2023-01-17 13:45:37 +01:00
|
|
|
{ nixos-hardware, disko, ... }:
|
2024-01-02 22:01:55 +01:00
|
|
|
{ pkgs, config, ... }:
|
2023-01-17 13:45:37 +01:00
|
|
|
{
|
|
|
|
|
imports = [
|
|
|
|
|
nixos-hardware.nixosModules.common-cpu-intel
|
|
|
|
|
nixos-hardware.nixosModules.common-pc-ssd
|
|
|
|
|
|
|
|
|
|
disko.nixosModules.disko
|
|
|
|
|
|
|
|
|
|
./storage.nix
|
2024-01-02 22:01:55 +01:00
|
|
|
./network.nix
|
|
|
|
|
./virtualisation.nix
|
2023-01-17 14:09:13 +01:00
|
|
|
../../users/erwin
|
|
|
|
|
../../users/root
|
2023-01-17 13:45:37 +01:00
|
|
|
];
|
|
|
|
|
|
|
|
|
|
eboskma = {
|
|
|
|
|
users.erwin = {
|
|
|
|
|
enable = true;
|
2024-01-02 22:01:55 +01:00
|
|
|
server = true;
|
2023-01-17 13:45:37 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
base = {
|
|
|
|
|
plymouth.enable = true;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
nix-common = {
|
|
|
|
|
enable = true;
|
|
|
|
|
remote-builders = true;
|
|
|
|
|
};
|
|
|
|
|
|
2024-01-02 22:01:55 +01:00
|
|
|
# libvirtd.enable = true;
|
2023-01-17 13:45:37 +01:00
|
|
|
systemd.enable = true;
|
2024-01-02 22:01:55 +01:00
|
|
|
tailscale.enable = true;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
security = {
|
|
|
|
|
sudo-rs = {
|
|
|
|
|
enable = true;
|
|
|
|
|
};
|
|
|
|
|
sudo.enable = false;
|
2023-01-17 13:45:37 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
boot = {
|
|
|
|
|
loader = {
|
|
|
|
|
systemd-boot = {
|
|
|
|
|
enable = true;
|
|
|
|
|
configurationLimit = 10;
|
|
|
|
|
};
|
|
|
|
|
efi.canTouchEfiVariables = true;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
initrd = {
|
2024-01-02 22:01:55 +01:00
|
|
|
availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "ahci" "usb_storage" "usbhid" "sd_mod" "virtio_blk" "virtio_pci" ];
|
|
|
|
|
kernelModules = [ "kvm-intel" ];
|
2023-01-17 13:45:37 +01:00
|
|
|
};
|
|
|
|
|
|
2024-01-02 22:01:55 +01:00
|
|
|
kernelPackages = pkgs.linuxPackages_latest;
|
|
|
|
|
kernelModules = [ "kvm-intel" "dm-thin-pool" "dm-snapshot" ];
|
|
|
|
|
# From PVE: ro quiet intel_iommu=on i915.enable_gvt=1 cpufreq.default_governor=ondemand
|
|
|
|
|
# kernelParams = [ "intel_iommu=on" "i915.enable_gvt=1" "cpufreq.default_governor=ondemand" ];
|
|
|
|
|
|
|
|
|
|
extraModulePackages = with config.boot.kernelPackages; [ gasket ];
|
2023-01-17 13:45:37 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
hardware.enableAllFirmware = true;
|
2023-01-17 23:55:51 +01:00
|
|
|
powerManagement.cpuFreqGovernor = "ondemand";
|
2023-01-17 13:45:37 +01:00
|
|
|
|
2024-01-02 22:01:55 +01:00
|
|
|
services = {
|
|
|
|
|
openssh.enable = true;
|
|
|
|
|
cockpit = {
|
|
|
|
|
enable = true;
|
2024-01-03 01:15:28 +01:00
|
|
|
openFirewall = true;
|
2024-01-02 22:01:55 +01:00
|
|
|
settings = {
|
|
|
|
|
WebService = {
|
|
|
|
|
Origins = "https://cockpit.datarift.nl";
|
|
|
|
|
ProtocolHeader = "X-Forwarded-Proto";
|
|
|
|
|
ForwardedForHeader = "X-Forwarded-For";
|
|
|
|
|
};
|
2023-04-07 10:10:53 +02:00
|
|
|
};
|
|
|
|
|
};
|
2024-01-02 22:01:55 +01:00
|
|
|
lvm = {
|
|
|
|
|
enable = true;
|
|
|
|
|
};
|
2023-01-17 13:45:37 +01:00
|
|
|
};
|
2023-01-17 15:53:06 +01:00
|
|
|
|
2024-01-02 22:01:55 +01:00
|
|
|
system.stateVersion = "24.05";
|
2023-01-17 13:45:37 +01:00
|
|
|
}
|
