Upgrade system to 22.11
VPN is migrating to Nebula, so fileserver and samba are temporarily unavailable
This commit is contained in:
parent
9b27214df8
commit
d312a48993
@ -1,45 +1,29 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
{
|
||||
disabledModules = [ "system/boot/loader/raspberrypi/raspberrypi.nix" ];
|
||||
imports = [
|
||||
./modules/system/boot/loader/raspberrypi/raspberrypi.nix
|
||||
./fileserver.nix
|
||||
./hardware-configuration.nix
|
||||
#./fileserver.nix
|
||||
];
|
||||
|
||||
boot = {
|
||||
kernelPackages = pkgs.linuxPackages_rpi4;
|
||||
loader = {
|
||||
# Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
|
||||
grub.enable = false;
|
||||
# Enables the generation of /boot/extlinux/extlinux.conf
|
||||
generic-extlinux-compatible.enable = true;
|
||||
};
|
||||
supportedFilesystems = ["zfs"];
|
||||
zfs.enableUnstable = true;
|
||||
loader = {
|
||||
grub.enable = false;
|
||||
raspberryPi = {
|
||||
enable = true;
|
||||
version = 4;
|
||||
configurationLimit = 1;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# MAKE SURE THESE ARE RIGHT OR THE PI WILL NOT BOOT
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
fsType = "ext4";
|
||||
device = "/dev/disk/by-label/NIXOS_SD";
|
||||
};
|
||||
"/boot" = {
|
||||
fsType = "vfat";
|
||||
device = "/dev/disk/by-label/NIXOS_BOOT";
|
||||
};
|
||||
};
|
||||
|
||||
hardware.enableRedistributableFirmware = true;
|
||||
|
||||
|
||||
system.stateVersion = "22.11"; # Read the usual warning
|
||||
|
||||
swapDevices = [ { device = "/swap"; size = 1024; } ];
|
||||
|
||||
|
||||
console.keyMap = "us";
|
||||
i18n.defaultLocale = "en_US.UTF-8";
|
||||
|
||||
|
||||
environment.systemPackages = with pkgs;
|
||||
let
|
||||
py3-packages = python-packages: with python-packages; [
|
||||
@ -47,9 +31,8 @@
|
||||
];
|
||||
py3-with-packages = python3.withPackages py3-packages;
|
||||
in [
|
||||
wget vim curl git htop bash tmux psmisc manpages pv lsof
|
||||
wget vim curl git htop bash tmux psmisc man-pages pv lsof
|
||||
zip unzip
|
||||
nginx
|
||||
py3-with-packages
|
||||
usbutils
|
||||
hdparm sdparm smartmontools gptfdisk gnufdisk
|
||||
@ -60,7 +43,7 @@
|
||||
rsync
|
||||
rclone gnupg
|
||||
];
|
||||
|
||||
|
||||
networking = {
|
||||
hostName = "catacomb";
|
||||
hostId = "beeeeee5";
|
||||
@ -71,19 +54,15 @@
|
||||
allowedUDPPorts = [ 137 138 ];
|
||||
};
|
||||
};
|
||||
|
||||
security = {
|
||||
hideProcessInformation = true;
|
||||
};
|
||||
|
||||
services.cron = {
|
||||
enable = true;
|
||||
systemCronJobs = [
|
||||
"0 20 * * 1 root /root/reassert-nas-permissions.sh"
|
||||
"0 0 * * 1 tvb . /etc/profile; /home/tvb/gitea-backup"
|
||||
];
|
||||
};
|
||||
|
||||
|
||||
#services.cron = {
|
||||
# enable = true;
|
||||
# systemCronJobs = [
|
||||
# "0 20 * * 1 root /root/reassert-nas-permissions.sh"
|
||||
# "0 0 * * 1 tvb . /etc/profile; /home/tvb/gitea-backup"
|
||||
# ];
|
||||
#};
|
||||
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
passwordAuthentication = true;
|
||||
@ -96,7 +75,7 @@
|
||||
|
||||
services.rsyncd.enable = true;
|
||||
|
||||
services.samba =
|
||||
/*services.samba =
|
||||
let
|
||||
sambaShare = path: validUsers: {
|
||||
path = path;
|
||||
@ -167,16 +146,16 @@
|
||||
#image = sambaShare "/nas/image" ''@nas'';
|
||||
#video = sambaShare "/nas/video" ''@nas'';
|
||||
};
|
||||
};
|
||||
|
||||
services.tinc.networks = {
|
||||
};*/
|
||||
|
||||
/*services.tinc.networks = {
|
||||
beatific = {
|
||||
name = "catacomb";
|
||||
listenAddress = "0.0.0.0";
|
||||
chroot = false;
|
||||
};
|
||||
};
|
||||
|
||||
};*/
|
||||
|
||||
services.zfs = {
|
||||
autoScrub = {
|
||||
enable = true;
|
||||
@ -194,7 +173,6 @@
|
||||
uid = 1001;
|
||||
password = "badpassword";
|
||||
extraGroups = ["wheel" "nas"];
|
||||
shell = pkgs.bash;
|
||||
openssh.authorizedKeys.keyFiles = [
|
||||
./keys/tvb.palamas.pub
|
||||
./keys/tvb.stagirite.pub
|
||||
@ -205,7 +183,6 @@
|
||||
};
|
||||
#./keys/tvb.empyrean.pub
|
||||
|
||||
nix.buildCores = 4;
|
||||
nix.package = pkgs.nixFlakes;
|
||||
nix.settings.cores = 4;
|
||||
nix.extraOptions = "experimental-features = nix-command flakes";
|
||||
}
|
||||
|
33
hardware-configuration.nix
Normal file
33
hardware-configuration.nix
Normal file
@ -0,0 +1,33 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "uas" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.eth0.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
|
||||
}
|
Loading…
Reference in New Issue
Block a user