lib.mkForce [ "vmware" "virtualbox" "modesetting" ]; + services = { + openssh.openFirewall = false; + xrdp = { + defaultWindowManager = "${pkgs.i3}/bin/i3"; + enable = true; + extraConfDirCommands = '' + substituteInPlace $out/xrdp.ini \ + --replace-fail 'port=3389' 'port=vsock://-1:3389' \ + --replace-fail '#vmconnect=true' 'vmconnect=true' \ + --replace-fail 'security_layer=negotiate' 'security_layer=rdp' \ + --replace-fail 'crypt_level=high' 'crypt_level=none' \ + --replace-fail 'bitmap_compression=true' 'bitmap_compression=false' + ''; + #openFirewall = true; + }; + #xserver.videoDrivers = lib.mkForce [ "modesetting" ]; + }; sops = { age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; @@ -60,11 +80,14 @@ secrets = { "nix-access-token-github" = {}; + "ssh_config".path = "/root/.ssh/config"; }; }; system.stateVersion = "23.11"; + systemd.services.xrdp.serviceConfig.ExecStart = lib.mkForce "${pkgs.xrdp}/bin/xrdp --nodaemon --config /etc/xrdp/xrdp.ini"; # https://github.com/nixos/nixpkgs/issues/304855 required because XRDP ignores port parameter in INI when specified via CLI + #systemd.user.services = let # vbox-client = desc: flags: { # description = "VirtualBox Guest: ${desc}"; @@ -86,5 +109,5 @@ (builtins.readFile ../common/users/nipsy/keys/id_att.pub) ]; - virtualisation.virtualbox.guest.enable = true; + virtualisation.hypervGuest.enable = true; } diff --git a/hosts/kaitain/hardware-configuration.nix b/hosts/kaitain/hardware-configuration.nix index f38c16a..07b3857 100644 --- a/hosts/kaitain/hardware-configuration.nix +++ b/hosts/kaitain/hardware-configuration.nix @@ -8,7 +8,7 @@ [ #(modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "ohci_pci" "ehci_pci" "ata_piix" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; + boot.initrd.availableKernelModules = [ "sd_mod" "sr_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ ]; boot.extraModulePackages = [ ]; |