From 11de044811d357b4b34e87bccfaf5302d0eb6c93 Mon Sep 17 00:00:00 2001
From: Franck Cuny <franck@fcuny.net>
Date: Mon, 5 Aug 2024 09:37:18 -0700
Subject: add a new host: wildcat

This is a VPS on hetzner.
---
 nix/flake/devshell.nix           |  2 +-
 nix/flake/hosts.nix              |  2 ++
 nix/flake/packages.nix           |  2 +-
 nix/hosts/nixos/default.nix      |  6 ++++++
 nix/hosts/nixos/packages.nix     |  9 +++++++++
 nix/hosts/nixos/user.nix         | 12 ++++++++++++
 nix/hosts/wildcat/default.nix    | 15 +++++++++++++++
 nix/hosts/wildcat/hardware.nix   | 29 +++++++++++++++++++++++++++++
 nix/hosts/wildcat/networking.nix | 36 ++++++++++++++++++++++++++++++++++++
 9 files changed, 111 insertions(+), 2 deletions(-)
 create mode 100644 nix/hosts/nixos/default.nix
 create mode 100644 nix/hosts/nixos/packages.nix
 create mode 100644 nix/hosts/nixos/user.nix
 create mode 100644 nix/hosts/wildcat/default.nix
 create mode 100644 nix/hosts/wildcat/hardware.nix
 create mode 100644 nix/hosts/wildcat/networking.nix

(limited to 'nix')

diff --git a/nix/flake/devshell.nix b/nix/flake/devshell.nix
index ff56ca6..6a3d678 100644
--- a/nix/flake/devshell.nix
+++ b/nix/flake/devshell.nix
@@ -29,7 +29,7 @@
           gofmt.enable = true;
           gofumpt.enable = true;
           nixpkgs-fmt.enable = true;
-          shellcheck.enable = true;
+          # shellcheck.enable = true;
           shfmt.enable = true;
           taplo.enable = true;
           ruff.enable = true;
diff --git a/nix/flake/hosts.nix b/nix/flake/hosts.nix
index c02fe6c..836a26b 100644
--- a/nix/flake/hosts.nix
+++ b/nix/flake/hosts.nix
@@ -34,6 +34,7 @@ let
   mkNixosConfig = system: path: nixpkgs.lib.nixosSystem {
     inherit system;
     modules = [
+      "${self}/nix/hosts/nixos"
       path
     ];
     specialArgs = { inherit inputs self; };
@@ -49,6 +50,7 @@ in
 
       nixosConfigurations = {
         vm = mkNixosConfig "aarch64-linux" "${self}/nix/hosts/vm";
+        wildcat = mkNixosConfig "x86_64-linux" "${self}/nix/hosts/wildcat";
       };
     }
   ];
diff --git a/nix/flake/packages.nix b/nix/flake/packages.nix
index ae4caba..16c5ec4 100644
--- a/nix/flake/packages.nix
+++ b/nix/flake/packages.nix
@@ -3,7 +3,7 @@
     inputs.flake-parts.flakeModules.easyOverlay
   ];
 
