diff options
-rw-r--r-- | makefu/1systems/latte/1blu/default.nix | 50 | ||||
-rw-r--r-- | makefu/1systems/latte/1blu/network.nix | 31 | ||||
-rw-r--r-- | makefu/1systems/latte/config.nix | 27 | ||||
-rw-r--r-- | makefu/1systems/latte/source.nix | 1 |
4 files changed, 88 insertions, 21 deletions
diff --git a/makefu/1systems/latte/1blu/default.nix b/makefu/1systems/latte/1blu/default.nix new file mode 100644 index 000000000..50cd9204d --- /dev/null +++ b/makefu/1systems/latte/1blu/default.nix @@ -0,0 +1,50 @@ +{ config, lib, pkgs, modulesPath, ... }: +{ + + imports = + [ ./network.nix + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + # Disk + boot.initrd.availableKernelModules = [ "ata_piix" "virtio_pci" "virtio_scsi" "xhci_pci" "sr_mod" "virtio_blk" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "tank/root"; + fsType = "zfs"; + }; + + fileSystems."/home" = + { device = "tank/home"; + fsType = "zfs"; + }; + + fileSystems."/nix" = + { device = "tank/nix"; + fsType = "zfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/AEF3-A486"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + boot.loader.grub.device = "/dev/vda"; + + networking.hostId = "3150697c"; # required for zfs use + boot.tmpOnTmpfs = true; + boot.supportedFilesystems = [ "zfs" ]; + + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.copyKernels = true; + boot.zfs.devNodes = "/dev"; # fixes some virtualmachine issues + boot.kernelParams = [ + "boot.shell_on_fail" + "panic=30" "boot.panic_on_fail" # reboot the machine upon fatal boot issues + ]; +} diff --git a/makefu/1systems/latte/1blu/network.nix b/makefu/1systems/latte/1blu/network.nix new file mode 100644 index 000000000..065a69013 --- /dev/null +++ b/makefu/1systems/latte/1blu/network.nix @@ -0,0 +1,31 @@ +{ config, lib, pkgs, modulesPath, ... }: +let + external-mac = "c4:37:72:55:4e:1c"; + external-gw = "178.254.28.1"; + external-ip = "178.254.30.202"; + external-ip6 = "2a00:6800:3:18c::2"; + external-gw6 = "2a00:6800:3::1"; + external-netmask = 22; + external-netmask6 = 64; + internal-ip = config.krebs.build.host.nets.retiolum.ip4.addr; + ext-if = "et0"; # gets renamed on the fly +in +{ + services.udev.extraRules = '' + SUBSYSTEM=="net", ATTR{address}=="${external-mac}", NAME="${ext-if}" + ''; + networking = { + interfaces."${ext-if}" = { + ipv4.addresses = [{ + address = external-ip; + prefixLength = external-netmask; + }]; + ipv6.addresses = [{ + address = external-ip6; + prefixLength = external-netmask6; + }]; + }; + defaultGateway6 = { address = external-gw6; interface = ext-if; }; + defaultGateway = external-gw; + }; +} diff --git a/makefu/1systems/latte/config.nix b/makefu/1systems/latte/config.nix index bec778abc..27df80fbf 100644 --- a/makefu/1systems/latte/config.nix +++ b/makefu/1systems/latte/config.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ config, lib, pkgs, ... }: let # external-ip = config.krebs.build.host.nets.internet.ip4.addr; @@ -10,11 +10,13 @@ let in { imports = [ + ./1blu <stockholm/makefu> + #<stockholm/makefu/2configs/home-manager> # configure your hw: - <stockholm/makefu/2configs/hw/CAC.nix> + #<stockholm/makefu/2configs/hw/CAC.nix> <stockholm/makefu/2configs/tinc/retiolum.nix> - <stockholm/makefu/2configs/save-diskspace.nix> + #<stockholm/makefu/2configs/save-diskspace.nix> # Security <stockholm/makefu/2configs/sshd-totp.nix> @@ -25,29 +27,12 @@ in { <stockholm/makefu/2configs/zsh-user.nix> # Services <stockholm/makefu/2configs/remote-build/slave.nix> - <stockholm/makefu/2configs/torrent.nix> + # <stockholm/makefu/2configs/torrent.nix> ]; krebs = { enable = true; build.host = config.krebs.hosts.latte; }; - boot.initrd.availableKernelModules = [ "ata_piix" "ehci_pci" "virtio_pci" "virtio_blk" "virtio_net" "virtio_scsi" ]; - boot.loader.grub.device = "/dev/vda"; - boot.loader.grub.copyKernels = true; - fileSystems."/" = { - device = "/dev/vda1"; - fsType = "ext4"; - }; - networking = { - firewall = { - allowPing = true; - logRefusedConnections = false; - allowedTCPPorts = [ ]; - allowedUDPPorts = [ 655 ]; - }; - # network interface receives dhcp address - nameservers = [ "8.8.8.8" ]; - }; } diff --git a/makefu/1systems/latte/source.nix b/makefu/1systems/latte/source.nix index ab0a454c0..41abecf36 100644 --- a/makefu/1systems/latte/source.nix +++ b/makefu/1systems/latte/source.nix @@ -1,4 +1,5 @@ { name = "latte"; torrent = true; + home-manager = true; } |