sora/nixconfig
1
0
Fork 0
Code Issues 2 Pull Requests Actions Releases Activity

Compare commits

base: sora:3fd400062d60cc1f7bd721de3c0634edc3372945
Branches Tags
sora:main
...
compare: sora:main
Branches Tags
sora:main

44 Commits
3fd400062d ... main

Author SHA1 Message Date
soraefir
a7edc932a8 Fix VPS 2026-05-02 19:25:11 +02:00
soraefir
ae82eaa500 Fix 2026-05-02 10:32:08 +02:00
soraefir
e24e96f091 Fix VPS 2026-05-02 10:30:52 +02:00
soraefir
b42579f8cd Fix 2026-05-02 10:29:56 +02:00
soraefir
0192a1ace0 Fix boot 2026-05-02 10:29:21 +02:00
soraefir
dcc5c440f7 fix avalon 2026-05-02 10:12:36 +02:00
soraefir
1ceb440026 fix 2026-05-02 09:51:08 +02:00
bot
25b2e3e05f Merge pull request 'Lock file maintenance' (#271) from renovate/lock-file-maintenance into main 2026-05-02 04:03:53 +02:00
Renovate Bot
c823dbab4d Lock file maintenance 2026-05-02 02:03:51 +00:00
soraefir
32bbe70e2e fix 2026-05-02 00:26:53 +02:00
soraefir
1248c258df fix 2026-05-02 00:25:47 +02:00
soraefir
f852ed7662 Fix 2026-05-02 00:21:57 +02:00
soraefir
4729a82990 pkgs 2026-05-02 00:20:50 +02:00
soraefir
c9ebc6e512 wg sops 2026-05-02 00:20:20 +02:00
soraefir
d68c26a4eb test 2026-05-02 00:04:02 +02:00
soraefir
7b3d80c86e Fixing 2026-05-01 23:57:01 +02:00
soraefir
f98fee7988 wg fix 2026-05-01 23:52:10 +02:00
soraefir
401bb84bb0 temp ssh 2026-05-01 23:33:08 +02:00
soraefir
39ea963b7c Fix 2026-05-01 23:29:54 +02:00
soraefir
7cbb8ffae2 Fix 2026-05-01 23:26:23 +02:00
soraefir
9d9e99e462 fix 2026-05-01 23:22:21 +02:00
soraefir
3f5d05e076 Sops 2026-05-01 23:17:43 +02:00
soraefir
c1670a406c sops 2026-05-01 23:13:34 +02:00
soraefir
76b77b532c Boot 2026-05-01 23:03:39 +02:00
soraefir
16add98b0d boot fix 2026-05-01 22:57:34 +02:00
soraefir
f764e681c0 Gateway Boot 2026-05-01 22:49:06 +02:00
soraefir
f3c8020a85 Force 2026-05-01 22:40:19 +02:00
soraefir
376ac4a229 no bootloader on vps 2026-05-01 22:39:11 +02:00
soraefir
d4e599bd9b Fixes 2026-05-01 22:01:54 +02:00
soraefir
edc764461c Fix asguard name 2026-05-01 21:32:27 +02:00
soraefir
cf9c7f8b80 Fix 2026-05-01 18:55:03 +02:00
soraefir
0cdd18bec7 Fix 2026-05-01 18:53:18 +02:00
soraefir
5cbf1e8555 fix forwading 2026-05-01 18:51:45 +02:00
soraefir
735a9e2e0e Fix 2026-05-01 18:46:55 +02:00
soraefir
eba7f7bd74 fix 2026-05-01 18:46:22 +02:00
soraefir
beb6ef1b05 Fix 2026-05-01 18:44:33 +02:00
soraefir
e519f5c03c Fix sops 2026-05-01 18:43:49 +02:00
soraefir
d55fd5fc0e Fix sops 2026-05-01 18:42:47 +02:00
soraefir
b31f6cd331 Fix sops for wg peers 2026-05-01 18:38:13 +02:00
soraefir
9b0fc14795 Cleaner forwarding 2026-05-01 17:57:06 +02:00
soraefir
32c83bca98 Fix cfg 2026-05-01 17:48:43 +02:00
soraefir
a7ce1dc7ea Migrate gateway 2026-05-01 17:43:01 +02:00
bot
60bf451310 Merge pull request 'Lock file maintenance' (#270) from renovate/lock-file-maintenance into main 2026-04-26 04:04:29 +02:00
Renovate Bot
7f6e5879aa Lock file maintenance 2026-04-26 02:04:26 +00:00
21 changed files with 319 additions and 207 deletions
Expand all files Collapse all files

3
.sops.yaml
View File

@@ -9,6 +9,7 @@ keys:
- &avalon age1sxzuhh2fcd4pmaz4mdqq95t683d32ft22w9t2r7pk258u0s8wymsqdj7lg - &avalon age1sxzuhh2fcd4pmaz4mdqq95t683d32ft22w9t2r7pk258u0s8wymsqdj7lg
- &valinor age1sxzuhh2fcd4pmaz4mdqq95t683d32ft22w9t2r7pk258u0s8wymsqdj7lg - &valinor age1sxzuhh2fcd4pmaz4mdqq95t683d32ft22w9t2r7pk258u0s8wymsqdj7lg
- &asgard age1sxzuhh2fcd4pmaz4mdqq95t683d32ft22w9t2r7pk258u0s8wymsqdj7lg - &asgard age1sxzuhh2fcd4pmaz4mdqq95t683d32ft22w9t2r7pk258u0s8wymsqdj7lg
- &gateway age1lqvnzlendlmtwgstzrj4xzrwpatwx56k5az5au78fyg99yecwfzs3s6xn6
creation_rules: creation_rules:
- path_regex: modules/shared/sops/private/iriy.[a-z]+ - path_regex: modules/shared/sops/private/iriy.[a-z]+
@@ -43,6 +44,7 @@ creation_rules:
- *iriy - *iriy
- *avalon - *avalon
- *asgard - *asgard
- *gateway
pgp: pgp:
- *sora - *sora
@@ -51,7 +53,6 @@ creation_rules:
- age: - age:
- *ci - *ci
- path_regex: modules/server/sops/server.[a-z]+ - path_regex: modules/server/sops/server.[a-z]+
key_groups: key_groups:
- age: - age:

30
flake.lock generated
View File

@@ -174,11 +174,11 @@
}, },
"nixUnstable": { "nixUnstable": {
"locked": { "locked": {
"lastModified": 1776949667, "lastModified": 1777548390,
"narHash": "sha256-GMSVw35Q+294GlrTUKlx087E31z7KurReQ1YHSKp5iw=", "narHash": "sha256-WacE23EbHTsBKvr8cu+1DFNbP6Rh1brHUH5SDUI0NQI=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "01fbdeef22b76df85ea168fbfe1bfd9e63681b30", "rev": "7aaa00e7cc9be6c316cb5f6617bd740dd435c59d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -190,11 +190,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1776734388, "lastModified": 1777428379,
"narHash": "sha256-vl3dkhlE5gzsItuHoEMVe+DlonsK+0836LIRDnm6MXQ=", "narHash": "sha256-ypxFOeDz+CqADEQNL72haqGjvZQdBR5Vc7pyx2JDttI=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "10e7ad5bbcb421fe07e3a4ad53a634b0cd57ffac", "rev": "755f5aa91337890c432639c60b6064bb7fe67769",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -221,11 +221,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1776877367, "lastModified": 1777268161,
"narHash": "sha256-EHq1/OX139R1RvBzOJ0aMRT3xnWyqtHBRUBuO1gFzjI=", "narHash": "sha256-bxrdOn8SCOv8tN4JbTF/TXq7kjo9ag4M+C8yzzIRYbE=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "0726a0ecb6d4e08f6adced58726b95db924cef57", "rev": "1c3fe55ad329cbcb28471bb30f05c9827f724c76",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -241,11 +241,11 @@
"nixpkgs": "nixpkgs_2" "nixpkgs": "nixpkgs_2"
}, },
"locked": { "locked": {
"lastModified": 1777082957, "lastModified": 1777684559,
"narHash": "sha256-+TTHUfK87jlMJ9yHG5lkJSafwDDg1hcEViy+nZIMgsE=", "narHash": "sha256-0QXkkTPUnHLeMjb+FYVbCSbboVkTjeEnyPXOzb7A2Z0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nur", "repo": "nur",
"rev": "98cbacbb78d75f6f4498791700ecf0a525a3d18e", "rev": "ed879a8036a7255c34ec4b17dd4db087bff8f874",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -274,11 +274,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1776771786, "lastModified": 1777338324,
"narHash": "sha256-DRFGPfFV6hbrfO9a1PH1FkCi7qR5FgjSqsQGGvk1rdI=", "narHash": "sha256-bc+ZZCmOTNq86/svGnw0tVpH7vJaLYvGLLKFYP08Q8E=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "bef289e2248991f7afeb95965c82fbcd8ff72598", "rev": "8eaee5c45428b28b8c47a83e4c09dccec5f279b5",
"type": "github" "type": "github"
}, },
"original": { "original": {

