diff options
| -rw-r--r-- | host/hardware/hephaestus.nix | 30 | ||||
| -rw-r--r-- | host/hephaestus.nix | 54 | 
2 files changed, 84 insertions, 0 deletions
| diff --git a/host/hardware/hephaestus.nix b/host/hardware/hephaestus.nix new file mode 100644 index 0000000..69a69cf --- /dev/null +++ b/host/hardware/hephaestus.nix @@ -0,0 +1,30 @@ +# Do not modify this file!  It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations.  Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ +  imports = +    [ (modulesPath + "/installer/scan/not-detected.nix") +    ]; + +  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; +  boot.initrd.kernelModules = [ "dm-snapshot" ]; +  boot.kernelModules = [ "kvm-amd" ]; +  boot.extraModulePackages = [ ]; + +  fileSystems."/" = +    { device = "/dev/disk/by-uuid/4137e9a6-a4cd-4758-a9db-ae684d17e4de"; +      fsType = "ext4"; +    }; + +  fileSystems."/boot" = +    { device = "/dev/disk/by-uuid/0CF7-ED16"; +      fsType = "vfat"; +    }; + +  swapDevices = +    [ { device = "/dev/disk/by-uuid/b4d536f0-9b83-44a8-84f3-f44c1deee870"; } +    ]; + +} diff --git a/host/hephaestus.nix b/host/hephaestus.nix new file mode 100644 index 0000000..ee3d128 --- /dev/null +++ b/host/hephaestus.nix @@ -0,0 +1,54 @@ +{ pkgs, ... }: + +{ +  imports = [ +    ./hardware/hephaestus.nix +    ./software/desktop +  ]; + +  boot = { +    loader = { +      systemd-boot = { +        enable = true; +        configurationLimit = 3; +      }; +      efi.canTouchEfiVariables = true; +    }; + +    initrd.luks.devices = { +      encrypted = { +        device = "/dev/nvme0n1p5"; +        preLVM        = true; +        allowDiscards = true; +      }; +    }; +  }; + +  networking = { +    hostName = "hephaestus"; +    firewall.enable = false; +  }; + +  services.xserver.videoDrivers = [ "nvidia" ]; +  hardware.nvidia.package = pkgs.linuxPackages.nvidia_x11; + +  networking.wireguard.interfaces = { +    wg0 = { +      ips = [ "10.100.0.7/24" ]; + +      privateKeyFile = "/etc/wireguard/private"; + +      peers = [ +        { # automatix +          publicKey  = "B0tkjq+5SfECKx1gWEP5JVWOIaRWL2JNE7iSpMmN4F0="; +          allowedIPs = [ "10.100.0.0/24" ]; +          endpoint   = "kummerlaender.eu:54321"; + +          persistentKeepalive = 10; +        } +      ]; +    }; +  }; + +  system.stateVersion = "21.05"; +} | 
