feat: add hyp-01

Signed-off-by: Lander Van den Bulcke <landervandenbulcke@gmail.com>

hosts/hyp-01/default.nix

@@ -0,0 +1,25 @@
+{
+  inputs,
+  ...
+}:
+{
+  networking.hostName = "hyp-01";
+  networking.hostId = "ae2c05d3";
+
+  imports = [
+    inputs.disko.nixosModules.disko
+    inputs.impermanence.nixosModules.impermanence
+    inputs.srvos.nixosModules.server
+    inputs.srvos.nixosModules.hardware-hetzner-online-intel
+    inputs.srvos.nixosModules.mixins-terminfo
+    inputs.srvos.nixosModules.mixins-nginx
+
+    ./modules/boot.nix
+    ./modules/disko.nix
+    ./modules/impermanence.nix
+    ./modules/networking.nix
+    ./modules/users.nix
+  ];
+
+  system.stateVersion = "25.05";
+}

hosts/hyp-01/modules/boot.nix

@@ -0,0 +1,8 @@
+{
+  # BIOS system
+  boot.loader.systemd-boot.enable = false;
+  boot.loader.grub = {
+    enable = true;
+    efiSupport = false;
+  };
+}

hosts/hyp-01/modules/disko.nix

@@ -0,0 +1,115 @@
+let
+  disk1 = "/dev/disk/by-path/pci-0000:00:17.0-ata-2.0";
+  disk2 = "/dev/disk/by-path/pci-0000:00:17.0-ata-3.0";
+in
+{
+  disko.devices = {
+    disk = {
+      disk1 = {
+        type = "disk";
+        device = disk1;
+        content = {
+          type = "table";
+          format = "mbr";
+          partitions = [
+            {
+              name = "boot-primary";
+              size = "1G";
+              bootable = true;
+              type = "EF02";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+                mountOptions = [ "nofail" ];
+              };
+            }
+            {
+              name = "zfs-a";
+              size = "100%";
+              content = {
+                type = "zfs";
+                pool = "zroot";
+              };
+            }
+          ];
+        };
+      };
+      disk2 = {
+        type = "disk";
+        device = disk2;
+        content = {
+          type = "table";
+          format = "mbr";
+          partitions = [
+            {
+              name = "boot-secondary";
+              size = "1G";
+              bootable = true;
+              type = "EF02";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot-fallback";
+                mountOptions = [ "nofail" ];
+              };
+            }
+            {
+              name = "zfs-b";
+              size = "100%";
+              content = {
+                type = "zfs";
+                pool = "zroot";
+              };
+            }
+          ];
+        };
+      };
+    };
+    zpool = {
+      zroot = {
+        type = "zpool";
+        mode = "mirror";
+        rootFsOptions = {
+          compression = "lz4";
+          acltype = "posixacl";
+          xattr = "sa";
+          "com.sun:auto-snapshot" = "true";
+          mountpoint = "none";
+        };
+        options.ashift = "12";
+        datasets = {
+          "root" = {
+            type = "zfs_fs";
+            options = {
+              mountpoint = "none";
+              encryption = "aes-256-gcm";
+              keyformat = "passphrase";
+              keylocation = "prompt";
+            };
+          };
+          "root/nix" = {
+            type = "zfs_fs";
+            mountpoint = "/nix";
+            options.atime = "off";
+          };
+          "root/persist" = {
+            type = "zfs_fs";
+            mountpoint = "/persist";
+          };
+        };
+      };
+    };
+  };
+
+  boot.loader.grub = {
+    device = disk1;
+
+    mirroredBoots = [
+      {
+        devices = [ disk2 ];
+        path = "/boot-fallback";
+      }
+    ];
+  };
+}

hosts/hyp-01/modules/impermanence.nix

@@ -0,0 +1,30 @@
+{ lib, ... }:
+{
+  boot.initrd.systemd.enable = true;
+  boot.initrd.postDeviceCommands = lib.mkAfter "zfs mount -a";
+
+  fileSystems."/" = {
+    device = "none";
+    fsType = "tmpfs";
+    options = [
+      "defaults"
+      "size=4G"
+      "mode=755"
+    ];
+  };
+
+  environment.persistence."/persist" = {
+    directories = [
+      "/etc/nixos"
+      "/var/log"
+    ];
+    files = [
+      "/etc/machine-id"
+      "/etc/ssh/ssh_host_rsa_key"
+      "/etc/ssh/ssh_host_rsa_key.pub"
+      "/etc/ssh/ssh_host_ed25519_key"
+      "/etc/ssh/ssh_host_ed25519_key.pub"
+    ];
+  };
+
+}

hosts/hyp-01/modules/networking.nix

@@ -0,0 +1,51 @@
+{ config, lib, ... }:
+{
+  options = {
+    networking.hyp-01.ipv4.address = lib.mkOption {
+      type = lib.types.str;
+      default = "88.99.145.10";
+    };
+
+    networking.hyp-01.ipv4.cidr = lib.mkOption {
+      type = lib.types.str;
+      default = "26";
+    };
+
+    networking.hyp-01.ipv4.gateway = lib.mkOption {
+      type = lib.types.str;
+      default = "88.99.145.1";
+    };
+
+    networking.hyp-01.ipv6.address = lib.mkOption {
+      type = lib.types.str;
+      default = "2a01:4f8:10a:2962::1";
+    };
+
+    networking.hyp-01.ipv6.cidr = lib.mkOption {
+      type = lib.types.str;
+      default = "64";
+    };
+
+    networking.hyp-01.ipv6.gateway = lib.mkOption {
+      type = lib.types.str;
+      default = "fe80::1";
+    };
+  };
+
+  config = {
+    networking = {
+      dhcpcd.enable = false;
+      nameservers = [ "9.9.9.9" ];
+    };
+
+    systemd.network.networks."10-uplink".networkConfig.Address = config.networking.hyp-01.ipv6.address;
+
+    boot.initrd.systemd.network.networks."10-uplink" = config.systemd.networks."10-uplink";
+
+    boot.initrd.network = {
+      enable = true;
+    };
+
+    boot.initrd.kernelModules = [ "igb" ];
+  };
+}

hosts/hyp-01/modules/users.nix

@@ -0,0 +1,20 @@
+{ pkgs, ... }:
+let
+  sshKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPnthKtz0fE4yQ/X10cJgKVCjYCNkRNoqV28xAhD7h2M cardno:22_498_026";
+in
+{
+  users.mutableUsers = false;
+
+  users.users.root = {
+    openssh.authorizedKeys.keys = [ sshKey ];
+  };
+
+  users.users.lander = {
+    isNormalUser = true;
+    shell = pkgs.zsh;
+    extraGroups = [
+      "wheel"
+    ];
+    openssh.authorizedKeys.keys = [ sshKey ];
+  };
+}