mirrors_public/oddlama_nix-config
1
1
Fork 1
mirror of https://github.com/oddlama/nix-config.git synced 2025-10-11 07:10:39 +02:00
Code Activity

feat: add odroid-n2 config

Browse source
This commit is contained in:
oddlama 2023-03-11 23:03:52 +01:00
parent 056ce8a553
commit 8c343b8f0f
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
7 changed files with 54 additions and 48 deletions
Download patch file Download diff file Expand all files Collapse all files

62
flake.lock generated
View file

@ -8,11 +8,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1676153903, "lastModified": 1677969766,
"narHash": "sha256-uetRyjgMiZCs6srmZ10M764Vn7F53M9mVuqnzHmyBqU=", "narHash": "sha256-AIp/ZYZMNLDZR/H7iiAlaGpu4lcXsVt9JQpBlf43HRY=",
"owner": "ryantm", "owner": "ryantm",
"repo": "agenix", "repo": "agenix",
"rev": "ea17cc71b4e1bc5b2601f210a1c85db9453ad723", "rev": "03b51fe8e459a946c4b88dcfb6446e45efb2c24e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -23,14 +23,16 @@
}, },
"agenix-rekey": { "agenix-rekey": {
"inputs": { "inputs": {
"flake-utils": "flake-utils" "nixpkgs": [
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1676148182, "lastModified": 1678494029,
"narHash": "sha256-oyZpFRBMluuD0TFPGE3FredFdXvbgvyUiX6nziPjX0k=", "narHash": "sha256-2DV9aeUsFuczk4olt4WtlRVuQwIjF8OFK4EzfJ5JFJA=",
"owner": "oddlama", "owner": "oddlama",
"repo": "agenix-rekey", "repo": "agenix-rekey",
"rev": "100a27170a2943288ede749efde41e22d524370e", "rev": "7eaf151db39f62c9fbde5c19778e3cce3be243ad",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -119,20 +121,6 @@
} }
}, },
"flake-utils": { "flake-utils": {
"locked": {
"lastModified": 1676283394,
"narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073",
"type": "github"
},
"original": {
"id": "flake-utils",
"type": "indirect"
}
},
"flake-utils_2": {
"locked": { "locked": {
"lastModified": 1676283394, "lastModified": 1676283394,
"narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=", "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=",
@ -178,11 +166,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1675935446, "lastModified": 1678464939,
"narHash": "sha256-WajulTn7QdwC7QuXRBavrANuIXE5z+08EdxdRw1qsNs=", "narHash": "sha256-pRMlwOUkO1OwSi7qF6XR/zcocWy/ZYxXgbYWvnZQO9k=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "2dce7f1a55e785a22d61668516df62899278c9e4", "rev": "7224d7c54c5fc74cdf60b208af6148ed3295aa32",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -208,11 +196,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1675933606, "lastModified": 1678397099,
"narHash": "sha256-y427VhPQHOKkYvkc9MMsL/2R7M11rQxzsRdRLM3htx8=", "narHash": "sha256-5xq8YJe+h19TlD+EI4AE/3H3jcCcQ2AWU6CWBVc5tRc=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "44ae00e02e8036a66c08f4decdece7e3bbbefee2", "rev": "556101ff85bd6e20900ec73ee525b935154bc8ea",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -223,11 +211,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1676300157, "lastModified": 1678380223,
"narHash": "sha256-1HjRzfp6LOLfcj/HJHdVKWAkX9QRAouoh6AjzJiIerU=", "narHash": "sha256-HUxnK38iqrX84QdQxbFcosRKV3/koj1Zzp5b5aP4lIo=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "545c7a31e5dedea4a6d372712a18e00ce097d462", "rev": "1e2590679d0ed2cee2736e8b80373178d085d263",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -266,11 +254,11 @@
"nixpkgs-stable": "nixpkgs-stable" "nixpkgs-stable": "nixpkgs-stable"
}, },
"locked": { "locked": {
"lastModified": 1676279938, "lastModified": 1678376203,
"narHash": "sha256-RDyvVdituVQQZtGA7DNaJruJLDz/pfkREpUcI4ZQvsk=", "narHash": "sha256-3tyYGyC8h7fBwncLZy5nCUjTJPrHbmNwp47LlNLOHSM=",
"owner": "cachix", "owner": "cachix",
"repo": "pre-commit-hooks.nix", "repo": "pre-commit-hooks.nix",
"rev": "1583077009b6ef4236d1899c0f43cf1ce1db8085", "rev": "1a20b9708962096ec2481eeb2ddca29ed747770a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -284,7 +272,7 @@
"agenix": "agenix", "agenix": "agenix",
"agenix-rekey": "agenix-rekey", "agenix-rekey": "agenix-rekey",
"colmena": "colmena", "colmena": "colmena",
"flake-utils": "flake-utils_2", "flake-utils": "flake-utils",
"home-manager": "home-manager", "home-manager": "home-manager",
"impermanence": "impermanence", "impermanence": "impermanence",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
@ -311,11 +299,11 @@
}, },
"templates": { "templates": {
"locked": { "locked": {
"lastModified": 1671651249, "lastModified": 1676551231,
"narHash": "sha256-IUXfgNkYxISUWqdWtJ0sGjSmpv9d5EVho7HCEElgBAM=", "narHash": "sha256-JS1o31ew90UiccpoQHxP84Wn0n7ClgyVpAsJV20Ep5E=",
"owner": "NixOS", "owner": "NixOS",
"repo": "templates", "repo": "templates",
"rev": "2d6dcce2f3898090c8eda16a16abdff8a80e8ebf", "rev": "3ac7e8ba52feb2b89e943a6ce0f7a30d6faf81c6",
"type": "github" "type": "github"
}, },
"original": { "original": {

