ma latte.r: run on 1blu
This commit is contained in:
parent
cbacf6c58f
commit
78669833b1
50
1systems/latte/1blu/default.nix
Normal file
50
1systems/latte/1blu/default.nix
Normal file
|
@ -0,0 +1,50 @@
|
||||||
|
{ config, lib, pkgs, modulesPath, ... }:
|
||||||
|
{
|
||||||
|
|
||||||
|
imports =
|
||||||
|
[ ./network.nix
|
||||||
|
(modulesPath + "/profiles/qemu-guest.nix")
|
||||||
|
];
|
||||||
|
|
||||||
|
# Disk
|
||||||
|
boot.initrd.availableKernelModules = [ "ata_piix" "virtio_pci" "virtio_scsi" "xhci_pci" "sr_mod" "virtio_blk" ];
|
||||||
|
boot.initrd.kernelModules = [ ];
|
||||||
|
boot.kernelModules = [ ];
|
||||||
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
|
fileSystems."/" =
|
||||||
|
{ device = "tank/root";
|
||||||
|
fsType = "zfs";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/home" =
|
||||||
|
{ device = "tank/home";
|
||||||
|
fsType = "zfs";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/nix" =
|
||||||
|
{ device = "tank/nix";
|
||||||
|
fsType = "zfs";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/boot" =
|
||||||
|
{ device = "/dev/disk/by-uuid/AEF3-A486";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices = [ ];
|
||||||
|
boot.loader.grub.device = "/dev/vda";
|
||||||
|
|
||||||
|
networking.hostId = "3150697c"; # required for zfs use
|
||||||
|
boot.tmpOnTmpfs = true;
|
||||||
|
boot.supportedFilesystems = [ "zfs" ];
|
||||||
|
|
||||||
|
boot.loader.grub.enable = true;
|
||||||
|
boot.loader.grub.version = 2;
|
||||||
|
boot.loader.grub.copyKernels = true;
|
||||||
|
boot.zfs.devNodes = "/dev"; # fixes some virtualmachine issues
|
||||||
|
boot.kernelParams = [
|
||||||
|
"boot.shell_on_fail"
|
||||||
|
"panic=30" "boot.panic_on_fail" # reboot the machine upon fatal boot issues
|
||||||
|
];
|
||||||
|
}
|
31
1systems/latte/1blu/network.nix
Normal file
31
1systems/latte/1blu/network.nix
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
{ config, lib, pkgs, modulesPath, ... }:
|
||||||
|
let
|
||||||
|
external-mac = "c4:37:72:55:4e:1c";
|
||||||
|
external-gw = "178.254.28.1";
|
||||||
|
external-ip = "178.254.30.202";
|
||||||
|
external-ip6 = "2a00:6800:3:18c::2";
|
||||||
|
external-gw6 = "2a00:6800:3::1";
|
||||||
|
external-netmask = 22;
|
||||||
|
external-netmask6 = 64;
|
||||||
|
internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
|
||||||
|
ext-if = "et0"; # gets renamed on the fly
|
||||||
|
in
|
||||||
|
{
|
||||||
|
services.udev.extraRules = ''
|
||||||
|
SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}"
|
||||||
|
'';
|
||||||
|
networking = {
|
||||||
|
interfaces."${ext-if}" = {
|
||||||
|
ipv4.addresses = [{
|
||||||
|
address = external-ip;
|
||||||
|
prefixLength = external-netmask;
|
||||||
|
}];
|
||||||
|
ipv6.addresses = [{
|
||||||
|
address = external-ip6;
|
||||||
|
prefixLength = external-netmask6;
|
||||||
|
}];
|
||||||
|
};
|
||||||
|
defaultGateway6 = { address = external-gw6; interface = ext-if; };
|
||||||
|
defaultGateway = external-gw;
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,4 +1,4 @@
|
||||||
{ config, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
let
|
let
|
||||||
|
|
||||||
# external-ip = config.krebs.build.host.nets.internet.ip4.addr;
|
# external-ip = config.krebs.build.host.nets.internet.ip4.addr;
|
||||||
|
@ -10,11 +10,13 @@ let
|
||||||
in {
|
in {
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
|
./1blu
|
||||||
<stockholm/makefu>
|
<stockholm/makefu>
|
||||||
|
#<stockholm/makefu/2configs/home-manager>
|
||||||
# configure your hw:
|
# configure your hw:
|
||||||
<stockholm/makefu/2configs/hw/CAC.nix>
|
#<stockholm/makefu/2configs/hw/CAC.nix>
|
||||||
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
<stockholm/makefu/2configs/tinc/retiolum.nix>
|
||||||
<stockholm/makefu/2configs/save-diskspace.nix>
|
#<stockholm/makefu/2configs/save-diskspace.nix>
|
||||||
|
|
||||||
# Security
|
# Security
|
||||||
<stockholm/makefu/2configs/sshd-totp.nix>
|
<stockholm/makefu/2configs/sshd-totp.nix>
|
||||||
|
@ -25,29 +27,12 @@ in {
|
||||||
<stockholm/makefu/2configs/zsh-user.nix>
|
<stockholm/makefu/2configs/zsh-user.nix>
|
||||||
# Services
|
# Services
|
||||||
<stockholm/makefu/2configs/remote-build/slave.nix>
|
<stockholm/makefu/2configs/remote-build/slave.nix>
|
||||||
<stockholm/makefu/2configs/torrent.nix>
|
# <stockholm/makefu/2configs/torrent.nix>
|
||||||
|
|
||||||
];
|
];
|
||||||
krebs = {
|
krebs = {
|
||||||
enable = true;
|
enable = true;
|
||||||
build.host = config.krebs.hosts.latte;
|
build.host = config.krebs.hosts.latte;
|
||||||
};
|
};
|
||||||
boot.initrd.availableKernelModules = [ "ata_piix" "ehci_pci" "virtio_pci" "virtio_blk" "virtio_net" "virtio_scsi" ];
|
|
||||||
|
|
||||||
boot.loader.grub.device = "/dev/vda";
|
|
||||||
boot.loader.grub.copyKernels = true;
|
|
||||||
fileSystems."/" = {
|
|
||||||
device = "/dev/vda1";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
networking = {
|
|
||||||
firewall = {
|
|
||||||
allowPing = true;
|
|
||||||
logRefusedConnections = false;
|
|
||||||
allowedTCPPorts = [ ];
|
|
||||||
allowedUDPPorts = [ 655 ];
|
|
||||||
};
|
|
||||||
# network interface receives dhcp address
|
|
||||||
nameservers = [ "8.8.8.8" ];
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{
|
{
|
||||||
name = "latte";
|
name = "latte";
|
||||||
torrent = true;
|
torrent = true;
|
||||||
|
home-manager = true;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue