fina: add core modules

author: Fuwn <[email protected]> 2024-09-30 23:19:46 -0700
committer: Fuwn <[email protected]> 2024-09-30 23:19:46 -0700
commit: bc1a46ec0e37eb5d058e18cb901da9b8f7681f34 (patch)
tree: a367dea8f03624494a93fe80b0f65b9c9a09ab3c
parent: fina: add initial hashed password (diff)
download: nixos-config-bc1a46ec0e37eb5d058e18cb901da9b8f7681f34.tar.xz
nixos-config-bc1a46ec0e37eb5d058e18cb901da9b8f7681f34.zip
4 files changed, 62 insertions, 50 deletions
diff --git a/.sops.yaml b/.sops.yaml
index 59d1aef..7590870 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -4,6 +4,7 @@ keys:
   - &hosts:
     - &kansai age1epapum5m42qz9rf6nthadtlv74uxux5xqfwkcs3ly875ft5r236ql7lh5h
     - &himeji age14dpp7649l9j8yt4kmnk90pnxplq3eur9xq2t3ujsrqk5luyj8fzq45dghu
+    - &fina age1zw2q6fqm8zf6swcdrqxyng08ev5xg0s8m5u93q40h5ul3yu8ddwq9q6vfu
 
 creation_rules:
   - path_regex: secrets/hosts.ya?ml$
@@ -11,6 +12,7 @@ creation_rules:
       - age:
           - *kansai
           - *himeji
+          - *fina
   - path_regex: secrets/ebisu.ya?ml$
     key_groups:
       - age:
diff --git a/hosts/default.nix b/hosts/default.nix
index ffe2153..2be5a49 100644
--- a/hosts/default.nix
+++ b/hosts/default.nix
@@ -63,13 +63,17 @@ in
     };
 
     fina = nixosSystem {
-      modules = [ ./fina ];
-
       pkgs =
         (kansaiPkgs {
           nixpkgsAllowUnfree = true;
         })."x86_64-linux";
 
+      modules = with inputs; [
+        ./fina
+        nix-index-database.nixosModules.nix-index
+        sops-nix.nixosModules.sops
+      ];
+
       specialArgs = {
         inherit
           inputs
diff --git a/hosts/fina/default.nix b/hosts/fina/default.nix
index cffaed2..6e0102c 100644
--- a/hosts/fina/default.nix
+++ b/hosts/fina/default.nix
@@ -1,75 +1,81 @@
 {
   pkgs,
   secrets,
+  self,
   ...
 }:
 {
   imports = [
     ./hardware-configuration.nix
+    "${self}/modules/core"
+    "${self}/modules/options"
   ];
 
-  time.timeZone = "America/Los_Angeles";
-  i18n.defaultLocale = "en_US.UTF-8";
-  console.keyMap = "us";
-  system.stateVersion = "24.05";
+  config = {
+    modules.nix.extend = false;
+    time.timeZone = "America/Los_Angeles";
+    i18n.defaultLocale = "en_US.UTF-8";
+    console.keyMap = "us";
+    system.stateVersion = "24.05";
 
-  boot = {
-    loader.systemd-boot.enable = true;
-    loader.efi.canTouchEfiVariables = true;
-  };
+    boot = {
+      loader.systemd-boot.enable = true;
+      loader.efi.canTouchEfiVariables = true;
+    };
 
-  networking = {
-    hostName = "fina";
-    networkmanager.enable = true;
-  };
+    networking = {
+      hostName = "fina";
+      networkmanager.enable = true;
+    };
 
-  services = {
-    desktopManager.plasma6.enable = true;
-    printing.enable = true;
-    libinput.enable = true;
+    services = {
+      desktopManager.plasma6.enable = true;
+      printing.enable = true;
+      libinput.enable = true;
 
-    displayManager.sddm = {
-      enable = true;
-      wayland.enable = true;
-    };
+      displayManager.sddm = {
+        enable = true;
+        wayland.enable = true;
+      };
 
-    xserver.xkb = {
-      layout = "us";
-      options = "caps:escape";
-    };
+      xserver.xkb = {
+        layout = "us";
+        options = "caps:escape";
+      };
 
-    pipewire = {
-      enable = true;
-      pulse.enable = true;
-    };
+      pipewire = {
+        enable = true;
+        pulse.enable = true;
+      };
 
-    openssh = {
-      enable = true;
-      settings.PermitRootLogin = "yes";
+      openssh = {
+        enable = true;
+        settings.PermitRootLogin = "yes";
+      };
     };
-  };
 
-  users.users = {
-    root.initialHashedPassword = secrets.initial_hashed_password;
+    users.users = {
+      root.initialHashedPassword = secrets.initial_hashed_password;
 
-    ebisu = {
-      isNormalUser = true;
-      extraGroups = [ "wheel" ];
-      initialHashedPassword = secrets.initial_hashed_password;
+      ebisu = {
+        isNormalUser = true;
+        extraGroups = [ "wheel" ];
+        initialHashedPassword = secrets.initial_hashed_password;
+      };
     };
-  };
 
-  environment.systemPackages = with pkgs; [
-    vim
-    wget
-  ];
+    environment.systemPackages = with pkgs; [
+      vim
+      wget
+    ];
 
-  programs = {
-    mtr.enable = true;
+    programs = {
+      mtr.enable = true;
 
-    gnupg.agent = {
-      enable = true;
-      enableSSHSupport = true;
+      gnupg.agent = {
+        enable = true;
+        enableSSHSupport = true;
+      };
     };
   };
 }
diff --git a/secrets/hosts.yaml b/secrets/hosts.yaml
index 76727ac..28b1cce 100644
--- a/secrets/hosts.yaml
+++ b/secrets/hosts.yaml
author	Fuwn <[email protected]>	2024-09-30 23:19:46 -0700
committer	Fuwn <[email protected]>	2024-09-30 23:19:46 -0700
commit	bc1a46ec0e37eb5d058e18cb901da9b8f7681f34 (patch)
tree	a367dea8f03624494a93fe80b0f65b9c9a09ab3c
parent	fina: add initial hashed password (diff)
download	nixos-config-bc1a46ec0e37eb5d058e18cb901da9b8f7681f34.tar.xz nixos-config-bc1a46ec0e37eb5d058e18cb901da9b8f7681f34.zip