makefu/stockholm
1
0
Fork 0
Code Issues Pull requests Actions 1 Packages Projects Releases Wiki Activity

ma gum.r: split sw/hw config

Browse source
This commit is contained in:
makefu 2018-06-17 22:54:59 +02:00
parent e80eae2eb5
commit 6154dd1513
No known key found for this signature in database
GPG key ID: 36F7711F3FC0F225
2 changed files with 58 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

50
makefu/1systems/gum/config.nix
View file

@ -2,28 +2,14 @@
with import <stockholm/lib>;
let
# hw-specific
external-mac = "2a:c5:6e:d2:fc:7f";
main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0";
external-gw = "185.194.140.1";
# single partition, label "nixos"
# cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/809cf38 -L | tar zx ; mv * nixpkgs && touch .populate
# static
external-ip = config.krebs.build.host.nets.internet.ip4.addr;
external-ip6 = config.krebs.build.host.nets.internet.ip6.addr;
external-gw6 = "fe80::1";
external-netmask = 22;
external-netmask6 = 64;
internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
ext-if = "et0"; # gets renamed on the fly
ext-if = config.makefu.server.primary-itf;
in {
imports = [
<stockholm/makefu>
./hardware-config.nix
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
<stockholm/makefu/2configs/headless.nix>
<stockholm/makefu/2configs/fs/single-partition-ext4.nix>
# <stockholm/makefu/2configs/smart-monitor.nix>
<stockholm/makefu/2configs/git/cgit-retiolum.nix>
@ -49,6 +35,7 @@ in {
# <stockholm/makefu/2configs/sabnzbd.nix>
<stockholm/makefu/2configs/torrent.nix>
<stockholm/makefu/2configs/mosh.nix>
<stockholm/makefu/2configs/retroshare.nix>
# network
<stockholm/makefu/2configs/vpn/openvpn-server.nix>
@ -90,6 +77,15 @@ in {
<stockholm/makefu/2configs/syncthing.nix>
# <stockholm/makefu/2configs/opentracker.nix>
<stockholm/makefu/2configs/hub.nix>
{ # ncdc
environment.systemPackages = [ pkgs.ncdc ];
networking.firewall = {
allowedUDPPorts = [ 51411 ];
allowedTCPPorts = [ 51411 ];
};
}
<stockholm/makefu/2configs/stats/client.nix>
# <stockholm/makefu/2configs/logging/client.nix>
@ -187,7 +183,6 @@ in {
];
};
makefu.server.primary-itf = ext-if;
# access
users.users = {
@ -200,6 +195,7 @@ in {
weechat
bepasty-client-cli
get
tmux
];
services.bitlbee = {
enable = true;
@ -207,15 +203,8 @@ in {
};
# Hardware
boot.loader.grub.device = main-disk;
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ];
boot.kernelModules = [ "kvm-intel" ];
# Network
services.udev.extraRules = ''
SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}"
'';
boot.kernelParams = [ ];
networking = {
firewall = {
allowPing = true;
@ -249,19 +238,8 @@ in {
21032
];
};
interfaces."${ext-if}" = {
ip4 = [{
address = external-ip;
prefixLength = external-netmask;
}];
ip6 = [{
address = external-ip6;
prefixLength = external-netmask6;
}];
};
defaultGateway6 = external-gw6;
defaultGateway = external-gw;
nameservers = [ "8.8.8.8" ];
};
users.users.makefu.extraGroups = [ "download" "nginx" ];
}

44
makefu/1systems/gum/hardware-config.nix Normal file
View file

@ -0,0 +1,44 @@
{ config, ... }:
let
external-mac = "2a:c5:6e:d2:fc:7f";
main-disk = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-0";
external-gw = "185.194.140.1";
# single partition, label "nixos"
# cd /var/src; curl https://github.com/nixos/nixpkgs/tarball/809cf38 -L | tar zx ; mv * nixpkgs && touch .populate
# static
external-ip = config.krebs.build.host.nets.internet.ip4.addr;
external-ip6 = config.krebs.build.host.nets.internet.ip6.addr;
external-gw6 = "fe80::1";
external-netmask = 22;
external-netmask6 = 64;
internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
ext-if = "et0"; # gets renamed on the fly
in {
imports = [
<stockholm/makefu/2configs/fs/single-partition-ext4.nix>
];
makefu.server.primary-itf = ext-if;
services.udev.extraRules = ''
SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}"
'';
networking = {
interfaces."${ext-if}" = {
ipv4.addresses = [{
address = external-ip;
prefixLength = external-netmask;
}];
ipv6.addresses = [{
address = external-ip6;
prefixLength = external-netmask6;
}];
};
defaultGateway6 = external-gw6;
defaultGateway = external-gw;
};
boot.kernelParams = [ ];
boot.loader.grub.device = main-disk;
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ];
boot.kernelModules = [ "kvm-intel" ];
}