176 lines
4.2 KiB
Nix
176 lines
4.2 KiB
Nix
{
|
|
inputs,
|
|
configVars,
|
|
lib,
|
|
config,
|
|
outputs,
|
|
...
|
|
}: let
|
|
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
|
|
dev = "/dev/disk/by-id/wwn-0x5001b448b5f7cc7f";
|
|
encrypted = false; # currrently only applies to btrfs
|
|
btrfsMountDevice = "/dev/disk/by-id/wwn-0x5001b448b5f7cc7f-part2";
|
|
impermanence = true;
|
|
|
|
homeshareDataLocation = configVars.locations.homeshareDataLocation;
|
|
|
|
piholeIp = configVars.networking.addresses.pihole.ip;
|
|
gatewayIp = configVars.networking.addresses.gateway.ip;
|
|
merlinIp = configVars.networking.addresses.merlin.ip;
|
|
in {
|
|
imports = [
|
|
# Create users for this host
|
|
../common/users/admin
|
|
|
|
# Disk configuration
|
|
inputs.disko.nixosModules.disko
|
|
(import ../common/disks {
|
|
device = dev;
|
|
impermanence = impermanence;
|
|
fsType = fsType;
|
|
encrypted = encrypted;
|
|
})
|
|
|
|
# Impermanence
|
|
../common/optional/persistence.nix
|
|
(import ../common/disks/btrfs/impermanence.nix {
|
|
btrfsMountDevice = btrfsMountDevice;
|
|
lib = lib;
|
|
})
|
|
|
|
# Import core options
|
|
./hardware-configuration.nix
|
|
../common/core
|
|
|
|
# Import optional options
|
|
../common/optional/openssh.nix
|
|
../common/optional/restic-backup.nix
|
|
../common/optional/docker.nix
|
|
../common/optional/nix-ld.nix
|
|
../common/optional/fileserver/nfs-server/homeshare.nix
|
|
|
|
# Nixos containers
|
|
../common/optional/nixos-containers/docker.nix
|
|
../common/optional/nixos-containers/baseddata-worker.nix
|
|
../common/optional/nixos-containers/pihole.nix
|
|
../common/optional/nixos-containers/semitamaps-worker.nix
|
|
../common/optional/nixos-containers/nix-bitcoin.nix
|
|
../common/optional/nixos-containers/postgres.nix
|
|
../common/optional/nixos-containers/baseddata-worker.nix
|
|
../common/optional/nixos-containers/backup-server.nix
|
|
../common/optional/nixos-containers/metrics-server.nix
|
|
|
|
# This machine is used for remote building
|
|
../common/optional/distributed-builds/remote-builder-machine.nix
|
|
|
|
outputs.nixosModules.nixosAutoUpgrade
|
|
];
|
|
|
|
boot = {
|
|
loader = {
|
|
systemd-boot.enable = true;
|
|
efi.canTouchEfiVariables = true;
|
|
timeout = 3;
|
|
};
|
|
};
|
|
|
|
fileSystems."/mnt/main-ssd" = {
|
|
device = "/dev/disk/by-uuid/ba884006-e813-4b67-9fe6-62aea08b3b59";
|
|
fsType = "ext4";
|
|
};
|
|
|
|
fileSystems."/mnt/btcnode" = {
|
|
device = "/dev/disk/by-uuid/1dc56ec7-322f-44be-b6ad-79360fdfef93";
|
|
fsType = "btrfs";
|
|
};
|
|
|
|
networking = {
|
|
hostName = "merlin";
|
|
nameservers = ["${piholeIp}" "${gatewayIp}" "8.8.8.8"];
|
|
defaultGateway = "${gatewayIp}";
|
|
useDHCP = false;
|
|
enableIPv6 = false;
|
|
bridges = {
|
|
br0 = {
|
|
interfaces = ["eth0"];
|
|
};
|
|
};
|
|
interfaces.br0 = {
|
|
ipv4.addresses = [
|
|
{
|
|
"address" = "${merlinIp}";
|
|
"prefixLength" = 24;
|
|
}
|
|
];
|
|
};
|
|
};
|
|
|
|
environment.persistence."/persist" = {
|
|
directories = [
|
|
"/etc/zpool"
|
|
"/var/lib/tailscale"
|
|
];
|
|
};
|
|
|
|
services.restic.backups = {
|
|
daily = {
|
|
paths = [
|
|
homeshareDataLocation
|
|
];
|
|
};
|
|
};
|
|
|
|
# Enable OpenGL
|
|
hardware.graphics = {
|
|
enable = true;
|
|
};
|
|
|
|
# enable tailscale
|
|
services.tailscale.useRoutingFeatures = "server";
|
|
services.tailscale.enable = true;
|
|
|
|
nixpkgs.config.allowUnfreePredicate = pkg:
|
|
builtins.elem (lib.getName pkg) [
|
|
"nvidia-x11"
|
|
"nvidia-settings"
|
|
"nvidia-persistenced"
|
|
];
|
|
|
|
# Load nvidia driver
|
|
services.xserver.videoDrivers = ["nvidia"];
|
|
hardware.nvidia = {
|
|
modesetting.enable = true;
|
|
powerManagement.enable = false;
|
|
open = false;
|
|
nvidiaSettings = false;
|
|
package = config.boot.kernelPackages.nvidiaPackages.stable;
|
|
};
|
|
|
|
system.services.nixosAutoUpgrade = {
|
|
enable = true;
|
|
persistent = false;
|
|
reboot = true;
|
|
pushUpdates = true;
|
|
configDir = "/etc/nixos";
|
|
onCalendar = "*-*-* 03:00:00";
|
|
user = "admin";
|
|
};
|
|
|
|
services.prometheus = {
|
|
exporters = {
|
|
node = {
|
|
enable = true;
|
|
enabledCollectors = ["systemd"];
|
|
openFirewall = true;
|
|
};
|
|
};
|
|
};
|
|
|
|
boot.supportedFilesystems = ["zfs"];
|
|
boot.zfs.forceImportRoot = false;
|
|
networking.hostId = "18aec5d7";
|
|
boot.zfs.extraPools = ["deepzfs" "nvme-zpool"];
|
|
|
|
services.libinput.enable = true;
|
|
}
|