delta
This commit is contained in:
parent
4d8e16cbfb
commit
0c97189dd5
5 changed files with 122 additions and 13 deletions
30
flake.nix
30
flake.nix
|
@ -50,17 +50,17 @@
|
||||||
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.alejandra;
|
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.alejandra;
|
||||||
|
|
||||||
nixosConfigurations = {
|
nixosConfigurations = {
|
||||||
# Home desktop
|
# Hetzner VPS
|
||||||
omega = nixpkgs.lib.nixosSystem {
|
alpha = nixpkgs.lib.nixosSystem {
|
||||||
system = "x86_64-linux";
|
system = "aarch64-linux";
|
||||||
specialArgs = inputs; # pass flake inputs to modules
|
specialArgs = inputs; # pass flake inputs to modules
|
||||||
modules = [./hosts/omega];
|
modules = [./hosts/alpha];
|
||||||
};
|
};
|
||||||
# Laptop
|
# Hetzner VPS
|
||||||
zeta = nixpkgs.lib.nixosSystem {
|
delta = nixpkgs.lib.nixosSystem {
|
||||||
system = "x86_64-linux";
|
system = "aarch64-linux";
|
||||||
specialArgs = inputs; # pass flake inputs to modules
|
specialArgs = inputs; # pass flake inputs to modules
|
||||||
modules = [./hosts/zeta];
|
modules = [./hosts/delta];
|
||||||
};
|
};
|
||||||
# Work laptop
|
# Work laptop
|
||||||
mu = nixpkgs.lib.nixosSystem {
|
mu = nixpkgs.lib.nixosSystem {
|
||||||
|
@ -68,11 +68,11 @@
|
||||||
specialArgs = inputs; # pass flake inputs to modules
|
specialArgs = inputs; # pass flake inputs to modules
|
||||||
modules = [./hosts/mu];
|
modules = [./hosts/mu];
|
||||||
};
|
};
|
||||||
# Hetzner VPS
|
# Home desktop
|
||||||
alpha = nixpkgs.lib.nixosSystem {
|
omega = nixpkgs.lib.nixosSystem {
|
||||||
system = "aarch64-linux";
|
system = "x86_64-linux";
|
||||||
specialArgs = inputs; # pass flake inputs to modules
|
specialArgs = inputs; # pass flake inputs to modules
|
||||||
modules = [./hosts/alpha];
|
modules = [./hosts/omega];
|
||||||
};
|
};
|
||||||
# Home Server
|
# Home Server
|
||||||
sigma = nixpkgs.lib.nixosSystem {
|
sigma = nixpkgs.lib.nixosSystem {
|
||||||
|
@ -86,6 +86,12 @@
|
||||||
specialArgs = inputs; # pass flake inputs to modules
|
specialArgs = inputs; # pass flake inputs to modules
|
||||||
modules = [./hosts/tor];
|
modules = [./hosts/tor];
|
||||||
};
|
};
|
||||||
|
# Laptop
|
||||||
|
zeta = nixpkgs.lib.nixosSystem {
|
||||||
|
system = "x86_64-linux";
|
||||||
|
specialArgs = inputs; # pass flake inputs to modules
|
||||||
|
modules = [./hosts/zeta];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
36
hosts/delta/default.nix
Normal file
36
hosts/delta/default.nix
Normal file
|
@ -0,0 +1,36 @@
|
||||||
|
{...}: {
|
||||||
|
imports = [
|
||||||
|
../../overlays
|
||||||
|
../../modules/base
|
||||||
|
../../modules/server
|
||||||
|
./hardware.nix
|
||||||
|
./network.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
networking.hostName = "delta";
|
||||||
|
|
||||||
|
boot = {
|
||||||
|
loader = {
|
||||||
|
efi.canTouchEfiVariables = true;
|
||||||
|
systemd-boot.enable = true;
|
||||||
|
};
|
||||||
|
initrd.luks.devices.crypted.device = "/dev/disk/by-label/crypted";
|
||||||
|
};
|
||||||
|
|
||||||
|
# This value determines the NixOS release from which the default
|
||||||
|
# settings for stateful data, like file locations and database versions
|
||||||
|
# on your system were taken. It's perfectly fine and recommended to leave
|
||||||
|
# this value at the release version of the first install of this system.
|
||||||
|
# Before changing this value read the documentation for this option
|
||||||
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
|
system.stateVersion = "23.11"; # Did you read the comment?
|
||||||
|
|
||||||
|
# This value determines the Home Manager release that your
|
||||||
|
# configuration is compatible with. This helps avoid breakage
|
||||||
|
# when a new Home Manager release introduces backwards
|
||||||
|
# incompatible changes.
|
||||||
|
# You can update Home Manager without changing this value. See
|
||||||
|
# the Home Manager release notes for a list of state version
|
||||||
|
# changes in each release.
|
||||||
|
home-manager.users.caspervk.home.stateVersion = "23.11"; # Did you read the comment?
