asmir/nixos_flake_config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

mediabox: update configuration to match nixy

Browse Source
This commit is contained in:
Asmir A 2023-09-30 14:31:03 +02:00
parent 2a2824e6e9
commit 4daf6275dc
1 changed files with 53 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
mediabox/configuration.nix
View File

@ -4,6 +4,9 @@
{ {
config, config,
pkgs, pkgs,
lib,
sops-nix,
zremap,
... ...
}: { }: {
imports = []; imports = [];
@ -11,6 +14,14 @@
system.stateVersion = "23.05"; system.stateVersion = "23.05";
system.autoUpgrade.enable = false; system.autoUpgrade.enable = false;
sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
sops.secrets."peerix/private" = {
sopsFile = ./secrets/peerix.yaml;
mode = "0400";
owner = config.users.users.nobody.name;
group = config.users.users.nobody.group;
};
nix = { nix = {
optimise.automatic = true; optimise.automatic = true;
gc.automatic = true; gc.automatic = true;
@ -22,13 +33,23 @@
}; };
boot = { boot = {
kernelParams = ["msr.allow_writes=on"];
kernelPackages = pkgs.linuxPackages_latest;
kernelModules = ["acpi_call"];
supportedFilesystems = ["btrfs"];
loader.systemd-boot.enable = true;
tmpOnTmpfs = true;
initrd.compressor = "zstd"; initrd.compressor = "zstd";
kernelModules = ["acpi_call"];
kernelPackages = pkgs.linuxPackages_latest;
kernelParams = ["msr.allow_writes=on"];
loader.systemd-boot.editor = false;
loader.systemd-boot.enable = true;
readOnlyNixStore = true;
supportedFilesystems = ["btrfs"];
tmpOnTmpfs = true;
};
security = {
rtkit.enable = true;
acme = {
acceptTerms = true;
defaults.email = "aasmir@gmx.com";
};
}; };
powerManagement = { powerManagement = {
@ -41,6 +62,7 @@
enable = true; enable = true;
allowedTCPPorts = [80 443]; allowedTCPPorts = [80 443];
}; };
hostName = "mediabox"; hostName = "mediabox";
interfaces.enp0s25.useDHCP = true; interfaces.enp0s25.useDHCP = true;
interfaces.wlp3s0.useDHCP = false; interfaces.wlp3s0.useDHCP = false;
@ -52,6 +74,11 @@
networkmanager.dns = "none"; networkmanager.dns = "none";
extraHosts = '' extraHosts = ''
192.168.1.173 nixy.lan 192.168.1.173 nixy.lan
192.168.88.171 jellyfin.mediabox.lan
192.168.88.171 mediabox.lan
192.168.88.171 qbittorrent.mediabox.lan
192.168.88.1 router.lan
192.168.88.231 workstation.lan
''; '';
}; };
@ -63,62 +90,6 @@
variables = { variables = {
PATH = "$HOME/.cargo/bin"; PATH = "$HOME/.cargo/bin";
}; };
systemPackages = with pkgs; [
acpi
bluez
bluez-tools
btop
fd
ffmpeg
file
fzf
fzy
htop
imv
interception-tools
jq
macchanger
moreutils
mosh
mpc_cli
nano
neovim
ninja
nix-index
ntfs3g
ntfsprogs
pciutils
pstree
psutils
pulsemixer
python3
zip
python3Packages.pip
ripgrep
rnix-lsp
rsync
scrot
silver-searcher
strace
tig
unrar
unzip
usbutils
vimpc
xdg_utils
xsel
weechat
wget
z-lua
breeze-icons
hicolor-icon-theme
rtorrent
lm_sensors
alejandra
ethtool
nmap
wireshark
];
}; };
programs.gnupg.agent = { programs.gnupg.agent = {
@ -149,7 +120,19 @@
serviceConfig.Type = "oneshot"; serviceConfig.Type = "oneshot";
}; };
wakeonlan = { "zremap" = {
description = "Intercepts keyboard udev events";
wants = ["systemd-udevd.service"];
wantedBy = ["multi-user.target"];
serviceConfig.Nice = -20;
script = ''
sleep 1
${zremap.defaultPackage.x86_64-linux}/bin/zremap \
/dev/input/by-path/platform-i8042-serio-0-event-kbd
'';
};
"wakeonlan" = {
description = "Reenable wake on lan every boot"; description = "Reenable wake on lan every boot";
after = ["network.target"]; after = ["network.target"];
serviceConfig = { serviceConfig = {
@ -173,23 +156,17 @@
}; };
}; };
security = {
rtkit.enable = true;
acme = {
acceptTerms = true;
defaults.email = "aasmir@gmx.com";
};
};
services = { services = {
fwupd.enable = true;
fstrim.enable = true;
ntp.enable = true;
openssh.enable = true;
thinkfan.enable = true;
acpid.enable = true; acpid.enable = true;
btrfs.autoScrub.enable = true; btrfs.autoScrub.enable = true;
dbus.enable = true;
fstrim.enable = true;
fwupd.enable = true;
ntp.enable = true;
openssh.enable = true;
restya-board.enable = false; restya-board.enable = false;
thinkfan.enable = false;
xrdp = { xrdp = {
enable = true; enable = true;
defaultWindowManager = "icewm"; defaultWindowManager = "icewm";
@ -345,7 +322,6 @@
}; };
}; };
}; };
}; };
fonts.fonts = with pkgs; [ fonts.fonts = with pkgs; [