From 11de044811d357b4b34e87bccfaf5302d0eb6c93 Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Mon, 5 Aug 2024 09:37:18 -0700 Subject: add a new host: wildcat This is a VPS on hetzner. --- nix/flake/devshell.nix | 2 +- nix/flake/hosts.nix | 2 ++ nix/flake/packages.nix | 2 +- nix/hosts/nixos/default.nix | 6 ++++++ nix/hosts/nixos/packages.nix | 9 +++++++++ nix/hosts/nixos/user.nix | 12 ++++++++++++ nix/hosts/wildcat/default.nix | 15 +++++++++++++++ nix/hosts/wildcat/hardware.nix | 29 +++++++++++++++++++++++++++++ nix/hosts/wildcat/networking.nix | 36 ++++++++++++++++++++++++++++++++++++ 9 files changed, 111 insertions(+), 2 deletions(-) create mode 100644 nix/hosts/nixos/default.nix create mode 100644 nix/hosts/nixos/packages.nix create mode 100644 nix/hosts/nixos/user.nix create mode 100644 nix/hosts/wildcat/default.nix create mode 100644 nix/hosts/wildcat/hardware.nix create mode 100644 nix/hosts/wildcat/networking.nix (limited to 'nix') diff --git a/nix/flake/devshell.nix b/nix/flake/devshell.nix index ff56ca6..6a3d678 100644 --- a/nix/flake/devshell.nix +++ b/nix/flake/devshell.nix @@ -29,7 +29,7 @@ gofmt.enable = true; gofumpt.enable = true; nixpkgs-fmt.enable = true; - shellcheck.enable = true; + # shellcheck.enable = true; shfmt.enable = true; taplo.enable = true; ruff.enable = true; diff --git a/nix/flake/hosts.nix b/nix/flake/hosts.nix index c02fe6c..836a26b 100644 --- a/nix/flake/hosts.nix +++ b/nix/flake/hosts.nix @@ -34,6 +34,7 @@ let mkNixosConfig = system: path: nixpkgs.lib.nixosSystem { inherit system; modules = [ + "${self}/nix/hosts/nixos" path ]; specialArgs = { inherit inputs self; }; @@ -49,6 +50,7 @@ in nixosConfigurations = { vm = mkNixosConfig "aarch64-linux" "${self}/nix/hosts/vm"; + wildcat = mkNixosConfig "x86_64-linux" "${self}/nix/hosts/wildcat"; }; } ]; diff --git a/nix/flake/packages.nix b/nix/flake/packages.nix index ae4caba..16c5ec4 100644 --- a/nix/flake/packages.nix +++ b/nix/flake/packages.nix @@ -3,7 +3,7 @@ inputs.flake-parts.flakeModules.easyOverlay ]; - perSystem = { config, pkgs, ... }: { + perSystem = { pkgs, ... }: { packages = { git-blame-stats = pkgs.callPackage "${self}/packages/git-blame-stats" { }; git-broom = pkgs.callPackage "${self}/packages/git-broom" { }; diff --git a/nix/hosts/nixos/default.nix b/nix/hosts/nixos/default.nix new file mode 100644 index 0000000..abfb3a7 --- /dev/null +++ b/nix/hosts/nixos/default.nix @@ -0,0 +1,6 @@ +{ ... }: { + imports = [ + ./packages.nix + ./user.nix + ]; +} diff --git a/nix/hosts/nixos/packages.nix b/nix/hosts/nixos/packages.nix new file mode 100644 index 0000000..8e807c6 --- /dev/null +++ b/nix/hosts/nixos/packages.nix @@ -0,0 +1,9 @@ +{ pkgs, ... }: { + environment = { + systemPackages = with pkgs; [ + git + jq + vim + ]; + }; +} diff --git a/nix/hosts/nixos/user.nix b/nix/hosts/nixos/user.nix new file mode 100644 index 0000000..b358d3e --- /dev/null +++ b/nix/hosts/nixos/user.nix @@ -0,0 +1,12 @@ +{ ... }: +{ + users.users.fcuny = { + uid = 1000; + isNormalUser = true; + extraGroups = + [ + "wheel" + "dialout" # Enable access to serial devices + ]; + }; +} diff --git a/nix/hosts/wildcat/default.nix b/nix/hosts/wildcat/default.nix new file mode 100644 index 0000000..f62df7d --- /dev/null +++ b/nix/hosts/wildcat/default.nix @@ -0,0 +1,15 @@ +{ ... }: { + + imports = [ + ./hardware.nix + ./networking.nix + ]; + + boot.tmp.cleanOnBoot = true; + zramSwap.enable = true; + networking.hostName = "fcuny"; + networking.domain = "net"; + services.openssh.enable = true; + users.users.root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi'' ]; + system.stateVersion = "23.11"; +} diff --git a/nix/hosts/wildcat/hardware.nix b/nix/hosts/wildcat/hardware.nix new file mode 100644 index 0000000..cc14f5a --- /dev/null +++ b/nix/hosts/wildcat/hardware.nix @@ -0,0 +1,29 @@ +{ modulesPath, ... }: +{ + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + + boot.initrd.availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "xen_blkfront" + "vmw_pvscsi" + ]; + + boot.loader.grub = { + enable = true; + device = "/dev/sda"; + }; + + boot.initrd.kernelModules = [ "nvme" ]; + + fileSystems = { + "/" = { + device = "/dev/sda1"; + fsType = "ext4"; + }; + "/data" = { + device = "/dev/disk/by-id/scsi-0HC_Volume_101115314"; + fsType = "ext4"; + }; + }; +} diff --git a/nix/hosts/wildcat/networking.nix b/nix/hosts/wildcat/networking.nix new file mode 100644 index 0000000..1199113 --- /dev/null +++ b/nix/hosts/wildcat/networking.nix @@ -0,0 +1,36 @@ +{ lib, ... }: { + # This file was populated at runtime with the networking + # details gathered from the active system. + networking = { + nameservers = [ + "2a01:4ff:ff00::add:2" + "2a01:4ff:ff00::add:1" + "185.12.64.1" + ]; + defaultGateway = "172.31.1.1"; + defaultGateway6 = { + address = "fe80::1"; + interface = "eth0"; + }; + dhcpcd.enable = false; + usePredictableInterfaceNames = lib.mkForce false; + interfaces = { + eth0 = { + ipv4.addresses = [ + { address = "5.78.87.68"; prefixLength = 32; } + ]; + ipv6.addresses = [ + { address = "2a01:4ff:1f0:d1a3::1"; prefixLength = 64; } + { address = "fe80::9400:3ff:fe98:d6dc"; prefixLength = 64; } + ]; + ipv4.routes = [{ address = "172.31.1.1"; prefixLength = 32; }]; + ipv6.routes = [{ address = "fe80::1"; prefixLength = 128; }]; + }; + + }; + }; + services.udev.extraRules = '' + ATTR{address}=="96:00:03:98:d6:dc", NAME="eth0" + + ''; +} -- cgit 1.4.1