mirror of
https://github.com/CHN-beta/nixos.git
synced 2024-10-23 07:08:45 +08:00
devices.vps4: setup
This commit is contained in:
parent
6f5a077821
commit
01b766e5ee
@ -12,19 +12,25 @@ inputs:
|
|||||||
{
|
{
|
||||||
btrfs =
|
btrfs =
|
||||||
{
|
{
|
||||||
"/dev/disk/by-uuid/24577c0e-d56b-45ba-8b36-95a848228600"."/boot" = "/boot";
|
"/dev/disk/by-uuid/403fe853-8648-4c16-b2b5-3dfa88aee351"."/boot" = "/boot";
|
||||||
"/dev/mapper/root" = { "/nix" = "/nix"; "/nix/rootfs/current" = "/"; };
|
"/dev/mapper/root" = { "/nix" = "/nix"; "/nix/rootfs/current" = "/"; };
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
decrypt.manual =
|
||||||
|
{
|
||||||
|
enable = true;
|
||||||
|
devices."/dev/disk/by-uuid/bf7646f9-496c-484e-ada0-30335da57068" = { mapper = "root"; ssd = true; };
|
||||||
|
delayedMount = [ "/" ];
|
||||||
|
};
|
||||||
swap = [ "/nix/swap/swap" ];
|
swap = [ "/nix/swap/swap" ];
|
||||||
rollingRootfs = {};
|
rollingRootfs = {};
|
||||||
};
|
};
|
||||||
grub.installDevice = "/dev/disk/by-path/pci-0000:00:05.0-scsi-0:0:0:0";
|
grub.installDevice = "/dev/disk/by-path/pci-0000:00:04.0";
|
||||||
nixpkgs.march = "znver2";
|
nixpkgs.march = "znver2";
|
||||||
nix.substituters = [ "https://cache.nixos.org/" "https://nix-store.chn.moe" ];
|
nix.substituters = [ "https://cache.nixos.org/" "https://nix-store.chn.moe" ];
|
||||||
initrd.sshd.enable = true;
|
initrd.sshd.enable = true;
|
||||||
networking = { hostname = "vps4"; networkd = {}; };
|
networking = { hostname = "vps4"; networkd = {}; };
|
||||||
kernel.variant = "cachyos-server";
|
kernel.variant = "xanmod-latest";
|
||||||
};
|
};
|
||||||
services =
|
services =
|
||||||
{
|
{
|
||||||
|
BIN
modules/system/fileSystems/vps4.key
Normal file
BIN
modules/system/fileSystems/vps4.key
Normal file
Binary file not shown.
@ -61,6 +61,7 @@ inputs:
|
|||||||
cat = "${inputs.pkgs.coreutils}/bin/cat";
|
cat = "${inputs.pkgs.coreutils}/bin/cat";
|
||||||
gpg = "${inputs.pkgs.gnupg}/bin/gpg";
|
gpg = "${inputs.pkgs.gnupg}/bin/gpg";
|
||||||
ssh = "${inputs.pkgs.openssh}/bin/ssh";
|
ssh = "${inputs.pkgs.openssh}/bin/ssh";
|
||||||
|
# generate using echo -n key | gpg --encrypt --recipient chn > xxx.key
|
||||||
in inputs.pkgs.writeShellScriptBin "remote-decrypt" (builtins.concatStringsSep "\n"
|
in inputs.pkgs.writeShellScriptBin "remote-decrypt" (builtins.concatStringsSep "\n"
|
||||||
(
|
(
|
||||||
(builtins.map (system: builtins.concatStringsSep "\n"
|
(builtins.map (system: builtins.concatStringsSep "\n"
|
||||||
|
Loading…
Reference in New Issue
Block a user