Kabbone/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

format the repo files

Browse Source
This commit is contained in:
Kabbone
2026-04-26 10:27:50 +02:00
parent 92fd97c9a2
commit b319cd93e9
116 changed files with 4726 additions and 4247 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
hosts/kabtop/default.nix
View File

@@ -1,19 +1,25 @@
#
# Kabtop — server configuration
#
{ config, pkgs, user, agenix, impermanence, ... }:
{
imports = [
./hardware-configuration.nix
../../modules/server
] ++ (import ../../modules/services/server);
config,
pkgs,
user,
agenix,
impermanence,
...
}: {
imports =
[
./hardware-configuration.nix
../../modules/server
]
++ (import ../../modules/services/server);
# ── Server module options ───────────────────────────────────────────────
myServer.virtualisation.enable = true;
myServer.virtualisation.cpu = "amd";
myServer.fail2ban.enable = true;
myServer.virtualisation.cpu = "amd";
myServer.fail2ban.enable = true;
# ── Host-specific settings ──────────────────────────────────────────────
boot = {
@@ -30,24 +36,24 @@
environment.etc = {
"fail2ban/filter.d/open-webui.conf" = {
source = ../../modules/services/server/fail2ban/filter/open-webui.conf;
mode = "0444";
mode = "0444";
};
"fail2ban/filter.d/gitea.conf" = {
source = ../../modules/services/server/fail2ban/filter/gitea.conf;
mode = "0444";
mode = "0444";
};
"fail2ban/filter.d/nextcloud.conf" = {
source = ../../modules/services/server/fail2ban/filter/nextcloud.conf;
mode = "0444";
mode = "0444";
};
};
programs = {
ssh.startAgent = false;
gnupg.agent = {
enable = true;
enableSSHSupport = true;
pinentryPackage = pkgs.pinentry-curses;
enable = true;
enableSSHSupport = true;
pinentryPackage = pkgs.pinentry-curses;
};
};

180
hosts/kabtop/hardware-configuration.nix
View File

@@ -10,17 +10,21 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "ahci" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ "vfio_pci" "vfio" "vfio_iommu_type1" ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "ahci" "sd_mod" "sr_mod"];
boot.initrd.kernelModules = ["vfio_pci" "vfio" "vfio_iommu_type1"];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
boot.tmp.useTmpfs = false;
boot.tmp.cleanOnBoot = true;
zramSwap.enable = true;
@@ -34,81 +38,80 @@
};
services.btrbk = {
instances = {
hf = {
onCalendar = "hourly";
settings = {
incremental = "yes";
snapshot_create = "ondemand";
snapshot_dir = "@snapshots";
timestamp_format = "long";
instances = {
hf = {
onCalendar = "hourly";
settings = {
incremental = "yes";
snapshot_create = "ondemand";
snapshot_dir = "@snapshots";
timestamp_format = "long";
snapshot_preserve = "2m 2w 5d 5h";
snapshot_preserve_min = "latest";
volume = {
"/mnt/snapshots/root" = {
snapshot_create = "always";
subvolume = {
"@" = {};
"@home" = {};
"@var" = {};
};
};
};
snapshot_preserve = "2m 2w 5d 5h";
snapshot_preserve_min = "latest";
volume = {
"/mnt/snapshots/root" = {
snapshot_create = "always";
subvolume = {
"@" = {};
"@home" = {};
"@var" = {};
};
};
};
};
};
};
};
fileSystems."/" =
{ device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@,discard=async" ];
};
fileSystems."/" = {
device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = ["compress=zstd,space_cache=v2,ssd,noatime,subvol=@,discard=async"];
};
fileSystems."/home" =
{ device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@home,discard=async" ];
};
fileSystems."/home" = {
device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = ["compress=zstd,space_cache=v2,ssd,noatime,subvol=@home,discard=async"];
};
fileSystems."/srv" =
{ device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@srv,discard=async" ];
};
fileSystems."/srv" = {
device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = ["compress=zstd,space_cache=v2,ssd,noatime,subvol=@srv,discard=async"];
};
fileSystems."/var" =
{ device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = [ "space_cache=v2,ssd,noatime,subvol=@var,discard=async" ];
};
fileSystems."/var" = {
device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = ["space_cache=v2,ssd,noatime,subvol=@var,discard=async"];
};
fileSystems."/nix" =
{ device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@nix,discard=async" ];
};
fileSystems."/nix" = {
device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = ["compress=zstd,space_cache=v2,ssd,noatime,subvol=@nix,discard=async"];
};
fileSystems."/swap" =
{ device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@swap,discard=async" ];
};
fileSystems."/mnt/snapshots/root" =
{ device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvolid=5,discard=async" ];
};
fileSystems."/swap" = {
device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = ["compress=zstd,space_cache=v2,ssd,noatime,subvol=@swap,discard=async"];
};
fileSystems."/mnt/snapshots/root" = {
device = "/dev/disk/by-label/NIXROOT";
fsType = "btrfs";
options = ["compress=zstd,space_cache=v2,ssd,noatime,subvolid=5,discard=async"];
};
#swapDevices = [ { device = "/swap/swapfile"; } ];
swapDevices = [ ];
swapDevices = [];
networking = {
useDHCP = false; # Deprecated
useDHCP = false; # Deprecated
hostName = "kabtop";
domain = "kabtop.de";
networkmanager = {
@@ -116,34 +119,33 @@
};
firewall = {
enable = true;
allowedUDPPorts = [ ];
allowedTCPPorts = [ 80 443 ];
allowedUDPPorts = [];
allowedTCPPorts = [80 443];
};
};
systemd.network = {
enable = true;
networks = {
"10-lan" = {
matchConfig.Name = "ens18";
enable = true;
networks = {
"10-lan" = {
matchConfig.Name = "ens18";
address = [
"37.44.215.182/24"
"2a13:7e80:0:ef::2/64"
];
address = [
"37.44.215.182/24"
"2a13:7e80:0:ef::2/64"
];
routes = [
{ Gateway = "37.44.215.1"; }
{ Gateway = "fe80::1"; }
];
routes = [
{Gateway = "37.44.215.1";}
{Gateway = "fe80::1";}
];
dns = [
"9.9.9.9"
"2620:fe::fe"
];
};
dns = [
"9.9.9.9"
"2620:fe::fe"
];
};
};
};
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

16
hosts/kabtop/home.nix
View File

@@ -10,16 +10,13 @@
# └─ ./hyprland
# └─ hyprland.nix
#
{pkgs, ...}: {
imports = [
../../modules/home.nix # Window Manager
];
{ pkgs, ... }:
{
imports =
[
../../modules/home.nix # Window Manager
];
home = { # Specific packages for laptop
home = {
# Specific packages for laptop
packages = with pkgs; [
# Applications
@@ -32,5 +29,4 @@
programs = {
alacritty.settings.font.size = 11;
};
}