diff --git a/hosts/deertopia.net/configuration.nix b/hosts/deertopia/configuration.nix similarity index 90% rename from hosts/deertopia.net/configuration.nix rename to hosts/deertopia/configuration.nix index e55193f..b3660a7 100644 --- a/hosts/deertopia.net/configuration.nix +++ b/hosts/deertopia/configuration.nix @@ -1,19 +1,20 @@ -{ config, pkgs, lib, disko, sydnix-cli, ... }: +{ config, pkgs, lib, disko, /* sydnix-cli, */ ... }: { imports = [ ./hardware-configuration.nix ./disko-config.nix + ./services.nix ]; sydnix = { filesystemType = "btrfs"; users.users = [ - "hause" + "arisu" ]; impermanence = { - # enable = true; + enable = true; directories = [ # "Warning: Neither /var/lib/nixos nor any of its parents are persisted. # This means all users/groups without specified uids/gids will have them @@ -25,18 +26,16 @@ "/etc/ssh" ]; rollback = { - # enable = true; + enable = true; device = "/dev/sda2"; subvolume = "rootfs"; }; }; }; - boot = { - loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = false; - }; + boot.loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; }; time.timeZone = "America/Denver"; @@ -55,7 +54,7 @@ environment.systemPackages = with pkgs; [ neovim git - sydnix-cli.packages.x86_64-linux.default + # sydnix-cli.packages.x86_64-linux.default ]; services.openssh.enable = true; diff --git a/hosts/deertopia.net/disko-config.nix b/hosts/deertopia/disko-config.nix similarity index 100% rename from hosts/deertopia.net/disko-config.nix rename to hosts/deertopia/disko-config.nix diff --git a/hosts/deertopia/hardware-configuration.nix b/hosts/deertopia/hardware-configuration.nix new file mode 100644 index 0000000..d538aca --- /dev/null +++ b/hosts/deertopia/hardware-configuration.nix @@ -0,0 +1,26 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/deertopia/services.nix b/hosts/deertopia/services.nix new file mode 100644 index 0000000..e62e53a --- /dev/null +++ b/hosts/deertopia/services.nix @@ -0,0 +1,7 @@ +{ utils, ... }: + +{ + imports = + map (x: ./services/${x}) + (utils.listNixFilesInDirectory ./services); +} diff --git a/hosts/deertopia/services/nextcloud.nix b/hosts/deertopia/services/nextcloud.nix new file mode 100644 index 0000000..75fd450 --- /dev/null +++ b/hosts/deertopia/services/nextcloud.nix @@ -0,0 +1,11 @@ +{ config, lib, pkgs, ... }: + +{ + sydnix.sops = { + enable = true; + keyFile = "/persist/vault/root/deertopia-key"; + }; + + # services.nextcloud = { + # }; +} diff --git a/hosts/deertopia/system.nix b/hosts/deertopia/system.nix new file mode 100755 index 0000000..132026a --- /dev/null +++ b/hosts/deertopia/system.nix @@ -0,0 +1 @@ +"x86_64-linux" diff --git a/modules/nixos/impermanence.nix b/modules/nixos/impermanence.nix index 504f365..499a3d7 100755 --- a/modules/nixos/impermanence.nix +++ b/modules/nixos/impermanence.nix @@ -62,6 +62,10 @@ in { z.group = "users"; z.mode = "2775"; }; + "${cfg.persistDirectory}/vault/root" = { + z.group = "root"; + z.mode = "2775"; + }; }; # TODO: Move this somewhere else. diff --git a/users/hause/default.nix b/users/arisu/default.nix similarity index 79% rename from users/hause/default.nix rename to users/arisu/default.nix index a56ee45..fc6874a 100644 --- a/users/hause/default.nix +++ b/users/arisu/default.nix @@ -13,10 +13,6 @@ ]; sydnix = { - sops = { - # enable = true; - keyFile = "/persist/vault/${config.home.username}/keys/primary"; - }; }; # Don't touch!