summaryrefslogtreecommitdiffstats
path: root/makefu
diff options
context:
space:
mode:
Diffstat (limited to 'makefu')
-rw-r--r--makefu/1systems/pornocauster.nix43
-rw-r--r--makefu/2configs/sda-crypto-root-home.nix35
2 files changed, 78 insertions, 0 deletions
diff --git a/makefu/1systems/pornocauster.nix b/makefu/1systems/pornocauster.nix
new file mode 100644
index 000000000..b8ba9289b
--- /dev/null
+++ b/makefu/1systems/pornocauster.nix
@@ -0,0 +1,43 @@
+#
+#
+#
+{ config, pkgs, ... }:
+
+{
+ imports =
+ [ # Include the results of the hardware scan.
+ ../2configs/base.nix
+ ../2configs/base-gui.nix
+ ../2configs/tinc-basic-retiolum.nix
+ #../2configs/sda-crypto-root.nix
+ ../2configs/sda-crypto-root-home.nix
+ # hardware specifics are in here
+ ../2configs/tp-x200.nix
+
+ #../2configs/disable_v6.nix
+ #../2configs/rad1o.nix
+
+ #../2configs/exim-retiolum.nix
+ ];
+ # not working in vm
+ krebs.build.host = config.krebs.hosts.pornocauster;
+ krebs.build.user = config.krebs.users.makefu;
+ krebs.build.target = "root@localhost";
+
+ boot.kernelModules = [ "kvm-intel" ];
+
+
+ networking.firewall.allowedTCPPorts = [
+ 25
+ ];
+
+ krebs.build.deps = {
+ nixpkgs = {
+ #url = https://github.com/NixOS/nixpkgs;
+ # rev=$(curl https://nixos.org/channels/nixos-unstable/git-revision -L)
+ url = https://github.com/makefu/nixpkgs;
+ #rev = "8b8b65da24f13f9317504e8bcba476f9161613fe";
+ rev = "f5fe787f778b872c6b2221598501c9310cb83915";
+ };
+ };
+}
diff --git a/makefu/2configs/sda-crypto-root-home.nix b/makefu/2configs/sda-crypto-root-home.nix
new file mode 100644
index 000000000..28d140119
--- /dev/null
+++ b/makefu/2configs/sda-crypto-root-home.nix
@@ -0,0 +1,35 @@
+{ config, lib, pkgs, ... }:
+
+# sda: bootloader grub2
+# sda1: boot ext4 (label nixboot)
+# sda2: cryptoluks -> ext4
+with lib;
+{
+ boot = {
+ loader.grub.enable =true;
+ loader.grub.version =2;
+ loader.grub.device = "/dev/sda";
+
+ initrd.luks.devices = [ { name = "main"; device = "/dev/sda2"; allowDiscards=true; }];
+ initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ];
+ initrd.availableKernelModules = ["xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
+ };
+ fileSystems = {
+ "/" = {
+ device = "/dev/mapper/main-root";
+ fsType = "ext4";
+ options="defaults,discard";
+ };
+ # TODO: just import sda-crypto-root, add this device
+ "/home" = {
+ device = "/dev/mapper/main-home";
+ fsType = "ext4";
+ options="defaults,discard";
+ };
+ "/boot" = {
+ device = "/dev/disk/by-label/nixboot";
+ fsType = "ext4";
+ options="defaults,discard";
+ };
+ };
+}