diff options
Diffstat (limited to 'infra/libkookie/roots/gaia.nix')
-rw-r--r-- | infra/libkookie/roots/gaia.nix | 136 |
1 files changed, 136 insertions, 0 deletions
diff --git a/infra/libkookie/roots/gaia.nix b/infra/libkookie/roots/gaia.nix new file mode 100644 index 000000000000..37b18fedd0a5 --- /dev/null +++ b/infra/libkookie/roots/gaia.nix @@ -0,0 +1,136 @@ +/* TOP LEVEL DEVICE CONFIGURATION FOR + * + * gaia (data storage node) + * + * + * This file is part of LIBKOOKIE, a collection of nix expressions. + * LIBKOOKIE is licensed under the GPL-3.0 (or later) -- see LICENSE + */ + +{ lib, config, pkgs, ... } @ args: + +let klib = (import <modules/harness/lib.nix>) args; +in +{ + ################################################################### + # libkookie configuration + # + # + # + + + imports = with klib; [ + # Load base modules required to bootstrap libkookie + <home-manager/nixos> <modules> <configuration/nix> + + # BUILD A BETTER LOADER GOD DAMN IT + <configuration/server/acme/gaia.nix> + <configuration/server/datacore> + <configuration/server/ferm2/gaia.nix> + <configuration/server/syncthing> + <configuration/server/jellyfin> + <configuration/server/nextcloud> + <configuration/server/openssh> + <configuration/server/syncthing> + <configuration/server/wireguard/gaia.nix> + ]; + + # TODO: build a klib function to patch cfg here + libkookie.activeUsers = with klib; [ + (patchAttrs(load <configuration/users/spacekookie>) (a: { cfg.extraGroups = a.cfg.extraGroups ++ [ "core" ]; })) + (patchAttrs(load <configuration/users/qyliss>) ({ ... }: { cfg.extraGroups = [ "core" ]; })) + ]; + + # Enable fish shell handling on the system + libkookie.base.fish.enable = true; + + + # + # + # + # + ################################################################### + + ################################################################### + # NixOS base system options + # + # + # + + + boot.cleanTmpDir = true; + boot.tmpOnTmpfs = true; + boot.supportedFilesystems = [ "zfs" "exfat" ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + boot.loader.grub.device = "/dev/sdg"; + + fileSystems."/" = + { device = "zroot"; + fsType = "zfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/e5b36b2d-bdc7-4963-9a60-c2e1611a9676"; + fsType = "ext4"; + }; + + swapDevices = [ ]; + nix.maxJobs = 4; + + networking = { + defaultGateway = "10.7.1.1"; + nameservers = [ "10.7.1.2" "1.1.1.1" ]; + interfaces.eno1 = { + ipv4.addresses = [ { address = "10.7.1.3"; prefixLength = 24; } ]; + }; + hostName = "gaia"; + hostId = "59405489"; + dhcpcd.enable = false; + + firewall.allowedTCPPorts = [ 80 443 ]; + nat = { + enable = true; + internalInterfaces = ["ve-+"]; + externalInterface = "eno1"; + }; + }; + + time.timeZone = "Europe/Berlin"; + programs.mtr.enable = true; + + # Torrenting container + # containers.trnsmssn = + # { autoStart = true; + # privateNetwork = true; + # hostAddress = "10.7.1.3"; + # localAddress = "10.7.1.13"; + # config = { config, pkgs, ... }: + # { services.mullvad.enable = true; + # services.transmission = { enable = true; }; + # environment.systemPackages = with pkgs; [ transmission openvpn ]; + # }; + # }; + + users.users."spacekookie".hashedPassword = "$6$rounds=1000000$Nnlc.bdBdGIVXtL$Ndb0WoOT.xl3eV2ba4jHe0ajbrGfVSf.RoS2hdaU8hvV8.UHBAZbDtLtXLqQ59Q6eUfjui3YIY6XWUGxAZNYF."; + + # users.users."spacekookie" = { + # hashedPassword = + # openssh.authorizedKeys.keys = [ + # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBALMtai+K3wBvpSf9ntuBH1GNte7quhIA4/ZWKlvF0A" # uwu + # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBdIsXiaE3YLuqekTg8Xq65n1GUX5IQc8/FKMrbCsCWY" # tempest + + # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEMN1iwhQinXxg9H+wJn34EawgzdrrdfBzT0N0wy8yz9 spacekookie@alarei" + # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICPQ7alBckvMjRL/Tp38dSkZDTR/cLHRcJPwhP5+/fdM" + # ]; + # }; + + # This is pinned here because nextcloud/postgres is being unstable + # at version 18. In the future you might wanna look at upgrading + # again, but for now, just be happily one major version behind! + system.stateVersion = "20.09"; +} + |