From cdbd9f7f83099a48bfa59a886b6e51790d898a24 Mon Sep 17 00:00:00 2001 From: ene Date: Sat, 4 Feb 2023 21:37:52 +0100 Subject: Flake: Changed the configuration to a flake Nix flakes make a lot of things very easy. --- system/fileSystemLayouts.nix | 45 +++++++++++++++++++++++++++++++++ system/hardware.nix | 9 +++++++ system/packages.nix | 9 +++++++ system/users.nix | 59 ++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 122 insertions(+) create mode 100644 system/fileSystemLayouts.nix create mode 100644 system/hardware.nix create mode 100644 system/packages.nix create mode 100644 system/users.nix (limited to 'system') diff --git a/system/fileSystemLayouts.nix b/system/fileSystemLayouts.nix new file mode 100644 index 0000000..9d03a05 --- /dev/null +++ b/system/fileSystemLayouts.nix @@ -0,0 +1,45 @@ +{ + modulesPath, + config, + lib, + ... +}: +with lib; let + cfg = config.system.fileSystemLayouts; +in { + options.system.fileSystemLayouts = { + mainDisk = mkOption { + type = lib.types.path; + example = literalExpression "/dev/disk/by-uuid/0442cb6d-f13a-4635-b487-fa76189774c5"; + description = lib.mdDoc "Path to the main disk"; + }; + }; + config = { + fileSystems = { + "/" = { + device = "tmpfs"; + fsType = "tmpfs"; + options = ["defaults" "size=2G" "mode=755"]; + }; + "/nix" = { + device = cfg.mainDisk; + fsType = "btrfs"; + options = ["subvol=nix" "compress-force=zstd"]; + }; + "/srv" = { + device = cfg.mainDisk; + fsType = "btrfs"; + options = ["subvol=storage" "compress-force=zstd"]; + }; + "/boot" = { + device = cfg.mainDisk; + options = ["subvol=boot" "compress-force=zstd"]; + }; + + "/etc/nixos" = { + device = "/srv/nix-config"; + options = ["bind"]; + }; + }; + }; +} diff --git a/system/hardware.nix b/system/hardware.nix new file mode 100644 index 0000000..c4c7dc9 --- /dev/null +++ b/system/hardware.nix @@ -0,0 +1,9 @@ +{modulesPath, ...}: { + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + (modulesPath + "/profiles/headless.nix") + ]; + boot.loader.grub.device = "/dev/vda"; + boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi"]; + boot.initrd.kernelModules = ["nvme" "btrfs"]; +} diff --git a/system/packages.nix b/system/packages.nix new file mode 100644 index 0000000..4d33c6e --- /dev/null +++ b/system/packages.nix @@ -0,0 +1,9 @@ +{pkgs, ...}: { + environment.systemPackages = with pkgs; [ + jre_minimal + git + zsh + neovim + btrfs-progs + ]; +} diff --git a/system/users.nix b/system/users.nix new file mode 100644 index 0000000..34e1648 --- /dev/null +++ b/system/users.nix @@ -0,0 +1,59 @@ +{pkgs, ...}: { + users.mutableUsers = false; + users.defaultUserShell = pkgs.zsh; + + users.users = { + root = { + #uid = 0; + #initialHashedPassword = null; # to lock root + # Backup, if something happens. TODO remove this later + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG63gxw8JePmrC8Fni0pLV4TnPBhCPmSV9FYEdva+6s7 sils" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGBFuTNNn71Rhfnop2cdz3r/RhWWlCePnSBOhTBbu2ME soispha" + ]; + }; + + sils = { + name = "sils"; + isNormalUser = true; + home = "/srv/home/sils"; + initialHashedPassword = "$y$jFT$KpFnahVCE9JbE.5P3us8o.$ZzSxCusWqe3sL7b6DLgOXNNUf114tiiptM6T8lDxtKC"; # TODO CHANGE + uid = 1000; + extraGroups = [ + "wheel" + ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG63gxw8JePmrC8Fni0pLV4TnPBhCPmSV9FYEdva+6s7 sils" + ]; + }; + + soispha = { + name = "soispha"; + isNormalUser = true; + home = "/srv/home/soispha"; + initialHashedPassword = "$y$jFT$3.8XmUyukZvpExMUxDZkI.$IVrJgm8ysNDF/0vDD2kF6w73ozXgr1LMVRNN4Bq7pv1"; + uid = 1001; + extraGroups = [ + "wheel" + ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGBFuTNNn71Rhfnop2cdz3r/RhWWlCePnSBOhTBbu2ME soispha" + ]; + }; + + nightingale = { + name = "nightingale"; + isNormalUser = true; + home = "/srv/home/nightingale"; + initialHashedPassword = null; # TODO CHANGE + uid = 1002; + extraGroups = [ + "wheel" + ]; + openssh.authorizedKeys.keys = [ + ]; + }; + }; +} +# vim: ts=2 + -- cgit 1.4.1