Kabbone/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

format the repo files

Browse Source
This commit is contained in:
Kabbone
2026-04-26 10:27:50 +02:00
parent 92fd97c9a2
commit b319cd93e9
116 changed files with 4726 additions and 4247 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
hosts/dmz/default.nix
View File

@@ -1,38 +1,44 @@
#
# DMZ — demilitarised zone server configuration
#
{ config, pkgs, user, agenix, impermanence, ... }:
{
imports = [
./hardware-configuration.nix
../../modules/server
] ++ (import ../../modules/services/dmz);
config,
pkgs,
user,
agenix,
impermanence,
...
}: {
imports =
[
./hardware-configuration.nix
../../modules/server
]
++ (import ../../modules/services/dmz);
# ── Server module options ───────────────────────────────────────────────
myServer.virtualisation.enable = true;
myServer.virtualisation.cpu = "intel";
myServer.virtualisation.cpu = "intel";
# ── Host-specific settings ──────────────────────────────────────────────
boot = {
kernelPackages = pkgs.linuxPackages_latest;
loader = {
systemd-boot.enable = true;
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
efi.efiSysMountPoint = "/boot";
timeout = 1;
efi.efiSysMountPoint = "/boot";
timeout = 1;
};
};
services = {
qemuGuest.enable = true;
avahi = {
enable = true;
enable = true;
nssmdns4 = true;
publish = {
enable = true;
addresses = true;
publish = {
enable = true;
addresses = true;
userServices = true;
};
};

131
hosts/dmz/hardware-configuration.nix
View File

@@ -10,17 +10,21 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sr_mod" "virtio_blk" ];
boot.initrd.kernelModules = [ "vfio_pci" "vfio" "vfio_iommu_type1" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sr_mod" "virtio_blk"];
boot.initrd.kernelModules = ["vfio_pci" "vfio" "vfio_iommu_type1"];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.tmp.useTmpfs = false;
boot.tmp.cleanOnBoot = true;
zramSwap.enable = true;
@@ -33,75 +37,74 @@
];
};
fileSystems."/" =
{ device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@,discard=async" ];
};
fileSystems."/" = {
device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = ["compress=zstd,space_cache=v2,ssd,noatime,subvol=@,discard=async"];
};
fileSystems."/home" =
{ device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@home,discard=async" ];
};
fileSystems."/home" = {
device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = ["compress=zstd,space_cache=v2,ssd,noatime,subvol=@home,discard=async"];
};
fileSystems."/srv" =
{ device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@srv,discard=async" ];
};
fileSystems."/srv" = {
device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = ["compress=zstd,space_cache=v2,ssd,noatime,subvol=@srv,discard=async"];
};
fileSystems."/var" =
{ device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@var,discard=async" ];
};
fileSystems."/var" = {
device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = ["compress=zstd,space_cache=v2,ssd,noatime,subvol=@var,discard=async"];
};
fileSystems."/nix" =
{ device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@nix,discard=async" ];
};
fileSystems."/nix" = {
device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = ["compress=zstd,space_cache=v2,ssd,noatime,subvol=@nix,discard=async"];
};
fileSystems."/swap" =
{ device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@swap,discard=async" ];
};
fileSystems."/swap" = {
device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = ["compress=zstd,space_cache=v2,ssd,noatime,subvol=@swap,discard=async"];
};
fileSystems."/mnt/snapshots/root" =
{ device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvolid=5,discard=async" ];
};
fileSystems."/mnt/snapshots/root" = {
device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = ["compress=zstd,space_cache=v2,ssd,noatime,subvolid=5,discard=async"];
};
swapDevices = [];
swapDevices = [ ];
systemd.network = {
enable = true;
networks = {
"10-lan" = {
matchConfig.Name = "ens18";
ntp = [ "192.168.101.1" ];
domains = [ "home.opel-online.de" ];
networkConfig = {
DHCP = "yes";
IPv6AcceptRA = true;
};
dns = [
"192.168.101.1"
];
};
enable = true;
networks = {
"10-lan" = {
matchConfig.Name = "ens18";
ntp = ["192.168.101.1"];
domains = ["home.opel-online.de"];
networkConfig = {
DHCP = "yes";
IPv6AcceptRA = true;
};
dns = [
"192.168.101.1"
];
};
};
};
networking = {
useDHCP = false; # Deprecated
useDHCP = false; # Deprecated
hostName = "dmz";
firewall = {
enable = true;
allowedUDPPorts = [ ];
allowedTCPPorts = [ 80 443 ];
allowedUDPPorts = [];
allowedTCPPorts = [80 443];
};
};
}

16
hosts/dmz/home.nix
View File

@@ -10,16 +10,13 @@
# └─ ./hyprland
# └─ hyprland.nix
#
{pkgs, ...}: {
imports = [
../../modules/home.nix # Window Manager
];
{ pkgs, ... }:
{
imports =
[
../../modules/home.nix # Window Manager
];
home = { # Specific packages for laptop
home = {
# Specific packages for laptop
packages = with pkgs; [
# Applications
@@ -32,5 +29,4 @@
programs = {
alacritty.settings.font.size = 11;
};
}