diff --git a/flake.nix b/flake.nix
index 0ca473f..1b4be52 100644
--- a/flake.nix
+++ b/flake.nix
@@ -95,6 +95,7 @@
buildInputs = [ pkgs.deploy-rs pkgs.sops ];
};
checks = deployLib.deployChecks self.deploy;
+ formatter = pkgs.nixfmt;
}
);
}
diff --git a/systems/orangepihole/configuration.nix b/systems/orangepihole/configuration.nix
index f4feb68..0031a3c 100644
--- a/systems/orangepihole/configuration.nix
+++ b/systems/orangepihole/configuration.nix
@@ -1,12 +1,11 @@
{ config, lib, pkgs, sops, ... }:
{
- imports =
- [ # Include the results of the hardware scan.
- ./hardware-configuration.nix
- ../../modules/common.nix
- ../../modules/networkd-base.nix
- ];
+ imports = [ # Include the results of the hardware scan.
+ ./hardware-configuration.nix
+ ../../modules/common.nix
+ ../../modules/networkd-base.nix
+ ];
boot.loader.grub.enable = false;
boot.loader.generic-extlinux-compatible.enable = true;
@@ -34,11 +33,14 @@
networkConfig.IPv6SendRA = true;
ipv6SendRAConfig.RouterLifetimeSec = 0;
ipv6SendRAConfig.EmitDNS = false;
- ipv6Prefixes = [ { ipv6PrefixConfig.Prefix = "fd72:3dd5:21ae:3c97::/64"; } ];
+ ipv6Prefixes = [{ ipv6PrefixConfig.Prefix = "fd72:3dd5:21ae:3c97::/64"; }];
};
sops.age.sshKeyPaths = [ "/persist/etc/ssh/ssh_host_ed25519_key" ];
zramSwap.enable = true;
- swapDevices = [ {device="/persist/swapfile"; size=1024;}];
+ swapDevices = [{
+ device = "/persist/swapfile";
+ size = 1024;
+ }];
services.unbound = {
enable = true;
settings = {
@@ -50,25 +52,24 @@
include = [ "/etc/unbound/ads.conf" "${./unbound-local.conf}" ];
};
};
-
+
systemd = {
services.adblock = {
startAt = "daily";
postStop = "systemctl try-reload-or-restart unbound";
path = with pkgs; [ gawk wget ];
script = ''
- wget -nv -O - https://raw.githubusercontent.com/hagezi/dns-blocklists/main/unbound/tif.blacklist.conf > /etc/unbound/new.conf
- echo 'local-zone: "iogames.space." always_nxdomain' >> /etc/unbound/new.conf
- echo 'local-zone: "taming.io." always_nxdomain' >> /etc/unbound/new.conf
- awk '!seen[$0]++' /etc/unbound/new.conf > /etc/unbound/ads.conf
- rm /etc/unbound/new.conf
+ wget -nv -O - https://raw.githubusercontent.com/hagezi/dns-blocklists/main/unbound/tif.blacklist.conf > /etc/unbound/new.conf
+ echo 'local-zone: "iogames.space." always_nxdomain' >> /etc/unbound/new.conf
+ echo 'local-zone: "taming.io." always_nxdomain' >> /etc/unbound/new.conf
+ awk '!seen[$0]++' /etc/unbound/new.conf > /etc/unbound/ads.conf
+ rm /etc/unbound/new.conf
'';
wantedBy = [ "multi-user.target" ];
before = [ "unbound.service" ];
};
};
-
environment = {
systemPackages = with pkgs; [
vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
@@ -76,12 +77,7 @@
];
persistence."/persist" = {
hideMounts = true;
- directories = [
- "/var/lib/nixos"
- "/var/log"
- "/var/lib/systemd"
- "/tmp"
- ];
+ directories = [ "/var/lib/nixos" "/var/log" "/var/lib/systemd" "/tmp" ];
files = [
"/etc/machine-id"
"/etc/adjtime"
@@ -99,8 +95,8 @@
};
system.stateVersion = "23.11"; # Did you read the comment?
- sops.secrets."nixremote/sshkey" = {};
- nix.buildMachines = [ {
+ sops.secrets."nixremote/sshkey" = { };
+ nix.buildMachines = [{
hostName = "zeus";
systems = [ "x86_64-linux" "aarch64-linux" ];
protocol = "ssh-ng";
diff --git a/systems/orangepihole/hardware-configuration.nix b/systems/orangepihole/hardware-configuration.nix
index 1b8e136..6d28493 100644
--- a/systems/orangepihole/hardware-configuration.nix
+++ b/systems/orangepihole/hardware-configuration.nix
@@ -1,31 +1,29 @@
{ config, lib, pkgs, modulesPath, ... }:
{
- imports =
- [ (modulesPath + "/installer/scan/not-detected.nix")
- ];
+ imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
- fileSystems."/" = {
- device = "none";
- fsType = "tmpfs";
- options = [ "defaults" "mode=755" ];
- };
- fileSystems."/persist" =
- { device = "/dev/disk/by-uuid/6df53c4f-42b6-478b-8be4-f7887ad18b5b";
- fsType = "btrfs";
- neededForBoot = true;
- options = [ "compress=lzo" "autodefrag" "defaults" "subvol=@nixos/root" ];
- };
- fileSystems."/boot" =
- { device = "/dev/disk/by-uuid/a4d76da9-b8eb-4615-9d64-a36e1383da80";
- fsType = "ext4";
- options = [ "defaults" ];
- };
- fileSystems."/nix" =
- { device = "/dev/disk/by-uuid/6df53c4f-42b6-478b-8be4-f7887ad18b5b";
- fsType = "btrfs";
- options = [ "compress=lzo" "autodefrag" "defaults" "subvol=@nixos/nix" ];
- };
+ fileSystems."/" = {
+ device = "none";
+ fsType = "tmpfs";
+ options = [ "defaults" "mode=755" ];
+ };
+ fileSystems."/persist" = {
+ device = "/dev/disk/by-uuid/6df53c4f-42b6-478b-8be4-f7887ad18b5b";
+ fsType = "btrfs";
+ neededForBoot = true;
+ options = [ "compress=lzo" "autodefrag" "defaults" "subvol=@nixos/root" ];
+ };
+ fileSystems."/boot" = {
+ device = "/dev/disk/by-uuid/a4d76da9-b8eb-4615-9d64-a36e1383da80";
+ fsType = "ext4";
+ options = [ "defaults" ];
+ };
+ fileSystems."/nix" = {
+ device = "/dev/disk/by-uuid/6df53c4f-42b6-478b-8be4-f7887ad18b5b";
+ fsType = "btrfs";
+ options = [ "compress=lzo" "autodefrag" "defaults" "subvol=@nixos/nix" ];
+ };
networking.useDHCP = lib.mkDefault true;
diff --git a/systems/smolboi/configuration.nix b/systems/smolboi/configuration.nix
index f4a0d86..b0edbf4 100644
--- a/systems/smolboi/configuration.nix
+++ b/systems/smolboi/configuration.nix
@@ -1,8 +1,7 @@
{ config, lib, pkgs, sops, ... }:
{
- imports =
- [ # Include the results of the hardware scan.
+ imports = [ # Include the results of the hardware scan.
./hardware-configuration.nix
../../modules/common.nix
../../modules/aarch64-emu.nix
@@ -20,8 +19,8 @@
interpreter = "${pkgs.appimage-run}/bin/appimage-run";
recognitionType = "magic";
offset = 0;
- mask = ''\xff\xff\xff\xff\x00\x00\x00\x00\xff\xff\xff'';
- magicOrExtension = ''\x7fELF....AI\x02'';
+ mask = "\\xff\\xff\\xff\\xff\\x00\\x00\\x00\\x00\\xff\\xff\\xff";
+ magicOrExtension = "\\x7fELF....AI\\x02";
};
tmp.cleanOnBoot = true;
};
@@ -34,35 +33,33 @@
networking = {
hostName = "smolboi"; # Define your hostname.
