remoll/matrix
1
0
Fork 0
mirror of https://github.com/lxstinthesky/matrix.git synced 2025-11-01 08:22:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
c8996554fb7cd096abbcc5c17f3d32fc559db91a
matrix/nix/configuration.nix
Henrik c8996554fb Added remote unlock capabilities
2025-10-27 21:07:04 +01:00

109 lines
3.1 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{ config, pkgs, inputs, lib, ... }:
{
imports = [
./users/users.nix
./modules/security.nix
./vps/hetzner/hardware-configuration.nix
./modules/zsh.nix
];
# nix settings
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.settings.download-buffer-size = 524288000; # 500MB
# Bootloader to work with LUKS
boot.loader.grub = {
enable = true;
# https://github.com/NixOS/nixpkgs/issues/55332
device = "nodev"; # Don't install to MBR
efiSupport = true; # Enable EFI support
enableCryptodisk = true; # Enable LUKS support
};
boot.loader.efi.canTouchEfiVariables = true;
# LUKS configuration
boot.initrd.luks.devices."crypted" = {
device = "/dev/disk/by-partlabel/luks";
allowDiscards = true;
};
boot.initrd.kernelModules = [ "virtio_gpu" ];
boot.kernelParams = [ "console=tty" ];
networking.hostName = "matrix";
# time zone
time.timeZone = "Europe/Zurich";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "de_DE.UTF-8";
LC_IDENTIFICATION = "de_DE.UTF-8";
LC_MEASUREMENT = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
LC_NAME = "de_DE.UTF-8";
LC_NUMERIC = "de_DE.UTF-8";
LC_PAPER = "de_DE.UTF-8";
LC_TELEPHONE = "de_DE.UTF-8";
LC_TIME = "de_DE.UTF-8";
};
# Allow unfree packages
# nixpkgs.config.allowUnfree = true;
# List packages installed in system profile. To search, run:
environment.systemPackages = with pkgs; [
];
virtualisation.vmVariant = {
# following configuration is added only when building VM with build-vm
virtualisation = {
memorySize = 4000;
cores = 2;
graphics = false;
diskSize = 5000; # 5GB, needed to prevent docker error running out of space
# Networking configuration
forwardPorts = [
{ from = "host"; host.port = 2222; guest.port = 22; }
];
};
# this is related to luks remote unlock via ssh
# Disable initrd secrets for VM builds to avoid secret error
# Error is not present in real depolyments
boot.initrd.secrets = lib.mkForce {};
# Add VM-specific users
users.users.smith = {
isNormalUser = true;
description = "VM Test User";
extraGroups = [ "wheel" "networkmanager" ];
shell = pkgs.zsh;
initialPassword = "smith";
packages = with pkgs; [ ];
};
# VM-specific packages
environment.systemPackages = with pkgs; [
];
# in order to build VM on x86_64 host
nixpkgs.hostPlatform = lib.mkForce "x86_64-linux";
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "25.05"; # Did you read the comment?
}
Reference in New Issue View Git Blame Copy Permalink