forked from pub-solar/infra
hosts: init blue-shell
This commit is contained in:
parent
4ef9781d10
commit
83b7e3e11e
30
hosts/blue-shell/configuration.nix
Normal file
30
hosts/blue-shell/configuration.nix
Normal file
|
@ -0,0 +1,30 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
{
|
||||
boot.loader.grub.enable = true;
|
||||
|
||||
boot.kernelParams = [
|
||||
"boot.shell_on_fail=1"
|
||||
"ip=dhcp"
|
||||
];
|
||||
|
||||
services.openssh.openFirewall = true;
|
||||
|
||||
# This option defines the first version of NixOS you have installed on this particular machine,
|
||||
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
|
||||
#
|
||||
# Most users should NEVER change this value after the initial install, for any reason,
|
||||
# even if you've upgraded your system to a new NixOS release.
|
||||
#
|
||||
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
|
||||
# so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
|
||||
# to actually do that.
|
||||
#
|
||||
# This value being lower than the current NixOS release does NOT mean your system is
|
||||
# out of date, out of support, or vulnerable.
|
||||
#
|
||||
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
|
||||
# and migrated your data accordingly.
|
||||
#
|
||||
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
|
||||
system.stateVersion = "24.05"; # Did you read the comment?
|
||||
}
|
13
hosts/blue-shell/default.nix
Normal file
13
hosts/blue-shell/default.nix
Normal file
|
@ -0,0 +1,13 @@
|
|||
{ flake, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
./configuration.nix
|
||||
./disk-config.nix
|
||||
|
||||
./networking.nix
|
||||
#./wireguard.nix
|
||||
#./backups.nix
|
||||
];
|
||||
}
|
109
hosts/blue-shell/disk-config.nix
Normal file
109
hosts/blue-shell/disk-config.nix
Normal file
|
@ -0,0 +1,109 @@
|
|||
{
|
||||
disko.devices = {
|
||||
disk = {
|
||||
main = {
|
||||
type = "disk";
|
||||
device = "/dev/vdb";
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
bios = {
|
||||
size = "1M";
|
||||
type = "EF02"; # for grub MBR
|
||||
};
|
||||
boot = {
|
||||
size = "1G";
|
||||
type = "8300";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "ext4";
|
||||
mountpoint = "/boot";
|
||||
mountOptions = [
|
||||
"defaults"
|
||||
];
|
||||
};
|
||||
};
|
||||
luks = {
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "luks";
|
||||
name = "cryptroot";
|
||||
extraOpenArgs = [ ];
|
||||
# if you want to use the key for interactive login be sure there is no trailing newline
|
||||
# for example use `echo -n "password" > /tmp/secret.key`
|
||||
passwordFile = "/tmp/luks-password";
|
||||
content = {
|
||||
type = "lvm_pv";
|
||||
vg = "vg0";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
data = {
|
||||
type = "disk";
|
||||
device = "/dev/vdc";
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
luks = {
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "luks";
|
||||
name = "cryptdata";
|
||||
extraOpenArgs = [ ];
|
||||
# if you want to use the key for interactive login be sure there is no trailing newline
|
||||
# for example use `echo -n "password" > /tmp/secret.key`
|
||||
passwordFile = "/tmp/luks-password";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "xfs";
|
||||
mountpoint = "/var/lib/garage/data";
|
||||
mountOptions = [
|
||||
"defaults"
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
lvm_vg = {
|
||||
vg0 = {
|
||||
type = "lvm_vg";
|
||||
lvs = {
|
||||
root = {
|
||||
size = "100G";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "ext4";
|
||||
mountpoint = "/";
|
||||
mountOptions = [
|
||||
"defaults"
|
||||
];
|
||||
};
|
||||
};
|
||||
swap = {
|
||||
size = "16G";
|
||||
content = {
|
||||
type = "swap";
|
||||
};
|
||||
};
|
||||
metadata = {
|
||||
size = "50G";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "btrfs";
|
||||
mountpoint = "/var/lib/garage/meta";
|
||||
mountOptions = [
|
||||
"defaults"
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
17
hosts/blue-shell/hardware-configuration.nix
Normal file
17
hosts/blue-shell/hardware-configuration.nix
Normal file
|
@ -0,0 +1,17 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/profiles/qemu-guest.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
}
|
26
hosts/blue-shell/networking.nix
Normal file
26
hosts/blue-shell/networking.nix
Normal file
|
@ -0,0 +1,26 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
flake,
|
||||
...
|
||||
}:
|
||||
{
|
||||
services.garage.settings.rpc_public_addr = "[2a03:4000:43:24e::1]:3901";
|
||||
|
||||
networking.hostName = "blue-shell";
|
||||
networking.hostId = "00000005";
|
||||
|
||||
networking.useDHCP = false;
|
||||
systemd.network.enable = true;
|
||||
systemd.network.networks."10-wan" = {
|
||||
matchConfig.Name = "ens3";
|
||||
address = [
|
||||
"194.13.83.205/22"
|
||||
"2a03:4000:43:24e::1/64"
|
||||
];
|
||||
gateway = [
|
||||
"194.13.80.1"
|
||||
"fe80::1"
|
||||
];
|
||||
};
|
||||
}
|
|
@ -118,6 +118,22 @@
|
|||
self.nixosModules.garage
|
||||
];
|
||||
};
|
||||
|
||||
blue-shell = self.nixos-flake.lib.mkLinuxSystem {
|
||||
imports = [
|
||||
self.inputs.agenix.nixosModules.default
|
||||
self.inputs.disko.nixosModules.disko
|
||||
self.nixosModules.home-manager
|
||||
./blue-shell
|
||||
self.nixosModules.overlays
|
||||
self.nixosModules.unlock-luks-on-boot
|
||||
self.nixosModules.core
|
||||
#self.nixosModules.prometheus-exporters
|
||||
#self.nixosModules.promtail
|
||||
|
||||
self.nixosModules.garage
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue