2025-02-04 02:15:57 +01:00
|
|
|
{
|
2025-02-04 02:42:40 +01:00
|
|
|
inputs,
|
2025-02-04 02:15:57 +01:00
|
|
|
modulesPath,
|
|
|
|
|
...
|
|
|
|
|
}:
|
|
|
|
|
{
|
2025-02-04 02:18:58 +01:00
|
|
|
nixpkgs.hostPlatform = "x86_64-linux";
|
2025-02-04 02:15:57 +01:00
|
|
|
imports = [
|
|
|
|
|
(modulesPath + "/profiles/qemu-guest.nix")
|
2025-02-04 02:42:40 +01:00
|
|
|
inputs.impermanence.nixosModules.impermanence
|
2025-02-04 02:15:57 +01:00
|
|
|
];
|
|
|
|
|
|
|
|
|
|
time.timeZone = "Europe/Amsterdam";
|
|
|
|
|
i18n.defaultLocale = "en_US.UTF-8";
|
|
|
|
|
networking.hostName = "nixos-template";
|
|
|
|
|
networking.dhcpcd.enable = false;
|
2025-02-04 02:38:07 +01:00
|
|
|
networking.useNetworkd = true;
|
2025-02-04 02:15:57 +01:00
|
|
|
|
|
|
|
|
boot.loader.systemd-boot.enable = true;
|
|
|
|
|
boot.loader.efi.canTouchEfiVariables = true;
|
|
|
|
|
services.qemuGuest.enable = true;
|
|
|
|
|
|
|
|
|
|
nix.settings.trusted-users = [
|
|
|
|
|
"root"
|
|
|
|
|
"@wheel"
|
|
|
|
|
];
|
|
|
|
|
nix.settings.experimental-features = [
|
|
|
|
|
"nix-command"
|
|
|
|
|
"flakes"
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
users.users."maintenance" = {
|
|
|
|
|
isNormalUser = true;
|
|
|
|
|
group = "maintenance";
|
|
|
|
|
extraGroups = [ "wheel" ];
|
2025-02-04 02:54:01 +01:00
|
|
|
password = "1234";
|
2025-02-04 02:15:57 +01:00
|
|
|
openssh.authorizedKeys.keyFiles = [ ../../authorized_keys ];
|
|
|
|
|
};
|
|
|
|
|
users.groups."maintenance" = { };
|
|
|
|
|
security.sudo.wheelNeedsPassword = false;
|
|
|
|
|
services.openssh = {
|
|
|
|
|
enable = true;
|
|
|
|
|
settings.PasswordAuthentication = false;
|
|
|
|
|
settings.KbdInteractiveAuthentication = false;
|
|
|
|
|
};
|
|
|
|
|
programs.ssh.startAgent = true;
|
|
|
|
|
|
|
|
|
|
services.cloud-init = {
|
|
|
|
|
enable = true;
|
|
|
|
|
network.enable = true;
|
|
|
|
|
config = ''
|
|
|
|
|
system_info:
|
|
|
|
|
distro: nixos
|
|
|
|
|
network:
|
|
|
|
|
renderers: [ 'networkd' ]
|
|
|
|
|
default_user:
|
|
|
|
|
name: ops
|
2025-02-04 03:13:44 +01:00
|
|
|
users:
|
|
|
|
|
- default
|
|
|
|
|
ssh_pwauth: false
|
|
|
|
|
chpasswd:
|
|
|
|
|
expire: false
|
|
|
|
|
cloud_init_modules:
|
|
|
|
|
- migrator
|
|
|
|
|
- seed_random
|
|
|
|
|
- growpart
|
|
|
|
|
- resizefs
|
|
|
|
|
cloud_config_modules:
|
|
|
|
|
- disk_setup
|
|
|
|
|
- mounts
|
|
|
|
|
- set-passwords
|
|
|
|
|
- ssh
|
|
|
|
|
cloud_final_modules: []
|
2025-02-04 03:34:49 +01:00
|
|
|
datasource_list:
|
|
|
|
|
- NoCloud
|
2025-02-04 03:59:25 +01:00
|
|
|
growpart:
|
|
|
|
|
devices: ['/dev/sda2']
|
2025-02-04 04:17:27 +01:00
|
|
|
# Resize the filesystem along with the partition
|
|
|
|
|
runcmd:
|
|
|
|
|
- btrfs filesystem resize max /nix
|
2025-02-04 02:15:57 +01:00
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
boot.supportedFilesystems = [ "btrfs" ];
|
|
|
|
|
fileSystems = {
|
|
|
|
|
"/" = {
|
|
|
|
|
device = "none";
|
|
|
|
|
fsType = "tmpfs";
|
|
|
|
|
options = [
|
|
|
|
|
"defaults"
|
|
|
|
|
"mode=755"
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
"/boot" = {
|
|
|
|
|
device = "/dev/disk/by-label/boot";
|
|
|
|
|
fsType = "vfat";
|
|
|
|
|
};
|
|
|
|
|
"/nix" = {
|
|
|
|
|
device = "/dev/disk/by-label/btrfs";
|
|
|
|
|
fsType = "btrfs";
|
|
|
|
|
options = [
|
|
|
|
|
"compress=zstd"
|
|
|
|
|
"subvol=nix"
|
|
|
|
|
"noatime"
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
"/persistent" = {
|
|
|
|
|
device = "/dev/disk/by-label/btrfs";
|
|
|
|
|
fsType = "btrfs";
|
|
|
|
|
options = [
|
|
|
|
|
"compress=zstd"
|
|
|
|
|
"subvol=persistent"
|
|
|
|
|
"noatime"
|
|
|
|
|
];
|
|
|
|
|
autoResize = true;
|
|
|
|
|
neededForBoot = true;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
}
|
