summaryrefslogtreecommitdiff
path: root/machines
diff options
context:
space:
mode:
Diffstat (limited to 'machines')
-rw-r--r--machines/173-249-5-230/configuration.nix73
-rw-r--r--machines/173-249-5-230/hardware-configuration.nix69
-rw-r--r--machines/173-249-5-230/machine.nix10
-rw-r--r--machines/laptop/configuration.nix107
-rw-r--r--machines/laptop/machine.nix4
5 files changed, 262 insertions, 1 deletions
diff --git a/machines/173-249-5-230/configuration.nix b/machines/173-249-5-230/configuration.nix
new file mode 100644
index 0000000..b8b403e
--- /dev/null
+++ b/machines/173-249-5-230/configuration.nix
@@ -0,0 +1,73 @@
+{machine, ...}: {
+ boot.tmp.cleanOnBoot = true;
+ boot.loader.grub.devices = ["nodev"];
+ environment.persistence."/nix/persist" = {
+ enable = true;
+ hideMounts = true;
+ directories = [
+ "/var/log"
+ "/var/lib/nixos"
+ "/var/lib/systemd/coredump"
+ "/etc/NetworkManager/system-connections"
+ ];
+ files = [
+ "/etc/machine-id"
+ "/etc/ly/save.txt"
+ ];
+ users."mtgmonkey" = {
+ directories = [
+ ".local/share/zoxide"
+ ".ssh"
+ ];
+ files = [
+ ".bash_history"
+ ".brush_history"
+ ];
+ };
+ };
+ i18n.defaultLocale = "de_DE.UTF-8";
+ networking = {
+ dhcpcd.enable = true;
+ firewall = {
+ enable = true;
+ allowedTCPPorts = [80 443];
+ allowedUDPPorts = [80 443];
+ };
+ hostName = machine.hostname;
+ domain = "";
+ };
+ nix.settings = {
+ experimental-features = [
+ "nix-command"
+ "flakes"
+ ];
+ allow-import-from-derivation = true;
+ };
+ programs.noshell.enable = true;
+ services.openssh = {
+ enable = true;
+ allowSFTP = false;
+ ports = [5522];
+ settings = {
+ PermitRootLogin = "no";
+ PasswordAuthentication = false;
+ KbdInteractiveAuthentication = true;
+ };
+ extraConfig = ''
+ AllowTcpForwarding no
+ AllowAgentForwarding no
+ MaxAuthTries 3
+ MaxSessions 4
+ TCPKeepAlive no
+ '';
+ };
+ system.stateVersion = "26.05";
+ time.timeZone = "Europe/Berlin";
+ users.users."mtgmonkey" = {
+ isNormalUser = true;
+ description = "mtgmonkey";
+ initialPassword = "password";
+ extraGroups = ["wheel"];
+ openssh.authorizedKeys.keys = machine.pub-keys.ssh;
+ };
+}
diff --git a/machines/173-249-5-230/hardware-configuration.nix b/machines/173-249-5-230/hardware-configuration.nix
new file mode 100644
index 0000000..bde1c83
--- /dev/null
+++ b/machines/173-249-5-230/hardware-configuration.nix
@@ -0,0 +1,69 @@
+# Do not modify this file! It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations. Please make changes
+# to /etc/nixos/configuration.nix instead.
+{
+ config,
+ lib,
+ pkgs,
+ modulesPath,
+ ...
