Merge remote-tracking branch 'gum/master'

This commit is contained in:
lassulus 2022-03-11 13:10:26 +01:00
commit b1576fa5a9
6 changed files with 111 additions and 8 deletions

View File

@ -154,6 +154,8 @@ in {
"krebsco.de" = '' "krebsco.de" = ''
latte.euer IN A ${nets.internet.ip4.addr} latte.euer IN A ${nets.internet.ip4.addr}
rss.euer IN A ${nets.internet.ip4.addr} rss.euer IN A ${nets.internet.ip4.addr}
o.euer IN A ${nets.internet.ip4.addr}
bw.euer IN A ${nets.internet.ip4.addr}
''; '';
}; };
cores = 4; cores = 4;
@ -217,7 +219,6 @@ in {
mon.euer IN A ${nets.internet.ip4.addr} mon.euer IN A ${nets.internet.ip4.addr}
netdata.euer IN A ${nets.internet.ip4.addr} netdata.euer IN A ${nets.internet.ip4.addr}
nixos.unstable IN CNAME krebscode.github.io. nixos.unstable IN CNAME krebscode.github.io.
o.euer IN A ${nets.internet.ip4.addr}
photostore IN A ${nets.internet.ip4.addr} photostore IN A ${nets.internet.ip4.addr}
pigstarter IN CNAME makefu.github.io. pigstarter IN CNAME makefu.github.io.
share.euer IN A ${nets.internet.ip4.addr} share.euer IN A ${nets.internet.ip4.addr}
@ -233,14 +234,13 @@ in {
maps.work.euer IN A ${nets.internet.ip4.addr} maps.work.euer IN A ${nets.internet.ip4.addr}
play.work.euer IN A ${nets.internet.ip4.addr} play.work.euer IN A ${nets.internet.ip4.addr}
ul.work.euer IN A ${nets.internet.ip4.addr} ul.work.euer IN A ${nets.internet.ip4.addr}
bw.euer IN A ${nets.internet.ip4.addr}
''; '';
}; };
cores = 8; cores = 8;
nets = rec { nets = rec {
internet = { internet = {
ip4.addr = "144.76.26.247"; ip4.addr = "142.132.189.140";
ip6.addr = "2a01:4f8:191:12f6::2"; ip6.addr = "fe80::9400:1ff:fe24:33f4";
aliases = [ aliases = [
"gum.i" "gum.i"
]; ];

View File

@ -8,7 +8,7 @@ let
in { in {
imports = [ imports = [
<stockholm/makefu> <stockholm/makefu>
./hardware-config.nix ./hetznercloud
{ {
users.users.lass = { users.users.lass = {
uid = 19002; uid = 19002;
@ -42,7 +42,7 @@ in {
<stockholm/makefu/2configs/tools/core.nix> <stockholm/makefu/2configs/tools/core.nix>
<stockholm/makefu/2configs/tools/dev.nix> <stockholm/makefu/2configs/tools/dev.nix>
<stockholm/makefu/2configs/tools/sec.nix> <stockholm/makefu/2configs/tools/sec.nix>
<stockholm/makefu/2configs/tools/desktop.nix> #<stockholm/makefu/2configs/tools/desktop.nix>
<stockholm/makefu/2configs/zsh-user.nix> <stockholm/makefu/2configs/zsh-user.nix>
<stockholm/makefu/2configs/mosh.nix> <stockholm/makefu/2configs/mosh.nix>
@ -109,7 +109,6 @@ in {
<stockholm/makefu/2configs/share/gum.nix> # samba sahre <stockholm/makefu/2configs/share/gum.nix> # samba sahre
<stockholm/makefu/2configs/torrent/rtorrent.nix> <stockholm/makefu/2configs/torrent/rtorrent.nix>
# <stockholm/makefu/2configs/sickbeard> # <stockholm/makefu/2configs/sickbeard>
<stockholm/makefu/2configs/bitwarden.nix>
{ nixpkgs.config.allowUnfree = true; } { nixpkgs.config.allowUnfree = true; }
#<stockholm/makefu/2configs/retroshare.nix> #<stockholm/makefu/2configs/retroshare.nix>
@ -189,7 +188,7 @@ in {
]; ];
# makefu.dl-dir = "/var/download"; # makefu.dl-dir = "/var/download";
makefu.dl-dir = "/media/cloud/download"; makefu.dl-dir = "/media/cloud/download/finished";
services.openssh.hostKeys = lib.mkForce [ services.openssh.hostKeys = lib.mkForce [
{ bits = 4096; path = (toString <secrets/ssh_host_rsa_key>); type = "rsa"; } { bits = 4096; path = (toString <secrets/ssh_host_rsa_key>); type = "rsa"; }

View File

@ -0,0 +1,50 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ ./network.nix
(modulesPath + "/profiles/qemu-guest.nix")
];
# Disk
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "rpool/root";
fsType = "zfs";
};
fileSystems."/home" =
{ device = "rpool/home";
fsType = "zfs";
};
fileSystems."/nix" =
{ device = "rpool/nix";
fsType = "zfs";
};
fileSystems."/boot" =
{ device = "/dev/sda1";
fsType = "vfat";
};
swapDevices = [ ];
boot.loader.grub.device = "/dev/sda";
networking.hostId = "3150697b"; # required for zfs use
boot.tmpOnTmpfs = true;
boot.supportedFilesystems = [ "zfs" ];
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.copyKernels = true;
boot.zfs.devNodes = "/dev"; # fixes some virtualmachine issues
boot.kernelParams = [
"boot.shell_on_fail"
"panic=30" "boot.panic_on_fail" # reboot the machine upon fatal boot issues
];
}

View File

@ -0,0 +1,13 @@
ROOT_DEVICE=/dev/sda2
NIXOS_BOOT=/dev/sda1
zpool create -o ashift=12 -o altroot=/mnt rpool $ROOT_DEVICE
zfs create -o mountpoint=legacy rpool/root
zfs create -o mountpoint=legacy rpool/home
zfs create -o mountpoint=legacy rpool/nix
mount -t zfs rpool/root /mnt
mkdir /mnt/{home,nix,boot}
mount -t zfs rpool/home /mnt/home
mount -t zfs rpool/nix /mnt/nix
mount $NIXOS_BOOT /mnt/boot/

View File

@ -0,0 +1,35 @@
{ config, lib, pkgs, modulesPath, ... }:
let
external-mac = "96:00:01:24:33:f4";
external-gw = "172.31.1.1";
external-ip = "142.132.189.140";
external-ip6 = "2a01:4f8:1c17:5cdf::2/64";
external-gw6 = "fe80::1";
external-netmask = 32;
external-netmask6 = 64;
internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
ext-if = "et0"; # gets renamed on the fly
in
{
makefu.server.primary-itf = ext-if;
services.udev.extraRules = ''
SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}"
'';
networking = {
interfaces."${ext-if}" = {
useDHCP = true;
};
#ipv4.addresses = [{
# address = external-ip;
# prefixLength = external-netmask;
#}];
#ipv6.addresses = [{
# address = external-ip6;
# prefixLength = external-netmask6;
# }];
#};
#defaultGateway6 = { address = external-gw6; interface = ext-if; };
#defaultGateway = external-gw;
nameservers = [ "1.1.1.1" ];
};
}

View File

@ -0,0 +1,6 @@
label: gpt
device: /dev/sda
unit: sectors
1 : size=524288 type=0FC63DAF-8483-4772-8E79-3D69D8477DE4
4 : size=4096 type=21686148-6449-6E6F-744E-656564454649
2 : type=0FC63DAF-8483-4772-8E79-3D69D8477DE4