config-perso/machines/kat-probook/configuration.nix

167 lines
3.3 KiB
Nix
Raw Normal View History

{
pkgs,
nodes,
users,
2024-12-18 13:14:47 +01:00
lib,
sources,
...
}:
2024-12-18 13:14:47 +01:00
let
inherit (lib) mkMerge;
in
{
deployment.allowLocalDeployment = true;
imports = [
./hardware-configuration.nix
users.catvayor
2024-12-06 17:36:37 +01:00
# ./router.nix
];
fileSystems."/tmp" = {
fsType = "tmpfs";
device = "tmpfs";
options = [
"nosuid"
"nodev"
"relatime"
"size=12G"
];
};
boot = {
kernel.sysctl."net.ipv4.ip_forward" = true;
binfmt.emulatedSystems = [ "aarch64-linux" ];
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
2024-12-18 13:14:47 +01:00
nix.settings = mkMerge [
((import sources.dgnum-infra { }).mkCacheSettings {
caches = [ "infra" ];
})
{
trusted-users = [
"root"
"@wheel"
];
}
];
networking.networkmanager = {
enable = true;
unmanaged = [
"enp2s0"
"wg0"
];
};
kat.wireguardPubKey = "zIHvCSzk5a94jvnXU4iscbp9RUGzbWpARDMRgHNtMl4=";
systemd.network = {
wait-online.anyInterface = true;
networks = {
"50-wg0" = {
name = "wg0";
address = [
"10.10.10.13/24"
"10.42.1.1/16"
];
};
"10-enp2s0" = {
name = "enp2s0";
DHCP = "ipv4";
networkConfig.IPv6AcceptRA = "yes";
dhcpV4Config.RouteMetric = 500;
dhcpV6Config.RouteMetric = 500;
ipv6AcceptRAConfig.RouteMetric = 500;
};
};
netdevs."50-wg0" = {
netdevConfig = {
Name = "wg0";
Kind = "wireguard";
};
wireguardConfig.PrivateKeyFile = "/wg/private.key";
wireguardPeers = [
{
AllowedIPs = [
"10.10.10.0/24"
];
PublicKey = "CzUK0RPHsoG9N1NisOG0u7xwyGhTZnjhl7Cus3X76Es=";
Endpoint = "129.199.129.76:1194";
PersistentKeepalive = 25;
}
{
AllowedIPs = [
"10.42.0.0/16"
];
PublicKey = nodes.kat-watcher.config.kat.wireguardPubKey;
Endpoint = "watcher.katvayor.net:1194";
PersistentKeepalive = 25;
}
];
};
};
nixpkgs.config.allowUnfree = true;
security.rtkit.enable = true;
hardware.bluetooth = {
enable = true;
powerOnBoot = false;
};
environment.systemPackages = with pkgs; [ brightnessctl ];
fonts.packages = with pkgs; [
fira-code-nerdfont
font-awesome
];
services = {
pipewire = {
enable = true;
alsa = {
enable = true;
support32Bit = true;
};
pulse.enable = true;
};
syncthing = {
enable = true;
systemService = true;
dataDir = "/home/catvayor";
user = "catvayor";
group = "users";
openDefaultPorts = true;
settings = {
folders."essentials" = {
path = "~/essentials";
id = "vgpwu-fk3ct";
devices = [
"katel"
];
};
devices.katel.id = "DYOKK7J-HZAF5S7-FYTHQF5-UD5GJZ2-4JMV5I5-STUM3HG-5YM2JPR-LATJNAZ";
};
};
};
programs = {
steam.enable = true;
virt-manager.enable = true;
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
};
home-manager.users = {
"root".kat.neovim.lsp = true;
"catvayor".kat.neovim.lsp = true;
};
virtualisation.libvirtd.enable = true;
system.stateVersion = "23.11";
}