summary refs log tree commit diff stats
path: root/system/prefect.nix
diff options
context:
space:
mode:
Diffstat (limited to 'system/prefect.nix')
-rw-r--r--system/prefect.nix46
1 files changed, 45 insertions, 1 deletions
diff --git a/system/prefect.nix b/system/prefect.nix
index 0fc80eb9..e145c304 100644
--- a/system/prefect.nix
+++ b/system/prefect.nix
@@ -23,6 +23,7 @@
     ./settings/programs/kde.nix
     ./settings/programs/shell.nix
     ./settings/programs/docker.nix
+    ./settings/dev.nix
     ./settings/gaming.nix
     <nixos-hardware/common/cpu/amd>
     <nixos-hardware/common/cpu/amd/pstate.nix>
@@ -31,6 +32,26 @@
     <nixos-hardware/common/gpu/nvidia>
   ];
 
+  virtualisation.vmVariant = {
+    disabledModules = [
+      ./settings/hardware/nvidia-gpu.nix
+      ./settings/hardware/bare-metal.nix
+      ./settings/gaming.nix
+      ./settings/user-interface.nix
+      ./settings/programs/kde.nix
+      <nixos-hardware/common/cpu/amd>
+      <nixos-hardware/common/cpu/amd/pstate.nix>
+      <nixos-hardware/common/pc/ssd>
+      <nixos-hardware/common/pc>
+      <nixos-hardware/common/gpu/nvidia>
+    ];
+    services.qemuGuest.enable = true;
+    virtualisation = {
+      memorySize = 4096;
+      cores = 4;
+    };
+  };
+
   nixpkgs.hostPlatform = "x86_64-linux";
 
   services.xserver.screenSection = ''
@@ -130,6 +151,7 @@
     };
     hosts = {
       "fd7a:115c:a1e0::53" = [ "tailscale" "ts" ];
+      "::1" = [ "alanpearce.test" "alanpearce.localhost" ];
     };
 
     nftables = {
@@ -148,10 +170,32 @@
     dnssec = "true";
   };
 
-  services.tailscale.enable = true;
+  services.tailscale = {
+    enable = true;
+    extraUpFlags = [
+      "--accept-dns=true"
+      "--accept-routes=false"
+    ];
+  };
 
   system.stateVersion = "23.05";
 
+  security.pki.certificates = [
+    ''
+      -----BEGIN CERTIFICATE-----
+      MIIBozCCAUqgAwIBAgIRAJ1slNK3lsucmYYUbtGRUvswCgYIKoZIzj0EAwIwMDEu
+      MCwGA1UEAxMlQ2FkZHkgTG9jYWwgQXV0aG9yaXR5IC0gMjAyNCBFQ0MgUm9vdDAe
+      Fw0yNDA2MjYxNTM3MTJaFw0zNDA1MDUxNTM3MTJaMDAxLjAsBgNVBAMTJUNhZGR5
+      IExvY2FsIEF1dGhvcml0eSAtIDIwMjQgRUNDIFJvb3QwWTATBgcqhkjOPQIBBggq
+      hkjOPQMBBwNCAAR1fc1TOhp9oNy/p40BfUd+E13b1/URwwocuZ5w0SKHTE/t8Hp+
+      7Zd9ZTYvQ7WxFfaVxmBCcFMUJsTm7bbYTEvlo0UwQzAOBgNVHQ8BAf8EBAMCAQYw
+      EgYDVR0TAQH/BAgwBgEB/wIBATAdBgNVHQ4EFgQUcnlbpAM2ZCRsiCzdFiM5EjCm
+      aoEwCgYIKoZIzj0EAwIDRwAwRAIgcKf3vRiF87G0r2+vgBbyfWo4D2TDQWkSrfek
+      Q0f1Q5UCIEmyeqrifbp5JnZqtm3IlGVIEQcUeVygqnV/xW3xCAgT
+      -----END CERTIFICATE-----
+    ''
+  ];
+
   boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
   nix.settings.trusted-users = [ "root" "nixremote" ];
   services.displayManager.hiddenUsers = [ "nixremote" ];
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-01 13:17:00 +0000