Luj/snowfield
1
0
Fork 0
mirror of https://github.com/JulienMalka/snowfield.git synced 2025-03-22 20:00:54 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: init arcadia

Browse source
This commit is contained in:
Julien Malka 2025-03-16 14:03:35 +01:00
parent a59960a09e
commit 285f54b4b6
Signed by: Luj
GPG key ID: 6FC74C847011FD83
4 changed files with 282 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

90
machines/arcadia/default.nix Normal file
View file

@ -0,0 +1,90 @@
{
pkgs,
inputs,
...
}:
{
imports = [
./hardware.nix
./home-julien.nix
];
machine.meta = {
arch = "x86_64-linux";
nixpkgs_version = inputs.unstable;
hm_version = inputs.home-manager-unstable;
# TODO: Fix colmena deployment
ips.public.ipv4 = "127.0.0.1";
};
environment.persistence."/persistent" = {
hideMounts = true;
directories = [
"/var/lib"
"/var/log"
"/etc/NetworkManager/system-connections"
];
files = [
"/etc/machine-id"
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
];
};
programs.fuse.userAllowOther = true;
fileSystems."/persistent".neededForBoot = true;
disko = import ./disko.nix;
boot.loader.systemd-boot.enable = true;
networking.wireless.enable = false;
services.tailscale.enable = true;
networking.networkmanager.enable = true;
networking.networkmanager.dns = "systemd-resolved";
services.resolved.enable = true;
services.dbus.enable = true;
programs.dconf.enable = true;
security.polkit.enable = true;
nix = {
distributedBuilds = true;
buildMachines = [
{
hostName = "epyc.infra.newtype.fr";
maxJobs = 100;
systems = [ "x86_64-linux" ];
sshUser = "root";
supportedFeatures = [
"kvm"
"nixos-test"
];
sshKey = "/home/julien/.ssh/id_ed25519";
speedFactor = 2;
}
];
};
environment.systemPackages = with pkgs; [
tailscale
brightnessctl
sbctl
];
security.pam.services.swaylock = { };
programs.ssh.startAgent = true;
services.xserver.desktopManager.gnome.enable = true;
services.gnome.gnome-keyring.enable = true;
system.stateVersion = "25.05";
}

90
machines/arcadia/disko.nix Normal file
View file

@ -0,0 +1,90 @@
{
devices = {
disk = {
main = {
type = "disk";
device = "/dev/disk/by-id/nvme-PNY_CS2241_4TB_SSD_PNY23362309060100017";
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02";
};
ESP = {
size = "10G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
swap = {
size = "16G";
content = {
type = "swap";
discardPolicy = "both";
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
extraOpenArgs = [ ];
passwordFile = "/tmp/secret.key";
settings = {
# if you want to use the key for interactive login be sure there is no trailing newline
# for example use `echo -n "password" > /tmp/secret.key`
allowDiscards = true;
};
content = {
type = "lvm_pv";
vg = "mainpool";
};
};
};
};
};
};
};
lvm_vg = {
mainpool = {
type = "lvm_vg";
lvs = {
root = {
size = "500G";
pool = "mainpool";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = [ "defaults" ];
};
};
persistent = {
size = "1T";
pool = "mainpool";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/persistent";
mountOptions = [ "defaults" ];
};
};
store = {
size = "2T";
pool = "mainpool";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/nix";
};
};
};
};
};
};
}

33
machines/arcadia/hardware.nix Normal file
View file

@ -0,0 +1,33 @@
{
config,
lib,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

69
machines/arcadia/home-julien.nix Normal file
View file

@ -0,0 +1,69 @@
{ pkgs, ... }:
{
luj.hmgr.julien = {
home.stateVersion = "25.05";
luj.programs.neovim.enable = true;
luj.programs.ssh-client.enable = true;
luj.programs.git.enable = true;
luj.programs.gtk.enable = true;
luj.programs.kitty.enable = true;
luj.programs.dunst.enable = true;
luj.programs.fish.enable = true;
luj.programs.firefox.enable = true;
luj.programs.pass.enable = true;
programs.direnv = {
enable = true;
nix-direnv.enable = true;
};
home.pointerCursor = {
name = "Adwaita";
package = pkgs.adwaita-icon-theme;
size = 15;
x11 = {
enable = true;
defaultCursor = "Adwaita";
};
};
home.packages =
with pkgs;
[
du-dust
kitty
jq
lazygit
fira-code
feh
meld
emacs
vlc
jftui
libreoffice
font-awesome
cantarell-fonts
roboto
htop
evince
mosh
zotero
flameshot
kitty
networkmanagerapplet
xdg-utils
step-cli
gh
signal-desktop
scli
texlive.combined.scheme-full
]
++ builtins.filter lib.attrsets.isDerivation (builtins.attrValues pkgs.nerd-fonts);
fonts.fontconfig.enable = true;
home.keyboard = {
layout = "fr";
};
};
}