Kabbone/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

prepaid-host adjustment

Browse Source
This commit is contained in:
Kabbone 2022-12-06 22:24:15 +01:00
parent ffdbf1c581
commit 5fac176a06
Signed by: Kabbone
SSH Key Fingerprint: SHA256:A5zPB5I6u5V78V51c362BBdCwhDhfDUVbt7NfKdjWBY
5 changed files with 35 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
hosts/configuration_desktop.nix
View File

@ -20,7 +20,7 @@
users.users.${user} = { # System User
isNormalUser = true;
extraGroups = [ "wheel" "video" "audio" "camera" "networkmanager" "lp" "kvm" "libvirtd" "adb" ];
extraGroups = [ "wheel" "video" "audio" "camera" "networkmanager" "lp" "kvm" "libvirtd" "adb" "dialout" ];
shell = pkgs.zsh; # Default shell
uid = 2000;
# initialPassword = "password95";
@ -95,6 +95,7 @@
at-spi2-core
bind
dig
qmk-udev-rules
];
};

7
hosts/configuration_server.nix
View File

@ -92,8 +92,13 @@
openssh = { # SSH: secure shell (remote connection to shell of server)
enable = true; # local: $ ssh <user>@<ip>
passwordAuthentication = false;
permitRootLogin = "no";
ports = [ 2220 ];
openFirewall = true;
};
fail2ban = {
enable = true
};
qemuGuest.enable = true;
#flatpak.enable = true; # download flatpak file from website - sudo flatpak install <path> - reboot if not showing up
# sudo flatpak uninstall --delete-data <app-id> (> flatpak list --app) - flatpak uninstall --unused

4
hosts/default.nix
View File

@ -78,7 +78,7 @@ in
];
};
dmz-services = lib.nixosSystem { # Desktop profile
dmz = lib.nixosSystem { # Desktop profile
inherit system;
#user = "dmz-user";
specialArgs = { inherit inputs user location nixos-hardware nur; };
@ -86,7 +86,7 @@ in
nur.nixosModules.nur
./server
./configuration_server.nix
nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-pc-ssd
home-manager.nixosModules.home-manager {

10
hosts/server/default.nix
View File

@ -29,11 +29,11 @@
kernelPackages = pkgs.linuxPackages_latest;
loader = { # EFI Boot
systemd-boot.enable = true;
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot";
};
grub = {
enable = true;
version = 2;
device = "/dev/sda";
};
timeout = 1; # Grub auto select time
};
};

41
hosts/server/hardware-configuration.nix
View File

@ -17,9 +17,9 @@
[ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sr_mod" "virtio_blk" ];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "ahci" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ "vfio_pci" "vfio" "vfio_iommu_type1" "vfio_virqfd" ];
boot.kernelModules = [ "kvm-intel" ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
@ -52,11 +52,6 @@
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@nix,discard=async" ];
};
fileSystems."/boot" =
{ device = "/dev/disk/by-label/NIXBOOT";
fsType = "vfat";
};
swapDevices = [ ];
@ -67,22 +62,26 @@
enable = true;
};
interfaces = {
enp6s18 = {
useDHCP = true; # For versatility sake, manually edit IP on nm-applet.
#ipv4.addresses = [ {
# address = "192.168.0.51";
# prefixLength = 24;
#} ];
ens18 = {
useDHCP = false; # For versatility sake, manually edit IP on nm-applet.
ipv4.addresses = [ {
address = "45.142.114.153";
prefixLength = 24;
} ];
ipv6.addresses = [ {
address = "2a00:ccc1:101:19D::2";
prefixLength = 64;
} ];
};
};
#defaultGateway = "192.168.0.1";
#nameservers = [ "192.168.0.4" ];
#firewall = {
# enable = false;
# #allowedUDPPorts = [ 53 67 ];
# #allowedTCPPorts = [ 53 80 443 9443 ];
#};
defaultGateway = "45.142.114.1";
nameservers = [ "9.9.9.9" "2620:fe::fe" ];
firewall = {
enable = true;
allowedUDPPorts = [ ];
allowedTCPPorts = [ ];
};
};
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}