authentik yay

2025-09-07 00:11:16 +02:00 · 2025-09-07 00:11:16 +02:00 · f2fcbfb679
commit f2fcbfb679
parent d3a93fd115
34 changed files with 612 additions and 363 deletions
--- a/instances/picard/configuration.nix
+++ b/instances/picard/configuration.nix
@ -0,0 +1,32 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
+{
+  nixpkgs.system = "x86_64-linux";
+
+  boot.loader.grub.enable = true;
+  boot.loader.grub.device = "/dev/sda";
+  boot.loader.systemd-boot.enable = false;
+
+  
+  imports = [
+    ./hardware-configuration.nix
+  ];
+  time.timeZone = "Europe/Berlin";
+
+  xyno.presets.server.enable = true;
+  xyno.presets.cli.enable = true;
+  xyno.services.wireguard.enable = true;
+  xyno.services.caddy.enable = true;
+  xyno.services.monitoring.enable = true;
+  xyno.presets.home-manager.enable = true;
+  xyno.system.user.enable = true;
+  xyno.networking.networkd = {
+    enable = true;
+  };
+
+  system.stateVersion = "25.05";
+}
--- a/instances/picard/default.nix
+++ b/instances/picard/default.nix
@ -0,0 +1,12 @@
+{
+  modules = [ ./configuration.nix ];
+  sopsKey = "b730b2bf54eb792a14bfd3e68c14c08894376c5f";
+  hostName = "picard";
+  publicHostname = "xyno.space";
+  # prometheusServer = true;
+  wg = {
+    pubKey = "";
+    server = true;
+    v4 = "10.13.12.1";
+  };
+}
--- a/instances/picard/hardware-configuration.nix
+++ b/instances/picard/hardware-configuration.nix
@ -0,0 +1,58 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:
+
+{
+  imports = [ "${modulesPath}/installer/scan/not-detected.nix" ];
+
+  boot.initrd.availableKernelModules = [
+    "r8169"
+    "ahci"
+    "vfio-pci"
+    "xhci_pci"
+    "ehci_pci"
+    "nvme"
+    "usbhid"
+    "sd_mod"
+    "sr_mod"
+  ];
+  boot.kernelModules = [ "kvm-amd" ];
+  nix.settings.max-jobs = lib.mkDefault 12;
+  powerManagement.powertop.enable = true;
+  powerManagement.cpuFreqGovernor = "powersave";
+  powerManagement.scsiLinkPolicy = "min_power";
+
+  fileSystems."/persistent" = {
+    device = "/dev/disk/by-uuid/ca79f433-163a-4c5c-b176-8e694a674dda";
+    fsType = "xfs";
+    neededForBoot = true;
+  };
+  fileSystems."/" = {
+    device = "none";
+    fsType = "tmpfs";
+    options = [
+      "size=8G"
+      "defaults"
+      "mode=755"
+    ];
+  };
+
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/DA11-68A6";
+    fsType = "vfat";
+    options = [
+      "fmask=0022"
+      "dmask=0022"
+      "noauto"
+      "x-systemd.automount"
+    ];
+  };
+
+}