+}: {
+ imports = [
+ (modulesPath + "/installer/scan/not-detected.nix")
+ ];
+
+ boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "sdhci_pci"];
+ boot.initrd.kernelModules = [];
+ boot.kernelModules = ["kvm-intel"];
+ boot.extraModulePackages = [];
+
+ fileSystems."/" = {
+ #device = "none";
+ #fsType = "tmpfs";
+ #options = ["defaults" "size=60%" "mode=755"];
+ device = "/dev/disk/by-uuid/16c93673-4f0e-4010-a7f4-7ccffb20edb7";
+ fsType = "btrfs";
+ options = ["subvol=root"];
+ };
+
+ boot.initrd.postResumeCommands = lib.mkAfter ''
+ mkdir /btrfs_tmp
+ mount ${config.fileSystems."/".device} /btrfs_tmp
+ if [[ -e /btrfs_tmp/root ]]; then
+ mkdir -p /btrfs_tmp/old_roots
+ timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:$M:%S")
+ mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
+ fi
+
+ delete_subvolume_recursively() {
+ IFS=$'\n'
+ for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
+ delete_subvolume_recursively "/btrfs_tmp/$i"
+ done
+ btrfs subvolume delete "$1"
+ }
+
+ for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
+ delete_subvolume_recursively "$i"
+ done
+
+ btrfs subvolume create /btrfs_tmp/root
+ umount /btrfs_tmp
+ '';
+
+ fileSystems."/nix" = {
+ device = "/dev/disk/by-uuid/0e586651-36f4-42b0-99b3-3f0704a894d6";
+ fsType = "btrfs";
+ };
+
+ fileSystems."/boot" = {
+ device = "/dev/disk/by-uuid/F425-55BA";
+ fsType = "vfat";
+ options = ["fmask=0022" "dmask=0022"];
+ };
+
+ swapDevices = [];
+
+ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+ hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
diff --git a/machines/173-249-5-230/machine.nix b/machines/173-249-5-230/machine.nix
new file mode 100644
index 0000000..672d46b
--- /dev/null
+++ b/machines/173-249-5-230/machine.nix
@@ -0,0 +1,10 @@
+{
+ hostname = "173-249-5-230";
+ usernames = ["mtgmonkey"];
+ system = "x86_64-linux";
+ configuration = ./configuration.nix;
+ hardware-configuration = ./hardware-configuration.nix;
+ pub-keys = {
+ ssh = [];
+ };
+}
diff --git a/machines/laptop/configuration.nix b/machines/laptop/configuration.nix
new file mode 100644
index 0000000..1b07935
--- /dev/null
+++ b/machines/laptop/configuration.nix
@@ -0,0 +1,107 @@
+{
+ lib,
+ machine,
+ ...
+}: {
+ boot.loader = {
+ efi.canTouchEfiVariables = true;
+ systemd-boot.enable = true;
+ };
+ environment.persistence."/nix/persist" = {
+ enable = true;
+ hideMounts = true;
+ directories = [
+ "/var/log"
+ "/var/lib/bluetooth"
+ "/var/lib/nixos"
+ "/var/lib/systemd/coredump"
+ "/etc/NetworkManager/system-connections"
+ ];
+ files = [
+ "/etc/machine-id"
+ "/etc/ly/save.txt"
+ ];
+ users."andromeda" = {
+ directories = [
+ ".backups"
+ ".local/share/Anki2"
+ ".local/share/chat.fluffy.fluffychat"
+ ".local/share/zoxide"
+ ".ssh"
+ "conf"
+ "Downloads"
+ "pp"
+ ];
+ files = [
+ ".bash_history"
+ ".brush_history"
+ ];
+ };
+ users."mtgmonkey" = {
+ directories = [
+ ".local/share/zoxide"
+ ".ssh"
+ ];
+ files = [
+ ".bash_history"
+ ".brush_history"
+ ];
+ };
+ };
+ hardware.bluetooth = {
+ enable = true;
+ powerOnBoot = true;
+ };
+ i18n.defaultLocale = "de_DE.UTF-8";
+ networking = {
+ dhcpcd.enable = true;
+ firewall.enable = true;
+ hostName = machine.hostname;
+ networkmanager.enable = true;
+ };
+ nix.settings.experimental-features = [
+ "nix-command"
+ "flakes"
+ ];
+ nixpkgs.config.allowUnfreePredicate = pkg:
+ builtins.elem (lib.getName pkg) [
+ "steam"
+ "steam-original"
+ "steam-unwrapped"
+ "steam-run"
+ ];
+ programs = {
+ noshell.enable = true;
+ steam.enable = true;
+ sway.enable = true;
+ };
+ services = {
+ blueman.enable = true;
+ displayManager = {
+ enable = true;
+ ly.enable = true;
+ };
+ libinput.enable = true;
+ printing.enable = true;
+ };
+ system.stateVersion = "26.05";
+ time.timeZone = "Europe/Berlin";
+ users.users."andromeda" = {
+ isNormalUser = true;
+ description = "andromeda";
+ initialPassword = "password";
+ extraGroups = [
+ "networkmanager"
+ "wheel"
+ ];
+ };
+ users.users."mtgmonkey" = {
+ isNormalUser = true;
+ description = "mtgmonkey";
+ initialPassword = "password";
+ extraGroups = [
+ "networkmanager"
+ "wheel"
+ ];
+ };
+}
diff --git a/machines/laptop/machine.nix b/machines/laptop/machine.nix
index d6b1e01..77c15b5 100644
--- a/machines/laptop/machine.nix
+++ b/machines/laptop/machine.nix
@@ -1,6 +1,8 @@
{
hostname = "lenovo";
- usernames = ["andromeda"];
+ usernames = ["andromeda" "mtgmonkey"];
system = "x86_64-linux";
+ configuration = ./configuration.nix;
hardware-configuration = ./hardware-configuration.nix;
+ pub-keys.ssh = [];
}
generated by cgit v1.3 (git 2.53.0) at 2026-05-07 03:07:50 +0000