ctucx.git: nixfiles

ctucx' nixfiles

commit 0cd63f6011d182f92783079714ed2e5c946230a5
parent 1b3e77bd7c82f1a86a1f6d31dfc18e8c96e4007d
Author: Leah (ctucx) <leah@ctu.cx>
Date: Sun, 1 May 2022 19:31:56 +0200

machines/wanderduene: add machine

2 files changed, 99 insertions(+), 0 deletions(-)
A
machines/wanderduene/configuration.nix
|
68
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
A
machines/wanderduene/hardware-configuration.nix
|
31
+++++++++++++++++++++++++++++++
diff --git a/machines/wanderduene/configuration.nix b/machines/wanderduene/configuration.nix
@@ -0,0 +1,68 @@
+{ config, lib, pkgs, ... }:
+
+{
+
+  imports = [
+    ./hardware-configuration.nix
+    ../../configurations/common.nix
+
+    ../../configurations/services/prometheus-node-exporter.nix
+    ../../configurations/services/bind
+  ];
+
+  boot = {
+    loader.grub = {
+      enable  = true;
+      version = 2;
+      device  = "/dev/vda";
+    };
+
+    initrd.network = {
+      enable = true;
+      ssh    = {
+        enable         = true;
+        port           = 22;
+        hostKeys       = [ /etc/ssh/ssh_host_rsa_key ];
+        authorizedKeys = with lib; concatLists (mapAttrsToList (name: user: if elem "wheel" user.extraGroups then user.openssh.authorizedKeys.keys else []) config.users.users);
+      };
+
+      postCommands = ''
+        ip link set dev ens3 up
+        ip addr add 2a03:4000:1:45d::1/128 dev ens3
+        ip route add default via fe80::1 dev ens3 onlink
+
+        ip addr add 46.38.253.139/22 dev ens3
+        ip route add default via 46.38.253.1 dev ens3 onlink
+        echo 'cryptsetup-askpass' >> /root/.profile
+      '';
+    };
+  };
+
+  networking = {
+    hostName = "wanderduene";
+    domain   = "ctu.cx";
+
+    useDHCP  = false;
+
+    defaultGateway6 = {
+      interface = "ens3";
+      address   = "fe80::1";
+    };
+
+    interfaces.ens3 = {
+      useDHCP = true;
+
+      ipv6.addresses = [{
+        address      = "2a03:4000:1:45d::1";
+        prefixLength = 64;
+      }];
+    };
+
+    firewall.enable = true;
+  };
+
+  system.stateVersion = "21.11";
+  home-manager.users.leah.home.stateVersion = "21.11";
+
+}
+

diff --git a/machines/wanderduene/hardware-configuration.nix b/machines/wanderduene/hardware-configuration.nix
@@ -0,0 +1,31 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/c5db3732-3c1d-4b93-96be-ee288525fa31";
+      fsType = "ext4";
+    };
+
+  boot.initrd.luks.devices."root".device = "/dev/disk/by-uuid/b19a5e06-b540-4c2a-acb9-dcc969c50fe6";
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/A855-01F5";
+      fsType = "vfat";
+    };
+
+  swapDevices = [ ];
+
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}