add pornocauster systems
This commit is contained in:
parent
3496e86900
commit
f666c21790
43
makefu/1systems/pornocauster.nix
Normal file
43
makefu/1systems/pornocauster.nix
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
#
|
||||||
|
#
|
||||||
|
#
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports =
|
||||||
|
[ # Include the results of the hardware scan.
|
||||||
|
../2configs/base.nix
|
||||||
|
../2configs/base-gui.nix
|
||||||
|
../2configs/tinc-basic-retiolum.nix
|
||||||
|
#../2configs/sda-crypto-root.nix
|
||||||
|
../2configs/sda-crypto-root-home.nix
|
||||||
|
# hardware specifics are in here
|
||||||
|
../2configs/tp-x200.nix
|
||||||
|
|
||||||
|
#../2configs/disable_v6.nix
|
||||||
|
#../2configs/rad1o.nix
|
||||||
|
|
||||||
|
#../2configs/exim-retiolum.nix
|
||||||
|
];
|
||||||
|
# not working in vm
|
||||||
|
krebs.build.host = config.krebs.hosts.pornocauster;
|
||||||
|
krebs.build.user = config.krebs.users.makefu;
|
||||||
|
krebs.build.target = "root@localhost";
|
||||||
|
|
||||||
|
boot.kernelModules = [ "kvm-intel" ];
|
||||||
|
|
||||||
|
|
||||||
|
networking.firewall.allowedTCPPorts = [
|
||||||
|
25
|
||||||
|
];
|
||||||
|
|
||||||
|
krebs.build.deps = {
|
||||||
|
nixpkgs = {
|
||||||
|
#url = https://github.com/NixOS/nixpkgs;
|
||||||
|
# rev=$(curl https://nixos.org/channels/nixos-unstable/git-revision -L)
|
||||||
|
url = https://github.com/makefu/nixpkgs;
|
||||||
|
#rev = "8b8b65da24f13f9317504e8bcba476f9161613fe";
|
||||||
|
rev = "f5fe787f778b872c6b2221598501c9310cb83915";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
35
makefu/2configs/sda-crypto-root-home.nix
Normal file
35
makefu/2configs/sda-crypto-root-home.nix
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
# sda: bootloader grub2
|
||||||
|
# sda1: boot ext4 (label nixboot)
|
||||||
|
# sda2: cryptoluks -> ext4
|
||||||
|
with lib;
|
||||||
|
{
|
||||||
|
boot = {
|
||||||
|
loader.grub.enable =true;
|
||||||
|
loader.grub.version =2;
|
||||||
|
loader.grub.device = "/dev/sda";
|
||||||
|
|
||||||
|
initrd.luks.devices = [ { name = "main"; device = "/dev/sda2"; allowDiscards=true; }];
|
||||||
|
initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ];
|
||||||
|
initrd.availableKernelModules = ["xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
|
||||||
|
};
|
||||||
|
fileSystems = {
|
||||||
|
"/" = {
|
||||||
|
device = "/dev/mapper/main-root";
|
||||||
|
fsType = "ext4";
|
||||||
|
options="defaults,discard";
|
||||||
|
};
|
||||||
|
# TODO: just import sda-crypto-root, add this device
|
||||||
|
"/home" = {
|
||||||
|
device = "/dev/mapper/main-home";
|
||||||
|
fsType = "ext4";
|
||||||
|
options="defaults,discard";
|
||||||
|
};
|
||||||
|
"/boot" = {
|
||||||
|
device = "/dev/disk/by-label/nixboot";
|
||||||
|
fsType = "ext4";
|
||||||
|
options="defaults,discard";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user