1
flake.nix
View File

@@ -44,6 +44,7 @@
avalon = gen.generate { host = "avalon"; }; avalon = gen.generate { host = "avalon"; };
ci = gen.generate { host = "ci"; }; ci = gen.generate { host = "ci"; };
sandbox = gen.generate { host = "sandbox"; }; sandbox = gen.generate { host = "sandbox"; };
gateway = gen.generate { host = "gateway"; };
}; };
darwinConfigurations = { asgard = gen.generate { host = "asgard"; }; }; darwinConfigurations = { asgard = gen.generate { host = "asgard"; }; };
homeConfigurations = { homeConfigurations = {

59
modules/home/gui/games/wow.nix
View File

@@ -19,64 +19,5 @@
"wago_addons": null "wago_addons": null
} }
}''; }'';
# curse:master-plan
# curse:raretrackercore-rt
# curse:raretrackerdragonflight-rtd
# curse:raretrackermaw-rtmw
# curse:raretrackermechagon-rtm
# curse:raretrackerthewarwithin-rtww
# curse:raretrackertimelessisle-rtti
# curse:raretrackeruldum-rtu
# curse:raretrackervale-rtv
# curse:raretrackerworldbosses-rtwb
# curse:raretrackerzerethmortis-rtz
# curse:venture-plan
# curse:war-plan
# github:nevcairiel/bartender4
# github:cidan/betterbags
# github:bigwigsmods/bigwigs
# github:bigwigsmods/bigwigs_battleforazeroth
# github:bigwigsmods/bigwigs_burningcrusade
# github:bigwigsmods/bigwigs_cataclysm
# github:bigwigsmods/bigwigs_classic
# github:bigwigsmods/bigwigs_dragonflight
# github:bigwigsmods/bigwigs_legion
# github:bigwigsmods/bigwigs_mistsofpandaria
# github:bigwigsmods/bigwigs_shadowlands
# github:bigwigsmods/bigwigs_warlordsofdraenor
# github:bigwigsmods/bigwigs_wrathofthelichking
# github:nezroy/demodal
# github:curseforge-mirror/details
# github:edusperoni/details_elitism
# github:curseforge-mirror/elitismhelper
# github:michaelnpsp/grid2
# github:jods-gh/groupfinderrio
# github:nevcairiel/handynotes
# github:hekili/hekili
# github:thekrowi/krowi_achievementfilter
# github:bigwigsmods/littlewigs
# github:nnoggie/mythicdungeontools
# github:tullamods/omnicc
# github:tercioo/plater-nameplates
# github:curseforge-mirror/quest_completist
# github:raiderio/raiderio-addon
# github:wowrarity/rarity
# github:nevcairiel/shadowedunitframes
# github:simulationcraft/simc-addon
# github:curseforge-mirror/tomcats
# github:weakauras/weakauras2
# github:kemayo/wow-handynotes-battleforazerothtreasures
# github:kemayo/wow-handynotes-dragonflight
# github:kemayo/wow-handynotes-legiontreasures
# github:kemayo/wow-handynotes-longforgottenhippogryph
# github:kemayo/wow-handynotes-lostandfound
# github:kemayo/wow-handynotes-secretfish
# github:kemayo/wow-handynotes-shadowlandstreasures
# github:kemayo/wow-handynotes-stygia
# github:kemayo/wow-handynotes-treasurehunter
# github:kemayo/wow-handynotes-warwithin
# wowi:7032-tomtom
}; };
} }

