Luke Else
82e18d878b
Some checks failed
NixOS Configuration Check / nixos-check (push) Failing after 23s
58 lines
1.1 KiB
Nix
58 lines
1.1 KiB
Nix
{ config, pkgs, ... }:
|
|
|
|
{
|
|
# Bootloader: systemd-boot with EFI support
|
|
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
|
|
|
# Use systemd-boot instead of GRUB
|
|
boot.loader = {
|
|
systemd-boot.enable = true;
|
|
efi.canTouchEfiVariables = true;
|
|
};
|
|
|
|
boot.initrd = {
|
|
supportedFilesystems = [ "ext4" ];
|
|
luks.devices."cryptroot".device = "/dev/disk/by-partlabel/cryptroot";
|
|
};
|
|
|
|
fileSystems."/" = {
|
|
device = "/dev/mapper/cryptroot";
|
|
fsType = "ext4";
|
|
};
|
|
|
|
fileSystems."/boot" = {
|
|
device = "/dev/disk/by-partlabel/ESP";
|
|
fsType = "vfat";
|
|
};
|
|
|
|
swapDevices = [{
|
|
device = "/swapfile";
|
|
size = 4096;
|
|
}];
|
|
|
|
# Locale and timezone
|
|
time.timeZone = "Europe/London";
|
|
i18n.defaultLocale = "en_GB.UTF-8";
|
|
|
|
# Enable SSH
|
|
services.openssh = {
|
|
enable = true;
|
|
settings = {
|
|
PermitRootLogin = "no";
|
|
PasswordAuthentication = false;
|
|
};
|
|
};
|
|
|
|
# Enable Docker
|
|
virtualisation.docker.enable = true;
|
|
|
|
# PipeWire for audio
|
|
services.pipewire = {
|
|
enable = true;
|
|
pulse.enable = true;
|
|
};
|
|
|
|
# Bluetooth
|
|
services.blueman.enable = true;
|
|
}
|