{ config, pkgs, ... }: { imports = [ ./common.nix ./large-sw.nix ./uefi.nix ./fstrim.nix ./atmega.nix ]; environment.etc."lvm/lvm.conf".text = '' devices { issue_discards = 1 } ''; boot.initrd.luks.devices = [ { name = "sda2_crypt"; device = "/dev/disk/by-uuid/6c687d35-1b43-4799-b71c-a5b5c21b3e2a"; preLVM = true; } { name = "sdb2_crypt"; device = "/dev/disk/by-uuid/d3485d00-8399-40cc-8bce-80b9bd24e63a"; preLVM = true; allowDiscards = true; } ]; networking = { hostName = "decoysnail"; hostId = "cf04f682"; }; services.openssh.enable = true; hardware.cpu.intel.updateMicrocode = true; services.thermald.enable = true; virtualisation.docker = { enable = true; storageDriver = "overlay2"; }; users.extraUsers.gebner.extraGroups = [ "docker" ]; hardware.opengl = { extraPackages = with pkgs; [ beignet ]; driSupport32Bit = true; }; services.avahi.nssmdns = true; services.nscd.enable = pkgs.lib.mkOverride 10 true; services.openssh.forwardX11 = true; system.stateVersion = "18.03"; networking.wireguard.interfaces.wg0 = { ips = ["10.59.0.4/16"]; privateKeyFile = "/etc/wgkeys/decoysnail"; allowedIPsAsRoutes = true; postSetup = '' ${pkgs.systemd}/bin/resolvectl domain wg0 '~htdf.gebner.org' '~mtlaa.gebner.org' ${pkgs.systemd}/bin/resolvectl dns wg0 10.57.0.1 ''; peers = [{ publicKey = "ByLlJbevlTBooAo2RIZGGJvBHKqA9qiOpHBvR5yuJX4="; allowedIPs = ["10.56.0.0/14" "10.60.1.1"]; # endpoint = "mtlaa-gw.gebner.org:35869"; endpoint = "84.112.114.160:35869"; persistentKeepalive = 25; }]; }; services.resolved = { domains = []; enable = true; }; services.xserver = { videoDrivers = [ "intel" ]; }; }