mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

temp commit lol

Browse Source
This commit is contained in:
mjallen18
2024-06-29 11:34:17 -05:00
parent c3767fd666
commit e74020a8ce
28 changed files with 293 additions and 127 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
hosts/default.nix
View File

@@ -98,6 +98,14 @@ in
# Security config
security = {
wrappers."mount.nfs" = {
setuid = true;
owner = "root";
group = "root";
source = "${pkgs.nfs-utils.out}/bin/mount.nfs";
};
rtkit.enable = lib.mkDefault true;
# configure sudo

12
hosts/desktop/configuration.nix
View File

@@ -46,13 +46,6 @@ in
apps.discover-wrapped.enable = plasma;
# chaotic = {
# nyx.cache.enable = true;
# nyx.overlay.enable = true;
# mesa-git.enable = true;
# hdr.enable = false;
# };
# Configure bootloader with lanzaboot and secureboot
boot = {
loader = {
@@ -107,8 +100,6 @@ in
defaultSession = if plasma then "plasma" else "gnome";
};
# displayManager.gdm.enable = gnome;
# desktopManager.gnome.enable = gnome;
desktopManager.plasma6.enable = plasma;
# enable auto discovery of printers
@@ -174,8 +165,6 @@ in
borgbackup
clinfo
efibootmgr
# fishPlugins.bass
# fishPlugins.sponge
gparted
kmod
lact
@@ -192,6 +181,7 @@ in
# native wayland support (unstable)
wineWowPackages.waylandFull
];
sessionVariables = {
STEAM_FORCE_DESKTOPUI_SCALING = "1";
};

2
hosts/desktop/home.nix
View File

@@ -57,6 +57,7 @@
# gamescope # using chaotic git version
# gamescope-wsi # using chaotic git version
deadnix
fastfetch
firefox
freerdp
gamescope_git
@@ -72,7 +73,6 @@
lutris
mangohud
morph
neofetch
nixfmt-rfc-style
orca-slicer
papirus-icon-theme

