summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlassulus <lassulus@lassul.us>2020-11-23 11:32:23 +0100
committerlassulus <lassulus@lassul.us>2020-11-23 11:32:33 +0100
commit636d1eb762aae20e1da580d6f37460aa25391f45 (patch)
tree47d51848df727b993fe962d766920f470a5f0674
parentd9dfd892bfd410afad5722363c9f297ad4075175 (diff)
l: init styx.r
-rw-r--r--krebs/3modules/lass/default.nix39
-rw-r--r--lass/1systems/styx/config.nix80
-rw-r--r--lass/1systems/styx/physical.nix34
3 files changed, 153 insertions, 0 deletions
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index d2a945284..3466ef8eb 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -645,6 +645,45 @@ in {
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPARXXe0HaP1r0pLqtInhnbYSZsP0g4VC6aaWP7qi5+w";
syncthing.id = "J6PHKTS-2JG5NOL-H5ZWOF6-6L6ENA7-L4RO6DV-BQHU7YL-CHOLDCC-S5YX3AC";
};
+ styx = {
+ cores = 1;
+ nets = {
+ retiolum = {
+ ip4.addr = "10.243.11.1";
+ ip6.addr = r6 "111";
+ aliases = [
+ "styx.r"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuMJFklzpbxoDGD8LQ3tn
+ ETYrLu/TJjq5iSQx/JbbonJriMS3X/0+m8JREzeol67svQDuZEXTEg5EfEldxrrU
+ aZpNmTSmFbj2NLLCIfNBL/oLOvg9ElzhN+f+4jvakfEKi7Y7LekV25VVGrHbOEVE
+ 3G6XWfHx5qO5Vd6kqNWQKD3LG38aZ/Lx9XYDMbujYxPGCtOsabtAz8BKo/RgOZzi
+ 6A/54RFhdecJm0VoQk3iKpp2YqyCN6dLfJVLil4cREs4sW6nDyF4Y4l3dtZdfskq
+ m/MoZt6fwOjNIKuI9DGdU4/X1hQelnemstzxY5x1XwG52cz+ww0h7pMF2aggsHqn
+ Vmaq3b0fXrbn066Ybkbhz3UEIU9zKQGYaANGCnXxbvkd5lWbIN60GEXGE3zYJSAt
+ EH3FLDTGa27fTNgAnbdnSV40KWKN4FM0iY/xrt3aOXfneTP9S2fqzTVEL9vd04C/
+ 7RWvRjvZ7mlAi+kVKSHkOibFVjeo+Z4Pvw5YxCAavrjXCiWj8zP8o3MNWcq/bMao
+ Uk9zBMXymm8zX43w5LNnhf59oitBjiY/mzZ3NDI9N3szMvJsaUEnhO4Kq1CWtMs2
+ 6/TpEyRSmen1UmNwgKKFx3rELuctwMmNbOLL8cGLotEBhIk7vnZKD7NvLVX7xtOF
+ wzhy2N6a3ypB4XqM7dBzzAUCAwEAAQ==
+ -----END PUBLIC KEY-----
+ '';
+ };
+ wiregrill = {
+ ip6.addr = w6 "111";
+ aliases = [
+ "styx.w"
+ ];
+ wireguard.pubkey = ''
+ 0BZfd8f0pZMRfyoHrdYZY0cR5zfFvJcS8gQLn6xGuFs=
+ '';
+ };
+ };
+ ssh.privkey.path = <secrets/ssh.id_ed25519>;
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3OpzRB3382d7c2apdHC+U/R0ZlaWxXZa3GFAj54ZhU ";
+ };
};
users = rec {
lass = lass-blue;
diff --git a/lass/1systems/styx/config.nix b/lass/1systems/styx/config.nix
new file mode 100644
index 000000000..4c3ae1411
--- /dev/null
+++ b/lass/1systems/styx/config.nix
@@ -0,0 +1,80 @@
+{ config, pkgs, ... }:
+
+with import <stockholm/lib>;
+{
+ imports = [
+ <stockholm/lass>
+
+ <stockholm/lass/2configs/mouse.nix>
+ <stockholm/lass/2configs/retiolum.nix>
+ <stockholm/lass/2configs/baseX.nix>
+ <stockholm/lass/2configs/exim-retiolum.nix>
+ <stockholm/lass/2configs/browsers.nix>
+ <stockholm/lass/2configs/programs.nix>
+ <stockholm/lass/2configs/nfs-dl.nix>
+ # <stockholm/lass/2configs/gg23.nix>
+ # <stockholm/lass/2configs/hass>
+ # <stockholm/lass/2configs/br.nix>
+ <stockholm/lass/2configs/fetchWallpaper.nix>
+ <stockholm/lass/2configs/home-media.nix>
+ # <stockholm/lass/2configs/syncthing.nix>
+ # <stockholm/lass/2configs/sync/sync.nix>
+ # <stockholm/lass/2configs/idc.nix>
+ ];
+
+ krebs.build.host = config.krebs.hosts.styx;
+
+ krebs.iptables.tables.filter.INPUT.rules = [
+ { predicate = "-p tcp --dport ${toString config.services.smokeping.port}"; target = "ACCEPT"; }
+ ];
+ services.smokeping = {
+ enable = true;
+ targetConfig = ''
+ probe = FPing
+ menu = top
+ title = top
+
+ + Local
+ menu = Local
+ title = Local Network
+ ++ LocalMachine
+ menu = Local Machine
+ title = This host
+ host = localhost
+
+ + Internet
+ menu = internet
+ title = internet
+
+ ++ CloudflareDNS
+ menu = Cloudflare DNS
+ title = Cloudflare DNS server
+ host = 1.1.1.1
+
+ ++ GoogleDNS
+ menu = Google DNS
+ title = Google DNS server
+ host = 8.8.8.8
+
+ + retiolum
+ menu = retiolum
+ title = retiolum
+
+ ++ gum
+ menu = gum.r
+ title = gum.r
+ host = gum.r
+
+ ++ ni
+ menu = ni.r
+ title = ni.r
+ host = ni.r
+
+ ++ prism
+ menu = prism.r
+ title = prism.r
+ host = prism.r
+ '';
+ };
+}
+
diff --git a/lass/1systems/styx/physical.nix b/lass/1systems/styx/physical.nix
new file mode 100644
index 000000000..a3899f87d
--- /dev/null
+++ b/lass/1systems/styx/physical.nix
@@ -0,0 +1,34 @@
+{ config, lib, pkgs, ... }:
+
+{
+ imports = [
+ ./config.nix
+ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+ ];
+
+ boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" ];
+ boot.initrd.kernelModules = [ "dm-snapshot" ];
+ boot.kernelModules = [ "kvm-intel" ];
+ boot.extraModulePackages = [ ];
+
+ boot.loader.grub.enable = true;
+ boot.loader.grub.efiSupport = true;
+ boot.loader.grub.device = "/dev/disk/by-id/ata-SanDisk_SSD_G5_BICS4_20248F446514";
+ boot.loader.grub.efiInstallAsRemovable = true;
+
+
+ fileSystems."/" =
+ { device = "/dev/disk/by-uuid/ee5c9099-17fa-401e-852e-67cb4ae068f4";
+ fsType = "ext4";
+ };
+
+ fileSystems."/boot" =
+ { device = "/dev/disk/by-uuid/EAA5-88A9";
+ fsType = "vfat";
+ };
+
+ swapDevices = [ ];
+
+ nix.maxJobs = lib.mkDefault 4;
+ powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+}