jan/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add nimbus

Browse source 
Oracle Cloud
This commit is contained in:
Jan Kremer 2026-03-25 16:52:29 +01:00
parent f63dbebd61
commit 6413bbefba
No known key found for this signature in database
5 changed files with 178 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

8
flake.nix
View file

@ -44,6 +44,14 @@
modules = [ ./hosts/galanthus/configuration.nix ]; modules = [ ./hosts/galanthus/configuration.nix ];
}; };
nixosConfigurations.nimbus = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs;
};
modules = [ ./hosts/nimbus/configuration.nix ];
};
formatter.aarch64-darwin = nixpkgs.legacyPackages.aarch64-darwin.nixfmt-tree; formatter.aarch64-darwin = nixpkgs.legacyPackages.aarch64-darwin.nixfmt-tree;
}; };
} }

12
hosts/galanthus/configuration.nix
View file

@ -56,10 +56,20 @@
"render" "render"
"video" "video"
]; ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTpgedzJ7vs3GMOjUeQGkAzGhNZRhvMMz9Z1whaWieE jan@malus"
];
}; };
services = { services = {
openssh.enable = true; openssh = {
enable = true;
settings = {
PermitRootLogin = "no"; # Root-Login sperren
PasswordAuthentication = false; # Nur SSH-Keys
};
};
tailscale.extraUpFlags = [ "--ssh" ];
}; };
programs = { programs = {

108
hosts/nimbus/configuration.nix Normal file
View file

@ -0,0 +1,108 @@
{
inputs,
pkgs,
config,
lib,
...
}:
{
imports = [
inputs.agenix.nixosModules.default
./hardware-configuration.nix
../../modules/nixos/tailscale.nix
];
# Workaround for https://github.com/NixOS/nix/issues/8502
services.logrotate.checkConfig = false;
boot = {
tmp.cleanOnBoot = true;
};
zramSwap.enable = true;
security.sudo.extraConfig = ''
Defaults lecture = never
Defaults pwfeedback
Defaults env_keep += "DISPLAY EDITOR PATH"
'';
networking = {
hostName = "nimbus";
networkmanager.enable = true;
domain = "subnet03200816.vcn03200816.oraclevcn.com";
};
nix = {
settings = {
experimental-features = [
"nix-command"
"flakes"
];
trusted-users = [ "jan" ];
};
};
users.users.jan = {
isNormalUser = true;
description = "Jan Kremer";
extraGroups = [
"networkmanager"
"wheel"
];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTpgedzJ7vs3GMOjUeQGkAzGhNZRhvMMz9Z1whaWieE jan@malus"
];
};
services = {
openssh = {
enable = true;
settings = {
PermitRootLogin = "no"; # Root-Login sperren
PasswordAuthentication = false; # Nur SSH-Keys
};
};
};
programs = {
git = {
enable = true;
lfs = {
enable = true;
enablePureSSHTransfer = true;
};
};
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
nh = {
enable = true;
clean = {
enable = true;
extraArgs = "--keep-since 7d --keep 3";
};
flake = "${config.users.users.jan.home}/.config/nix";
};
};
# environment.systemPackages = with pkgs; [
# helix
# claude-code
# ];
nixpkgs.config.allowUnfreePredicate =
pkg:
builtins.elem (lib.getName pkg) [
"claude-code"
];
time.timeZone = "Europe/Berlin";
i18n.defaultLocale = "de_DE.UTF-8";
system.stateVersion = "23.11"; # Don't change!
}

51
hosts/nimbus/hardware-configuration.nix Normal file
View file

@ -0,0 +1,51 @@
{
lib,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
boot.loader = {
efi.efiSysMountPoint = "/boot/efi";
grub = {
efiSupport = true;
efiInstallAsRemovable = true;
device = "nodev";
};
};
boot.initrd = {
availableKernelModules = [
"ata_piix"
"uhci_hcd"
"xen_blkfront"
"vmw_pvscsi"
];
kernelModules = [ "nvme" ];
};
fileSystems = {
"/boot/efi" = {
device = "/dev/disk/by-uuid/349C-BCCC";
fsType = "vfat";
};
"/" = {
device = "/dev/mapper/ocivolume-root";
fsType = "xfs";
};
};
# fileSystems.swapDevices = [
# {
# device = "/swapfile";
# size = 1024; # 1GB
# }
# ];
# networking = {
# useDHCP = lib.mkDefault true;
# };
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

2
modules/nixos/tailscale.nix
View file

@ -3,8 +3,6 @@
services.tailscale = { services.tailscale = {
enable = true; enable = true;
useRoutingFeatures = "both"; useRoutingFeatures = "both";
extraUpFlags = [ "--ssh" ];
# serve = { # serve = {
# enable = true; # enable = true;
# services = { # services = {