jacob/nix_config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Reformat nix code with alejandra

Browse Source
This commit is contained in:
Jacob Hinkle 2022-09-08 12:27:21 -04:00
parent 3f7ad45ebe
commit a897038529
10 changed files with 244 additions and 217 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
flake.nix
View File

@ -24,15 +24,20 @@
}; };
}; };
outputs = inputs @ { self, nixpkgs, nixos-hardware, home-manager, sops-nix, ... }: outputs = inputs @ {
let self,
nixpkgs,
nixos-hardware,
home-manager,
sops-nix,
...
}: let
system = "x86_64-linux"; system = "x86_64-linux";
homeManagerConfFor = config: { ... }: { homeManagerConfFor = config: {...}: {
#nixpkgs.overlays = [ nur.overlay ]; #nixpkgs.overlays = [ nur.overlay ];
imports = [ config ]; imports = [config];
}; };
in { in {
nixosConfigurations = { nixosConfigurations = {
# Thinkpad T470 laptop # Thinkpad T470 laptop
buck = nixpkgs.lib.nixosSystem { buck = nixpkgs.lib.nixosSystem {
@ -40,7 +45,8 @@
modules = [ modules = [
nixos-hardware.nixosModules.lenovo-thinkpad-t470s nixos-hardware.nixosModules.lenovo-thinkpad-t470s
./machines/buck/configuration.nix ./machines/buck/configuration.nix
home-manager.nixosModules.home-manager { home-manager.nixosModules.home-manager
{
home-manager.useUserPackages = true; home-manager.useUserPackages = true;
home-manager.users.jacob = homeManagerConfFor ./home/jacob.nix; home-manager.users.jacob = homeManagerConfFor ./home/jacob.nix;
} }
@ -53,8 +59,9 @@
modules = [ modules = [
nixos-hardware.nixosModules.common-pc-hdd nixos-hardware.nixosModules.common-pc-hdd
nixos-hardware.nixosModules.common-cpu-intel-cpu-only nixos-hardware.nixosModules.common-cpu-intel-cpu-only
./machines/pedro/configuration.nix ./machines/pedro/configuration.nix
home-manager.nixosModules.home-manager { home-manager.nixosModules.home-manager
{
home-manager.useUserPackages = true; home-manager.useUserPackages = true;
home-manager.users.jacob = homeManagerConfFor ./home/jacob.nix; home-manager.users.jacob = homeManagerConfFor ./home/jacob.nix;
} }

