Compare commits
9 Commits
pia-client
...
bc863de165
| Author | SHA1 | Date | |
|---|---|---|---|
| bc863de165 | |||
| cfa5c9428e | |||
| abddc5a680 | |||
| 577dc4faaa | |||
| a8b0385c6d | |||
| fc85627bd6 | |||
| f9cadba3eb | |||
| c192c2d52f | |||
| 04c7a9ea51 |
@@ -20,7 +20,7 @@
|
||||
networking.firewall.enable = true;
|
||||
networking.firewall.allowPing = true;
|
||||
|
||||
time.timeZone = "America/New_York";
|
||||
time.timeZone = "America/Denver";
|
||||
i18n.defaultLocale = "en_US.UTF-8";
|
||||
|
||||
services.openssh.enable = true;
|
||||
|
||||
@@ -68,11 +68,11 @@
|
||||
};
|
||||
in
|
||||
{
|
||||
"reg" = mkSystem "x86_64-linux" nixpkgs ./machines/reg/configuration.nix;
|
||||
"ray" = mkSystem "x86_64-linux" nixpkgs-unstable ./machines/ray/configuration.nix;
|
||||
"nat" = mkSystem "aarch64-linux" nixpkgs ./machines/nat/configuration.nix;
|
||||
"liza" = mkSystem "x86_64-linux" nixpkgs ./machines/liza/configuration.nix;
|
||||
"ponyo" = mkSystem "x86_64-linux" nixpkgs ./machines/ponyo/configuration.nix;
|
||||
"router" = mkSystem "x86_64-linux" nixpkgs-unstable ./machines/router/configuration.nix;
|
||||
"s0" = mkSystem "aarch64-linux" nixpkgs-unstable ./machines/storage/s0/configuration.nix;
|
||||
"n1" = mkSystem "aarch64-linux" nixpkgs ./machines/compute/n1/configuration.nix;
|
||||
"n2" = mkSystem "aarch64-linux" nixpkgs ./machines/compute/n2/configuration.nix;
|
||||
@@ -85,12 +85,12 @@
|
||||
|
||||
packages = let
|
||||
mkKexec = system:
|
||||
(nixpkgs.lib.nixosSystem {
|
||||
(nixpkgs-unstable.lib.nixosSystem {
|
||||
inherit system;
|
||||
modules = [ ./machines/ephemeral/kexec.nix ];
|
||||
}).config.system.build.kexec_tarball;
|
||||
mkIso = system:
|
||||
(nixpkgs.lib.nixosSystem {
|
||||
(nixpkgs-unstable.lib.nixosSystem {
|
||||
inherit system;
|
||||
modules = [ ./machines/ephemeral/iso.nix ];
|
||||
}).config.system.build.isoImage;
|
||||
|
||||
@@ -1,18 +1,35 @@
|
||||
{ pkgs, ... }:
|
||||
{ pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
(modulesPath + "/installer/cd-dvd/channel.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "e1000" "e1000e" "virtio_pci" "r8169" ];
|
||||
boot.kernelParams = [
|
||||
"panic=30" "boot.panic_on_fail" # reboot the machine upon fatal boot issues
|
||||
"console=ttyS0" # enable serial console
|
||||
"console=ttyS0,115200" # enable serial console
|
||||
"console=tty1"
|
||||
];
|
||||
boot.kernel.sysctl."vm.overcommit_memory" = "1";
|
||||
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
|
||||
# hardware.enableAllFirmware = true;
|
||||
# nixpkgs.config.allowUnfree = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
cryptsetup
|
||||
btrfs-progs
|
||||
git git-lfs
|
||||
wget
|
||||
htop
|
||||
dnsutils
|
||||
pciutils
|
||||
usbutils
|
||||
lm_sensors
|
||||
];
|
||||
|
||||
environment.variables.GC_INITIAL_HEAP_SIZE = "1M";
|
||||
|
||||
networking.useDHCP = true;
|
||||
@@ -24,5 +41,5 @@
|
||||
};
|
||||
|
||||
services.getty.autologinUser = "root";
|
||||
users.users.root.openssh.authorizedKeys.keys = (import ../common/ssh.nix).users;
|
||||
