Jimbo/NixOS-Config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

More movearounds and stuff idk anymore

Browse source
This commit is contained in:
Jimbo 2024-11-05 05:49:14 -05:00
parent 9a30fae72f
commit 84d5732a32
13 changed files with 56 additions and 48 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
hosts/firefly/boot/default.nix
View file

@ -1,4 +1,4 @@
{ pkgs, lib, ... }:
{ config, pkgs, ... }:
let
commonKernelParams = [
# Nvidia settings
@ -31,13 +31,13 @@ in {
services.root-reset = {
description = "Reset root and snapshot last boot";
wantedBy = [ "initrd.target" ];
after = [ "dev-firefly-root.device" ];
after = [ "dev-${config.networking.hostName}-root.device" ];
before = [ "sysroot.mount" ];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir -p /mnt
mount /dev/firefly/root /mnt
mount /dev/${config.networking.hostName}/root /mnt
if [[ -e /mnt/prev ]]; then
btrfs subvolume delete /mnt/prev

2
hosts/firefly/default.nix
View file

@ -1,4 +1,4 @@
{ pkgs, ... }:
{ ... }:
{
imports = [
./boot

8
hosts/firefly/disko/default.nix
View file

@ -1,10 +1,10 @@
{ disko, ... }:
{ disko, config, ... }:
{
imports = [ disko.nixosModules.disko ];
disko.devices = {
disk = {
firefly = {
"${config.networking.hostName}" = {
type = "disk";
device = "/dev/nvme0n1";
content = {
@ -29,7 +29,7 @@
passwordFile = "/tmp/secret.key";
content = {
type = "lvm_pv";
vg = "firefly";
vg = "${config.networking.hostName}";
};
};
};
@ -39,7 +39,7 @@
};
lvm_vg = {
firefly = {
"${config.networking.hostName}" = {
type = "lvm_vg";
lvs = {
root = {

30
hosts/firefly/hardware/default.nix
View file

@ -21,22 +21,6 @@
};
fileSystems = {
# Useful system mounts
"/etc/libvirt" = {
device = "/dev/disk/by-uuid/f18a0302-9914-471d-828c-85ab1a67a8be";
options = [ "nosuid" "nodev" "nofail" ];
};
"/etc/libvirt/VMs/Bulk" = {
depends = [ "/etc/libvirt" ];
device = "/dev/disk/by-uuid/3eb36c3e-81ac-4281-89f0-c89242d88dd6";
options = [ "nosuid" "nodev" "nofail" ];
};
"/var/lib/libvirt" = {
depends = [ "/etc/libvirt" ];
device = "/etc/libvirt/varlibvirt";
options = [ "bind" "rw" ];
};
# Games and such
"/mnt/Linux1" = {
device = "/dev/disk/by-uuid/b2901f8c-ffda-4b88-bb63-a9ea0c96ccb4";
@ -46,6 +30,10 @@
device = "/dev/disk/by-uuid/f08e4f38-162c-402f-ba2a-5925151b78bf";
options = [ "nosuid" "nodev" "nofail" "x-gvfs-show" ];
};
"/mnt/Linux3" = {
device = "/dev/disk/by-uuid/e7bc75bd-c371-4b28-b212-7be9b1fad339";
options = [ "nosuid" "nodev" "nofail" "x-gvfs-show" ];
};
"/mnt/Windows1" = {
device = "/dev/disk/by-uuid/10BC97B2BC979138";
options = [ "nosuid" "nodev" "noauto" ];
@ -55,6 +43,16 @@
options = [ "nosuid" "nodev" "noauto" ];
};
# Bulk storage mounts
"/persist/var/lib/libvirt" = {
device = "/dev/disk/by-uuid/abf78669-de2a-4afa-8e62-604f4e4cb355";
options = [ "subvol=libvirt" "nosuid" "nodev" "nofail" ];
};
"/persist/home/jimbo/VMs" = {
device = "/dev/disk/by-uuid/abf78669-de2a-4afa-8e62-604f4e4cb355";
options = [ "subvol=images" "nosuid" "nodev" "nofail" ];
};
# Network mounts
"/home/jimbo/JimboNFS" = {
device = "${config.ips.server}:/export/JimboNFS";

3
modules/home/files/default.nix
View file

@ -1,8 +1,5 @@
{ pkgs, config, ... }: {
home.file = {
"VMs" = {
source = config.lib.file.mkOutOfStoreSymlink "/etc/libvirt/VMs";
};
".face" = {
source = ./assets/pfp.png;
};

1
modules/system/devices/disks/impermanence/jimbo/default.nix
View file

@ -9,6 +9,7 @@
"Pictures"
"Videos"
"Games"
"VMs"
".snapshots"
".mozilla"

6
modules/system/devices/disks/impermanence/root/default.nix
View file

@ -5,16 +5,10 @@
directories = [
"/etc/nixos"
"/etc/secureboot"
"/var/log"
"/var/lib/systemd/coredump"
"/var/lib/nixos"
];
files = [
"/etc/machine-id"
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
}

1
modules/system/programs/security/default.nix
View file

@ -3,5 +3,6 @@
imports = [
./apparmor
./doas
./polkit
];
}

7
modules/system/programs/security/polkit/default.nix Normal file
View file

@ -0,0 +1,7 @@
{ config, ... }:
{
security = {
polkit.enable = config.system.desktop.enable;
rtkit.enable = config.system.desktop.enable;
};
}

7
modules/system/services/common/ssh/default.nix
View file

@ -11,4 +11,11 @@
UsePAM = false;
};
};
environment.persistence."/persist".files = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
}

1
modules/system/services/pc/default.nix
View file

@ -5,7 +5,6 @@
./gvfs
./libvirtd
./mpd
./polkit
./sunshine
];
}

25
modules/system/services/pc/libvirtd/default.nix
View file

@ -27,13 +27,24 @@
};
};
environment.systemPackages = with pkgs; [
virt-manager
virtiofsd
dnsmasq
spice-vdagent
looking-glass-client
];
environment = {
systemPackages = with pkgs; [
virt-manager
virtiofsd
dnsmasq
spice-vdagent
looking-glass-client
];
persistence."/persist".directories = [
"/var/lib/libvirt/dnsmasq"
"/var/lib/libvirt/nwfilter"
"/var/lib/libvirt/qemu"
"/var/lib/libvirt/secrets"
"/var/lib/libvirt/storage"
"/var/lib/libvirt/swtpm"
];
};
# Needed to make NAT work
networking.firewall.trustedInterfaces = [

7
modules/system/services/pc/polkit/default.nix
View file

@ -1,7 +0,0 @@
{ ... }:
{
security = {
polkit.enable = true;
rtkit.enable = true;
};
}