# Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. { config, lib, inputs, ... }: let sanoidConfig = import ./config/sanoid.nix { }; disks = import ./config/disks.nix; smartdDevices = map (device: { inherit device; }) disks; in { imports = [ inputs.disko.nixosModules.disko (import ../../profiles/disko-nixos.nix { disks = [ "/dev/sda|/dev/disk/by-id/nvme-Samsung_SSD_970_EVO_Plus_500GB_S58SNM0W406409E" ]; }) inputs.nix-minecraft.nixosModules.minecraft-servers ]; boot = { initrd = { kernelModules = [ "nfs" ]; supportedFilesystems = [ "nfs" ]; }; kernelModules = [ "vfio" "vfio_iommu_type1" "vfio_pci" "vfio_virqfd" ]; extraModulePackages = [ ]; kernelParams = [ "zfs.zfs_arc_max=107374182400" ]; # 100GB }; swapDevices = [ ]; hardware = { cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; nvidia.open = true; # TODO: Swap these once I switch to 24.11 # graphics.enable = true; opengl.enable = true; nvidia-container-toolkit.enable = true; }; users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAGSFTSVPt43PBpSMSF1dGTzN2JbxztDZUml7g4+PnWe CSI-Driver@talos" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBROTzSefJGJeCNUgNLbE5l4sHHg2fHUO4sCwqvP+zAd root@Gollum" ]; # Network settings networking = { hostName = "shadowfax"; hostId = "a885fabe"; useDHCP = false; # needed for bridge networkmanager.enable = true; firewall.enable = false; interfaces = { "enp36s0f0".useDHCP = true; "enp36s0f1".useDHCP = true; }; }; sops = { secrets = { }; }; # Home Manager home-manager.users.jahanson = { # Git settings # TODO: Move to config module. programs.git = { enable = true; userName = "Joseph Hanson"; userEmail = "joe@veri.dev"; extraConfig = { core.autocrlf = "input"; init.defaultBranch = "main"; pull.rebase = true; rebase.autoStash = true; }; }; }; programs = { # 1Password cli _1password.enable = true; # VSCode Compatibility Settings nix-ld.enable = true; }; services = { xserver.videoDrivers = [ "nvidia" ]; # # Minecraft # minecraft-servers = { # # Me cc858467-2744-4c22-8514-86568fefd03b # enable = true; # eula = true; # servers.eregion = { # enable = true; # package = pkgs.fabricServers.fabric; # serverProperties = { # motd = "§6§lEregion§r §7- §6§lMinecraft§r"; # }; # symlinks = { # mods = pkgs.linkFarmFromDrvs "mods" ( # builtins.attrValues { # LanAnnouncer = pkgs.fetchurl { # url = "https://cdn.modrinth.com/data/eVUWDaxc/versions/ZKZr8EfM/lanannouncer-1.0.2.jar"; # sha512 = "f2833b12a2e07390c4969ce95c5c9b759e3ddff0b9610054ff4e731a287789280b2c1b801bd08efe685da0d16daebf0562f15af2c86edd481c62f47ec21699c6"; # }; # } # ); # }; # }; # }; # Smart daemon for monitoring disk health. smartd = { devices = smartdDevices; # Short test every day at 2:00 AM and long test every Sunday at 4:00 AM. defaults.monitored = "-a -o on -s (S/../.././02|L/../../7/04)"; }; # Soft Serve - SSH git server soft-serve = { enable = true; settings = import ./config/soft-serve.nix { }; }; # VSCode Compatibility Settings vscode-server = { enable = true; }; # ZFS Exporter prometheus.exporters.zfs.enable = true; }; # sops sops.secrets = { "syncthing/publicCert" = { sopsFile = ./secrets.sops.yaml; owner = "jahanson"; mode = "400"; restartUnits = [ "syncthing.service" ]; }; "syncthing/privateKey" = { sopsFile = ./secrets.sops.yaml; owner = "jahanson"; mode = "400"; restartUnits = [ "syncthing.service" ]; }; }; # System settings and services. mySystem = { purpose = "Production"; # Containers containers = { jellyfin.enable = true; ollama.enable = true; plex.enable = true; scrypted.enable = true; }; # System system = { motd.networkInterfaces = [ "enp36s0f0" ]; # Incus incus = { enable = true; preseed = import ./config/incus-preseed.nix { }; }; # ZFS zfs.enable = true; zfs.mountPoolsAtBoot = [ "nahar" "moria" ]; # NFS nfs.enable = true; resticBackup = { local.enable = false; remote.enable = false; local.noWarning = true; remote.noWarning = true; }; }; # Services services = { podman.enable = true; libvirt-qemu.enable = true; # Syncthing syncthing = { enable = true; user = "jahanson"; publicCertPath = config.sops.secrets."syncthing/publicCert".path; privateKeyPath = config.sops.secrets."syncthing/privateKey".path; }; # Scrutiny scrutiny = { enable = true; devices = disks; extraCapabilities = [ "SYS_RAWIO" ]; containerVolumeLocation = "/nahar/containers/volumes/scrutiny"; port = 8585; }; # Sanoid sanoid = { enable = true; inherit (sanoidConfig.outputs) templates datasets; }; }; }; }