zuckerberg/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Activity

Compare commits

base: zuckerberg:pia-client
Branches Tags
zuckerberg:master zuckerberg:stage zuckerberg:rpi-hotspot zuckerberg:attic zuckerberg:kexec_luks2 zuckerberg:pia-client
...
compare: zuckerberg:abddc5a680ad1b46c3caf19eaec8f5dd42db78fb
Branches Tags
zuckerberg:master zuckerberg:stage zuckerberg:rpi-hotspot zuckerberg:attic zuckerberg:kexec_luks2 zuckerberg:pia-client

7 Commits
pia-client ... abddc5a680

Author SHA1 Message Date
Zuckerberg
abddc5a680 Razer keyboard 2023-02-11 00:32:36 -07:00
Zuckerberg
577dc4faaa Add initial configuration for APU2E4 router 2023-02-10 20:51:10 -07:00
Zuckerberg
a8b0385c6d more ephemeral options 2023-02-08 22:27:54 -07:00
Zuckerberg
fc85627bd6 use unstable for ephemeral os config 2023-02-08 22:26:04 -07:00
Zuckerberg
f9cadba3eb improve ephemeral os config 2023-02-08 22:25:09 -07:00
Zuckerberg
c192c2d52f enable spotify 2023-02-08 18:48:08 -07:00
Zuckerberg
04c7a9ea51 Update tz 2023-02-08 18:47:58 -07:00
6 changed files with 94 additions and 6 deletions
Expand all files Collapse all files

2
common/default.nix
View File

@@ -20,7 +20,7 @@
networking.firewall.enable = true; networking.firewall.enable = true;
networking.firewall.allowPing = true; networking.firewall.allowPing = true;
time.timeZone = "America/New_York"; time.timeZone = "America/Denver";
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
services.openssh.enable = true; services.openssh.enable = true;

5
flake.nix
View File

@@ -73,6 +73,7 @@
"nat" = mkSystem "aarch64-linux" nixpkgs ./machines/nat/configuration.nix; "nat" = mkSystem "aarch64-linux" nixpkgs ./machines/nat/configuration.nix;
"liza" = mkSystem "x86_64-linux" nixpkgs ./machines/liza/configuration.nix; "liza" = mkSystem "x86_64-linux" nixpkgs ./machines/liza/configuration.nix;
"ponyo" = mkSystem "x86_64-linux" nixpkgs ./machines/ponyo/configuration.nix; "ponyo" = mkSystem "x86_64-linux" nixpkgs ./machines/ponyo/configuration.nix;
"router" = mkSystem "x86_64-linux" nixpkgs-unstable ./machines/router/configuration.nix;
"s0" = mkSystem "aarch64-linux" nixpkgs-unstable ./machines/storage/s0/configuration.nix; "s0" = mkSystem "aarch64-linux" nixpkgs-unstable ./machines/storage/s0/configuration.nix;
"n1" = mkSystem "aarch64-linux" nixpkgs ./machines/compute/n1/configuration.nix; "n1" = mkSystem "aarch64-linux" nixpkgs ./machines/compute/n1/configuration.nix;
"n2" = mkSystem "aarch64-linux" nixpkgs ./machines/compute/n2/configuration.nix; "n2" = mkSystem "aarch64-linux" nixpkgs ./machines/compute/n2/configuration.nix;
@@ -85,12 +86,12 @@
packages = let packages = let
mkKexec = system: mkKexec = system:
(nixpkgs.lib.nixosSystem { (nixpkgs-unstable.lib.nixosSystem {
inherit system; inherit system;
modules = [ ./machines/ephemeral/kexec.nix ]; modules = [ ./machines/ephemeral/kexec.nix ];
}).config.system.build.kexec_tarball; }).config.system.build.kexec_tarball;
mkIso = system: mkIso = system:
(nixpkgs.lib.nixosSystem { (nixpkgs-unstable.lib.nixosSystem {
inherit system; inherit system;
modules = [ ./machines/ephemeral/iso.nix ]; modules = [ ./machines/ephemeral/iso.nix ];
}).config.system.build.isoImage; }).config.system.build.isoImage;

