From 78c6c5b26b0cb598fbb9059ef160bab3945de119 Mon Sep 17 00:00:00 2001 From: XenGi Date: Tue, 27 Jan 2026 18:48:29 +0100 Subject: [PATCH] =?UTF-8?q?=F0=9F=94=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .editorconfig | 13 +++++++++++ .gitignore | 10 ++++----- apps.nix | 9 ++++++++ flake.lock | 28 ++++++++++++++++++++---- flake.nix | 6 +++++ hosts/common.nix | 45 ++++++++++++++++++++++++++++++++++++++ hosts/kaede/base.nix | 6 ++--- hosts/kaede/default.nix | 3 ++- hosts/kaede/hardware.nix | 6 ----- hosts/kaede/networking.nix | 11 +++++----- hosts/kaede/programs.nix | 14 ++++++++++-- hosts/kaede/services.nix | 1 - hosts/kaede/users.nix | 14 +++++++----- nixosConfigurations.nix | 12 +++++----- services/etcd.nix | 2 +- 15 files changed, 142 insertions(+), 38 deletions(-) create mode 100644 .editorconfig create mode 100644 apps.nix create mode 100644 hosts/common.nix delete mode 100644 hosts/kaede/hardware.nix diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..3f7c734 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,13 @@ +# EditorConfig is awesome: https://editorconfig.org + +root = true + +[*] +end_of_line = lf +insert_final_newline = true +charset = utf-8 + +[*.nix] +indent_style = space +indent_size = 2 + diff --git a/.gitignore b/.gitignore index e3c7e14..8f9b34c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,7 @@ -# Created by https://www.toptal.com/developers/gitignore/api/windows,linux,macos,direnv,vim,emacs,visualstudiocode,jetbrains+all,nix -# Edit at https://www.toptal.com/developers/gitignore?templates=windows,linux,macos,direnv,vim,emacs,visualstudiocode,jetbrains+all,nix +result + +# Created by https://www.toptal.com/developers/gitignore/api/windows,linux,macos,direnv,vim,emacs,visualstudiocode,jetbrains+all +# Edit at https://www.toptal.com/developers/gitignore?templates=windows,linux,macos,direnv,vim,emacs,visualstudiocode,jetbrains+all ### direnv ### .direnv @@ -190,8 +192,6 @@ Temporary Items # iCloud generated files *.icloud -#!! ERROR: nix is undefined. Use list command to see defined gitignore types !!# - ### Vim ### # Swap [._]*.s[a-v][a-z] @@ -257,4 +257,4 @@ $RECYCLE.BIN/ # Windows shortcuts *.lnk -# End of https://www.toptal.com/developers/gitignore/api/windows,linux,macos,direnv,vim,emacs,visualstudiocode,jetbrains+all,nix +# End of https://www.toptal.com/developers/gitignore/api/windows,linux,macos,direnv,vim,emacs,visualstudiocode,jetbrains+all diff --git a/apps.nix b/apps.nix new file mode 100644 index 0000000..bffbacd --- /dev/null +++ b/apps.nix @@ -0,0 +1,9 @@ +{ pkgs, pkgs-k8s, ... }: + +let + mkApp = {}; +in +{ + +} + diff --git a/flake.lock b/flake.lock index 5c05932..a183296 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,24 @@ { "nodes": { + "NixVirt": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1748140003, + "narHash": "sha256-DNBZmuk1YRM2PmwbHzVdXumRjCUzQkMarg4iI/37rOQ=", + "rev": "5dfe108fd859b122f9a96981cb6bc12297653d6c", + "revCount": 407, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/AshleyYakeley/NixVirt/0.6.0/0197059a-e45f-7446-86b5-411ccc894ab0/source.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://flakehub.com/f/AshleyYakeley/NixVirt/%2A.tar.gz" + } + }, "agenix": { "inputs": { "darwin": "darwin", @@ -102,22 +121,23 @@ }, "nixpkgs-k8s": { "locked": { - "lastModified": 1763378238, - "narHash": "sha256-Q0rIDYv83RF5o5cm+JMCDAkWByNk8HMGgFDHjDTQc/I=", + "lastModified": 1765836122, + "narHash": "sha256-L6UU7Q/EWQWLrH6yzOrOrW8zWeK9RKP0EKNeaBgRzr8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c05d8d4121d466c8a57b81130ba8ae7551d4f769", + "rev": "771c08bfa8c7da5ab251a1d0d56fb01948f45473", "type": "github" }, "original": { "owner": "NixOS", "repo": "nixpkgs", - "rev": "c05d8d4121d466c8a57b81130ba8ae7551d4f769", + "rev": "771c08bfa8c7da5ab251a1d0d56fb01948f45473", "type": "github" } }, "root": { "inputs": { + "NixVirt": "NixVirt", "agenix": "agenix", "flake-utils": "flake-utils", "nixpkgs": "nixpkgs", diff --git a/flake.nix b/flake.nix index 21246f7..db28537 100644 --- a/flake.nix +++ b/flake.nix @@ -8,6 +8,10 @@ url = "github:ryantm/agenix"; inputs.nixpkgs.follows = "nixpkgs"; }; + NixVirt = { + url = "https://flakehub.com/f/AshleyYakeley/NixVirt/*.tar.gz"; + inputs.nixpkgs.follows = "nixpkgs"; + }; # k8nix = { # url = "gitlab:luxzeitlos/k8nix/develop"; # inputs.nixpkgs.follows = "nixpkgs"; @@ -20,6 +24,7 @@ nixpkgs-k8s, flake-utils, agenix, + NixVirt, # k8nix, }: { @@ -33,6 +38,7 @@ in { formatter = pkgs.nixfmt-tree; + #apps = (import ./apps.nix pkgs pkgs-k8s); devShells.default = pkgs.mkShell { packages = with pkgs; [ agenix.packages.${system}.default diff --git a/hosts/common.nix b/hosts/common.nix new file mode 100644 index 0000000..895a2ef --- /dev/null +++ b/hosts/common.nix @@ -0,0 +1,45 @@ +{ config, lib, pkgs, ... }: + +{ + boot = { + initrd.availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "megaraid_sas" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ]; + kernelModules = [ "kvm-intel" ]; + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + kernelPackages = pkgs.linuxPackages_latest; + }; + + fileSystems = { + "/" = { + device = "/dev/disk/by-label/ROOT"; + fsType = "ext4"; + options = [ "discard" "noatime" ]; + }; + "/boot" = { + device = "/dev/disk/by-label/BOOT"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" "discard" "noatime" ]; + }; + }; + + swapDevices = []; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + + time.timeZone = "Europe/Berlin"; + + console = { + font = "Lat2-Terminus16"; + useXkbConfig= true; + }; + + environment.systemPackages = with pkgs; [ + git + ]; + + system.stateVersion = "25.11"; +} + diff --git a/hosts/kaede/base.nix b/hosts/kaede/base.nix index 4b32ed8..b9d1b50 100644 --- a/hosts/kaede/base.nix +++ b/hosts/kaede/base.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ config, lib, pkgs, ... }: { boot = { @@ -8,7 +8,7 @@ systemd-boot.enable = true; efi.canTouchEfiVariables = true; }; - kernelPakcages = pkgs.linuxPackages_latest; + kernelPackages = pkgs.linuxPackages_latest; swraid = { enable = true; mdadmConf = '' @@ -51,7 +51,7 @@ ]; virtualisation = { - useEFIBoot = true; + #useEFIBoot = true; libvirtd = { enable = true; nss.enableGuest = true; diff --git a/hosts/kaede/default.nix b/hosts/kaede/default.nix index 0e57ea1..6bbc37d 100644 --- a/hosts/kaede/default.nix +++ b/hosts/kaede/default.nix @@ -1,7 +1,8 @@ +{ ... }: + { imports = [ ./base.nix - ./hardware.nix ./networking.nix ./users.nix ./programs.nix diff --git a/hosts/kaede/hardware.nix b/hosts/kaede/hardware.nix deleted file mode 100644 index aae473a..0000000 --- a/hosts/kaede/hardware.nix +++ /dev/null @@ -1,6 +0,0 @@ -{}: - -{ - boot = {}; -} - diff --git a/hosts/kaede/networking.nix b/hosts/kaede/networking.nix index 450a817..c88d7bd 100644 --- a/hosts/kaede/networking.nix +++ b/hosts/kaede/networking.nix @@ -10,19 +10,20 @@ nftables.enable = true; useDHCP = false; nameservers = [ + "2606:4700:4700::1111#one.one.one.one" + "2620:fe::fe#dns.quad9.net" "1.1.1.1#one.one.one.one" - "9.9.9.9" + "9.9.9.9#dns.quad9.net" ]; defaultGateway = { address = "217.115.0.182"; interface = "eno3"; }; - interface.eno3 = { + interfaces.eno3 = { + ipv6.addresses = [{ address = "2a00:1328:e100:1::6d"; prefixLength = 127; }]; ipv4.addresses = [{ address = "217.115.0.183"; prefixLength = 31; }]; }; - firewall = { - enable = true; - }; + firewall.enable = true; }; } diff --git a/hosts/kaede/programs.nix b/hosts/kaede/programs.nix index 5a82720..184c46d 100644 --- a/hosts/kaede/programs.nix +++ b/hosts/kaede/programs.nix @@ -1,4 +1,4 @@ -{ ... }: +{ pkgs, ... }: { programs = { @@ -7,11 +7,21 @@ enable = true; defaultEditor = true; }; + htop = { + enable = true; + settings = { + highlight_base_name = true; + show_cpu_frequency = true; + show_cpu_temperature = true; + update_process_names = true; + color_scheme = "6"; + }; + }; tmux = { enable = true; terminal = "screen-256color"; shortcut = "a"; - plugins = with pkgs.tmuxPlugins; []; + plugins = with pkgs.tmuxPlugins; [ sensible ]; newSession = true; historyLimit = 10000; clock24 = true; diff --git a/hosts/kaede/services.nix b/hosts/kaede/services.nix index 0750c5c..7722ce9 100644 --- a/hosts/kaede/services.nix +++ b/hosts/kaede/services.nix @@ -6,7 +6,6 @@ enable = true; ports = [ 10022 ]; openFirewall = true; - PrintMotd = true; banner = '' __ __ __ /'__`\ /\ \ /'_ `\ diff --git a/hosts/kaede/users.nix b/hosts/kaede/users.nix index d5d7641..573efaa 100644 --- a/hosts/kaede/users.nix +++ b/hosts/kaede/users.nix @@ -3,16 +3,20 @@ { users.users.xengi = { isNormalUser = true; - extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. + extraGroups = [ "wheel" "libvirtd" ]; shell = pkgs.fish; packages = with pkgs; [ fastfetch - kitty + kitty # for terminfo ]; openssh.authorizedKeys.keys = [ -"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMPtGqhV7io3mhIoZho4Yf7eCo0sUZvjT2NziM2PkXSo" -"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICjv9W8WXq9QGkgmANNPQR24/I1Pm1ghxNIHftEI+jlZ" -"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICyklb7dvEHH0VBEMmTUQFKHN6ekBQqkDKj09+EilUIQ" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICW1+Ml8R9x1LCJaZ8bIZ1qIV4HCuZ6x7DziFW+0Nn5T xengi@kanae_2022-12-09" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICmb+mJfo84IagUaRoDEqY9ROjjQUOQ7tMclpN6NDPrX xengi@kota_2022-01-16" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICyklb7dvEHH0VBEMmTUQFKHN6ekBQqkDKj09+EilUIQ xengi@lucy_2018-09-08" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICjv9W8WXq9QGkgmANNPQR24/I1Pm1ghxNIHftEI+jlZ xengi@mayu_2021-06-11" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGhyfD+8jMl6FDSADb11sfAsJk0KNoVzjjiDRZjUOtmf xengi@nana_2019-08-16" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMPtGqhV7io3mhIoZho4Yf7eCo0sUZvjT2NziM2PkXSo xengi@nyu_2017-10-11" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILwYcSxbP6Hon//kZFIZJSHdqvsJ6AyCwH4JP9/t4q46 xengi@yuka_2020-12-16" ]; }; } diff --git a/nixosConfigurations.nix b/nixosConfigurations.nix index ffaedb9..7cc9cc9 100644 --- a/nixosConfigurations.nix +++ b/nixosConfigurations.nix @@ -1,4 +1,4 @@ -{ nixpkgs, agenix, ... }: +{ nixpkgs, agenix, NixVirt, ... }: let system = "x86_64-linux"; @@ -21,6 +21,7 @@ let #}; }; } + ./hosts/common.nix ]; mkSystem = extraModules: @@ -30,7 +31,7 @@ let }; mkControlPlaneNode = extraModules: - mkSystem [ + mkSystem ([ #./services/etcd.nix #./services/k8s.nix #./services/k8s-apiserver.nix @@ -39,20 +40,21 @@ let #./services/k8s-proxy.nix #./services/k8s-scheduler.nix ] - ++ extraModules; + ++ extraModules); mkWorkerNode = extraModules: - mkSystem [ + mkSystem ([ #./services/k8s.nix #./services/k8s-kubelet.nix #./services/k8s-proxy.nix ] - ++ extraModules; + ++ extraModules); in { "kaede" = nixpkgs.lib.nixosSystem { inherit system; modules = [ + NixVirt.nixosModules.default ./hosts/kaede ]; }; diff --git a/services/etcd.nix b/services/etcd.nix index 1fe39da..98abdbd 100644 --- a/services/etcd.nix +++ b/services/etcd.nix @@ -2,7 +2,7 @@ { services.etcd = { - enable = true + enable = true; package = pkgs.etcd_3_6; }; }