From f673c6ae299c33b5d28f7eee7a29b7abdd5e1c54 Mon Sep 17 00:00:00 2001 From: Vinzenz Schroeter Date: Sat, 26 Oct 2024 17:30:11 +0200 Subject: [PATCH] split up modules differently --- flake.nix | 47 +++++-------- hosts/hetzner-vpn1/default.nix | 102 ++++++++++++++++++++++++++--- hosts/hetzner-vpn1/environment.nix | 81 ----------------------- hosts/vinzenz-lpt2/default.nix | 86 +++++++++++++++++++++--- hosts/vinzenz-lpt2/environment.nix | 60 ----------------- hosts/vinzenz-lpt2/hardware.nix | 1 - hosts/vinzenz-pc2/default.nix | 67 ++++++++++++++++--- hosts/vinzenz-pc2/environment.nix | 50 -------------- hosts/vinzenz-pc2/fstab.nix | 37 +++++++++++ hosts/vinzenz-pc2/hardware.nix | 42 +----------- 10 files changed, 286 insertions(+), 287 deletions(-) delete mode 100644 hosts/hetzner-vpn1/environment.nix delete mode 100644 hosts/vinzenz-lpt2/environment.nix delete mode 100644 hosts/vinzenz-pc2/environment.nix create mode 100644 hosts/vinzenz-pc2/fstab.nix diff --git a/flake.nix b/flake.nix index 023e2e9..50da7d9 100644 --- a/flake.nix +++ b/flake.nix @@ -22,38 +22,23 @@ lix-module.nixosModules.default ./common ]; + desktop-modules = [ + home-manager.nixosModules.home-manager + ./home + ./modules/desktop-environment.nix + ./modules/desktop-hardware.nix + ]; + host-params = { + inherit nixpkgs; + inherit home-manager; + inherit lix-module; + common-modules = common-modules; + desktop-modules = desktop-modules; + }; in { - vinzenz-lpt2 = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = - common-modules - ++ [ - home-manager.nixosModules.home-manager - ./hosts/vinzenz-lpt2 - ]; - }; - vinzenz-pc2 = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = - common-modules - ++ [ - home-manager.nixosModules.home-manager - ./hosts/vinzenz-pc2 - ]; - }; - hetzner-vpn1 = nixpkgs.lib.nixosSystem { - system = "aarch64-linux"; - modules = - common-modules - ++ [ - ./hosts/hetzner-vpn1 - - { - # uncomment for build check on non arm system (requires --impure) - # nixpkgs.buildPlatform = builtins.currentSystem; - } - ]; - }; + vinzenz-lpt2 = import ./hosts/vinzenz-lpt2 host-params; + vinzenz-pc2 = import ./hosts/vinzenz-pc2 host-params; + hetzner-vpn1 = import ./hosts/hetzner-vpn1 host-params; }; }; } diff --git a/hosts/hetzner-vpn1/default.nix b/hosts/hetzner-vpn1/default.nix index e2d62fe..35b060f 100644 --- a/hosts/hetzner-vpn1/default.nix +++ b/hosts/hetzner-vpn1/default.nix @@ -1,9 +1,95 @@ -{...}: { - imports = [ - ./hardware.nix - ./environment.nix - ]; - config = { - networking.hostName = "hetzner-vpn1"; - }; +{ + nixpkgs, + common-modules, + desktop-modules, + ... +}: +nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = + common-modules + ++ [ + ./hardware.nix + ../../users/vinzenz.nix + ../../users/ronja.nix + { + networking.hostName = "hetzner-vpn1"; + } + { + # uncomment for build check on non arm system (requires --impure) + # nixpkgs.buildPlatform = builtins.currentSystem; + } + + { + users.users = { + root.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + vinzenz.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + ronja.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' + ]; + }; + } + { + security.acme = { + acceptTerms = true; + defaults.email = "acme@zerforschen.plus"; + }; + + security.pam.services.nginx.setEnvironment = false; + systemd.services.nginx.serviceConfig = { + SupplementaryGroups = ["shadow"]; + }; + + services.nginx = { + enable = true; + additionalModules = [pkgs.nginxModules.pam]; + + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + + virtualHosts = let + servicesDomain = "services.zerforschen.plus"; + mkServiceConfig = host: port: { + addSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://${host}:${toString port}/"; + extraConfig = '' + # bind to tailscale ip + proxy_bind 100.88.118.60; + # pam auth + limit_except OPTIONS { + auth_pam "Password Required"; + auth_pam_service_name "nginx"; + } + ''; + }; + }; + lpt2 = "vinzenz-lpt2.donkey-pentatonic.ts.net"; + pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; + in { + "vscode.