diff --git a/nixos/conf b/nixos/conf index ed7a7f7..8b6da81 100755 --- a/nixos/conf +++ b/nixos/conf @@ -6,8 +6,9 @@ then fi export NIX_PATH=yori-nix=$PWD host=$1 -TARGET_HOST=$(nix eval --raw -f vpn.nix ips.$host) -TARGET_HOST=$(ssh $TARGET_HOST ip --json r get 1.1.1.1 | jq -r '.[0].prefsrc') +TARGET_HOST=192.168.178.83 +#TARGET_HOST=$(nix eval --raw -f vpn.nix ips.$host) +#TARGET_HOST=$(ssh $TARGET_HOST ip --json r get 1.1.1.1 | jq -r '.[0].prefsrc') #TARGET_HOST=192.168.178.1 case $2 in copy-keys) diff --git a/nixos/keys/wg.smithers.key b/nixos/keys/wg.smithers.key new file mode 100644 index 0000000..73d1bab Binary files /dev/null and b/nixos/keys/wg.smithers.key differ diff --git a/nixos/logical/smithers.nix b/nixos/logical/smithers.nix new file mode 100644 index 0000000..32c0c41 --- /dev/null +++ b/nixos/logical/smithers.nix @@ -0,0 +1,27 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, lib, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ../physical/x11-hardware-config.nix + ../roles/workstation.nix + + ]; + yorick.lumi-vpn.enable = lib.mkForce false; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.zfs.requestEncryptionCredentials = true; + + networking.hostName = "smithers"; # Define your hostname. + networking.wireless.iwd.enable = true; + networking.hostId = "54a8968e"; + + system.stateVersion = "21.05"; # Did you read the comment? + boot.kernelPackages = pkgs.linuxPackages_latest; # new hardware + +} diff --git a/nixos/overlay.nix b/nixos/overlay.nix index 0d7aa42..29916ab 100644 --- a/nixos/overlay.nix +++ b/nixos/overlay.nix @@ -1,4 +1,4 @@ -let names = [ "pennyworth" "jarvis" "blackadder" "woodhouse" "frumar" "zazu" ]; +let names = [ "pennyworth" "jarvis" "blackadder" "woodhouse" "frumar" "zazu" "smithers" ]; in pkgs: super: { yorick = (super.yorick or { }) // rec { nixos = configuration: extraArgs: diff --git a/nixos/physical/x11-hardware-config.nix b/nixos/physical/x11-hardware-config.nix new file mode 100644 index 0000000..00dead6 --- /dev/null +++ b/nixos/physical/x11-hardware-config.nix @@ -0,0 +1,41 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "rpool/root/nixos"; + fsType = "zfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/16F9-B1B7"; + fsType = "vfat"; + }; + + fileSystems."/home" = + { device = "rpool/root/home"; + fsType = "zfs"; + }; + + fileSystems."/tmp" = + { device = "rpool/root/tmp"; + fsType = "zfs"; + }; + + swapDevices = [ ]; + + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + # high-resolution display + hardware.video.hidpi.enable = lib.mkDefault true; +} diff --git a/nixos/vpn.nix b/nixos/vpn.nix index 30fa65f..aeea09e 100644 --- a/nixos/vpn.nix +++ b/nixos/vpn.nix @@ -6,6 +6,7 @@ woodhouse = "10.209.0.4"; blackadder = "10.209.0.6"; zazu = "10.209.0.7"; + smithers = "10.209.0.8"; }; keys = { # for i in wg.*.key; do echo $(echo $i | cut -d. -f2) = \"$(wg pubkey < $i)\"\;; done @@ -15,5 +16,6 @@ pennyworth = "XoeUMsiSOWBFEFuAu+S4iQd3MzkyGhIj9dtxzZ0I500="; woodhouse = "ICzlnC4zKUYvpQ0o5AFq2rG7CCqWUFVn3UqkLSoYNgI="; zazu = "6X5EdNMO1MtFi18LCRGZ2cBD0d50Wq+pwkwVubjY1Ew="; + smithers = "CXsx26Xi+mBeuB6U8hdeuOBC3o4gTnBc6biez/BCqzM="; }; }