-  perSystem = { config, pkgs, ... }: {
+  perSystem = { pkgs, ... }: {
     packages = {
       git-blame-stats = pkgs.callPackage "${self}/packages/git-blame-stats" { };
       git-broom = pkgs.callPackage "${self}/packages/git-broom" { };
diff --git a/nix/hosts/nixos/default.nix b/nix/hosts/nixos/default.nix
new file mode 100644
index 0000000..abfb3a7
--- /dev/null
+++ b/nix/hosts/nixos/default.nix
@@ -0,0 +1,6 @@
+{ ... }: {
+  imports = [
+    ./packages.nix
+    ./user.nix
+  ];
+}
diff --git a/nix/hosts/nixos/packages.nix b/nix/hosts/nixos/packages.nix
new file mode 100644
index 0000000..8e807c6
--- /dev/null
+++ b/nix/hosts/nixos/packages.nix
@@ -0,0 +1,9 @@
+{ pkgs, ... }: {
+  environment = {
+    systemPackages = with pkgs; [
+      git
+      jq
+      vim
+    ];
+  };
+}
diff --git a/nix/hosts/nixos/user.nix b/nix/hosts/nixos/user.nix
new file mode 100644
index 0000000..b358d3e
--- /dev/null
+++ b/nix/hosts/nixos/user.nix
@@ -0,0 +1,12 @@
+{ ... }:
+{
+  users.users.fcuny = {
+    uid = 1000;
+    isNormalUser = true;
+    extraGroups =
+      [
+        "wheel"
+        "dialout" # Enable access to serial devices
+      ];
+  };
+}
diff --git a/nix/hosts/wildcat/default.nix b/nix/hosts/wildcat/default.nix
new file mode 100644
index 0000000..f62df7d
--- /dev/null
+++ b/nix/hosts/wildcat/default.nix
@@ -0,0 +1,15 @@
+{ ... }: {
+
+  imports = [
+    ./hardware.nix
+    ./networking.nix
+  ];
+
+  boot.tmp.cleanOnBoot = true;
+  zramSwap.enable = true;
+  networking.hostName = "fcuny";
+  networking.domain = "net";
+  services.openssh.enable = true;
+  users.users.root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi'' ];
+  system.stateVersion = "23.11";
+}
diff --git a/nix/hosts/wildcat/hardware.nix b/nix/hosts/wildcat/hardware.nix
new file mode 100644
index 0000000..cc14f5a
--- /dev/null
+++ b/nix/hosts/wildcat/hardware.nix
@@ -0,0 +1,29 @@
+{ modulesPath, ... }:
+{
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+
+  boot.initrd.availableKernelModules = [
+    "ata_piix"
+    "uhci_hcd"
+    "xen_blkfront"
+    "vmw_pvscsi"
+  ];
+
+  boot.loader.grub = {
+    enable = true;
+    device = "/dev/sda";
+  };
+
+  boot.initrd.kernelModules = [ "nvme" ];
+
+  fileSystems = {
+    "/" = {
+      device = "/dev/sda1";
+      fsType = "ext4";
+    };
+    "/data" = {
+      device = "/dev/disk/by-id/scsi-0HC_Volume_101115314";
+      fsType = "ext4";
+    };
+  };
+}
diff --git a/nix/hosts/wildcat/networking.nix b/nix/hosts/wildcat/networking.nix
new file mode 100644
index 0000000..1199113
--- /dev/null
+++ b/nix/hosts/wildcat/networking.nix
@@ -0,0 +1,36 @@
+{ lib, ... }: {
+  # This file was populated at runtime with the networking
+  # details gathered from the active system.
+  networking = {
+    nameservers = [
+      "2a01:4ff:ff00::add:2"
+      "2a01:4ff:ff00::add:1"
+      "185.12.64.1"
+    ];
+    defaultGateway = "172.31.1.1";
+    defaultGateway6 = {
+      address = "fe80::1";
+      interface = "eth0";
+    };
+    dhcpcd.enable = false;
+    usePredictableInterfaceNames = lib.mkForce false;
+    interfaces = {
+      eth0 = {
+        ipv4.addresses = [
+          { address = "5.78.87.68"; prefixLength = 32; }
+        ];
+        ipv6.addresses = [
+          { address = "2a01:4ff:1f0:d1a3::1"; prefixLength = 64; }
+          { address = "fe80::9400:3ff:fe98:d6dc"; prefixLength = 64; }
+        ];
+        ipv4.routes = [{ address = "172.31.1.1"; prefixLength = 32; }];
+        ipv6.routes = [{ address = "fe80::1"; prefixLength = 128; }];
+      };
+
+    };
+  };
+  services.udev.extraRules = ''
+    ATTR{address}=="96:00:03:98:d6:dc", NAME="eth0"
+
+  '';
+}
-- 
cgit 1.4.1