This commit is contained in:
catvayor 2024-10-03 17:42:38 +02:00
parent d300b876f9
commit 3440bc178c
Signed by: lbailly
GPG key ID: CE3E645251AC63F3
9 changed files with 128 additions and 335 deletions

View file

@ -166,12 +166,17 @@ in
perl
git
];
boot.supportedFilesystems = [ "bcachefs" ];
programs.zsh.enable = true;
services.openssh.enable = true;
services.qemuGuest.enable = true;
boot.supportedFilesystems = {
bcachefs = true;
zfs = lib.mkForce false;
};
boot.kernelParams = [ "console=ttyS0" ];
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
services.getty.autologinUser = lib.mkForce "root";
system.stateVersion = lib.mkForce "24.11";
};
kat-kexec =
@ -212,5 +217,6 @@ in
zfs = lib.mkForce false;
};
services.getty.autologinUser = lib.mkForce "root";
system.stateVersion = lib.mkForce "24.11";
};
}

View file

@ -35,12 +35,19 @@ with lib;
'';
};
};
boot.tmp.useTmpfs = true;
boot = {
tmp.useTmpfs = true;
supportedFilesystems.bcachefs = mkDefault true;
kernelPackages = pkgs.linuxPackages_latest;
};
networking = {
useNetworkd = true;
nftables.enable = true;
};
systemd.network.enable = true;
nix = {
nixPath = [
"nixpkgs=${builtins.storePath pkgs.path}"
@ -50,6 +57,27 @@ with lib;
settings.nix-path = config.nix.nixPath;
package = pkgs.lix;
};
time.timeZone = mkDefault "Europe/Paris";
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = mkDefault "fr";
};
environment.systemPackages = with pkgs; [
tree
ranger
ripgrep
wget
git
lazygit
btop
screen
nix-search-cli
nix-output-monitor
];
services = {
resolved.enable = !config.boot.isContainer;
openssh.settings = {

View file

@ -16,14 +16,13 @@ in
./modo.nix
];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.supportedFilesystems = [ "bcachefs" ];
boot.kernelPackages = pkgs.linuxPackages_latest;
time.timeZone = "Europe/Paris";
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
networking = {
useNetworkd = lib.mkForce false;
interfaces."enp1s0" = {
useDHCP = false;
ipv4.addresses = [
@ -50,34 +49,11 @@ in
];
};
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "fr";
services = {
openssh.enable = true;
netbird.enable = true;
};
services.dbus.packages = with pkgs; [ dconf ];
nixpkgs.config.allowUnfree = true;
programs.zsh.enable = true;
environment.systemPackages = with pkgs; [
wget
nix-search-cli
git
btop
ranger
screen
];
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
services.openssh.enable = true;
networking.firewall.enable = false;
security.acme = {
@ -113,7 +89,5 @@ in
certificateScheme = "acme";
};
services.netbird.enable = true;
system.stateVersion = "23.11";
}

View file

@ -5,17 +5,22 @@
nodes,
...
}:
{
imports = [
./hardware-configuration.nix
];
boot.kernel.sysctl."net.ipv4.ip_forward" = true;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.supportedFilesystems = [ "bcachefs" ];
boot.kernelPackages = pkgs.linuxPackages_latest;
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
kernel.sysctl."net.ipv4.ip_forward" = true;
kernelModules = [
"kvm-intel"
"kvm-amd"
];
};
kat.wireguardPubKey = "2rMQV5fyBhl7t/0j70iPOfEr/lAWQfLXQKMwtzaXxnM=";
systemd.network = {
@ -61,42 +66,14 @@
};
};
time.timeZone = "Europe/Paris";
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "fr";
};
services.dbus.packages = with pkgs; [ dconf ];
nixpkgs.config.allowUnfree = true;
programs.zsh.enable = true;
environment.systemPackages = with pkgs; [
wget
brightnessctl
nix-search-cli
git
btop
ranger
dnsmasq
screen
tcpdump
];
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
services.openssh.enable = true;
services.netbird.enable = true;
boot.kernelModules = [
"kvm-intel"
"kvm-amd"
];
programs.virt-manager.enable = true;
virtualisation.libvirtd.enable = true;

