lander/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: lander:5d68fbf0a198291330fe626d93cb1d80cb31a49e
Branches Tags
lander:main
..
compare: lander:4efb3f26fe1ed4f1411202d3def09b4bafed68ea
Branches Tags
lander:main

No commits in common. "5d68fbf0a198291330fe626d93cb1d80cb31a49e" and "4efb3f26fe1ed4f1411202d3def09b4bafed68ea" have entirely different histories.
5d68fbf0a1 ... 4efb3f26fe

6 changed files with 34 additions and 95 deletions
Download patch file Download diff file Expand all files Collapse all files

1
hosts/hyp-01/default.nix
View file

@ -5,7 +5,6 @@
{ {
networking.hostName = "hyp-01"; networking.hostName = "hyp-01";
networking.hostId = "ae2c05d3"; networking.hostId = "ae2c05d3";
nixpkgs.hostPlatform = "x86_64-linux";
imports = [ imports = [
inputs.disko.nixosModules.disko inputs.disko.nixosModules.disko

1
hosts/hyp-01/modules/boot.nix
View file

@ -3,5 +3,6 @@
boot.loader.systemd-boot.enable = false; boot.loader.systemd-boot.enable = false;
boot.loader.grub = { boot.loader.grub = {
enable = true; enable = true;
efiSupport = false;
}; };
} }

78
hosts/hyp-01/modules/disko.nix
View file

@ -9,82 +9,60 @@ in
type = "disk"; type = "disk";
device = disk1; device = disk1;
content = { content = {
type = "gpt"; type = "table";
efiGptPartitionFirst = false; format = "mbr";
partitions = { partitions = [
boot = { {
priority = 1; name = "boot-primary";
type = "EF02";
size = "32M";
content = {
type = "filesystem";
format = "vfat";
mountpoint = null;
};
hybrid = {
mbrPartitionType = "0x0c";
mbrBootableFlag = false;
};
};
esp = {
size = "1G"; size = "1G";
type = "EF00"; bootable = true;
type = "EF02";
content = { content = {
type = "filesystem"; type = "filesystem";
format = "vfat"; format = "vfat";
mountpoint = "/boot"; mountpoint = "/boot";
mountOptions = [ "nofail" ]; mountOptions = [ "nofail" ];
}; };
}; }
zfs = { {
name = "zfs-a";
size = "100%"; size = "100%";
content = { content = {
type = "zfs"; type = "zfs";
pool = "zroot"; pool = "zroot";
}; };
}; }
}; ];
}; };
}; };
disk2 = { disk2 = {
type = "disk"; type = "disk";
device = disk2; device = disk2;
content = { content = {
type = "gpt"; type = "table";
efiGptPartitionFirst = false; format = "mbr";
partitions = { partitions = [
boot = { {
priority = 1; name = "boot-secondary";
type = "EF02";
size = "32M";
content = {
type = "filesystem";
format = "vfat";
mountpoint = null;
};
hybrid = {
mbrPartitionType = "0x0c";
mbrBootableFlag = false;
};
};
esp = {
size = "1G"; size = "1G";
type = "EF00"; bootable = true;
type = "EF02";
content = { content = {
type = "filesystem"; type = "filesystem";
format = "vfat"; format = "vfat";
mountpoint = "/boot-fallback"; mountpoint = "/boot-fallback";
mountOptions = [ "nofail" ]; mountOptions = [ "nofail" ];
}; };
}; }
zfs = { {
name = "zfs-b";
size = "100%"; size = "100%";
content = { content = {
type = "zfs"; type = "zfs";
pool = "zroot"; pool = "zroot";
}; };
}; }
}; ];
}; };
}; };
}; };
@ -126,14 +104,8 @@ in
boot.loader.grub = { boot.loader.grub = {
device = disk1; device = disk1;
version = 2;
zfsSupport = true;
efiSupport = true;
mirroredBoots = [ mirroredBoots = [
{
devices = [ disk1 ];
path = "/boot";
}
{ {
devices = [ disk2 ]; devices = [ disk2 ];
path = "/boot-fallback"; path = "/boot-fallback";

6
hosts/hyp-01/modules/impermanence.nix
View file

@ -1,5 +1,7 @@
{ lib, ... }:
{ {
boot.initrd.systemd.enable = true; boot.initrd.systemd.enable = true;
boot.initrd.postDeviceCommands = lib.mkAfter "zfs mount -a";
fileSystems."/" = { fileSystems."/" = {
device = "none"; device = "none";
@ -11,14 +13,10 @@
]; ];
}; };
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = { environment.persistence."/persist" = {
directories = [ directories = [
"/etc/nixos" "/etc/nixos"
"/etc/secrets"
"/var/log" "/var/log"
"/var/lib/nixos"
]; ];
files = [ files = [
"/etc/machine-id" "/etc/machine-id"

37
hosts/hyp-01/modules/networking.nix
View file

@ -1,9 +1,4 @@
{ { config, lib, ... }:
config,
lib,
pkgs,
...
}:
{ {
options = { options = {
networking.hyp-01.ipv4.address = lib.mkOption { networking.hyp-01.ipv4.address = lib.mkOption {
@ -45,36 +40,12 @@
systemd.network.networks."10-uplink".networkConfig.Address = config.networking.hyp-01.ipv6.address; systemd.network.networks."10-uplink".networkConfig.Address = config.networking.hyp-01.ipv6.address;
boot.kernelParams = [ "ip=dhcp" ]; boot.initrd.systemd.network.networks."10-uplink" = config.systemd.networks."10-uplink";
boot.initrd = {
availableKernelModules = [ "e1000e" ];
systemd = boot.initrd.network = {
let
askPass = pkgs.writeShellScriptBin "zfs-askpass" ''
systemd-tty-ask-password-agent --watch
'';
in
{
enable = true; enable = true;
storePaths = [ "${askPass}/bin/zfs-askpass" ];
users.root.shell = "${askPass}/bin/zfs-askpass";
}; };
network = { boot.initrd.kernelModules = [ "igb" ];
enable = true;
ssh = {
enable = true;
port = 2222;
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPnthKtz0fE4yQ/X10cJgKVCjYCNkRNoqV28xAhD7h2M cardno:22_498_026"
];
hostKeys = [
"/etc/secrets/initrd/ssh_host_ed25519_key"
];
};
};
};
}; };
} }

2
hosts/hyp-01/modules/users.nix
View file

@ -17,6 +17,4 @@ in
]; ];
openssh.authorizedKeys.keys = [ sshKey ]; openssh.authorizedKeys.keys = [ sshKey ];
}; };
programs.zsh.enable = true;
} }