add pornocauster systems
This commit is contained in:
parent
3496e86900
commit
f666c21790
43
makefu/1systems/pornocauster.nix
Normal file
43
makefu/1systems/pornocauster.nix
Normal file
@ -0,0 +1,43 @@
|
||||
#
|
||||
#
|
||||
#
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
../2configs/base.nix
|
||||
../2configs/base-gui.nix
|
||||
../2configs/tinc-basic-retiolum.nix
|
||||
#../2configs/sda-crypto-root.nix
|
||||
../2configs/sda-crypto-root-home.nix
|
||||
# hardware specifics are in here
|
||||
../2configs/tp-x200.nix
|
||||
|
||||
#../2configs/disable_v6.nix
|
||||
#../2configs/rad1o.nix
|
||||
|
||||
#../2configs/exim-retiolum.nix
|
||||
];
|
||||
# not working in vm
|
||||
krebs.build.host = config.krebs.hosts.pornocauster;
|
||||
krebs.build.user = config.krebs.users.makefu;
|
||||
krebs.build.target = "root@localhost";
|
||||
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
|
||||
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
25
|
||||
];
|
||||
|
||||
krebs.build.deps = {
|
||||
nixpkgs = {
|
||||
#url = https://github.com/NixOS/nixpkgs;
|
||||
# rev=$(curl https://nixos.org/channels/nixos-unstable/git-revision -L)
|
||||
url = https://github.com/makefu/nixpkgs;
|
||||
#rev = "8b8b65da24f13f9317504e8bcba476f9161613fe";
|
||||
rev = "f5fe787f778b872c6b2221598501c9310cb83915";
|
||||
};
|
||||
};
|
||||
}
|
35
makefu/2configs/sda-crypto-root-home.nix
Normal file
35
makefu/2configs/sda-crypto-root-home.nix
Normal file
@ -0,0 +1,35 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
# sda: bootloader grub2
|
||||
# sda1: boot ext4 (label nixboot)
|
||||
# sda2: cryptoluks -> ext4
|
||||
with lib;
|
||||
{
|
||||
boot = {
|
||||
loader.grub.enable =true;
|
||||
loader.grub.version =2;
|
||||
loader.grub.device = "/dev/sda";
|
||||
|
||||
initrd.luks.devices = [ { name = "main"; device = "/dev/sda2"; allowDiscards=true; }];
|
||||
initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ];
|
||||
initrd.availableKernelModules = ["xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
|
||||
};
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
device = "/dev/mapper/main-root";
|
||||
fsType = "ext4";
|
||||
options="defaults,discard";
|
||||
};
|
||||
# TODO: just import sda-crypto-root, add this device
|
||||
"/home" = {
|
||||
device = "/dev/mapper/main-home";
|
||||
fsType = "ext4";
|
||||
options="defaults,discard";
|
||||
};
|
||||
"/boot" = {
|
||||
device = "/dev/disk/by-label/nixboot";
|
||||
fsType = "ext4";
|
||||
options="defaults,discard";
|
||||
};
|
||||
};
|
||||
}
|
Loading…
Reference in New Issue
Block a user