${servicesDomain}" = lib.mkMerge [ + (mkServiceConfig pc2 8542) + {locations."/" .proxyWebsockets = true;} + ]; + "preon-app.${servicesDomain}" = mkServiceConfig pc2 8543; + "preon-api.${servicesDomain}" = mkServiceConfig pc2 8544; + }; + }; + + networking.firewall.allowedTCPPorts = [80 443]; + } + ]; } diff --git a/hosts/hetzner-vpn1/environment.nix b/hosts/hetzner-vpn1/environment.nix deleted file mode 100644 index 9bb013a..0000000 --- a/hosts/hetzner-vpn1/environment.nix +++ /dev/null @@ -1,81 +0,0 @@ -{ - pkgs, - lib, - ... -}: { - imports = [ - ../../users/vinzenz.nix - ../../users/ronja.nix - ]; - - config = { - users.users = { - root.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; - vinzenz.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; - ronja.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' - ]; - }; - - security.acme = { - acceptTerms = true; - defaults.email = "acme@zerforschen.plus"; - }; - - security.pam.services.nginx.setEnvironment = false; - systemd.services.nginx.serviceConfig = { - SupplementaryGroups = ["shadow"]; - }; - - services.nginx = { - enable = true; - additionalModules = [pkgs.nginxModules.pam]; - - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - - virtualHosts = let - servicesDomain = "services.zerforschen.plus"; - mkServiceConfig = host: port: { - addSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://${host}:${toString port}/"; - extraConfig = '' - # bind to tailscale ip - proxy_bind 100.88.118.60; - # pam auth - limit_except OPTIONS { - auth_pam "Password Required"; - auth_pam_service_name "nginx"; - } - ''; - }; - }; - lpt2 = "vinzenz-lpt2.donkey-pentatonic.ts.net"; - pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net"; - in { - "vscode.${servicesDomain}" = lib.mkMerge [ - (mkServiceConfig pc2 8542) - {locations."/" .proxyWebsockets = true;} - ]; - "preon-app.${servicesDomain}" = mkServiceConfig pc2 8543; - "preon-api.${servicesDomain}" = mkServiceConfig pc2 8544; - }; - }; - - networking.firewall.allowedTCPPorts = [80 443]; - }; -} diff --git a/hosts/vinzenz-lpt2/default.nix b/hosts/vinzenz-lpt2/default.nix index 987bf07..02e98ab 100644 --- a/hosts/vinzenz-lpt2/default.nix +++ b/hosts/vinzenz-lpt2/default.nix @@ -1,11 +1,79 @@ -{...}: { - imports = [ - ./hardware.nix - ./environment.nix - ]; - config = { - networking.hostName = "vinzenz-lpt2"; +{ + nixpkgs, + common-modules, + desktop-modules, + ... +}: +nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = + common-modules + ++ desktop-modules + ++ [ + ./hardware.nix - nix.settings.extra-platforms = ["aarch64-linux"]; - }; + ../../home/gnome.nix + ../../users/vinzenz.nix + ../../modules/gnome.nix + ../../modules/gaming.nix + ../../modules/printing.nix + ../../modules/latex.nix + + { + networking.hostName = "vinzenz-lpt2"; + nix.settings.extra-platforms = ["aarch64-linux"]; + } + + { + home-manager.users.vinzenz = import ../../home/vinzenz; + + users.users.vinzenz.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' + ]; + + #users.users.ronja.openssh.authorizedKeys.keys = [ + # ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' + #]; + } + + { + virtualisation = { + containers.enable = true; + podman = { + enable = true; + dockerCompat = true; + dockerSocket.enable = true; + autoPrune.enable = true; + }; + }; + } + + { + services.nginx = { + enable = true; + + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + + virtualHosts = { + "vinzenz-lpt2" = { + locations."