~
This commit is contained in:
parent
d300b876f9
commit
3440bc178c
9 changed files with 128 additions and 335 deletions
8
hive.nix
8
hive.nix
|
@ -166,12 +166,17 @@ in
|
|||
perl
|
||||
git
|
||||
];
|
||||
boot.supportedFilesystems = [ "bcachefs" ];
|
||||
programs.zsh.enable = true;
|
||||
services.openssh.enable = true;
|
||||
services.qemuGuest.enable = true;
|
||||
boot.supportedFilesystems = {
|
||||
bcachefs = true;
|
||||
zfs = lib.mkForce false;
|
||||
};
|
||||
boot.kernelParams = [ "console=ttyS0" ];
|
||||
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
|
||||
services.getty.autologinUser = lib.mkForce "root";
|
||||
system.stateVersion = lib.mkForce "24.11";
|
||||
};
|
||||
|
||||
kat-kexec =
|
||||
|
@ -212,5 +217,6 @@ in
|
|||
zfs = lib.mkForce false;
|
||||
};
|
||||
services.getty.autologinUser = lib.mkForce "root";
|
||||
system.stateVersion = lib.mkForce "24.11";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -35,12 +35,19 @@ with lib;
|
|||
'';
|
||||
};
|
||||
};
|
||||
boot.tmp.useTmpfs = true;
|
||||
|
||||
boot = {
|
||||
tmp.useTmpfs = true;
|
||||
supportedFilesystems.bcachefs = mkDefault true;
|
||||
kernelPackages = pkgs.linuxPackages_latest;
|
||||
};
|
||||
|
||||
networking = {
|
||||
useNetworkd = true;
|
||||
nftables.enable = true;
|
||||
};
|
||||
systemd.network.enable = true;
|
||||
|
||||
nix = {
|
||||
nixPath = [
|
||||
"nixpkgs=${builtins.storePath pkgs.path}"
|
||||
|
@ -50,6 +57,27 @@ with lib;
|
|||
settings.nix-path = config.nix.nixPath;
|
||||
package = pkgs.lix;
|
||||
};
|
||||
|
||||
time.timeZone = mkDefault "Europe/Paris";
|
||||
i18n.defaultLocale = "en_US.UTF-8";
|
||||
console = {
|
||||
font = "Lat2-Terminus16";
|
||||
keyMap = mkDefault "fr";
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
tree
|
||||
ranger
|
||||
ripgrep
|
||||
wget
|
||||
git
|
||||
lazygit
|
||||
btop
|
||||
screen
|
||||
nix-search-cli
|
||||
nix-output-monitor
|
||||
];
|
||||
|
||||
services = {
|
||||
resolved.enable = !config.boot.isContainer;
|
||||
openssh.settings = {
|
||||
|
|
|
@ -16,14 +16,13 @@ in
|
|||
./modo.nix
|
||||
];
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
boot.supportedFilesystems = [ "bcachefs" ];
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
|
||||
time.timeZone = "Europe/Paris";
|
||||
boot.loader = {
|
||||
systemd-boot.enable = true;
|
||||
efi.canTouchEfiVariables = true;
|
||||
};
|
||||
|
||||
networking = {
|
||||
useNetworkd = lib.mkForce false;
|
||||
interfaces."enp1s0" = {
|
||||
useDHCP = false;
|
||||
ipv4.addresses = [
|
||||
|
@ -50,34 +49,11 @@ in
|
|||
];
|
||||
};
|
||||
|
||||
i18n.defaultLocale = "en_US.UTF-8";
|
||||
console = {
|
||||
font = "Lat2-Terminus16";
|
||||
keyMap = "fr";
|
||||
services = {
|
||||
openssh.enable = true;
|
||||
netbird.enable = true;
|
||||
};
|
||||
|
||||
services.dbus.packages = with pkgs; [ dconf ];
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
programs.zsh.enable = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
wget
|
||||
nix-search-cli
|
||||
git
|
||||
btop
|
||||
ranger
|
||||
screen
|
||||
];
|
||||
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
};
|
||||
|
||||
services.openssh.enable = true;
|
||||
|
||||
networking.firewall.enable = false;
|
||||
|
||||
security.acme = {
|
||||
|
@ -113,7 +89,5 @@ in
|
|||
certificateScheme = "acme";
|
||||
};
|
||||
|
||||
services.netbird.enable = true;
|
||||
|
||||
system.stateVersion = "23.11";
|
||||
}
|
||||
|
|
|
@ -5,17 +5,22 @@
|
|||
nodes,
|
||||
...
