From d5509e6ea1e2af6ae8b9f71e66d30a53e4a591a7 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sun, 13 Apr 2025 21:40:52 +0200 Subject: [PATCH] add new host --- flake.nix | 2 ++ home/vinzenz/vscode.nix | 1 + hosts/hetzner-vpn2/nginx.nix | 40 ++++++++++++++-------------- hosts/ronja-pc/configuration.nix | 25 +++++++++++++++++ hosts/ronja-pc/hardware.nix | 31 +++++++++++++++++++++ hosts/ronja-pc/imports.nix | 10 +++++++ hosts/vinzenz-lpt2/configuration.nix | 1 - hosts/vinzenz-pc2/configuration.nix | 1 - modules/desktop-hardware.nix | 1 + 9 files changed, 90 insertions(+), 22 deletions(-) create mode 100644 hosts/ronja-pc/configuration.nix create mode 100644 hosts/ronja-pc/hardware.nix create mode 100644 hosts/ronja-pc/imports.nix diff --git a/flake.nix b/flake.nix index 8091440..7d83008 100644 --- a/flake.nix +++ b/flake.nix @@ -37,12 +37,14 @@ devices = { vinzenz-lpt2 = "x86_64-linux"; vinzenz-pc2 = "x86_64-linux"; + ronja-pc = "x86_64-linux"; hetzner-vpn2 = "aarch64-linux"; forgejo-runner-1 = "aarch64-linux"; }; homeDevices = [ "vinzenz-lpt2" "vinzenz-pc2" + "ronja-pc" ]; forDevice = f: nixpkgs.lib.mapAttrs f devices; in diff --git a/home/vinzenz/vscode.nix b/home/vinzenz/vscode.nix index 098fc4a..d1add79 100644 --- a/home/vinzenz/vscode.nix +++ b/home/vinzenz/vscode.nix @@ -20,6 +20,7 @@ ms-dotnettools.csharp ms-vscode-remote.remote-ssh RoweWilsonFrederiskHolme.wikitext + davidanson.vscode-markdownlint ]; userSettings = { "files.autoSave" = "afterDelay"; diff --git a/hosts/hetzner-vpn2/nginx.nix b/hosts/hetzner-vpn2/nginx.nix index 8db0fb0..bd45ab7 100644 --- a/hosts/hetzner-vpn2/nginx.nix +++ b/hosts/hetzner-vpn2/nginx.nix @@ -20,26 +20,26 @@ recommendedOptimisation = true; virtualHosts = - let - servicesDomain = "services.zerforschen.plus"; - mkServiceConfig = host: port: { - addSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://${host}:${toString port}/"; - extraConfig = '' - # bind to tailscale ip - proxy_bind 100.88.118.60; - # pam auth - limit_except OPTIONS { - auth_pam "Password Required"; - auth_pam_service_name "nginx"; - } - ''; - }; - }; - pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; - in + #let + # servicesDomain = "services.zerforschen.plus"; + # mkServiceConfig = host: port: { + # addSSL = true; + # enableACME = true; + # locations."/" = { + # proxyPass = "http://${host}:${toString port}/"; + # extraConfig = '' + # # bind to tailscale ip + # proxy_bind 100.88.118.60; + # # pam auth + # limit_except OPTIONS { + # auth_pam "Password Required"; + # auth_pam_service_name "nginx"; + # } + # ''; + # }; + # }; + # pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; + #in { #"vscode.${servicesDomain}" = lib.mkMerge [ # (mkServiceConfig pc2 8542) diff --git a/hosts/ronja-pc/configuration.nix b/hosts/ronja-pc/configuration.nix new file mode 100644 index 0000000..0d0a968 --- /dev/null +++ b/hosts/ronja-pc/configuration.nix @@ -0,0 +1,25 @@ +{ + config, + pkgs, + ... +}: { + # Configure keymap in X11 + services.xserver.xkb = { + layout = "de"; + variant = ""; + }; + + # Configure console keymap + console.keyMap = "de"; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + ]; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; +} diff --git a/hosts/ronja-pc/hardware.nix b/hosts/ronja-pc/hardware.nix new file mode 100644 index 0000000..68f6e8d --- /dev/null +++ b/hosts/ronja-pc/hardware.nix @@ -0,0 +1,31 @@ +{lib, ...}: { + boot = { + kernelModules = ["kvm-intel"]; + extraModulePackages = []; + initrd = { + availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"]; + kernelModules = []; + }; + }; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/27eccf93-a79f-4fcb-8588-ec55d913508f"; + fsType = "btrfs"; + options = ["subvol=@"]; + }; + + "/boot" = { + device = "/dev/disk/by-uuid/85D4-43FC"; + fsType = "vfat"; + options = ["fmask=0077" "dmask=0077"]; + }; + }; + + swapDevices = [ + {device = "/dev/disk/by-uuid/bf9d19fb-499b-4bfb-b67d-131fa5bf8259";} + ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = true; +} diff --git a/hosts/ronja-pc/imports.nix b/hosts/ronja-pc/imports.nix new file mode 100644 index 0000000..8b9ed4b --- /dev/null +++ b/hosts/ronja-pc/imports.nix @@ -0,0 +1,10 @@ +{ + imports = [ + ../../modules/gnome.nix + ../../modules/gaming.nix + ../../modules/desktop-environment.nix + ../../modules/desktop-hardware.nix + + ../../home/ronja + ]; +} diff --git a/hosts/vinzenz-lpt2/configuration.nix b/hosts/vinzenz-lpt2/configuration.nix index 773d0c5..e7b0153 100644 --- a/hosts/vinzenz-lpt2/configuration.nix +++ b/hosts/vinzenz-lpt2/configuration.nix @@ -3,7 +3,6 @@ imports = [ ./zerforschen-plus.nix ]; config = { - networking.networkmanager.enable = true; nix.settings.extra-platforms = [ "aarch64-linux" "i686-linux" diff --git a/hosts/vinzenz-pc2/configuration.nix b/hosts/vinzenz-pc2/configuration.nix index 78c9e91..114d24e 100644 --- a/hosts/vinzenz-pc2/configuration.nix +++ b/hosts/vinzenz-pc2/configuration.nix @@ -5,7 +5,6 @@ ./vscode-server.nix ]; config = { - networking.networkmanager.enable = true; nix.settings.extra-platforms = [ "aarch64-linux" "i686-linux" diff --git a/modules/desktop-hardware.nix b/modules/desktop-hardware.nix index 1fed3a8..a8b2f93 100644 --- a/modules/desktop-hardware.nix +++ b/modules/desktop-hardware.nix @@ -27,6 +27,7 @@ }; }; + networking.networkmanager.enable = true; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction