ryzensun: enable wake-on-lan

starship: better username + hostname style for SSH
lib: use improved deploy-rs lib with overlay'ed pkg
2024-06-13 01:59:25 +02:00 · 2024-06-13 01:18:23 +02:00 · 2024-06-13 01:17:18 +02:00
4 changed files with 91 additions and 52 deletions
--- a/hosts/ryzensun/networking.nix
+++ b/hosts/ryzensun/networking.nix
@ -23,6 +23,8 @@
      "10.0.1.208" = ["cn07.lev-1"];
    };

+    interfaces.enp4s0.wakeOnLan.enable = true;
+
    wireguard.enable = true;
    wg-quick.interfaces = {
      wg0 = {
--- a/hosts/ryzensun/ryzensun.nix
+++ b/hosts/ryzensun/ryzensun.nix
@ -5,7 +5,7 @@
  flake,
  ...
 }:
-with lib; let
+let
  psCfg = config.pub-solar;
  xdg = config.home-manager.users."${psCfg.user.name}".xdg;
 in {
@ -28,6 +28,30 @@ in {

    boot.binfmt.emulatedSystems = ["aarch64-linux"];

+    # Required for WakeOnLan
+    boot.kernelParams = [ "ip=dhcp" ];
+    boot.initrd = {
+      availableKernelModules = [ "r8169" ];
+      network = {
+        enable = true;
+        ssh = {
+          enable = true;
+          # To prevent ssh clients from freaking out because a different host key is used,
+          # a different port for ssh is useful (assuming the same host has also a regular sshd running)
+          port = 2222;
+
+          # Please create this manually the first time.
+          # sudo ssh-keygen -t ed25519 -N "" -f /etc/secrets/initrd/ssh_host_ed25519_key
+          hostKeys = [ "/etc/secrets/initrd/ssh_host_ed25519_key" ];
+          authorizedKeys = psCfg.user.publicKeys;
+        };
+        postCommands = ''
+          # Automatically ask for the password on SSH login
+          echo 'cryptsetup-askpass || echo "Unlock was successful; exiting SSH session" && exit 1' >> /root/.profile
+        '';
+      };
+    };
+
    services.fstrim.enable = true;

    services.tailscale.enable = true;
--- a/lib/deploy.nix
+++ b/lib/deploy.nix
@ -5,58 +5,75 @@
 * Licensed under the MIT license
 */

-{ lib, inputs }: let
-  getFqdn = c: let
-    net = c.config.networking;
-    fqdn =
-      if (net ? domain) && (net.domain != null)
-      then "${net.hostName}.${net.domain}"
-      else net.hostName;
-  in
+{ lib, inputs }:
+let
+  getFqdn =
+    c:
+    let
+      net = c.config.networking;
+      fqdn =
+        if (net ? domain) && (net.domain != null) then "${net.hostName}.${net.domain}" else net.hostName;
+    in
    fqdn;
 in {
-  mkDeployNodes = systemConfigurations: extraConfig:
-  /*
-   *
-   Synopsis: mkNodes _systemConfigurations_ _extraConfig_
+  mkDeployNodes =
+    systemConfigurations: extraConfig:
+    /*
+      *
+       Synopsis: mkNodes _systemConfigurations_ _extraConfig_

-   Generate the `nodes` attribute expected by deploy-rs
-   where _systemConfigurations_ are `nodes`.
+       Generate the `nodes` attribute expected by deploy-rs
+       where _systemConfigurations_ are `nodes`.

-   _systemConfigurations_ should take the form of a flake's
-   _nixosConfigurations_. Note that deploy-rs does not currently support
-   deploying to darwin hosts.
+       _systemConfigurations_ should take the form of a flake's
+       _nixosConfigurations_. Note that deploy-rs does not currently support
+       deploying to darwin hosts.

-   _extraConfig_, if specified, will be merged into each of the
-   nodes' configurations.
+       _extraConfig_, if specified, will be merged into each of the
+       nodes' configurations.

-   Example _systemConfigurations_ input:
+       Example _systemConfigurations_ input:

-   ```
-   {
-   hostname-1 = {
-   fastConnection = true;
-   sshOpts = [ "-p" "25" ];
-   };
-   hostname-2 = {
-   sshOpts = [ "-p" "19999" ];
-   sshUser = "root";
-   };
-   }
-   ```
-   *
-   */
-    lib.recursiveUpdate
-    (lib.mapAttrs
-      (
-        _: c: {
-          hostname = getFqdn c;
-          profiles.system = {
-            user = "root";
-            path = inputs.deploy-rs.lib.${c.pkgs.stdenv.hostPlatform.system}.activate.nixos c;
+       ```
+       {
+       hostname-1 = {
+       fastConnection = true;
+       sshOpts = [ "-p" "25" ];
+       };
+       hostname-2 = {
+       sshOpts = [ "-p" "19999" ];
+       sshUser = "root";
+       };
+       }
+       ```
+      *
+    */
+    lib.recursiveUpdate (lib.mapAttrs ( _: c: {
+      hostname = getFqdn c;
+      profiles.system =
+        let
+          system = c.pkgs.system;
+
+          # Unmodified nixpkgs
+          pkgs = import inputs.nixpkgs { inherit system; };
+
+          # nixpkgs with deploy-rs overlay but force the nixpkgs package
+          deployPkgs = import inputs.nixpkgs {
+            inherit system;
+            overlays = [
+              inputs.deploy-rs.overlays.default
+              (self: super: {
+                deploy-rs = {
+                  inherit (pkgs) deploy-rs;
+                  lib = super.deploy-rs.lib;
+                };
+              })
+            ];
          };
-        }
-      )
-      systemConfigurations)
-    extraConfig;
+        in
+        {
+          user = "root";
+          path = deployPkgs.deploy-rs.lib.activate.nixos c;
+        };
+    }) systemConfigurations) extraConfig;
 }
--- a/modules/terminal-life/starship.toml.nix
+++ b/modules/terminal-life/starship.toml.nix
@ -6,15 +6,11 @@

  # You can also replace your username with a neat symbol like  to save some space
  username = {
-    style_user = "bg:#000000 fg:#F85E84";
-    style_root = "bg:#F85E84 fg:#000000";
    format = ''[$user ]($style)'';
  };

  hostname = {
-    ssh_symbol = "";
-    trim_at = "";
-    style = "bg:#000000 fg:#F85E84";
+    format = ''[$ssh_symbol$hostname ]($style)'';
  };

  character = {
Author	SHA1	Message	Date
teutat3s	cdfe4d6bcb	ryzensun: enable wake-on-lan	2024-06-13 01:59:25 +02:00
teutat3s	39a62122c9	starship: better username + hostname style for SSH	2024-06-13 01:18:23 +02:00
teutat3s	dfe092a702	lib: use improved deploy-rs lib with overlay'ed pkg	2024-06-13 01:17:18 +02:00