23
machines/ephemeral/minimal.nix
View File

@@ -1,18 +1,35 @@
{ pkgs, ... }: { pkgs, modulesPath, ... }:
{ {
imports = [
(modulesPath + "/installer/cd-dvd/channel.nix")
];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "e1000" "e1000e" "virtio_pci" "r8169" ]; boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "e1000" "e1000e" "virtio_pci" "r8169" ];
boot.kernelParams = [ boot.kernelParams = [
"panic=30" "boot.panic_on_fail" # reboot the machine upon fatal boot issues "panic=30" "boot.panic_on_fail" # reboot the machine upon fatal boot issues
"console=ttyS0" # enable serial console "console=ttyS0,115200" # enable serial console
"console=tty1" "console=tty1"
]; ];
boot.kernel.sysctl."vm.overcommit_memory" = "1"; boot.kernel.sysctl."vm.overcommit_memory" = "1";
boot.kernelPackages = pkgs.linuxPackages_latest;
# hardware.enableAllFirmware = true;
# nixpkgs.config.allowUnfree = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
cryptsetup cryptsetup
btrfs-progs btrfs-progs
git git-lfs
wget
htop
dnsutils
pciutils
usbutils
lm_sensors
]; ];
environment.variables.GC_INITIAL_HEAP_SIZE = "1M"; environment.variables.GC_INITIAL_HEAP_SIZE = "1M";
networking.useDHCP = true; networking.useDHCP = true;
@@ -24,5 +41,5 @@
}; };
services.getty.autologinUser = "root"; services.getty.autologinUser = "root";
users.users.root.openssh.authorizedKeys.keys = (import ../common/ssh.nix).users; users.users.root.openssh.authorizedKeys.keys = (import ../../common/ssh.nix).users;
} }

6
machines/ray/configuration.nix
View File

@@ -19,6 +19,10 @@
hardware.enableAllFirmware = true; hardware.enableAllFirmware = true;
hardware.openrazer.enable = true;
hardware.openrazer.users = [ "googlebot" ];
users.users.googlebot.packages = [ pkgs.polychromatic ];
# depthai # depthai
services.udev.extraRules = '' services.udev.extraRules = ''
SUBSYSTEM=="usb", ATTRS{idVendor}=="03e7", MODE="0666" SUBSYSTEM=="usb", ATTRS{idVendor}=="03e7", MODE="0666"
@@ -43,6 +47,8 @@
environment.systemPackages = with pkgs; [ virt-manager ]; environment.systemPackages = with pkgs; [ virt-manager ];
users.users.googlebot.extraGroups = [ "libvirtd" ]; users.users.googlebot.extraGroups = [ "libvirtd" ];
services.spotifyd.enable = true;
# vpn-container.enable = true; # vpn-container.enable = true;
# containers.vpn.interfaces = [ "piaw" ]; # containers.vpn.interfaces = [ "piaw" ];

17
machines/router/configuration.nix Normal file
View File

@@ -0,0 +1,17 @@
{ config, lib, pkgs, ... }:
{
imports = [
./hardware-configuration.nix
];
# jxx2exuihlls2t6ncs7rvrjh2dssubjmjtclwr2ysvxtr4t7jv55xmqd.onion
networking.hostName = "router";
services.zerotierone.enable = true;
system.autoUpgrade.enable = true;
networking.useDHCP = lib.mkForce true;
}

47
machines/router/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,47 @@
{ config, pkgs, ... }:
{
# kernel
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.initrd.availableKernelModules = [ "igb" "mt7915e" "xhci_pci" "ahci" "ehci_pci" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
# Enable serial output
boot.kernelParams = [
"panic=30" "boot.panic_on_fail" # reboot the machine upon fatal boot issues
"console=ttyS0,115200" # enable serial console
"console=tty1"
];
# firmware
firmware.x86_64.enable = true;
hardware.enableAllFirmware = true;
nixpkgs.config.allowUnfree = true;
# boot
bios = {
enable = true;
device = "/dev/sda";
};
# disks
luks = {
enable = true;
device.path = "/dev/disk/by-uuid/9b090551-f78e-45ca-8570-196ed6a4af0c";
};
fileSystems."/" =
{ device = "/dev/disk/by-uuid/421c82b9-d67c-4811-8824-8bb57cb10fce";
fsType = "btrfs";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/d97f324f-3a2e-4b84-ae2a-4b3d1209c689";
fsType = "ext3";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/45bf58dd-67eb-45e4-9a98-246e23fa7abd"; }
];
nixpkgs.hostPlatform = "x86_64-linux";
}