240
hosts/nas/configuration.nix
View File

@@ -91,34 +91,34 @@ in
enable = true;
hostsAllow = "10.0.1.";
enableTimeMachine = true;
timeMachinePath = "/home/admin/mainpool/TimeMachine";
timeMachinePath = "/media/nas/main/timemachine";
shares = {
"3d_printer" = {
public = true;
sharePath = "/home/admin/mainpool/3d_printer";
sharePath = "/media/nas/main/3d_printer";
};
Backup = {
public = true;
sharePath = "/home/admin/mainpool/Backup";
sharePath = "/media/nas/main/backup";
};
Documents = {
public = true;
sharePath = "/home/admin/mainpool/Documents";
sharePath = "/media/nas/main/documents";
};
isos = {
public = true;
sharePath = "/home/admin/mainpool/isos";
sharePath = "/media/nas/main/isos";
};
TimeMachine = {
public = false;
sharePath = "/home/admin/mainpool/TimeMachine";
sharePath = "/media/nas/main/timemachine";
enableTimeMachine = true;
timeMachineMaxSize = "1T";
};
app_data = {
public = true;
sharePath = "/home/admin/ssd/ssd_app_data";
sharePath = "/media/nas/ssd/ssd_app_data";
};
nix-config = {
public = true;
@@ -129,7 +129,7 @@ in
share.hardware.nvidia = {
enable = true;
enableBeta = true;
enableBeta = false;
nvidiaSettings = true;
enableNvidiaDocker = true;
};
@@ -149,7 +149,7 @@ in
};
# Override kernel to latest
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
kernelPackages = pkgs.linuxPackages_latest;
kernelParams = [
"nohibernate"
@@ -161,8 +161,8 @@ in
supportedFilesystems = [ "zfs" ];
zfs.extraPools = [ "junk" "MainPool" "SSD" ];
zfs.requestEncryptionCredentials = false;
# zfs.extraPools = [ "junk" ];
# zfs.requestEncryptionCredentials = false;
};
security.tpm2 = {
@@ -235,7 +235,7 @@ in
serve_from_sub_path = true;
http_addr = "";
};
dataDir = "/home/admin/ssd/nix-app-data/grafana";
dataDir = "/media/nas/ssd/nix-app-data/grafana";
};
prometheus = {
@@ -286,33 +286,33 @@ in
};
systemd.services = {
nas-mounts = {
path = [
pkgs.zfs
pkgs.bash
pkgs.tpm2-tools
];
# nas-mounts = {
# path = [
# pkgs.zfs
# pkgs.bash
# pkgs.tpm2-tools
# ];
wantedBy = [ "multi-user.target" ];
# wantedBy = [ "multi-user.target" ];
script = ''
tpm2_nvread 0x1500016 -C o -s 65 > /tmp/mainpool
tpm2_nvread 0x1600016 -C o -s 65 > /tmp/ssd
# script = ''
# tpm2_nvread 0x1500016 -C o -s 65 > /tmp/mainpool
# tpm2_nvread 0x1600016 -C o -s 65 > /tmp/ssd
zfs load-key -L file:///tmp/mainpool "MainPool"
zfs load-key -L file:///tmp/ssd "SSD"
# zfs load-key -L file:///tmp/mainpool "MainPool"
# zfs load-key -L file:///tmp/ssd "SSD"
rm /tmp/mainpool
rm /tmp/ssd
'';
# rm /tmp/mainpool
# rm /tmp/ssd
# '';
description = "Unlock ZFS pool using fTPM";
requires = [ "zfs-import-MainPool.service" "zfs-import-SSD.service" ];
after = [ "zfs-import-MainPool.service" "zfs-import-SSD.service" ];
before = [ "zfs-mount.service" ];
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
};
# description = "Unlock ZFS pool using fTPM";
# requires = [ "zfs-import-MainPool.service" "zfs-import-SSD.service" ];
# after = [ "zfs-import-MainPool.service" "zfs-import-SSD.service" ];
# before = [ "zfs-mount.service" ];
# serviceConfig.Type = "oneshot";
# serviceConfig.RemainAfterExit = true;
# };
glances-server = {
path = [
@@ -368,6 +368,17 @@ in
# etc."nut/upsd.conf".source = /home/matt/upsd.conf;
# etc."nut/upsd.users".source = /home/matt/upsd.users;
# etc."nut/upsmon.conf".source = /home/matt/upsmon.conf;
etc.crypttab.text = ''
ssd1 UUID=eff4b19c-aba7-41ab-b452-a8c6654d8754 none tpm2-device=auto
ssd2 UUID=c8640e19-6cd9-49d0-a355-bac09d17ea0d none tpm2-device=auto
hdd1 UUID=8d7dd657-d9b0-47ed-97e1-a9d1eba12b56 none tpm2-device=auto
hdd2 UUID=11ee92b0-6334-4be7-bb2d-d85f5a3f51a6 none tpm2-device=auto
hdd3 UUID=4463ea6f-3fcf-4e49-80c8-ba7f424471f0 none tpm2-device=auto
hdd4 UUID=13fe7737-b72b-4d5f-a79d-1ca0d438f8f0 none tpm2-device=auto
hdd5 UUID=11ee92b0-6334-4be7-bb2d-d85f5a3f51a6 none tpm2-device=auto
'';
# List packages installed in system profile. To search, run:
# $ nix search wget
@@ -404,6 +415,9 @@ in
unstable.gpt4all
lm_sensors
htop
tpm2-tools
tpm2-tss
cryptsetup
];
};
@@ -502,7 +516,7 @@ in
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTBMydhOc6SnOdB5WrEd7X07DrboAtagCUgXiOJjLov matt@matt-nixos"
];
packages = with pkgs; [
neofetch
fastfetch
git
parted
aspell
@@ -512,8 +526,6 @@ in
aha
papirus-icon-theme
firefox
tpm2-tools
tpm2-tss
];
};
@@ -551,6 +563,160 @@ in
libvirtd.enable = true;
};
fileSystems."/media/nas/ssd/nix-app-data" = {
device = "/dev/disk/by-uuid/09ac8b6b-e553-4cd8-ae62-8d8c17fe8b0c";
fsType = "btrfs";
options = [
"subvol=nix-app-data"
"compress=zstd"
];
};
fileSystems."/media/nas/ssd/ssd_app_data" = {
device = "/dev/disk/by-uuid/09ac8b6b-e553-4cd8-ae62-8d8c17fe8b0c";
fsType = "btrfs";
options = [
"subvol=ssd_app_data"
"compress=zstd"
];
};
fileSystems."/media/nas/ssd/mariadb" = {
device = "/dev/disk/by-uuid/09ac8b6b-e553-4cd8-ae62-8d8c17fe8b0c";
fsType = "btrfs";
options = [
"subvol=mariadb"
"compress=zstd"
];
};
fileSystems."/media/nas/ssd/VMs" = {
device = "/dev/disk/by-uuid/09ac8b6b-e553-4cd8-ae62-8d8c17fe8b0c";
fsType = "btrfs";
options = [
"subvol=VMs"
"compress=zstd"
];
};
fileSystems."/media/nas/main/3d_printer" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=3d_printer"
"compress=zstd"
];
};
fileSystems."/media/nas/main/backup" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=backup"
"compress=zstd"
];
};
fileSystems."/media/nas/main/books" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=books"
"compress=zstd"
];
};
fileSystems."/media/nas/main/documents" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=documents"
"compress=zstd"
];
};
fileSystems."/media/nas/main/homeassistant" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=homeassistant"
"compress=zstd"
];
};
fileSystems."/media/nas/main/isos" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=isos"
"compress=zstd"
];
};
fileSystems."/media/nas/main/movies" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=movies"
"compress=zstd"
];
};
fileSystems."/media/nas/main/nextcloud" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=nextcloud"
"compress=zstd"
];
};
fileSystems."/media/nas/main/photos" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=photos"
"compress=zstd"
];
};
fileSystems."/media/nas/main/switch" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=switch"
"compress=zstd"
];
};
fileSystems."/media/nas/main/tv" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=tv"
"compress=zstd"
];
};
fileSystems."/media/nas/main/timemachine" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=timemachine"
"compress=zstd"
];
};
fileSystems."/media/nas/main/vms" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=vms"
"compress=zstd"
];
};
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#