mirror of https://git.jolheiser.com/dotnix.git
104 lines
2.0 KiB
Nix
104 lines
2.0 KiB
Nix
{ pkgs, ... }:
|
|
let
|
|
username = "jolheiser";
|
|
key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJh5aUDN/KN28+4tbayXRQliLyKFZaCZtUMEBNaJfHYj";
|
|
in
|
|
{
|
|
imports = [ ./hardware.nix ];
|
|
|
|
boot = {
|
|
kernelPackages = pkgs.linuxPackages_latest;
|
|
kernelParams = [
|
|
"quiet"
|
|
"splash"
|
|
];
|
|
loader.grub = {
|
|
enable = true;
|
|
device = "/dev/sda";
|
|
useOSProber = true;
|
|
enableCryptodisk = true;
|
|
};
|
|
};
|
|
|
|
boot.initrd.secrets = {
|
|
"/crypto_keyfile.bin" = null;
|
|
};
|
|
|
|
boot.initrd.luks.devices = {
|
|
"luks-1f9bde68-9c4c-423c-a95f-17aa170dd2b4".keyFile = "/crypto_keyfile.bin";
|
|
"luks-a2ca1842-1ce0-437e-ba5e-8864a41e81cb" = {
|
|
device = "/dev/disk/by-uuid/a2ca1842-1ce0-437e-ba5e-8864a41e81cb";
|
|
keyFile = "/crypto_keyfile.bin";
|
|
};
|
|
};
|
|
|
|
networking = {
|
|
hostName = "gunpowder";
|
|
networkmanager.enable = true;
|
|
firewall.enable = true;
|
|
};
|
|
|
|
services = {
|
|
xserver = {
|
|
enable = true;
|
|
displayManager.lightdm.enable = true;
|
|
desktopManager.xfce.enable = true;
|
|
};
|
|
openssh.enable = true;
|
|
tailscale.enable = true;
|
|
mullvad-vpn = {
|
|
enable = true;
|
|
package = pkgs.mullvad-vpn;
|
|
};
|
|
resolved.enable = true;
|
|
|
|
# media
|
|
jellyfin = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
};
|
|
sonarr = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
};
|
|
radarr = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
};
|
|
bazarr = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
};
|
|
prowlarr = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
};
|
|
};
|
|
|
|
users = {
|
|
users = {
|
|
"${username}" = {
|
|
extraGroups = [
|
|
"wheel"
|
|
"docker"
|
|
"storage"
|
|
];
|
|
isNormalUser = true;
|
|
openssh.authorizedKeys.keys = [ key ];
|
|
};
|
|
"root".openssh.authorizedKeys.keys = [ key ];
|
|
};
|
|
groups.media.members = [
|
|
"jolheiser"
|
|
"olheiser"
|
|
"jellyfin"
|
|
"radarr"
|
|
"sonarr"
|
|
];
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [ qbittorrent ];
|
|
|
|
system.stateVersion = "22.11";
|
|
}
|