fabianhauser/dotfiles
1
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages Wiki Activity Actions

Add initial legacy configuration

Browse source
This commit is contained in:
Fabian Hauser 2025-02-22 20:27:25 +02:00
parent febfe1d970
commit db07652d99
64 changed files with 3287 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

40
nixos-configurations/speer/default.nix Normal file
View file

@ -0,0 +1,40 @@
{ ... }:
{
imports = [
./filesystems.nix
./networking.nix
./disko-config.nix
# TODO: Hardware
];
nixpkgs.hostPlatform = "x86_64-linux";
virtualisation = {
# TODO: This should probably be somewhere else.
docker = {
enable = true;
enableOnBoot = false;
};
libvirtd.enable = true;
spiceUSBRedirection.enable = true;
};
boot.extraModprobeConfig = ''
options kvm_intel nested=1
options kvm_intel emulate_invalid_guest_state=0
options kvm ignore_msrs=1
'';
# Set your time zone.
time.timeZone = "Europe/Tallinn";
# This value determines the NixOS release from which the default
# settings for stateful data, like fi:le locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "24.11"; # Did you read the comment?
}

98
nixos-configurations/speer/disko-config.nix Normal file
View file

@ -0,0 +1,98 @@
{ ... }:
{
disko.devices = {
disk = rec {
system-1 = {
type = "disk";
device = "/dev/disk/by-id/nvme-Samsung_SSD_970_EVO_Plus_2TB_S4J4NX0W821176E";
content = {
type = "gpt";
partitions = {
boot = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
raid_system = {
start = "30G";
size = "100%";
content = {
type = "mdraid";
name = "raid_system";
};
};
};
};
};
#system-2 = {
# type = "disk";
# device = "/dev/disk/by-id/nvme-XXXXX";
# content = pkgs.lib.recursiveUpdate system-1.content {
# partitions.boot.content.mountpoint = "/boot-secondary";
# };
#};
};
mdadm = {
"raid_system" = {
type = "mdadm";
level = 1;
content = {
type = "luks";
name = "crypted_system";
passwordFile = "/run/secrets/system/hdd.key";
settings = {
allowDiscards = true;
bypassWorkqueues = true;
};
content = {
type = "lvm_pv";
vg = "vg_system";
};
};
};
};
lvm_vg = {
vg_system = {
type = "lvm_vg";
lvs = {
swap = {
size = "32G";
content = {
type = "swap";
resumeDevice = true;
};
};
data = {
size = "1000GB";
content = {
type = "btrfs";
mountOptions = [
"defaults"
"noatime"
];
subvolumes."/home".mountpoint = "/home";
};
};
hv_speer = {
size = "200GiB";
content = {
type = "btrfs";
mountOptions = [
"defaults"
"noatime"
];
subvolumes = {
"/root".mountpoint = "/";
};
};
};
};
};
};
};
}

22
nixos-configurations/speer/filesystems.nix Normal file
View file

@ -0,0 +1,22 @@
{
config,
pkgs,
lib,
...
}:
{
# Configurations are set in disko-config.nix!
# mdadm.conf generated by `mdadm --detail --scan`
# TODO
boot.swraid.enable = true;
boot.swraid.mdadmConf = ''
MAILADDR root
'';
services.fwupd.daemonSettings.EspLocation = pkgs.lib.mkForce config.disko.devices.disk.system-1.content.partitions.boot.content.mountpoint;
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
}

22
nixos-configurations/speer/networking.nix Normal file
View file

@ -0,0 +1,22 @@
{ ... }:
{
networking = {
networkmanager.enable = true;
useDHCP = false;
};
services.tailscale = {
enable = true;
openFirewall = true;
useRoutingFeatures = "client";
authKeyFile = "/secrets/wireguard/tailscale-key";
extraUpFlags = [
"--operator"
"fhauser"
"--accept-routes"
"--exit-node=100.64.0.6"
"--login-server=https://vpn.qo.is"
];
};
}