diff --git a/common.nix b/common.nix index 9411bbd..8662a25 100644 --- a/common.nix +++ b/common.nix @@ -62,12 +62,6 @@ in # enable fast dbus services.dbus.implementation = "broker"; - # ensure we scrub the btrfs sometimes - services.btrfs.autoScrub = { - enable = true; - interval = "weekly"; - }; - # allow all firmware hardware.enableAllFirmware = true; @@ -80,8 +74,9 @@ in services.openssh = { # enable with public key only auth enable = true; - settings.PasswordAuthentication = false; - settings.KbdInteractiveAuthentication = false; + settings.PasswordAuthentication = true; + settings.KbdInteractiveAuthentication = true; + ettings.PermitRootLogin = "yes"; # only ed25519 keys, make them persistent hostKeys = [{ @@ -458,10 +453,10 @@ in users.users.root = { # init password - hashedPassword = builtins.readFile "/data/nixos/password.secret"; + hashedPassword = builtins.readFile "/mnt/data/nixos/password.secret"; # use same keys as my main user - openssh.authorizedKeys.keys = pkgs.lib.splitString "\n" (builtins.readFile "/home/cullmann/.ssh/authorized_keys"); + # openssh.authorizedKeys.keys = pkgs.lib.splitString "\n" (builtins.readFile "/home/cullmann/.ssh/authorized_keys"); }; home-manager.users.root = { @@ -490,7 +485,7 @@ in extraGroups = [ "vboxusers" "wheel" ]; # init password - hashedPassword = builtins.readFile "/data/nixos/password.secret"; + hashedPassword = builtins.readFile "/mnt/data/nixos/password.secret"; }; home-manager.users.cullmann = { diff --git a/mini/configuration.nix b/mini/configuration.nix index 5210fdd..e4bd3c8 100644 --- a/mini/configuration.nix +++ b/mini/configuration.nix @@ -11,7 +11,7 @@ ./hardware-configuration.nix # Shared config of all machines - /data/nixos/common.nix + /mnt/data/nixos/common.nix ]; # amd graphics diff --git a/mini/hardware-configuration.nix b/mini/hardware-configuration.nix index ae24554..ff8a847 100644 --- a/mini/hardware-configuration.nix +++ b/mini/hardware-configuration.nix @@ -13,30 +13,28 @@ fileSystems."/" = { device = "none"; fsType = "tmpfs"; + neededForBoot = true; options = [ "defaults" "size=8G" "mode=755" ]; }; fileSystems."/boot" = - { device = "/dev/disk/by-uuid/F404-531A"; + { device = "/dev/disk/by-id/nvme-CT4000P3PSSD8_2325E6E63746-part1"; fsType = "vfat"; + neededForBoot = true; }; - # system - boot.initrd.luks.devices."crypt-system".device = "/dev/disk/by-uuid/22c208e6-579b-4d34-8f83-83aa4a7ab1c3"; - - # vms - boot.initrd.luks.devices."crypt-vms".device = "/dev/disk/by-id/ata-CT2000MX500SSD1_2138E5D5061F"; - fileSystems."/nix" = - { device = "/dev/mapper/crypt-system"; - fsType = "btrfs"; - options = [ "subvol=nix" "noatime" "nodiratime" ]; + { device = "/dev/disk/by-id/nvme-CT4000P3PSSD8_2325E6E63746-part2"; + fsType = "bcachefs"; + neededForBoot = true; + options = [ "noatime" "nodiratime" ]; }; fileSystems."/data" = - { device = "/dev/mapper/crypt-system"; - fsType = "btrfs"; - options = [ "subvol=data" "noatime" "nodiratime" ]; + { device = "/dev/disk/by-id/nvme-CT4000P3PSSD8_2325E6E63746-part3"; + fsType = "bcachefs"; + neededForBoot = true; + options = [ "noatime" "nodiratime" ]; }; fileSystems."/home" = @@ -57,13 +55,13 @@ options = [ "bind" ]; }; - fileSystems."/home/cullmann/vms" = - { - depends = [ "/home" ]; - device = "/dev/mapper/crypt-vms"; - fsType = "btrfs"; - options = [ "noatime" "nodiratime" ]; - }; +# fileSystems."/home/cullmann/vms" = +# { +# depends = [ "/home" ]; +# device = "/dev/mapper/crypt-vms"; +# fsType = "btrfs"; +# options = [ "noatime" "nodiratime" ]; +# }; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; diff --git a/mini/install.txt b/mini/install.txt index afd1c8a..c1167ae 100644 --- a/mini/install.txt +++ b/mini/install.txt @@ -31,7 +31,11 @@ sudo dd if=result/iso/nixos-24.05.20240108.317484b-x86_64-linux.iso of=/dev/sda efibootmgr efibootmgr -b 0 -B -... +efibootmgr -b 1 -B +efibootmgr -b 2 -B +efibootmgr -b 3 -B +efibootmgr -b 4 -B +efibootmgr # # install script below @@ -108,9 +112,11 @@ nixos-generate-config --root /mnt cp /mnt/etc/nixos/hardware-configuration.nix /tmp cp /mnt/etc/nixos/configuration.nix /tmp -# copy data +# copy config data -rsync --checksum -vaR --delete /data /mnt +# patch some paths there + +sudo scp -r /data/nixos root@192.168.13.100:/mnt/data # install