artemist/nixos-config
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Start work on mistmane, work around bad packages, add zfs

Browse source
This commit is contained in:
Artemis Tosini 2020-11-26 04:17:41 +00:00
parent e105e592ec
commit 12081e5172
Signed by: artemist
GPG key ID: ADFFE553DCBB831E
9 changed files with 57 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.gitmodules vendored
View file

@ -1,3 +1,6 @@
[submodule "private"] [submodule "private"]
path = private path = private
url = git@github.com:artemist/nixos-config-private.git url = git@github.com:artemist/nixos-config-private.git
[submodule "externals/wip-pinebook-pro"]
path = externals/wip-pinebook-pro
url = https://github.com/samueldr/wip-pinebook-pro

1
externals/wip-pinebook-pro vendored Submodule

@ -0,0 +1 @@
Subproject commit 497b7f7641b731df220f4538cf981574140186ee

10
packages.nix
View file

@ -85,7 +85,6 @@ in
lsof lsof
mercurialFull mercurialFull
nix-index nix-index
nixops
openssl openssl
p7zip p7zip
pandoc pandoc
@ -141,15 +140,6 @@ in
valgrind valgrind
yarn yarn
# Radio
gr-limesdr
limesuite
gnuradio-with-packages
soapysdr
gqrx
# Hacking tools
# Security # Security
(pass.withExtensions (exts: [ exts.pass-otp ])) (pass.withExtensions (exts: [ exts.pass-otp ]))
_1password _1password

2
private

@ -1 +1 @@
Subproject commit 978cda736295807568c4b35c7745de952285deb3 Subproject commit 37ff0f2defe0902161d79d79cb4a9f7ef30bfbed

11
sets/radio.nix Normal file
View file

@ -0,0 +1,11 @@
{ config, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
gr-limesdr
limesuite
gnuradio-with-packages
soapysdr
gqrx
];
}

7
system/mistmane/default.nix Normal file
View file

@ -0,0 +1,7 @@
{ config, pkgs, ... }:
{
imports = [
../../externals/wip-pinebook-pro/pinebook_pro.nix
];
}

1
system/starlight/boot-config.nix
View file

@ -13,6 +13,7 @@
signing-certificate = "/root/secure-boot/db.crt"; signing-certificate = "/root/secure-boot/db.crt";
}; };
# Encrypted drives
initrd.luks = { initrd.luks = {
reusePassphrases = true; reusePassphrases = true;
devices = { devices = {

20
system/starlight/default.nix
View file

@ -17,13 +17,12 @@
../../sets/virtualization.nix ../../sets/virtualization.nix
]; ];
# Network
networking.hostName = "starlight"; networking.hostName = "starlight";
services.udev.extraRules = '' services.udev.extraRules = ''
KERNEL=="eth*", ATTR{address}=="00:0f:53:16:15:9c", NAME="lan10g0" KERNEL=="eth*", ATTR{address}=="00:0f:53:16:15:9c", NAME="lan10g0"
KERNEL=="eth*", ATTR{address}=="00:0f:53:16:15:9d", NAME="lan10g1" KERNEL=="eth*", ATTR{address}=="00:0f:53:16:15:9d", NAME="lan10g1"
''; '';
networking.bridges.br0 = { networking.bridges.br0 = {
rstp = true; rstp = true;
interfaces = [ "lan10g0" "lan10g1" "enp4s0" ]; interfaces = [ "lan10g0" "lan10g1" "enp4s0" ];
@ -37,13 +36,26 @@
}; };
networking.dhcpcd.allowInterfaces = [ "br0" ]; networking.dhcpcd.allowInterfaces = [ "br0" ];
# Filesystems
boot.supportedFilesystems = [ "zfs" "btrfs" ];
boot.zfs = {
enableUnstable = true;
forceImportAll = false;
forceImportRoot = false;
requestEncryptionCredentials = false;
};
services.btrfs.autoScrub = {
enable = true;
fileSystems = [ "/" "/media/data" "/media/archive" ];
};
# Packages
services.tor = { services.tor = {
enable = true; enable = true;
client.enable = true; client.enable = true;
}; };
boot.binfmt.emulatedSystems = [ "aarch64-linux" "riscv64-linux" ]; boot.binfmt.emulatedSystems = [ "aarch64-linux" "riscv64-linux" ];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
weechat weechat
]; ];

24
system/starlight/hardware-configuration.nix
View file

@ -5,7 +5,8 @@
{ {
imports = imports =
[ (modulesPath + "/installer/scan/not-detected.nix") [
(modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "sd_mod" ]; boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "sd_mod" ];
@ -14,35 +15,41 @@
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = fileSystems."/" =
{ device = "/dev/disk/by-uuid/aca21111-a488-4bc7-90a7-e61517c24818"; {
device = "/dev/disk/by-uuid/aca21111-a488-4bc7-90a7-e61517c24818";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=root" ]; options = [ "subvol=root" ];
}; };
fileSystems."/nix" = fileSystems."/nix" =
{ device = "/dev/disk/by-uuid/aca21111-a488-4bc7-90a7-e61517c24818"; {
device = "/dev/disk/by-uuid/aca21111-a488-4bc7-90a7-e61517c24818";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=nix" ]; options = [ "subvol=nix" ];
}; };
fileSystems."/home" = fileSystems."/home" =
{ device = "/dev/disk/by-uuid/aca21111-a488-4bc7-90a7-e61517c24818"; {
device = "/dev/disk/by-uuid/aca21111-a488-4bc7-90a7-e61517c24818";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=home" ]; options = [ "subvol=home" ];
}; };
fileSystems."/boot" = fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/1AC2-9317"; {
device = "/dev/disk/by-uuid/1AC2-9317";
fsType = "vfat"; fsType = "vfat";
}; };
fileSystems."/media/archive" = fileSystems."/media/archive" =
{ device = "/dev/disk/by-uuid/ba796824-5165-4a95-87c2-1fb49a449138"; {
device = "/dev/disk/by-uuid/ba796824-5165-4a95-87c2-1fb49a449138";
fsType = "btrfs"; fsType = "btrfs";
}; };
fileSystems."/media/data" = fileSystems."/media/data" =
{ device = "/dev/disk/by-uuid/c01b98d1-1eb9-42ce-8d05-4b9d852fca55"; {
device = "/dev/disk/by-uuid/c01b98d1-1eb9-42ce-8d05-4b9d852fca55";
fsType = "btrfs"; fsType = "btrfs";
}; };
@ -50,7 +57,6 @@
boot.initrd.luks.devices."glimmer".device = "/dev/disk/by-uuid/43220fc3-2f33-4915-9365-59eb27b21719"; boot.initrd.luks.devices."glimmer".device = "/dev/disk/by-uuid/43220fc3-2f33-4915-9365-59eb27b21719";
swapDevices = swapDevices =
[ { device = "/dev/disk/by-uuid/b134fecf-719f-45af-b317-001e413f06c4"; } [{ device = "/dev/disk/by-uuid/b134fecf-719f-45af-b317-001e413f06c4"; }];
];
} }