dala/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Add camelot initial config

Browse source
This commit is contained in:
Victor Mignot 2023-11-12 00:40:26 +01:00
parent 93ee7e50e5
commit fb74188d21
Signed by: dala
GPG key ID: 5E7F2CE1BEAFED3D
4 changed files with 80 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

39
configurations/camelot/default.nix Normal file
View file

@ -0,0 +1,39 @@
{ pkgs, config, lib, ... }:
{
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
filesystems = [
{
mountpoint = "/";
deviceUUID = "966d0ec0-7a7b-4987-91cf-6493e9f5126c";
fsType = "ext4";
}
{
mountpoint = "/boot";
deviceUUID = "901B-0D68";
fsType = "vfat";
}
];
swapDeviceUUID = "a7c628ab-c5cb-4094-89d0-19b153fbead4";
server.networking.enableSSH = true;
environment.systemPackages = with pkgs; [
neovim
];
machineUsers = {
dala = {
description = "Dala";
groups = [ "wheel" ];
uid = 1000;
shell = pkgs.bash;
};
};
}

8
machines.nix
View file

@ -6,4 +6,12 @@
enableHomeManager = true; enableHomeManager = true;
stateVersion = "23.11"; stateVersion = "23.11";
}; };
camelot = {
machineType = "server";
nixpkgsUnstable = false;
system = "x86_64-linux";
enableHomeManager = false;
stateVersion = "23.11";
};
} }

8
modules/server/default.nix
View file

@ -1,3 +1,5 @@
{ lib, config, ... }: {
with lib; imports = [
{ } ./network.nix
];
}

28
modules/server/network.nix Normal file
View file

@ -0,0 +1,28 @@
{ lib, config, ... }:
with lib;
{
options.server.networking.enableSSH = mkOption {
type = types.bool;
default = true;
example = false;
};
options.server.networking.enableNginx = mkOption {
type = types.bool;
default = true;
example = false;
};
config = {
services.openssh = mkIf config.server.networking.enableSSH {
enable = true;
settings.PermitRootLogin = "no";
};
networking.firewall.allowedTCPPorts = [
(mkIf config.services.nginx.enable 80)
(mkIf config.services.nginx.enable 443)
(mkIf config.server.networking.enableSSH 22)
];
};
}