From cb7ebd1c9120eb03ded2334db4c41fe6a0e26b88 Mon Sep 17 00:00:00 2001 From: makefu Date: Sun, 15 Jan 2023 01:22:56 +0100 Subject: ma snake.r: init --- kartei/makefu/default.nix | 5 ++ kartei/makefu/retiolum/snake.pub | 13 +++++ kartei/makefu/retiolum/snake_ed25519.pub | 1 + kartei/makefu/sshd/snake.pub | 1 + makefu/1systems/snake/config.nix | 26 +++++++++ makefu/1systems/snake/disk.nix | 64 +++++++++++++++++++++ makefu/1systems/snake/hardware-config.nix | 21 +++++++ makefu/1systems/snake/source.nix | 7 +++ makefu/5pkgs/foomatic-db-engine/default.nix | 86 ----------------------------- 9 files changed, 138 insertions(+), 86 deletions(-) create mode 100644 kartei/makefu/retiolum/snake.pub create mode 100644 kartei/makefu/retiolum/snake_ed25519.pub create mode 100644 kartei/makefu/sshd/snake.pub create mode 100644 makefu/1systems/snake/config.nix create mode 100644 makefu/1systems/snake/disk.nix create mode 100644 makefu/1systems/snake/hardware-config.nix create mode 100644 makefu/1systems/snake/source.nix delete mode 100644 makefu/5pkgs/foomatic-db-engine/default.nix diff --git a/kartei/makefu/default.nix b/kartei/makefu/default.nix index b79a9196..5e236d57 100644 --- a/kartei/makefu/default.nix +++ b/kartei/makefu/default.nix @@ -74,6 +74,11 @@ in { retiolum.ip4.addr = "10.243.12.12"; }; }; + snake = { + nets = { + retiolum.ip4.addr = "10.243.12.13"; + }; + }; studio = rec { ci = false; diff --git a/kartei/makefu/retiolum/snake.pub b/kartei/makefu/retiolum/snake.pub new file mode 100644 index 00000000..ae69a162 --- /dev/null +++ b/kartei/makefu/retiolum/snake.pub @@ -0,0 +1,13 @@ +-----BEGIN RSA PUBLIC KEY----- +MIICCgKCAgEApRUsm8oiTCx5kqFqCUaDyI3iesCajS76lzCGa1HdeBVLvejyit4s +Vx848/Gr2Axbtqx8Fm3RUj29CEUTCUKQdEEOVE58bQ+euSRL/V7g+v+1NSGYSEwp +Xvojczppjm0e56kI0yngZh++6AM4/6eMWEQl3u45ZRFXH11ZfoZb+Z3jRAUk1FXt +rWyrNQ5kGOwNaTk0+mXB8irtYrjyehfZuzyE2z1GelKrSMM03jCFFzVqPu5irYIm +TghRhFMXIG9bm+gM+bj/GNHs2RHL633PUqI/I5Hj6trNBfqbcu7gpB9F6Edtqgtb +lQm0Qei/l4AQIxfA3LqNuTHaXp4LBG9IH2qvXSxsqWlgDnjg3CEJ8ZwpOzT7xFG2 +0NSRcAl+4i55j24ZxwWgS9H0Al3LMLzwVsToUfH9fGm1vtJ8ku8sx0AALVzVyabR +M5ywyi5oRhan/JZywFsACLDUFMiFqI/MIj6ao0pSZYaUXfKMtMCgJJ03NqWak8lc +yInBgIlEQgxljKW0LHeHoToBzuXhy70gtNswS61iKpuMDxbBYtyK1HuN8PS+vzS8 +svtbV3lvqJA2KcVlqwwgDwvzPX+T0kbI4UL3EjFIU2nepGNaRA1AWmTMrpdEPNdx +4RPg5EZDVp+Jeihjxpa8aOb3yjkE5i6K00TyjsSIJqWy296PfJC4VBsCAwEAAQ== +-----END RSA PUBLIC KEY----- diff --git a/kartei/makefu/retiolum/snake_ed25519.pub b/kartei/makefu/retiolum/snake_ed25519.pub new file mode 100644 index 00000000..a7f9f749 --- /dev/null +++ b/kartei/makefu/retiolum/snake_ed25519.pub @@ -0,0 +1 @@ +Ed25519PublicKey = lKMWnuEVjcSoSEUWrj+51pwDQrQj2TqloL3aBKVWBbO diff --git a/kartei/makefu/sshd/snake.pub b/kartei/makefu/sshd/snake.pub new file mode 100644 index 00000000..eceeae89 --- /dev/null +++ b/kartei/makefu/sshd/snake.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBfIivSIxnkH212vtHiWPiUJcjSRrv3d4eVfkIahJA7S makefu@x diff --git a/makefu/1systems/snake/config.nix b/makefu/1systems/snake/config.nix new file mode 100644 index 00000000..1c6068e9 --- /dev/null +++ b/makefu/1systems/snake/config.nix @@ -0,0 +1,26 @@ +{ config, lib, pkgs, ... }: +let + primaryInterface = "eth0"; +in { + imports = [ + + ./hardware-config.nix + + + + + + + ]; + krebs = { + enable = true; + tinc.retiolum.enable = true; + build.host = config.krebs.hosts.snake; + }; + # ensure disk usage is limited + services.journald.extraConfig = "Storage=volatile"; + networking.firewall.trustedInterfaces = [ primaryInterface ]; + documentation.info.enable = false; + documentation.man.enable = false; + documentation.nixos.enable = false; +} diff --git a/makefu/1systems/snake/disk.nix b/makefu/1systems/snake/disk.nix new file mode 100644 index 00000000..f9e14844 --- /dev/null +++ b/makefu/1systems/snake/disk.nix @@ -0,0 +1,64 @@ +{ disks ? [ "/dev/sda" ], ... }: { + disk = { + x = { + type = "disk"; + device = "/dev/sda"; + content = { + type = "table"; + format = "gpt"; + partitions = [ + { + name = "boot"; + type = "partition"; + start = "0"; + end = "1M"; + part-type = "primary"; + flags = ["bios_grub"]; + } + { + type = "partition"; + name = "ESP"; + start = "1M"; + end = "512MiB"; + fs-type = "fat32"; + bootable = true; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + } + { + type = "partition"; + name = "zfs"; + start = "512MiB"; + end = "100%"; + content = { + type = "zfs"; + pool = "zroot"; + }; + } + ]; + }; + }; + }; + zpool = { + zroot = { + type = "zpool"; + rootFsOptions.compression = "lz4"; + mountpoint = "/"; + + datasets = { + home = { + zfs_type = "filesystem"; + mountpoint = "/home"; + options.mountpoint = "legacy"; + }; + reserved = { + zfs_type = "filesystem"; + options.refreservation = "1G"; + }; + }; + }; + }; +} diff --git a/makefu/1systems/snake/hardware-config.nix b/makefu/1systems/snake/hardware-config.nix new file mode 100644 index 00000000..827c1d3e --- /dev/null +++ b/makefu/1systems/snake/hardware-config.nix @@ -0,0 +1,21 @@ +{ pkgs, lib, ... }: +{ + imports = [ + + ]; + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.efiSupport = true; + boot.loader.grub.device = "/dev/sda"; + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ]; + boot.kernelModules = [ "kvm-amd" ]; + disko.devices = import ./disk.nix; + + hardware.enableRedistributableFirmware = true; + hardware.cpu.amd.updateMicrocode = true; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; + + boot.kernelParams = [ "net.ifnames=0" ]; + networking.hostId = "0123AABB"; +} diff --git a/makefu/1systems/snake/source.nix b/makefu/1systems/snake/source.nix new file mode 100644 index 00000000..b9a32a2c --- /dev/null +++ b/makefu/1systems/snake/source.nix @@ -0,0 +1,7 @@ +{ + name="cake"; + full = true; + home-manager = true; + hw = true; + disko = true; +} diff --git a/makefu/5pkgs/foomatic-db-engine/default.nix b/makefu/5pkgs/foomatic-db-engine/default.nix deleted file mode 100644 index 242232c8..00000000 --- a/makefu/5pkgs/foomatic-db-engine/default.nix +++ /dev/null @@ -1,86 +0,0 @@ -{ lib, stdenv -, fetchFromGitHub -, autoreconfHook -, gd -, libusb1 -, cups -, libpng -, perl -, perlPackages -, libxml2 -, ghostscript -, a2ps -, wget -, file -, foomatic-filters -, makeWrapper -}: - -stdenv.mkDerivation rec { - pname = "foomatic-db-engine"; - version = "2020-01-31"; - - src = fetchFromGitHub { - owner = "OpenPrinting"; - repo = "foomatic-db-engine-4"; - rev = "bd265b77a9f66f672bf1e3f0803145f2eccabf06"; - sha256 = "1f53kd3b0sxgx7hg2dvw2624bpwdfcx0zh4dn0h89l84mirgw1bs"; - }; - - nativeBuildInputs = [ - autoreconfHook - perl - makeWrapper - ]; - postConfigure = '' - sed -i "s#$ENV{BINDIR}#${placeholder "out"}/bin#" makeDefaults - ''; - configureFlags = [ - #"PERL_INSTALLDIRS=vendor" - "PERL_INSTALLDIRS=site" - "--prefix=/" - "PERLPREFIX=/" - #"DESTDIR=$(out)" - #"sysconfdir=/etc" - "LIBDIR=/lib" - #"PERL_INSTALLDIRS=site" - #"PERL_INSTALLDIRS=perl" - #PERL_INSTALLDIRS=perl" - "PERL=${perl}/bin/perl" - "FILEUTIL=${file}/bin/file" - "SBINDIR=/bin" - ]; - makeFlags = [ - "DESTDIR=${placeholder "out"}" - "PERLLIB=$(out)/${perlPackages.perl.libPrefix}" - ]; - - buildInputs = [ - cups - ghostscript - a2ps - wget - perl - libxml2 - file - foomatic-filters - ]; - postFixup = '' - echo cups > "$out"/etc/foomatic/defaultspooler - - for file in $out/bin/foomatic-*;do - wrapProgram "$file" \ - --set PERL5LIB "$out/${perlPackages.perl.libPrefix}" \ - --prefix PATH : "$out/bin" - done - - ''; - - meta = with lib; { - description = "Command line tool to print labels on Brother P-Touch printers on Linux"; - license = licenses.gpl3Plus; - homepage = "https://mockmoon-cybernetics.ch/computer/p-touch2430pc/"; - maintainers = with maintainers; [ shamilton ]; - platforms = platforms.linux; - }; -} -- cgit v1.2.3