restructure folder organisation

2025-05-24 09:54:40 +02:00 · 2022-12-05 20:32:39 +01:00 · 2022-12-05 20:32:39 +01:00 · 9cf7be677d
commit 9cf7be677d
parent 599d55fa6a
72 changed files with 95 additions and 98 deletions
--- a/machines/core/core.nix
+++ b/machines/core/core.nix
@ -0,0 +1,43 @@
+{ config, pkgs, lib, ... }:
+{
+  # Packages
+  environment.systemPackages = with pkgs; [
+    bandwhich
+    bind # dig
+    borgbackup
+    cryptsetup
+    file
+    fzf
+    gettext
+    git
+    gitAndTools.delta
+    gnufdisk
+    gptfdisk
+    htop
+    jq
+    killall
+    lsof
+    mosh
+    multipath-tools #-> kpartx
+    mtr
+    nix-index
+    nmap
+    nmon
+    pciutils
+    pv
+    reptyr
+    rsync
+    screen
+    stress-ng
+    usbutils
+    tmux
+    vim
+    wget
+    whois
+    zip
+    unzip
+  ];
+
+  time.timeZone = "Europe/Berlin";
+  services.timesyncd.enable = true;
+}
--- a/machines/core/default.nix
+++ b/machines/core/default.nix
@ -0,0 +1,6 @@
+[
+  ./core.nix
+  ./modules.nix
+  ./network.nix
+  ./users.nix
+]
--- a/machines/core/modules.nix
+++ b/machines/core/modules.nix
@ -0,0 +1,29 @@
+{ config, lib, pkgs, ... }:
+
+{
+  # Enable all firmware modules, so that bluetooth and wifi modules can load
+  # https://github.com/NixOS/nixpkgs/issues/85377#issuecomment-616424682
+  hardware.enableRedistributableFirmware = true;
+  hardware.enableAllFirmware = true;
+  nixpkgs.config.allowUnfree = true;
+
+  boot.initrd = {
+    availableKernelModules = [
+      "ahci"
+      "e1000e"
+      "ehci_pci"
+      "nvme"
+      "sd_mod"
+      "uas"
+      "usbhid"
+      "usb_storage"
+      "xhci_pci"
+    ];
+
+    kernelModules = [
+      "dm-snapshot"
+      "e1000e"
+      "nvme"
+    ];
+  };
+}
--- a/machines/core/network.nix
+++ b/machines/core/network.nix
@ -0,0 +1,15 @@
+{ config, lib, pkgs, ... }:
+
+{
+  networking.networkmanager = {
+    enable = true;
+
+    unmanaged = [
+      "interface-name:br-*" # Ignore docker compose network bridges
+      "interface-name:docker?" # Ignore docker default bridge
+      "interface-name:veth*" # Ignore docker compose network devices
+      "interface-name:virbr?" # Ignore libvirt default bridge
+    ];
+  };
+
+}
--- a/machines/core/users.nix
+++ b/machines/core/users.nix
@ -0,0 +1,28 @@
+{ config, pkgs, lib, ... }:
+{
+  sops.secrets."users/felix/password".neededForUsers = true;
+  sops.secrets."users/felix/password" = { };
+
+  users.users.felix = {
+    isNormalUser = true;
+    home = "/home/felix";
+    group = "felix";
+    extraGroups = [
+      "wheel"
+      "adbusers"
+      "audio"
+      "dialout"
+      "docker"
+      "input"
+      "libvirtd"
+      "networkmanager"
+      "video"
+    ];
+    passwordFile = config.sops.secrets."users/felix/password".path;
+    openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOFx6OLwL9MbkD3mnMsv+xrzZHN/rwCTgVs758SCLG0h felix@thinkman" ];
+  };
+
+  users.groups.felix = {
+    gid = 1000;
+  };
+}