diff options
| author | sadbeast <sadbeast@sadbeast.com> | 2024-05-30 00:47:47 +0000 |
|---|---|---|
| committer | sadbeast <sadbeast@sadbeast.com> | 2025-01-11 12:20:20 -0800 |
| commit | 8c12d7db633cc421cd96690d077461cf45195334 (patch) | |
| tree | c3112acb5cd045ceeb2ada81a281a5991b4c501d /hosts/work/default.nix | |
| download | nix-config-8c12d7db633cc421cd96690d077461cf45195334.tar.gz nix-config-8c12d7db633cc421cd96690d077461cf45195334.tar.bz2 | |
Diffstat (limited to 'hosts/work/default.nix')
| -rw-r--r-- | hosts/work/default.nix | 117 |
1 files changed, 117 insertions, 0 deletions
diff --git a/hosts/work/default.nix b/hosts/work/default.nix new file mode 100644 index 0000000..7d68e85 --- /dev/null +++ b/hosts/work/default.nix @@ -0,0 +1,117 @@ +{ + config, + pkgs, + ... +}: { + imports = [ + ./hardware-configuration.nix + + ../common/global + ../common/optional/wireless.nix + ]; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostName = "work"; + + # Slows down write operations considerably + nix.settings.auto-optimise-store = false; + + programs.nix-ld.enable = true; + programs.nix-ld.libraries = with pkgs; [ + # Add any missing dynamic libraries for unpackaged programs + # here, NOT in environment.systemPackages + ]; + + services = { + logind.extraConfig = '' + HandleLidSwitchExternalPower=ignore + ''; + tmate-ssh-server.enable = true; + + xserver = { + enable = true; + displayManager.startx.enable = true; + windowManager.awesome = { + enable = true; + luaModules = with pkgs.luaPackages; [ + luarocks # is the package manager for Lua modules + luadbi-mysql # Database abstraction layer + ]; + }; + }; + }; + + virtualisation = { + docker = { + enable = true; + + daemon.settings = { + userland-proxy = false; + experimental = true; + metrics-addr = "0.0.0.0:9323"; + ipv6 = true; + fixed-cidr-v6 = "fd00::/80"; + }; + # rootless = { + # enable = true; + # setSocketVariable = true; + # }; + storageDriver = "btrfs"; + }; + + libvirtd = { + enable = true; + qemu = { + package = pkgs.qemu_kvm; + runAsRoot = true; + swtpm.enable = true; + ovmf = { + enable = true; + packages = [ + (pkgs.OVMF.override { + secureBoot = true; + tpmSupport = true; + }) + .fd + ]; + }; + }; + }; + }; + + users.users.sadbeast = { + hashedPasswordFile = config.sops.secrets.sadbeast-password.path; + + extraGroups = ["docker" "libvirtd"]; + + subUidRanges = [ + { + startUid = 100000; + count = 65536; + } + ]; + subGidRanges = [ + { + startGid = 100000; + count = 65536; + } + ]; + }; + + environment = { + systemPackages = [ + (pkgs.writeShellScriptBin "qemu-system-x86_64-uefi" '' + qemu-system-x86_64 \ + -bios ${pkgs.OVMF.fd}/FV/OVMF.fd \ + "$@" + '') + pkgs.qemu + ]; + }; + + # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion + system.stateVersion = "24.11"; +} |