diff options
author | Mx Kookie <kookie@spacekookie.de> | 2020-12-25 22:13:56 +0100 |
---|---|---|
committer | Mx Kookie <kookie@spacekookie.de> | 2020-12-25 22:13:56 +0100 |
commit | b3317c7cdde522f01f56f5a0799163beb0c219b8 (patch) | |
tree | 06e67f310c6d1d35c478775f140be1bf3f04c6a1 /infra/libkookie/roots/hyperion.nix | |
parent | 13b1f4b6f67012010d58411f86da6f1d35299b78 (diff) |
libkookie: hyperion: import configuration from legacy installation
Diffstat (limited to '')
-rw-r--r-- | infra/libkookie/roots/hyperion.nix | 110 |
1 files changed, 110 insertions, 0 deletions
diff --git a/infra/libkookie/roots/hyperion.nix b/infra/libkookie/roots/hyperion.nix new file mode 100644 index 000000000000..03955e62c3b6 --- /dev/null +++ b/infra/libkookie/roots/hyperion.nix @@ -0,0 +1,110 @@ +/* TOP LEVEL DEVICE CONFIGURATION FOR + * + * hyperion (hetzner root server) + * + * + * This file is part of LIBKOOKIE, a collection of nix expressions. + * LIBKOOKIE is licensed under the GPL-3.0 (or later) -- see LICENSE + */ + +{ lib, config, pkgs, ... } @ args: + +let klib = (import <modules/harness/lib.nix>) args; +in +{ + ################################################################### + # libkookie configuration + # + # + # + + imports = with klib; [ + # Load base modules required to bootstrap libkookie + <home-manager/nixos> <modules> <configuration/nix> + + (loadModule <configuration/base> "default") + + <configuration/server/acme/hyperion.nix> + <configuration/server/blog> + <configuration/server/brook> + <configuration/server/cgit> + <configuration/server/docker> + <configuration/server/gitlab-ci> + <configuration/server/openssh> + <configuration/server/prosody> + <configuration/server/quassel> + <configuration/server/tor> + <configuration/server/wireguard/hyperion.nix> + ]; + + # TODO: build a klib function to patch cfg here + libkookie.activeUsers = with klib; [ (load <configuration/users/spacekookie>) + (load <configuration/users/qyliss>) ]; + + + # + # + # + # + ################################################################### + + boot.zfs.devNodes = "/dev"; + boot.loader.grub = { + enable = true; + copyKernels = true; + version = 2; + + efiSupport = false; + zfsSupport = true; + device = "/dev/sdb"; + }; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "tank/nix"; + fsType = "zfs"; + }; + + swapDevices = [ { device = "/dev/zd0"; } ]; + + nix.maxJobs = lib.mkDefault 8; + + hardware.cpu.intel.updateMicrocode = true; + + networking = { + defaultGateway = "95.216.98.1"; + defaultGateway6 = { address = "fe80::1"; interface = "enp0s31f6"; }; + nameservers = [ "1.1.1.1" ]; + interfaces.enp0s31f6 = { + ipv4.addresses = [ { address = "95.216.98.55"; prefixLength = 26; } ]; + ipv6.addresses = [ { address = "2a01:4f9:2b:1148::"; prefixLength = 64; } ]; + }; + dhcpcd.enable = false; # We have a static IP + useDHCP = false; + }; + + networking.hostName = "hyperion"; # Define your hostname. + networking.hostId = "d83bebd1"; + + networking.nat.enable = true; + networking.nat.externalInterface = "eth0"; + networking.nat.internalInterfaces = [ "intranet" ]; + + time.timeZone = "Europe/Berlin"; + + # Tools that are impotant for everybody to have + environment.systemPackages = with pkgs; [ + curl git htop kakoune links tmux vim wget wireguard + ]; + + programs.zsh.enable = true; + + services.zfs.autoScrub.enable = true; + + users.groups.tls = {}; + + system.stateVersion = "19.03"; # Did you read the comment? +} |