restructure and rename directories

2023-10-22 22:30:51 +02:00 · 2023-10-22 22:30:51 +02:00 · 36b2ded537
commit 36b2ded537
parent 81313d1d5d
23 changed files with 29 additions and 20 deletions
--- a/nixos/default.nix
+++ b/nixos/default.nix
@ -0,0 +1,130 @@
+{ pkgs, config, ... }: {
+  imports = [
+    ./hardware-configuration.nix
+  ];
+
+  boot = {
+    loader.systemd-boot.enable = true;
+  };
+
+  time.timeZone = "Europe/Amsterdam";
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  services = {
+    xserver = {
+      enable = true;
+      displayManager.gdm = {
+        enable = true;
+      };
+      desktopManager.gnome.enable = true;
+      excludePackages = with pkgs; [ xterm ];
+    };
+
+    printing = {
+      enable = true;
+      drivers = [ pkgs.hplip pkgs.gutenprint ];
+    };
+  };
+
+  users = {
+    users.pim = {
+      isNormalUser = true;
+      extraGroups = [ "wheel" "docker" ];
+    };
+  };
+
+  environment = {
+    systemPackages = with pkgs; [
+      wget
+      curl
+      git
+      btop
+      ripgrep
+      vim
+      dogdns
+      tree
+      bat
+    ];
+    gnome.excludePackages = with pkgs; [
+      gnome.totem
+      gnome-tour
+      gnome.epiphany
+      gnome.geary
+      gnome-console
+      gnome.gnome-music
+    ];
+  };
+
+  system.stateVersion = "23.05";
+
+  programs.ssh.knownHosts = {
+    dmz = {
+      hostNames = ["*.dmz"];
+      publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAX2IhgHNxC6JTvLu9cej+iWuG+uJFMXn4AiRro9533x";
+      certAuthority = true;
+    };
+
+    hypervisors = {
+      hostNames = ["*.hyp"];
+      publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFzRkH3d/KVJQouswY/DMpenWbDFVOnI3Vut0xR0e1tb";
+      certAuthority = true;
+    };
+  };
+
+  security.sudo.extraConfig = ''
+    Defaults        timestamp_timeout=30
+  '';
+
+  nix = {
+    package = pkgs.nixFlakes;
+    extraOptions = ''
+      experimental-features = nix-command flakes
+    '';
+
+    gc = {
+      automatic = true;
+      persistent = true;
+      dates = "weekly";
+      options = "--delete-older-than 30d";
+    };
+  };
+
+  age = {
+    identityPaths = [ "/home/pim/.ssh/age_ed25519" ];
+
+    secrets = {
+      wg-quick-home-privkey.file = ../secrets/wg-quick-home-privkey.age;
+      wg-quick-home-preshared-key.file = ../secrets/wg-quick-home-preshared-key.age;
+    };
+  };
+
+  networking = {
+    hostName = "x260";
+
+    wg-quick.interfaces.home = {
+      privateKeyFile = config.age.secrets.wg-quick-home-privkey.path;
+      address = [
+        "10.225.191.4/24"
+        "fd11:5ee:bad:c0de::4/64"
+      ];
+      dns = [ "192.168.30.8" ];
+      peers = [{
+        presharedKeyFile = config.age.secrets.wg-quick-home-preshared-key.path;
+        endpoint = "84.245.14.149:51820";
+        publicKey = "fa3mQ7ximJbH7cu2ZbWidto5xBGxEEfWvCCiUDk00Hg=";
+        allowedIPs = [
+          "0.0.0.0/0"
+          "::0/0"
+        ];
+      }];
+    };
+  };
+
+  virtualisation.docker = {
+    enable = true;
+    rootless = {
+      enable = true;
+      setSocketVariable = true;
+    };
+  };
+}