|
||||
}:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
boot.kernel.sysctl."net.ipv4.ip_forward" = true;
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
boot.supportedFilesystems = [ "bcachefs" ];
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
boot = {
|
||||
loader = {
|
||||
systemd-boot.enable = true;
|
||||
efi.canTouchEfiVariables = true;
|
||||
};
|
||||
kernel.sysctl."net.ipv4.ip_forward" = true;
|
||||
kernelModules = [
|
||||
"kvm-intel"
|
||||
"kvm-amd"
|
||||
];
|
||||
};
|
||||
|
||||
kat.wireguardPubKey = "2rMQV5fyBhl7t/0j70iPOfEr/lAWQfLXQKMwtzaXxnM=";
|
||||
systemd.network = {
|
||||
|
@ -61,42 +66,14 @@
|
|||
};
|
||||
};
|
||||
|
||||
time.timeZone = "Europe/Paris";
|
||||
|
||||
i18n.defaultLocale = "en_US.UTF-8";
|
||||
console = {
|
||||
font = "Lat2-Terminus16";
|
||||
keyMap = "fr";
|
||||
};
|
||||
services.dbus.packages = with pkgs; [ dconf ];
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
programs.zsh.enable = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
wget
|
||||
brightnessctl
|
||||
nix-search-cli
|
||||
git
|
||||
btop
|
||||
ranger
|
||||
dnsmasq
|
||||
screen
|
||||
tcpdump
|
||||
];
|
||||
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
};
|
||||
|
||||
services.openssh.enable = true;
|
||||
services.netbird.enable = true;
|
||||
|
||||
boot.kernelModules = [
|
||||
"kvm-intel"
|
||||
"kvm-amd"
|
||||
];
|
||||
programs.virt-manager.enable = true;
|
||||
virtualisation.libvirtd.enable = true;
|
||||
|
||||
|
|
|
@ -1,5 +1,3 @@
|
|||
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
|
||||
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
|
@ -13,14 +11,13 @@
|
|||
./disks.nix
|
||||
];
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
boot.supportedFilesystems = [ "bcachefs" ];
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
|
||||
time.timeZone = "Europe/Paris";
|
||||
boot.loader = {
|
||||
systemd-boot.enable = true;
|
||||
efi.canTouchEfiVariables = true;
|
||||
};
|
||||
|
||||
networking = {
|
||||
useNetworkd = lib.mkForce false;
|
||||
interfaces."enp1s0" = {
|
||||
useDHCP = false;
|
||||
ipv4.addresses = [
|
||||
|
@ -47,31 +44,8 @@
|
|||
];
|
||||
};
|
||||
|
||||
i18n.defaultLocale = "en_US.UTF-8";
|
||||
console = {
|
||||
font = "Lat2-Terminus16";
|
||||
keyMap = "fr";
|
||||
};
|
||||
|
||||
services.dbus.packages = with pkgs; [ dconf ];
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
wget
|
||||
nix-search-cli
|
||||
git
|
||||
btop
|
||||
ranger
|
||||
screen
|
||||
tree
|
||||
];
|
||||
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
};
|
||||
|
||||
services.openssh.enable = true;
|
||||
|
||||
networking.firewall.enable = false;
|
||||
|
|
|
@ -13,86 +13,65 @@
|
|||
# ./router.nix
|
||||
];
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
boot.supportedFilesystems = [ "bcachefs" ];
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
boot.loader = {
|
||||
systemd-boot.enable = true;
|
||||
efi.canTouchEfiVariables = true;
|
||||
};
|
||||
|
||||
networking.networkmanager.enable = true;
|
||||
networking.nftables.enable = true;
|
||||
time.timeZone = "Europe/Paris";
|
||||
|
||||
i18n.defaultLocale = "en_US.UTF-8";
|
||||
console = {
|
||||
font = "Lat2-Terminus16";
|
||||
keyMap = "fr";
|
||||
};
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
security.rtkit.enable = true;
|
||||
services.pipewire = {
|
||||
hardware.bluetooth = {
|
||||
enable = true;
|
||||
