Update hs hardware configuration with actual detected hardware

- Intel CPU with KVM support - Detected kernel modules: xhci_pci, ahci, usb_storage, sd_mod, sdhci_pci - Remove filesystem declarations (managed by disko) - Intel microcode updates enabled 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-06 22:07:48 +02:00 · 2025-09-06 22:07:48 +02:00 · 70485c0bc4
commit 70485c0bc4
parent 80f9164e85
7 changed files with 624 additions and 1 deletions
--- a/hosts/nixos/hs/system.nix
+++ b/hosts/nixos/hs/system.nix
@ -0,0 +1,118 @@
+{ config, pkgs, ... }: {
+  imports = [
+    ./hardware-configuration.nix
+    ./disk-config.nix
+  ];
+
+  # GRUB bootloader with ZFS support
+  boot.loader.grub = {
+    enable = true;
+    devices = [ 
+      "/dev/disk/by-id/ata-ZHITAI_SC001_XT_1000GB_ZTB401TAB244431J4R"
+      "/dev/disk/by-id/ata-ZHITAI_SC001_XT_1000GB_ZTB401TAB244431KEG"
+    ]; # Install GRUB on both ZFS mirror drives
+    efiSupport = true;
+    efiInstallAsRemovable = true;
+    zfsSupport = true;
+  };
+
+  # Enable systemd stage-1 and ZFS support
+  boot.initrd.systemd.enable = true;
+  boot.supportedFilesystems = [ "zfs" ];
+  boot.zfs.forceImportRoot = false;
+
+  # Network configuration
+  networking = {
+    hostName = "hs";
+    hostId = "12345678"; # Required for ZFS, good practice for any system
+    networkmanager.enable = true;
+    firewall.enable = false;
+    # firewall.allowedTCPPorts = [ 22 ]; # SSH
+  };
+
+  # Set your time zone
+  time.timeZone = "Europe/Copenhagen"; # Adjust to your timezone
+
+  # Select internationalisation properties
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  # Enable the OpenSSH daemon
+  services.openssh = {
+    enable = true;
+    settings = {
+      PermitRootLogin = "yes";
+      PasswordAuthentication = false;
+      KbdInteractiveAuthentication = false;
+    };
+    openFirewall = true;
+  };
+
+  # Define a user account
+  users.users.root = {
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG35m0DgTrEOAM+1wAlYZ8mvLelNTcx65cFccGPQcxmo yanlin@imac"
+    ];
+  };
+
+  # Optional: Create a regular user account
+  users.users.yanlin = {
+    isNormalUser = true;
+    description = "yanlin";
+    extraGroups = [ "networkmanager" "wheel" ];
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG35m0DgTrEOAM+1wAlYZ8mvLelNTcx65cFccGPQcxmo yanlin@imac"
+    ];
+  };
+
+  # Enable sudo for wheel group
+  security.sudo.wheelNeedsPassword = false;
+
+  # List packages installed in system profile
+  environment.systemPackages = with pkgs; [
+    vim
+    git
+    htop
+    curl
+    wget
+    rsync
+    tmux
+    tree
+    lsof
+    tcpdump
+    iotop
+    smartmontools # For monitoring disk health
+    zfs # ZFS utilities
+  ];
+
+  # ZFS services configuration
+  services.zfs = {
+    autoScrub = {
+      enable = true;
+      interval = "monthly";
+    };
+    autoSnapshot = {
+      enable = true;
+      frequent = 4;  # Keep 4 15-minute snapshots
+      hourly = 24;   # Keep 24 hourly snapshots
+      daily = 7;     # Keep 7 daily snapshots
+      weekly = 4;    # Keep 4 weekly snapshots
+      monthly = 12;  # Keep 12 monthly snapshots
+    };
+    trim = {
+      enable = true;
+      interval = "weekly";
+    };
+  };
+
+  # Enable smartd for disk health monitoring
+  services.smartd = {
+    enable = true;
+    autodetect = true;
+  };
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It's perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  system.stateVersion = "24.05"; # Did you read the comment?
+}