framework-2024-12-03-15-01-23

machine/framework/configuration.nix

@@ -21,24 +21,13 @@ in {
   ];
 
   sops = {
-    defaultSopsFile = ../../secrets/secrets.yaml;
-    validateSopsFiles = true;
-    age = {
-      sshKeyPaths = ["/persist/etc/ssh/ssh_host_ed25519_key"];
-      keyFile = "/var/lib/sops-nix/key.txt";
-      generateKey = true;
-    };
+    defaultSopsFile = ../../secrets-framework.yaml;
 
     secrets = {
       borg-key = {
-        sopsFile = ../../secrets/secrets-framework.yaml;
         owner = config.users.users.alex.name;
         group = config.users.users.alex.group;
       };
-
-      hashedPassword = {
-        neededForUsers = true;
-      };
     };
   };
 
@@ -224,11 +213,6 @@ in {
       # fahviewer
       # fahcontrol
     ];
-    # persistence."/persist" = {
-    #   directories = [
-    #     # "/var/lib/samba"
-    #   ];
-    # };
   };
 
   # Partition swapfile is on (after LUKS decryption)

machine/framework/hardware-configuration.nix

@@ -1,6 +1,3 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
 {
   config,
   lib,
@@ -19,21 +16,23 @@
     "usb_storage"
     "sd_mod"
   ];
-  # boot.initrd.kernelModules = [];
-  # boot.kernelModules = ["kvm-intel"];
-  # boot.extraModulePackages = [];
 
   fileSystems = {
+    # "/" = {
+    #   device = "/dev/disk/by-uuid/20780bfe-5714-4c2f-bf53-7296b76cfbdc";
+    #   fsType = "btrfs";
+    #   options = [
+    #     "subvol=root"
+    #     "discard=async"
+    #     "compress=zstd"
+    #     "nodiratime"
+    #     "noatime"
+    #   ];
+    # };
     "/" = {
-      device = "/dev/disk/by-uuid/20780bfe-5714-4c2f-bf53-7296b76cfbdc";
-      fsType = "btrfs";
-      options = [
-        "subvol=root"
-        "discard=async"
-        "compress=zstd"
-        "nodiratime"
-        "noatime"
-      ];
+      device = "none";
+      fsType = "tmpfs";
+      options = ["defaults" "size=16G" "mode=755"];
     };
     "/home" = {
       device = "/dev/disk/by-uuid/20780bfe-5714-4c2f-bf53-7296b76cfbdc";
@@ -86,24 +85,24 @@
       fsType = "vfat";
       options = ["fmask=0022" "dmask=0022"];
     };
-    #    "/home/alex/shared/storage" = {
-    #      device = "/dev/disk/by-uuid/58259976-4f63-4f60-a755-7870b08286e7";
-    #      fsType = "btrfs";
-    #      options = [
-    #        "subvol=@data"
-    #        "discard=async"
-    #        "compress=zstd"
-    #        "nodiratime"
-    #        "noatime"
-    #        "nofail"
-    #        "x-systemd.automount"
-    #      ];
-    #    };
+    "/home/alex/shared/storage" = {
+      device = "/dev/disk/by-uuid/58259976-4f63-4f60-a755-7870b08286e7";
+      fsType = "btrfs";
+      options = [
+        "subvol=@data"
+        "discard=async"
+        "compress=zstd"
+        "nodiratime"
+        "noatime"
+        "nofail"
+        "x-systemd.automount"
+      ];
+    };
   };
 
-  # environment.etc.crypttab.text = ''
-  #   luks-e36ec189-2211-4bcc-bb9d-46650443d76b UUID=e36ec189-2211-4bcc-bb9d-46650443d76b /persist/luks-key01
-  # '';
+  environment.etc.crypttab.text = ''
+    luks-e36ec189-2211-4bcc-bb9d-46650443d76b UUID=e36ec189-2211-4bcc-bb9d-46650443d76b /persist/luks-key01
+  '';
 
   swapDevices = [
     {
@@ -111,10 +110,6 @@
     }
   ];
 
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
   networking.useDHCP = lib.mkDefault true;
   # networking.interfaces.wlp166s0.useDHCP = lib.mkDefault true;