nixos-config/configurations/london/default.nix

129 lines
3 KiB
Nix

{ pkgs, config, lib, extraInfo, ... }:
{
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
/* Meta */
isProfessional = false;
/* Volumes */
luksDevices = [
{
name = "crypted-nixos";
deviceUUID = "5a1ac4ae-d74f-4599-bc5a-fc0a3501a196";
isPreLVM = true;
}
];
filesystems = [
{
mountpoint = "/";
deviceUUID = "8dd700f8-7bf7-426c-8869-d31687e343df";
fsType = "ext4";
}
{
mountpoint = "/boot";
deviceUUID = "F2B6-C8CA";
fsType = "vfat";
}
{
mountpoint = "/nix";
deviceUUID = "b7a643f6-a78e-4e32-a1a3-22b321465bf6";
fsType = "ext4";
}
{
mountpoint = "/home";
deviceUUID = "e26f6727-3712-4830-b8e8-fdbce5e3584b";
fsType = "ext4";
}
];
swapDeviceUUID = "5fe5e76b-df3d-43ce-abf9-d2b63078df09";
/* Linux kernel */
useLatestKernel = true;
/* Nix */
allowUnfreePackages = true;
/* Hardware acceleration */
hwAccelerationGPU = "nvidia";
/* System secrets */
sops = {
gnupg.sshKeyPaths = [ ];
age = {
sshKeyPaths = [ ];
keyFile = "/var/lib/sops-nix/key.txt";
};
defaultSopsFile = ./secrets/secrets.yaml;
secrets.wg0_private = { };
};
/* Wireguard */
networking.wg-quick.interfaces.wg0 = {
address = [ "10.100.0.4/24" ];
dns = [ "10.100.0.1" ];
listenPort = 51820;
privateKeyFile = config.sops.secrets.wg0_private.path;
peers = [
{
# Rock Pro 64
publicKey = "XVmG3/rNsCqc8KCmOx3+UUn9DJOnJ40Uxid5JGdChR4=";
endpoint = "${extraInfo.wireguard.rockProEndpoint}:51820";
allowedIPs = [ "10.100.0.1" ];
persistentKeepalive = 25;
}
{
# VPS
publicKey = "x45YsLDpMJw1pwKOvkyzdesen3lFcKpxCXACGz+xtDs=";
endpoint = "${extraInfo.wireguard.VPSEndpoint}:51820";
allowedIPs = [ "10.100.0.2" ];
persistentKeepalive = 25;
}
];
};
/* User config */
machineUsers = {
dala = {
description = "Dala";
groups = [ "wheel" "video" "audio" "seat" "keys" "lp" "dialout" "network" ];
uid = 1000;
shell = pkgs.fish;
enableHomeManagerProfile = true;
homeManagerConfig = {
desktop.monitors = [
{
name = "Iiyama North America PL2470H 0x0000047B";
resolution = "1920x1080@165.003Hz";
position = "1920 0";
defaultWorkspace = 1;
}
{
name = "Iiyama North America PL2530H 1154392601941";
resolution = "1920x1080@74.973Hz";
position = "0 0";
defaultWorkspace = 2;
}
];
nixpkgs.config.allowUnfree = true;
development.embedded.enableTools = true;
};
};
};
}