|
||||||
|
}
|
43
hosts/delta/hardware.nix
Normal file
43
hosts/delta/hardware.nix
Normal file
|
@ -0,0 +1,43 @@
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
modulesPath,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
# https://nixos.wiki/wiki/Install_NixOS_on_Hetzner_Cloud
|
||||||
|
imports = [
|
||||||
|
(modulesPath + "/profiles/qemu-guest.nix")
|
||||||
|
];
|
||||||
|
|
||||||
|
boot.initrd.availableKernelModules = ["xhci_pci" "virtio_pci" "virtio_scsi" "usbhid" "sr_mod"];
|
||||||
|
boot.initrd.kernelModules = ["dm-snapshot" "virtio_gpu"];
|
||||||
|
boot.kernelParams = ["console=tty"];
|
||||||
|
boot.kernelModules = [];
|
||||||
|
boot.extraModulePackages = [];
|
||||||
|
|
||||||
|
# https://elis.nu/blog/2020/05/nixos-tmpfs-as-root/
|
||||||
|
fileSystems."/" = {
|
||||||
|
device = "none";
|
||||||
|
fsType = "tmpfs";
|
||||||
|
options = ["defaults" "size=2G" "mode=755"]; # mode=755 so only root can write to those files
|
||||||
|
};
|
||||||
|
fileSystems."/boot" = {
|
||||||
|
device = "/dev/disk/by-label/BOOT";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
|
fileSystems."/nix" = {
|
||||||
|
device = "/dev/disk/by-label/nix";
|
||||||
|
neededForBoot = true;
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices = [
|
||||||
|
{
|
||||||
|
device = "/nix/persist/swapfile";
|
||||||
|
size = 4 * 1024; # 4 GiB
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
|
||||||
|
}
|
23
hosts/delta/network.nix
Normal file
23
hosts/delta/network.nix
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
{...}: {
|
||||||
|
systemd.network = {
|
||||||
|
# Main interface
|
||||||
|
# https://nixos.wiki/wiki/Install_NixOS_on_Hetzner_Cloud
|
||||||
|
networks."10-lan" = {
|
||||||
|
name = "enp1s0";
|
||||||
|
address = [
|
||||||
|
"116.203.20.97/32" # TODO
|
||||||
|
"2a01:4f8:c2c:6005::/64" # TODO
|
||||||
|
];
|
||||||
|
routes = [
|
||||||
|
{routeConfig = {Destination = "172.31.1.1";};}
|
||||||
|
{
|
||||||
|
routeConfig = {
|
||||||
|
Gateway = "172.31.1.1";
|
||||||
|
GatewayOnLink = true;
|
||||||
|
};
|
||||||
|
}
|
||||||
|
{routeConfig = {Gateway = "fe80::1";};}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -18,7 +18,8 @@
|
||||||
# ssh-keyscan -t ed25519 alpha
|
# ssh-keyscan -t ed25519 alpha
|
||||||
programs.ssh.knownHosts = {
|
programs.ssh.knownHosts = {
|
||||||
"alpha".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGOpQNEmmEe6jr7Mv37ozokvtTSd1I3SmUU1tpCSNTkc";
|
"alpha".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGOpQNEmmEe6jr7Mv37ozokvtTSd1I3SmUU1tpCSNTkc";
|
||||||
"delta".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB0x9oImZjIhoPEwLlHVixIh7y1Kwn+SX17xffrdRzvv";
|
"delta".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFe9RpnO1/QRU81kjtEsWN66xfP5Y/qf5EQZ6wdM/XCT";
|
||||||
|
"delta-old".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB0x9oImZjIhoPEwLlHVixIh7y1Kwn+SX17xffrdRzvv";
|
||||||
"lambda".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEEd354UBnQi4xhjtJtKs4yVXuOkKY0svk+YHCm/pG46";
|
"lambda".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEEd354UBnQi4xhjtJtKs4yVXuOkKY0svk+YHCm/pG46";
|
||||||
"sigma".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC4Kvx/lcFRvl7KlxqqhrJ32h3FzuzyLA5BNB42+p92c";
|
"sigma".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC4Kvx/lcFRvl7KlxqqhrJ32h3FzuzyLA5BNB42+p92c";
|
||||||
"sigma-old".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF2Qrh0tpR5YawiYvcPGC4OSnu4//ge1eVdiBDLrTbCx";
|
"sigma-old".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF2Qrh0tpR5YawiYvcPGC4OSnu4//ge1eVdiBDLrTbCx";
|
||||||
|
|
Loading…
Reference in a new issue