harald/nixcfg
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

nix fmt

Browse source 
Signed-off-by: Harald Hoyer <harald@hoyer.xyz>
This commit is contained in:
Harald Hoyer 2024-11-19 10:31:29 +01:00
parent a3187e163d
commit 900f95169f
83 changed files with 1134 additions and 705 deletions
Download patch file Download diff file Expand all files Collapse all files

27
systems/x86_64-linux/mx/acme.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
sops.secrets.internetbs = {
sopsFile = ../../../.secrets/hetzner/internetbs.yaml; # bring your own password file
@ -13,27 +18,19 @@
};
certs = {
"surfsite.org" = {
extraDomainNames = [
"*.surfsite.org"
];
extraDomainNames = [ "*.surfsite.org" ];
};
"hartwin-hoyer.de" = {
extraDomainNames = [
"*.hartwin-hoyer.de"
];
extraDomainNames = [ "*.hartwin-hoyer.de" ];
};
"herward-hoyer.de" = {
extraDomainNames = [
"*.herward-hoyer.de"
];
extraDomainNames = [ "*.herward-hoyer.de" ];
};
"varlink.org" = {
extraDomainNames = [
"*.varlink.org"
];
extraDomainNames = [ "*.varlink.org" ];
};
"meike-hoyer.de" = { };
@ -71,9 +68,7 @@
};
"harald-hoyer.de" = {
extraDomainNames = [
"*.harald-hoyer.de"
];
extraDomainNames = [ "*.harald-hoyer.de" ];
};
};
};

2
systems/x86_64-linux/mx/backup.nix
View file

@ -4,7 +4,7 @@
shell = pkgs.bash;
isNormalUser = true;
openssh.authorizedKeys.keys = [
"restrict,command=\"/run/wrappers/bin/rrsync -ro /\" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQGdtB6BFdXN+cRepkzWhbG5KRIM5nXmHiw1K+CEhGihwWsNVKGgU/q4rePK6PVNflTIoHUfL30jkA7H8VpSzu0XOa97Tqf+sF9VQOFrMjpf2rOWv38nc2GnKpnUu68c17KRZ+i8cnPZH0VUqRzaY/1IPMFH3OYO4qHJAEN5oAsyMFI9pbqFLqRnwNALjxf8fUvR/XB88zt3P34vFFer15FtLr4dlIzoEFGdUSOErmGJGmDzTptMqi/t0kn2AgaBKzMxwGTDUj6adU6KKBERj4ii3ekOrPwcNjsws3Mtlm5p8ycUkwUFoIiXukF6XRzCRSWMbZOgSnu2TfC6jRRrdbMNWn4QGF/jdBvvKcBoD4sChzpG6aF4m+7ue0QuHES7Kd2Rwnq0jbesGuBnRciDN+jssGvxZKX7XEialuXiaTQ4jPUA4zgWq474CR6ksuxpUDlKpH+leWPLtuKlhEZZnJHCMhz8Ewk/ZwiNSbLO97cwJciBM71orGWpFxHciT1QE= root@sgx"
''restrict,command="/run/wrappers/bin/rrsync -ro /" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQGdtB6BFdXN+cRepkzWhbG5KRIM5nXmHiw1K+CEhGihwWsNVKGgU/q4rePK6PVNflTIoHUfL30jkA7H8VpSzu0XOa97Tqf+sF9VQOFrMjpf2rOWv38nc2GnKpnUu68c17KRZ+i8cnPZH0VUqRzaY/1IPMFH3OYO4qHJAEN5oAsyMFI9pbqFLqRnwNALjxf8fUvR/XB88zt3P34vFFer15FtLr4dlIzoEFGdUSOErmGJGmDzTptMqi/t0kn2AgaBKzMxwGTDUj6adU6KKBERj4ii3ekOrPwcNjsws3Mtlm5p8ycUkwUFoIiXukF6XRzCRSWMbZOgSnu2TfC6jRRrdbMNWn4QGF/jdBvvKcBoD4sChzpG6aF4m+7ue0QuHES7Kd2Rwnq0jbesGuBnRciDN+jssGvxZKX7XEialuXiaTQ4jPUA4zgWq474CR6ksuxpUDlKpH+leWPLtuKlhEZZnJHCMhz8Ewk/ZwiNSbLO97cwJciBM71orGWpFxHciT1QE= root@sgx''
];
};