users.users.root.openssh.authorizedKeys.keys = (import ../../common/ssh.nix).users;
|
||||
}
|
||||
@@ -7,17 +7,6 @@
|
||||
|
||||
# 5synsrjgvfzywruomjsfvfwhhlgxqhyofkzeqt2eisyijvjvebnu2xyd.onion
|
||||
|
||||
firmware.x86_64.enable = true;
|
||||
bios = {
|
||||
enable = true;
|
||||
device = "/dev/sda";
|
||||
};
|
||||
|
||||
luks = {
|
||||
enable = true;
|
||||
device.path = "/dev/disk/by-uuid/2f736fba-8a0c-4fb5-8041-c849fb5e1297";
|
||||
};
|
||||
|
||||
system.autoUpgrade.enable = true;
|
||||
|
||||
networking.hostName = "liza";
|
||||
|
||||
@@ -13,6 +13,18 @@
|
||||
boot.kernelModules = [ ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
firmware.x86_64.enable = true;
|
||||
|
||||
bios = {
|
||||
enable = true;
|
||||
device = "/dev/sda";
|
||||
};
|
||||
|
||||
luks = {
|
||||
enable = true;
|
||||
device.path = "/dev/disk/by-uuid/2f736fba-8a0c-4fb5-8041-c849fb5e1297";
|
||||
};
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/b90eaf3c-2f91-499a-a066-861e0f4478df";
|
||||
fsType = "btrfs";
|
||||
|
||||
@@ -7,17 +7,6 @@
|
||||
|
||||
networking.hostName = "ponyo";
|
||||
|
||||
firmware.x86_64.enable = true;
|
||||
bios = {
|
||||
enable = true;
|
||||
device = "/dev/sda";
|
||||
};
|
||||
|
||||
luks = {
|
||||
enable = true;
|
||||
device.path = "/dev/disk/by-uuid/4cc36be4-dbff-4afe-927d-69bf4637bae2";
|
||||
};
|
||||
|
||||
system.autoUpgrade.enable = true;
|
||||
|
||||
services.zerotierone.enable = true;
|
||||
|
||||
@@ -10,6 +10,18 @@
|
||||
boot.kernelModules = [ "kvm-intel" "nvme" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
firmware.x86_64.enable = true;
|
||||
|
||||
bios = {
|
||||
enable = true;
|
||||
device = "/dev/sda";
|
||||
};
|
||||
|
||||
luks = {
|
||||
enable = true;
|
||||
device.path = "/dev/disk/by-uuid/4cc36be4-dbff-4afe-927d-69bf4637bae2";
|
||||
};
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/mapper/enc-pv";
|
||||
fsType = "btrfs";
|
||||
|
||||
@@ -19,6 +19,10 @@
|
||||
|
||||
hardware.enableAllFirmware = true;
|
||||
|
||||
hardware.openrazer.enable = true;
|
||||
hardware.openrazer.users = [ "googlebot" ];
|
||||
users.users.googlebot.packages = [ pkgs.polychromatic ];
|
||||
|
||||
# depthai
|
||||
services.udev.extraRules = ''
|
||||
SUBSYSTEM=="usb", ATTRS{idVendor}=="03e7", MODE="0666"
|
||||
@@ -43,6 +47,8 @@
|
||||
environment.systemPackages = with pkgs; [ virt-manager ];
|
||||
users.users.googlebot.extraGroups = [ "libvirtd" ];
|
||||
|
||||
services.spotifyd.enable = true;
|
||||
|
||||
# vpn-container.enable = true;
|
||||
# containers.vpn.interfaces = [ "piaw" ];
|
||||
|
||||
|
||||
@@ -1,35 +0,0 @@
|
||||
{ config, pkgs, fetchurl, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
# smcxui7kwoyxpswwage4fkcppxnqzpw33xcmxmlhxvk5gcp5s6lrtfad.onion
|
||||
|
||||
boot.kernelPackages = pkgs.linuxPackages_5_12;
|
||||
|
||||
firmware.x86_64.enable = true;
|
||||
efi.enable = true;
|
||||
|
||||
luks = {
|
||||
enable = true;
|
||||
device = {
|
||||
path = "/dev/disk/by-uuid/975d8427-2c6a-440d-a1d2-18dd15ba5bc2";
|
||||
allowDiscards = true;
|
||||
};
|
||||
};
|
||||
|
||||
