config-perso/machines/kat-probook/default.nix

155 lines
3.1 KiB
Nix
Raw Normal View History

2024-05-14 19:21:19 +02:00
{
pkgs,
2024-10-13 12:55:30 +02:00
nodes,
users,
2024-05-14 19:21:19 +02:00
...
}:
2024-02-19 17:15:40 +01:00
{
deployment.allowLocalDeployment = true;
2024-05-14 19:21:19 +02:00
imports = [
./hardware-configuration.nix
users.catvayor
2024-11-28 15:44:53 +01:00
./router.nix
2024-05-14 19:21:19 +02:00
];
2024-02-19 17:15:40 +01:00
2024-10-13 12:55:30 +02:00
fileSystems."/tmp" = {
fsType = "tmpfs";
device = "tmpfs";
options = [
"nosuid"
"nodev"
"relatime"
"size=12G"
];
};
2024-11-08 08:26:07 +01:00
boot = {
kernel.sysctl."net.ipv4.ip_forward" = true;
binfmt.emulatedSystems = [ "aarch64-linux" ];
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
2024-10-03 17:42:38 +02:00
};
2024-02-19 17:15:40 +01:00
nix.settings.trusted-users = [
"root"
"@wheel"
];
2024-10-24 21:59:12 +02:00
networking.networkmanager = {
enable = true;
unmanaged = [
"enp2s0"
"wg0"
];
2024-10-03 23:57:58 +02:00
};
2024-10-13 12:55:30 +02:00
kat.wireguardPubKey = "zIHvCSzk5a94jvnXU4iscbp9RUGzbWpARDMRgHNtMl4=";
systemd.network = {
wait-online.anyInterface = true;
2024-10-24 21:59:12 +02:00
networks = {
"50-wg0" = {
name = "wg0";
address = [
"10.10.10.13/24"
"10.42.1.1/16"
];
};
"10-enp2s0" = {
name = "enp2s0";
DHCP = "ipv4";
networkConfig.IPv6AcceptRA = "yes";
dhcpV4Config.RouteMetric = 500;
dhcpV6Config.RouteMetric = 500;
ipv6AcceptRAConfig.RouteMetric = 500;
};
2024-10-13 12:55:30 +02:00
};
netdevs."50-wg0" = {
netdevConfig = {
Name = "wg0";
Kind = "wireguard";
};
wireguardConfig.PrivateKeyFile = "/wg/private.key";
wireguardPeers = [
{
AllowedIPs = [
"10.10.10.0/24"
];
PublicKey = "CzUK0RPHsoG9N1NisOG0u7xwyGhTZnjhl7Cus3X76Es=";
Endpoint = "129.199.129.76:1194";
PersistentKeepalive = 25;
}
{
AllowedIPs = [
"10.42.0.0/16"
];
PublicKey = nodes.kat-watcher.config.kat.wireguardPubKey;
Endpoint = "watcher.katvayor.net:1194";
PersistentKeepalive = 25;
}
];
};
};
2024-02-19 17:15:40 +01:00
nixpkgs.config.allowUnfree = true;
2024-05-31 23:34:05 +02:00
2024-08-22 17:13:14 +02:00
security.rtkit.enable = true;
2024-10-03 17:42:38 +02:00
hardware.bluetooth = {
2024-08-22 17:13:14 +02:00
enable = true;
2024-10-03 17:42:38 +02:00
powerOnBoot = false;
2024-02-19 17:15:40 +01:00
};
2024-10-03 17:42:38 +02:00
environment.systemPackages = with pkgs; [ brightnessctl ];
2024-02-26 15:22:46 +01:00
fonts.packages = with pkgs; [
fira-code-nerdfont
font-awesome
];
2024-02-19 17:15:40 +01:00
2024-10-03 17:42:38 +02:00
services = {
pipewire = {
enable = true;
alsa = {
enable = true;
support32Bit = true;
};
pulse.enable = true;
};
syncthing = {
enable = true;
systemService = true;
dataDir = "/home/catvayor";
user = "catvayor";
group = "users";
openDefaultPorts = true;
settings = {
folders."essentials" = {
path = "~/essentials";
id = "vgpwu-fk3ct";
devices = [
"katel"
];
};
devices.katel.id = "DYOKK7J-HZAF5S7-FYTHQF5-UD5GJZ2-4JMV5I5-STUM3HG-5YM2JPR-LATJNAZ";
2024-02-19 17:15:40 +01:00
};
};
};
2024-10-03 17:42:38 +02:00
programs = {
steam.enable = true;
virt-manager.enable = true;
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
};
2024-02-19 17:15:40 +01:00
2024-11-08 08:26:07 +01:00
home-manager.users = {
"root".kat.neovim.lsp = true;
"catvayor".kat.neovim.lsp = true;
};
virtualisation.libvirtd.enable = true;
2024-05-14 13:48:01 +02:00
system.stateVersion = "23.11";
2024-02-19 17:15:40 +01:00
}