31
systems/x86_64-linux/mx/coturn.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
sops.secrets."coturn/static-auth-secret" = {
sopsFile = ../../../.secrets/hetzner/coturn.yaml; # bring your own password file
@ -8,20 +13,30 @@
networking.firewall =
let
range = with config.services.coturn; [{
from = min-port;
to = max-port;
}];
range = with config.services.coturn; [
{
from = min-port;
to = max-port;
}
];
in
{
allowedUDPPortRanges = range;
allowedTCPPorts = [ 3478 3479 5349 ];
allowedUDPPorts = [ 3478 3479 5349 ];
allowedTCPPorts = [
3478
3479
5349
];
allowedUDPPorts = [
3478
3479
5349
];
};
# get a certificate
security.acme.certs.${config.services.coturn.realm} = {
/* insert here the right configuration to obtain a certificate */
# insert here the right configuration to obtain a certificate
postRun = "systemctl restart coturn.service";
group = "turnserver";
};

7
systems/x86_64-linux/mx/forgejo.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
sops.secrets."postgres/gitea_dbpass" = {
sopsFile = ../../../.secrets/hetzner/postgres.yaml; # bring your own password file

19
systems/x86_64-linux/mx/hardware-configuration.nix
View file

@ -1,12 +1,15 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ lib, pkgs, modulesPath, ... }:
{
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.kernelPackages = lib.mkForce pkgs.linuxPackages;
@ -28,15 +31,17 @@
"rng_core"
];
boot.swraid.enable = true;
boot.swraid.mdadmConf = ''
MAILADDR admin@hoyer.xyz
'';
disko.devices = import ./server-raid.nix {
inherit lib;
disks = [ "/dev/sda" "/dev/sdb" ];
disks = [
"/dev/sda"
"/dev/sdb"
];
};
swapDevices = [{ device = "/swapfile"; }];
swapDevices = [ { device = "/swapfile"; } ];
}

4
systems/x86_64-linux/mx/kicker.nix
View file

@ -9,9 +9,7 @@
"/home/hartwin/kicker/.htpasswd:/app/public/.htpasswd"
"/home/hartwin/kicker/live.db:/app/db/data/current.db"
];
extraOptions = [
"--pull=always"
];
extraOptions = [ "--pull=always" ];
};
};
}

7
systems/x86_64-linux/mx/mailserver.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
# email addresses git smudged
mailserver = {

37
systems/x86_64-linux/mx/network.nix
View file

@ -8,7 +8,10 @@
services.resolved.extraConfig = "ReadEtcHosts=no";
services.nscd.enableNsncd = false;
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedTCPPorts = [
80
443
];
networking.firewall.allowPing = true;
networking.hostName = "mx"; # Define your hostname.
@ -26,20 +29,26 @@
networking.interfaces.enp0s31f6 = {
ipv6 = {
addresses = [{
address = "2a01:4f9:2b:2e3::2"; # Your IPv6 here
prefixLength = 64;
}];
addresses = [
{
address = "2a01:4f9:2b:2e3::2"; # Your IPv6 here
prefixLength = 64;
}
];
# Default IPv6 route
routes = [{
address = "::";
prefixLength = 0;
via = "fe80::1";
}];
routes = [
{
address = "::";
prefixLength = 0;
via = "fe80::1";
}
];
};
ipv4.addresses = [{
address = "95.216.66.178";
prefixLength = 26;
}];
ipv4.addresses = [
{
address = "95.216.66.178";
prefixLength = 26;
}
];
};
}

4
systems/x86_64-linux/mx/nextcloud.nix
View file

@ -49,9 +49,7 @@
};
services.postgresql = {
ensureDatabases = [
"nextcloud"
];
ensureDatabases = [ "nextcloud" ];
ensureUsers = [
{
name = "nextcloud";

