diff options
Diffstat (limited to 'hosts/X230')
| -rw-r--r-- | hosts/X230/configuration.nix | 64 | ||||
| -rw-r--r-- | hosts/X230/hardware-configuration.nix | 48 | ||||
| -rw-r--r-- | hosts/X230/resources/secrets/wg0.yaml | 16 | ||||
| -rw-r--r-- | hosts/X230/wg.nix | 7 |
4 files changed, 135 insertions, 0 deletions
diff --git a/hosts/X230/configuration.nix b/hosts/X230/configuration.nix new file mode 100644 index 0000000..fcf0b05 --- /dev/null +++ b/hosts/X230/configuration.nix @@ -0,0 +1,64 @@ +{ config, lib, pkgs, ... }: { + imports = [ ./wg.nix ]; + + # Setup bootloader + boot._loader.enable = true; + + # Enable common options + _archetypes = { + # Use desktop profile + profiles.desktop = { + enable = true; + home.users.timmy.enable = true; + }; + # Install software + collections = { + desktop = { + crypto.enable = true; + graphics.enable = true; + office.enable = true; + }; + }; + }; + + # Enable user timmy + _users.timmy = { + enable = true; + autologin.enable = true; + wifi.enable = true; + }; + + # Use intel driver for better performance and vsync + services.xserver.videoDrivers = [ "intel" ]; + + # Configure home + home-manager.users.timmy = { + gtk._mintTheme = { + dark = true; + color = "Teal"; + icons.color = "Teal"; + }; + fonts.fontconfig.defaultFonts.monospace = [ "TamzenForPowerline" ]; + gtk = { + font.name = "monospace"; + font.size = 8; + cursorTheme.size = 24; + }; + programs._st = { + enable = true; + font = { + name = "TamzenForPowerline"; + attrs = { + pixelsize = 14; + }; + }; + }; + programs._seasonalwallpaper.wallpapers.download = true; + fonts.fontconfig = { + subpixelRendering = "rgb"; + hinting = "full"; + }; + }; + + system.stateVersion = "24.05"; +} diff --git a/hosts/X230/hardware-configuration.nix b/hosts/X230/hardware-configuration.nix new file mode 100644 index 0000000..0791585 --- /dev/null +++ b/hosts/X230/hardware-configuration.nix @@ -0,0 +1,48 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/41036740-73bc-4004-a302-01233b4d83b8"; + fsType = "btrfs"; + options = [ "subvol=@" ]; + }; + + boot.initrd.luks.devices."enc".device = "/dev/disk/by-uuid/6019772f-4a1c-4abd-9c70-b1d71cc2de65"; + + fileSystems."/home" = + { device = "/dev/disk/by-uuid/41036740-73bc-4004-a302-01233b4d83b8"; + fsType = "btrfs"; + options = [ "subvol=@home" ]; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/72D4-F66A"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s25.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/X230/resources/secrets/wg0.yaml b/hosts/X230/resources/secrets/wg0.yaml new file mode 100644 index 0000000..5941b70 --- /dev/null +++ b/hosts/X230/resources/secrets/wg0.yaml @@ -0,0 +1,16 @@ +wg0: ENC[AES256_GCM,data:wcgowNptTdrJNjzH6n/ulbec5+GPkuRAUNidWFy4dhClioTg8vdrXhhwP+sykwEZYOjsLurkU0Rw1w9ds+AGe3J+FnW1qKdskcY+8t/CyNY51pUbzMCKxexnNj52+0+VlH6FAUyplo6ESg/vlWCFyuyACWjQfdqDW/1PxJzrYqZ7MIwbCdntjE/84F52BqxePt3LolzvzTGUOx5Lr6Jbv9i3tv1R9NmZxt5t2gwaGbIIPWMVZh972w5HJYa8bfx67vuyj6HE46tMiu8WdQbHfjRvVIA+0OtHihpDGHfi5Q6iXpO/rk4YJZjsiEgTMTqD08HD5Gm+wBFwHSJjCOBpBsq3GsspDLNI+EXel7Gmtk+BhL1tFQdpYPwz7bHd03Znawr4Br7R0gHJg4FXnhKlG+SyDqXKirnCyCTfUotIBmU0dX4tzmwiOMyvImgXZA==,iv:GAk27qkZDopzdWnBeL7yTmyn9dM2wSzKd41NRhsyNNY=,tag:Ba7jZhqEa8dUedIvVFBbHA==,type:str] +sops: + age: + - recipient: age1w80rc0dnuu8nw99gw64c596qqetm78jdnsqajr0u7ephykekr39qfz8vnv + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4NEN4NGxDR1oreGVoSGhE + TzMxSEY0QVBhS2Z6MW15ci9aVlJ0a3IyVlZBCldPRVNvcUhJSHhWSEk3akd4RjN0 + ajhUV2d1ZWRsRFU4cTE2dGl6RmM4MGsKLS0tIFhnUjl5aDJqWVB1NE15SlNzR2Iv + YTNydURsOUMrSXZGdk9UOUdUQlA0SFUKxEDJRR6tpYva9qpWo9NxwCxk/xpRVoTl + YJkmDZzMcXikXXiro96AprP9dXJXvMPKYPGl2Zsal8PlGFPBoHW2GA== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2026-03-09T12:36:15Z" + mac: ENC[AES256_GCM,data:T8hQbFrPOGYQl8tbqUMLdQN3qjhcAXmKfwqEsLQkDjr2nxUXDz8d58TUsaRvkHC4jPo9lXyPL5SSpua2kzJIcDDLPkiPB/3qV8ksJQ0dgcfLkUnrI1mtoo9AOPnHrTjstSAR2cmiFbCTqRpkLnGwI+NoCLjNjd/GNSAlMl00QMg=,iv:boSHzNAuKGkAhtkApOOJEtW4gt13mMmCin24gf3dXIs=,tag:1+4+BE8ZPgvgf4RlH6Wmhw==,type:str] + unencrypted_suffix: _unencrypted + version: 3.12.1 diff --git a/hosts/X230/wg.nix b/hosts/X230/wg.nix new file mode 100644 index 0000000..3881b63 --- /dev/null +++ b/hosts/X230/wg.nix @@ -0,0 +1,7 @@ +{ config, pkgs, inputs, ... }: { + sops.secrets.wg0.sopsFile = ./resources/secrets/wg0.yaml; + + networking.wg-quick.interfaces = { + wg0.configFile = config.sops.secrets.wg0.path; + }; +} |