nixos-conf/machine-confs/helium.nix

{ config, pkgs, ... }:
{
  networking = {
    hostName = "helium";

    firewall.allowedUDPPorts = [
      51820
      51821
    ];

    wg-quick.interfaces = {
      wg0 = {
        autostart = true;
        address = [ "172.16.0.2/24" ];
        dns = [
          "192.168.0.1"
          "vsinerva.fi"
        ];
        privateKeyFile = "/root/wireguard-keys/privatekey-home";
        listenPort = 51820;

        peers = [
          {
            publicKey = "f9QoYPxyaxylUcOI9cE9fE9DJoEX4c6GUtr4p+rsd34=";
            allowedIPs = [ "0.0.0.0/0" ];
            endpoint = "wg.vsinerva.fi:51820";
          }
        ];
      };
      wg1 = {
        autostart = false;
        address = [ "10.100.0.7/24" ];
        dns = [ "1.1.1.1" ];
        privateKeyFile = "/root/wireguard-keys/privatekey-netflix";
        listenPort = 51821;

        peers = [
          {
            publicKey = "XSYHg0utIR1j7kRsWFwuWNo4RPD47KP53cVa6qDPtRE=";
            allowedIPs = [
              "0.0.0.0/0"
              "192.168.0.0/24"
            ];
            endpoint = "netflix.vsinerva.fi:51821";
          }
        ];
      };
    };
  };

  nix.settings = {
    cores = 3;
    max-jobs = 4;
  };

  services.openssh.enable = pkgs.lib.mkForce false;
  services.fail2ban.enable = pkgs.lib.mkForce false;

  imports = [
    ../base.nix
    ../users/vili.nix
    ../desktop.nix
    ../development.nix
    ../services/syncthing.nix
    ../services/redshift.nix
    ../services/game-streaming.nix
    ../hardware-specific/keychron-q11.nix
    ../hardware-specific/trackball.nix
    ../hardware-specific/amd-laptop.nix
    ../hardware-specific/usb-automount.nix
  ];

  services.xserver.displayManager.setupCommands = ''
    ${pkgs.xorg.xrandr}/bin/xrandr --output DisplayPort-0 --auto --pos 0x0 --primary --output eDP --auto --pos 3840x360
  '';

  boot = {
    resumeDevice = "/dev/mapper/luks-f6e1979b-0dee-4ee9-8170-10490019854b";
    kernelParams = [ "resume_offset=44537856" ];

    loader = {
      systemd-boot.enable = true;
      efi.canTouchEfiVariables = true;
    };
  };

