gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

hosts/koishi: v330-14arr -> x270

Browse source
This commit is contained in:
kat witch 2021-10-03 01:02:53 +01:00
parent 34fd56c791
commit ec66fd0377
No known key found for this signature in database
GPG key ID: 1B477797DCA5EC72
15 changed files with 380 additions and 287 deletions
Download patch file Download diff file Expand all files Collapse all files

391
config/hosts/goliath.nix
View file

@ -1,5 +1,4 @@
{ meta, tf, config, pkgs, lib, sources, ... }: with lib; {
imports = with meta; [
profiles.hardware.ms-7b86
profiles.hardware.razer
@ -18,232 +17,234 @@
services.zfs
];
deploy.tf = {
resources.goliath = {
provider = "null";
type = "resource";
connection = {
port = head config.services.openssh.ports;
host = config.network.addresses.private.nixos.ipv4.address;
config = {
deploy.tf = {
resources.goliath = {
provider = "null";
type = "resource";
connection = {
port = head config.services.openssh.ports;
host = config.network.addresses.private.nixos.ipv4.address;
};
};
};
};
boot.supportedFilesystems = [ "zfs" "xfs" ];
boot.supportedFilesystems = [ "zfs" "xfs" ];
fileSystems = {
"/" = {
device = "rpool/ephemeral/root";
fsType = "zfs";
fileSystems = {
"/" = {
device = "rpool/ephemeral/root";
fsType = "zfs";
};
"/nix" = {
device = "rpool/local/nix";
fsType = "zfs";
};
"/home" = {
device = "rpool/ephemeral/home";
fsType = "zfs";
};
"/persist/root" = {
device = "rpool/persist/root";
fsType = "zfs";
neededForBoot = true;
};
"/persist/home" = {
device = "rpool/persist/home";
fsType = "zfs";
neededForBoot = true;
};
"/boot" = {
device = "/dev/disk/by-uuid/AED6-D0D1";
fsType = "vfat";
};
"/mnt/xstore" = {
device = "/dev/disk/by-uuid/64269102-a278-4919-9118-34e37f4afdb0";
fsType = "xfs";
};
};
"/nix" = {
device = "rpool/local/nix";
fsType = "zfs";
};
"/home" = {
device = "rpool/ephemeral/home";
fsType = "zfs";
};
"/persist/root" = {
device = "rpool/persist/root";
fsType = "zfs";
neededForBoot = true;
};
"/persist/home" = {
device = "rpool/persist/home";
fsType = "zfs";
neededForBoot = true;
};
"/boot" = {
device = "/dev/disk/by-uuid/AED6-D0D1";
fsType = "vfat";
};
"/mnt/xstore" = {
device = "/dev/disk/by-uuid/64269102-a278-4919-9118-34e37f4afdb0";
fsType = "xfs";
};
};
boot.initrd.postDeviceCommands = mkIf (config.fileSystems."/".fsType == "zfs") (mkAfter ''
zfs rollback -r ${config.fileSystems."/".device}@blank
zfs rollback -r ${config.fileSystems."/home".device}@blank
'');
boot.initrd.postDeviceCommands = mkIf (config.fileSystems."/".fsType == "zfs") (mkAfter ''
zfs rollback -r ${config.fileSystems."/".device}@blank
zfs rollback -r ${config.fileSystems."/home".device}@blank
'');
programs.fuse.userAllowOther = true;
programs.fuse.userAllowOther = true;
environment.persistence."/persist/root" = {
directories = [
"/var/log"
"/var/lib/systemd/coredump"
"/var/lib/acme"
"/var/lib/yggdrasil"
"/var/lib/kat/secrets"
];
files = [
"/etc/machine-id"
"/etc/nix/id_rsa"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
];
};
secrets.persistentRoot = mkForce "/persist/root/var/lib/kat/secrets";
home-manager.users.kat = {
secrets.persistentRoot = mkForce "/persist/home/.cache/kat/secrets";
home.persistence."/persist/home" = {
allowOther = true;
environment.persistence."/persist/root" = {
directories = [
".cache/kat/secrets"
".cache/rbw"
".cache/nix"
".local/share/z"
".local/share/vim"
".local/share/nvim"
".local/share/task"
".local/share/dino"
".local/share/weechat"
".local/share/Mumble"
".local/share/direnv"
".config/Mumble"
".config/Element"
".config/hedgedoc"
".ApacheDirectoryStudio"
".gnupg"
".mozilla"
"neorg"
"docs"
"media"
"mail"
"projects"
"shared"
"/var/log"
"/var/lib/systemd/coredump"
"/var/lib/acme"
"/var/lib/yggdrasil"
"/var/lib/kat/secrets"
];
files = [
".ssh/known_hosts"
".zsh_history"
"/etc/machine-id"
"/etc/nix/id_rsa"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
];
};
};
swapDevices = [
{ device = "/dev/disk/by-uuid/89831a0f-93e6-4d30-85e4-09061259f140"; }
{ device = "/dev/disk/by-uuid/8f944315-fe1c-4095-90ce-50af03dd5e3f"; }
];
secrets.persistentRoot = mkForce "/persist/root/var/lib/kat/secrets";
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
home-manager.users.kat = {
secrets.persistentRoot = mkForce "/persist/home/.cache/kat/secrets";
deploy.profile.hardware.acs-override = true;
users.users.kat.extraGroups = singleton "openrazer";
hardware = {
displays = {
"HDMI-A-1" = {
res = "1920x1080";
pos = "0 0";
};
"DVI-D-1" = {
res = "1920x1200";
pos = "1920 0";
};
"DP-1" = {
res = "1920x1080";
pos = "3840 0";
};
};
bamboo.display = "HDMI-A-1";
openrazer.enable = true;
};
environment.systemPackages = [
pkgs.razergenie
];
boot.modprobe.modules = {
vfio-pci =
let
vfio-pci-ids = [
"1002:67df"
"1002:aaf0" # RX 580
"1912:0014" # Renesas USB 3
"1022:149c" # CPU USB 3
home.persistence."/persist/home" = {
allowOther = true;
directories = [
".cache/kat/secrets"
".cache/rbw"
".cache/nix"
".local/share/z"
".local/share/vim"
".local/share/nvim"
".local/share/task"
".local/share/dino"
".local/share/weechat"
".local/share/Mumble"
".local/share/direnv"
".config/Mumble"
".config/Element"
".config/hedgedoc"
".ApacheDirectoryStudio"
".gnupg"
".mozilla"
"neorg"
"docs"
"media"
"mail"
"projects"
"shared"
];
files = [
".ssh/known_hosts"
".zsh_history"
];
in
mkIf (vfio-pci-ids != [ ]) {
options.ids = concatStringsSep "," vfio-pci-ids;
};
};
};
services.udev.extraRules = ''
SUBSYSTEM=="usb", ACTION=="add", ATTRS{idVendor}=="1532", ATTRS{idProduct}=="0067", GROUP="vfio"
SUBSYSTEM=="block", ACTION=="add", ATTRS{model}=="HFS256G32TNF-N3A", ATTRS{wwid}=="t10.ATA HFS256G32TNF-N3A0A MJ8BN15091150BM1Z ", OWNER="kat"
'';
swapDevices = [
{ device = "/dev/disk/by-uuid/89831a0f-93e6-4d30-85e4-09061259f140"; }
{ device = "/dev/disk/by-uuid/8f944315-fe1c-4095-90ce-50af03dd5e3f"; }
];
networking = {
hostId = "617050fc";
useDHCP = false;
/*useNetworkd = true;*/
interfaces = {
enp34s0.ipv4.addresses = singleton {
inherit (config.network.addresses.private.nixos.ipv4) address;
