From b10092092f85271e6f24f33ae46b1cedfa486fcf Mon Sep 17 00:00:00 2001 From: Petru Paler Date: Sun, 4 Aug 2024 15:55:51 +0100 Subject: [PATCH] Initial config for chilly. --- flake.nix | 6 ++- hosts/chilly/default.nix | 12 ++++++ hosts/chilly/disk-config.nix | 76 +++++++++++++++++++++++++++++++++++ hosts/chilly/hardware.nix | 16 ++++++++ hosts/chilly/key.bin | Bin 0 -> 4096 bytes 5 files changed, 109 insertions(+), 1 deletion(-) create mode 100644 hosts/chilly/default.nix create mode 100644 hosts/chilly/disk-config.nix create mode 100644 hosts/chilly/hardware.nix create mode 100644 hosts/chilly/key.bin diff --git a/flake.nix b/flake.nix index cee430f..8bb0af2 100644 --- a/flake.nix +++ b/flake.nix @@ -7,13 +7,15 @@ impermanence.url = "github:nix-community/impermanence"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; + disko.url = "github:nix-community/disko"; + disko.inputs.nixpkgs.follows = "nixpkgs"; ppetru-home = { url = "git+file:../ppetru-home"; inputs.nixpkgs.follows = "nixpkgs"; }; }; - outputs = { self, nixpkgs, nixpkgs-unstable, deploy-rs, ppetru-home, ... }@inputs: + outputs = { self, nixpkgs, nixpkgs-unstable, deploy-rs, disko, ppetru-home, ... }@inputs: let inherit (self); @@ -28,6 +30,7 @@ nixpkgs.overlays = [ overlay-unstable ]; nixpkgs.config.allowUnfree = true; }) + disko.nixosModules.disko ] ++ modules; specialArgs = { inherit inputs self; }; }; @@ -39,6 +42,7 @@ nix-dev = mkNixos "x86_64-linux" [ ./hosts/nix-dev ]; alo-cloud-1 = mkNixos "aarch64-linux" [./hosts/alo-cloud-1 ]; zippy = mkNixos "x86_64-linux" [ ./hosts/zippy ]; + chilly = mkNixos "x86_64-linux" [ ./hosts/chilly ]; }; deploy = { diff --git a/hosts/chilly/default.nix b/hosts/chilly/default.nix new file mode 100644 index 0000000..82bbb18 --- /dev/null +++ b/hosts/chilly/default.nix @@ -0,0 +1,12 @@ +{ pkgs, inputs, ... }: +{ + imports = [ + ../../common/global + ../../common/compute-node.nix + ./disk-config.nix + ./hardware.nix + ]; + + networking.hostName = "chilly"; + services.tailscaleAutoconnect.authkey = "tskey-auth-kRXS9oPyPm11CNTRL-BE6YnbP9J6ZZuV9dHkX17ZMnm1JGdu93"; +} diff --git a/hosts/chilly/disk-config.nix b/hosts/chilly/disk-config.nix new file mode 100644 index 0000000..90df489 --- /dev/null +++ b/hosts/chilly/disk-config.nix @@ -0,0 +1,76 @@ +{ lib, ... }: +{ + disko.devices = { + disk.main = { + device = "/dev/disk/by-id/ata-FORESEE_512GB_SSD_MP15B03900928"; + type = "disk"; + content = { + type = "gpt"; + partitions = { + esp = { + name = "ESP"; + size = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + luksroot = { + end = "-8G"; + content = { + type = "luks"; + name = "luksroot"; + settings = { + allowDiscards = true; + keyFile = "/dev/disk/by-id/usb-Intenso_Micro_Line_22080777660586-0:0"; + keyFileSize = 4096; + }; + content = { + type = "btrfs"; + subvolumes = { + "root" = { + mountpoint = "/"; + mountOptions = [ + "compress=zstd" + "noatime" + ]; + }; + "nix" = { + mountpoint = "/nix"; + mountOptions = [ + "compress=zstd" + "noatime" + ]; + }; + "persist" = { + mountpoint = "/persist"; + mountOptions = [ + "compress=zstd" + "noatime" + ]; + }; + "log" = { + mountpoint = "/var/log"; + mountOptions = [ + "compress=zstd" + "noatime" + ]; + }; + }; + }; + }; + }; + swap = { + size = "8G"; + content = { + type = "swap"; + randomEncryption = true; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/chilly/hardware.nix b/hosts/chilly/hardware.nix new file mode 100644 index 0000000..3c629c1 --- /dev/null +++ b/hosts/chilly/hardware.nix @@ -0,0 +1,16 @@ +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + nixpkgs.hostPlatform = "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = true; +} + diff --git a/hosts/chilly/key.bin b/hosts/chilly/key.bin new file mode 100644 index 0000000000000000000000000000000000000000..e7ebdcf1e09c8b2044b7019d2660a1028a17d283 GIT binary patch literal 4096 zcmV+b5dZHtRF+msPF;@r+bdd8hVnN61<3m;t4Y4O-7rw#{MO@r#+k#tR?rmDq|OL< z4mZ|k*g`$1Ipw;C|dJx4WkbDE+4#~az1T_cB_@eF(UQf&Vz%TFy zS za3nV_Wv(1UW5!@V@@UZSegoG&EyFkZ<2rL&FNdXsHj0h+jmsy?*DV!hEMRWm$Or-< zvzTW&5-KT;(x{u$nEVdOcH#ekx1tZ&b3MO~PE;NbX>I?Uci3GDnzp^;u61gWbt*9< zML11Zrcq_KkuOwiXXD+5exM8ALWn^*wV)U|FpuKIfDL@C>PiiM8*qIpA_q2b`%EWz z@ZgOKD^`C(*7({*o}a!`gr3wUC)d(9oL@1UZhJ=VZ^r2|f$dX3#MTOm43UzV@-cD2 zU2Z(H+vYyglgg zP&%wdHn|nycK$O<6wGDjq?5u``|;i!-nlg};!wDA$)1q1R_k#YO0$Z7jQZ(9@5klo zz<+S*2u27RZ{@&}R&Dn%3&cTX+@3g=|H-GyQ3<^t!GHDo#UG+l(pZ<_TuEH{KhW^hrVa)KV98xnMecCm58Cgt7FVUmVjqL_)MJ; z=Gg2($lJT~rD^a8)AE2CnrYL(f|tGIy^`#ly2*!$|8z;p+xpSpX&46$@isS*&@foM zJTiaqlv>gM9x=RpnjNdwdo%^KYH2mXVay#T@p*l6E%f`(5_o9J@t+WI?G59)U-K|R z(?sN-W*w+=hw^qmm?ofp0HHq;T6e-|7ZR9lM%md-OmXsUiHXXdzuj#a&Y4Uu*ZmM~ z*UE+Y2a7YU)+APuYW61?N{!?S=I3tz=YX5`3vWYztI=tMzAUh9^{_L23ek}Xx|DnU zc}UavB6SD(gOnfCeHiF@CSnRv5+m@tO0j;l$maG2Ssx<|klG|Ud>TCPP4B}9&MMks z0a8U@b;u}(vS$1@qQ43)KNZDnXwWu)>@-~f3ZAcV7oM^$p}!AtK5P1F6O}F`6{!1J zkdTQI@0(pzR4P5kw<|Th!gh-@p@lSzRU@cL82sd`Zq9(*eH%A znk%e(pK_yzqXdaPX0Kx+K&!LQHh^EH)BiIqW-@MV>~|sZ0sSW9G_V<@mfl1*b3=}~ zl=Oor;~`IL!19Cgl)eIX-Q*mqCEFGT=SzxK*g!