{ config, pkgs, ... }: { imports = [ ./common.nix ./large-sw.nix ./uefi.nix ./fstrim.nix ./atmega.nix ]; environment.etc."lvm/lvm.conf".text = '' devices { issue_discards = 1 } ''; boot.initrd.luks.devices = [ { name = "sda_crypt"; device = "/dev/disk/by-partuuid/00292928-0088-4887-9e5d-2f2eccb4816f"; preLVM = true; allowDiscards = true; } ]; networking = { hostName = "decoysnail"; hostId = "cf04f682"; }; services.openssh.enable = true; hardware.cpu.intel.updateMicrocode = true; services.thermald.enable = true; #virtualisation.docker = { # enable = true; # storageDriver = "overlay2"; #}; #users.extraUsers.gebner.extraGroups = [ "docker" ]; hardware.opengl = { extraPackages = with pkgs; [ beignet ]; driSupport32Bit = true; }; #services.avahi.nssmdns = true; #services.nscd.enable = pkgs.lib.mkOverride 10 true; services.openssh.forwardX11 = true; system.stateVersion = "19.09"; networking.wireguard.interfaces.wg0 = { ips = ["10.59.0.4/16"]; privateKeyFile = "/etc/wgkeys/decoysnail"; allowedIPsAsRoutes = true; postSetup = '' ${pkgs.systemd}/bin/resolvectl domain wg0 '~htdf.gebner.org' '~mtlaa.gebner.org' '~ams.gebner.org' ${pkgs.systemd}/bin/resolvectl dns wg0 10.57.0.1 ''; peers = [{ publicKey = "ByLlJbevlTBooAo2RIZGGJvBHKqA9qiOpHBvR5yuJX4="; allowedIPs = ["10.56.0.0/14" "10.60.1.1"]; # endpoint = "mtlaa-gw.gebner.org:35869"; endpoint = "84.112.114.160:35869"; persistentKeepalive = 25; }]; }; services.resolved = { domains = []; enable = true; }; services.xserver = { videoDrivers = [ "intel" ]; }; }