17
systems/x86_64-linux/mx/nginx.nix
View file

@ -30,7 +30,6 @@
root = "/var/www/hoyer.xyz/html";
};
"hoyer.world" = {
enableACME = false;
useACMEHost = "hoyer.world";
@ -47,9 +46,7 @@
"hoyer.xyz" = {
# serverName = "hoyer.xyz";
serverAliases = [
"www.hoyer.xyz"
];
serverAliases = [ "www.hoyer.xyz" ];
useACMEHost = "hoyer.xyz";
enableACME = false;
forceSSL = true;
@ -108,17 +105,13 @@
};
"harald-hoyer.de" = {
serverAliases = [
"www.harald-hoyer.de"
];
serverAliases = [ "www.harald-hoyer.de" ];
useACMEHost = "harald-hoyer.de";
globalRedirect = "harald.hoyer.xyz";
forceSSL = true;
};
"harald.hoyer.xyz" = {
serverAliases = [
"www.harald.hoyer.xyz"
];
serverAliases = [ "www.harald.hoyer.xyz" ];
useACMEHost = "hoyer.xyz";
root = "/var/www/harald.hoyer.xyz/html/";
extraConfig = ''
@ -141,9 +134,7 @@
};
"hartwin-hoyer.de" = {
serverAliases = [
"www.hartwin-hoyer.de"
];
serverAliases = [ "www.hartwin-hoyer.de" ];
useACMEHost = "hartwin-hoyer.de";
globalRedirect = "hartwin.hoyer.xyz";
forceSSL = true;

7
systems/x86_64-linux/mx/postgresql.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
services.postgresql = {
package = pkgs.postgresql_14;

10
systems/x86_64-linux/mx/rspamd.nix
View file

@ -10,10 +10,12 @@ let
'';
in
{
services.rspamd.workers.controller.bindSockets = [{
socket = "/run/rspamd/worker-controller.sock";
mode = "0660";
}];
services.rspamd.workers.controller.bindSockets = [
{
socket = "/run/rspamd/worker-controller.sock";
mode = "0660";
}
];
services.rspamd.locals = {
"settings.conf".text = ''
bogenschiessen {

9
systems/x86_64-linux/mx/server-raid.nix
View file

@ -1,4 +1,11 @@
{ disks ? [ "/dev/sda" "/dev/sdb" ], ... }: {
{
disks ? [
"/dev/sda"
"/dev/sdb"
],
...
}:
{
disk = {
one = {
type = "disk";

13
systems/x86_64-linux/sgx-attic/atticd.nix
View file

@ -1,18 +1,21 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
services.postgresql = {
enable = true;
ensureDatabases = [ "attic" ];
ensureUsers = [{ name = "atticd"; }];
ensureUsers = [ { name = "atticd"; } ];
};
systemd.services.postgresql.postStart = lib.mkAfter ''
$PSQL -tAc 'ALTER DATABASE "attic" OWNER TO "atticd"'
'';
environment.systemPackages = with pkgs; [
attic-client
];
environment.systemPackages = with pkgs; [ attic-client ];
services.atticd = {
enable = true;

7
systems/x86_64-linux/sgx-attic/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
with lib;
with lib.metacfg;
{

25
systems/x86_64-linux/sgx-attic/hardware-configuration.nix
View file

@ -1,17 +1,28 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports =
[
./disko.nix
(modulesPath + "/profiles/qemu-guest.nix")
];
imports = [
./disko.nix
(modulesPath + "/profiles/qemu-guest.nix")
];
disko.devices.disk.main.device = "/dev/vda";
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
boot.initrd.availableKernelModules = [
"ahci"
"xhci_pci"
"virtio_pci"
"sr_mod"
"virtio_blk"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];

30
systems/x86_64-linux/sgx-nixos/default.nix
View file

@ -1,10 +1,13 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
with lib;
with lib.metacfg;
{
imports = [
./hardware-configuration.nix
];
imports = [ ./hardware-configuration.nix ];
boot.kernel.sysctl."net.ipv4.conf.all.route_localnet" = 1;
boot.kernelPackages = lib.mkOverride 0 pkgs.linuxPackages_latest;
@ -20,7 +23,10 @@ with lib.metacfg;
nix.enable = true;
aesmd_dcap.enable = true;
podman.enable = true;
user.extraGroups = [ "docker" "sgx" ];
user.extraGroups = [
"docker"
"sgx"
];
};
environment.etc."sgx_default_qcnl.conf".text = ''
@ -59,8 +65,18 @@ with lib.metacfg;
systemd.user.extraConfig = "DefaultLimitNOFILE=32768";
security.pam.loginLimits = [
{ domain = "*"; item = "nofile"; type = "-"; value = "32768"; }
{ domain = "*"; item = "memlock"; type = "-"; value = "32768"; }
{
domain = "*";
item = "nofile";
type = "-";
value = "32768";
}
{
domain = "*";
item = "memlock";
type = "-";
value = "32768";
}
];
system.stateVersion = "23.11";

39
systems/x86_64-linux/sgx-nixos/hardware-configuration.nix
View file

@ -1,30 +1,37 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports =
[
(modulesPath + "/profiles/qemu-guest.nix")
];
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
boot.initrd.availableKernelModules = [
"ahci"
"xhci_pci"
"virtio_pci"
"sr_mod"
"virtio_blk"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{
device = "/dev/disk/by-uuid/ebb90474-ddcb-484b-9663-d71863827af4";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/ebb90474-ddcb-484b-9663-d71863827af4";
fsType = "ext4";
};
fileSystems."/boot" =
{
device = "/dev/disk/by-uuid/941C-7B02";
fsType = "vfat";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/941C-7B02";
fsType = "vfat";
};
swapDevices = [ ];

10
systems/x86_64-linux/sgx/backup.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
backup_new_path = "/mnt/raid/backup/hoyer/new/";
restic_repo = "/mnt/backup/restic-repo";
@ -61,8 +66,7 @@ in
".log"
".Trash"
];
ignoreFile = builtins.toFile "ignore"
(lib.foldl (a: b: a + "\n" + b) "" ignorePatterns);
ignoreFile = builtins.toFile "ignore" (lib.foldl (a: b: a + "\n" + b) "" ignorePatterns);
in
[ "--exclude-file=${ignoreFile}" ];
pruneOpts = [

7
systems/x86_64-linux/sgx/default.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
imports = [
./hardware-configuration.nix

7
systems/x86_64-linux/sgx/fileserver.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
services.netatalk = {
enable = true;

35
systems/x86_64-linux/sgx/hardware-configuration.nix
View file

@ -1,12 +1,16 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ pkgs, config, lib, modulesPath, ... }:
{
pkgs,
config,
lib,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [
"xhci_pci"
@ -43,18 +47,33 @@
"/mnt/raid" = {
fsType = "btrfs";
device = "/dev/disk/by-uuid/11727be7-bf9b-4888-8b02-d7eb1f898712";
options = [ "defaults" "compress=zstd" "subvol=root" "autodefrag" "noatime" "nofail" "x-systemd.device-timeout=60" ];
options = [
"defaults"
"compress=zstd"
"subvol=root"
"autodefrag"
"noatime"
"nofail"
"x-systemd.device-timeout=60"
];
};
"/mnt/backup" = {
fsType = "btrfs";
device = "/dev/disk/by-uuid/c29e7eac-26ba-41b1-ac3e-11123476b7c5";
options = [ "defaults" "compress=zstd" "subvol=root" "autodefrag" "noatime" "nofail" "x-systemd.device-timeout=60" ];
options = [
"defaults"
"compress=zstd"
"subvol=root"
"autodefrag"
"noatime"
"nofail"
"x-systemd.device-timeout=60"
];
};
};
swapDevices =
[{ device = "/dev/disk/by-uuid/72d061d7-ab18-47b9-beb1-1c465dda1be9"; }];
swapDevices = [ { device = "/dev/disk/by-uuid/72d061d7-ab18-47b9-beb1-1c465dda1be9"; } ];
environment.etc."crypttab".text = ''
a16 /dev/disk/by-uuid/6f1c1b24-3c94-44be-8d1b-70db562079c1 /dev/disk/by-id/usb-Ut165_USB2FlashStorage_08050508d213e6-0:0-part1 luks,keyfile-size=256

18
systems/x86_64-linux/sgx/network.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
networking.hostName = "sgx"; # Define your hostname.
networking.useDHCP = false;
@ -37,7 +42,14 @@
};
};
networking.firewall.allowedTCPPorts = [ 8384 22000 config.services.netatalk.port ];
networking.firewall.allowedUDPPorts = [ 22000 21027 ];
networking.firewall.allowedTCPPorts = [
8384
22000
config.services.netatalk.port
];
networking.firewall.allowedUDPPorts = [
22000
21027
];
networking.firewall.allowPing = true;
}

