summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--makefu/1systems/latte/1blu/default.nix50
-rw-r--r--makefu/1systems/latte/1blu/network.nix31
-rw-r--r--makefu/1systems/latte/config.nix27
-rw-r--r--makefu/1systems/latte/source.nix1
4 files changed, 88 insertions, 21 deletions
diff --git a/makefu/1systems/latte/1blu/default.nix b/makefu/1systems/latte/1blu/default.nix
new file mode 100644
index 000000000..50cd9204d
--- /dev/null
+++ b/makefu/1systems/latte/1blu/default.nix
@@ -0,0 +1,50 @@
+{ config, lib, pkgs, modulesPath, ... }:
+{
+
+ imports =
+ [ ./network.nix
+ (modulesPath + "/profiles/qemu-guest.nix")
+ ];
+
+ # Disk
+ boot.initrd.availableKernelModules = [ "ata_piix" "virtio_pci" "virtio_scsi" "xhci_pci" "sr_mod" "virtio_blk" ];
+ boot.initrd.kernelModules = [ ];
+ boot.kernelModules = [ ];
+ boot.extraModulePackages = [ ];
+
+ fileSystems."/" =
+ { device = "tank/root";
+ fsType = "zfs";
+ };
+
+ fileSystems."/home" =
+ { device = "tank/home";
+ fsType = "zfs";
+ };
+
+ fileSystems."/nix" =
+ { device = "tank/nix";
+ fsType = "zfs";
+ };
+
+ fileSystems."/boot" =
+ { device = "/dev/disk/by-uuid/AEF3-A486";
+ fsType = "vfat";
+ };
+
+ swapDevices = [ ];
+ boot.loader.grub.device = "/dev/vda";
+
+ networking.hostId = "3150697c"; # required for zfs use
+ boot.tmpOnTmpfs = true;
+ boot.supportedFilesystems = [ "zfs" ];
+
+ boot.loader.grub.enable = true;
+ boot.loader.grub.version = 2;
+ boot.loader.grub.copyKernels = true;
+ boot.zfs.devNodes = "/dev"; # fixes some virtualmachine issues
+ boot.kernelParams = [
+ "boot.shell_on_fail"
+ "panic=30" "boot.panic_on_fail" # reboot the machine upon fatal boot issues
+ ];
+}
diff --git a/makefu/1systems/latte/1blu/network.nix b/makefu/1systems/latte/1blu/network.nix
new file mode 100644
index 000000000..065a69013
--- /dev/null
+++ b/makefu/1systems/latte/1blu/network.nix
@@ -0,0 +1,31 @@
+{ config, lib, pkgs, modulesPath, ... }:
+let
+ external-mac = "c4:37:72:55:4e:1c";
+ external-gw = "178.254.28.1";
+ external-ip = "178.254.30.202";
+ external-ip6 = "2a00:6800:3:18c::2";
+ external-gw6 = "2a00:6800:3::1";
+ external-netmask = 22;
+ external-netmask6 = 64;
+ internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr;
+ ext-if = "et0"; # gets renamed on the fly
+in
+{
+ services.udev.extraRules = ''
+ SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}"
+ '';
+ networking = {
+ interfaces."${ext-if}" = {
+ ipv4.addresses = [{
+ address = external-ip;
+ prefixLength = external-netmask;
+ }];
+ ipv6.addresses = [{
+ address = external-ip6;
+ prefixLength = external-netmask6;
+ }];
+ };
+ defaultGateway6 = { address = external-gw6; interface = ext-if; };
+ defaultGateway = external-gw;
+ };
+}
diff --git a/makefu/1systems/latte/config.nix b/makefu/1systems/latte/config.nix
index bec778abc..27df80fbf 100644
--- a/makefu/1systems/latte/config.nix
+++ b/makefu/1systems/latte/config.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
let
# external-ip = config.krebs.build.host.nets.internet.ip4.addr;
@@ -10,11 +10,13 @@ let
in {
imports = [
+ ./1blu
<stockholm/makefu>
+ #<stockholm/makefu/2configs/home-manager>
# configure your hw:
- <stockholm/makefu/2configs/hw/CAC.nix>
+ #<stockholm/makefu/2configs/hw/CAC.nix>
<stockholm/makefu/2configs/tinc/retiolum.nix>
- <stockholm/makefu/2configs/save-diskspace.nix>
+ #<stockholm/makefu/2configs/save-diskspace.nix>
# Security
<stockholm/makefu/2configs/sshd-totp.nix>
@@ -25,29 +27,12 @@ in {
<stockholm/makefu/2configs/zsh-user.nix>
# Services
<stockholm/makefu/2configs/remote-build/slave.nix>
- <stockholm/makefu/2configs/torrent.nix>
+ # <stockholm/makefu/2configs/torrent.nix>
];
krebs = {
enable = true;
build.host = config.krebs.hosts.latte;
};
- boot.initrd.availableKernelModules = [ "ata_piix" "ehci_pci" "virtio_pci" "virtio_blk" "virtio_net" "virtio_scsi" ];
- boot.loader.grub.device = "/dev/vda";
- boot.loader.grub.copyKernels = true;
- fileSystems."/" = {
- device = "/dev/vda1";
- fsType = "ext4";
- };
- networking = {
- firewall = {
- allowPing = true;
- logRefusedConnections = false;
- allowedTCPPorts = [ ];
- allowedUDPPorts = [ 655 ];
- };
- # network interface receives dhcp address
- nameservers = [ "8.8.8.8" ];
- };
}
diff --git a/makefu/1systems/latte/source.nix b/makefu/1systems/latte/source.nix
index ab0a454c0..41abecf36 100644
--- a/makefu/1systems/latte/source.nix
+++ b/makefu/1systems/latte/source.nix
@@ -1,4 +1,5 @@
{
name = "latte";
torrent = true;
+ home-manager = true;
}