# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, stablePkgs, ... }: let home = "/home/rilla"; in { imports = [ ./hardware-configuration/trantor.nix ../../modules/common ../../modules/common/desktop.nix ]; home-manager.users.rilla.imports = [ ../../../home/hosts/trantor.nix ]; fileSystems = { "/" = { device = "tmpfs"; fsType = "tmpfs"; options = [ "defaults" "size=2G" "mode=755" ]; }; "/boot/efi" = { device = "/dev/disk/by-uuid/0BFA-9A66"; fsType = "vfat"; }; "/mnt/btr_system" = { device = "/dev/mapper/system"; fsType = "btrfs"; options = [ "subvolid=5" "compress=zstd" ]; }; "/mnt/btr_user" = { device = "/dev/mapper/user"; fsType = "btrfs"; options = [ "subvolid=5" "compress=zstd" ]; }; "/mnt/persist" = { device = "/dev/mapper/user"; fsType = "btrfs"; options = [ "subvol=persist" "compress=zstd" ]; neededForBoot = true; }; "/mnt/data" = { device = "/dev/mapper/user"; fsType = "btrfs"; options = [ "subvol=data" "compress=zstd" ]; neededForBoot = true; }; "/mnt/vfs_share" = { device = "/dev/mapper/user"; fsType = "btrfs"; options = [ "subvol=vfs_share" "compress=zstd" ]; neededForBoot = true; }; "/nix" = { device = "/dev/mapper/system"; fsType = "btrfs"; options = [ "subvol=nix" "compress=zstd" ]; }; "/mnt/logs" = { device = "/dev/mapper/system"; fsType = "btrfs"; options = [ "subvol=logs" "compress=zstd" ]; neededForBoot = true; }; "/boot" = { device = "/dev/mapper/system"; fsType = "btrfs"; options = [ "subvol=boot" "compress=zstd" ]; }; "/swap" = { device = "/dev/mapper/system"; fsType = "btrfs"; options = [ "subvol=swap" ]; }; "/mnt/narwhal" = { device = "narwhal:/"; fsType = "nfs"; }; "/mnt/backups/0" = { device = "/dev/mapper/backups0"; fsType = "btrfs"; options = [ "noauto" "subvolid=5" "compress=zstd" ]; }; "/mnt/backups/1" = { device = "/dev/mapper/backups1"; fsType = "btrfs"; options = [ "noauto" "subvolid=5" "compress=zstd" ]; }; "/mnt/backups/2" = { device = "/dev/mapper/backups2"; fsType = "btrfs"; options = [ "noauto" "subvolid=5" "compress=zstd" ]; }; }; swapDevices = [{ device = "/swap/swapfile"; }]; environment.etc = { crypttab = { text = '' backups0 UUID="e45232d5-f46f-46f3-a150-be26374b3357" /etc/luks-keys/backups.bin noauto backups1 UUID="5b3da928-4862-4451-89cd-5bd6a95466d0" /etc/luks-keys/backups.bin noauto backups2 UUID="cbfa9cba-dee2-4d0b-8cde-2f1d1849b22c" /etc/luks-keys/backups.bin noauto ''; }; }; environment.variables = { NIXOS_CONFIG = "${home}/configs/nix-config/trantor.nix"; LV2_PATH = "${home}/.nix-profile/lib/lv2:${home}/Audio/plugins/lv2:/run/current-system/sw/lib/lv2"; LXVST_PATH = "${home}/.nix-profile/lib/lxvst:${home}/Audio/plugins/lxvst:/run/current-system/sw/lib/lxvst"; LADSPA_PATH = "${home}/.nix-profile/lib/ladspa:${home}/Audio/plugins/ladspa:/run/current-system/sw/lib/ladspa"; }; networking.networkmanager.wifi.macAddress = "80:FA:5B:41:12:0F"; nixpkgs.config.allowUnfree = true; programs.steam.enable = true; boot = { loader = { efi = { canTouchEfiVariables = true; efiSysMountPoint = "/boot/efi"; }; grub = { enable = true; device = "nodev"; enableCryptodisk = true; efiSupport = true; }; }; initrd = { luks = { #yubikeySupport = true; devices = { "system" = { device = "/dev/disk/by-uuid/b9778e01-a86c-4c6b-beb3-f97888d4a6eb"; keyFile = "/system_keyfile.bin"; allowDiscards = true; # yubikey = { # slot = 2; # twoFactor = false; # gracePeriod = 30; # keyLength = 64; # saltLength = 16; # storage = { # device = "/dev/nvme0n1p1"; # fsType = "vfat"; # path = "/crypt-storage/default"; # }; # }; }; "user" = { device = "/dev/disk/by-uuid/d8e9b35d-704a-4f66-bc19-0dd3e158de36"; keyFile = "/user_keyfile.bin"; }; }; }; secrets = { "/system_keyfile.bin" = "/etc/luks-keys/system.bin"; "/user_keyfile.bin" = "/etc/luks-keys/user.bin"; }; }; }; # todo: target and/or archive services.btrbk = { sshAccess = [{ roles = [ "info" "source" "target" "delete" "snapshot" "send" "receive" ]; key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAJy2lSOeG4iCUlk+W0TK9DnJyHe/0XUU0PD0kokbWKF btrbk"; }]; instances.btrbk = { onCalendar = "*:0/30"; # every 30 minutes settings = { snapshot_preserve = "2d"; snapshot_preserve_min = "latest"; snapshot_create = "onchange"; volume."/mnt/btr_user" = { snapshot_dir = "btrbk_snapshots"; subvolume = { data = { }; persist = { }; }; }; }; }; }; networking = { hostName = "trantor"; interfaces = { enp3s0f1.useDHCP = true; wlp4s0.useDHCP = true; }; }; services.xserver = { videoDrivers = [ "nvidia" ]; }; hardware.nvidia = { nvidiaPersistenced = true; modesetting.enable = true; prime = { sync.enable = true; nvidiaBusId = "PCI:1:0:0"; intelBusId = "PCI:0:2:0"; }; }; system.stateVersion = "23.05"; }