View file

@ -1,5 +1,3 @@
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{
config,
lib,
@ -13,14 +11,13 @@
./disks.nix
];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.supportedFilesystems = [ "bcachefs" ];
boot.kernelPackages = pkgs.linuxPackages_latest;
time.timeZone = "Europe/Paris";
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
networking = {
useNetworkd = lib.mkForce false;
interfaces."enp1s0" = {
useDHCP = false;
ipv4.addresses = [
@ -47,31 +44,8 @@
];
};
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "fr";
};
services.dbus.packages = with pkgs; [ dconf ];
nixpkgs.config.allowUnfree = true;
environment.systemPackages = with pkgs; [
wget
nix-search-cli
git
btop
ranger
screen
tree
];
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
services.openssh.enable = true;
networking.firewall.enable = false;

View file

@ -13,86 +13,65 @@
# ./router.nix
];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.supportedFilesystems = [ "bcachefs" ];
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
networking.networkmanager.enable = true;
networking.nftables.enable = true;
time.timeZone = "Europe/Paris";
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "fr";
};
nixpkgs.config.allowUnfree = true;
security.rtkit.enable = true;
services.pipewire = {
hardware.bluetooth = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
hardware = {
bluetooth = {
enable = true;
powerOnBoot = false;
};
powerOnBoot = false;
};
environment.systemPackages = with pkgs; [
wget
brightnessctl
nix-search-cli
git
btop
ranger
tree
lazygit
nix-output-monitor
ripgrep
];
environment.systemPackages = with pkgs; [ brightnessctl ];
fonts.packages = with pkgs; [
fira-code-nerdfont
font-awesome
];
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
services = {
pipewire = {
enable = true;
alsa = {
enable = true;
support32Bit = true;
};
pulse.enable = true;
};
syncthing = {
enable = true;
systemService = true;
dataDir = "/home/catvayor";
user = "catvayor";
group = "users";
openDefaultPorts = true;
settings = {
folders."essentials" = {
path = "~/essentials";
id = "vgpwu-fk3ct";
devices = [
"katel"
];
};
devices.katel.id = "DYOKK7J-HZAF5S7-FYTHQF5-UD5GJZ2-4JMV5I5-STUM3HG-5YM2JPR-LATJNAZ";
};
};
netbird.enable = true;
};
services.syncthing = {
enable = true;
systemService = true;
dataDir = "/home/catvayor";
user = "catvayor";
group = "users";
openDefaultPorts = true;
settings = {
folders."essentials" = {
path = "~/essentials";
id = "vgpwu-fk3ct";
devices = [
"katest"
"katel"
];
};
devices.katest.id = "UPVXT7D-ZQF4E3J-4WKLLRV-2KF7323-7VOMEJJ-4PZVXW4-UQ2YABE-G7ID4AD";
devices.katel.id = "DYOKK7J-HZAF5S7-FYTHQF5-UD5GJZ2-4JMV5I5-STUM3HG-5YM2JPR-LATJNAZ";
programs = {
steam.enable = true;
virt-manager.enable = true;
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
};
services.netbird.enable = true;
programs.steam.enable = true;
# boot.kernelModules = [ "kvm-intel" "kvm-amd" ];
programs.virt-manager.enable = true;
# virtualisation.libvirtd.enable = true;
system.stateVersion = "23.11";
}

