diff --git a/hosts/kaede/base.nix b/hosts/kaede/base.nix new file mode 100644 index 0000000..4b32ed8 --- /dev/null +++ b/hosts/kaede/base.nix @@ -0,0 +1,67 @@ +{ config, pkgs, ... }: + +{ + boot = { + initrd.availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "megaraid_sas" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ]; + kernelModules = [ "kvm-intel" ]; + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + kernelPakcages = pkgs.linuxPackages_latest; + swraid = { + enable = true; + mdadmConf = '' + ARRAY /dev/md/ROOT metadata=1.2 UUID=acd8260f-e30f-2f3f-74f7-e51ee905a498 + MAILADDR root@localhost + ''; + }; + }; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/e44cfa13-868e-4d26-b3de-5a8ae92bb055"; + fsType = "ext4"; + options = [ "discard" "noatime" ]; + }; + "/boot" = { + device = "/dev/disk/by-uuid/AD5C-950B"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" "discard" "noatime" ]; + }; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/e8825b01-f91e-4c4f-8916-bffeb6fac0cd"; } + { device = "/dev/disk/by-uuid/5b53c0b9-ab57-4992-8e81-957e19c7b685"; } + ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + + time.timeZone = "Europe/Berlin"; + + console = { + font = "Lat2-Terminus16"; + useXkbConfig= true; + }; + + environment.systemPackages = with pkgs; [ + git + ]; + + virtualisation = { + useEFIBoot = true; + libvirtd = { + enable = true; + nss.enableGuest = true; + startDelay = 1; + onShutdown = "shutdown"; + }; + }; + #rootDevice = "/dev/disk/by-label/nixos"; + #mountHostNixStore = true; + + system.stateVersion = "25.11"; +} + diff --git a/hosts/kaede/default.nix b/hosts/kaede/default.nix index 78cffc1..0e57ea1 100644 --- a/hosts/kaede/default.nix +++ b/hosts/kaede/default.nix @@ -1,16 +1,11 @@ -{ ... }: - { - virtualisation = { - useEFIBoot = true; - libvirtd = { - enable = true; - nss.enableGuest = true; - startDelay = 1; - onShutdown = "shutdown"; - }; - }; - #rootDevice = "/dev/disk/by-label/nixos"; - #mountHostNixStore = true; + imports = [ + ./base.nix + ./hardware.nix + ./networking.nix + ./users.nix + ./programs.nix + ./services.nix + ]; } diff --git a/hosts/kaede/hardware.nix b/hosts/kaede/hardware.nix new file mode 100644 index 0000000..aae473a --- /dev/null +++ b/hosts/kaede/hardware.nix @@ -0,0 +1,6 @@ +{}: + +{ + boot = {}; +} + diff --git a/hosts/kaede/networking.nix b/hosts/kaede/networking.nix new file mode 100644 index 0000000..450a817 --- /dev/null +++ b/hosts/kaede/networking.nix @@ -0,0 +1,28 @@ +{ ... }: + +{ + networking = { + hostName = "kaede"; + domain = "xengi.de"; + search = [ "xengi.de" ]; + useNetworkd = true; + dhcpcd.enable = false; + nftables.enable = true; + useDHCP = false; + nameservers = [ + "1.1.1.1#one.one.one.one" + "9.9.9.9" + ]; + defaultGateway = { + address = "217.115.0.182"; + interface = "eno3"; + }; + interface.eno3 = { + ipv4.addresses = [{ address = "217.115.0.183"; prefixLength = 31; }]; + }; + firewall = { + enable = true; + }; + }; +} + diff --git a/hosts/kaede/programs.nix b/hosts/kaede/programs.nix new file mode 100644 index 0000000..5a82720 --- /dev/null +++ b/hosts/kaede/programs.nix @@ -0,0 +1,21 @@ +{ ... }: + +{ + programs = { + fish.enable = true; + vim = { + enable = true; + defaultEditor = true; + }; + tmux = { + enable = true; + terminal = "screen-256color"; + shortcut = "a"; + plugins = with pkgs.tmuxPlugins; []; + newSession = true; + historyLimit = 10000; + clock24 = true; + }; + }; +} + diff --git a/hosts/kaede/services.nix b/hosts/kaede/services.nix new file mode 100644 index 0000000..0750c5c --- /dev/null +++ b/hosts/kaede/services.nix @@ -0,0 +1,26 @@ +{ ... }: + +{ + services = { + openssh = { + enable = true; + ports = [ 10022 ]; + openFirewall = true; + PrintMotd = true; + banner = '' + __ __ __ + /'__`\ /\ \ /'_ `\ + ___ /\_\L\ \\ \ \/'\ /\ \L\ \ ____ + /'___\/_/_\_<_\ \ , < \/_> _ <_ /',__\ + /\ \__/ /\ \L\ \\ \ \\`\ /\ \L\ \/\__, `\ + \ \____\\ \____/ \ \_\ \_\ \____/\/\____/ + \/____/ \/___/ \/_/\/_/\/___/ \/___/ + ''; + settings = { + PasswordAuthentication = false; + KbdInteractiveAuthentication = false; + }; + }; + }; +} + diff --git a/hosts/kaede/users.nix b/hosts/kaede/users.nix new file mode 100644 index 0000000..d5d7641 --- /dev/null +++ b/hosts/kaede/users.nix @@ -0,0 +1,19 @@ +{ pkgs, ... }: + +{ + users.users.xengi = { + isNormalUser = true; + extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. + shell = pkgs.fish; + packages = with pkgs; [ + fastfetch + kitty + ]; + openssh.authorizedKeys.keys = [ +"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMPtGqhV7io3mhIoZho4Yf7eCo0sUZvjT2NziM2PkXSo" +"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICjv9W8WXq9QGkgmANNPQR24/I1Pm1ghxNIHftEI+jlZ" +"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICyklb7dvEHH0VBEMmTUQFKHN6ekBQqkDKj09+EilUIQ" + ]; + }; +} + diff --git a/nixosConfigurations.nix b/nixosConfigurations.nix index 0c2b375..ffaedb9 100644 --- a/nixosConfigurations.nix +++ b/nixosConfigurations.nix @@ -50,9 +50,12 @@ let ++ extraModules; in { - "k8s" = mkSystem [ - # ./hosts/kaede/default,nix - ]; + "kaede" = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ + ./hosts/kaede + ]; + }; "master-01" = mkControlPlaneNode [ ]; "master-02" = mkControlPlaneNode [ ]; "master-03" = mkControlPlaneNode [ ];