nix-config/hosts/franz/default.nix

90 lines
2 KiB
Nix
Raw Normal View History

{ inputs
, outputs
, ...
}:
let
2024-03-02 17:48:50 +01:00
vars = import ../../vars.nix;
in
{
2024-03-02 17:17:52 +01:00
imports = [
inputs.hardware.nixosModules.common-pc-ssd
inputs.disko.nixosModules.default
./hardware-configuration.nix
(import ../../disko/btrfs-swap.nix { device = "/dev/nvme0n1"; })
2024-03-31 22:04:31 +02:00
./disko/zfs.nix
2024-03-02 17:17:52 +01:00
../common/global
../common/optional/systemd-boot.nix
../common/optional/gnome-keyring.nix
../common/optional/docker.nix
2024-03-03 20:04:13 +01:00
./sops.nix
2024-03-31 22:04:51 +02:00
./restic.nix
./arion
2024-08-24 10:14:31 +02:00
# ./hydra.nix
./samba.nix
2024-03-02 17:17:52 +01:00
];
2024-03-31 22:04:31 +02:00
# Enable ZFS
boot.supportedFilesystems = [ "zfs" ];
2024-03-31 22:04:31 +02:00
networking.hostId = "f014fc43";
2024-07-28 00:35:01 +02:00
services.zfs.autoScrub.enable = true;
2024-03-31 22:04:31 +02:00
# Prevent server from getting stuck in emergency mode and non-connectable via SSH
2024-03-31 22:04:31 +02:00
systemd.enableEmergencyMode = false;
# Fix rebuild being stuck when Pihole is down due to docker restart
systemd.services.NetworkManager-wait-online.enable = false;
2024-03-31 22:04:31 +02:00
# Prevent zfs from being automounted by fstab auto discovery & zfs
fileSystems = {
"/storage/dataset".options = [ "noauto" ];
"/storage".options = [ "noauto" ];
2024-03-31 22:04:31 +02:00
"/home/ghoscht/.zfs" = {
device = "/dev/disk/by-label/SECRET_KEYS";
fsType = "vfat";
};
2024-08-09 17:58:45 +02:00
};
2024-03-02 17:48:50 +01:00
users.mutableUsers = true;
2024-03-17 15:18:23 +01:00
users.users.${vars.user} = {
password = "changeme";
openssh.authorizedKeys.keys = [
#Desktop
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJd6Gut34abkwlZ4tZVBO4Qt7CkIpPm/Z8R6JCisjnYy openpgp:0xBD0CFCA0"
2024-03-02 17:48:50 +01:00
2024-03-17 15:18:23 +01:00
#Convertible
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFlRsnLqm6Ap3yKEEhtFiWavo72df/X5Il1ZCmENUqev openpgp:0xDE189CA5"
];
};
2024-12-09 13:39:28 +01:00
security.pam.sshAgentAuth.enable = true;
2024-03-17 15:18:23 +01:00
2024-03-02 17:17:52 +01:00
nixpkgs = {
overlays = [
outputs.overlays.additions
outputs.overlays.modifications
outputs.overlays.unstable-packages
];
config = {
allowUnfree = true;
};
};
networking.hostName = "franz";
programs = {
dconf.enable = true;
};
2024-03-02 17:41:16 +01:00
services.openssh = {
enable = true;
2024-03-03 13:08:46 +01:00
settings.PasswordAuthentication = false;
2024-03-02 17:41:16 +01:00
};
2024-03-02 17:17:52 +01:00
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
system.stateVersion = "23.11";
}