39
home/i3.nix
View File

@ -1,11 +1,11 @@
pkgs : pkgs: rec {
rec {
menu = "${pkgs.dmenu}/bin/dmenu_run"; menu = "${pkgs.dmenu}/bin/dmenu_run";
modifier = "Mod1"; modifier = "Mod1";
terminal = "kitty"; terminal = "kitty";
keybindings = let keybindings = let
browser = "qutebrowser"; browser = "qutebrowser";
scrot2clip = pkgs.writeShellScript "scrot2clip" scrot2clip =
pkgs.writeShellScript "scrot2clip"
"${pkgs.scrot}/bin/scrot -s - | ${pkgs.xclip}/bin/xclip -selection primary -i -t image/png"; "${pkgs.scrot}/bin/scrot -s - | ${pkgs.xclip}/bin/xclip -selection primary -i -t image/png";
in { in {
"${modifier}+Return" = "exec ${terminal} tmux new"; "${modifier}+Return" = "exec ${terminal} tmux new";
@ -54,31 +54,20 @@ rec {
"${modifier}+9" = "workspace number 9"; "${modifier}+9" = "workspace number 9";
"${modifier}+0" = "workspace number 10"; "${modifier}+0" = "workspace number 10";
"${modifier}+Shift+1" = "${modifier}+Shift+1" = "move container to workspace number 1";
"move container to workspace number 1"; "${modifier}+Shift+2" = "move container to workspace number 2";
"${modifier}+Shift+2" = "${modifier}+Shift+3" = "move container to workspace number 3";
"move container to workspace number 2"; "${modifier}+Shift+4" = "move container to workspace number 4";
"${modifier}+Shift+3" = "${modifier}+Shift+5" = "move container to workspace number 5";
"move container to workspace number 3"; "${modifier}+Shift+6" = "move container to workspace number 6";
"${modifier}+Shift+4" = "${modifier}+Shift+7" = "move container to workspace number 7";
"move container to workspace number 4"; "${modifier}+Shift+8" = "move container to workspace number 8";
"${modifier}+Shift+5" = "${modifier}+Shift+9" = "move container to workspace number 9";
"move container to workspace number 5"; "${modifier}+Shift+0" = "move container to workspace number 10";
"${modifier}+Shift+6" =
"move container to workspace number 6";
"${modifier}+Shift+7" =
"move container to workspace number 7";
"${modifier}+Shift+8" =
"move container to workspace number 8";
"${modifier}+Shift+9" =
"move container to workspace number 9";
"${modifier}+Shift+0" =
"move container to workspace number 10";
"${modifier}+Shift+c" = "reload"; "${modifier}+Shift+c" = "reload";
"${modifier}+Shift+r" = "restart"; "${modifier}+Shift+r" = "restart";
"${modifier}+Shift+e" = "${modifier}+Shift+e" = "exec i3-nagbar -t warning -m 'Do you want to exit i3?' -b 'Yes' 'i3-msg exit'";
"exec i3-nagbar -t warning -m 'Do you want to exit i3?' -b 'Yes' 'i3-msg exit'";
