mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

stuff from pi

Browse Source
This commit is contained in:
mjallen18
2025-03-03 18:17:33 -06:00
parent 5da59d8964
commit 6d1e9e59d7
4 changed files with 34 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
hosts/pi4/adguard.nix
View File

@@ -1,10 +1,10 @@
{ ... }: { ... }:
{ {
services.adguard = { services.adguardhome = {
enable = true; enable = true;
allowDHCP = true; allowDHCP = true;
port = 3000; port = 3000;
openFirewall = true; openFirewall = true;
mutableSettings = true; mutableSettings = true;
}; };
} }

8
hosts/pi4/boot.nix
View File

@@ -12,8 +12,10 @@
systemd-boot.enable = true; systemd-boot.enable = true;
generic-extlinux-compatible.enable = lib.mkForce false; generic-extlinux-compatible.enable = lib.mkForce false;
}; };
# kernelParams = [ kernelParams = [
# "snd_bcm2835.enable_hdmi=1" # "snd_bcm2835.enable_hdmi=1"
# ]; "brcmfmac.roamoff=1"
"brcmfmac.feature_disable=0x282000"
];
}; };
} }

22
hosts/pi4/configuration.nix
View File

@@ -8,7 +8,7 @@ let
user = "matt"; user = "matt";
password = "$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06"; password = "$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06";
SSID = "Joey's Jungle 5G"; SSID = "Joey's Jungle 5G";
SSIDpassword = config.sops.templates."wifi-password".content; SSIDpassword = ""; # config.sops.templates."wifi-password".content;
interface = "wlan0"; interface = "wlan0";
timezone = "America/Chicago"; timezone = "America/Chicago";
hostname = "pi4"; hostname = "pi4";
@@ -16,10 +16,11 @@ in
{ {
imports = [ imports = [
# Include the results of the hardware scan. # Include the results of the hardware scan.
./adguard.nix
./boot.nix ./boot.nix
./hardware-configuration.nix ./hardware-configuration.nix
./impermanence.nix ./impermanence.nix
./sops.nix # ./sops.nix
./ups-monitor.nix ./ups-monitor.nix
../default.nix ../default.nix
]; ];
@@ -79,13 +80,28 @@ in
time.timeZone = timezone; time.timeZone = timezone;
networking = { networking = {
networkmanager.enable = lib.mkForce true; networkmanager.enable = lib.mkForce false;
hostName = hostname; hostName = hostname;
wireless = { wireless = {
enable = false; enable = false;
networks."${SSID}".psk = SSIDpassword; networks."${SSID}".psk = SSIDpassword;
interfaces = [ interface ]; interfaces = [ interface ];
}; };
defaultGateway.address = "10.0.1.1";
nameservers = [ "10.0.1.1" ];
interfaces.enabcm6e4ei0.ipv4.addresses = [ {
address = "10.0.1.2";
prefixLength = 24;
} ];
firewall = {
enable = true;
allowPing = true;
allowedTCPPorts = [ 80 53 ];
allowedUDPPorts = [ 80 53 ];
};
}; };
systemd.services.btattach = { systemd.services.btattach = {

12
hosts/pi4/impermanence.nix
View File

@@ -10,6 +10,10 @@
"/var/lib/nixos" "/var/lib/nixos"
"/var/lib/libvirt" "/var/lib/libvirt"
"/var/lib/systemd/coredump" "/var/lib/systemd/coredump"
{
directory = "/var/lib/private";
mode = "u=rwx,g=,o=";
}
"/etc/NetworkManager/system-connections" "/etc/NetworkManager/system-connections"
{ {
directory = "/etc/nix"; directory = "/etc/nix";
@@ -18,10 +22,10 @@
mode = "u=rwx,g=rx,o=rx"; mode = "u=rwx,g=rx,o=rx";
} }
]; ];
files = [ # files = [
"/etc/machine-id" # "/etc/machine-id"
{ file = "/etc/nix/id_rsa"; parentDirectory = { mode = "u=rwx,g=,o="; }; } # { file = "/etc/nix/id_rsa"; parentDirectory = { mode = "u=rwx,g=,o="; }; }
]; # ];
}; };
security.sudo.extraConfig = '' security.sudo.extraConfig = ''