From e822f88199f11fe75e2a38a0e5f9806a8c9ba5cf Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 19 Sep 2017 12:34:43 +0200 Subject: l: add helios.r config + source --- lass/1systems/helios/config.nix | 86 +++++++++++++++++++++++++++++++++++++++++ lass/1systems/helios/source.nix | 4 ++ 2 files changed, 90 insertions(+) create mode 100644 lass/1systems/helios/config.nix create mode 100644 lass/1systems/helios/source.nix (limited to 'lass/1systems/helios') diff --git a/lass/1systems/helios/config.nix b/lass/1systems/helios/config.nix new file mode 100644 index 000000000..89949bcbf --- /dev/null +++ b/lass/1systems/helios/config.nix @@ -0,0 +1,86 @@ +with import ; +{ config, lib, pkgs, ... }: + +{ + imports = [ + + + + + + + + + { # automatic hardware detection + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.kernelModules = [ "kvm-intel" ]; + + fileSystems."/" = + { device = "/dev/pool/root"; + fsType = "btrfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/1F60-17C6"; + fsType = "vfat"; + }; + + fileSystems."/home" = + { device = "/dev/pool/home"; + fsType = "btrfs"; + }; + + nix.maxJobs = lib.mkDefault 8; + powerManagement.cpuFreqGovernor = "powersave"; + } + { # crypto stuff + boot.initrd.luks = { + cryptoModules = [ "aes" "sha512" "sha1" "xts" ]; + devices = [{ + name = "luksroot"; + device = "/dev/nvme0n1p3"; + }]; + }; + } + { + services.xserver.dpi = 200; + fonts.fontconfig.dpi = 200; + lass.myFont = "-schumacher-clean-*-*-*-*-26-*-*-*-*-*-iso10646-1"; + } + ]; + krebs.build.host = config.krebs.hosts.helios; + + krebs.git.rules = [ + { + user = [ config.krebs.users.lass-helios ]; + repo = [ config.krebs.git.repos.stockholm ]; + perm = with git; push "refs/heads/*" [ fast-forward non-fast-forward create delete merge ]; + } + ]; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.wireless.enable = true; + hardware.enableRedistributableFirmware = true; + + environment.systemPackages = with pkgs; [ + vim + rxvt_unicode + git + rsync + hashPassword + thunderbird + dpass + ]; + + users.users = { + root.openssh.authorizedKeys.keys = [ + config.krebs.users.lass-helios.pubkey + ]; + }; + + programs.ssh.startAgent = lib.mkForce true; + +} diff --git a/lass/1systems/helios/source.nix b/lass/1systems/helios/source.nix new file mode 100644 index 000000000..bfe4dca4c --- /dev/null +++ b/lass/1systems/helios/source.nix @@ -0,0 +1,4 @@ +import { + name = "helios"; + secure = true; +} -- cgit v1.2.3