~pc--&EmhC_d7kJAX2F2Ct*`DYt z2&yDnP>LJGQ9}tS%BJCWj_MYxq3YcI7h(r4pb|0w8pbovpmurjxBd?Z5?Ju`7sokl zo+t7&$S?(7!j$vjDIPn2Fp9n*@}xyM(3!>-9~l?$@i(i~mi0G%wEIlfBI6ShG6qLP zE$wGqb=D);yhsC7khdqIBk0-InqrgI<6q+wsG=qiW>KaAZzY1Ohxv0KmGXr=$DS9B8XeY$M7J2J>)S08&D}29V zGSAt$S;vyXLDG_|r>}^0C6W4-fC6hQml3d7MBe?i%9>IX-+GRQ=^N3{MQ%*kdu|Z{ zy`0c#^G|+vxUj zMC17^%0*K+F+z`714!m~|FSFueW;fo72# z;_ceW8X*gDnf+c>(n?B&j-eM3ltj5a58GhEJJ6;@?PW!F7Sk^yda~5=`Q8BBNL1xQ zTH?!khcVMGpSF5m>?C@Kg#Y&_jL={qPRs-Z@44pLUF?rb)|PkG5|b|Wfdd0{HVB@g z7!Xup?Zi=Bl`lE6fyRUW>xmUbt|aR>>K0^Fe*ZhZrvE^vRf`Np8ydIACZbwQhn~@) z;Gz9nk|r>}KjwfW^VMq_!VNwQUD>dE`bSFQfO;oNe1WW5{a%hglL+vU3XKF05U?*# z(L!>GalA<|Z?*kd&s3#e?S`+@anbNdQg9O>YjBw=f(3$q)XS)&CZwu?vq1w)0fae87%Ay$7`Gw&ISXBbA%*Rqrou z%kwcb7=0i7d*rzD%b_eahYzznyo-tmpNJQN;Z=ODOAj~HE~2PCJ_9KITD;qe2C!l} zzSI{g@UP)+K&PKS;#zbHVC~yCEy^x-g^IcrR?nT(M_Lr^Qm_NKKvzE1sw<|oznVt8 zHajOs%>oJTRs_S=PqB?c4#&V#Q$wqx3o?c#LF)%toaaMX)(M`lh3@_nl=X`HCB#@v z&77F>&20k|SCdLNS)-(~9{cXQxl`+C)P*h#uCNaHUL3V-CdmH$H5GK&=}Kl|USP%` z7g44BJ~BER#m_PPy3mvzv0s2fe#Vtn7w!6B9BYLwsmOI*gVlT`Cf|;@==A1A>Pb$P zy0(ZV3DBbO-V~^ks7N)%dP`xikCmoi(rzPHWmW;2BSu*mrUBwVV}&*cXw;mNQWU*< z)l$seRUDjfxO-mrwB8L!WK7D z9Oe)pHYZtv*DKEGa_3DRf9AM zDC0e?A54oIR~`0~raf6h_2w(z?S$tlxC>7Ebs28s2?Uo~O+jG!ZZkfjM?XT?JYGzW z%#zwc-Xj+J2=`J3Yen%d4zfhV@9A;aeE0Kz&68h5>y0<#a!LxYj(s#iu4*rHUQ!7> z9vx(^Ydzoo5m8NyoFk#n6{3WSPP|Gam^rI?*G&zGdO%DN!`dK!ze?(_*gBERiTZmAj86A>)ztJDX@h#G?Bt~4= zdSj4i0Q`?5;q$mEO{wixg~ot0A5J?q_O=xpzP_v)NkT?z-=#c_FHiWv$RcBH`<_`A znCkR4t`j}~2dBrtlJkZAfDVSH>NGpPCQ2=I1}4ri<@xXD-DIS7pFJ=l++LhIzNTuk z?8H@1ED%jgABNzdSannyRv)<9RuHa*IS=3QgzM4lm3_YCJtLtyIdAcT6XT2pt}MsPtKYG&APo zq3B8yHp@QbNi6eZK5>T1O6t?odtoYVj)={)`dKT6`;+wFzzB19 z44QbrN#KHe+3%YL5r7Ajc1WE2VU&0y=+Cw1qBnz|!?1TXK?xC7`S?onwmiVWG&Hx8 z^lu|Vhe!3U=XC$>M!ewAc*KM5!h4QMrr7NzCilmlr{qUa+F2d;tAn?0`0z$eiGROt z7ZSZchX~4yNv&h}?Fdouo{CZEBDH~Os2Os1*H@naC9({?HUoV1RYk2~PBV|@nH3K( zz6u^Jnhe(!RVu8fmS3W^dyFRla7ZmYL%~4vxD2jgaX=IPJN{qkxfYn_0jjP=%IrDF zqeI!EhjWZ~f8a2X zV##B&^)bSJ3wJS11=toy=c0II{cO;B48M{`=%SEW?+<7lCiLAsZ7pK%qIF=Vz2f|~ zaU{kuMEgN@4-Gx78N7|xCS1oDN`Yv2#T51zJWn}~NC^ojoHVe$D<;a8b3KBAISp&_SgB=;i4V=OP^BFY`U(_ROjaWXLkFPJ=&buF?1W=#h%_W3O? zT&W*s3E9(a&1Ov~+nI?!ZnMxCY+$z0mmIuTO%~5LX=5B52H|EBp8h`0O`fQlPG^~) zOSB~7BXK<>x9U7laeG}kwaHwcurQwOwbS@O{M4N|UIZo$TaS$bDh<7@S6Dz|CiHIgqns~^OJJ(#Gs_OI+i30ARO*Mq8BRc@rd=!Zz%3O&|D`+Qv-H1_=f literal 0 HcmV?d00001