2
modules/nixos/system/hw/boot/default.nix
View File

@@ -9,7 +9,7 @@ in {
}; };
efi = { efi = {
canTouchEfiVariables = true; canTouchEfiVariables = true;
efiSysMountPoint = "/boot/efi"; efiSysMountPoint = "/boot";
}; };
}; };
}; };

30
modules/nixos/system/network/wireguard/default.nix
View File

@@ -1,4 +1,22 @@
{ config, lib, ... }: { { config, lib, pkgs, ... }: let
systemsDir = ../../../../../systems;
systemNames = lib.attrNames (lib.filterAttrs
(name: type: type == "directory" && builtins.pathExists (systemsDir + "/${name}/cfg.nix"))
(builtins.readDir systemsDir));
# Use a helper to check if the attribute path exists safely
# This prevents the "attribute 'net' missing" error
isValidPeer = p:
(p ? syscfg.net.wg.enable) &&
(p.syscfg.net.wg.enable == true) &&
(p.syscfg.net.wg.pubkey != config.syscfg.net.wg.pubkey);
importedConfigs = map (name: import (systemsDir + "/${name}/cfg.nix")) systemNames;
activePeers = builtins.filter isValidPeer importedConfigs;
in
{
imports = [ ./forwarding.nix ];
config = lib.mkIf (config.syscfg.net.wg.enable) { config = lib.mkIf (config.syscfg.net.wg.enable) {
networking.wireguard = { networking.wireguard = {
enable = true; enable = true;
@@ -9,7 +27,15 @@
config.sops.secrets."${config.syscfg.hostname}_wg_priv".path; config.sops.secrets."${config.syscfg.hostname}_wg_priv".path;
listenPort = 1515; listenPort = 1515;
mtu = 1340; mtu = 1340;
peers = [{ peers =
if config.syscfg.net.wg.server.enable then
map (p: {
name = p.syscfg.hostname;
publicKey = p.syscfg.net.wg.pubkey;
allowedIPs = [ p.syscfg.net.wg.ip4 p.syscfg.net.wg.ip6 ];
}) activePeers
else
[{
allowedIPs = [ "10.10.1.0/24" "fd10:10:10::0/64" ]; allowedIPs = [ "10.10.1.0/24" "fd10:10:10::0/64" ];
endpoint = "vpn.helcel.net:1515"; endpoint = "vpn.helcel.net:1515";
publicKey = "NFBJvYXZC+bd62jhrKnM7/pugidWhgR6+C5qIiUiq3Q="; publicKey = "NFBJvYXZC+bd62jhrKnM7/pugidWhgR6+C5qIiUiq3Q=";