alsa.enable = true;
|
||||
alsa.support32Bit = true;
|
||||
pulse.enable = true;
|
||||
};
|
||||
hardware = {
|
||||
bluetooth = {
|
||||
enable = true;
|
||||
powerOnBoot = false;
|
||||
};
|
||||
powerOnBoot = false;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
wget
|
||||
brightnessctl
|
||||
nix-search-cli
|
||||
git
|
||||
btop
|
||||
ranger
|
||||
tree
|
||||
lazygit
|
||||
nix-output-monitor
|
||||
ripgrep
|
||||
];
|
||||
environment.systemPackages = with pkgs; [ brightnessctl ];
|
||||
fonts.packages = with pkgs; [
|
||||
fira-code-nerdfont
|
||||
font-awesome
|
||||
];
|
||||
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
services = {
|
||||
pipewire = {
|
||||
enable = true;
|
||||
alsa = {
|
||||
enable = true;
|
||||
support32Bit = true;
|
||||
};
|
||||
pulse.enable = true;
|
||||
};
|
||||
syncthing = {
|
||||
enable = true;
|
||||
systemService = true;
|
||||
dataDir = "/home/catvayor";
|
||||
user = "catvayor";
|
||||
group = "users";
|
||||
openDefaultPorts = true;
|
||||
settings = {
|
||||
folders."essentials" = {
|
||||
path = "~/essentials";
|
||||
id = "vgpwu-fk3ct";
|
||||
devices = [
|
||||
"katel"
|
||||
];
|
||||
};
|
||||
devices.katel.id = "DYOKK7J-HZAF5S7-FYTHQF5-UD5GJZ2-4JMV5I5-STUM3HG-5YM2JPR-LATJNAZ";
|
||||
};
|
||||
};
|
||||
netbird.enable = true;
|
||||
};
|
||||
|
||||
services.syncthing = {
|
||||
enable = true;
|
||||
systemService = true;
|
||||
dataDir = "/home/catvayor";
|
||||
user = "catvayor";
|
||||
group = "users";
|
||||
openDefaultPorts = true;
|
||||
settings = {
|
||||
folders."essentials" = {
|
||||
path = "~/essentials";
|
||||
id = "vgpwu-fk3ct";
|
||||
devices = [
|
||||
"katest"
|
||||
"katel"
|
||||
];
|
||||
};
|
||||
devices.katest.id = "UPVXT7D-ZQF4E3J-4WKLLRV-2KF7323-7VOMEJJ-4PZVXW4-UQ2YABE-G7ID4AD";
|
||||
devices.katel.id = "DYOKK7J-HZAF5S7-FYTHQF5-UD5GJZ2-4JMV5I5-STUM3HG-5YM2JPR-LATJNAZ";
|
||||
programs = {
|
||||
steam.enable = true;
|
||||
virt-manager.enable = true;
|
||||
gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
};
|
||||
};
|
||||
services.netbird.enable = true;
|
||||
|
||||
programs.steam.enable = true;
|
||||
|
||||
# boot.kernelModules = [ "kvm-intel" "kvm-amd" ];
|
||||
programs.virt-manager.enable = true;
|
||||
# virtualisation.libvirtd.enable = true;
|
||||
|
||||
system.stateVersion = "23.11";
|
||||
}
|
||||
|
|
|
@ -1,5 +1,3 @@
|
|||
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
|
||||
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
|
@ -12,14 +10,13 @@
|
|||
./disks.nix
|
||||
];
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
boot.supportedFilesystems = [ "bcachefs" ];
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
|
||||
time.timeZone = "Europe/Paris";
|
||||
boot.loader = {
|
||||
systemd-boot.enable = true;
|
||||
efi.canTouchEfiVariables = true;
|
||||
};
|
||||
|
||||
networking = {
|
||||
useNetworkd = lib.mkForce false;
|
||||
interfaces."enp1s0" = {
|
||||
useDHCP = false;
|
||||
ipv4.addresses = [
|
||||
|
@ -46,35 +43,6 @@
|
|||
];
|
||||
};
|
||||
|
||||
i18n.defaultLocale = "en_US.UTF-8";
|
||||
console = {
|
||||
font = "Lat2-Terminus16";
|
||||
keyMap = "fr";
|
||||
};
|
||||
|
||||
services.dbus.packages = with pkgs; [ dconf ];
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
programs.zsh.enable = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
wget
|
||||
nix-search-cli
|
||||
git
|
||||
btop
|
||||
ranger
|
||||
screen
|
||||
];
