Basic configuration for new servers and start modularizing config
This commit is contained in:
Charlotte Van Petegem
parent
82bb5b401c
commit
ca93d09059
38 changed files with 622 additions and 316 deletions
|
|
@ -6,49 +6,28 @@
|
|||
./secret.nix
|
||||
];
|
||||
|
||||
boot.loader = {
|
||||
grub = {
|
||||
enable = true;
|
||||
efiSupport = true;
|
||||
mirroredBoots = [
|
||||
{ devices = [ "nodev" ]; path = "/boot/ESP0"; }
|
||||
{ devices = [ "nodev" ]; path = "/boot/ESP1"; }
|
||||
];
|
||||
};
|
||||
efi = {
|
||||
canTouchEfiVariables = true;
|
||||
efiSysMountPoint = "/boot/EFI";
|
||||
};
|
||||
};
|
||||
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
||||
networking = {
|
||||
hostName = "lasting-integrity";
|
||||
hostId = "b352adfe";
|
||||
useDHCP = false;
|
||||
interfaces = {
|
||||
eno1.useDHCP = false;
|
||||
eno2.useDHCP = false;
|
||||
eno3.useDHCP = false;
|
||||
eno4.useDHCP = false;
|
||||
};
|
||||
};
|
||||
|
||||
users = {
|
||||
mutableUsers = false;
|
||||
defaultUserShell = pkgs.zsh;
|
||||
users.charlotte = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "wheel" "systemd-journal" ];
|
||||
chvp = {
|
||||
stateVersion = "20.09";
|
||||
docker.enable = true;
|
||||
nginx.enable = true;
|
||||
ovh.enable = true;
|
||||
sshd.enable = true;
|
||||
syncthing-server.enable = true;
|
||||
zfs = {
|
||||
enable = true;
|
||||
backups = [{
|
||||
path = "zroot/safe/data";
|
||||
remotePath = "zdata/recv/lasting-integrity/safe/data";
|
||||
fast = true;
|
||||
location = "192.168.0.1";
|
||||
}];
|
||||
};
|
||||
};
|
||||
|
||||
services.openssh.enable = true;
|
||||
services.openssh.permitRootLogin = "prohibit-password";
|
||||
|
||||
services.zfs.autoScrub.enable = true;
|
||||
services.zfs.trim.enable = true;
|
||||
|
||||
system.stateVersion = "20.09";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,16 +4,21 @@
|
|||
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||
|
||||
boot = {
|
||||
loader = {
|
||||
grub = {
|
||||
enable = true;
|
||||
efiSupport = true;
|
||||
mirroredBoots = [
|
||||
{ devices = [ "nodev" ]; path = "/boot/ESP0"; }
|
||||
{ devices = [ "nodev" ]; path = "/boot/ESP1"; }
|
||||
];
|
||||
};
|
||||
efi.canTouchEfiVariables = true;
|
||||
};
|
||||
initrd = {
|
||||
availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
|
||||
kernelModules = [ ];
|
||||
postDeviceCommands = lib.mkAfter ''
|
||||
zfs rollback -r zroot/local/root@blank
|
||||
'';
|
||||
};
|
||||
kernelModules = [ "kvm-intel" ];
|
||||
extraModulePackages = [ ];
|
||||
supportedFilesystems = [ "zfs" ];
|
||||
};
|
||||
|
||||
fileSystems = {
|
||||
|
|
@ -59,4 +64,9 @@
|
|||
];
|
||||
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
hardware = {
|
||||
cpu.intel.updateMicrocode = true;
|
||||
enableRedistributableFirmware = true;
|
||||
};
|
||||
services.fstrim.enable = true;
|
||||
}
|
||||
|
|
|
|||
Binary file not shown.
Loading…
Add table
Add a link
Reference in a new issue