forked from colonelpanic/dotfiles
[NixOS] Add airgapped machine
This commit is contained in:
parent
7eec5d3392
commit
8866d80e75
@ -6,10 +6,6 @@
|
|||||||
./essential.nix
|
./essential.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
nixpkgs.overlays = [
|
|
||||||
(import ../dotfiles/config/xmonad/overlay.nix)
|
|
||||||
];
|
|
||||||
|
|
||||||
# Allow all the things
|
# Allow all the things
|
||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
nixpkgs.config.permittedInsecurePackages = [
|
nixpkgs.config.permittedInsecurePackages = [
|
||||||
@ -19,7 +15,6 @@
|
|||||||
# Disabling these waits disables the stuck on boot up issue
|
# Disabling these waits disables the stuck on boot up issue
|
||||||
systemd.services.systemd-udev-settle.enable = false;
|
systemd.services.systemd-udev-settle.enable = false;
|
||||||
systemd.services.NetworkManager-wait-online.enable = false;
|
systemd.services.NetworkManager-wait-online.enable = false;
|
||||||
networking.firewall.enable = false;
|
|
||||||
|
|
||||||
# Security
|
# Security
|
||||||
programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
|
programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
|
||||||
@ -30,6 +25,7 @@
|
|||||||
include ipsec.d/ipsec.nm-l2tp.secrets
|
include ipsec.d/ipsec.nm-l2tp.secrets
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
networking.firewall.enable = false;
|
||||||
networking.networkmanager = {
|
networking.networkmanager = {
|
||||||
enable = true;
|
enable = true;
|
||||||
enableStrongSwan = true;
|
enableStrongSwan = true;
|
||||||
|
@ -15,6 +15,9 @@ let
|
|||||||
python-with-my-packages = pkgs.python3.withPackages my-python-packages;
|
python-with-my-packages = pkgs.python3.withPackages my-python-packages;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
nixpkgs.overlays = [
|
||||||
|
(import ../dotfiles/config/xmonad/overlay.nix)
|
||||||
|
];
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
python-with-my-packages
|
python-with-my-packages
|
||||||
|
|
||||||
@ -75,6 +78,7 @@ in
|
|||||||
playerctl
|
playerctl
|
||||||
|
|
||||||
# Tools
|
# Tools
|
||||||
|
cachix
|
||||||
binutils
|
binutils
|
||||||
gawk
|
gawk
|
||||||
gitFull
|
gitFull
|
||||||
|
@ -78,6 +78,10 @@
|
|||||||
system = "aarch64-linux";
|
system = "aarch64-linux";
|
||||||
modules = [ forAll piHardware ./machines/biskcomp.nix ];
|
modules = [ forAll piHardware ./machines/biskcomp.nix ];
|
||||||
};
|
};
|
||||||
|
air-gapped-pi = nixpkgs.lib.nixosSystem {
|
||||||
|
system = "aarch64-linux";
|
||||||
|
modules = [ forAll piHardware ./machines/air-gapped-pi.nix ];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
13
nixos/machines/air-gapped-pi.nix
Normal file
13
nixos/machines/air-gapped-pi.nix
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
{
|
||||||
|
imports = [
|
||||||
|
../internet-computer.nix
|
||||||
|
../raspberry-pi.nix
|
||||||
|
../base.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
networking.hostName = "air-gapped-pi";
|
||||||
|
hardware.video.hidpi.enable = true;
|
||||||
|
networking.enable = false;
|
||||||
|
|
||||||
|
system.stateVersion = "21.05";
|
||||||
|
}
|
@ -2,6 +2,7 @@
|
|||||||
imports = [
|
imports = [
|
||||||
../internet-computer.nix
|
../internet-computer.nix
|
||||||
../raspberry-pi.nix
|
../raspberry-pi.nix
|
||||||
|
../base.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
networking.hostName = "biskcomp";
|
networking.hostName = "biskcomp";
|
||||||
|
@ -1,10 +1,6 @@
|
|||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
|
||||||
./base.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
hardware.raspberry-pi."4".fkms-3d.enable = true;
|
hardware.raspberry-pi."4".fkms-3d.enable = true;
|
||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
|
Loading…
Reference in New Issue
Block a user