networking.hostName = "reg";
|
||||
|
||||
de.enable = true;
|
||||
de.touchpad.enable = true;
|
||||
|
||||
services.zerotierone.enable = true;
|
||||
|
||||
# VNC
|
||||
networking.firewall.allowedTCPPorts = [ 5900 ];
|
||||
|
||||
networking.interfaces.enp57s0f1.useDHCP = true;
|
||||
}
|
||||
|
||||
@@ -1,38 +0,0 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
|
||||
boot.initrd.kernelModules = [ "dm-snapshot" ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/b3a2906b-e9a5-45bd-aac5-960297437fe9";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=root" "noatime" "nodiratime" "discard" ];
|
||||
};
|
||||
|
||||
fileSystems."/home" =
|
||||
{ device = "/dev/disk/by-uuid/b3a2906b-e9a5-45bd-aac5-960297437fe9";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=home" "noatime" "nodiratime" "discard" ];
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/6C41-24A0";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/34ec322f-79c3-4993-a073-ef1da3c6ef51"; }
|
||||
];
|
||||
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
}
|
||||
17
machines/router/configuration.nix
Normal file
17
machines/router/configuration.nix
Normal file
@@ -0,0 +1,17 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
# jxx2exuihlls2t6ncs7rvrjh2dssubjmjtclwr2ysvxtr4t7jv55xmqd.onion
|
||||
|
||||
networking.hostName = "router";
|
||||
|
||||
services.zerotierone.enable = true;
|
||||
|
||||
system.autoUpgrade.enable = true;
|
||||
|
||||
networking.useDHCP = lib.mkForce true;
|
||||
}
|
||||
47
machines/router/hardware-configuration.nix
Normal file
47
machines/router/hardware-configuration.nix
Normal file
@@ -0,0 +1,47 @@
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
# kernel
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
boot.initrd.availableKernelModules = [ "igb" "mt7915e" "xhci_pci" "ahci" "ehci_pci" "usb_storage" "sd_mod" "sdhci_pci" ];
|
||||
boot.initrd.kernelModules = [ "dm-snapshot" ];
|
||||
boot.kernelModules = [ "kvm-amd" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
# Enable serial output
|
||||
boot.kernelParams = [
|
||||
"panic=30" "boot.panic_on_fail" # reboot the machine upon fatal boot issues
|
||||
"console=ttyS0,115200" # enable serial console
|
||||
"console=tty1"
|
||||
];
|
||||
|
||||
# firmware
|
||||
firmware.x86_64.enable = true;
|
||||
hardware.enableAllFirmware = true;
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
# boot
|
||||
bios = {
|
||||
enable = true;
|
||||
device = "/dev/sda";
|
||||
};
|
||||
|
||||
# disks
|
||||
luks = {
|
||||
enable = true;
|
||||
device.path = "/dev/disk/by-uuid/9b090551-f78e-45ca-8570-196ed6a4af0c";
|
||||
};
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/421c82b9-d67c-4811-8824-8bb57cb10fce";
|
||||
fsType = "btrfs";
|
||||
};
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/d97f324f-3a2e-4b84-ae2a-4b3d1209c689";
|
||||
fsType = "ext3";
|
||||
};
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/45bf58dd-67eb-45e4-9a98-246e23fa7abd"; }
|
||||
];
|
||||
|
||||
nixpkgs.hostPlatform = "x86_64-linux";
|
||||
}
|
||||
Reference in New Issue
Block a user