challenger: finalize init
This commit is contained in:
parent
097ded10b5
commit
8ab2615279
10
.sops.yaml
10
.sops.yaml
|
@ -1,15 +1,14 @@
|
||||||
keys:
|
keys:
|
||||||
- &user_felixalb_old age1n6j9umxfn5ekvmsrqngdhux0y994yh72sd5xdt6sxec86k4dyu9shsgjkw
|
- &host_challenger age1j43eqpnq5hy6zt3gmdtzdnne2yfvccd832kpt69qavst44leec6sj2l773
|
||||||
- &user_felixalb age1nj7ju6f3jfvzw4c0sxywthjmztwp7rwqceun8xw2tlfrt7qymatser4vqf
|
|
||||||
- &host_voyager age14jzavfeg47pgnrstea6yzvh3s3a578nj8hkk8g79vxyzpn86gslscp23qu
|
|
||||||
- &host_defiant age128md9emufxu35kgww3a90sw40vvc60f5xul9n9ndvw4lfnj3ndaqq44u64
|
- &host_defiant age128md9emufxu35kgww3a90sw40vvc60f5xul9n9ndvw4lfnj3ndaqq44u64
|
||||||
|
- &host_voyager age14jzavfeg47pgnrstea6yzvh3s3a578nj8hkk8g79vxyzpn86gslscp23qu
|
||||||
|
- &user_felixalb age1nj7ju6f3jfvzw4c0sxywthjmztwp7rwqceun8xw2tlfrt7qymatser4vqf
|
||||||
|
|
||||||
creation_rules:
|
creation_rules:
|
||||||
# Global secrets
|
# Global secrets
|
||||||
- path_regex: secrets/[^/]+\.yaml$
|
- path_regex: secrets/[^/]+\.yaml$
|
||||||
key_groups:
|
key_groups:
|
||||||
- age:
|
- age:
|
||||||
- *user_felixalb_old
|
|
||||||
- *user_felixalb
|
- *user_felixalb
|
||||||
|
|
||||||
# Host specific secrets
|
# Host specific secrets
|
||||||
|
@ -17,7 +16,6 @@ creation_rules:
|
||||||
key_groups:
|
key_groups:
|
||||||
- age:
|
- age:
|
||||||
- *host_voyager
|
- *host_voyager
|
||||||
- *user_felixalb_old
|
|
||||||
- *user_felixalb
|
- *user_felixalb
|
||||||
|
|
||||||
- path_regex: secrets/defiant/[^/]+\.yaml$
|
- path_regex: secrets/defiant/[^/]+\.yaml$
|
||||||
|
@ -29,5 +27,5 @@ creation_rules:
|
||||||
- path_regex: secrets/challenger/[^/]+\.yaml$
|
- path_regex: secrets/challenger/[^/]+\.yaml$
|
||||||
key_groups:
|
key_groups:
|
||||||
- age:
|
- age:
|
||||||
# - *host_defiant
|
- *host_challenger
|
||||||
- *user_felixalb
|
- *user_felixalb
|
||||||
|
|
1
base.nix
1
base.nix
|
@ -57,6 +57,7 @@
|
||||||
rsync
|
rsync
|
||||||
screen
|
screen
|
||||||
unzip
|
unzip
|
||||||
|
vim
|
||||||
wget
|
wget
|
||||||
zip
|
zip
|
||||||
];
|
];
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
hostName = "challenger";
|
hostName = "challenger";
|
||||||
bridges.br0.interfaces = [ "eno1" ]; # TODO
|
bridges.br0.interfaces = [ "enp5s0" ];
|
||||||
interfaces.br0.useDHCP = false;
|
interfaces.br0.useDHCP = false;
|
||||||
interfaces.br0.ipv4.addresses = [
|
interfaces.br0.ipv4.addresses = [
|
||||||
{ address = "192.168.10.161"; prefixLength = 24; }
|
{ address = "192.168.10.161"; prefixLength = 24; }
|
||||||
|
|
|
@ -6,7 +6,7 @@
|
||||||
|
|
||||||
# Local zfs
|
# Local zfs
|
||||||
boot = {
|
boot = {
|
||||||
zfs.extraPools = [ "tank" ];
|
# zfs.extraPools = [ "tank" ];
|
||||||
supportedFilesystems = [ "zfs" ];
|
supportedFilesystems = [ "zfs" ];
|
||||||
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
|
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
|
||||||
};
|
};
|
||||||
|
|
|
@ -8,22 +8,26 @@
|
||||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "mpt3sas" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
|
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
|
||||||
boot.initrd.kernelModules = [ ];
|
boot.initrd.kernelModules = [ ];
|
||||||
boot.kernelModules = [ ];
|
boot.kernelModules = [ "kvm-amd" ];
|
||||||
boot.extraModulePackages = [ ];
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
fileSystems."/" =
|
fileSystems."/" =
|
||||||
{ device = "/dev/disk/by-uuid/TODO";
|
{ device = "/dev/disk/by-uuid/a4ed02e2-4223-4686-95b0-b29cbd517afe";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/boot" =
|
fileSystems."/boot" =
|
||||||
{ device = "/dev/disk/by-uuid/TODO";
|
{ device = "/dev/disk/by-uuid/2467-77B7";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
|
options = [ "fmask=0077" "dmask=0077" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [ ];
|
swapDevices = [ {
|
||||||
|
device = "/swapfile";
|
||||||
|
size = 16*1024;
|
||||||
|
} ];
|
||||||
|
|
||||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||||
|
|
Loading…
Reference in New Issue