diff --git a/flake.lock b/flake.lock index b91ba33..a9c3792 100644 --- a/flake.lock +++ b/flake.lock @@ -332,11 +332,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1715534503, - "narHash": "sha256-5ZSVkFadZbFP1THataCaSf0JH2cAH3S29hU9rrxTEqk=", + "lastModified": 1715447595, + "narHash": "sha256-VsVAUQOj/cS1LCOmMjAGeRksXIAdPnFIjCQ0XLkCsT0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2057814051972fa1453ddfb0d98badbea9b83c06", + "rev": "062ca2a9370a27a35c524dc82d540e6e9824b652", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 22d4107..1a30099 100644 --- a/flake.nix +++ b/flake.nix @@ -119,20 +119,6 @@ } ]; }; - fujitsu = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = attrs; - modules = [ - nix-index-database.nixosModules.nix-index - impermanence.nixosModules.impermanence - agenix.nixosModules.default - ./hosts/fujitsu - ./shared - { - nixpkgs.overlays = [ self.overlays.default ]; - } - ]; - }; falkenstein = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = attrs; diff --git a/hosts/fujitsu/default.nix b/hosts/fujitsu/default.nix deleted file mode 100644 index 7dc15f2..0000000 --- a/hosts/fujitsu/default.nix +++ /dev/null @@ -1,61 +0,0 @@ -{ pkgs, ... }: -{ - imports = [ - ./hardware-configuration.nix - ./modules/networks - ]; - - boot.loader.grub.enable = true; - boot.loader.grub.devices = [ "/dev/sda" "/dev/sdb" ]; - services.btrfs.autoScrub.enable = true; - - environment.persistence."/nix/persist/system" = { - directories = [ - "/etc/ssh" - "/root/.borgmatic" - "/root/.local/share/zsh" - "/root/.config/borg/security" - ]; - files = [ - "/etc/machine-id" - ]; - }; - - time.timeZone = "Europe/Berlin"; - console = { - font = "Lat2-Terminus16"; - keyMap = "dvorak"; - }; - - environment.systemPackages = with pkgs; [ - vim - htop-vim - helix - lsof - btdu - tcpdump - mtr - ]; - programs.git = { - enable = true; - config = { - user.name = "Rouven Seifert"; - user.email = "rouven@rfive.de"; - }; - }; - - services.openssh.enable = true; - services.journald.gateway.enable = true; - programs.mosh.enable = true; - - users.users.root.initialHashedPassword = "$y$j9T$hYM7FT2hn3O7OWBn9uz8e0$XquxONcPSke6YjdRGwOzGxC0/92hgP7PIB0y0K.Qdr/"; - users.users.root.openssh.authorizedKeys.keyFiles = [ - ../../keys/ssh/rouven-thinkpad - ../../keys/ssh/root-thinkpad - ../../keys/ssh/rouven-pixel - ../../keys/ssh/root-falkenstein - ]; - - system.stateVersion = "24.05"; # Did you read the comment? -} - diff --git a/hosts/fujitsu/hardware-configuration.nix b/hosts/fujitsu/hardware-configuration.nix deleted file mode 100644 index 75fc55a..0000000 --- a/hosts/fujitsu/hardware-configuration.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ config, lib, modulesPath, ... }: - -{ - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "ehci_pci" "ata_piix" "usb_storage" "usbhid" "sd_mod" "sr_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = { - device = "tmpfs"; - fsType = "tmpfs"; - options = [ "mode=755" ]; - }; - - fileSystems."/boot" = { - device = "/dev/sda2"; - fsType = "btrfs"; - options = [ "subvol=boot" "noatime" ]; - }; - - fileSystems."/nix" = { - device = "/dev/sda2"; - fsType = "btrfs"; - options = [ "subvol=nix" "compress=zstd" "noatime" ]; - }; - - fileSystems."/var/lib" = { - device = "/dev/sda2"; - fsType = "btrfs"; - options = [ "subvol=lib" "compress=zstd" "noatime" ]; - }; - - fileSystems."/var/log" = { - device = "/dev/sda2"; - fsType = "btrfs"; - options = [ "subvol=log" "compress=zstd" "noatime" ]; - }; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/hosts/fujitsu/modules/networks/default.nix b/hosts/fujitsu/modules/networks/default.nix deleted file mode 100644 index 47e61c2..0000000 --- a/hosts/fujitsu/modules/networks/default.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ ... }: -{ - networking = { - hostName = "fujitsu"; - domain = "rfive.de"; - useNetworkd = true; - enableIPv6 = true; - nftables.enable = true; - firewall = { - extraInputRules = '' - ip saddr 192.168.0.0/16 tcp dport 19531 accept comment "Allow journald gateway access from local networks" - ''; - }; - }; - services.resolved = { - enable = true; - fallbackDns = [ - "9.9.9.9" - "149.112.112.112" - "2620:fe::fe" - "2620:fe::9" - ]; - }; - - - systemd.network = { - enable = true; - networks."10-loopback" = { - matchConfig.Name = "lo"; - linkConfig.RequiredForOnline = false; - }; - networks."10-wired" = { - matchConfig.Name = "enp2s0"; - address = [ "192.168.42.3/24" ]; - routes = [{ - routeConfig.Gateway = "192.168.42.1"; - }]; - networkConfig = { - DNS = [ - "192.168.42.1" - ]; - LLDP = true; - EmitLLDP = "nearest-bridge"; - }; - }; - }; -} diff --git a/hosts/iso/default.nix b/hosts/iso/default.nix index 645a8e6..7797518 100644 --- a/hosts/iso/default.nix +++ b/hosts/iso/default.nix @@ -11,7 +11,6 @@ programs.git.enable = true; environment.systemPackages = with pkgs; [ helix - vim ]; # in case we need to rescue a zfs machine diff --git a/hosts/nuc/hardware-configuration.nix b/hosts/nuc/hardware-configuration.nix index 10991c5..2ac61dc 100644 --- a/hosts/nuc/hardware-configuration.nix +++ b/hosts/nuc/hardware-configuration.nix @@ -16,36 +16,42 @@ boot.extraModulePackages = [ ]; services.fstrim.enable = true; - fileSystems."/" = { - device = "tmpfs"; - fsType = "tmpfs"; - options = [ "mode=755" ]; - }; + fileSystems."/" = + { + device = "tmpfs"; + fsType = "tmpfs"; + options = [ "mode=755" ]; + }; - fileSystems."/var/lib" = { - device = "/dev/disk/by-uuid/16b0bd14-1b07-477d-a20d-982f9467f6df"; - fsType = "btrfs"; - options = [ "subvol=lib" "compress=zstd" "discard=async" "noatime" ]; - }; + fileSystems."/var/lib" = + { + device = "/dev/disk/by-uuid/16b0bd14-1b07-477d-a20d-982f9467f6df"; + fsType = "btrfs"; + options = [ "subvol=lib" "compress=zstd" "discard=async" "noatime" ]; + }; - fileSystems."/var/log" = { - device = "/dev/disk/by-uuid/16b0bd14-1b07-477d-a20d-982f9467f6df"; - fsType = "btrfs"; - options = [ "subvol=log" "compress=zstd" "discard=async" "noatime" ]; - }; + fileSystems."/var/log" = + { + device = "/dev/disk/by-uuid/16b0bd14-1b07-477d-a20d-982f9467f6df"; + fsType = "btrfs"; + options = [ "subvol=log" "compress=zstd" "discard=async" "noatime" ]; + }; - fileSystems."/nix" = { - device = "/dev/disk/by-uuid/16b0bd14-1b07-477d-a20d-982f9467f6df"; - fsType = "btrfs"; - options = [ "subvol=nix" "compress=zstd" "discard=async" "noatime" ]; - }; + fileSystems."/nix" = + { + device = "/dev/disk/by-uuid/16b0bd14-1b07-477d-a20d-982f9467f6df"; + fsType = "btrfs"; + options = [ "subvol=nix" "compress=zstd" "discard=async" "noatime" ]; + }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/0135-7C8C"; - fsType = "vfat"; - }; + fileSystems."/boot" = + { + device = "/dev/disk/by-uuid/0135-7C8C"; + fsType = "vfat"; + }; - swapDevices = [{ device = "/dev/disk/by-uuid/fdedb47c-a370-4005-ac37-1c186e667de0"; }]; + swapDevices = + [{ device = "/dev/disk/by-uuid/fdedb47c-a370-4005-ac37-1c186e667de0"; }]; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; diff --git a/hosts/thinkpad/modules/networks/uni.nix b/hosts/thinkpad/modules/networks/uni.nix index 08129be..eedc098 100644 --- a/hosts/thinkpad/modules/networks/uni.nix +++ b/hosts/thinkpad/modules/networks/uni.nix @@ -23,7 +23,7 @@ identity="rose159e@tu-dresden.de" password="@EDUROAM_AUTH@" phase2="auth=PAP" - bssid_ignore=7c:5a:1c:02:3d:ef,82:5a:1c:02:3d:ef + bssid_ignore=7c:5a:1c:02:3d:ef ''; extraConfig = '' scan_ssid=1 diff --git a/hosts/vm/hardware-configuration.nix b/hosts/vm/hardware-configuration.nix index 90cb1db..612cba4 100644 --- a/hosts/vm/hardware-configuration.nix +++ b/hosts/vm/hardware-configuration.nix @@ -11,12 +11,13 @@ boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - # fileSystems."/" = - # { - # # Replace with actual config - # device = "/dev/sda"; - # fsType = "ext4"; - # }; + fileSystems."/" = + { + + # Replace with actual config + device = "/dev/sda"; + fsType = "ext4"; + }; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; } diff --git a/shared/systemd.nix b/shared/systemd.nix index bb6a7d5..cb53f89 100644 --- a/shared/systemd.nix +++ b/shared/systemd.nix @@ -3,8 +3,7 @@ { systemd = { - # package = lib.mkDefault (nixpkgs-systemd-256.legacyPackages.x86_64-linux.systemd.override { withHomed = false; }); - package = lib.mkDefault (pkgs.systemd.override { withHomed = false; }); + package = lib.mkDefault (nixpkgs-systemd-256.legacyPackages.x86_64-linux.systemd.override { withHomed = false; }); sleep.extraConfig = '' HibernateDelaySec=2h ''; diff --git a/users/rouven/modules/packages.nix b/users/rouven/modules/packages.nix index 36cdcc6..fe33497 100644 --- a/users/rouven/modules/packages.nix +++ b/users/rouven/modules/packages.nix @@ -24,7 +24,6 @@ # internet google-chrome - liferea # messaging tdesktop @@ -36,7 +35,7 @@ # cryptography yubikey-manager - python311Packages.pyhanko # broken, TODO fix + # python311Packages.pyhanko # broken, TODO fix bitwarden-cli # misc