os/hosts/chonk/hardware-configuration.nix

# Do not modify this file!  It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations.  Please make changes
# to /etc/nixos/configuration.nix instead.
{
  config,
  lib,
  pkgs,
  modulesPath,
  ...
}: {
  imports = [
    (modulesPath + "/installer/scan/not-detected.nix")
  ];

  boot.initrd.availableKernelModules = ["ehci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"];
  boot.initrd.kernelModules = ["raid1"];
  boot.kernelModules = ["kvm-intel"];
  boot.extraModulePackages = [];
  boot.extraModprobeConfig = "options kvm_intel nested=1";

  boot.initrd.luks.forceLuksSupportInInitrd = true;

  boot.kernelPackages = pkgs.linuxPackages_latest;

  boot.loader.grub.enable = true;
  boot.loader.grub.device = "/dev/disk/by-id/usb-SanDisk_Cruzer_Blade_03025429121421051300-0:0";

  boot.initrd.luks.devices."cryptroot" = {
    device = "/dev/disk/by-uuid/9e13c8ea-96d3-45b1-85f4-d1a61233da6f";
    #keyFile = "/dev/disk/by-id/usb-SanDisk_Cruzer_Blade_04020116120721075123-0:0-part1";
    #fallbackToPassword = true;
    #bypassWorkqueues = true;
  };

  boot.initrd.network = {
    enable = true;
    ssh = {
      enable = true;
      port = 22;
      authorizedKeys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAqkqMYgncrnczcW/0PY+Z+FmNXXpgw6D9JWTTwiainy hensoko@hensoko-tp-work"];
      hostKeys = [/etc/secrets/initrd/ssh_host_ed25519_key];
    };
    postCommands = ''
      echo 'cryptsetup-askpass' >> /root/.profile
    '';
  };

  boot.initrd.systemd.enable = true;

  boot.initrd.services.swraid = {
    enable = true;
    mdadmConf = ''
      ARRAY /dev/md/0 metadata=1.2 name=data:0 UUID=1156202f:835af09b:2e05e02a:a1869d1c
    '';
  };

  fileSystems."/" = {
    device = "/dev/disk/by-label/root";
    fsType = "ext4";
  };

  fileSystems."/boot" = {
    device = "/dev/disk/by-label/boot";
    fsType = "ext4";
  };

  fileSystems."/mnt/internal" = {
    device = "/dev/disk/by-uuid/3563f624-f8ed-4664-95d0-ca8b9db1c60a";
    fsType = "ext4";
  };

  swapDevices = [
    {device = "/dev/disk/by-label/swap";}
  ];

  networking.bonds."bond0" = {
    interfaces = ["eno1" "eno2"];
    driverOptions = {
      miimon = "100";
      mode = "balance-xor";
      xmit_hash_policy = "layer3+4";
    };
  };

  networking = {
    defaultGateway = {
      address = "80.244.242.1";
      interface = "br0";
    };

    defaultGateway6 = {
      address = "2001:4d88:1ffa:26::1";
      interface = "br0";
    };

    nameservers = ["95.129.51.51" "80.244.244.244"];

    bridges."br0".interfaces = ["bond0"];

    interfaces."br0" = {
      ipv4.addresses = [
        {
          address = "80.244.242.2";
          prefixLength = 29;
        }
      ];
      ipv6.addresses = [
        {
          address = "2001:4d88:1ffa:26::2";
          prefixLength = 64;
        }
      ];
    };
  };

  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}