nixos-config/configurations/camelot/default.nix

68 lines
1.5 KiB
Nix

{ pkgs, config, lib, ... }:
{
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.swraid.enable = true;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
filesystems = [
{
mountpoint = "/";
deviceUUID = "966d0ec0-7a7b-4987-91cf-6493e9f5126c";
fsType = "ext4";
}
{
mountpoint = "/srv";
deviceUUID = "329fe696-ad2f-4a86-b45f-8b143daf02d2";
fsType = "ext4";
}
{
mountpoint = "/boot";
deviceUUID = "901B-0D68";
fsType = "vfat";
}
];
imports = [
./jellyfin.nix
./wireguard.nix
];
swapDeviceUUID = "a7c628ab-c5cb-4094-89d0-19b153fbead4";
server.networking.enableSSH = true;
services.nginx.enable = true;
environment.systemPackages = with pkgs; [
neovim
git
];
hwAccelerationGPU = "intel";
/* System secrets */
sops = {
gnupg.sshKeyPaths = [ ];
age = {
sshKeyPaths = [ ];
keyFile = "/var/lib/sops-nix/key.txt";
};
defaultSopsFile = ./secrets/secrets.yaml;
secrets.wg0_private = { };
secrets.wg1_private = { };
};
machineUsers = {
dala = {
description = "Dala";
groups = [ "wheel" ];
uid = 1000;
shell = pkgs.bash;
};
};
}