bebop.lol
+3
-3
flake.nix
+3
-3
flake.nix
···
42
42
];
43
43
};
44
44
45
-
# da server
46
-
falcon = nixosSystem {
45
+
# ben server
46
+
lumiere = nixosSystem {
47
47
system = "x86_64-linux";
48
48
specialArgs = {inherit inputs;};
49
49
modules = [
50
-
./hosts/falcon/default.nix
50
+
./hosts/lumiere/default.nix
51
51
sops-nix.nixosModules.sops
52
52
];
53
53
};
-1
hosts/blanka/default.nix
-1
hosts/blanka/default.nix
+39
hosts/lumiere/default.nix
+39
hosts/lumiere/default.nix
···
1
+
{pkgs, ...}: {
2
+
imports = [
3
+
./hardware-configuration.nix
4
+
./services.nix
5
+
];
6
+
7
+
boot.loader.systemd-boot.enable = true;
8
+
boot.loader.efi.canTouchEfiVariables = true;
9
+
10
+
networking = {
11
+
hostId = "f36e38e3";
12
+
hostName = "lumiere";
13
+
networkmanager.enable = true;
14
+
};
15
+
time.timeZone = "America/New_York";
16
+
17
+
i18n.defaultLocale = "en_US.UTF-8";
18
+
services.xserver.xkb.layout = "us";
19
+
20
+
users.users."zah" = {
21
+
isNormalUser = true;
22
+
extraGroups = ["wheel"];
23
+
packages = with pkgs; [
24
+
tree
25
+
neovim
26
+
];
27
+
};
28
+
29
+
environment.systemPackages = with pkgs; [
30
+
vim
31
+
git
32
+
tmux
33
+
];
34
+
35
+
networking.firewall.allowedTCPPorts = [22 2222];
36
+
networking.firewall.allowedUDPPorts = [22 2222];
37
+
38
+
system.stateVersion = "25.11";
39
+
}
+88
hosts/lumiere/hardware-configuration.nix
+88
hosts/lumiere/hardware-configuration.nix
···
1
+
{
2
+
config,
3
+
lib,
4
+
modulesPath,
5
+
...
6
+
}: {
7
+
imports = [
8
+
(modulesPath + "/installer/scan/not-detected.nix")
9
+
];
10
+
11
+
boot = {
12
+
initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"];
13
+
initrd.kernelModules = [];
14
+
initrd.network = {
15
+
enable = true;
16
+
ssh = {
17
+
enable = true;
18
+
port = 2222;
19
+
hostKeys = [
20
+
/etc/ssh/ssh_host_ed25519_key
21
+
];
22
+
authorizedKeys = [
23
+
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGuChILFlgTqJiiNFcy7GunS13VlVvnOhypgwVtnhL0X Andrew Zah <zah@andrewzah.com> (ltddr)"
24
+
];
25
+
};
26
+
};
27
+
28
+
kernelModules = ["kvm-amd"];
29
+
extraModulePackages = [];
30
+
31
+
zfs.extraPools = ["zpool"];
32
+
zfs.devNodes = "/dev/disk/by-id";
33
+
};
34
+
35
+
# note: snapshots
36
+
services.zfs = {
37
+
autoScrub.enable = true;
38
+
trim.enable = true;
39
+
};
40
+
# note: services.nfs.server.enable = true; # share zfs over NFS automatically
41
+
# zfs set sharenfs="ro=192.168.1.0/24,all_squash,anonuid=70,anongid=70" zpool/mydata
42
+
43
+
fileSystems."/" = {
44
+
device = "zpool/root";
45
+
fsType = "zfs";
46
+
options = ["zfsutil"];
47
+
};
48
+
49
+
fileSystems."/nix" = {
50
+
device = "zpool/nix";
51
+
fsType = "zfs";
52
+
options = ["zfsutil"];
53
+
};
54
+
55
+
fileSystems."/var" = {
56
+
device = "zpool/var";
57
+
fsType = "zfs";
58
+
options = ["zfsutil"];
59
+
};
60
+
61
+
fileSystems."/home" = {
62
+
device = "zpool/home";
63
+
fsType = "zfs";
64
+
options = ["zfsutil"];
65
+
};
66
+
67
+
fileSystems."/lumiere/media" = {
68
+
device = "zpool/media";
69
+
fsType = "zfs";
70
+
options = ["zfsutil"];
71
+
};
72
+
73
+
fileSystems."/boot" = {
74
+
device = "/dev/disk/by-uuid/12CE-A600";
75
+
fsType = "vfat";
76
+
options = ["fmask=0022" "dmask=0022"];
77
+
};
78
+
79
+
swapDevices = [
80
+
{
81
+
device = "/dev/disk/by-partuuid/e3d60c47-be5d-403e-bcf4-fd0c8ff31400";
82
+
randomEncryption = true;
83
+
}
84
+
];
85
+
86
+
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
87
+
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
88
+
}
+8
hosts/lumiere/services.nix
+8
hosts/lumiere/services.nix