add 001_momo_koeln

This commit is contained in:
Hendrik Sokolowski 2023-03-07 00:48:42 +01:00
parent 153617394b
commit 0daf30fe09
7 changed files with 158 additions and 7 deletions

View file

@ -125,10 +125,9 @@
users = digga.lib.rakeLeaves ./users;
};
suites = with profiles; rec {
base = [users.pub-solar users.root];
iso = base ++ [base-user graphical pub-solar-iso];
pubsolaros = [full-install base-user users.root];
anonymous = [pubsolaros users.pub-solar];
base = [ base-user users.root users.barkeeper ];
host_001_momo_koeln = base;
};
};
};
@ -143,10 +142,10 @@
};
};
users = {
pub-solar = {suites, ...}: {
barkeeper = {suites, ...}: {
imports = suites.base;
home.stateVersion = "21.03";
home.stateVersion = "22.05";
};
}; # digga.lib.importers.rakeLeaves ./users/hm;
};
@ -155,6 +154,11 @@
homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations;
deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations {};
deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations {
host_001_momo_koeln = {
hostname = "80.244.242.4";
sshUser = "barkeeper";
};
};
};
}

View file

@ -0,0 +1,30 @@
{ config, lib, pkgs, ... }:
{
imports =
[
# Include the results of the hardware scan.
./hardware-configuration.nix
];
pub-solar.core.lite = true;
time.timeZone = "Europe/Berlin";
networking = {
useDHCP = false;
interfaces.enp1s0.ipv4.addresses = [{
address = "80.244.242.4";
prefixLength = 29;
}];
defaultGateway = "80.244.242.1";
nameservers = [ "95.129.51.51" "80.244.244.244" ];
};
# Enable the OpenSSH daemon.
services.openssh.enable = true;
system.stateVersion = "22.05";
}

View file

@ -0,0 +1,6 @@
{ suites, ... }:
{
imports = [
./host_001_momo_koeln.nix
] ++ suites.host_001_momo_koeln;
}

View file

@ -0,0 +1,54 @@
{ config, pkgs, lib, ... }:
{
# Use the GRUB 2 boot loader.
boot.loader.systemd-boot.enable = false;
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
# boot.loader.grub.efiSupport = true;
# boot.loader.grub.efiInstallAsRemovable = true;
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
# Define on which hard drive you want to install Grub.
boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.initrd.luks.devices."cryptroot" = {
device = "/dev/disk/by-uuid/531ee357-5777-498f-abbf-64bb4cff9a14";
};
fileSystems."/" =
{ device = "/dev/disk/by-uuid/f5b3152a-a3bd-46d1-968f-53d50fca921e";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/1fd053f8-725b-418d-aed1-aee71dac2b62";
fsType = "ext4";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/46191ecf-244c-4445-b1c0-ae3059871a70"; }
];
networking = {
defaultGateway = "80.244.242.1";
nameservers = ["95.129.51.51" "80.244.244.244"];
interfaces."enp1s0" = {
ipv4.addresses = [
{
address = "80.244.242.4";
prefixLength = 29;
}
];
};
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

View file

@ -0,0 +1,12 @@
{ config, pkgs, lib, ... }:
with lib;
with pkgs;
let
psCfg = config.pub-solar;
in
{
imports = [
./configuration.nix
];
}

View file

@ -13,12 +13,15 @@ in {
users = {
mutableUsers = false;
groups."${psCfg.user.name}" = {};
users = with pkgs;
pkgs.lib.setAttrByPath [psCfg.user.name] {
# Indicates whether this is an account for a “real” user.
# This automatically sets group to users, createHome to true,
# home to /home/username, useDefaultShell to true, and isSystemUser to false.
isNormalUser = true;
group = "${psCfg.user.name}";
description = psCfg.user.description;
extraGroups = [
"wheel"

View file

@ -0,0 +1,42 @@
{
config,
hmUsers,
pkgs,
lib,
...
}: let
psCfg = config.pub-solar;
in {
config = {
home-manager.users = {inherit (hmUsers) barkeeper;};
security.sudo.extraRules = [
{
users = [ "${psCfg.user.name}" ];
commands = [
{
command = "ALL";
options = [ "NOPASSWD" ];
}
];
}
];
pub-solar = {
user = {
name = "barkeeper";
description = "momo deployment user";
fullName = "momo infra barkeeper";
email = "admins@momo.koeln";
gpgKeyId = "";
publicKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII/58A18EtxnLYHu63c/+AyTSkJQSso/VVdHUFGp1CTk cardno:FFFE34353135 @hensoko"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAqkqMYgncrnczcW/0PY+Z+FmNXXpgw6D9JWTTwiainy hensoko@hensoko-tp-work"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEbaQdxp7Flz6ttELe63rn+Nt9g43qJOLih6VCMP4gPb @hensoko"
];
};
};
};
}