nix-config/hosts/common/core/system.nix

{
  inputs,
  lib,
  nodePath,
  pkgs,
  nodeName,
  ...
}: {
  rekey = {
    inherit
      (inputs.self.secrets)
      masterIdentities
      extraEncryptionPubkeys
      ;

    forceRekeyOnSystem = builtins.extraBuiltins.unsafeCurrentSystem;
    hostPubkey = let
      pubkeyPath = nodePath + "/secrets/host.pub";
    in
      lib.mkIf (lib.pathExists pubkeyPath || lib.trace "Missing pubkey for ${nodeName}: ${toString pubkeyPath} not found, using dummy replacement key for now." false)
      pubkeyPath;
  };
  boot = {
    initrd.systemd.enable = true;
    initrd.systemd.emergencyAccess = true;
    initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "usbhid" "sd_mod" "rtsx_pci_sdmmc"];
    supportedFilesystems = ["ntfs"];
    kernelModules = ["kvm-intel"];
    tmp.useTmpfs = true;
  };

  security.sudo.enable = false;

  time.timeZone = lib.mkDefault "Europe/Berlin";
  i18n.defaultLocale = "C.UTF-8";
  services.xserver = {
    layout = "de";
    xkbVariant = "bone";
  };
  console = {
    font = "ter-v28n";
    packages = with pkgs; [terminus_font];
    useXkbConfig = true; # use xkbOptions in tty.
    keyMap = lib.mkDefault "de-latin1-nodeadkeys";
  };

  users.mutableUsers = false;
  environment.systemPackages = with pkgs; [
    wget
    gcc
    tree
    rage
    file
    ripgrep
    killall
    fd
  ];

  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
}
feat: reworked directory structure of host 2023-05-18 06:57:58 +02:00			`{`
			`inputs,`
			`lib,`
			`nodePath,`
			`pkgs,`
			`nodeName,`
			`...`
			`}: {`
			`rekey = {`
			`inherit`
			`(inputs.self.secrets)`
			`masterIdentities`
			`extraEncryptionPubkeys`
			`;`

			`forceRekeyOnSystem = builtins.extraBuiltins.unsafeCurrentSystem;`
			`hostPubkey = let`
			`pubkeyPath = nodePath + "/secrets/host.pub";`
			`in`
			`lib.mkIf (lib.pathExists pubkeyPath \|\| lib.trace "Missing pubkey for ${nodeName}: ${toString pubkeyPath} not found, using dummy replacement key for now." false)`
			`pubkeyPath;`
			`};`
			`boot = {`
			`initrd.systemd.enable = true;`
fix: zfs mounting when using systemd initrd fix: enabled systemd emergency access 2023-05-18 18:41:40 +02:00			`initrd.systemd.emergencyAccess = true;`
feat: reworked directory structure of host 2023-05-18 06:57:58 +02:00			`initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "usbhid" "sd_mod" "rtsx_pci_sdmmc"];`
			`supportedFilesystems = ["ntfs"];`
			`kernelModules = ["kvm-intel"];`
			`tmp.useTmpfs = true;`
			`};`

			`security.sudo.enable = false;`

			`time.timeZone = lib.mkDefault "Europe/Berlin";`
			`i18n.defaultLocale = "C.UTF-8";`
			`services.xserver = {`
			`layout = "de";`
			`xkbVariant = "bone";`
			`};`
			`console = {`
			`font = "ter-v28n";`
			`packages = with pkgs; [terminus_font];`
			`useXkbConfig = true; # use xkbOptions in tty.`
			`keyMap = lib.mkDefault "de-latin1-nodeadkeys";`
			`};`

			`users.mutableUsers = false;`
			`environment.systemPackages = with pkgs; [`
			`wget`
			`gcc`
			`tree`
			`rage`
			`file`
			`ripgrep`
			`killall`
			`fd`
			`];`

			`powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";`
			`}`