DEVELOPMENT ENVIRONMENT

~liljamo/nix-arta

ref: b8c3e871449260e22e469d2d76f3ebfa6f03f056 nix-arta/systems/hosts/arwen/default.nix -rw-r--r-- 1.1 KiB
b8c3e871Jonni Liljamo fix: tamma secrets path 9 days ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
{
  inputs,
  lib,
  pkgs,
  ...
}: {
  imports = [
    ./hardware-configuration.nix

    inputs.nixos-hardware.nixosModules.lenovo-thinkpad-e495
  ];

  boot.initrd.postDeviceCommands = lib.mkAfter ''
    zfs rollback -r zpool/root@blank
  '';

  sops.defaultSopsFile = ../../../secrets/arwen/secrets.yaml;
  sops.gnupg.sshKeyPaths = ["/persist/etc/ssh/ssh_host_rsa_key"];
  sops.age.sshKeyPaths = ["/persist/etc/ssh/ssh_host_ed25519_key"];

  networking.hostId = "d2a2e2cb";
  networking.networkmanager.enable = true;

  time.timeZone = "Europe/Helsinki";

  services.xserver.xkb.layout = "us";

  services.libinput.enable = true;

  environment.systemPackages = with pkgs; [
    inputs.nvim-flake.packages.x86_64-linux.nvim
    wget

    keepassxc
    jellyfin-mpv-shim
    libreoffice-qt6-fresh
  ];

  environment.persistence."/persist" = {
    hideMounts = true;
    directories = [
      "/etc/nixos"
      "/etc/ssh"
      "/var/lib/nixos"
      "/var/lib/tailscale"
    ];
  };

  services.pcscd.enable = true;
  programs.gnupg.agent.enable = true;

  services.openssh.enable = true;

  system.stateVersion = "24.05";
}