From 9fe338b1be110b9c183427b5052bf30f8e64ef1f Mon Sep 17 00:00:00 2001 From: "Casper V. Kristensen" Date: Thu, 28 Mar 2024 17:31:20 +0100 Subject: [PATCH] add sigma --- flake.nix | 6 +++++ hosts/sigma/default.nix | 37 +++++++++++++++++++++++++++++ hosts/sigma/hardware.nix | 51 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 94 insertions(+) create mode 100644 hosts/sigma/default.nix create mode 100644 hosts/sigma/hardware.nix diff --git a/flake.nix b/flake.nix index 7c1786f..30f98c3 100644 --- a/flake.nix +++ b/flake.nix @@ -74,6 +74,12 @@ specialArgs = inputs; # pass flake inputs to modules modules = [./hosts/alpha]; }; + # Home Server + sigma = nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + specialArgs = inputs; # pass flake inputs to modules + modules = [./hosts/sigma]; + }; # Tor relay tor = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; diff --git a/hosts/sigma/default.nix b/hosts/sigma/default.nix new file mode 100644 index 0000000..5d23941 --- /dev/null +++ b/hosts/sigma/default.nix @@ -0,0 +1,37 @@ +{...}: { + imports = [ + ../../overlays + ../../modules/base + ../../modules/server + ./hardware.nix + #./borg.nix + #./network.nix + ]; + + networking.hostName = "sigma"; + + boot = { + loader = { + efi.canTouchEfiVariables = true; + systemd-boot.enable = true; + }; + initrd.luks.devices.crypted.device = "/dev/disk/by-label/crypted"; + }; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It's perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.11"; # Did you read the comment? + + # This value determines the Home Manager release that your + # configuration is compatible with. This helps avoid breakage + # when a new Home Manager release introduces backwards + # incompatible changes. + # You can update Home Manager without changing this value. See + # the Home Manager release notes for a list of state version + # changes in each release. + home-manager.users.caspervk.home.stateVersion = "23.11"; # Did you read the comment? +} diff --git a/hosts/sigma/hardware.nix b/hosts/sigma/hardware.nix new file mode 100644 index 0000000..3039f68 --- /dev/null +++ b/hosts/sigma/hardware.nix @@ -0,0 +1,51 @@ +{ + config, + lib, + pkgs, + modulesPath, + nixos-hardware, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + nixos-hardware.nixosModules.common-cpu-amd + nixos-hardware.nixosModules.common-cpu-amd-pstate + #nixos-hardware.nixosModules.common-gpu-amd + nixos-hardware.nixosModules.common-pc + nixos-hardware.nixosModules.common-pc-ssd + ]; + + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = ["dm-snapshot"]; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; + boot.supportedFilesystems = []; + + # https://elis.nu/blog/2020/05/nixos-tmpfs-as-root/ + fileSystems."/" = { + device = "none"; + fsType = "tmpfs"; + options = ["defaults" "size=2G" "mode=755"]; # mode=755 so only root can write to those files + }; + fileSystems."/boot" = { + device = "/dev/disk/by-label/BOOT"; + fsType = "vfat"; + }; + fileSystems."/nix" = { + device = "/dev/disk/by-label/nix"; + neededForBoot = true; + fsType = "ext4"; + }; + + swapDevices = [ + { + device = "/nix/persist/swapfile"; + size = 16 * 1024; # 16 GiB + } + ]; + + # Enables DHCP on all ethernet and wireless LAN interfaces. + networking.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +}