From 030e5c00584f5a8f3d8c57e242c1eb2c994609fd Mon Sep 17 00:00:00 2001 From: Hendrik Sokolowski Date: Sat, 13 Aug 2022 18:08:27 +0200 Subject: [PATCH 1/3] Add droppie --- flake.nix | 6 ++- hosts/droppie/configuration.nix | 22 ++++++++++ hosts/droppie/default.nix | 6 +++ hosts/droppie/droppie.nix | 16 +++++++ hosts/droppie/hardware-configuration.nix | 53 ++++++++++++++++++++++++ modules/docker/default.nix | 1 - modules/x-os/boot.nix | 10 ++--- overlays/overrides.nix | 2 +- 8 files changed, 108 insertions(+), 8 deletions(-) create mode 100644 hosts/droppie/configuration.nix create mode 100644 hosts/droppie/default.nix create mode 100644 hosts/droppie/droppie.nix create mode 100644 hosts/droppie/hardware-configuration.nix diff --git a/flake.nix b/flake.nix index 6881562b..0b64905a 100644 --- a/flake.nix +++ b/flake.nix @@ -127,6 +127,8 @@ b12f = pubsolaros ++ [ users.ben social gaming mobile ]; biolimo = b12f ++ [ graphical ]; chocolatebar = b12f ++ [ graphical virtualisation ]; + + droppie = b12f ++ [ ]; }; }; }; @@ -150,7 +152,9 @@ homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations; - deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations { }; + deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations { + droppie = { }; + }; } ; } diff --git a/hosts/droppie/configuration.nix b/hosts/droppie/configuration.nix new file mode 100644 index 00000000..e392cfe5 --- /dev/null +++ b/hosts/droppie/configuration.nix @@ -0,0 +1,22 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = + [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "21.11"; # Did you read the comment? +} + diff --git a/hosts/droppie/default.nix b/hosts/droppie/default.nix new file mode 100644 index 00000000..87c64f2f --- /dev/null +++ b/hosts/droppie/default.nix @@ -0,0 +1,6 @@ +{ suites, ... }: +{ + imports = [ + ./droppie.nix + ] ++ suites.droppie; +} diff --git a/hosts/droppie/droppie.nix b/hosts/droppie/droppie.nix new file mode 100644 index 00000000..22159f7b --- /dev/null +++ b/hosts/droppie/droppie.nix @@ -0,0 +1,16 @@ +{ config, pkgs, lib, ... }: +with lib; +let + psCfg = config.pub-solar; + xdg = config.home-manager.users."${psCfg.user.name}".xdg; +in +{ + imports = [ + ./configuration.nix + ]; + + config = { + + hardware.cpu.intel.updateMicrocode = true; + }; +} diff --git a/hosts/droppie/hardware-configuration.nix b/hosts/droppie/hardware-configuration.nix new file mode 100644 index 00000000..9c1fa078 --- /dev/null +++ b/hosts/droppie/hardware-configuration.nix @@ -0,0 +1,53 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "ahci" "usbhid" "uas" ]; + boot.initrd.kernelModules = [ "dm-snapshot" ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { + device = "/dev/disk/by-uuid/1dca9d02-555c-4b23-9450-8f3413fa7694"; + fsType = "xfs"; + }; + + fileSystems."/boot" = + { + device = "/dev/disk/by-uuid/A24C-F252"; + fsType = "vfat"; + }; + + fileSystems."/media/internal" = + { + device = "/dev/disk/by-uuid/5cf314a8-82f4-4037-a724-62d2ff226cff"; + fsType = "ext4"; + }; + + fileSystems."