colonelpanic/dotfiles
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[NixOS] Add airgapped machine

Browse Source
This commit is contained in:
Ivan Malison 2021-07-25 16:03:59 -06:00
parent 7eec5d3392
commit 8866d80e75
No known key found for this signature in database
GPG Key ID: 62530EFBE99DC2F8
6 changed files with 23 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
nixos/base.nix
View File

@ -6,10 +6,6 @@
./essential.nix ./essential.nix
]; ];
nixpkgs.overlays = [
(import ../dotfiles/config/xmonad/overlay.nix)
];
# Allow all the things # Allow all the things
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
nixpkgs.config.permittedInsecurePackages = [ nixpkgs.config.permittedInsecurePackages = [
@ -19,7 +15,6 @@
# Disabling these waits disables the stuck on boot up issue # Disabling these waits disables the stuck on boot up issue
systemd.services.systemd-udev-settle.enable = false; systemd.services.systemd-udev-settle.enable = false;
systemd.services.NetworkManager-wait-online.enable = false; systemd.services.NetworkManager-wait-online.enable = false;
networking.firewall.enable = false;
# Security # Security
programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
@ -30,6 +25,7 @@
include ipsec.d/ipsec.nm-l2tp.secrets include ipsec.d/ipsec.nm-l2tp.secrets
''; '';
networking.firewall.enable = false;
networking.networkmanager = { networking.networkmanager = {
enable = true; enable = true;
enableStrongSwan = true; enableStrongSwan = true;

4
nixos/essential.nix
View File

@ -15,6 +15,9 @@ let
python-with-my-packages = pkgs.python3.withPackages my-python-packages; python-with-my-packages = pkgs.python3.withPackages my-python-packages;
in in
{ {
nixpkgs.overlays = [
(import ../dotfiles/config/xmonad/overlay.nix)
];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
python-with-my-packages python-with-my-packages
@ -75,6 +78,7 @@ in
playerctl playerctl
# Tools # Tools
cachix
binutils binutils
gawk gawk
gitFull gitFull

4
nixos/flake.nix
View File

@ -78,6 +78,10 @@
system = "aarch64-linux"; system = "aarch64-linux";
modules = [ forAll piHardware ./machines/biskcomp.nix ]; modules = [ forAll piHardware ./machines/biskcomp.nix ];
}; };
air-gapped-pi = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [ forAll piHardware ./machines/air-gapped-pi.nix ];
};
}; };
}; };
} }

13
nixos/machines/air-gapped-pi.nix Normal file
View File

@ -0,0 +1,13 @@
{
imports = [
../internet-computer.nix
../raspberry-pi.nix
../base.nix
];
networking.hostName = "air-gapped-pi";
hardware.video.hidpi.enable = true;
networking.enable = false;
system.stateVersion = "21.05";
}

1
nixos/machines/biskcomp.nix
View File

@ -2,6 +2,7 @@
imports = [ imports = [
../internet-computer.nix ../internet-computer.nix
../raspberry-pi.nix ../raspberry-pi.nix
../base.nix
]; ];
networking.hostName = "biskcomp"; networking.hostName = "biskcomp";

4
nixos/raspberry-pi.nix
View File

@ -1,10 +1,6 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
imports = [
./base.nix
];
hardware.raspberry-pi."4".fkms-3d.enable = true; hardware.raspberry-pi."4".fkms-3d.enable = true;
boot = { boot = {