5
flake.nix
View file

@ -24,11 +24,14 @@
inputs.flake-utils.follows = "flake-utils"; inputs.flake-utils.follows = "flake-utils";
}; };
agenix-rekey.url = "github:oddlama/agenix-rekey";
agenix = { agenix = {
url = "github:ryantm/agenix"; url = "github:ryantm/agenix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
agenix-rekey = {
url = "github:oddlama/agenix-rekey";
inputs.nixpkgs.follows = "nixpkgs";
};
templates.url = "github:NixOS/templates"; templates.url = "github:NixOS/templates";
flake-utils.url = "github:numtide/flake-utils"; flake-utils.url = "github:numtide/flake-utils";

20
hosts/zackbiene/default.nix
View file

@ -1,4 +1,5 @@
{ {
lib,
config, config,
nixos-hardware, nixos-hardware,
pkgs, pkgs,
@ -8,7 +9,6 @@
nixos-hardware.common-pc-ssd nixos-hardware.common-pc-ssd
../../modules/core ../../modules/core
../../modules/efi.nix
../../modules/zfs.nix ../../modules/zfs.nix
../../users/root ../../users/root
@ -17,18 +17,30 @@
./net.nix ./net.nix
]; ];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci"]; boot.loader.grub.enable = false;
boot.loader.generic-extlinux-compatible.enable = true;
# Technically generic-extlinux-compatible doesn't support initrd secrets
# but we are just referring to an existing file in /run using agenix,
# so it is fine to pretend that it does have proper support.
boot.loader.supportsInitrdSecrets = true;
boot.initrd.availableKernelModules = ["usbhid" "usb_storage"]; # "dwmac_meson8b" "meson_dw_hdmi" "meson_drm"];
boot.kernelParams = ["console=ttyAML0,115200n8" "console=tty0" "loglevel=7"];
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_5_15;
console.earlySetup = true;
# Fails if there are not SMART devices
services.smartd.enable = lib.mkForce false;
powerManagement.cpuFreqGovernor = "powersave";
services.home-assistant = { services.home-assistant = {
enable = true; enable = true;
extraComponents = ["default_config" "met" "zha"]; extraComponents = ["default_config" "met"];
openFirewall = true; openFirewall = true;
config = { config = {
default_config = {}; default_config = {};
met = {}; met = {};
}; };
}; };
#networking.firewall.allowedTCPPorts = [1883]; #networking.firewall.allowedTCPPorts = [1883];
#services.zigbee2mqtt.enable = true; #services.zigbee2mqtt.enable = true;
#services.zigbee2mqtt.settings = { #services.zigbee2mqtt.settings = {

8
hosts/zackbiene/fs.nix
View file

@ -7,10 +7,12 @@
}; };
"/boot" = { "/boot" = {
device = "/dev/disk/by-uuid/TODO"; device = "/dev/disk/by-uuid/c0bb3411-7af3-4901-83ea-eb2560b11784";
fsType = "vfat"; fsType = "ext4";
}; };
}; };
swapDevices = []; swapDevices = [
{device = "/dev/disk/by-uuid/a4a5fee7-2b6f-4cec-9ec9-fc4b71e8055a";}
];
} }

4
hosts/zackbiene/net.nix
View file

@ -1,12 +1,12 @@
{ {
networking = { networking = {
hostId = "68a7bba3"; hostId = "f7e6acdc";
}; };
systemd.network.networks = { systemd.network.networks = {
"10-lan1" = { "10-lan1" = {
DHCP = "yes"; DHCP = "yes";
matchConfig.MACAddress = "TODO"; matchConfig.MACAddress = "00:00:00:00:00:00";
networkConfig.IPv6PrivacyExtensions = "kernel"; networkConfig.IPv6PrivacyExtensions = "kernel";
dhcpV4Config.RouteMetric = 10; dhcpV4Config.RouteMetric = 10;
dhcpV6Config.RouteMetric = 10; dhcpV6Config.RouteMetric = 10;

1
modules/core/default.nix
View file

@ -78,6 +78,7 @@ in {
users.mutableUsers = false; users.mutableUsers = false;
# Setup to use Secrets # Setup to use Secrets
rekey.forceRekeyOnSystem = "x86_64-linux";
rekey.hostPubkey = ../../secrets/pubkeys + "/${config.networking.hostName}.pub"; rekey.hostPubkey = ../../secrets/pubkeys + "/${config.networking.hostName}.pub";
rekey.masterIdentities = [../../secrets/yk1-nix-rage.pub]; rekey.masterIdentities = [../../secrets/yk1-nix-rage.pub];
rekey.extraEncryptionPubkeys = [../../secrets/backup.pub]; rekey.extraEncryptionPubkeys = [../../secrets/backup.pub];

2
secrets/pubkeys/zackbiene.pub
View file

@ -1 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICOdYhY/DnXpizajoeLefH6gsc/RX9x3Y6T3C1a+0sb0 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJVBhqJKfIBWOwXHGNjlskKMIpCuL3qjOjKiXyF8hkGT