From b339590cefc67a7c4d5f600be086cdcf10c8c500 Mon Sep 17 00:00:00 2001 From: Craige McWhirter Date: Wed, 22 May 2024 21:31:36 +1000 Subject: [PATCH] sanganto: initial commit --- hosts/sanganto.nix | 126 +++++++++++++++++++++++++++++++++++++++++++++ nixops.nix | 1 + 2 files changed, 127 insertions(+) create mode 100644 hosts/sanganto.nix diff --git a/hosts/sanganto.nix b/hosts/sanganto.nix new file mode 100644 index 0000000..12f449e --- /dev/null +++ b/hosts/sanganto.nix @@ -0,0 +1,126 @@ +# NixOS configuration for ŝanĝanto +{ + config, + pkgs, + ... +}: { + imports = [ + ../hardware/system76_thelioMira.nix # Include results of the hardware scan. + ../profiles/cron-craige.nix # Provide Craige's cron jobs + ../profiles/desktopCraige.nix # Craige's desktop tools and apps + ../profiles/haskell-dev.nix # Haskell dev environment + ../profiles/host_common.nix # Common host configuration options + ../profiles/iog.nix # IOHK environment + ../profiles/keyboard.nix + ../profiles/neomutt.nix # Neomutt email + ../profiles/nix-community.nix # Nix community aarch64 tooling + ../profiles/nixpkgs-dev.nix # Nix pkgs dev tools + ../profiles/openssh.nix # Enable and configure openssh + ../profiles/pantheon.nix # Enable and configure the pantheon desktop + ../profiles/pipewire.nix # Enable and pipewire audio system + ../profiles/xmonad.nix # Xmonad desktop environment + ../profiles/yubikey.nix # Yubikey tooling + ../secrets/craige.nix # Ssshhhhh! + ../secrets/root.nix # Ssshhhhh! + ]; + + deployment.targetHost = "10.42.0.11"; + + nixpkgs = { + config = { + allowUnfree = true; + permittedInsecurePackages = [ + "openssl-1.0.2u" + ]; + }; + overlays = [(import ../overlays/ncmpcpp.nix)]; + }; + + boot = { + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + kernel.sysctl."net.ipv4.ip_forward" = "1"; + extraModprobeConfig = "options kvm_intel nested=1"; + }; + + networking = { + hostName = "sanganto"; # Define your hostname. + networkmanager.enable = true; # Enables network support via NetworkManager. + }; + + fonts.packages = with pkgs; [ + anonymousPro + dejavu_fonts # A typeface family based on the Bitstream Vera fonts + fira-code # Monospace font with programming ligaturess + font-awesome + hack-font # A typeface designed for source code + jetbrains-mono + nerdfonts # Iconic font aggregator, collection, & patcher + open-sans # Used in in my polybar configuration + xkcd-font # Font based handwriting in xkcd comics + ]; + + # List packages installed in system profile. To search, run: + environment.systemPackages = with pkgs; [ + ]; + + services = { + acpid.enable = true; + blueman.enable = true; + gvfs.enable = true; # required by pcmanfm + kbfs.enable = true; + }; + + networking.firewall = { + enable = true; + checkReversePath = false; # Needed for libvirtd + allowedTCPPorts = [15000]; + }; + + # Virtualisation configuration: + virtualisation = { + libvirtd = { + enable = true; # Enable libvirtd + qemu = { + #package = pkgs.qemu_kvm; # Enable guest only for the same arch + package = pkgs.qemu; # Enable full emulation + verbatimConfig = '' + user = "craige" + group = "libvirtd" + ''; + }; + onShutdown = "shutdown"; # Set gust VMs to shutdown on host shutdown + extraConfig = '' + disk_bus = "virtio" + ''; + }; + }; + + # Enable sound. + sound.enable = true; + hardware = { + bluetooth = { + enable = true; + settings = {Policy = {AutoEnable = "true";};}; + }; + opengl.enable = true; + }; + + # The below pair are set to overcome flakey connections / busy servers that + # fail to respond to ssh keep alive requests, sometimes triggering: + # client_loop: send disconnect: Broken pipe + programs.ssh.extraConfig = '' + ServerAliveInterval 20 + TCPKeepAlive no + ''; + + users.groups = {lp.members = ["messagebus"];}; + + # This value determines the NixOS release with which your system is to be + # compatible, in order to avoid breaking some software such as database + # servers. You should change this only after NixOS release notes say you + # should. + system.stateVersion = "23.05"; # Did you read the comment? +} diff --git a/nixops.nix b/nixops.nix index 3b17923..74f5099 100644 --- a/nixops.nix +++ b/nixops.nix @@ -27,6 +27,7 @@ eamhair = import hosts/eamhair.nix; ceitidh = import hosts/ceitidh.nix; paidh-uachdar = import hosts/paidh-uachdar.nix; + sanganto = import hosts/sanganto.nix; sercanto = import hosts/sercanto.nix; sithlainnir = import hosts/sithlainnir.nix; teintidh = import hosts/teintidh.nix;