- networkmanager.enable = true; # Easiest to use and most distros use this by default.
+ networkmanager.enable =
+ true; # Easiest to use and most distros use this by default.
firewall.allowedTCPPorts = [ 22000 ];
};
nixpkgs.config = {
allowUnfree = true;
- permittedInsecurePackages = [
- "electron-25.9.0"
- "nix-2.16.2"
- ];
+ permittedInsecurePackages = [ "electron-25.9.0" "nix-2.16.2" ];
packageOverrides = pkgs: {
steam = pkgs.steam.override {
- extraPkgs = pkgs: with pkgs; [
- xorg.libXcursor
- xorg.libXi
- xorg.libXinerama
- xorg.libXScrnSaver
- libpng
- libpulseaudio
- libvorbis
- stdenv.cc.cc.lib
- libkrb5
- keyutils
- winetricks
- ];
+ extraPkgs = pkgs:
+ with pkgs; [
+ xorg.libXcursor
+ xorg.libXi
+ xorg.libXinerama
+ xorg.libXScrnSaver
+ libpng
+ libpulseaudio
+ libvorbis
+ stdenv.cc.cc.lib
+ libkrb5
+ keyutils
+ winetricks
+ ];
};
};
};
-
services = {
xserver = {
enable = true;
@@ -164,7 +161,10 @@
remotePlay.openFirewall = true;
gamescopeSession.enable = true;
};
- firefox.nativeMessagingHosts.packages = with pkgs; [keepassxc libsForQt5.plasma-browser-integration ];
+ firefox.nativeMessagingHosts.packages = with pkgs; [
+ keepassxc
+ libsForQt5.plasma-browser-integration
+ ];
gamemode = {
enable = true;
settings = {
@@ -184,14 +184,19 @@
};
zramSwap = {
enable = true;
- writebackDevice = "/dev/disk/by-partuuid/e8f5eaf8-46ca-40de-854a-f6dfe964b92d";
+ writebackDevice =
+ "/dev/disk/by-partuuid/e8f5eaf8-46ca-40de-854a-f6dfe964b92d";
};
fileSystems = {
- "/persist".options = [ "compress=lzo" "autodefrag" "discard=async" "defaults" ];
- "/nix".options = [ "compress=lzo" "autodefrag" "discard=async" "noatime" "defaults" ];
- "/steam-library".options = [ "compress=lzo" "autodefrag" "discard=async" "defaults" ];
- "/home".options = [ "compress=lzo" "autodefrag" "discard=async" "defaults" ];
+ "/persist".options =
+ [ "compress=lzo" "autodefrag" "discard=async" "defaults" ];
+ "/nix".options =
+ [ "compress=lzo" "autodefrag" "discard=async" "noatime" "defaults" ];
+ "/steam-library".options =
+ [ "compress=lzo" "autodefrag" "discard=async" "defaults" ];
+ "/home".options =
+ [ "compress=lzo" "autodefrag" "discard=async" "defaults" ];
};
system.stateVersion = "23.11"; # Did you read the comment?