"${modifier}+r" = "mode resize"; "${modifier}+r" = "mode resize";
}; };

48
home/jacob.nix
View File

@ -1,10 +1,14 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
imports = [ imports = [
({ lib, ...}: { ({lib, ...}: {
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ nixpkgs.config.allowUnfreePredicate = pkg:
"zoom" builtins.elem (lib.getName pkg) [
]; "zoom"
];
}) })
]; ];
@ -16,7 +20,7 @@
keyboard = { keyboard = {
layout = "us"; layout = "us";
options = [ "caps:swapescape" "ctrl:ralt_rctrl" ]; options = ["caps:swapescape" "ctrl:ralt_rctrl"];
}; };
packages = with pkgs; [ packages = with pkgs; [
@ -58,8 +62,8 @@
stateVersion = "22.05"; stateVersion = "22.05";
}; };
accounts.email = { accounts.email.accounts = {
accounts.gmail = { gmail = {
address = "jacob.hinkle@gmail.com"; address = "jacob.hinkle@gmail.com";
passwordCommand = "${pkgs.coreutils}/bin/cat /run/secrets/email/gmail/password"; passwordCommand = "${pkgs.coreutils}/bin/cat /run/secrets/email/gmail/password";
flavor = "gmail.com"; flavor = "gmail.com";
@ -71,7 +75,7 @@
primary = true; primary = true;
realName = "Jacob Hinkle"; realName = "Jacob Hinkle";
}; };
accounts.jhink = { jhink = {
address = "jacob.hinkle@jhink.org"; address = "jacob.hinkle@jhink.org";
imap.host = "mail.privateemail.com"; imap.host = "mail.privateemail.com";
smtp.host = "mail.privateemail.com"; smtp.host = "mail.privateemail.com";
@ -132,6 +136,7 @@
vim-nix vim-nix
]; ];
}; };
#notmuch.enable = true;
qutebrowser = import ./qutebrowser.nix; qutebrowser = import ./qutebrowser.nix;
rbw = { rbw = {
enable = true; enable = true;
@ -174,12 +179,12 @@
oh-my-zsh = { oh-my-zsh = {
enable = true; enable = true;
plugins = [ plugins = [
"direnv" "direnv"
"git" "git"
"sudo" "sudo"
"vi-mode" "vi-mode"
]; ];
theme = "michelebologna"; # nice clean theme that shows jobs theme = "michelebologna"; # nice clean theme that shows jobs
}; };
# michelebologna theme doesn't have an RPROMPT, but I like the one from the clean theme # michelebologna theme doesn't have an RPROMPT, but I like the one from the clean theme
initExtra = '' initExtra = ''
@ -223,13 +228,14 @@
xmonad = { xmonad = {
enable = true; enable = true;
enableContribAndExtras = true; enableContribAndExtras = true;
extraPackages = haskellPackages: with haskellPackages; [ extraPackages = haskellPackages:
#dbus with haskellPackages; [
#List #dbus
#monad-logger #List
xmonad #monad-logger
xmonad-contrib xmonad
]; xmonad-contrib
];
config = ./xmonad.hs; config = ./xmonad.hs;
}; };
}; };

4
home/tmux.nix
View File

@ -1,7 +1,7 @@
{ {
enable = true; enable = true;
aggressiveResize = true; aggressiveResize = true;
clock24 = true; clock24 = true;
escapeTime = 0; escapeTime = 0;
historyLimit = 10000; historyLimit = 10000;
keyMode = "vi"; keyMode = "vi";
@ -26,6 +26,6 @@
set-window-option -g window-status-current-style fg=red set-window-option -g window-status-current-style fg=red
# align center the window list # align center the window list
set -g status-justify centre set -g status-justify centre
''; '';
} }

33
machines/buck/configuration.nix
View File

@ -1,14 +1,16 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help). # and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, sops, ... }:
{ {
imports = config,
[ # Include the results of the hardware scan. pkgs,
./hardware-configuration.nix sops,
]; ...
}: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
];
sops = { sops = {
# This will add secrets.yml to the nix store # This will add secrets.yml to the nix store
@ -16,7 +18,7 @@
# sops.defaultSopsFile = "/root/.sops/secrets/example.yaml"; # sops.defaultSopsFile = "/root/.sops/secrets/example.yaml";
defaultSopsFile = ../../secrets.yaml; defaultSopsFile = ../../secrets.yaml;
# This will automatically import SSH keys as age keys # This will automatically import SSH keys as age keys
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
# This is using an age key that is expected to already be in the filesystem # This is using an age key that is expected to already be in the filesystem
#age.keyFile = "/var/lib/sops-nix/key.txt"; #age.keyFile = "/var/lib/sops-nix/key.txt";
# This will generate a new key if the key specified above does not exist # This will generate a new key if the key specified above does not exist
@ -43,7 +45,7 @@
environmentFile = "/run/secrets/wifi/env"; environmentFile = "/run/secrets/wifi/env";
networks = { networks = {
"@SSID_HOME@" = { "@SSID_HOME@" = {
pskRaw = "@PSKRAW_HOME@"; pskRaw = "@PSKRAW_HOME@";
}; };
}; };
}; };
@ -61,7 +63,6 @@
# Select internationalisation properties. # Select internationalisation properties.
i18n.defaultLocale = "en_US.utf8"; i18n.defaultLocale = "en_US.utf8";
# Allow unfree packages # Allow unfree packages
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
@ -85,7 +86,7 @@
# List services that you want to enable: # List services that you want to enable:
# Enable sound. # Enable sound.
sound.enable = true; sound.enable = true;
#hardware.raspberry-pi."4".fkms-3d.enable = true; #hardware.raspberry-pi."4".fkms-3d.enable = true;
# Enable touchpad support (enabled default in most desktopManager). services.xserver.libinput.enable = true; # Enable touchpad support (enabled default in most desktopManager). services.xserver.libinput.enable = true;
@ -93,11 +94,11 @@
# Define a user account. Don't forget to set a password with passwd. # Define a user account. Don't forget to set a password with passwd.
users.users.jacob = { users.users.jacob = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" ]; # Enable sudo for the user. extraGroups = ["wheel"]; # Enable sudo for the user.
shell = pkgs.zsh; shell = pkgs.zsh;
}; };
security.rtkit.enable = true; # recommended for pipewire security.rtkit.enable = true; # recommended for pipewire
# List services that you want to enable: # List services that you want to enable:
services = { services = {
@ -133,7 +134,7 @@
enable = true; enable = true;
greeter.enable = false; greeter.enable = false;
}; };
}; };
libinput = { libinput = {
enable = true; enable = true;
touchpad = { touchpad = {
@ -148,7 +149,7 @@
i3status # gives you the default i3 status bar i3status # gives you the default i3 status bar
i3lock #default i3 screen locker i3lock #default i3 screen locker
i3blocks #if you are planning on using i3blocks over i3status i3blocks #if you are planning on using i3blocks over i3status
]; ];
}; };
}; };
}; };
@ -179,6 +180,6 @@
gc = { gc = {
automatic = true; automatic = true;
}; };
settings.experimental-features = [ "nix-command" "flakes" ]; settings.experimental-features = ["nix-command" "flakes"];
}; };
} }

40
machines/buck/hardware-configuration.nix
View File

@ -1,29 +1,33 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = config,
[ (modulesPath + "/installer/scan/not-detected.nix") lib,
]; pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
boot.initrd.kernelModules = [ "dm-snapshot" ]; boot.initrd.kernelModules = ["dm-snapshot"];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
fileSystems."/" = fileSystems."/" = {
{ device = "/dev/disk/by-uuid/cc13728f-a446-49db-98fc-51db875bba20"; device = "/dev/disk/by-uuid/cc13728f-a446-49db-98fc-51db875bba20";
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/boot/efi" = fileSystems."/boot/efi" = {
{ device = "/dev/disk/by-uuid/164F-882B"; device = "/dev/disk/by-uuid/164F-882B";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = [ ]; swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

103
machines/pedro/configuration.nix
View File

@ -1,11 +1,15 @@
# Edit this configuration file to define what should be installed on your system. Help is available in the configuration.nix(5) man page and in the NixOS manual (accessible by running nixos-help). # Edit this configuration file to define what should be installed on your system. Help is available in the configuration.nix(5) man page and in the NixOS manual (accessible by running nixos-help).
{
{ config, pkgs, options, sops, ... }: config,
pkgs,
{ imports = options,
[ # Include the results of the hardware scan. sops,
./hardware-configuration-zfs.nix ...
]; }: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration-zfs.nix
];
sops = { sops = {
# This will add secrets.yml to the nix store # This will add secrets.yml to the nix store
@ -13,7 +17,7 @@
# sops.defaultSopsFile = "/root/.sops/secrets/example.yaml"; # sops.defaultSopsFile = "/root/.sops/secrets/example.yaml";
defaultSopsFile = ../../secrets.yaml; defaultSopsFile = ../../secrets.yaml;
# This will automatically import SSH keys as age keys # This will automatically import SSH keys as age keys
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
# This is using an age key that is expected to already be in the filesystem # This is using an age key that is expected to already be in the filesystem
#age.keyFile = "/var/lib/sops-nix/key.txt"; #age.keyFile = "/var/lib/sops-nix/key.txt";
# This will generate a new key if the key specified above does not exist # This will generate a new key if the key specified above does not exist
@ -30,13 +34,14 @@
boot = { boot = {
# Use the extlinux boot loader. (NixOS wants to enable GRUB by default) # Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
loader = { loader = {
# Enables the generation of /extlinux/extlinux.conf grub.enable = true; # Enables the generation of /extlinux/extlinux.conf grub.enable = true;
#grub.version = 2; grub.device = "/dev/sda"; grub.efiSupport = true; #grub.version = 2; grub.device = "/dev/sda"; grub.efiSupport = true;
systemd-boot.enable = true; systemd-boot.enable = true;
}; };
# ZFS settings # ZFS settings
initrd.availableKernelModules = [ "usbhid" "usb_storage" ]; initrd.supportedFilesystems = [ "zfs" ]; # boot from zfs supportedFilesystems = [ "zfs" ]; zfs.devNodes = "/dev/"; initrd.availableKernelModules = ["usbhid" "usb_storage"];
initrd.supportedFilesystems = ["zfs"]; # boot from zfs supportedFilesystems = [ "zfs" ]; zfs.devNodes = "/dev/";
}; };
# Set your time zone. # Set your time zone.
@ -63,36 +68,51 @@
}; };
firewall = { firewall = {
allowedTCPPorts = [ allowedTCPPorts = [
8384 22000 # syncthing 8384
8080 8443 6789 8880 8843 27117 # unifi controller: https://help.ui.com/hc/en-us/articles/218506997-UniFi-Network-Required-Ports-Reference 22000 # syncthing
53 8088 # pihole 8080
8443
6789
8880
8843
27117 # unifi controller: https://help.ui.com/hc/en-us/articles/218506997-UniFi-Network-Required-Ports-Reference
53
8088 # pihole
#3000 # gitea #3000 # gitea
#8081 # vaultwarden #8081 # vaultwarden
#8000 # paperless #8000 # paperless
80 443 # reverse proxy 80
443 # reverse proxy
]; ];
allowedUDPPorts = [ allowedUDPPorts = [
22000 21027 # syncthing 22000
3478 5514 10001 1900 123 # unifi 21027 # syncthing
53 # pihole 3478
5514
10001
1900
123 # unifi
53 # pihole
]; ];
allowedUDPPortRanges = [ allowedUDPPortRanges = [
{ from = 5656; to = 5699; } # unifi {
from = 5656;
to = 5699;
} # unifi
]; ];
}; };
timeServers = [ "192.168.88.1" ] ++ options.networking.timeServers.default; timeServers = ["192.168.88.1"] ++ options.networking.timeServers.default;
}; };
hardware.video.hidpi.enable = false; hardware.video.hidpi.enable = false;
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
