nixos/hosts/merlin/default.nix

98 lines
2.1 KiB
Nix

{
inputs,
configVars,
lib,
...
}: let
# Disko setup
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
dev = "/dev/disk/by-id/wwn-0x5001b448b5f7cc7f";
encrypted = false; # currrently only applies to btrfs
btrfsMountDevice =
if encrypted
then "/dev/mapper/crypted"
else "/dev/root_vg/root";
impermanence = true;
pubKeys = lib.filesystem.listFilesRecursive ../common/users/keys;
piholeIp = configVars.networking.addresses.pihole.ip;
gatewayIp = configVars.networking.addresses.gateway.ip;
merlinIp = configVars.networking.addresses.merlin.ip;
in {
imports = [
# Create users for this host
../common/users/admin
# Disk configuration
inputs.disko.nixosModules.disko
(import ../common/disks {
device = dev;
impermanence = impermanence;
fsType = fsType;
encrypted = encrypted;
})
# Impermanence
../common/optional/persistence.nix
(import ../common/disks/btrfs/impermanence.nix {
btrfsMountDevice = btrfsMountDevice;
lib = lib;
})
# Import core options
./hardware-configuration.nix
../common/core
# Import optional options
../common/optional/openssh.nix
];
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
timeout = 3;
};
};
users.users = {
root = {
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
};
};
networking = {
hostName = "merlin";
nameservers = ["${piholeIp}" "${gatewayIp}" "8.8.8.8"];
defaultGateway = "${gatewayIp}";
useDHCP = false;
bridges = {
br0 = {
interfaces = ["eth0"];
};
};
interfaces.br0 = {
ipv4.addresses = [
{
"address" = "${merlinIp}";
"prefixLength" = 24;
}
];
};
};
environment.persistence."/persist" = {
directories = [
"/etc/zpool"
];
};
boot.supportedFilesystems = ["zfs"];
boot.zfs.forceImportRoot = false;
networking.hostId = "18aec5d7";
boot.zfs.extraPools = ["deepzfs"];
services.libinput.enable = true;
}