|
||||
|
||||
# Some programs need SUID wrappers, can be configured further or are
|
||||
# started in user sessions.
|
||||
# programs.mtr.enable = true;
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
};
|
||||
|
||||
services.openssh.enable = true;
|
||||
|
||||
networking.firewall.enable = false;
|
||||
|
@ -93,5 +61,5 @@
|
|||
};
|
||||
};
|
||||
|
||||
system.stateVersion = "23.11"; # Did you read the comment?
|
||||
system.stateVersion = "23.11";
|
||||
}
|
||||
|
|
|
@ -4,18 +4,16 @@
|
|||
pkgs,
|
||||
...
|
||||
}:
|
||||
|
||||
{
|
||||
imports = [ ./hardware-configuration.nix ];
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
boot.supportedFilesystems = [ "bcachefs" ];
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
|
||||
time.timeZone = "Europe/Paris";
|
||||
boot.loader = {
|
||||
systemd-boot.enable = true;
|
||||
efi.canTouchEfiVariables = true;
|
||||
};
|
||||
|
||||
networking = {
|
||||
useNetworkd = lib.mkForce false;
|
||||
interfaces."enp1s0" = {
|
||||
useDHCP = false;
|
||||
ipv4.addresses = [
|
||||
|
@ -42,59 +40,6 @@
|
|||
];
|
||||
};
|
||||
|
||||
# Configure network proxy if necessary
|
||||
# networking.proxy.default = "http://user:password@proxy:port/";
|
||||
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
|
||||
|
||||
# Select internationalisation properties.
|
||||
i18n.defaultLocale = "en_US.UTF-8";
|
||||
console = {
|
||||
font = "Lat2-Terminus16";
|
||||
keyMap = "fr";
|
||||
};
|
||||
|
||||
# Enable the X11 windowing system.
|
||||
# services.xserver.enable = true;
|
||||
|
||||
# security.polkit.enable = true;
|
||||
# programs.light.enable = true;
|
||||
services.dbus.packages = with pkgs; [ dconf ];
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
# Configure keymap in X11
|
||||
# services.xserver.xkb.layout = "us";
|
||||
# services.xserver.xkb.options = "eurosign:e,caps:escape";
|
||||
|
||||
# Enable CUPS to print documents.
|
||||
# services.printing.enable = true;
|
||||
|
||||
# Enable touchpad support (enabled default in most desktopManager).
|
||||
# services.xserver.libinput.enable = true;
|
||||
|
||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||
programs.zsh.enable = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
wget
|
||||
nix-search-cli
|
||||
git
|
||||
btop
|
||||
ranger
|
||||
screen
|
||||
];
|
||||
|
||||
# Some programs need SUID wrappers, can be configured further or are
|
||||
# started in user sessions.
|
||||
# programs.mtr.enable = true;
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
};
|
||||
|
||||
# List services that you want to enable:
|
||||
|
||||
# Enable the OpenSSH daemon.
|
||||
services.openssh.enable = true;
|
||||
|
||||
security.acme = {
|
||||
|
@ -113,32 +58,7 @@
|
|||
};
|
||||
};