41
modules/nixos/system/network/wireguard/forwarding.nix Normal file
View File

@@ -0,0 +1,41 @@
{ config, lib, pkgs, ... }:
{
config = lib.mkIf (config.syscfg.net.wg.server.enable) {
boot.kernel.sysctl = {
"net.ipv4.ip_forward" = 1;
"net.ipv6.conf.all.forwarding" = 1;
};
networking.nftables.enable = true;
networking.nftables.ruleset = ''
table inet nat {
chain prerouting {
type nat hook prerouting priority dstnat; policy accept;
${lib.concatMapStringsSep "\n" (rule:
let
srcInt = builtins.elemAt rule 0;
dstAddr4 = builtins.elemAt rule 1;
dstAddr6 = builtins.elemAt rule 2;
srcPort = toString (builtins.elemAt rule 3);
dstPort = toString (builtins.elemAt rule 4);
in ''
iifname "${srcInt}" tcp dport ${srcPort} counter dnat ip to ${dstAddr4}:${dstPort}
iifname "${srcInt}" udp dport ${srcPort} counter dnat ip to ${dstAddr4}:${dstPort}
iifname "${srcInt}" tcp dport ${srcPort} counter dnat ip6 to [${dstAddr6}]:${dstPort}
iifname "${srcInt}" udp dport ${srcPort} counter dnat ip6 to [${dstAddr6}]:${dstPort}
''
) config.syscfg.net.wg.server.forward}
}
chain postrouting {
type nat hook postrouting priority srcnat; policy accept;
oifname { "wg0", "ens3" } masquerade
}
}
'';
};
}

1
modules/server/sops/default.nix
View File

@@ -16,5 +16,4 @@
group = config.users.users.${config.syscfg.defaultUser}.group; group = config.users.users.${config.syscfg.defaultUser}.group;
}; };
sops.secrets."${config.syscfg.hostname}_wg_priv" = { }; sops.secrets."${config.syscfg.hostname}_wg_priv" = { };
sops.secrets."${config.syscfg.hostname}_wg_pub" = { };
} }

99
modules/shared/sops/common.yaml
View File

File diff suppressed because one or more lines are too long

21
modules/shared/sops/default.nix
View File

@@ -1,4 +1,4 @@
{ config, pkgs, ... }: { config, lib, pkgs, ... }:
let let
isCI = builtins.elem config.syscfg.hostname [ "ci" "sandbox" ]; isCI = builtins.elem config.syscfg.hostname [ "ci" "sandbox" ];
keyFilePath = (if isCI then keyFilePath = (if isCI then
@@ -14,19 +14,24 @@ in {
sops.age.keyFile = keyFilePath; sops.age.keyFile = keyFilePath;
sops.age.generateKey = true; sops.age.generateKey = true;
sops.secrets.wifi = { }; sops.secrets = lib.mkMerge [
{
sops.secrets."${config.syscfg.hostname}_ssh_priv" = { wifi = { };
"${config.syscfg.hostname}_ssh_priv" = {
mode = "0400"; mode = "0400";
owner = config.users.users.${config.syscfg.defaultUser}.name; owner = config.users.users.${config.syscfg.defaultUser}.name;
group = config.users.users.${config.syscfg.defaultUser}.group; group = config.users.users.${config.syscfg.defaultUser}.group;
}; };
sops.secrets."${config.syscfg.hostname}_ssh_pub" = { "${config.syscfg.hostname}_ssh_pub" = {
mode = "0444"; mode = "0444";
owner = config.users.users.${config.syscfg.defaultUser}.name; owner = config.users.users.${config.syscfg.defaultUser}.name;
group = config.users.users.${config.syscfg.defaultUser}.group; group = config.users.users.${config.syscfg.defaultUser}.group;
}; };
sops.secrets."${config.syscfg.hostname}_wg_priv" = { }; "${config.syscfg.hostname}_wg_priv" = { };
sops.secrets."${config.syscfg.hostname}_wg_pub" = { }; }
(lib.genAttrs
(map (peer: "${peer}_ssh_pub") ["iriy" "avalon" "valinor"])
(_: { mode = "0444"; })
)
];
} }

26
modules/shared/syscfg/default.nix
View File

@@ -42,6 +42,30 @@ let
type = types.str; type = types.str;
default = ""; default = "";
}; };
pubkey = mkOption {
type = types.str;
default = "";
};
server = {
enable = mkOption {
type = types.bool;
default = false;
};
peers = mkOption {
type = types.listOf types.str;
default = [];
};
forward = mkOption {
type = types.listOf (types.listOf (types.oneOf [ types.str types.int ]));
default = [];
description = "Forwarding rules: [ [srcInterface dstAddr srcPort dstPort] ... ]";
example = [
[ "ens3" "10.10.1.2" "IPV6" 22 2222 ]
[ "ens3" "10.10.1.2" "IPV6" 80 80 ]
[ "ens3" "10.10.1.2" "IPV6" 443 443 ]
];
};
};
}; };
}; };
makeOpt = with lib; { makeOpt = with lib; {
@@ -55,7 +79,7 @@ let
}; };
virt = mkOption { virt = mkOption {
type = types.bool; type = types.bool;
default = true; default = false;
}; };
power = mkOption { power = mkOption {
type = types.bool; type = types.bool;

2
systems/asguard/cfg.nix
View File

@@ -1,6 +1,6 @@
{ {
syscfg = { syscfg = {
hostname = "asguard"; hostname = "asgard";
defaultUser = "sora"; defaultUser = "sora";
type = "macos"; type = "macos";
system = "x86_64-darwin"; system = "x86_64-darwin";

11
systems/avalon/cfg.nix
View File

@@ -23,21 +23,16 @@
} }
]; ];
make = { make = {
gui = false;
cli = true; cli = true;
virt = true; virt = true;
power = false;
game = false;
develop = false;
};
wlp = {
enable = false;
nif = "";
}; };
net = {
wg = { wg = {
enable = true; enable = true;
ip4 = "10.10.1.2/32"; ip4 = "10.10.1.2/32";
ip6 = "fd10:10:10::2/128"; ip6 = "fd10:10:10::2/128";
pubkey = "QlvpTiK6s/lIha9vKmo+teSy2Nw52qWLYatYjxVan3U=";
};
}; };
}; };
} }

14
systems/avalon/server/docker/secrets.txt Normal file
View File

@@ -0,0 +1,14 @@
AUTHENTIK_DB_PASSWORD=NTQRO0rhPCd4L3HLNK4AT09Npz+ks1jyRC6AOyo5u+k=
AUTHENTIK_SECRET_KEY=9Zw8Sy8257iJmRdBhUKGiq3d7uYAkhC9smuDUClE8aR1iPdpHHds+K2D1Zy3lwj2Hjnasu5jnopkhwnABWDu8A==
AUTHENTIK_EMAIL_PASSWORD=w+g:cPU+e.<q,f<mj3DFPxXxo4h2SVS9.;,T<!Sra>y!mNcAsiAp4jPCLTmjte2d
ETHERPAD_DB_PASSWORD=d43352c3906516bf4c34d63316509cb4b1621167af84c81b60689779a62b2348
ETHERPAD_ADMIN_PASSWORD=Hackme55#
COLLABORA_USER=...
COLLABORA_PASSWORD=...

39
systems/gateway/cfg.nix Normal file
View File

@@ -0,0 +1,39 @@
{
syscfg = {
hostname = "gateway";
type = "nixos";
system = "x86_64-linux";
defaultUser = "sora";
users = [{
username = "sora";
wm = "-";
git = {
email = "soraefir+git@helcel";
username = "soraefir";
key = "4E241635F8EDD2919D2FB44CA362EA0491E2EEA0";
};
}];
make = {
cli = true;
};
net = {
wlp = { enable = false; };
wg = {
enable = true;
ip4 = "10.10.1.1/32";
ip6 = "fd10:10:10::1/128";
pubkey = "NFBJvYXZC+bd62jhrKnM7/pugidWhgR6+C5qIiUiq3Q=";
server = {
enable = true;
peers = ["avalon" "iriy" "valinor"];
forward = [
[ "ens3" "10.10.1.2" "fd10:10:10::2" 2222 2222 ] # SSH
[ "ens3" "10.10.1.2" "fd10:10:10::2" 80 80 ] # HTTP
[ "ens3" "10.10.1.2" "fd10:10:10::2" 443 443 ] # HTTPS
[ "ens3" "10.10.1.2" "fd10:10:10::2" 3979 3979 ] # OTTD
];
};
};
};
};
}

