blake/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add new host

Browse Source
This commit is contained in:
blake
2026-01-09 18:02:44 -06:00
parent e213c64481
commit 1da9d994de
2 changed files with 181 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

111
hosts/nixos/mew/configuration.nix Normal file
View File

@@ -0,0 +1,111 @@
{
pkgs,
config,
lib,
modulesPath,
inputs,
stable_pkgs,
unstable_pkgs,
...
}: {
imports = [
# Include the results of the hardware scan.
(modulesPath + "/installer/scan/not-detected.nix")
#./hardware-configuration.nix
../../nixos
../../../users/blake
../../../modules/desktop
../../../modules/system
];
# home grown nixos modules
system = {
secure_boot.enable = false;
cifs_mounts.enable = true;
udiskie.enable = true;
ssh.enable = true;
sops.enable = true;
yubikey.enable = true;
yubikey.lock_on_remove = true;
tailscale.enable = true;
syncthing.enable = true;
flatpak.enable = true;
graphics = {
enable = true;
vendor = "amd";
};
};
desktop = {
pipewire.enable = true;
hypr.enable = true;
greetd.enable = true;
};
gaming = {
steam.enable = true;
lutris.enable = true;
proton_ge.enable = true;
gamemode.enable = true;
mangohud.enable = true;
};
# import home grown host specific home-manager modules
home-manager.users.blake.imports = [
../../../users/blake/hosts/yveltal.nix
];
# fix power buttons
# move this to a laptops file at some point
services.logind.settings.Login = {
HandlePowerKey = "suspend-then-hibernate";
HandleLidSwitch = "suspend-then-hibernate";
};
# sets the delay before hibernation for ^
systemd.sleep.extraConfig = ''
HibernateDelaySec=1800
'';
# boot (systemd is growing on me)
boot = {
kernelModules = ["kvm-intel"];
extraModulePackages = [];
loader = {
systemd-boot.enable = true; # systemd your pretty cool ya know
efi.canTouchEfiVariables = true;
};
initrd = {
systemd.enable = true; # better logging
availableKernelModules = ["xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage" "sd_mod"];
kernelModules = [];
};
};
# setup hostname and networking stack
networking = {
hostName = "mew"; # hostname
useDHCP = lib.mkDefault true;
interfaces = {
wlp0s20f3.useDHCP = lib.mkDefault true;
};
firewall = {
enable = true;
allowedTCPPorts = [22];
allowedUDPPorts = [51820]; # wireguard
};
networkmanager = {
enable = true; # the goat
dns = "systemd-resolved"; # the backup dancer!
};
};
services.resolved = {
enable = true;
fallbackDns = ["1.1.1.1" "9.9.9.9"];
dnsovertls = "opportunistic";
};
hardware.bluetooth.enable = true;
system.stateVersion = "25.05"; # stays here : )
# hardware shit
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

70
hosts/nixos/mew/disko.nix Normal file
View File

@@ -0,0 +1,70 @@
{
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/disk/by-id/nvme-PC_SN530_NVMe_WDC_512GB_210513807733"; # disk id here
content = {
type = "gpt";
partitions = {
ESP = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
# disable settings.keyFile if you want to use interactive password entry
#passwordFile = "/tmp/secret.key"; # Interactive
settings = {
allowDiscards = true;
#keyFile = "/tmp/secret.key";
};
#additionalKeyFiles = [ "/tmp/additionalSecret.key" ];
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"@root" = {
mountpoint = "/";
mountOptions = [
"compress=zstd"
"noatime"
];
};
"@home" = {
mountpoint = "/home";
mountOptions = [
"compress=zstd"
"noatime"
];
};
"@nix" = {
mountpoint = "/nix";
mountOptions = [
"compress=zstd"
"noatime"
];
};
"@swap" = {
mountpoint = "/.swapvol";
swap.swapfile.size = "32G";
};
};
};
};
};
};
};
};
};
};
}