hosts/{caramel,dandelion}: decommission
This commit is contained in:
parent
4a71a4cb79
commit
bebaa0c14f
GPG key ID:
6500251E087653C9
12 changed files with 0 additions and 308 deletions
12
flake.nix
12
flake.nix
|
|
@ -87,19 +87,8 @@
|
|||
in
|
||||
{
|
||||
nixosConfigurations."anemone" = mkSystem nixpkgs "anemone" "x86_64-linux" true [];
|
||||
nixosConfigurations."blossom" = mkSystem nixpkgs "blossom" "x86_64-linux" true [];
|
||||
nixosConfigurations."hyacinth" = mkSystem nixpkgs "hyacinth" "x86_64-linux" true [];
|
||||
|
||||
nixosConfigurations."caramel" = mkSystem nixpkgs-raccoon "caramel" "aarch64-linux" false [{
|
||||
nixpkgs.overlays = [
|
||||
(self: super: {
|
||||
makeModulesClosure = x: super.makeModulesClosure (x // { allowMissing = true; });
|
||||
})
|
||||
];
|
||||
}];
|
||||
nixosConfigurations."sugarcane" = mkSystem nixpkgs-raccoon "sugarcane" "x86_64-linux" false [];
|
||||
nixosConfigurations."dandelion" = mkSystem nixpkgs-stable "dandelion" "aarch64-linux" false [];
|
||||
|
||||
packages."x86_64-linux" =
|
||||
let
|
||||
pkgs = import nixpkgs rec {
|
||||
|
|
@ -119,7 +108,6 @@
|
|||
};
|
||||
in
|
||||
{
|
||||
caramel-img = self.nixosConfigurations."caramel".config.system.build.sdImage;
|
||||
};
|
||||
|
||||
# TODO: currently broken
|
||||
|
|
|
|||
|
|
@ -1,43 +0,0 @@
|
|||
{ config, inputs, modules, modulesPath, overlays, pkgs, ... }: {
|
||||
networking.hostName = "caramel";
|
||||
system.stateVersion = "22.11";
|
||||
time.timeZone = "Asia/Phnom_Penh";
|
||||
|
||||
age.secrets = {
|
||||
acme_dns.file = ../../secrets/acme_dns.age;
|
||||
passwd.file = ../../secrets/passwd.age;
|
||||
warden_admin.file = ../../secrets/warden_admin.age;
|
||||
wpa_conf.file = ../../secrets/wpa_conf.age;
|
||||
wg_caramel.file = ../../secrets/wg_caramel.age;
|
||||
};
|
||||
imports =
|
||||
(with modules.system; [
|
||||
"${builtins.toString modulesPath}/installer/sd-card/sd-image-aarch64.nix"
|
||||
inputs.home-manager-raccoon.nixosModule
|
||||
|
||||
base
|
||||
home-manager
|
||||
input
|
||||
nix-stable
|
||||
security
|
||||
transmission
|
||||
wireguard
|
||||
|
||||
./filesystem.nix
|
||||
./kernel.nix
|
||||
./image.nix
|
||||
./networking.nix
|
||||
./packages.nix
|
||||
|
||||
../../users/hana
|
||||
]) ++
|
||||
(with modules.services; [
|
||||
# nginx
|
||||
# postgres
|
||||
# synapse
|
||||
jellyfin
|
||||
sonarr
|
||||
tmptsync
|
||||
unbound
|
||||
]);
|
||||
}
|
||||
|
|
@ -1,50 +0,0 @@
|
|||
{ config, lib, ... }:
|
||||
let
|
||||
bind = src: {
|
||||
depends = [ "/persist" ];
|
||||
device = src;
|
||||
fsType = "none";
|
||||
neededForBoot = true;
|
||||
options = [ "bind" ];
|
||||
};
|
||||
in {
|
||||
fileSystems = {
|
||||
"/" = lib.mkForce {
|
||||
device = "rootfs";
|
||||
fsType = "tmpfs";
|
||||
options = [ "defaults" "size=1G" "mode=755" ];
|
||||
};
|
||||
|
||||
# "/nix" = {
|
||||
# device = "overlayfs";
|
||||
# fsType = "overlay";
|
||||
# options = [
|
||||
# "lowerdir=/mnt/image/nix"
|
||||
# "upperdir=/persist/nix-overlay"
|
||||
# "workdir=/persist/.overlaytmp"
|
||||
# ];
|
||||
# noCheck = true;
|
||||
# depends = [ "/mnt/image" "/persist" ];
|
||||
# };
|
||||
|
||||
"/nix" = (bind "/mnt/image/nix") // { depends = [ "/mnt/image" ]; };
|
||||
|
||||
"/mnt/image" = {
|
||||
device = "/dev/disk/by-label/NIXOS_SD";
|
||||
fsType = "ext4";
|
||||
options = [ "defaults" "noatime" ];
|
||||
neededForBoot = true;
|
||||
};
|
||||
|
||||
"/persist" = {
|
||||
device = "/dev/disk/by-label/PI_HDD";
|
||||
fsType = "ext4";
|
||||
options = [ "defaults" "relatime" ];
|
||||
neededForBoot = true;
|
||||
};
|
||||
|
||||
"/var/lib/acme" = bind "/persist/acme";
|
||||
"/var/log/journal" = bind "/persist/journal";
|
||||
"/boot" = (bind "/mnt/image/boot") // { depends = [ "/mnt/image" ]; };
|
||||
};
|
||||
}
|
||||
|
|
@ -1,29 +0,0 @@
|
|||
{ config, lib, pkgs, ... }: {
|
||||
sdImage.expandOnBoot = false;
|
||||
boot.postBootCommands = ''
