sam
/
nixos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' of git.bitlab21.com:sam/nixos

This commit is contained in:
Sam 2025-01-25 20:41:50 +00:00
parent dfa1fcd045 2fede91760
commit cc765b3372
6 changed files with 227 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
flake.lock
View File

@ -539,11 +539,11 @@
}, },
"nix-secrets": { "nix-secrets": {
"locked": { "locked": {
"lastModified": 1737745804, "lastModified": 1737831370,
"narHash": "sha256-ix/gu0HJmJISlZM2PjCssg+4fhD1g0CrrpLaKb84dRo=", "narHash": "sha256-SknkmBjTklrzrXaVALsIIOtu1r8TP35NEfhST6zJyH4=",
"ref": "refs/heads/master", "ref": "refs/heads/master",
"rev": "3a049490d4853b61e9cf778347ff8fa175488ede", "rev": "148154f0b8bdaf085ea16562822f55c810b55bac",
"revCount": 251, "revCount": 255,
"type": "git", "type": "git",
"url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git" "url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git"
}, },

11
flake.nix
View File

@ -130,6 +130,17 @@
modules = [ modules = [
./hosts/citadel ./hosts/citadel
home-manager.nixosModules.home-manager
{
home-manager.extraSpecialArgs = specialArgs;
}
];
};
cloudnix = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/cloudnix
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
home-manager.extraSpecialArgs = specialArgs; home-manager.extraSpecialArgs = specialArgs;

11
home/cloudnix.nix Normal file
View File

@ -0,0 +1,11 @@
{
...
}: {
imports = [
./users/admin
./common/core
./common/optional/git.nix
./common/optional/sops.nix
];
}

83
hosts/cloudnix/default.nix Normal file
View File

@ -0,0 +1,83 @@
{
configVars,
outputs,
lib,
...
}: let
user = "admin";
merlinIp = configVars.networking.addresses.merlin.ip;
cloudnixIp = configVars.networking.addresses.cloudnix.ip;
btrfsMountDevice = "/dev/disk/by-uuid/2aec8052-68fc-4bac-9b8d-c10b9b659ad8";
in {
imports = [
# Create users for this host
../common/users/${user}
# Import core options
./hardware-configuration.nix
../common/core
# Impermanence
../common/optional/persistence.nix
(import ../common/disks/btrfs/impermanence.nix {
btrfsMountDevice = btrfsMountDevice;
lib = lib;
})
# Import optional options
../common/optional/persistence.nix
../common/optional/openssh.nix
../common/optional/distributed-builds/local-machine.nix
outputs.nixosModules.nixosAutoUpgrade
];
boot = {
loader = {
efi.canTouchEfiVariables = false;
grub = {
enable = true;
devices = ["/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_57492184"];
};
};
};
services = {
earlyoom = {
enable = true;
freeMemThreshold = 5; # <%5 free
};
};
system.services.nixosAutoUpgrade = {
enable = true;
persistent = true;
remote = "remotebuild@${merlinIp}";
reboot = false;
pushUpdates = false;
configDir = "/etc/nixos";
onCalendar = "*-*-* 06:00:00";
user = "admin";
};
networking = {
hostName = "cloudnix";
nameservers = ["8.8.8.8"];
firewall.enable = true;
};
systemd.network.networks."10-wan" = {
networkConfig.DHCP = "no";
address = [
"${cloudnixIp}/32"
];
routes = [
{ routeConfig = { Destination = "172.31.1.1"; }; }
{ routeConfig = { Gateway = "172.31.1.1"; GatewayOnLink = true; }; }
];
};
services.libinput.enable = true;
}

61
hosts/cloudnix/hardware-configuration.nix Normal file
View File

@ -0,0 +1,61 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/2aec8052-68fc-4bac-9b8d-c10b9b659ad8";
fsType = "btrfs";
options = [ "subvol=root" ];
};
fileSystems."/.swapvol" =
{ device = "/dev/disk/by-uuid/2aec8052-68fc-4bac-9b8d-c10b9b659ad8";
fsType = "btrfs";
options = [ "subvol=swap" ];
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/1DE3-CACA";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
fileSystems."/nix" =
{ device = "/dev/disk/by-uuid/2aec8052-68fc-4bac-9b8d-c10b9b659ad8";
fsType = "btrfs";
options = [ "subvol=nix" ];
};
fileSystems."/persist" =
{ device = "/dev/disk/by-uuid/2aec8052-68fc-4bac-9b8d-c10b9b659ad8";
fsType = "btrfs";
options = [ "subvol=persist" ];
};
swapDevices = [
{
device = "/.swapvol/swapfile";
size = 2 * 1024;
}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

57
hosts/common/disks/btrfs/legacy.nix Normal file
View File

@ -0,0 +1,57 @@
{
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/sda";
content = {
type = "gpt";
partitions = {
BOOT = {
size = "1M";
type = "EF02";
priority = 1;
};
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["umask=0077"];
};
};
root = {
size = "100%";
content = {
type = "btrfs";
extraArgs = ["-f"];
subvolumes = {
"/root" = {
mountpoint = "/";
};
"/persist" = {
mountOptions = ["subvol=persist"];
mountpoint = "/persist";
};
"/nix" = {
mountOptions = ["subvol=nix" "noatime"];
mountpoint = "/nix";
};
"/swap" = {
mountOptions = ["noatime"];
mountpoint = "/.swapvol";
};
};
};
};
};
};
};
};
};
}