#hardware.pulseaudio = { #hardware.pulseaudio = {
#enable = true; #enable = true;
#extraModules = [ pkgs.pulseaudio-modules-bt ]; #extraModules = [ pkgs.pulseaudio-modules-bt ];
#package = pkgs.pulseaudioFull; #package = pkgs.pulseaudioFull;
#}; #};
hardware.bluetooth.enable = false; hardware.bluetooth.enable = false;
services.blueman.enable = false; services.blueman.enable = false;
# Enable CUPS to print documents. # Enable CUPS to print documents.
services.printing.enable = false; services.printing.enable = false;
@ -103,28 +123,28 @@
# Define a user account. Don't forget to set a password with passwd. # Define a user account. Don't forget to set a password with passwd.
users.users.jacob = { users.users.jacob = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" ]; # Enable sudo for the user. extraGroups = ["wheel"]; # Enable sudo for the user.
shell = pkgs.zsh; shell = pkgs.zsh;
}; };
# List packages installed in system profile. To search, run: $ nix search wget # List packages installed in system profile. To search, run: $ nix search wget
environment.systemPackages = with pkgs; [ vim git wget ]; environment.systemPackages = with pkgs; [vim git wget];
#environment.variables = { #environment.variables = {
#GDK_SCALE = "2"; #GDK_SCALE = "2";
#GDK_DPI_SCALE = "0.5"; #GDK_DPI_SCALE = "0.5";
#_JAVA_OPTIONS = "-Dsun.java2d.uiScale=2"; #_JAVA_OPTIONS = "-Dsun.java2d.uiScale=2";
#}; #};
# Some programs need SUID wrappers, can be configured further or are started in user sessions. programs.mtr.enable = true; programs.gnupg.agent = { # Some programs need SUID wrappers, can be configured further or are started in user sessions. programs.mtr.enable = true; programs.gnupg.agent = {
# enable = true; enableSSHSupport = true; # enable = true; enableSSHSupport = true;
# }; # };
security.rtkit.enable = true; # recommended for pipewire security.rtkit.enable = true; # recommended for pipewire
# enable acme for certbot # enable acme for certbot
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;
defaults = { defaults = {
email = "jacob.hinkle@gmail.com"; email = "jacob.hinkle@gmail.com";
}; };
@ -192,7 +212,7 @@
enable = true; enable = true;
greeter.enable = false; greeter.enable = false;
}; };
}; };
layout = "us"; layout = "us";
libinput.enable = true; libinput.enable = true;
windowManager.i3 = { windowManager.i3 = {
@ -202,7 +222,7 @@
i3status # gives you the default i3 status bar i3status # gives you the default i3 status bar
i3lock #default i3 screen locker i3lock #default i3 screen locker
i3blocks #if you are planning on using i3blocks over i3status i3blocks #if you are planning on using i3blocks over i3status
]; ];
}; };
}; };
@ -211,7 +231,7 @@
trim.enable = true; trim.enable = true;
autoScrub = { autoScrub = {
enable = true; enable = true;
pools = [ "rpool" ]; pools = ["rpool"];
}; };
autoSnapshot = { autoSnapshot = {
enable = true; enable = true;
@ -220,18 +240,17 @@
}; };
}; };
}; };
# Due to bug in home assistant, this workaround is suggested temporarily as of May 6, 2022 # Due to bug in home assistant, this workaround is suggested temporarily as of May 6, 2022
# https://github.com/nix-community/home-manager/issues/2942#issuecomment-1119760100 # https://github.com/nix-community/home-manager/issues/2942#issuecomment-1119760100
#nixpkgs.config.allowUnfree = true; #nixpkgs.config.allowUnfree = true;
nixpkgs.config.allowUnfreePredicate = ( pkg: true ); nixpkgs.config.allowUnfreePredicate = (pkg: true);
powerManagement.cpuFreqGovernor = "ondemand"; powerManagement.cpuFreqGovernor = "ondemand";
# This value determines the NixOS release from which the default settings for stateful data, like file locations and database versions on your system were taken. Its perfectly fine and recommended to leave this value at the # This value determines the NixOS release from which the default settings for stateful data, like file locations and database versions on your system were taken. Its perfectly fine and recommended to leave this value at the
# release version of the first install of this system. Before changing this value read the documentation for this option (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). # release version of the first install of this system. Before changing this value read the documentation for this option (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.05"; # Did you read the comment? system.stateVersion = "22.05"; # Did you read the comment?
nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.experimental-features = ["nix-command" "flakes"];
} }

