From 4b8882d82dcc8667d2b1276d65e43d081c5fa868 Mon Sep 17 00:00:00 2001 From: andromeda Date: Wed, 31 Dec 2025 02:28:00 +0100 Subject: change pub key management again, centralize users, start to modularize lenovo conf --- machines/lenovo/configuration.nix | 69 +++------------------------------------ machines/lenovo/impermanence.nix | 44 +++++++++++++++++++++++++ 2 files changed, 48 insertions(+), 65 deletions(-) create mode 100644 machines/lenovo/impermanence.nix (limited to 'machines/lenovo') diff --git a/machines/lenovo/configuration.nix b/machines/lenovo/configuration.nix index 1b42b9d..adf0814 100644 --- a/machines/lenovo/configuration.nix +++ b/machines/lenovo/configuration.nix @@ -1,11 +1,14 @@ { config, lib, - pkgs, modulesPath, machine, ... }: { + imports = [ + ./impermanence.nix + (modulesPath + "/installer/scan/not-detected.nix") + ]; age.secrets = { secret0.file = ../../secrets/secret0.age; secret1.file = ../../secrets/secret1.age; @@ -14,48 +17,6 @@ efi.canTouchEfiVariables = true; systemd-boot.enable = true; }; - environment.persistence."/nix/persist" = { - enable = true; - hideMounts = true; - directories = [ - "/var/log" - "/var/lib/bluetooth" - "/var/lib/nixos" - "/var/lib/systemd/coredump" - "/etc/NetworkManager/system-connections" - "/etc/ssh" - ]; - files = [ - "/etc/machine-id" - "/etc/ly/save.txt" - ]; - users."andromeda" = { - directories = [ - ".backups" - ".local/share/Anki2" - ".local/share/chat.fluffy.fluffychat" - ".local/share/zoxide" - ".ssh" - "conf" - "Downloads" - "pp" - ]; - files = [ - ".bash_history" - ".brush_history" - ]; - }; - users."mtgmonkey" = { - directories = [ - ".local/share/zoxide" - ".ssh" - ]; - files = [ - ".bash_history" - ".brush_history" - ]; - }; - }; hardware.bluetooth = { enable = true; powerOnBoot = true; @@ -95,28 +56,6 @@ }; system.stateVersion = "26.05"; time.timeZone = "Europe/Berlin"; - users.users."andromeda" = { - isNormalUser = true; - description = "andromeda"; - hashedPasswordFile = builtins.toString config.age.secrets.secret0.path; - extraGroups = [ - "networkmanager" - "wheel" - ]; - }; - users.users."mtgmonkey" = { - isNormalUser = true; - description = "mtgmonkey"; - hashedPasswordFile = builtins.toString config.age.secrets.secret1.path; - extraGroups = [ - "networkmanager" - "wheel" - ]; - }; - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "sdhci_pci"]; boot.initrd.kernelModules = []; boot.kernelModules = ["kvm-intel"]; diff --git a/machines/lenovo/impermanence.nix b/machines/lenovo/impermanence.nix new file mode 100644 index 0000000..1bb98f5 --- /dev/null +++ b/machines/lenovo/impermanence.nix @@ -0,0 +1,44 @@ +{ + environment.persistence."/nix/persist" = { + enable = true; + hideMounts = true; + directories = [ + "/var/log" + "/var/lib/bluetooth" + "/var/lib/nixos" + "/var/lib/systemd/coredump" + "/etc/NetworkManager/system-connections" + "/etc/ssh" + ]; + files = [ + "/etc/machine-id" + "/etc/ly/save.txt" + ]; + users."andromeda" = { + directories = [ + ".backups" + ".local/share/Anki2" + ".local/share/chat.fluffy.fluffychat" + ".local/share/zoxide" + ".ssh" + "conf" + "Downloads" + "pp" + ]; + files = [ + ".bash_history" + ".brush_history" + ]; + }; + users."mtgmonkey" = { + directories = [ + ".local/share/zoxide" + ".ssh" + ]; + files = [ + ".bash_history" + ".brush_history" + ]; + }; + }; +} -- cgit v1.3