{ config, pkgs, ... }: { imports = [ ./common-headless.nix ./i3.nix ./large-sw.nix ./uefi.nix ./fstrim.nix ./atmega.nix ./v4l2loopback.nix ./huion.nix ./nvim05.nix ./nm-restart.nix ]; boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; boot.initrd.kernelModules = [ "dm-snapshot" ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/disk/by-uuid/a16ae3f7-11df-47fc-a8df-f22c474ec1c1"; fsType = "ext4"; }; fileSystems."/boot" = { device = "/dev/disk/by-uuid/3C5C-049B"; fsType = "vfat"; }; #swapDevices = [ # { device = "/dev/disk/by-uuid/b7274abd-58a5-4acc-8481-30e105e94eec"; } #]; nix.maxJobs = pkgs.lib.mkDefault 6; powerManagement.cpuFreqGovernor = pkgs.lib.mkDefault "powersave"; environment.etc."lvm/lvm.conf".text = '' devices { issue_discards = 1 } ''; boot.initrd.luks.devices = { sda_crypt = { device = "/dev/disk/by-partuuid/00292928-0088-4887-9e5d-2f2eccb4816f"; preLVM = true; allowDiscards = true; }; }; networking = { hostName = "decoysnail"; hostId = "cf04f682"; }; services.openssh.enable = true; hardware.cpu.intel.updateMicrocode = true; services.thermald.enable = true; hardware.opengl = { extraPackages = with pkgs; [ beignet ]; driSupport32Bit = true; }; #services.avahi.nssmdns = true; #services.nscd.enable = pkgs.lib.mkOverride 10 true; services.openssh.forwardX11 = true; system.stateVersion = "19.09"; networking.wireguard.interfaces.wg0 = { ips = ["10.59.0.4/16"]; privateKeyFile = "/etc/wgkeys/decoysnail"; allowedIPsAsRoutes = true; postSetup = '' ${pkgs.systemd}/bin/resolvectl domain wg0 '~htdf.gebner.org' '~mtlaa.gebner.org' '~ams.gebner.org' ${pkgs.systemd}/bin/resolvectl dns wg0 10.57.0.1 ''; peers = [{ publicKey = "ByLlJbevlTBooAo2RIZGGJvBHKqA9qiOpHBvR5yuJX4="; allowedIPs = ["10.56.0.0/14" "10.60.1.1"]; # endpoint = "mtlaa-gw.gebner.org:35869"; # endpoint = "84.112.114.160:35869"; endpoint = "127.0.0.1:35869"; persistentKeepalive = 25; }]; }; systemd.services.wstunnel = { path = [ pkgs.wstunnel ]; wantedBy = [ "wireguard-wg0.service" ]; after = [ "network.target" ]; script = '' wstunnel -L 35869:htdf-gw.gebner.org:35869 -u wss://gebner.org ''; }; services.resolved = { domains = []; enable = true; }; services.xserver = { videoDrivers = [ "intel" ]; }; fonts.fontconfig = { subpixel.rgba = "none"; }; }