/home" = + { + device = "/dev/disk/by-uuid/2ef980f1-1f27-4d2a-9789-00f45e791fcc"; + fsType = "xfs"; + }; + + swapDevices = + [{ device = "/dev/disk/by-uuid/0203b641-280f-4a3d-971d-fd32a666c852"; }]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + networking.interfaces.enp2s0f0.useDHCP = lib.mkDefault true; + + powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/modules/docker/default.nix b/modules/docker/default.nix index 92097680..668c4005 100644 --- a/modules/docker/default.nix +++ b/modules/docker/default.nix @@ -17,7 +17,6 @@ in environment.systemPackages = with pkgs; [ docker-compose - docker-compose_2 ]; }; } diff --git a/modules/x-os/boot.nix b/modules/x-os/boot.nix index f0e97c91..dfc6a86e 100644 --- a/modules/x-os/boot.nix +++ b/modules/x-os/boot.nix @@ -16,11 +16,11 @@ with lib; # Mount / luks device in initrd # Allow fstrim to work on it. # The ! makes this enabled by default - boot.initrd = mkIf (!cfg.iso-options.enable) { - luks.devices."cryptroot" = { - allowDiscards = true; - }; - }; + #boot.initrd = mkIf (!cfg.iso-options.enable) { + # luks.devices."cryptroot" = { + # allowDiscards = true; + # }; + #}; boot.loader.systemd-boot.enable = true; }; diff --git a/overlays/overrides.nix b/overlays/overrides.nix index a23cff0d..4a85b71f 100644 --- a/overlays/overrides.nix +++ b/overlays/overrides.nix @@ -5,7 +5,7 @@ channels: final: prev: { inherit (channels.latest) cachix docker - docker-compose_2 + docker-compose dhall discord element-desktop From f764cfa36de3c0b38c920a432666e4cdbec1f151 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20B=C3=A4dorf?= Date: Sat, 13 Aug 2022 18:53:50 +0200 Subject: [PATCH 2/3] Add server specific user --- flake.nix | 3 ++- users/yule/default.nix | 23 +++++++++++++++++++++++ 2 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 users/yule/default.nix diff --git a/flake.nix b/flake.nix index 0b64905a..c67df6f3 100644 --- a/flake.nix +++ b/flake.nix @@ -128,7 +128,8 @@ biolimo = b12f ++ [ graphical ]; chocolatebar = b12f ++ [ graphical virtualisation ]; - droppie = b12f ++ [ ]; + yule = pubsolaros ++ [ users.yule ]; + droppie = yule ++ [ ]; }; }; }; diff --git a/users/yule/default.nix b/users/yule/default.nix new file mode 100644 index 00000000..a4940c6d --- /dev/null +++ b/users/yule/default.nix @@ -0,0 +1,23 @@ +{ config, hmUsers, pkgs, lib, ... }: +let + psCfg = config.pub-solar; +in +{ + config = { + home-manager.users = { inherit (hmUsers) yule; }; + + pub-solar = { + # These are your personal settings + # The only required settings are `name` and `password`, + # The rest is used for programs like git + user = { + name = "yule"; + description = "b12f"; + password = "$6$LO2YoaHwuRQhUoSz$iHw9avM887eJg9cIty2nmG4Ibkol3YpviEhYpivVQP31VrnihFz/6LyugxD7X4VmXx9nxvcYIZnN90rlGxwjT."; + fullName = "Benjamin Bädorf"; + email = "hello@benjaminbaedorf.eu"; + gpgKeyId = "4406E80E13CD656C"; + }; + }; + }; +} From ad4a5149347fc8f293d321b59dee09ae1624ba73 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20B=C3=A4dorf?= Date: Sat, 13 Aug 2022 18:58:51 +0200 Subject: [PATCH 3/3] Add pubkeys to yule --- users/yule/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/users/yule/default.nix b/users/yule/default.nix index a4940c6d..7f57a686 100644 --- a/users/yule/default.nix +++ b/users/yule/default.nix @@ -17,6 +17,12 @@ in fullName = "Benjamin Bädorf"; email = "hello@benjaminbaedorf.eu"; gpgKeyId = "4406E80E13CD656C"; + publicKeys = [ + "ssh-rsa AAAhAB3NzaC1yc2EAAAADAQABAAACAQCmXpOU6vzQiVSSYCoxHYv7wDxC63Qg3dxlAMR6AOzwIABCU5PFFNcO0NWYms/YR7MOViorl+19LCLRABar9JgHU1n+uqxKV6eGph3OPeMp5sN8LAh7C9N+TZj8iJzBxQ3ch+Z/LdmLRwYNJ7KSUI+gwGK6xRS3+z1022Y4P0G0sx7IeCBl4lealQEIIF10ZOfjUdBcLQar7XTc5AxyGKnHCerXHRtccCoadLQujk0AvPXbv3Ma4JwX9X++AnCWRWakqS5UInu2tGuZ/6Hrjd2a9AKWjTaBVDcbYqCvY4XVuMj2/A2bCceFBaoi41apybSk26FSFTU4qiEUNQ6lxeOwG4+1NCXyHe2bGI4VyoxinDYa8vLLzXIRfTRA0qoGfCweXNeWPf0jMqASkUKaSOH5Ot7O5ps34r0j9pWzavDid8QeKJPyhxKuF1a5G4iBEZ0O9vuti60dPSjJPci9oTxbune2/jb7Sa0yO06DtLFJ2ncr5f70s/BDxKk4XIwQLy+KsvzlQEGdY8yA6xv28bOGxL3sQ0HE2pDTsvIbAisVOKzdJeolStL9MM5W8Hg0r/KkGj2bg0TfoRp1xHV9hjKkvJrsQ6okaPvNFeZq0HXzPhWMOVQ+/46z80uaQ1ByRLr3FTwuWJ7F/73ndfxiq6bDE4z2Ji0vOjeWJm6HCxTdGw== hello@benjaminbaedorf.com" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCnYTlTmHCl6LOkexqRR9LqjOoFgt9TQ4VzHQGRHJMzF/AGcDRoqC+pBLFSTzRb5/ikAOsb32XHyKVg4nNdJeQshO11QtDmkCB02D/XcIXxnNQ5A8CztT2az5xJtbbWSdamMnHBLcqLiwoLmXbERpdlt8jNqMHrz+bjCUGYVAFSfc/WdIs6EATJ1eF0VFxv7nUh4qhgStABSwhNsnoYOC/DOBSA9aBP1f5Fz9QHUioPTGi2hRwbTbtFUvTrymPpWVFRApa1zvGXcr4YUCm7ia1ZlZKzRpsPkwLxb8Omm4bGmR0cAVwVhVRySnhpCTwbIBLyw+H8PvKWBBba1NAKyMij root@droppie" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDwyNsGCMuyI9x2IxYEbYIL6oYsEfe1wqhHaRxSnK9oc10ge1LJni5o7g6XgryoQpCD9YenImcCxwkKblmlLQ2327uoVC2PUo07li1uT0eIPk0TQoxwp6besFs7/LEzZlgWQsc3gkEXmjk/E0mu0U6z2fkqciJ/ZxWYt9fLP6jBG47U9878rSaZ7k7Ilv6oRA3suArH189k1nerk/tonS4EWXeHZxHh/Eu0tqwmxN/6+g2GicYn6b+MbFQVdQAkctqT5Yz9USm9UKzbaAuZ799u0dJzagHm9JJZOr8r11ENtAkY9kAzRzm3u/ACiSdVzyLdjAK6m0dIPhp3OhedzuHiI6/wRll60tYtQTH1XwUpVbtir3+DT+jwZgO1zH3yL4iNh79kuUo+UEg1ZmGkSZRzSS2vb5qr0J5aSJmCd5sNB7a01PTtSlQPOqSF9PB+UmcLDF7JoKFub0KT/gRZ5neZkXTYQ/Y05qtaaFVlOVISijnm+sLUvKBv6OW8oYXIHBk= ben@chocolatebar" + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDDoYNvXWunQYFORRjcYH1F98+zr20U79ROh+gmaC7AY/x3yf4y8uyMayF56VgQLVNwgEchT5t4dNb9qo2+1oUnjiKrKAVfQMN6WMMMEr4F4WT784uvBx5Uo6vmhgAa+xoo62c4TV2Uf49ZiPd+zAApBHW1F/whPtunPF28Wfr9g+ozSidhnAr+3nkfJh331tz9s+wgQ39AFzFWftQ60Guulpfj8SaVyxyv/yZZAuFpXNzN0Cz4fWBIWFOsib6Z8y+SlUCzSzOguZ7FygHjwlvOxoISsASAuf0OfUKHxVshiL5F5AX1ddmUgXbUKUTp/3Iunr74pfOQC8TXzZHqhrlFzYDmK5J9E6eADSpgx++bCCaHycl73BWeertCBZSHBXeb3Db9HX+mxwpfP3alVAt4ZqQb3YD/VB7XGDvHbmLn+wSfecO2qA9PxiA0yX7e2BZLN9r3G3bRNSk0GpnYM0i84FE9IipiKKnWVjj7J0UPQmz7rzAn2Lki1CnX9PDdxZneqTxgpBomHJt4H+vXMw13scA4xxEDBvfS5KkjbEJqWLbfklCoER6nV3NPLZ6CBl0Xe/VQBSkqEuUEIXih/oa8emDOGUODNF75ck5NJmKiGg6AFZoeiDa7PZMIxhhOq4vsR2Ty43rztUJ0CMX7iSIk3Eql7kqNdvrJaJ7z0GBsiw== ben@biolimo" + ]; }; }; };