noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2025-07-06 03:50:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

improve hosts documentation

Browse Source
This commit is contained in:
Noah Masur
2023-08-05 17:14:26 -04:00
parent f0e1fc740f
commit 5bc10bef87
3 changed files with 65 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
hosts/swan/default.nix
View File

@ -13,11 +13,14 @@ inputs.nixpkgs.lib.nixosSystem {
../../modules/common
../../modules/nixos
{
nixpkgs.overlays = overlays;
# Hardware
server = true;
physical = true;
networking.hostName = "swan";
# Not sure what's necessary but too afraid to remove anything
boot.initrd.availableKernelModules =
[ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" ];
@ -30,29 +33,43 @@ inputs.nixpkgs.lib.nixosSystem {
"amdgpu.cik_support=1"
"amdgpu.dc=1"
];
# Required binary blobs to boot on this machine
hardware.enableRedistributableFirmware = true;
# Prioritize efficiency over performance
powerManagement.cpuFreqGovernor = "powersave";
# Allow firmware updates
hardware.cpu.intel.updateMicrocode = true;
# ZFS
zfs.enable = true;
# Generated with: head -c 8 /etc/machine-id
networking.hostId = "600279f4"; # Random ID required for ZFS
# Sets root ext4 filesystem instead of declaring it manually
disko = {
enableConfig = true;
devices = (import ../../disks/root.nix { disk = "/dev/nvme0n1"; });
};
# Automatically load the ZFS pool on boot
boot.zfs.extraPools = [ "tank" ];
# Theming
# Server doesn't require GUI
gui.enable = false;
# Still require colors for programs like Neovim, K9S
theme = { colors = (import ../../colorscheme/gruvbox).dark; };
nixpkgs.overlays = overlays;
# Programs and services
neovim.enable = true;
cloudflare.enable = true;
dotfiles.enable = true;
arrs.enable = true;
services.bind.enable = true;
services.caddy.enable = true;
services.jellyfin.enable = true;
@ -63,6 +80,7 @@ inputs.nixpkgs.lib.nixosSystem {
services.vmagent.enable = true;
services.samba.enable = true;
# Allows private remote access over the internet
cloudflareTunnel = {
enable = true;
id = "646754ac-2149-4a58-b51a-e1d0a1f3ade2";
@ -71,6 +89,7 @@ inputs.nixpkgs.lib.nixosSystem {
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCHF/UMtJqPFrf6f6GRY0ZFnkCW7b6sYgUTjTtNfRj1RdmNic1NoJZql7y6BrqQinZvy7nsr1UFDNWoHn6ah3tg= open-ssh-ca@cloudflareaccess.org";
};
# Send regular backups and litestream for DBs to an S3-like bucket
backup.s3 = {
endpoint = "s3.us-west-002.backblazeb2.com";
bucket = "noahmasur-backup";