hosts/marisa: Init

README.md

@@ -11,8 +11,9 @@ These are the NixOS configurations for my systems. I run nothing other than NixO
 ## Nodes
 
 | Node             | Network | Purpose                                                       |
-|------------------|---------|----------------------------------------------------------|
+|------------------|---------|---------------------------------------------------------------|
 | [kyouko][]       | Public  | Currently the main server. Ad-hoc hetzner cloud box.          |
+| [marisa][]       | Public  | Reverse proxier and wireguard interconnect. Ad-hoc BuyVM box. |
 | [daiyousei][]    | Public  | Intended kyouko replacement. Provisioned OCI Ampere box.      |
 | [rinnosuke][]    | Public  | My primary nameserver. Provisioned OCI EPYC box.              |
 | [shinmyoumaru][] | Public  | My Raspberry Pi 1 Model B+. DHT22 sensors box.                |
@@ -154,6 +155,7 @@ Please use `nix-shell` or [direnv/direnv][]. The shell is not compatible with [n
   [This repository on my self hosted git.]: https://git.kittywit.ch/kat/nixfiles
   [This repository on GitHub.]: https://github.com/kittywitch/nixfiles
   [kyouko]: config/hosts/kyouko.nix
+  [marisa]: config/hosts/marisa.nix
   [daiyousei]: config/hosts/daiyousei.nix
   [rinnosuke]: config/hosts/rinnosuke.nix
   [shinmyoumaru]: config/hosts/shinmyoumaru.nix

config/hosts/marisa.nix

@@ -0,0 +1,77 @@
+{ config, lib, pkgs, modulesPath, tf, meta, ... }: with lib; {
+  imports = with meta; [
+    (modulesPath + "/profiles/qemu-guest.nix")
+    services.dnscrypt-proxy
+    profiles.network
+    services.nginx
+    users.kat.server
+  ];
+
+
+  deploy.tf = {
+    resources.marisa = {
+      provider = "null";
+      type = "resource";
+      connection = {
+        port = head config.services.openssh.ports;
+        host = config.network.addresses.public.nixos.ipv4.address;
+      };
+    };
+  };
+
+  boot = {
+    loader.grub = {
+      enable = true;
+      version = 2;
+      device = "/dev/vda";
+    };
+    initrd = {
+      availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sr_mod" "virtio_blk" ];
+    };
+    kernelModules = [ "kvm-amd" ];
+  };
+
+  networking = {
+    hostName = "marisa";
+    nameservers = [
+      "1.1.1.1"
+    ];
+    useDHCP = false;
+    defaultGateway = "104.244.72.1";
+    defaultGateway6 = {
+      address = "2605:6400:30::1";
+      interface = "ens3";
+    };
+    interfaces.ens3 = {
+      ipv4.addresses = [
+        {
+          inherit (config.network.addresses.public.nixos.ipv4) address;
+          prefixLength = 24;
+        }
+      ];
+      ipv6.addresses = [
+        {
+          inherit (config.network.addresses.public.nixos.ipv6) address;
+          prefixLength = 48;
+        }
+      ];
+    };
+  };
+
+  network.addresses.public = {
+    enable = true;
+    nixos.ipv4.address = "104.244.72.5";
+    nixos.ipv6.address = "2605:6400:30:eed1:6cf7:bbfc:b4e:15c0";
+  };
+
+  fileSystems."/" ={
+    device = "/dev/disk/by-uuid/6ed3e886-d390-433f-90ac-2b37aed9f15f";
+    fsType = "ext4";
+  };
+
+  swapDevices = [
+    { device = "/dev/disk/by-uuid/ba1425d4-8c18-47aa-b909-65bb710be400"; }
+  ];
+
+  system.stateVersion = "21.11";
+}