/" = { + proxyPass = "http://127.0.0.1:3000/"; + proxyWebsockets = true; + }; + + serverAliases = ["172.23.42.96"]; + }; + }; + }; + + networking.firewall = { + allowedTCPPorts = [80 8001 3000]; + allowedUDPPorts = [2342]; + }; + } + ]; } diff --git a/hosts/vinzenz-lpt2/environment.nix b/hosts/vinzenz-lpt2/environment.nix deleted file mode 100644 index 66e6fe9..0000000 --- a/hosts/vinzenz-lpt2/environment.nix +++ /dev/null @@ -1,60 +0,0 @@ -{pkgs, ...}: { - imports = [ - ../../home - ../../home/gnome.nix - ../../users/vinzenz.nix - ../../modules/desktop-environment.nix - ../../modules/gnome.nix - ../../modules/gaming.nix - ../../modules/printing.nix - ../../modules/latex.nix - ]; - - config = { - home-manager.users.vinzenz = import ../../home/vinzenz; - - virtualisation = { - containers.enable = true; - podman = { - enable = true; - dockerCompat = true; - dockerSocket.enable = true; - autoPrune.enable = true; - }; - }; - - users.users.vinzenz.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv vinzenz-pc2 home roaming'' - ]; - - #users.users.ronja.openssh.authorizedKeys.keys = [ - # ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ronja-ssh-host-key'' - #]; - - services.nginx = { - enable = true; - - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - - virtualHosts = { - "vinzenz-lpt2" = { - locations."/" = { - proxyPass = "http://127.0.0.1:3000/"; - proxyWebsockets = true; - }; - - serverAliases = ["172.23.42.96"]; - }; - }; - }; - - networking.firewall = { - allowedTCPPorts = [80 8001 3000]; - allowedUDPPorts = [2342]; - }; - }; -} diff --git a/hosts/vinzenz-lpt2/hardware.nix b/hosts/vinzenz-lpt2/hardware.nix index 4e11ab5..a6e5ff5 100644 --- a/hosts/vinzenz-lpt2/hardware.nix +++ b/hosts/vinzenz-lpt2/hardware.nix @@ -4,7 +4,6 @@ ... }: { imports = [ - ../../modules/desktop-hardware.nix ../../modules/intel-graphics.nix ]; config = { diff --git a/hosts/vinzenz-pc2/default.nix b/hosts/vinzenz-pc2/default.nix index 356f331..8d9ab6f 100644 --- a/hosts/vinzenz-pc2/default.nix +++ b/hosts/vinzenz-pc2/default.nix @@ -1,9 +1,60 @@ -{...}: { - imports = [ - ./hardware.nix - ./environment.nix - ]; - config = { - networking.hostName = "vinzenz-pc2"; - }; +{ + nixpkgs, + common-modules, + desktop-modules, + ... +}: +nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = + common-modules + ++ desktop-modules + ++ [ + ./hardware.nix + ../../home/gnome.nix + ../../users/vinzenz.nix + ../../users/ronja.nix + ../../modules/gnome.nix + ../../modules/gaming.nix + ../../modules/printing.nix + { + networking.hostName = "vinzenz-pc2"; + } + { + home-manager.users = { + vinzenz = import ../../home/vinzenz; + ronja = import ../../home/ronja.nix; + }; + + users.users.vinzenz.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrY6tcgnoC/xbgL7vxSjddEY9MBxRXe9n2cAHt88/TT home roaming'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' + ]; + + users.users.ronja.openssh.authorizedKeys.keys = [ + ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key'' + ]; + } + { + services.openvscode-server = { + enable = true; + telemetryLevel = "off"; + port = 8542; + host = "100.125.93.127"; # tailscale + withoutConnectionToken = true; + extraPackages = with pkgs; [nodejs git gh direnv]; + }; + + virtualisation.podman = { + enable = true; + }; + + networking = { + firewall = { + allowedTCPPorts = [8542 8543 8544 80]; + }; + }; + } + ]; } diff --git a/hosts/vinzenz-pc2/environment.nix b/hosts/vinzenz-pc2/environment.nix deleted file mode 100644 index e9392a5..0000000 --- a/hosts/vinzenz-pc2/environment.nix +++ /dev/null @@ -1,50 +0,0 @@ -{pkgs, ...