diff --git a/systems/smolboi/hardware-configuration.nix b/systems/smolboi/hardware-configuration.nix
index c12ef45..1251e73 100644
--- a/systems/smolboi/hardware-configuration.nix
+++ b/systems/smolboi/hardware-configuration.nix
@@ -4,11 +4,10 @@
{ config, lib, pkgs, modulesPath, ... }:
{
- imports =
- [ (modulesPath + "/installer/scan/not-detected.nix")
- ];
+ imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
- boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
+ boot.initrd.availableKernelModules =
+ [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
@@ -18,36 +17,36 @@
fsType = "tmpfs";
options = [ "defaults" "size=2g" "mode=755" ];
};
-
- fileSystems."/persist" =
- { device = "/dev/disk/by-uuid/d0eb1b09-7fba-49e3-b802-d6fdd9073516";
- neededForBoot = true;
- fsType = "btrfs";
- options = [ "subvol=@nixos/root" ];
- };
- fileSystems."/steam-library" =
- { device = "/dev/disk/by-uuid/d0eb1b09-7fba-49e3-b802-d6fdd9073516";
- fsType = "btrfs";
- options = [ "subvol=@steam-library" ];
- };
+ fileSystems."/persist" = {
+ device = "/dev/disk/by-uuid/d0eb1b09-7fba-49e3-b802-d6fdd9073516";
+ neededForBoot = true;
+ fsType = "btrfs";
+ options = [ "subvol=@nixos/root" ];
+ };
- fileSystems."/boot" =
- { device = "/dev/disk/by-uuid/1ADE-808D";
- fsType = "vfat";
- };
+ fileSystems."/steam-library" = {
+ device = "/dev/disk/by-uuid/d0eb1b09-7fba-49e3-b802-d6fdd9073516";
+ fsType = "btrfs";
+ options = [ "subvol=@steam-library" ];
+ };
- fileSystems."/home" =
- { device = "/dev/disk/by-uuid/8597952f-be42-4361-9be1-2c4af6ede9b8";
- fsType = "btrfs";
- options = [ "subvol=@home" ];
- };
+ fileSystems."/boot" = {
+ device = "/dev/disk/by-uuid/1ADE-808D";
+ fsType = "vfat";
+ };
- fileSystems."/nix" =
- { device = "/dev/disk/by-uuid/d0eb1b09-7fba-49e3-b802-d6fdd9073516";
- fsType = "btrfs";
- options = [ "subvol=@nixos/nix" ];
- };
+ fileSystems."/home" = {
+ device = "/dev/disk/by-uuid/8597952f-be42-4361-9be1-2c4af6ede9b8";
+ fsType = "btrfs";
+ options = [ "subvol=@home" ];
+ };
+
+ fileSystems."/nix" = {
+ device = "/dev/disk/by-uuid/d0eb1b09-7fba-49e3-b802-d6fdd9073516";
+ fsType = "btrfs";
+ options = [ "subvol=@nixos/nix" ];
+ };
swapDevices = [ ];
@@ -60,5 +59,6 @@
# networking.interfaces.wlp5s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
- hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+ hardware.cpu.amd.updateMicrocode =
+ lib.mkDefault config.hardware.enableRedistributableFirmware;
}
diff --git a/systems/smolboi/home.nix b/systems/smolboi/home.nix
index 829e548..fab35d1 100644
--- a/systems/smolboi/home.nix
+++ b/systems/smolboi/home.nix
@@ -56,7 +56,6 @@
];
})
-
# # Adds the 'hello' command to your environment. It prints a friendly
# # "Hello, world!" when run.
# pkgs.hello
@@ -76,14 +75,11 @@
];
nixpkgs.config = {
- allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
- "discord"
- ];
- permittedInsecurePackages = [
- "electron-25.9.0"
- ];
+ allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "discord" ];
+ permittedInsecurePackages = [ "electron-25.9.0" ];
};
- xdg.configFile."autostart/yakuake.desktop".source = "${pkgs.yakuake.outPath}/share/applications/org.kde.yakuake.desktop";
+ xdg.configFile."autostart/yakuake.desktop".source =
+ "${pkgs.yakuake.outPath}/share/applications/org.kde.yakuake.desktop";
# Home Manager is pretty good at managing dotfiles. The primary way to manage
# plain files is through 'home.file'.
@@ -134,7 +130,18 @@
vim = {
enable = true;
defaultEditor = true;
- plugins = with pkgs.vimPlugins; [ vim-sensible vim-fugitive vim-eunuch vim-endwise vim-lsp vim-lsp-settings nerdtree nerdtree-git-plugin vim-devicons editorconfig-vim ];
+ plugins = with pkgs.vimPlugins; [
+ vim-sensible
+ vim-fugitive
+ vim-eunuch
+ vim-endwise
+ vim-lsp
+ vim-lsp-settings
+ nerdtree
+ nerdtree-git-plugin
+ vim-devicons
+ editorconfig-vim
+ ];
};
vscode = {
enable = true;
diff --git a/systems/zeus/configuration.nix b/systems/zeus/configuration.nix
index 38939ba..ec120fb 100644
--- a/systems/zeus/configuration.nix
+++ b/systems/zeus/configuration.nix
@@ -1,19 +1,19 @@
{ config, lib, pkgs, ... }:
{
- imports =
- [ # Include the results of the hardware scan.
- ./hardware-configuration.nix
- ../../modules/common.nix
- ../../modules/aarch64-emu.nix
- ../../modules/networkd-base.nix
- ../../modules/smartd.nix
- ];
+ imports = [ # Include the results of the hardware scan.
+ ./hardware-configuration.nix
+ ../../modules/common.nix
+ ../../modules/aarch64-emu.nix
+ ../../modules/networkd-base.nix
+ ../../modules/smartd.nix
+ ];
boot.loader.grub.enable = true;
boot.loader.grub.zfsSupport = true;
boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
- boot.loader.grub.devices = [ "/dev/sda" "/dev/sdb" "/dev/sdc" "/dev/sdd" "/dev/sde" "/dev/sdf" ];
+ boot.loader.grub.devices =
+ [ "/dev/sda" "/dev/sdb" "/dev/sdc" "/dev/sdd" "/dev/sde" "/dev/sdf" ];
networking.hostName = "zeus"; # Define your hostname.
networking.hostId = "9e95b576";
@@ -23,9 +23,7 @@
Name = "bond0";
Kind = "bond";
};
- bondConfig = {
- Mode = "active-backup";
- };
+ bondConfig = { Mode = "active-backup"; };
};
lan-shim = {
netdevConfig = {
@@ -33,9 +31,7 @@
Kind = "macvlan";
MACAddress = "3e:53:37:25:08:ef";
};
- macvlanConfig = {
- Mode = "bridge";
- };
+ macvlanConfig = { Mode = "bridge"; };
};
};
systemd.network.networks = {
@@ -49,14 +45,14 @@
};
lan-shim = {
name = "lan-shim";
- address = [ "10.42.69.100/24" "fd72:3dd5:21ae:3c97:101b:87ff:fe86:5f01/64" ];
+ address =
+ [ "10.42.69.100/24" "fd72:3dd5:21ae:3c97:101b:87ff:fe86:5f01/64" ];
dns = [ "10.42.69.2" ];
domains = [ "icanttype.org" ];
gateway = [ "10.42.69.1" ];
};
};
-
virtualisation = {
containers.enable = true;
podman = {
@@ -69,37 +65,44 @@
image = "ghcr.io/tecnativa/docker-socket-proxy:latest";
volumes = [ "/var/run/podman/podman.sock:/var/run/docker.sock:ro" ];
environment = {
- CONTAINERS="1";
- POST="0";
+ CONTAINERS = "1";
+ POST = "0";
};
- extraOptions = [ "--pull=newer" "--network=www"];
+ extraOptions = [ "--pull=newer" "--network=www" ];
};
swag = {
image = "lscr.io/linuxserver/swag:2.9.0-ls292";
volumes = [ "swag-config:/config" ];
environment = {
- TZ="America/New_York";
- URL="icanttype.org";
- VALIDATION="dns";
- SUBDOMAINS="wildcard";
- DNSPLUGIN="cloudflare";
- DOCKER_HOST="dockerproxy";
- DOCKER_MODS="linuxserver/mods:swag-dashboard|linuxserver/mods:swag-auto-proxy|linuxserver/mods:universal-docker|linuxserver/mods:universal-cloudflared";
- CF_ZONE_ID="4e68852334290a922718696a0986e75a";
- CF_ACCOUNT_ID="5c1c252b9d9a9af6ea3a5de8590f36fa";
- CF_API_TOKEN="mRfY8ubtFUxzVuehI6WFipSQFIcstCNds7RF5FTQ";
- CF_TUNNEL_NAME="icanttype.org";
- CF_TUNNEL_PASSWORD="iZh4UYxVSo3S2H3XwwboM2z@mJEqYJkQ5yMTfd5p";
- FILE__CF_TUNNEL_CONFIG="/config/tunnelconfig.yml";
- EMAIL="cdombroski@gmail.com";
+ TZ = "America/New_York";
+ URL = "icanttype.org";
+ VALIDATION = "dns";
+ SUBDOMAINS = "wildcard";
+ DNSPLUGIN = "cloudflare";
+ DOCKER_HOST = "dockerproxy";
+ DOCKER_MODS =
