libkookie: hyperion: import configuration from legacy installation

1 files changed, 110 insertions, 0 deletions

diff --git a/infra/libkookie/roots/hyperion.nix b/infra/libkookie/roots/hyperion.nix
new file mode 100644
index 000000000000..03955e62c3b6
--- /dev/null
+++ b/infra/libkookie/roots/hyperion.nix
@@ -0,0 +1,110 @@
+/* TOP LEVEL DEVICE CONFIGURATION FOR
+ * 
+ *    hyperion (hetzner root server)
+ *
+ *
+ * This file is part of LIBKOOKIE, a collection of nix expressions.
+ * LIBKOOKIE is licensed under the GPL-3.0 (or later) -- see LICENSE
+ */
+
+{ lib, config, pkgs, ... } @ args:
+
+let klib = (import <modules/harness/lib.nix>) args;
+in
+{
+  ###################################################################
+  #                    libkookie configuration
+  #
+  #
+  #
+
+  imports = with klib; [
+    # Load base modules required to bootstrap libkookie
+    <home-manager/nixos> <modules> <configuration/nix>
+
+    (loadModule <configuration/base> "default")
+
+    <configuration/server/acme/hyperion.nix>
+    <configuration/server/blog>
+    <configuration/server/brook>
+    <configuration/server/cgit>
+    <configuration/server/docker>
+    <configuration/server/gitlab-ci>
+    <configuration/server/openssh>
+    <configuration/server/prosody>
+    <configuration/server/quassel>
+    <configuration/server/tor>
+    <configuration/server/wireguard/hyperion.nix>
+  ];
+
+  # TODO: build a klib function to patch cfg here
+  libkookie.activeUsers = with klib; [ (load <configuration/users/spacekookie>)
+                                       (load <configuration/users/qyliss>) ];
+  
+
+  #
+  #
+  #
+  #
+  ###################################################################
+
+  boot.zfs.devNodes = "/dev";
+  boot.loader.grub = {
+    enable = true;
+    copyKernels = true;
+    version = 2;
+
+    efiSupport = false;
+    zfsSupport = true;
+    device = "/dev/sdb";
+  };
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "tank/nix";
+      fsType = "zfs";
+    };
+
+  swapDevices = [ { device = "/dev/zd0"; } ];
+
+  nix.maxJobs = lib.mkDefault 8;
+  
+  hardware.cpu.intel.updateMicrocode = true;
+
+  networking = {
+    defaultGateway = "95.216.98.1";
+    defaultGateway6 = { address = "fe80::1"; interface = "enp0s31f6"; };
+    nameservers = [ "1.1.1.1" ];
+    interfaces.enp0s31f6 = {
+      ipv4.addresses = [ { address = "95.216.98.55"; prefixLength = 26; } ];
+      ipv6.addresses = [ { address = "2a01:4f9:2b:1148::"; prefixLength = 64; } ];
+    };
+    dhcpcd.enable = false; # We have a static IP
+    useDHCP = false;
+  };
+
+  networking.hostName = "hyperion"; # Define your hostname.
+  networking.hostId = "d83bebd1";
+
+  networking.nat.enable = true;
+  networking.nat.externalInterface = "eth0";
+  networking.nat.internalInterfaces = [ "intranet" ];
+
+  time.timeZone = "Europe/Berlin";
+
+  # Tools that are impotant for everybody to have
+  environment.systemPackages = with pkgs; [ 
+    curl git htop kakoune links tmux vim wget wireguard
+  ];
+
+  programs.zsh.enable = true;
+
+  services.zfs.autoScrub.enable = true;
+
+  users.groups.tls = {};
+  
+  system.stateVersion = "19.03"; # Did you read the comment?
+}