tohru: rearrange and split up configuration

2024-08-30 18:22:13 +01:00 · 2024-08-30 18:22:13 +01:00 · d112e705f1
parent 444c69edd3
commit d112e705f1
7 changed files with 103 additions and 118 deletions
--- a/flake.nix
+++ b/flake.nix
@ -47,17 +47,7 @@
        ];
      };
-      tohru = { name, nodes, ... }: {
+      tohru.imports = [ ./hosts/tohru ];
        networking.hostId = "31da19c1";
        deployment = {
          allowLocalDeployment = true;
          targetHost = null; # disallow remote deployment
        };
        imports = [
          ./hosts/tohru/configuration.nix
        ];
      };
      yevaud = { name, nodes, ... }: {
        networking.hostId = "09673d65";
--- a/hosts/tohru/boot.nix
+++ b/hosts/tohru/boot.nix
@ -0,0 +1,14 @@
 { config, lib, pkgs, ... }:
 {
  boot = {
    loader.systemd-boot.enable = true;
    loader.systemd-boot.editor = false;
    loader.efi.canTouchEfiVariables = true;
    initrd.availableKernelModules = [ "xhci_pci" "nvme" "rtsx_pci_sdmmc" ];
    kernelModules = [ "kvm-intel" ];
    supportedFilesystems = [ "ntfs" ]; # for USB drives
  };
 }
--- a/hosts/tohru/configuration.nix
+++ b/hosts/tohru/configuration.nix
@ -2,33 +2,22 @@
 {
  imports = [
-    ./hardware-configuration.nix
+    ./boot.nix
    ./filesystems.nix
    ./hardware.nix
    ./networking.nix
    ./syncthing.nix
  ];
-  boot.loader.systemd-boot.enable = true;
+  nixpkgs.hostPlatform = "x86_64-linux";
-  boot.loader.efi.canTouchEfiVariables = true;
+  networking.hostId = "31da19c1";
  boot.loader.systemd-boot.editor = false;
-  age.secrets.wireguard-peer-tohru.file = ../../secrets/wireguard-peer-tohru.age;
+  deployment = {
-  birdsong.peering = {
+    allowLocalDeployment = true;
-    enable = true;
+    targetHost = null; # disallow remote deployment
    privateKeyFile = config.age.secrets.wireguard-peer-tohru.path;
    persistentKeepalive = 23;
  };
  programs.evolution.enable = true;
  qenya.services.fonts.enable = true;
  qenya.services.steam.enable = true;
  home-manager.users.qenya = { pkgs, ... }: {
    imports = [
      ./home.nix
    ];
  };
  networking.networkmanager.enable = true;
  time.timeZone = "Europe/London";
  i18n.defaultLocale = "en_GB.UTF-8";
@ -43,6 +32,10 @@
  sound.enable = true;
  hardware.pulseaudio.enable = true;
  # services.pipewire = {
  #   enable = true;
  #   pulse.enable = true;
  # };
  age.secrets.user-password-tohru-qenya.file = ../../secrets/user-password-tohru-qenya.age;
  users.users.qenya.hashedPasswordFile = config.age.secrets.user-password-tohru-qenya.path;
@ -51,17 +44,11 @@
    "networkmanager" # UI wifi configuration
    "dialout" # access to serial ports
  ];
  home-manager.users.qenya.imports = [ ./home.nix ];
-  # USB drives
+  programs.evolution.enable = true;
-  boot.supportedFilesystems = [ "ntfs" ];
+  qenya.services.fonts.enable = true;
-
+  qenya.services.steam.enable = true;
  hardware.enableAllFirmware = true;
  services.fwupd.enable = true;
  services.fstrim.enable = true;
  boot.initrd.luks.devices = {
    "rpool".device = "/dev/nvme0n1p2";
  };
  system.stateVersion = "23.11";
 }
--- a/hosts/tohru/filesystems.nix
+++ b/hosts/tohru/filesystems.nix
@ -0,0 +1,49 @@
 { config, lib, pkgs, ... }:
 {
  boot.initrd.luks.devices = {
    "rpool".device = "/dev/nvme0n1p2";
  };
  fileSystems = {
    "/" = {
      device = "rpool/root";
      fsType = "zfs";
    };
    "/nix" = {
      device = "rpool/nix";
      fsType = "zfs";
    };
    "/var" = {
      device = "rpool/var";
      fsType = "zfs";
    };
    "/config" = {
      device = "rpool/config";
      fsType = "zfs";
    };
    "/home" = {
      device = "rpool/home";
      fsType = "zfs";
    };
    "/data" = {
      device = "rpool/data";
      fsType = "zfs";
    };
    "/data/syncthing" = {
      device = "rpool/data/syncthing";
      fsType = "zfs";
    };
    "/data/steam" = {
      device = "rpool/data/steam";
      fsType = "zfs";
    };
    "/boot" = {
      device = "/dev/disk/by-uuid/7DD4-487E";
      fsType = "vfat";
      options = [ "fmask=0022" "dmask=0022" ];
    };
  };
  swapDevices = [{ device = "/dev/disk/by-uuid/a066313e-2467-4e07-ad0c-aeb7ff3f8d97"; }];
 }
--- a/hosts/tohru/hardware-configuration.nix
+++ b/hosts/tohru/hardware-configuration.nix
@ -1,76 +0,0 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
 { config, lib, pkgs, modulesPath, ... }:
 {
  imports =
    [ (modulesPath + "/installer/scan/not-detected.nix")
    ];
  boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "rtsx_pci_sdmmc" ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];
  fileSystems."/" =
    { device = "rpool/root";
      fsType = "zfs";
    };
  fileSystems."/nix" =
    { device = "rpool/nix";
      fsType = "zfs";
    };
  fileSystems."/var" =
    { device = "rpool/var";
      fsType = "zfs";
    };
  fileSystems."/config" =
    { device = "rpool/config";
      fsType = "zfs";
    };
  fileSystems."/home" =
    { device = "rpool/home";
      fsType = "zfs";
    };
  fileSystems."/data" =
    { device = "rpool/data";
      fsType = "zfs";
    };
  fileSystems."/data/syncthing" =
    { device = "rpool/data/syncthing";
      fsType = "zfs";
    };
  fileSystems."/data/steam" =
    { device = "rpool/data/steam";
      fsType = "zfs";
    };
  fileSystems."/boot" =
    { device = "/dev/disk/by-uuid/7DD4-487E";
      fsType = "vfat";
      options = [ "fmask=0022" "dmask=0022" ];
    };
  swapDevices =
    [ { device = "/dev/disk/by-uuid/a066313e-2467-4e07-ad0c-aeb7ff3f8d97"; }
    ];
  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's
  # still possible to use this option, but it's recommended to use it in conjunction
  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
  networking.useDHCP = lib.mkDefault true;
  # networking.interfaces.eno2.useDHCP = lib.mkDefault true;
  # networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }
--- a/hosts/tohru/hardware.nix
+++ b/hosts/tohru/hardware.nix
@ -0,0 +1,9 @@
 { config, lib, pkgs, ... }:
 {
  hardware.enableAllFirmware = true;
  hardware.cpu.intel.updateMicrocode = true;
  services.fwupd.enable = true;
  services.fstrim.enable = true;
 }
--- a/hosts/tohru/networking.nix
+++ b/hosts/tohru/networking.nix
@ -0,0 +1,12 @@
 { config, lib, pkgs, ... }:
 {
  networking.networkmanager.enable = true;
  age.secrets.wireguard-peer-tohru.file = ../../secrets/wireguard-peer-tohru.age;
  birdsong.peering = {
    enable = true;
    privateKeyFile = config.age.secrets.wireguard-peer-tohru.path;
    persistentKeepalive = 23;
  };
 }