aboutsummaryrefslogtreecommitdiffstats
path: root/hosts
diff options
context:
space:
mode:
Diffstat (limited to 'hosts')
-rw-r--r--hosts/common/core/default.nix13
-rw-r--r--hosts/richese/default.nix200
-rw-r--r--hosts/richese/disks.nix98
-rw-r--r--hosts/richese/hardware-configuration.nix46
4 files changed, 345 insertions, 12 deletions
diff --git a/hosts/common/core/default.nix b/hosts/common/core/default.nix
index 8d19a9f..5fefe2d 100644
--- a/hosts/common/core/default.nix
+++ b/hosts/common/core/default.nix
@@ -1,21 +1,10 @@
{ inputs, outputs, ... }: {
imports = [
- inputs.home-manager.nixosModules.home-manager
./locale.nix
./nix.nix
./shells.nix
./zsh.nix
- ] ++ (builtins.attrValues outputs.nixosModules);
-
- home-manager.extraSpecialArgs = { inherit inputs outputs; };
-
- nixpkgs = {
- # you can add global overlays here
- overlays = builtins.attrValues outputs.overlays;
- config = {
- allowUnfree = true;
- };
- };
+ ];
hardware.enableRedistributableFirmware = true;
}
diff --git a/hosts/richese/default.nix b/hosts/richese/default.nix
new file mode 100644
index 0000000..f068784
--- /dev/null
+++ b/hosts/richese/default.nix
@@ -0,0 +1,200 @@
+{ config, pkgs, ... }: {
+ boot = {
+ initrd.kernelModules = [ "zfs" ];
+ kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
+ loader.grub.device = "/dev/sda";
+ supportedFilesystems = [ "zfs" ];
+ zfs.devNodes = "/dev/disk/by-label";
+ };
+
+ documentation.dev.enable = true;
+ documentation.man.enable = true;
+
+ environment.systemPackages = with pkgs; [
+ acl
+ ansible
+ autoconf
+ automake
+ bash
+ bc
+ bind
+ binutils
+ bpftools
+ bzip2
+ cmake
+ colordiff
+ conntrack-tools
+ coreutils
+ cpio
+ curl
+ diffutils
+ dig
+ dmenu
+ enscript
+ ethtool
+ evince
+ expect
+ feh
+ file
+ findutils
+ fio
+ fortune
+ fping
+ gcc
+ gcr
+ geeqie
+ ghostscript
+ #gimp-with-plugins
+ gimp
+ git
+ gnugrep
+ gnupatch
+ gnused
+ gnutar
+ google-chrome
+ gv
+ gzip
+ helm
+ i3
+ i3status
+ imagemagick
+ inkscape
+ inxi
+ iotop
+ ipcalc
+ iperf
+ iproute2
+ iputils
+ jq
+ less
+ libreoffice
+ lshw
+ lsof
+ lvm2
+ mariadb
+ mutt
+ nano
+ netcat-openbsd
+ nettools
+ nix-index
+ nmap
+ oath-toolkit
+ openldap
+ openssl
+ openstackclient
+ patchelf
+ (pass.withExtensions (ext: with ext; [pass-otp]))
+ pass
+ pavucontrol
+ pciutils
+ perl
+ pkg-config
+ polkit_gnome
+ poppler_utils
+ procps
+ psmisc
+ pv
+ pwgen
+ python3
+ qpwgraph
+ qrencode
+ recode
+ rsync
+ sqlite
+ st
+ stoken
+ strace
+ sysstat
+ tcpdump
+ traceroute
+ tree
+ unixtools.xxd
+ unrar
+ unzip
+ util-linux
+ vim
+ virtualenv
+ wdiff
+ weechat
+ wget
+ wireshark
+ whois
+ xclip
+ xdotool
+ xorg.xdpyinfo
+ xsnow
+ xz
+ zip
+ zstd
+ ];
+
+ imports = [
+ ./hardware-configuration.nix
+ ../common/core
+ ../common/optional/pipewire.nix
+ ../common/optional/services/openssh.nix
+ ../common/optional/services/xorg.nix
+ ../common/optional/zfs.nix
+ ../common/users/nipsy
+ ../common/users/root
+ ];
+
+ networking = {
+ hostId = "2d990f74";
+ hostName = "richese";
+ nftables.enable = true;
+ };
+
+ programs.atop.enable = true;
+ programs.firefox.enable = true;
+ programs.gnupg.agent = {
+ enable = true;
+ enableSSHSupport = true;
+ };
+ programs.iftop.enable = true;
+ programs.mtr.enable = true;
+ programs.tmux.enable = true;
+ programs.zsh.enable = true;
+
+ security.polkit = {
+ enable = true;
+ extraConfig = ''
+ polkit.addRule(function(action, subject) {
+ if (
+ subject.isInGroup("users")
+ && (
+ action.id == "org.freedesktop.login1.reboot" ||
+ action.id == "org.freedesktop.login1.reboot-multiple-sessions" ||
+ action.id == "org.freedesktop.login1.power-off" ||
+ action.id == "org.freedesktop.login1.power-off-multiple-sessions"
