From 5d5f71e108cb4559a3a8144fbd089076b61a9dda Mon Sep 17 00:00:00 2001
From: Adrian Kummerlaender
Date: Tue, 8 Jun 2021 10:04:39 +0200
Subject: Add hephaestus config

---
 host/hephaestus.nix | 54 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)
 create mode 100644 host/hephaestus.nix

(limited to 'host/hephaestus.nix')

diff --git a/host/hephaestus.nix b/host/hephaestus.nix
new file mode 100644
index 0000000..ee3d128
--- /dev/null
+++ b/host/hephaestus.nix
@@ -0,0 +1,54 @@
+{ pkgs, ... }:
+
+{
+  imports = [
+    ./hardware/hephaestus.nix
+    ./software/desktop
+  ];
+
+  boot = {
+    loader = {
+      systemd-boot = {
+        enable = true;
+        configurationLimit = 3;
+      };
+      efi.canTouchEfiVariables = true;
+    };
+
+    initrd.luks.devices = {
+      encrypted = {
+        device = "/dev/nvme0n1p5";
+        preLVM        = true;
+        allowDiscards = true;
+      };
+    };
+  };
+
+  networking = {
+    hostName = "hephaestus";
+    firewall.enable = false;
+  };
+
+  services.xserver.videoDrivers = [ "nvidia" ];
+  hardware.nvidia.package = pkgs.linuxPackages.nvidia_x11;
+
+  networking.wireguard.interfaces = {
+    wg0 = {
+      ips = [ "10.100.0.7/24" ];
+
+      privateKeyFile = "/etc/wireguard/private";
+
+      peers = [
+        { # automatix
+          publicKey  = "B0tkjq+5SfECKx1gWEP5JVWOIaRWL2JNE7iSpMmN4F0=";
+          allowedIPs = [ "10.100.0.0/24" ];
+          endpoint   = "kummerlaender.eu:54321";
+
+          persistentKeepalive = 10;
+        }
+      ];
+    };
+  };
+
+  system.stateVersion = "21.05";
+}
-- 
cgit v1.2.3