hello woodhouse

network.nix

@@ -12,4 +12,8 @@ with (import <secrets>).hostnames; {
 		imports = [./pennyworth/configuration.nix];
 		deployment.targetHost = pennyworth;
 	};
+	woodhouse = {
+		imports = [./woodhouse/configuration.nix];
+		deployment.targetHost = woodhouse;
+	};
 }

woodhouse/configuration.nix

@@ -0,0 +1,99 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, lib, ... }:
+let
+  secrets = import <secrets>;
+in
+{
+  imports =
+    [ # Include the results of the hardware scan.
+      ./hardware-configuration.nix
+      ../roles/common.nix
+      ../modules/tor-hidden-service.nix
+      ../roles/graphical.nix
+    ];
+
+  # Use the gummiboot efi boot loader.
+  boot.loader.gummiboot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = secrets.hostnames.woodhouse;
+
+  # Select internationalisation properties.
+  # i18n = {
+  #   consoleFont = "Lat2-Terminus16";
+  #   consoleKeyMap = "us";
+  #   defaultLocale = "en_US.UTF-8";
+  # };
+
+
+  # List services that you want to enable:
+
+  # Enable the OpenSSH daemon.
+  services.openssh.enable = true;
+
+
+  # root password is useful from console, ssh has password logins disabled
+  users.extraUsers.root.hashedPassword = secrets.pennyworth_hashedPassword; # TODO: generate own
+
+
+  # Enable CUPS to print documents.
+  # services.printing.enable = true;
+
+  # Enable the X11 windowing system.
+  # services.xserver.enable = true;
+  # services.xserver.layout = "us";
+  # services.xserver.xkbOptions = "eurosign:e";
+
+  # Enable the KDE Desktop Environment.
+  # services.xserver.displayManager.kdm.enable = true;
+  # services.xserver.desktopManager.kde4.enable = true;
+
+  # The NixOS release to be compatible with for stateful data such as databases.
+  system.stateVersion = "16.03";
+
+
+  services.redshift.enable = lib.mkOverride 30 false;
+  services.xserver = {
+  	#windowManager.i3.enable = true;
+  	desktopManager.e19.enable = true;
+  	displayManager.slim.autoLogin = true;
+  };
+
+  users.extraUsers.yorick.hashedPassword = secrets.yorick_hashedPassword;
+
+  environment.systemPackages = with pkgs; [
+    btrfs-progs
+  ];
+  services.tor.hiddenServices = [
+    { name = "ssh";
+      port = 22;
+      hostname = secrets.tor_hostnames."ssh.woodhouse";
+      private_key = "/run/keys/torkeys/ssh.woodhouse.key"; }
+  ];
+
+  system.fsPackages = [ pkgs.sshfsFuse ];
+  fileSystems."/mnt/frumar" = {
+    # todo:  "ServerAliveCountMax=3" "ServerAliveInterval=30"
+
+    device = "${pkgs.sshfsFuse}/bin/sshfs#yorick@" + secrets.hostnames.frumar + ":/data/yorick";
+    fsType = "fuse";
+    options = ["noauto" "x-systemd.automount" "_netdev" "users" "idmap=user"
+               "defaults" "allow_other" "transform_symlinks" "default_permissions"
+               "uid=1000"
+               "reconnect" "IdentityFile=/root/.ssh/id_sshfs"];
+  };
+  fileSystems."/mnt/alphonse" = {
+    device = "${pkgs.sshfsFuse}/bin/sshfs#yorick@quassel.rasusan.nl:/mnt/storinator";
+    fsType = "fuse";
+    options = ["noauto" "x-systemd.automount" "_netdev" "users" "idmap=user"
+               "defaults" "allow_other" "transform_symlinks" "default_permissions"
+               "uid=1000"
+               "reconnect" "IdentityFile=/root/.ssh/id_sshfs" "port=15777"];
+  };
+
+  networking.firewall.allowedTCPPorts = [7 8080 9090 9777]; # kodi
+
+}

woodhouse/hardware-configuration.nix

@@ -0,0 +1,32 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, ... }:
+
+{
+  imports =
+    [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+    ];
+
+  boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+  hardware.cpu.intel.updateMicrocode = true;
+
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/fa5026b1-0f73-4233-a417-780c65f3f038";
+      fsType = "btrfs";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/729B-0F6C";
+      fsType = "vfat";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/086b6aaa-a737-4747-91d6-b4923bf14858"; }
+    ];
+
+  nix.maxJobs = lib.mkDefault 4;
+}