+ "linuxserver/mods:swag-dashboard|linuxserver/mods:swag-auto-proxy|linuxserver/mods:universal-docker|linuxserver/mods:universal-cloudflared";
+ CF_ZONE_ID = "4e68852334290a922718696a0986e75a";
+ CF_ACCOUNT_ID = "5c1c252b9d9a9af6ea3a5de8590f36fa";
+ CF_API_TOKEN = "mRfY8ubtFUxzVuehI6WFipSQFIcstCNds7RF5FTQ";
+ CF_TUNNEL_NAME = "icanttype.org";
+ CF_TUNNEL_PASSWORD = "iZh4UYxVSo3S2H3XwwboM2z@mJEqYJkQ5yMTfd5p";
+ FILE__CF_TUNNEL_CONFIG = "/config/tunnelconfig.yml";
+ EMAIL = "cdombroski@gmail.com";
};
ports = [ "80:80" "443:443" ];
- extraOptions = [ "--pull=newer" "--network=www" "--cap-add" "NET_ADMIN" "--network-alias=icanttype.org" ];
+ extraOptions = [
+ "--pull=newer"
+ "--network=www"
+ "--cap-add"
+ "NET_ADMIN"
+ "--network-alias=icanttype.org"
+ ];
};
jellyfin = {
image = "lscr.io/linuxserver/jellyfin:latest";
volumes = [ "jellyfin-config:/config" "/video-data/media:/data/media" ];
- environment.TZ="America/New_York";
+ environment.TZ = "America/New_York";
labels.swag = "enable";
ports = [ "1900:1900/udp" "7359:7359/udp" ];
extraOptions = [ "--pull=newer" "--network=www" ];
@@ -108,8 +111,12 @@
image = "docker.io/zwavejs/zwave-js-ui:latest";
volumes = [ "zwave-config:/usr/src/app/store" ];
environment.TZ = "America/New_York";
- labels = { swag = "enable"; swag_url = "zwave.icanttype.org"; };
- extraOptions = [ "--pull=newer" "--network=www" "--device=/dev/ttyACM0:/dev/zwave" ];
+ labels = {
+ swag = "enable";
+ swag_url = "zwave.icanttype.org";
+ };
+ extraOptions =
+ [ "--pull=newer" "--network=www" "--device=/dev/ttyACM0:/dev/zwave" ];
};
homeassistant = {
image = "lscr.io/linuxserver/homeassistant:latest";
@@ -144,7 +151,8 @@
};
qbittorrent = {
image = "lscr.io/linuxserver/qbittorrent:latest";
- volumes = [ "qbittorrent-config:/config" "/video-data/torrent:/data/torrent" ];
+ volumes =
+ [ "qbittorrent-config:/config" "/video-data/torrent:/data/torrent" ];
environment = {
TZ = "America/New_York";
UMASK_SET = "000";
@@ -184,7 +192,10 @@
};
static = {
image = "docker.io/library/nginx:alpine";
- volumes = [ "/srv/docker/nginx/static:/usr/share/nginx/html:ro" "/srv/docker/nginx/config/static/default.conf:/etc/nginx/config.d/default.conf:ro" ];
+ volumes = [
+ "/srv/docker/nginx/static:/usr/share/nginx/html:ro"
+ "/srv/docker/nginx/config/static/default.conf:/etc/nginx/config.d/default.conf:ro"
+ ];
labels = {
swag = "enable";
swag_url = "www.icanttype.org";
@@ -200,7 +211,7 @@
swag_port = "3000";
};
ports = [ "10022:22" ];
- extraOptions = [ "--pull=newer" "--network=www" ];
+ extraOptions = [ "--pull=newer" "--network=www" ];
};
docker_dind = {
image = "docker.io/library/docker:dind";
@@ -230,15 +241,17 @@
description = "User for remote builds";
isNormalUser = true;
uid = 1100;
- openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH7rvqA2VG9kOPHBNgfna0YA+jEjIR6ZAKrdgWVWQjCV root@orangepihole" ];