View file

@ -1,5 +1,3 @@
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{
config,
lib,
@ -12,14 +10,13 @@
./disks.nix
];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.supportedFilesystems = [ "bcachefs" ];
boot.kernelPackages = pkgs.linuxPackages_latest;
time.timeZone = "Europe/Paris";
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
networking = {
useNetworkd = lib.mkForce false;
interfaces."enp1s0" = {
useDHCP = false;
ipv4.addresses = [
@ -46,35 +43,6 @@
];
};
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "fr";
};
services.dbus.packages = with pkgs; [ dconf ];
nixpkgs.config.allowUnfree = true;
programs.zsh.enable = true;
environment.systemPackages = with pkgs; [
wget
nix-search-cli
git
btop
ranger
screen
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
services.openssh.enable = true;
networking.firewall.enable = false;
@ -93,5 +61,5 @@
};
};
system.stateVersion = "23.11"; # Did you read the comment?
system.stateVersion = "23.11";
}

View file

@ -4,18 +4,16 @@
pkgs,
...
}:
{
imports = [ ./hardware-configuration.nix ];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.supportedFilesystems = [ "bcachefs" ];
boot.kernelPackages = pkgs.linuxPackages_latest;
time.timeZone = "Europe/Paris";
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
networking = {
useNetworkd = lib.mkForce false;
interfaces."enp1s0" = {
useDHCP = false;
ipv4.addresses = [
@ -42,59 +40,6 @@
];
};
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "fr";
};
# Enable the X11 windowing system.
# services.xserver.enable = true;
# security.polkit.enable = true;
# programs.light.enable = true;
services.dbus.packages = with pkgs; [ dconf ];
nixpkgs.config.allowUnfree = true;
# Configure keymap in X11
# services.xserver.xkb.layout = "us";
# services.xserver.xkb.options = "eurosign:e,caps:escape";
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
programs.zsh.enable = true;
environment.systemPackages = with pkgs; [
wget
nix-search-cli
git
btop
ranger
screen
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = true;
security.acme = {
@ -113,32 +58,7 @@
};
};
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "23.11"; # Did you read the comment?
system.stateVersion = "23.11";
}

View file

@ -11,23 +11,18 @@
./disks.nix
];
boot = {
loader.grub = {
enable = true;
efiSupport = true;
efiInstallAsRemovable = true;
};
supportedFilesystems = [ "bcachefs" ];
kernelPackages = pkgs.linuxPackages_latest;
boot.loader.grub = {
enable = true;
efiSupport = true;
efiInstallAsRemovable = true;
};
time.timeZone = "Europe/Paris";
kat.wireguardPubKey = "BgLBrWG7DRj2Gwoyj+vHZTjiB3gPEnwVcDFEQH/BYgg=";
networking = {
useNetworkd = true;
useDHCP = false;
firewall.allowedUDPPorts = [ 1194 ];
};
kat.wireguardPubKey = "BgLBrWG7DRj2Gwoyj+vHZTjiB3gPEnwVcDFEQH/BYgg=";
systemd.network = {
enable = true;
networks = {
@ -77,22 +72,16 @@
wireguardPeers = [
{
AllowedIPs = [
"10.42.0.1/32"
];
PublicKey = nodes.kat-manah.config.kat.wireguardPubKey;
AllowedIPs = [
"10.42.0.1/32"
];
PublicKey = nodes.kat-manah.config.kat.wireguardPubKey;
}
];
};
};
};
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "fr";
};
security.acme = {
acceptTerms = true;
defaults.email = "root@katvayor.net";
@ -105,33 +94,11 @@
'';
};
services.dbus.packages = with pkgs; [ dconf ];
environment.systemPackages = with pkgs; [ tcpdump ];
programs.zsh.enable = true;
environment.systemPackages = with pkgs; [
wget
nix-search-cli
git
btop
ranger
screen
];
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
services.openssh.enable = true;
services.netbird.enable = true;
networking = {
nftables.enable = true;
firewall = {
allowedTCPPorts = [ 22 ];
allowedUDPPorts = [ 1194 ];
};
services = {
openssh.enable = true;
netbird.enable = true;
};
system.stateVersion = "23.11";