5
systems/x86_64-linux/t15/default.nix
View file

@ -10,7 +10,10 @@
podman.enable = true;
secureboot.enable = true;
homeprinter.enable = true;
user.extraGroups = [ "docker" "dialout" ];
user.extraGroups = [
"docker"
"dialout"
];
};
system.autoUpgrade = {

36
systems/x86_64-linux/t15/hardware-configuration.nix
View file

@ -1,12 +1,16 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.kernelModules = [ "kvm-intel" ];
boot.initrd.availableKernelModules = [
@ -40,7 +44,7 @@
boot.extraModulePackages = [ ];
services.btrfs.autoScrub.enable = true;
swapDevices = [{ device = "/swapfile"; }];
swapDevices = [ { device = "/swapfile"; } ];
boot.initrd.luks.devices.crypted = {
device = "/dev/nvme0n1p2";
@ -48,13 +52,12 @@
};
fileSystems = {
"/" =
{
device = "/dev/mapper/crypted";
fsType = "btrfs";
options = [ "subvol=/rootfs" ];
neededForBoot = true;
};
"/" = {
device = "/dev/mapper/crypted";
fsType = "btrfs";
options = [ "subvol=/rootfs" ];
neededForBoot = true;
};
"/nix" = {
device = "/dev/mapper/crypted";
fsType = "btrfs";
@ -72,11 +75,10 @@
options = [ "subvol=/persist" ];
neededForBoot = true;
};
"/boot" =
{
device = "/dev/disk/by-partlabel/disk-one-ESP";
fsType = "vfat";
};
"/boot" = {
device = "/dev/disk/by-partlabel/disk-one-ESP";
fsType = "vfat";
};
};
console.keyMap = "de-latin1-nodeadkeys";

19
systems/x86_64-linux/x1/default.nix
View file

@ -12,7 +12,10 @@ with lib.metacfg;
podman.enable = true;
secureboot.enable = true;
homeprinter.enable = true;
user.extraGroups = [ "docker" "dialout" ];
user.extraGroups = [
"docker"
"dialout"
];
};
environment.systemPackages = with pkgs; [
@ -51,8 +54,18 @@ with lib.metacfg;
systemd.user.extraConfig = "DefaultLimitNOFILE=32768";
security.pam.loginLimits = [
{ domain = "*"; item = "nofile"; type = "-"; value = "32768"; }
{ domain = "*"; item = "memlock"; type = "-"; value = "32768"; }
{
domain = "*";
item = "nofile";
type = "-";
value = "32768";
}
{
domain = "*";
item = "memlock";
type = "-";
value = "32768";
}
];
services.ollama = {

43
systems/x86_64-linux/x1/hardware-configuration.nix
View file

@ -1,14 +1,25 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "uas" "usbhid" "sd_mod" ];
boot.initrd.availableKernelModules = [
"xhci_pci"
"thunderbolt"
"nvme"
"uas"
"usbhid"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelPackages = lib.mkOverride 0 pkgs.linuxPackages_latest;
boot.kernelModules = [ "kvm-intel" ];
@ -24,12 +35,11 @@
services.btrfs.autoScrub.enable = true;
fileSystems."/" =
{
device = "/dev/disk/by-uuid/1106202c-c3bf-4c15-b7cd-e78749e5c955";
fsType = "btrfs";
options = [ "subvol=@" ];
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/1106202c-c3bf-4c15-b7cd-e78749e5c955";
fsType = "btrfs";
options = [ "subvol=@" ];
};
boot.initrd.luks.devices."luks-0e2792db-1b80-49a7-b2eb-54e4b5fc3502" = {
device = "/dev/disk/by-uuid/0e2792db-1b80-49a7-b2eb-54e4b5fc3502";
@ -41,13 +51,12 @@
allowDiscards = true;
};
fileSystems."/boot" =
{
device = "/dev/disk/by-uuid/13C4-A825";
fsType = "vfat";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/13C4-A825";
fsType = "vfat";
};
swapDevices = [{ device = "/dev/mapper/luks-280f2e07-e5fc-478e-b7ee-445c99bea415"; }];
swapDevices = [ { device = "/dev/mapper/luks-280f2e07-e5fc-478e-b7ee-445c99bea415"; } ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's