1e2e2bdd35
grep -- '- &' .sops.yaml | cut -d'&' -f2 | grep _host | sed 's/_host//' | xargs -n2 clan secrets machines add
for i in secrets/*.yaml; do host=$(basename $i .yaml); clan secrets import-sops $i --machine $host --user makefu --prefix ${host}-;done
for i in secrets/*.yaml; do host=$(basename $i .yaml) ;clan secrets groups add-machine common "$host";done
24 lines
632 B
Nix
24 lines
632 B
Nix
let
|
|
rootdisk = "/dev/disk/by-id/ata-TS256GMTS800_C613840115";
|
|
datadisk = "/dev/disk/by-id/ata-HGST_HTS721010A9E630_JR10006PH3A02F";
|
|
in {
|
|
boot.loader.grub.device = rootdisk;
|
|
hardware.cpu.intel.updateMicrocode = true;
|
|
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
|
|
|
|
boot.kernelModules = [
|
|
"kvm-intel" "snd-seq" "snd-rawmidi"
|
|
];
|
|
fileSystems = {
|
|
"/" = {
|
|
device = rootdisk + "-part1";
|
|
fsType = "ext4";
|
|
};
|
|
"/data" = {
|
|
device = datadisk + "-part1";
|
|
fsType = "ext4";
|
|
};
|
|
};
|
|
swapDevices = [ { device = "/var/swap"; } ];
|
|
}
|