}: { - imports = [ - ../../home - ../../home/gnome.nix - ../../users/vinzenz.nix - ../../users/ronja.nix - ../../modules/desktop-environment.nix - ../../modules/gnome.nix - ../../modules/gaming.nix - ../../modules/printing.nix - ]; - - config = { - home-manager.users = { - vinzenz = import ../../home/vinzenz; - ronja = import ../../home/ronja.nix; - }; - - users.users.vinzenz.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrY6tcgnoC/xbgL7vxSjddEY9MBxRXe9n2cAHt88/TT home roaming'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY vinzenz-pixel-JuiceSSH'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming'' - ]; - - users.users.ronja.openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALWKm+d6KL6Vl3grPOcGouiNTkvdhXuWJmcrdEBY2nw ssh-host-key'' - ]; - - services.openvscode-server = { - enable = true; - telemetryLevel = "off"; - port = 8542; - host = "100.125.93.127"; # tailscale - withoutConnectionToken = true; - extraPackages = with pkgs; [nodejs git gh direnv]; - }; - - virtualisation.podman = { - enable = true; - }; - - networking = { - firewall = { - allowedTCPPorts = [8542 8543 8544 80]; - }; - - interfaces.eno1.wakeOnLan.enable = true; - }; - }; -} diff --git a/hosts/vinzenz-pc2/fstab.nix b/hosts/vinzenz-pc2/fstab.nix new file mode 100644 index 0000000..19fd5ff --- /dev/null +++ b/hosts/vinzenz-pc2/fstab.nix @@ -0,0 +1,37 @@ +{ + "/" = { + device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; + fsType = "btrfs"; + options = ["subvol=@"]; + }; + + "/home" = { + device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; + fsType = "btrfs"; + options = ["subvol=@home"]; + }; + + "/games" = { + device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; + fsType = "btrfs"; + options = ["subvol=@games"]; + }; + + "/boot" = { + device = "/dev/disk/by-uuid/AF67-8F16"; + fsType = "vfat"; + }; + + "/mnt/nixos_btrfs_root" = { + # subvolume with id 5 is always the root volume + # this is convenient for managing the flat subvolume hierarchy + device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; + fsType = "btrfs"; + options = ["subvolid=5"]; + }; + + "/mnt/ssd2" = { + device = "/dev/disk/by-uuid/6b2a647d-c68e-4c07-85bf-c9bfc5db7e8a"; + fsType = "ext4"; + }; +} diff --git a/hosts/vinzenz-pc2/hardware.nix b/hosts/vinzenz-pc2/hardware.nix index 65b63d8..6893194 100644 --- a/hosts/vinzenz-pc2/hardware.nix +++ b/hosts/vinzenz-pc2/hardware.nix @@ -1,6 +1,5 @@ {...}: { imports = [ - ../../modules/desktop-hardware.nix ../../modules/amd-graphics.nix ]; config = { @@ -13,44 +12,9 @@ loader.efi.efiSysMountPoint = "/boot"; }; - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; - fsType = "btrfs"; - options = ["subvol=@"]; - }; - - "/home" = { - device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; - fsType = "btrfs"; - options = ["subvol=@home"]; - }; - - "/games" = { - device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; - fsType = "btrfs"; - options = ["subvol=@games"]; - }; - - "/boot" = { - device = "/dev/disk/by-uuid/AF67-8F16"; - fsType = "vfat"; - }; - - "/mnt/nixos_btrfs_root" = { - # subvolume with id 5 is always the root volume - # this is convenient for managing the flat subvolume hierarchy - device = "/dev/disk/by-uuid/0e9c983a-e733-447e-8181-f41d6670c4b8"; - fsType = "btrfs"; - options = ["subvolid=5"]; - }; - - "/mnt/ssd2" = { - device = "/dev/disk/by-uuid/6b2a647d-c68e-4c07-85bf-c9bfc5db7e8a"; - fsType = "ext4"; - }; - }; - + fileSystems = import ./fstab.nix; swapDevices = []; + + interfaces.eno1.wakeOnLan.enable = true; }; }