prefixLength = 24;
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
deploy.profile.hardware.acs-override = true;
users.users.kat.extraGroups = singleton "openrazer";
hardware = {
displays = {
"HDMI-A-1" = {
res = "1920x1080";
pos = "0 0";
};
"DVI-D-1" = {
res = "1920x1200";
pos = "1920 0";
};
"DP-1" = {
res = "1920x1080";
pos = "3840 0";
};
};
defaultGateway = config.network.privateGateway;
firewall.allowPing = true;
};
bamboo.display = "HDMI-A-1";
openrazer.enable = true;
};
/*systemd.network = {
networks.enp34s0 = {
matchConfig.Name = "enp34s0";
bridge = singleton "br";
environment.systemPackages = [
pkgs.razergenie
];
boot.modprobe.modules = {
vfio-pci =
let
vfio-pci-ids = [
"1002:67df"
"1002:aaf0" # RX 580
"1912:0014" # Renesas USB 3
"1022:149c" # CPU USB 3
];
in
mkIf (vfio-pci-ids != [ ]) {
options.ids = concatStringsSep "," vfio-pci-ids;
};
};
networks.br = {
matchConfig.Name = "br";
address = singleton "${config.network.addresses.private.nixos.ipv4.address}/24";
gateway = singleton config.network.privateGateway;
services.udev.extraRules = ''
SUBSYSTEM=="usb", ACTION=="add", ATTRS{idVendor}=="1532", ATTRS{idProduct}=="0067", GROUP="vfio"
SUBSYSTEM=="block", ACTION=="add", ATTRS{model}=="HFS256G32TNF-N3A", ATTRS{wwid}=="t10.ATA HFS256G32TNF-N3A0A MJ8BN15091150BM1Z ", OWNER="kat"
'';
networking = {
hostId = "617050fc";
useDHCP = false;
/*useNetworkd = true;*/
interfaces = {
enp34s0.ipv4.addresses = singleton {
inherit (config.network.addresses.private.nixos.ipv4) address;
prefixLength = 24;
};
};
defaultGateway = config.network.privateGateway;
firewall.allowPing = true;
};
netdevs.br = {
netdevConfig = {
Name = "br";
Kind = "bridge";
MACAddress = "00:d8:61:c7:f4:9d";
/*systemd.network = {
networks.enp34s0 = {
matchConfig.Name = "enp34s0";
bridge = singleton "br";
};
};
};*/
networks.br = {
matchConfig.Name = "br";
address = singleton "${config.network.addresses.private.nixos.ipv4.address}/24";
gateway = singleton config.network.privateGateway;
};
netdevs.br = {
netdevConfig = {
Name = "br";
Kind = "bridge";
MACAddress = "00:d8:61:c7:f4:9d";
};
};
};*/
services.avahi.enable = true;
services.avahi.enable = true;
network = {
addresses = {
private = {
network = {
addresses = {
private = {
enable = true;
nixos = {
ipv4.address = "192.168.1.1";
};
};
};
yggdrasil = {
enable = true;
nixos = {
ipv4.address = "192.168.1.1";
pubkey = "a7110d0a1dc9ec963d6eb37bb6922838b8088b53932eae727a9136482ce45d47";
listen.enable = false;
listen.endpoints = [ "tcp://0.0.0.0:0" ];
};
firewall = {
public.interfaces = [ "br" "enp34s0" ];
private = {
interfaces = singleton "yggdrasil";
};
};
};
yggdrasil = {
enable = true;
pubkey = "a7110d0a1dc9ec963d6eb37bb6922838b8088b53932eae727a9136482ce45d47";
listen.enable = false;
listen.endpoints = [ "tcp://0.0.0.0:0" ];
};
firewall = {
public.interfaces = [ "br" "enp34s0" ];
private = {
interfaces = singleton "yggdrasil";
};
};
system.stateVersion = "21.11";
};
system.stateVersion = "21.11";
}