  swapDevices = [
    {
      device = "/var/lib/swapfile";
      size = 16 * 1024;
    }
  ];
}
Format files 2024-07-20 17:35:00 +03:00			`{ config, pkgs, ... }:`
Init 2024-05-23 13:39:48 +03:00			`{`
Auto-indent every file 2024-06-02 05:53:39 +03:00			`networking = {`
			`hostName = "helium";`
Split generic parts out of machine-confs/helium.nix 2024-06-06 21:12:13 +03:00
Format every file 2024-06-02 16:18:19 +03:00			`firewall.allowedUDPPorts = [`
			`51820`
			`51821`
			`];`
Split generic parts out of machine-confs/helium.nix 2024-06-06 21:12:13 +03:00
Auto-indent every file 2024-06-02 05:53:39 +03:00			`wg-quick.interfaces = {`
			`wg0 = {`
Set wireguard to autostart on helium 2024-07-31 00:12:07 +03:00			`autostart = true;`
Auto-indent every file 2024-06-02 05:53:39 +03:00			`address = [ "172.16.0.2/24" ];`
Format every file 2024-06-02 16:18:19 +03:00			`dns = [`
			`"192.168.0.1"`
			`"vsinerva.fi"`
			`];`
Auto-indent every file 2024-06-02 05:53:39 +03:00			`privateKeyFile = "/root/wireguard-keys/privatekey-home";`
			`listenPort = 51820;`
Init 2024-05-23 13:39:48 +03:00
Auto-indent every file 2024-06-02 05:53:39 +03:00			`peers = [`
			`{`
			`publicKey = "f9QoYPxyaxylUcOI9cE9fE9DJoEX4c6GUtr4p+rsd34=";`
			`allowedIPs = [ "0.0.0.0/0" ];`
			`endpoint = "wg.vsinerva.fi:51820";`
			`}`
			`];`
			`};`
			`wg1 = {`
			`autostart = false;`
			`address = [ "10.100.0.7/24" ];`
			`dns = [ "1.1.1.1" ];`
			`privateKeyFile = "/root/wireguard-keys/privatekey-netflix";`
			`listenPort = 51821;`
Init 2024-05-23 13:39:48 +03:00
Auto-indent every file 2024-06-02 05:53:39 +03:00			`peers = [`
			`{`
			`publicKey = "XSYHg0utIR1j7kRsWFwuWNo4RPD47KP53cVa6qDPtRE=";`
Format every file 2024-06-02 16:18:19 +03:00			`allowedIPs = [`
			`"0.0.0.0/0"`
			`"192.168.0.0/24"`
			`];`
Auto-indent every file 2024-06-02 05:53:39 +03:00			`endpoint = "netflix.vsinerva.fi:51821";`
			`}`
			`];`
			`};`
			`};`
			`};`
Init 2024-05-23 13:39:48 +03:00
Auto-indent every file 2024-06-02 05:53:39 +03:00			`nix.settings = {`
			`cores = 3;`
			`max-jobs = 4;`
			`};`
Init 2024-05-23 13:39:48 +03:00
Disable ssh and fail2ban from helium, as they are not needed 2024-07-31 00:54:56 +03:00			`services.openssh.enable = pkgs.lib.mkForce false;`
			`services.fail2ban.enable = pkgs.lib.mkForce false;`

Auto-indent every file 2024-06-02 05:53:39 +03:00			`imports = [`
			`../base.nix`
Reorganize files into folders 2024-06-06 16:53:15 +03:00			`../users/vili.nix`
Auto-indent every file 2024-06-02 05:53:39 +03:00			`../desktop.nix`
			`../development.nix`
Split generic parts out of machine-confs/helium.nix 2024-06-06 21:12:13 +03:00			`../services/syncthing.nix`
			`../services/redshift.nix`
			`../services/game-streaming.nix`
			`../hardware-specific/keychron-q11.nix`
			`../hardware-specific/trackball.nix`
			`../hardware-specific/amd-laptop.nix`
			`../hardware-specific/usb-automount.nix`
Auto-indent every file 2024-06-02 05:53:39 +03:00			`];`
Init 2024-05-23 13:39:48 +03:00
Split generic parts out of machine-confs/helium.nix 2024-06-06 21:12:13 +03:00			`services.xserver.displayManager.setupCommands = ''`
			`${pkgs.xorg.xrandr}/bin/xrandr --output DisplayPort-0 --auto --pos 0x0 --primary --output eDP --auto --pos 3840x360`
			`'';`
Init 2024-05-23 13:39:48 +03:00
Split generic parts out of machine-confs/helium.nix 2024-06-06 21:12:13 +03:00			`boot = {`
			`resumeDevice = "/dev/mapper/luks-f6e1979b-0dee-4ee9-8170-10490019854b";`
			`kernelParams = [ "resume_offset=44537856" ];`
Format every file 2024-06-02 16:18:19 +03:00
Split generic parts out of machine-confs/helium.nix 2024-06-06 21:12:13 +03:00			`loader = {`
			`systemd-boot.enable = true;`
			`efi.canTouchEfiVariables = true;`
Auto-indent every file 2024-06-02 05:53:39 +03:00			`};`
Format every file 2024-06-02 16:18:19 +03:00			`};`
Init 2024-05-23 13:39:48 +03:00
Format every file 2024-06-02 16:18:19 +03:00			`swapDevices = [`
			`{`
			`device = "/var/lib/swapfile";`
			`size = 16 * 1024;`
			`}`
			`];`
Init 2024-05-23 13:39:48 +03:00			`}`