+ openssh.authorizedKeys.keys = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH7rvqA2VG9kOPHBNgfna0YA+jEjIR6ZAKrdgWVWQjCV root@orangepihole"
+ ];
};
environment.systemPackages = with pkgs; [
- vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
- dive
- podman-tui
- docker-compose
- tcpdump
- ethtool
+ vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
+ dive
+ podman-tui
+ docker-compose
+ tcpdump
+ ethtool
];
services = {
@@ -259,15 +272,15 @@
openFirewall = true;
extraServiceFiles = {
smb = ''
-
-
-
- %h
-
- _smb._tcp
- 445
-
-
+
+
+
+ %h
+
+ _smb._tcp
+ 445
+
+
'';
};
};
diff --git a/systems/zeus/hardware-configuration.nix b/systems/zeus/hardware-configuration.nix
index 19c8a45..cc8c7f6 100644
--- a/systems/zeus/hardware-configuration.nix
+++ b/systems/zeus/hardware-configuration.nix
@@ -4,49 +4,48 @@
{ config, lib, pkgs, modulesPath, ... }:
{
- imports =
- [ (modulesPath + "/installer/scan/not-detected.nix")
- ];
+ imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
- boot.initrd.availableKernelModules = [ "ohci_pci" "ehci_pci" "sata_nv" "sd_mod" ];
+ boot.initrd.availableKernelModules =
+ [ "ohci_pci" "ehci_pci" "sata_nv" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
- fileSystems."/" =
- { device = "zroot/root";
- fsType = "zfs";
- };
+ fileSystems."/" = {
+ device = "zroot/root";
+ fsType = "zfs";
+ };
- fileSystems."/boot" =
- { device = "zboot/boot";
- fsType = "zfs";
- };
+ fileSystems."/boot" = {
+ device = "zboot/boot";
+ fsType = "zfs";
+ };
- fileSystems."/home" =
- { device = "zroot/home";
- fsType = "zfs";
- };
+ fileSystems."/home" = {
+ device = "zroot/home";
+ fsType = "zfs";
+ };
- fileSystems."/nix" =
- { device = "zroot/nix";
- fsType = "zfs";
- };
+ fileSystems."/nix" = {
+ device = "zroot/nix";
+ fsType = "zfs";
+ };
- fileSystems."/var" =
- { device = "zroot/var";
- fsType = "zfs";
- };
+ fileSystems."/var" = {
+ device = "zroot/var";
+ fsType = "zfs";
+ };
- fileSystems."/video-data" =
- { device = "rpool/video-data";
- fsType = "zfs";
- };
+ fileSystems."/video-data" = {
+ device = "rpool/video-data";
+ fsType = "zfs";
+ };
- swapDevices =
- [ { device = "/dev/disk/by-uuid/aecf6400-9c9f-43f9-8c57-08f3c8a633e7"; }
- { device = "/dev/disk/by-uuid/3fca7d18-441c-4f39-adad-ffd882b1f210"; }
- ];
+ swapDevices = [
+ { device = "/dev/disk/by-uuid/aecf6400-9c9f-43f9-8c57-08f3c8a633e7"; }
+ { device = "/dev/disk/by-uuid/3fca7d18-441c-4f39-adad-ffd882b1f210"; }
+ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
@@ -55,5 +54,6 @@
networking.useDHCP = lib.mkDefault false;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
- hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+ hardware.cpu.amd.updateMicrocode =
+ lib.mkDefault config.hardware.enableRedistributableFirmware;
}