{ config, lib, pkgs, inputs, ... }: { # Setup hardware # imports = [ inputs.nixos-hardware.nixosModules.common-cpu-intel ]; # Sops setup for this machine sops.secrets = { "borg-ssh-key" = { sopsFile = ../../secrets/perception/borg.yaml; format = "yaml"; }; "borg-password" = { sopsFile = ../../secrets/perception/borg.yaml; format = "yaml"; }; }; # Setup system configuration nathan = { services = { borg = { enable = true; extraExcludes = [ "/var/log" ]; passwordFile = config.sops.secrets."borg-password".path; sshKey = config.sops.secrets."borg-ssh-key".path; }; }; config = { setupGrub = false; nix = { autoUpdate = true; autoGC = true; }; harden = false; }; }; # Configure bootloader boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.efiSysMountPoint = "/boot/efi"; boot.kernelParams = [ "net.ifnames=0" ]; # Configure networking networking = { domain = "mccarty.io"; useDHCP = true; # Open ports in firewall firewall = { allowedTCPPorts = [ ]; allowedUDPPorts = [ ]; }; }; # Setup home manager home-manager.users.nathan = import ./home.nix; ## Media Streaming setup # Setup hardware hardware.opengl = { enable = true; driSupport = true; driSupport32Bit = true; extraPackages = with pkgs; [ libva vaapiIntel libvdpau-va-gl vaapiVdpau ]; }; # Newer kernel boot.kernelPackages = pkgs.linuxKernel.packages.linux_6_2; # Run plex and the like in containers virtualisation.oci-containers.containers = { # Configure plex "plex" = { image = "lscr.io/linuxserver/plex:latest"; environment = { "PUID" = "1000"; "PGID" = "1000"; "TZ" = "America/New_York"; "VERSION" = "latest"; "PLEX_CLAIM" = "claim-9U6_TK2JhbNmFykxDUip"; }; ports = [ "32400:32400" "1900:1900" "3005:3005" "5353:5353" "8324:8324" "32410:32410" "32412:32412" "32413:32413" "32414:32414" "32469:32469" ]; volumes = [ "/var/lib/plex:/config" "/mnt/plex:/media" ]; extraOptions = [ "--device=/dev/dri:/dev/dri" ]; }; # Configure tatulli # Configure sabnzbd # Configure sonarr # Configure radarr }; }