160
machines/pedro/hardware-configuration-zfs.nix
View File

@ -1,103 +1,106 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = config,
[ (modulesPath + "/installer/scan/not-detected.nix") lib,
]; pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
# high-resolution display # high-resolution display
hardware.video.hidpi.enable = lib.mkDefault true; hardware.video.hidpi.enable = lib.mkDefault true;
fileSystems."/" = fileSystems."/" = {
{ device = "none"; device = "none";
fsType = "tmpfs"; fsType = "tmpfs";
}; };
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-partuuid/e7ebac1e-eb4c-4a7d-8893-49a95f6014d4";
device = "/dev/disk/by-partuuid/e7ebac1e-eb4c-4a7d-8893-49a95f6014d4"; fsType = "vfat";
fsType = "vfat"; };
};
fileSystems."/nix" = fileSystems."/nix" = {
{ device = "rpool/nixos/nix"; device = "rpool/nixos/nix";
fsType = "zfs"; fsType = "zfs";
options = [ "zfsutil" ]; options = ["zfsutil"];
}; };
fileSystems."/etc" = fileSystems."/etc" = {
{ device = "rpool/nixos/etc"; device = "rpool/nixos/etc";
fsType = "zfs"; fsType = "zfs";
options = [ "zfsutil" ]; options = ["zfsutil"];
}; };
fileSystems."/var" = fileSystems."/var" = {
{ device = "rpool/nixos/var"; device = "rpool/nixos/var";
fsType = "zfs"; fsType = "zfs";
options = [ "zfsutil" ]; options = ["zfsutil"];
}; };
fileSystems."/var/lib" = fileSystems."/var/lib" = {
{ device = "rpool/nixos/var/lib"; device = "rpool/nixos/var/lib";
fsType = "zfs"; fsType = "zfs";
options = [ "zfsutil" ]; options = ["zfsutil"];
}; };
fileSystems."/var/log" = fileSystems."/var/log" = {
{ device = "rpool/nixos/var/log"; device = "rpool/nixos/var/log";
fsType = "zfs"; fsType = "zfs";
options = [ "zfsutil" ]; options = ["zfsutil"];
}; };
fileSystems."/var/spool" = fileSystems."/var/spool" = {
{ device = "rpool/nixos/var/spool"; device = "rpool/nixos/var/spool";
fsType = "zfs"; fsType = "zfs";
options = [ "zfsutil" ]; options = ["zfsutil"];
}; };
fileSystems."/serverdata/pihole" = fileSystems."/serverdata/pihole" = {
{ device = "rpool/serverdata/pihole"; device = "rpool/serverdata/pihole";
fsType = "zfs"; fsType = "zfs";
options = [ "zfsutil" ]; options = ["zfsutil"];
}; };
fileSystems."/serverdata/gitea" = fileSystems."/serverdata/gitea" = {
{ device = "rpool/serverdata/gitea"; device = "rpool/serverdata/gitea";
fsType = "zfs"; fsType = "zfs";
options = [ "zfsutil" ]; options = ["zfsutil"];
}; };
fileSystems."/serverdata/home-assistant" = fileSystems."/serverdata/home-assistant" = {
{ device = "rpool/serverdata/home-assistant"; device = "rpool/serverdata/home-assistant";
fsType = "zfs"; fsType = "zfs";
options = [ "zfsutil" ]; options = ["zfsutil"];
}; };
fileSystems."/home" = fileSystems."/home" = {
{ device = "rpool/userdata/home"; device = "rpool/userdata/home";
fsType = "zfs"; fsType = "zfs";
options = [ "zfsutil" ]; options = ["zfsutil"];
}; };
fileSystems."/root" = fileSystems."/root" = {
{ device = "rpool/userdata/home/root"; device = "rpool/userdata/home/root";
fsType = "zfs"; fsType = "zfs";
options = [ "zfsutil" ]; options = ["zfsutil"];
}; };
fileSystems."/home/jacob" = fileSystems."/home/jacob" = {
{ device = "rpool/userdata/home/jacob"; device = "rpool/userdata/home/jacob";
fsType = "zfs"; fsType = "zfs";
options = [ "zfsutil" ]; options = ["zfsutil"];
}; };
swapDevices = [ swapDevices = [
{ {
@ -105,5 +108,4 @@
randomEncryption = true; randomEncryption = true;
} }
]; ];
} }

2
machines/pedro/nginx.nix
View File

@ -2,7 +2,7 @@
enable = true; enable = true;
recommendedProxySettings = true; recommendedProxySettings = true;
virtualHosts = let virtualHosts = let
simpleProxy = ip : { simpleProxy = ip: {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
extraConfig = '' extraConfig = ''

5
machines/pedro/pihole.nix
View File

@ -1,5 +1,4 @@
serverIP : serverIP: {
{
image = "pihole/pihole:2022.07.1"; image = "pihole/pihole:2022.07.1";
ports = [ ports = [
"${serverIP}:53:53/tcp" "${serverIP}:53:53/tcp"
@ -21,6 +20,6 @@ serverIP :
"/run/secrets/pihole:/run/secrets/pihole" "/run/secrets/pihole:/run/secrets/pihole"
]; ];
extraOptions = [ extraOptions = [
"--no-hosts" # do not populate internal /etc/hosts with container host's "--no-hosts" # do not populate internal /etc/hosts with container host's
]; ];
} }