+ )
+ )
+ {
+ return polkit.Result.YES;
+ }
+ })
+ '';
+ };
+
+ systemd = {
+ user.services.polkit-gnome-authentication-agent-1 = {
+ description = "polkit-gnome-authentication-agent-1";
+ wantedBy = [ "graphical-session.target" ];
+ wants = [ "graphical-session.target" ];
+ after = [ "graphical-session.target" ];
+ serviceConfig = {
+ Type = "simple";
+ ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
+ Restart = "on-failure";
+ RestartSec = 1;
+ TimeoutStopSec = 10;
+ };
+ };
+ };
+
+ system.stateVersion = "23.11";
+
+ virtualisation.virtualbox.guest.enable = true;
+ # no longer in unstable apparently
+ #virtualisation.virtualbox.guest.x11 = true;
+}
diff --git a/hosts/richese/disks.nix b/hosts/richese/disks.nix
new file mode 100644
index 0000000..9f05d48
--- /dev/null
+++ b/hosts/richese/disks.nix
@@ -0,0 +1,98 @@
+{
+ disko.devices = {
+ disk = {
+ sda = {
+ type = "disk";
+ device = "/dev/sda";
+ content = {
+ type = "gpt";
+ partitions = {
+ boot = {
+ size = "4M";
+ type = "EF02";
+ };
+ ESP = {
+ size = "1G";
+ type = "EF00";
+ content = {
+ type = "filesystem";
+ format = "vfat";
+ mountpoint = "/boot";
+ mountOptions = [ "defaults" ];
+ extraArgs = [ "-n boot" ];
+ };
+ };
+ swap = {
+ size = "16G";
+ type = "8200";
+ content = {
+ type = "swap";
+ extraArgs = [ "-L swap" ];
+ };
+ };
+ rpool = {
+ size = "100%";
+ content = {
+ type = "zfs";
+ pool = "rpool";
+ };
+ };
+ };
+ };
+ };
+ };
+ zpool = {
+ rpool = {
+ type = "zpool";
+ rootFsOptions = {
+ acltype = "posixacl";
+ dnodesize = "auto";
+ xattr = "sa";
+ relatime = "on";
+ normalization = "formD";
+ encryption = "aes-256-gcm";
+ keyformat = "passphrase";
+ keylocation = "file:///tmp/data.keyfile";
+ compression = "on";
+ };
+ postCreateHook = ''
+ zfs set keylocation="prompt" rpool
+ '';
+ options = {
+ ashift = "12";
+ #autotrim = "on";
+ };
+ datasets = {
+ "local/root" = {
+ type = "zfs_fs";
+ options.mountpoint = "legacy";
+ mountpoint = "/";
+ };
+ "local/nix" = {
+ type = "zfs_fs";
+ options = {
+ atime = "off";
+ mountpoint = "legacy";
+ };
+ mountpoint = "/nix";
+ };
+ "user/home" = {
+ type = "zfs_fs";
+ options.mountpoint = "legacy";
+ mountpoint = "/home";
+ };
+ "user/home/root" = {
+ type = "zfs_fs";
+ options.mountpoint = "legacy";
+ mountpoint = "/root";
+ };
+ "user/home/nipsy" = {
+ type = "zfs_fs";
+ options.mountpoint = "legacy";
+ mountpoint = "/home/nipsy";
+ };
+ };
+ };
+ };
+ };
+}
diff --git a/hosts/richese/hardware-configuration.nix b/hosts/richese/hardware-configuration.nix
new file mode 100644
index 0000000..dc9fd42
--- /dev/null
+++ b/hosts/richese/hardware-configuration.nix
@@ -0,0 +1,46 @@
+# Do not modify this file! It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations. Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+ imports =
+ [ #(modulesPath + "/installer/scan/not-detected.nix")
+ ];
+
+ boot.initrd.availableKernelModules = [ "ata_piix" "ohci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" ];
+ boot.initrd.kernelModules = [ ];
+ boot.kernelModules = [ ];
+ boot.extraModulePackages = [ ];
+
+ fileSystems."/" =
+ { device = "rpool/local/root";
+ fsType = "zfs";
+ };
+
+ fileSystems."/boot" =
+ { device = "/dev/disk/by-label/boot";
+ fsType = "vfat";
+ };
+
+ fileSystems."/nix" =
+ { device = "rpool/local/nix";
+ fsType = "zfs";
+ };
+
+ fileSystems."/root" =
+ { device = "rpool/user/home/root";
+ fsType = "zfs";
+ };
+
+ fileSystems."/home/nipsy" =
+ { device = "rpool/user/home/nipsy";
+ fsType = "zfs";
+ };
+
+ swapDevices =
+ [ { device = "/dev/disk/by-label/swap"; }
+ ];
+
+ virtualisation.virtualbox.guest.enable = true;
+}