Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

ma latte.r: run on 1blu

Browse Source
This commit is contained in:
makefu 2022-02-15 22:30:02 +01:00
parent 6f26a01e0a
commit 30d9c20b1b
No known key found for this signature in database
GPG Key ID: 36F7711F3FC0F225
4 changed files with 88 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
makefu/1systems/latte/1blu/default.nix Normal file
View File

@ -0,0 +1,50 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ ./network.nix
(modulesPath + "/profiles/qemu-guest.nix")
];
# Disk
boot.initrd.availableKernelModules = [ "ata_piix" "virtio_pci" "virtio_scsi" "xhci_pci" "sr_mod" "virtio_blk" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "tank/root";
fsType = "zfs";
};
fileSystems."/home" =
{ device = "tank/home";
fsType = "zfs";
};
fileSystems."/nix" =
{ device = "tank/nix";
fsType = "zfs";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/AEF3-A486";
fsType = "vfat";
};
swapDevices = [ ];
boot.loader.grub.device = "/dev/vda";
networking.hostId = "3150697c"; # required for zfs use
boot.tmpOnTmpfs = true;
boot.supportedFilesystems = [ "zfs" ];
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.copyKernels = true;
boot.zfs.devNodes = "/dev"; # fixes some virtualmachine issues
boot.kernelParams = [
"boot.shell_on_fail"
"panic=30" "boot.panic_on_fail" # reboot the machine upon fatal boot issues
];
}

31
makefu/1systems/latte/1blu/network.nix Normal file
View File

@ -0,0 +1,31 @@
{ config, lib, pkgs, modulesPath, ... }:
let
external-mac = "c4:37:72:55:4e:1c";
external-gw = "178.254.28.1";
external-ip = "178.254.30.202";
external-ip6 = "2a00:6800:3:18c::2";
external-gw6 = "2a00:6800:3::1";
external-netmask = 22;
external-netmask6 = 64;
internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
ext-if = "et0"; # gets renamed on the fly
in
{
services.udev.extraRules = ''
SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}"
'';
networking = {
interfaces."${ext-if}" = {
ipv4.addresses = [{
address = external-ip;
prefixLength = external-netmask;
}];
ipv6.addresses = [{
address = external-ip6;
prefixLength = external-netmask6;
}];
};
defaultGateway6 = { address = external-gw6; interface = ext-if; };
defaultGateway = external-gw;
};
}

27
makefu/1systems/latte/config.nix
View File

@ -1,4 +1,4 @@
{ config, pkgs, ... }:
{ config, lib, pkgs, ... }:
let
# external-ip = config.krebs.build.host.nets.internet.ip4.addr;
@ -10,11 +10,13 @@ let
in {
imports = [
./1blu
<stockholm/makefu>
#<stockholm/makefu/2configs/home-manager>
# configure your hw:
<stockholm/makefu/2configs/hw/CAC.nix>
#<stockholm/makefu/2configs/hw/CAC.nix>
<stockholm/makefu/2configs/tinc/retiolum.nix>
<stockholm/makefu/2configs/save-diskspace.nix>
#<stockholm/makefu/2configs/save-diskspace.nix>
# Security
<stockholm/makefu/2configs/sshd-totp.nix>
@ -25,29 +27,12 @@ in {
<stockholm/makefu/2configs/zsh-user.nix>
# Services
<stockholm/makefu/2configs/remote-build/slave.nix>
<stockholm/makefu/2configs/torrent.nix>
# <stockholm/makefu/2configs/torrent.nix>
];
krebs = {
enable = true;
build.host = config.krebs.hosts.latte;
};
boot.initrd.availableKernelModules = [ "ata_piix" "ehci_pci" "virtio_pci" "virtio_blk" "virtio_net" "virtio_scsi" ];
boot.loader.grub.device = "/dev/vda";
boot.loader.grub.copyKernels = true;
fileSystems."/" = {
device = "/dev/vda1";
fsType = "ext4";
};
networking = {
firewall = {
allowPing = true;
logRefusedConnections = false;
allowedTCPPorts = [ ];
allowedUDPPorts = [ 655 ];
};
# network interface receives dhcp address
nameservers = [ "8.8.8.8" ];
};
}

1
makefu/1systems/latte/source.nix
View File

@ -1,4 +1,5 @@
{
name = "latte";
torrent = true;
home-manager = true;
}