lily/LiNix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

encrypted server

Browse Source
This commit is contained in:
Lily Anderson
2026-02-22 15:52:07 -06:00
parent 577f69db46
commit 48a3557e16
2 changed files with 23 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/hosts/server/configuration.nix
View File

@@ -30,7 +30,7 @@
self.packages.${pkgs.stdenv.hostPlatform.system}.nh self.packages.${pkgs.stdenv.hostPlatform.system}.nh
]; ];
system.stateVersion = "24.11"; system.stateVersion = "25.11";
}; };
} }

54
modules/hosts/server/hardware-configuration.nix
View File

@@ -1,40 +1,30 @@
{ {
flake.nixosModules.serverHardware = { config, lib, modulesPath, ... }: { flake.nixosModules.serverHardware = { config, lib, modulesPath, ... }: {
imports = [ imports =
(modulesPath + "/installer/scan/not-detected.nix") [ (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems = { boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
"/" = { boot.initrd.kernelModules = [ ];
device = "/dev/disk/by-uuid/208d39a0-fa7d-4fe4-be61-8867e7a51bc8"; boot.kernelModules = [ "kvm-intel" ];
fsType = "ext4"; boot.extraModulePackages = [ ];
};
"/boot" = { fileSystems."/" =
device = "/dev/disk/by-uuid/AED2-D209"; { device = "/dev/mapper/luks-e2bd2b2f-7f88-4f4c-8b1f-1033f5bca401";
fsType = "vfat"; fsType = "ext4";
options = [ "fmask=0077" "dmask=0077" ];
};
}; };
swapDevices = [ { boot.initrd.luks.devices."luks-e2bd2b2f-7f88-4f4c-8b1f-1033f5bca401".device = "/dev/disk/by-uuid/e2bd2b2f-7f88-4f4c-8b1f-1033f5bca401";
device = "/dev/disk/by-uuid/ec9d9773-d48b-4221-af73-7c365fe0966d";
} ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking fileSystems."/boot" =
# (the default) this is the recommended approach. When using systemd-networkd it's { device = "/dev/disk/by-uuid/7786-BA6A";
# still possible to use this option, but it's recommended to use it in conjunction fsType = "vfat";
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. options = [ "fmask=0077" "dmask=0077" ];
networking.useDHCP = lib.mkDefault true; };
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; swapDevices = [ ];
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
};
} }