|
||||
# On the first boot do some maintenance tasks
|
||||
if [ -f /mnt/image/nix-path-registration ]; then
|
||||
set -euo pipefail
|
||||
set -x
|
||||
# Figure out device names for the boot device and root filesystem.
|
||||
rootPart=$(${pkgs.util-linux}/bin/findmnt -n -o SOURCE /mnt/image)
|
||||
bootDevice=$(lsblk -npo PKNAME $rootPart)
|
||||
partNum=$(lsblk -npo MAJ:MIN $rootPart | ${pkgs.gawk}/bin/awk -F: '{print $2}')
|
||||
|
||||
# Resize the root partition and the filesystem to fit the disk
|
||||
echo ",+," | sfdisk -N$partNum --no-reread $bootDevice
|
||||
${pkgs.parted}/bin/partprobe
|
||||
${pkgs.e2fsprogs}/bin/resize2fs $rootPart
|
||||
|
||||
# Register the contents of the initial Nix store
|
||||
${config.nix.package.out}/bin/nix-store --load-db < /mnt/image/nix-path-registration
|
||||
|
||||
# nixos-rebuild also requires a "system" profile and an /etc/NIXOS tag.
|
||||
touch /etc/NIXOS
|
||||
${config.nix.package.out}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system
|
||||
|
||||
# Prevents this from running on later boots.
|
||||
rm -f /mnt/image/nix-path-registration
|
||||
fi
|
||||
'';
|
||||
}
|
||||
|
|
@ -1,15 +0,0 @@
|
|||
{ config, inputs, lib, pkgs, ... }: {
|
||||
imports = [
|
||||
inputs.nixos-hardware.nixosModules.raspberry-pi-4
|
||||
];
|
||||
hardware.raspberry-pi."4".fkms-3d.enable = true;
|
||||
|
||||
boot = {
|
||||
initrd.kernelModules = [ "overlay" ];
|
||||
supportedFilesystems = lib.mkForce [ "btrfs" "vfat" ];
|
||||
kernel.sysctl = {
|
||||
"kernel.core_pattern" = "|/bin/false";
|
||||
"kernel.sysrq" = 1;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -1,35 +0,0 @@
|
|||
{ config, ... }: {
|
||||
environment.etc."wpa_supplicant.conf".source = config.age.secrets.wpa_conf.path;
|
||||
networking = {
|
||||
firewall.allowedTCPPorts = [ 80 443 ];
|
||||
|
||||
wireless = {
|
||||
enable = true;
|
||||
interfaces = [ "wlan0" ];
|
||||
};
|
||||
|
||||
useDHCP = false;
|
||||
interfaces.wlan0.useDHCP = false;
|
||||
|
||||
interfaces.wlan0.ipv4.addresses = [{
|
||||
address = "192.168.100.15";
|
||||
prefixLength = 24;
|
||||
}];
|
||||
defaultGateway = "192.168.100.1";
|
||||
nameservers = [ "8.8.8.8" ];
|
||||
|
||||
extraHosts = ''
|
||||
192.168.100.12 strawberry
|
||||
192.168.100.13 blossom
|
||||
'';
|
||||
};
|
||||
|
||||
# wait for ntp before connecting to wireguard
|
||||
systemd = {
|
||||
additionalUpstreamSystemUnits = [ "systemd-time-wait-sync.service" ];
|
||||
services = {
|
||||
"systemd-time-wait-sync".wantedBy = [ "multi-user.target" ];
|
||||
"wireguard-wg0".after = [ "time-sync.target" ];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
{ lib, pkgs, ... }: {
|
||||
environment.systemPackages = with pkgs; [
|
||||
git
|
||||
htop
|
||||
jq
|
||||
neovim
|
||||
rsync
|
||||
sshfs
|
||||
wget
|
||||
|
||||
kitty.terminfo
|
||||
];
|
||||
environment.variables.EDITOR = "nvim";
|
||||
}
|
||||
|
|
@ -1,31 +0,0 @@
|
|||
{ config, inputs, modules, modulesPath, overlays, pkgs, ... }: {
|
||||
networking.hostName = "dandelion";
