kaede

2025-12-30 12:32:01 +01:00 · 2025-12-30 12:32:01 +01:00 · e61be4a176
commit e61be4a176
parent 9cbb528c2d
8 changed files with 181 additions and 16 deletions
--- a/hosts/kaede/base.nix
+++ b/hosts/kaede/base.nix
@ -0,0 +1,67 @@
+{ config, pkgs, ... }:
+
+{
+  boot = {
+    initrd.availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "megaraid_sas" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
+    kernelModules = [ "kvm-intel" ];
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+    kernelPakcages = pkgs.linuxPackages_latest;
+    swraid = {
+      enable = true;
+      mdadmConf = ''
+        ARRAY /dev/md/ROOT metadata=1.2 UUID=acd8260f-e30f-2f3f-74f7-e51ee905a498
+        MAILADDR root@localhost
+      '';
+    };
+  };
+
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-uuid/e44cfa13-868e-4d26-b3de-5a8ae92bb055";
+      fsType = "ext4";
+      options = [ "discard" "noatime" ];
+    };
+    "/boot" = {
+      device = "/dev/disk/by-uuid/AD5C-950B";
+      fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" "discard" "noatime" ];
+    };
+  };
+
+  swapDevices = [
+    { device = "/dev/disk/by-uuid/e8825b01-f91e-4c4f-8916-bffeb6fac0cd"; }
+    { device = "/dev/disk/by-uuid/5b53c0b9-ab57-4992-8e81-957e19c7b685"; }
+  ];
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+
+  time.timeZone = "Europe/Berlin";
+
+  console = {
+    font = "Lat2-Terminus16";
+    useXkbConfig= true;
+  };
+
+  environment.systemPackages = with pkgs; [
+    git
+  ];
+
+  virtualisation = {
+    useEFIBoot = true;
+    libvirtd = {
+      enable = true;
+      nss.enableGuest = true;
+      startDelay = 1;
+      onShutdown = "shutdown";
+    };
+  };
+  #rootDevice = "/dev/disk/by-label/nixos";
+  #mountHostNixStore = true;
+
+  system.stateVersion = "25.11";
+}
+
--- a/hosts/kaede/default.nix
+++ b/hosts/kaede/default.nix
@ -1,16 +1,11 @@
-{ ... }:
-
 {
-  virtualisation = {
-    useEFIBoot = true;
-    libvirtd = {
-      enable = true;
-      nss.enableGuest = true;
-      startDelay = 1;
-      onShutdown = "shutdown";
-    };
-  };
-  #rootDevice = "/dev/disk/by-label/nixos";
-  #mountHostNixStore = true;
+  imports = [
+    ./base.nix
+    ./hardware.nix
+    ./networking.nix
+    ./users.nix
+    ./programs.nix
+    ./services.nix
+  ];
 }

--- a/hosts/kaede/hardware.nix
+++ b/hosts/kaede/hardware.nix
@ -0,0 +1,6 @@
+{}:
+
+{
+  boot = {};
+}
+
--- a/hosts/kaede/networking.nix
+++ b/hosts/kaede/networking.nix
@ -0,0 +1,28 @@
+{ ... }:
+
+{
+  networking = {
+    hostName = "kaede";
+    domain = "xengi.de";
+    search = [ "xengi.de" ];
+    useNetworkd = true;
+    dhcpcd.enable = false;
+    nftables.enable = true;
+    useDHCP = false;
+    nameservers = [
+      "1.1.1.1#one.one.one.one"
+      "9.9.9.9"
+    ];
+    defaultGateway = {
+      address = "217.115.0.182";
+      interface = "eno3";
+    };
+    interface.eno3 = {
+      ipv4.addresses = [{ address = "217.115.0.183"; prefixLength = 31; }];
+    };
+    firewall = {
+      enable = true;
+    };
+  };
+}
+
--- a/hosts/kaede/programs.nix
+++ b/hosts/kaede/programs.nix
@ -0,0 +1,21 @@
+{ ... }:
+
+{
+  programs = {
+    fish.enable = true;
+    vim = {
+      enable = true;
+      defaultEditor = true;
+    };
+    tmux = {
+      enable = true;
+      terminal = "screen-256color";
+      shortcut = "a";
+      plugins = with pkgs.tmuxPlugins; [];
+      newSession = true;
+      historyLimit = 10000;
+      clock24 = true;
+    };
+  };
+}
+
--- a/hosts/kaede/services.nix
+++ b/hosts/kaede/services.nix
@ -0,0 +1,26 @@
+{ ... }:
+
+{
+  services = {
+    openssh = {
+      enable = true;
+      ports = [ 10022 ];
+      openFirewall = true;
+      PrintMotd = true;
+      banner = ''
+                 __    __         __
+               /'__`\ /\ \      /'_ `\
+          ___ /\_\L\ \\ \ \/'\ /\ \L\ \    ____
+         /'___\/_/_\_<_\ \ , < \/_> _ <_  /',__\
+        /\ \__/ /\ \L\ \\ \ \\`\ /\ \L\ \/\__, `\
+        \ \____\\ \____/ \ \_\ \_\ \____/\/\____/
+         \/____/ \/___/   \/_/\/_/\/___/  \/___/
+      '';
+      settings = {
+        PasswordAuthentication = false;
+        KbdInteractiveAuthentication = false;
+      };
+    };
+  };
+}
+
--- a/hosts/kaede/users.nix
+++ b/hosts/kaede/users.nix
@ -0,0 +1,19 @@
+{ pkgs, ... }:
+
+{
+  users.users.xengi = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
+    shell = pkgs.fish;
+    packages = with pkgs; [
+      fastfetch
+      kitty
+    ];
+    openssh.authorizedKeys.keys = [
+"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMPtGqhV7io3mhIoZho4Yf7eCo0sUZvjT2NziM2PkXSo"
+"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICjv9W8WXq9QGkgmANNPQR24/I1Pm1ghxNIHftEI+jlZ"
+"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICyklb7dvEHH0VBEMmTUQFKHN6ekBQqkDKj09+EilUIQ"
+    ];
+  };
+}
+
--- a/nixosConfigurations.nix
+++ b/nixosConfigurations.nix
@ -50,9 +50,12 @@ let
    ++ extraModules;
 in
 {
-  "k8s" = mkSystem [
-    # ./hosts/kaede/default,nix
-  ];
+  "kaede" = nixpkgs.lib.nixosSystem {
+    inherit system;
+    modules = [
+      ./hosts/kaede
+    ];
+  };
  "master-01" = mkControlPlaneNode [ ];
  "master-02" = mkControlPlaneNode [ ];
  "master-03" = mkControlPlaneNode [ ];