hosts/tv: init with basic kodi config
This commit is contained in:
parent
947f85b275
commit
db64c2090c
@ -231,6 +231,9 @@
|
||||
nixos-hardware.nixosModules.framework-13-7040-amd
|
||||
] "europa";
|
||||
clunk = buildSys "x86_64-linux" unstable [ ] "clunk";
|
||||
tv = buildSys "x86_64-linux" stable [
|
||||
nixos-hardware.nixosModules.framework-11th-gen-intel
|
||||
] "tv";
|
||||
orcim = buildSys "x86_64-linux" unstable [ ] "orcim";
|
||||
pwntie = buildSys "x86_64-linux" stable [ ] "pwntie";
|
||||
stan = buildSys "x86_64-linux" unstable [
|
||||
@ -367,7 +370,7 @@
|
||||
|
||||
checks =
|
||||
let
|
||||
buildList = [ "europa" "stan" "h" "box" "faf" "weather" "clunk" "orcim" ];
|
||||
buildList = [ "europa" "stan" "h" "box" "faf" "weather" "clunk" "orcim" "tv" ];
|
||||
in
|
||||
with unstable.lib;
|
||||
foldl' recursiveUpdate { } (mapAttrsToList
|
||||
|
69
hosts/tv/default.nix
Normal file
69
hosts/tv/default.nix
Normal file
@ -0,0 +1,69 @@
|
||||
{ pkgs
|
||||
, ...
|
||||
}:
|
||||
let
|
||||
pubKeys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO7v+/xS8832iMqJHCWsxUZ8zYoMWoZhjj++e26g1fLT europa"
|
||||
];
|
||||
myKodi = pkgs.kodi.withPackages (kp: [
|
||||
kp.somafm
|
||||
kp.jellyfin
|
||||
kp.invidious
|
||||
]);
|
||||
in
|
||||
{
|
||||
_module.args.isUnstable = false;
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
boot = {
|
||||
loader.grub = {
|
||||
enable = true;
|
||||
devices = [
|
||||
"/dev/disk/by-id/wwn-0x5001b448be78d64a"
|
||||
];
|
||||
};
|
||||
kernelPackages = pkgs.linuxPackages_latest;
|
||||
};
|
||||
|
||||
networking = {
|
||||
hostName = "tv";
|
||||
networkmanager.enable = true;
|
||||
firewall = {
|
||||
enable = true;
|
||||
allowedTCPPorts = [ 22 ];
|
||||
checkReversePath = "loose";
|
||||
};
|
||||
};
|
||||
|
||||
services = {
|
||||
fwupd = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
xserver = {
|
||||
libinput.enable = true;
|
||||
enable = true;
|
||||
desktopManager.kodi = {
|
||||
enable = true;
|
||||
package = myKodi;
|
||||
};
|
||||
videoDrivers = [ "intel" ];
|
||||
};
|
||||
};
|
||||
|
||||
users = {
|
||||
users = {
|
||||
root = { openssh.authorizedKeys.keys = pubKeys; };
|
||||
tv = {
|
||||
openssh.authorizedKeys.keys = pubKeys;
|
||||
isNormalUser = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
system = {
|
||||
stateVersion = "22.11";
|
||||
};
|
||||
}
|
34
hosts/tv/hardware-configuration.nix
Normal file
34
hosts/tv/hardware-configuration.nix
Normal file
@ -0,0 +1,34 @@
|
||||
{ config, lib, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot = {
|
||||
initrd = {
|
||||
availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "usb_storage" "ums_realtek" "sd_mod" ];
|
||||
kernelModules = [ ];
|
||||
};
|
||||
kernelModules = [ ];
|
||||
extraModulePackages = [ ];
|
||||
};
|
||||
|
||||
fileSystems."/" =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/d97f80ac-63fe-43d3-a3f5-3c385a41a068";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[{ device = "/dev/disk/by-uuid/b70a6cac-996e-4a05-a3d0-17c7acf90f08"; }];
|
||||
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware = {
|
||||
cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
bluetooth.enable = true;
|
||||
};
|
||||
}
|
@ -16,7 +16,7 @@ in
|
||||
defaultUsers = {
|
||||
enable = mkOption {
|
||||
description = "Enable regular set of users";
|
||||
default = true;
|
||||
default = if (builtins.hasAttr "${config.networking.hostName}" config.xin-secrets) then true else false;
|
||||
example = true;
|
||||
type = lib.types.bool;
|
||||
};
|
||||
@ -26,14 +26,15 @@ in
|
||||
config =
|
||||
let
|
||||
inherit (config.networking) hostName;
|
||||
secretAttrs = config.xin-secrets.${hostName}.user_passwords;
|
||||
hasQbit =
|
||||
if builtins.hasAttr "qbit" secretAttrs then
|
||||
true
|
||||
else false;
|
||||
if (builtins.hasAttr hostName config.xin-secrets) &&
|
||||
(builtins.hasAttr "qbit" config.xin-secrets.${hostName}.user_passwords) then true else false;
|
||||
in
|
||||
mkIf config.defaultUsers.enable {
|
||||
sops =
|
||||
let
|
||||
secretAttrs = config.xin-secrets.${hostName}.user_passwords;
|
||||
in
|
||||
{
|
||||
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||
secrets = mkMerge [
|
||||
|
Loading…
Reference in New Issue
Block a user