|
||||
system.stateVersion = "23.11";
|
||||
time.timeZone = "Australia/Melbourne";
|
||||
|
||||
age.secrets = {
|
||||
acme_dns.file = ../../secrets/acme_dns.age;
|
||||
};
|
||||
|
||||
imports = with modules.system; [
|
||||
(modulesPath + "/profiles/qemu-guest.nix")
|
||||
inputs.home-manager-stable.nixosModule
|
||||
|
||||
base
|
||||
home-manager
|
||||
input
|
||||
nix-stable
|
||||
security
|
||||
#wireguard
|
||||
|
||||
modules.services.nginx
|
||||
modules.services.postgres
|
||||
|
||||
./filesystem.nix
|
||||
./kernel.nix
|
||||
./networking.nix
|
||||
./packages.nix
|
||||
|
||||
../../users/hana
|
||||
];
|
||||
}
|
||||
|
|
@ -1,35 +0,0 @@
|
|||
{ config, lib, ... }:
|
||||
let
|
||||
bind = src: {
|
||||
depends = [ "/nix" ];
|
||||
device = src;
|
||||
fsType = "none";
|
||||
neededForBoot = true;
|
||||
options = [ "bind" ];
|
||||
};
|
||||
|
||||
mkLabelMount = label: type: lazy: {
|
||||
device = "/dev/disk/by-label/${label}";
|
||||
fsType = type;
|
||||
options = [ "defaults" "relatime" ] ++ lib.optionals lazy [ "nofail" ];
|
||||
};
|
||||
mkBtrfsMount = name: subvol: atime: mkLabelMount name "btrfs" false // {
|
||||
options = [ "autodefrag" "compress=zstd:3" "defaults" "discard=async" "space_cache=v2" "ssd" "subvol=${subvol}" (if atime then "relatime" else "noatime") ];
|
||||
};
|
||||
submount = mkBtrfsMount "DANDELION";
|
||||
in {
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
device = "rootfs";
|
||||
fsType = "tmpfs";
|
||||
options = [ "defaults" "size=12G" "mode=755" ];
|
||||
};
|
||||
|
||||
"/boot" = submount "/@/boot" false;
|
||||
"/boot/efi" = mkLabelMount "UEFI" "vfat" true;
|
||||
"/nix" = submount "/@/nix" false;
|
||||
"/persist" = (submount "/@/persist" true) // { neededForBoot = true; };
|
||||
"/persist/.snapshots" = submount "/snap/persist" false;
|
||||
"/var/log/journal" = bind "/persist/journal";
|
||||
};
|
||||
}
|
||||
|
|
@ -1,20 +0,0 @@
|
|||
{ config, inputs, pkgs, ... }: {
|
||||
boot = {
|
||||
loader = {
|
||||
systemd-boot.enable = false;
|
||||
efi.canTouchEfiVariables = true;
|
||||
efi.efiSysMountPoint = "/boot/efi";
|
||||
grub = {
|
||||
enable = true;
|
||||
efiSupport = true;
|
||||
device = "/dev/sda";
|
||||
};
|
||||
};
|
||||
initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" ];
|
||||
initrd.kernelModules = [ "nvme" ];
|
||||
kernel.sysctl = {
|
||||
"kernel.core_pattern" = "|/bin/false";
|
||||
"kernel.sysrq" = 1;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
{ config, ... }: {
|
||||
networking = {
|
||||
useDHCP = true;
|
||||
|
||||
# extraHosts = ''
|
||||
# 10.100.0.3 blossom
|
||||
# 10.100.0.4 strawberry
|
||||
# '';
|
||||
};
|
||||
}
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
{ lib, pkgs, ... }: {
|
||||
environment.systemPackages = with pkgs; [
|
||||
git
|
||||
htop
|
||||
jq
|
||||
neovim
|
||||
rsync
|
||||
sshfs
|
||||
wget
|
||||
|
||||
kitty.terminfo
|
||||
];
|
||||
environment.variables.EDITOR = "nvim";
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue