diff options
Diffstat (limited to 'hosts/hp-envy-office')
| -rw-r--r-- | hosts/hp-envy-office/configuration.nix | 68 | ||||
| -rw-r--r-- | hosts/hp-envy-office/hardware-configuration.nix | 48 | ||||
| -rw-r--r-- | hosts/hp-envy-office/resources/secrets/wg.yaml | 16 | ||||
| -rw-r--r-- | hosts/hp-envy-office/wg.nix | 7 |
4 files changed, 139 insertions, 0 deletions
diff --git a/hosts/hp-envy-office/configuration.nix b/hosts/hp-envy-office/configuration.nix new file mode 100644 index 0000000..c55c07b --- /dev/null +++ b/hosts/hp-envy-office/configuration.nix @@ -0,0 +1,68 @@ +{ config, lib, pkgs, ... }: { + imports = [ ./wg.nix ]; + + # Setup bootloader + boot._loader.enable = true; + boot.loader.timeout = 15; # Show for longer since it's usually skipped + + # Enable common options + _archetypes = { + # Use desktop profile + profiles.desktop = { + enable = true; + home.users.timmy.enable = true; + }; + # Install software + collections = { + desktop = { + extraUtilities.enable = true; + chromium.enable = true; + graphics.enable = true; + office.enable = true; + }; + development = { + docker.enable = true; + web = { + node.enable = true; + }; + }; + virtualization.enable = true; + }; + }; + + # Enable user timmy + _users.timmy = { + enable = true; + nas = { + enable = true; + office.enable = true; + office.automount = true; + }; + }; + + # Disable suspend + systemd._suspend.disable = true; + + # Use amdgpu driver for x11 + services.xserver.videoDrivers = [ "amdgpu" ]; + + # Configure home + home-manager.users.timmy = { + gtk._mintTheme = { + dark = true; + color = "Blue"; + icons.color = "Blue"; + }; + programs._seasonalwallpaper.wallpapers.download = true; + fonts.fontconfig = { + subpixelRendering = "rgb"; + hinting = "none"; + }; + gtk.gtk3.bookmarks = [ + "file:///home/timmy/docs/src/sites/admin Admin" + "file:///media/chexx/chexx cHEXx" + ]; + }; + + system.stateVersion = "24.11"; +} diff --git a/hosts/hp-envy-office/hardware-configuration.nix b/hosts/hp-envy-office/hardware-configuration.nix new file mode 100644 index 0000000..22a8c24 --- /dev/null +++ b/hosts/hp-envy-office/hardware-configuration.nix @@ -0,0 +1,48 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "ums_realtek" "usb_storage" "usbhid" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/5749d84b-690b-43a2-b834-f94675003189"; + fsType = "btrfs"; + options = [ "subvol=@" ]; + }; + + boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/4a617e54-4800-4474-b1fd-3bca5f66e55a"; + + fileSystems."/home" = + { device = "/dev/disk/by-uuid/5749d84b-690b-43a2-b834-f94675003189"; + fsType = "btrfs"; + options = [ "subvol=@home" ]; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/5E93-7CE3"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp3s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/hp-envy-office/resources/secrets/wg.yaml b/hosts/hp-envy-office/resources/secrets/wg.yaml new file mode 100644 index 0000000..f3b53aa --- /dev/null +++ b/hosts/hp-envy-office/resources/secrets/wg.yaml @@ -0,0 +1,16 @@ +wg1: ENC[AES256_GCM,data:XWdnE2QvfvFlMKUW6BoUSsEXDmYj4aNfbxvA6pFeIZM7NEtIwC4/NsplPwFIZwF372/bwDGXGocuh5gd1p/eAlsyz2DrAS+8g1+4T40EPPmXPgh++vUTvcpPlt74Qxp2yAeEU4CU7UPLvlxSvNjh5PGS68Cw7KxSB7kiWFxRWtm5oVfb+U6cBaQE6Biie7wPmXNWOobGHTfFYDeNmH6w33nH4lCV2MC0eYty9ytwHeVS7gUNrk4oxIfd+1FmNzwNHtVZvRg4wRzcc2M9fD0LuyuY6QVS/qaJG4hNNEHZ6qa0VMTnOzQ4jFHtd5jnz2vb7ckE7UWcFPjXYObcykk0End7sHVN/bD+fUv56JKZOHvVYFgs6OwCzUPAufnv10+h,iv:LMEpZW3mwGuIpJoacBYL8M0ROVNeVMzeb7ncZtfxIDA=,tag:aNCziN9CVgm0IB8VvVorEA==,type:str] +sops: + age: + - recipient: age1w80rc0dnuu8nw99gw64c596qqetm78jdnsqajr0u7ephykekr39qfz8vnv + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhdUJRS21FeFlseWJXU1dt + MnhQRnFvZWM0M1o4bUhBWW9KRDdnZ1pGZkYwCnhPYmFHZmdnRS9lb2xsTXZBcmIx + dHF5dmlrbjJyUk84QVBLTEFwMWdESGMKLS0tIHFyZGpSeTFoNEQyZThFc2RyQkhY + Q1ZvODVWSXE1STlkZ09tVXdVeU1WaVkKhKMfJclNgHXN7pww2w3AaKwcWiBo676g + RWSkV6C+5purA0CzTu1uC3CKz8UK8mVgPfamSZdZQU8+6bGMmseWoQ== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2026-03-31T19:32:51Z" + mac: ENC[AES256_GCM,data:zpEYjHqta6HuRHIKijbLmAND5mCaR14ZUdEeXq/zJ8g4DgWrAkaukhYdXhLH+SEUZt8d3tmj5Eq+6oz9qEjdWhBuPykxVBmBiqIhQBgACCMhSL5v3wY1rxL2ZiQ7szEuwh0GjXpkzPno0Z2+xZ6FzVsJdGnZwykru+JWQcUIfvk=,iv:yUiP/clvI/NnDrji9eMYiTqtO1xsTc7u86V/nlQSMIA=,tag:UyMz/BdYoGxXCJIb8tITcQ==,type:str] + unencrypted_suffix: _unencrypted + version: 3.12.1 diff --git a/hosts/hp-envy-office/wg.nix b/hosts/hp-envy-office/wg.nix new file mode 100644 index 0000000..763496e --- /dev/null +++ b/hosts/hp-envy-office/wg.nix @@ -0,0 +1,7 @@ +{ config, pkgs, inputs, ... }: { + sops.secrets.wg1.sopsFile = ./resources/secrets/wg.yaml; + + networking.wg-quick.interfaces = { + wg1.configFile = config.sops.secrets.wg1.path; + }; +} |