|
||||
|
||||
# Open ports in the firewall.
|
||||
# networking.firewall.allowedTCPPorts = [ ... ];
|
||||
# networking.firewall.allowedUDPPorts = [ ... ];
|
||||
# Or disable the firewall altogether.
|
||||
networking.firewall.enable = false;
|
||||
|
||||
# Copy the NixOS configuration file and link it from the resulting system
|
||||
# (/run/current-system/configuration.nix). This is useful in case you
|
||||
# accidentally delete configuration.nix.
|
||||
# system.copySystemConfiguration = true;
|
||||
|
||||
# This option defines the first version of NixOS you have installed on this particular machine,
|
||||
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
|
||||
#
|
||||
# Most users should NEVER change this value after the initial install, for any reason,
|
||||
# even if you've upgraded your system to a new NixOS release.
|
||||
#
|
||||
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
|
||||
# so changing it will NOT upgrade your system.
|
||||
#
|
||||
# This value being lower than the current NixOS release does NOT mean your system is
|
||||
# out of date, out of support, or vulnerable.
|
||||
#
|
||||
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
|
||||
# and migrated your data accordingly.
|
||||
#
|
||||
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
|
||||
system.stateVersion = "23.11"; # Did you read the comment?
|
||||
system.stateVersion = "23.11";
|
||||
}
|
||||
|
|
|
@ -11,23 +11,18 @@
|
|||
./disks.nix
|
||||
];
|
||||
|
||||
boot = {
|
||||
loader.grub = {
|
||||
enable = true;
|
||||
efiSupport = true;
|
||||
efiInstallAsRemovable = true;
|
||||
};
|
||||
supportedFilesystems = [ "bcachefs" ];
|
||||
kernelPackages = pkgs.linuxPackages_latest;
|
||||
boot.loader.grub = {
|
||||
enable = true;
|
||||
efiSupport = true;
|
||||
efiInstallAsRemovable = true;
|
||||
};
|
||||
|
||||
time.timeZone = "Europe/Paris";
|
||||
kat.wireguardPubKey = "BgLBrWG7DRj2Gwoyj+vHZTjiB3gPEnwVcDFEQH/BYgg=";
|
||||
|
||||
networking = {
|
||||
useNetworkd = true;
|
||||
useDHCP = false;
|
||||
firewall.allowedUDPPorts = [ 1194 ];
|
||||
};
|
||||
kat.wireguardPubKey = "BgLBrWG7DRj2Gwoyj+vHZTjiB3gPEnwVcDFEQH/BYgg=";
|
||||
systemd.network = {
|
||||
enable = true;
|
||||
networks = {
|
||||
|
@ -77,22 +72,16 @@
|
|||
|
||||
wireguardPeers = [
|
||||
{
|
||||
AllowedIPs = [
|
||||
"10.42.0.1/32"
|
||||
];
|
||||
PublicKey = nodes.kat-manah.config.kat.wireguardPubKey;
|
||||
AllowedIPs = [
|
||||
"10.42.0.1/32"
|
||||
];
|
||||
PublicKey = nodes.kat-manah.config.kat.wireguardPubKey;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
i18n.defaultLocale = "en_US.UTF-8";
|
||||
console = {
|
||||
font = "Lat2-Terminus16";
|
||||
keyMap = "fr";
|
||||
};
|
||||
|
||||
security.acme = {
|
||||
acceptTerms = true;
|
||||
defaults.email = "root@katvayor.net";
|
||||
|
@ -105,33 +94,11 @@
|
|||
'';
|
||||
};
|
||||
|
||||
services.dbus.packages = with pkgs; [ dconf ];
|
||||
environment.systemPackages = with pkgs; [ tcpdump ];
|
||||
|
||||
programs.zsh.enable = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
wget
|
||||
nix-search-cli
|
||||
git
|
||||
btop
|
||||
ranger
|
||||
screen
|
||||
];
|
||||
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
};
|
||||
|
||||
services.openssh.enable = true;
|
||||
|
||||
services.netbird.enable = true;
|
||||
networking = {
|
||||
nftables.enable = true;
|
||||
firewall = {
|
||||
allowedTCPPorts = [ 22 ];
|
||||
allowedUDPPorts = [ 1194 ];
|
||||
};
|
||||
services = {
|
||||
openssh.enable = true;
|
||||
netbird.enable = true;
|
||||
};
|
||||
|
||||
system.stateVersion = "23.11";
|
||||
|
|
Loading…
Reference in a new issue