89 lines
2.1 KiB
Nix
89 lines
2.1 KiB
Nix
{
|
|
inputs,
|
|
outputs,
|
|
lib,
|
|
config,
|
|
pkgs,
|
|
...
|
|
}: let
|
|
vars = import ../../vars.nix;
|
|
in {
|
|
imports = [
|
|
inputs.hardware.nixosModules.common-pc-ssd
|
|
inputs.disko.nixosModules.default
|
|
|
|
./hardware-configuration.nix
|
|
(import ../../disko/btrfs-swap.nix {device = "/dev/nvme0n1";})
|
|
./disko/zfs.nix
|
|
|
|
../common/global
|
|
|
|
../common/optional/systemd-boot.nix
|
|
../common/optional/gnome-keyring.nix
|
|
../common/optional/docker.nix
|
|
./sops.nix
|
|
./restic.nix
|
|
./arion
|
|
# ./hydra.nix
|
|
./samba.nix
|
|
];
|
|
|
|
# Enable ZFS
|
|
boot.supportedFilesystems = ["zfs"];
|
|
networking.hostId = "f014fc43";
|
|
services.zfs.autoScrub.enable = true;
|
|
|
|
# Prevent server from getting stuck in emergency mode and non-connectable via SSH
|
|
systemd.enableEmergencyMode = false;
|
|
|
|
# Fix rebuild being stuck when Pihole is down due to docker restart
|
|
systemd.services.NetworkManager-wait-online.enable = false;
|
|
|
|
# Prevent zfs from being automounted by fstab auto discovery & zfs
|
|
fileSystems."/storage/dataset".options = ["noauto"];
|
|
fileSystems."/storage".options = ["noauto"];
|
|
|
|
fileSystems."/home/ghoscht/.zfs" = {
|
|
device = "/dev/disk/by-label/SECRET_KEYS";
|
|
fsType = "vfat";
|
|
};
|
|
|
|
users.mutableUsers = true;
|
|
users.users.${vars.user} = {
|
|
password = "changeme";
|
|
openssh.authorizedKeys.keys = [
|
|
#Desktop
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJd6Gut34abkwlZ4tZVBO4Qt7CkIpPm/Z8R6JCisjnYy openpgp:0xBD0CFCA0"
|
|
|
|
#Convertible
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFlRsnLqm6Ap3yKEEhtFiWavo72df/X5Il1ZCmENUqev openpgp:0xDE189CA5"
|
|
];
|
|
};
|
|
|
|
security.pam.sshAgentAuth.enable = true;
|
|
|
|
nixpkgs = {
|
|
overlays = [
|
|
outputs.overlays.additions
|
|
outputs.overlays.modifications
|
|
outputs.overlays.unstable-packages
|
|
];
|
|
config = {
|
|
allowUnfree = true;
|
|
};
|
|
};
|
|
|
|
networking.hostName = "franz";
|
|
|
|
programs = {
|
|
dconf.enable = true;
|
|
};
|
|
|
|
services.openssh = {
|
|
enable = true;
|
|
settings.PasswordAuthentication = false;
|
|
};
|
|
|
|
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
|
|
system.stateVersion = "23.11";
|
|
}
|