add new host

2025-04-13 21:40:52 +02:00 · 2025-04-13 21:40:52 +02:00 · d5509e6ea1
parent 6d001a11f4
commit d5509e6ea1
9 changed files with 90 additions and 22 deletions
--- a/flake.nix
+++ b/flake.nix
@ -37,12 +37,14 @@
      devices = {
        vinzenz-lpt2 = "x86_64-linux";
        vinzenz-pc2 = "x86_64-linux";
+        ronja-pc = "x86_64-linux";
        hetzner-vpn2 = "aarch64-linux";
        forgejo-runner-1 = "aarch64-linux";
      };
      homeDevices = [
        "vinzenz-lpt2"
        "vinzenz-pc2"
+        "ronja-pc"
      ];
      forDevice = f: nixpkgs.lib.mapAttrs f devices;
    in
--- a/home/vinzenz/vscode.nix
+++ b/home/vinzenz/vscode.nix
@ -20,6 +20,7 @@
      ms-dotnettools.csharp
      ms-vscode-remote.remote-ssh
      RoweWilsonFrederiskHolme.wikitext
+      davidanson.vscode-markdownlint
    ];
    userSettings = {
      "files.autoSave" = "afterDelay";
--- a/hosts/hetzner-vpn2/nginx.nix
+++ b/hosts/hetzner-vpn2/nginx.nix
@ -20,26 +20,26 @@
    recommendedOptimisation = true;

    virtualHosts =
-      let
-        servicesDomain = "services.zerforschen.plus";
-        mkServiceConfig = host: port: {
-          addSSL = true;
-          enableACME = true;
-          locations."/" = {
-            proxyPass = "http://${host}:${toString port}/";
-            extraConfig = ''
-              # bind to tailscale ip
-              proxy_bind 100.88.118.60;
-              # pam auth
-              limit_except OPTIONS {
-                auth_pam  "Password Required";
-                auth_pam_service_name "nginx";
-              }
-            '';
-          };
-        };
-        pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net";
-      in
+      #let
+      #  servicesDomain = "services.zerforschen.plus";
+      #  mkServiceConfig = host: port: {
+      #    addSSL = true;
+      #    enableACME = true;
+      #    locations."/" = {
+      #      proxyPass = "http://${host}:${toString port}/";
+      #      extraConfig = ''
+      #        # bind to tailscale ip
+      #        proxy_bind 100.88.118.60;
+      #        # pam auth
+      #        limit_except OPTIONS {
+      #          auth_pam  "Password Required";
+      #          auth_pam_service_name "nginx";
+      #        }
+      #      '';
+      #    };
+      #  };
+      #  pc2 = "vinzenz-pc2.donkey-pentatonic.ts.net";
+      #in
      {
        #"vscode.${servicesDomain}" = lib.mkMerge [
        #  (mkServiceConfig pc2 8542)
--- a/hosts/ronja-pc/configuration.nix
+++ b/hosts/ronja-pc/configuration.nix
@ -0,0 +1,25 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  # Configure keymap in X11
+  services.xserver.xkb = {
+    layout = "de";
+    variant = "";
+  };
+
+  # Configure console keymap
+  console.keyMap = "de";
+
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
+  environment.systemPackages = with pkgs; [
+    #  vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
+    #  wget
+  ];
+
+  # Open ports in the firewall.
+  # networking.firewall.allowedTCPPorts = [ ... ];
+  # networking.firewall.allowedUDPPorts = [ ... ];
+}
--- a/hosts/ronja-pc/hardware.nix
+++ b/hosts/ronja-pc/hardware.nix
@ -0,0 +1,31 @@
+{lib, ...}: {
+  boot = {
+    kernelModules = ["kvm-intel"];
+    extraModulePackages = [];
+    initrd = {
+      availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"];
+      kernelModules = [];
+    };
+  };
+
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-uuid/27eccf93-a79f-4fcb-8588-ec55d913508f";
+      fsType = "btrfs";
+      options = ["subvol=@"];
+    };
+
+    "/boot" = {
+      device = "/dev/disk/by-uuid/85D4-43FC";
+      fsType = "vfat";
+      options = ["fmask=0077" "dmask=0077"];
+    };
+  };
+
+  swapDevices = [
+    {device = "/dev/disk/by-uuid/bf9d19fb-499b-4bfb-b67d-131fa5bf8259";}
+  ];
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = true;
+}
--- a/hosts/ronja-pc/imports.nix
+++ b/hosts/ronja-pc/imports.nix
@ -0,0 +1,10 @@
+{
+  imports = [
+    ../../modules/gnome.nix
+    ../../modules/gaming.nix
+    ../../modules/desktop-environment.nix
+    ../../modules/desktop-hardware.nix
+
+    ../../home/ronja
+  ];
+}
--- a/hosts/vinzenz-lpt2/configuration.nix
+++ b/hosts/vinzenz-lpt2/configuration.nix
@ -3,7 +3,6 @@
  imports = [ ./zerforschen-plus.nix ];

  config = {
-    networking.networkmanager.enable = true;
    nix.settings.extra-platforms = [
      "aarch64-linux"
      "i686-linux"
--- a/hosts/vinzenz-pc2/configuration.nix
+++ b/hosts/vinzenz-pc2/configuration.nix
@ -5,7 +5,6 @@
    ./vscode-server.nix
  ];
  config = {
-    networking.networkmanager.enable = true;
    nix.settings.extra-platforms = [
      "aarch64-linux"
      "i686-linux"
--- a/modules/desktop-hardware.nix
+++ b/modules/desktop-hardware.nix
@ -27,6 +27,7 @@
      };
    };

+    networking.networkmanager.enable = true;
    # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
    # (the default) this is the recommended approach. When using systemd-networkd it's
    # still possible to use this option, but it's recommended to use it in conjunction