motiejus/config
1
Fork 0
Code Packages Releases Activity

sqq1-desk2

Browse Source
This commit is contained in:
Motiejus Jakštys
2025-11-03 21:00:13 +00:00
parent 0b98ce136b
commit 92963f15b9
4 changed files with 121 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
data.nix
View File

@@ -58,6 +58,10 @@ rec {
vno4IP vno4IP
]; ];
}; };
"sqq1-desk2.jakst.vpn" = rec {
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBKJjc2V5meA4+4O3GXX+Pwh6Lwwu4cvBGIZ52tufB4X";
system = "x86_64-linux";
};
"vno3-nk.jakst.vpn" = rec { "vno3-nk.jakst.vpn" = rec {
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBp3QL8p4AbuijEQX/uVHj6nkJ2/8qNSciL+Glydw2yK"; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBp3QL8p4AbuijEQX/uVHj6nkJ2/8qNSciL+Glydw2yK";
system = "x86_64-linux"; system = "x86_64-linux";

26
flake.nix
View File

@@ -223,6 +223,21 @@
// inputs; // inputs;
}; };
sqq1-desk2 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
{ nixpkgs.overlays = baseOverlays; }
./hosts/sqq1-desk2/configuration.nix
home-manager.nixosModules.home-manager
agenix.nixosModules.default
];
specialArgs = {
inherit myData;
}
// inputs;
};
}; };
deploy.nodes = { deploy.nodes = {
@@ -281,6 +296,17 @@
}; };
}; };
sqq1-desk2 = {
hostname = "sqq1-desk2.jakst.vpn";
profiles = {
system = {
sshUser = "motiejus";
path = self.nixosConfigurations.sqq1-desk2.pkgs.deploy-rs.lib.activate.nixos self.nixosConfigurations.sqq1-desk2;
user = "root";
};
};
};
}; };
checks = builtins.mapAttrs ( checks = builtins.mapAttrs (
system: deployLib: system: deployLib:

87
hosts/sqq1-desk2/configuration.nix Normal file
View File

@@ -0,0 +1,87 @@
{
config,
pkgs,
...
}:
let
nvme = "/dev/disk/by-id/nvme-WDC_WDS250G2B0C-00PXH0_2043E7802918";
in
{
imports = [
../../modules
../../modules/profiles/xfce4
../../modules/profiles/btrfs
];
age.secrets = {
motiejus-passwd-hash.file = ../../secrets/motiejus_passwd_hash.age;
root-passwd-hash.file = ../../secrets/root_passwd_hash.age;
};
boot = {
initrd = {
availableKernelModules = [
"xhci_pci"
"thunderbolt"
"ahci"
"usbhid"
"tpm_tis"
];
};
};
swapDevices = [
{
device = "${nvme}-part2";
randomEncryption.enable = true;
}
];
fileSystems = {
"/" = {
device = "${nvme}-part3";
fsType = "btrfs";
options = [ "compress=zstd" ];
};
"/boot" = {
device = "${nvme}-part1";
fsType = "vfat";
};
};
hardware.cpu.intel.updateMicrocode = true;
nixpkgs.hostPlatform = "x86_64-linux";
mj = {
stateVersion = "25.05";
timeZone = "Europe/Vilnius";
username = "motiejus";
base = {
users = {
enable = true;
root.hashedPasswordFile = config.age.secrets.root-passwd-hash.path;
user.hashedPasswordFile = config.age.secrets.motiejus-passwd-hash.path;
};
};
services = {
tailscale = {
enable = true;
verboseLogs = true;
acceptDNS = true;
};
};
};
environment = {
systemPackages = with pkgs; [ ];
};
networking = {
hostId = "ef04ee1";
hostName = "sqq-desk2";
domain = "jakst.vpn";
firewall.rejectPackets = true;
};
}

6
secrets.nix
View File

@@ -11,13 +11,15 @@ let
fra1-c = (import ./data.nix).hosts."fra1-c.jakst.vpn".publicKey; fra1-c = (import ./data.nix).hosts."fra1-c.jakst.vpn".publicKey;
mtworx = (import ./data.nix).hosts."mtworx.jakst.vpn".publicKey; mtworx = (import ./data.nix).hosts."mtworx.jakst.vpn".publicKey;
vno1-gdrx = (import ./data.nix).hosts."vno1-gdrx.jakst.vpn".publicKey; vno1-gdrx = (import ./data.nix).hosts."vno1-gdrx.jakst.vpn".publicKey;
sqq1-desk2 = (import ./data.nix).hosts."sqq1-desk2.jakst.vpn".publicKey;
systems = [ systems = [
fra1-c
mtworx
fwminex fwminex
vno3-nk vno3-nk
fra1-c
vno1-gdrx vno1-gdrx
mtworx sqq1-desk2
]; ];
mk = mk =