hosts: Refactor and new nomenclature

2026-02-09 04:19:19 -08:00 · 2021-09-09 00:56:01 +01:00 · 2021-09-09 00:56:01 +01:00 · f88022f847
commit f88022f847
parent 7b079e36d8
45 changed files with 471 additions and 591 deletions
--- a/config/hosts/kyouko.nix
+++ b/config/hosts/kyouko.nix
@ -0,0 +1,127 @@
+{ meta, config, lib, pkgs, ... }:
+
+with lib;
+
+{
+  # Imports
+
+  imports = with meta; [
+    profiles.hardware.hcloud-imperative
+    profiles.network
+    users.kat.server
+    users.kat.services.weechat
+    services.filehost
+    services.gitea
+    services.logrotate
+    services.mail
+    services.matrix
+    services.murmur
+    services.nginx
+    services.postgres
+    services.prosody
+    services.radicale
+    services.restic
+    services.roundcube
+    services.syncplay
+    services.taskserver
+    services.vaultwarden
+    services.website
+    services.weechat
+    services.znc
+  ];
+
+  kw.monitoring = {
+    server.enable = true;
+  };
+
+  services.prometheus = {
+    scrapeConfigs = [
+      {
+        job_name = "boline";
+        static_configs = [{ targets = [ "boline.${config.network.addresses.yggdrasil.prefix}.${config.network.dns.domain}:8002" ]; }];
+      }
+    ];
+  };
+
+  # Terraform
+
+  deploy.tf = {
+    resources.kyouko = {
+      provider = "null";
+      type = "resource";
+      connection = {
+        port = head config.services.openssh.ports;
+        host = config.network.addresses.public.nixos.ipv4.address;
+      };
+    };
+  };
+
+  # File Systems and Swap
+
+  fileSystems = {
+    "/" = {
+      device = "/dev/sda1";
+      fsType = "ext4";
+    };
+  };
+
+  # Bootloader
+
+  boot.loader.grub = {
+    enable = true;
+    version = 2;
+    device = "/dev/sda";
+  };
+
+  # Networking
+
+  networking = {
+    hostId = "7b0ac74e";
+    useDHCP = false;
+    interfaces = {
+      enp1s0 = {
+        useDHCP = true;
+        ipv6.addresses = [{
+          address = config.network.addresses.public.nixos.ipv6.address;
+          prefixLength = 64;
+        }];
+      };
+    };
+    defaultGateway6 = {
+      address = "fe80::1";
+      interface = "enp1s0";
+    };
+  };
+
+  network = {
+    addresses = {
+      public = {
+        enable = true;
+        nixos = {
+          ipv4.address = "168.119.126.111";
+          ipv6.address = "2a01:4f8:c2c:b7a8::1";
+        };
+      };
+    };
+    yggdrasil = {
+      enable = true;
+      pubkey = "55e3f29c252d16e73ac849a6039824f94df1dee670c030b9e29f90584f935575";
+      listen.enable = true;
+      listen.endpoints = [ "tcp://${config.network.addresses.public.nixos.ipv4.address}:52969" "tcp://[${config.network.addresses.public.nixos.ipv6.address}]:52969" ];
+    };
+  };
+
+  # Firewall
+
+  network.firewall = {
+    public = {
+      interfaces = singleton "enp1s0";
+      tcp.ports = singleton 52969;
+    };
+    private.interfaces = singleton "yggdrasil";
+  };
+
+  # State
+  system.stateVersion = "20.09";
+}
+