pim/nixos-configs
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity
nixos-configs/machines/gamepc/configuration.nix

123 lines
2.7 KiB
Nix
Raw Blame History

{
self,
pkgs,
config,
lib,
...
}: let
sops = lib.getExe pkgs.sops;
in {
config = {
pim = {
cinnamon.enable = true;
inWheel = false;
};
facter.reportPath = ./facter.json;
networking.hostName = "gamepc";
home-manager.users.pim.imports = [./home.nix];
programs.steam.enable = true;
deployment = {
targetHost = "gamepc";
targetUser = "root";
keys = {
root-sops-age-key = {
keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/gamepc/nixos.sops.yaml"];
name = "keys.txt";
destDir = "/root/.config/sops/age";
};
pim-sops-age-key = {
keyCommand = ["sudo" sops "--extract" "[\"sops_age_key\"]" "-d" "${self}/machines/gamepc/home.sops.yaml"];
name = "keys.txt";
destDir = "/home/pim/.config/sops/age";
user = "pim";
group = "users";
};
};
};
services = {
openssh.enable = true;
tailscale.enable = true;
};
users.users = {
root.openssh.authorizedKeys.keys = config.pim.ssh.keys.pim;
pim.openssh.authorizedKeys.keys = config.pim.ssh.keys.pim;
};
boot.loader.grub = {
enable = true;
efiSupport = true;
efiInstallAsRemovable = true;
};
disko.devices.disk = lib.genAttrs ["0" "1"] (name: {
type = "disk";
device = "/dev/nvme${name}n1";
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02"; # for grub MBR
};
ESP = {
size = "500M";
type = "EF00";
content = {
type = "mdraid";
name = "boot";
};
};
mdadm = {
size = "100%";
content = {
type = "mdraid";
name = "raid0";
};
};
};
};
});
disko.devices.mdadm = {
boot = {
type = "mdadm";
level = 1;
metadata = "1.0";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
raid0 = {
type = "mdadm";
level = 0;
content = {
type = "gpt";
partitions = {
primary = {
end = "-4G";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
swap = {
size = "100%";
content = {
type = "swap";
};
};
};
};
};
};
};
}
Reference in a new issue View git blame Copy permalink