13
systems/gateway/default.nix Normal file
View File

@@ -0,0 +1,13 @@
{ config, lib, inputs, ... }: {
imports = [ ./hardware.nix ];
services.openssh.enable = true;
services.openssh.authorizedKeysFiles = [
config.sops.secrets."iriy_ssh_pub".path
config.sops.secrets."valinor_ssh_pub".path
];
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC0GpKd62XMlO410/iYkNG8MHdGGaeMG3Gmsf3Pv3u2BllUzR9Dpym1ZOz2lwo3iK0FimcQpOiJqSIahO59HJl8jQ9BoQrJMXH7l2kuq1T09cMNWGjlzowg0LWKWOzoBzOwcheyW68OJGgkSfvk9BdshkUYTLVBXjiI9jo/8Qkcv1WLJJvJmDBDwnbYDQpODXCEDQ/t3YVubb+ocLmh40sDUffJLWZQXN6OFW9N5XxnvY7K5x9ci9GU4Reei40K8yDw2Hgi0njzijRdzie3MJlKPPawJ2TATu9LsGuxfx8bJXVx+mNxP0lhO8dOOhP7p0ozTxlJJY9ZWaKgOz3SzYNCgJ1gH7NtTBtSruXd6pfmErUmuJEAeMD6+QF3yJ5tnVFNPoSHqjP+oL3CgSRpmuvn7ChSSI3J3UVhLux165VtwIL7UhosO2mCqmn0Yk2mSBkB/L4ZiWFmO3vYdagYNQX7xZHzCJ5my8vomiT+DUGb2h/o1NetKwIZJiFAuHxKt3k= sora@valinor"
];
}

27
systems/gateway/hardware.nix Normal file
View File

@@ -0,0 +1,27 @@
{ config, lib, pkgs, modulesPath, ... }: {
imports = [ (modulesPath + "/profiles/qemu-guest.nix" ) ];
boot.kernelPackages = pkgs.linuxPackages_latest;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.loader.grub = {
enable = true;
device = "/dev/sda";
efiSupport = true;
};
boot.initrd.availableKernelModules =
[ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/25df457a-21d0-41ab-9de5-88ffc00e3469";
fsType = "btrfs";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/F24E-74FA";
fsType = "vfat";
options = [ "defaults" ];
};
}

2
systems/iriy/cfg.nix
View File

@@ -17,7 +17,6 @@
gui = true; gui = true;
cli = true; cli = true;
virt = true; virt = true;
power = false;
game = true; game = true;
develop = true; develop = true;
}; };
@@ -31,6 +30,7 @@
enable = true; enable = true;
ip4 = "10.10.1.7/32"; ip4 = "10.10.1.7/32";
ip6 = "fd10:10:10::7/128"; ip6 = "fd10:10:10::7/128";
pubkey = "6d1bINFmH12ACAJLDOwfFIZgmNHV/FGGk0YJyDP50HQ=";
}; };
}; };
}; };

2
systems/iriy/hardware.nix
View File

@@ -24,7 +24,7 @@
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/boot/efi" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/349E-5086"; device = "/dev/disk/by-uuid/349E-5086";
fsType = "vfat"; fsType = "vfat";
}; };

1
systems/valinor/cfg.nix
View File

@@ -31,6 +31,7 @@
enable = true; enable = true;
ip4 = "10.10.1.5/32"; ip4 = "10.10.1.5/32";
ip6 = "fd10:10:10::5/128"; ip6 = "fd10:10:10::5/128";
pubkey = "EUYd/dMdGcbxiWJXHhQhCXV00cr87pxiW1HExwCTGg0=";
}; };
}; };
}; };

2
systems/valinor/hardware.nix
View File

@@ -17,7 +17,7 @@
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/boot/efi" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/F344-72E2"; device = "/dev/disk/by-uuid/F344-72E2";
fsType = "vfat"; fsType = "vfat";
}; };