clerie/nixfiles
1
0
Fork 0
Code

Update from updated-inputs-2025-02-22-02-03

Browse Source
This commit is contained in:
Flake Update Bot 2025-02-22 03:03:08 +01:00
commit 801e8de895
7 changed files with 107 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
flake.nix
View File

@ -104,6 +104,7 @@
palladium = {}; palladium = {};
porter = {}; porter = {};
storage-2 = {}; storage-2 = {};
tungsten = {};
web-2 = {}; web-2 = {};
zinc = { zinc = {
modules = [ modules = [
@ -134,6 +135,7 @@
inherit (pkgs) inherit (pkgs)
clerie-backup clerie-backup
clerie-keys clerie-keys
clerie-system-remote-install
clerie-system-upgrade clerie-system-upgrade
clerie-merge-nixfiles-update clerie-merge-nixfiles-update
clerie-update-nixfiles clerie-update-nixfiles

5
hosts/_iso/configuration.nix
View File

@ -1,4 +1,4 @@
{ pkgs, lib, modulesPath, ... }: { pkgs, lib, modulesPath, config, ... }:
{ {
imports = [ imports = [
@ -18,6 +18,9 @@
nixfiles-auto-install nixfiles-auto-install
]; ];
# Allow user clerie to log in as root directly with ssh keys
users.users.root.openssh.authorizedKeys.keys = config.users.users.clerie.openssh.authorizedKeys.keys;
services.openssh.settings = { services.openssh.settings = {
PermitRootLogin = lib.mkForce "yes"; PermitRootLogin = lib.mkForce "yes";
}; };

24
hosts/tungsten/configuration.nix Normal file
View File

@ -0,0 +1,24 @@
{ config, pkgs, lib, ... }:
{
imports =
[
./hardware-configuration.nix
];
boot.kernelParams = [ "console=ttyS0,115200n8" ];
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/disk/by-id/ata-InnoDisk_Corp._DRPS-08GJ30AC1QS-A88_20120705AAB200000505";
boot.loader.grub.extraConfig = "
serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial
terminal_output serial
";
networking.hostName = "tungsten";
system.stateVersion = "25.05";
}

39
hosts/tungsten/hardware-configuration.nix Normal file
View File

@ -0,0 +1,39 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "ahci" "ohci_pci" "ehci_pci" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/7ed9e29c-d771-49a1-ae8a-8894f347c648";
fsType = "ext4";
};
boot.initrd.luks.devices."root".device = "/dev/disk/by-uuid/95122f15-5621-457c-972c-c057ca416212";
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/02a2afe4-ee00-4d3d-884a-e195b9814bfd";
fsType = "ext4";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

31
pkgs/clerie-system-remote-install/clerie-system-remote-install.sh Executable file
View File

@ -0,0 +1,31 @@
#!/usr/bin/env bash
set -xeuo pipefail
SYSTEM="$1"
REMOTE_HOST="$2"
REMOTE_ROOT="$3"
nix copy "${SYSTEM}" --to "ssh://${REMOTE_HOST}?remote-store=${REMOTE_ROOT}"
ssh "${REMOTE_HOST}" -- nix-env --store "${REMOTE_ROOT}" -p "${REMOTE_ROOT}/nix/var/nix/profiles/system" --set "${SYSTEM}"
ssh "${REMOTE_HOST}" -- mkdir -p "${REMOTE_ROOT}/tmp"
TMPSH="$(ssh "${REMOTE_HOST}" -- mktemp -p "${REMOTE_ROOT}/tmp")"
# shellcheck disable=SC2087
ssh "${REMOTE_HOST}" -- tee "${TMPSH}" <<EOF
#!/usr/bin/env bash
set -euo pipefail
nix-env --store "${REMOTE_ROOT}" -p "${REMOTE_ROOT}/nix/var/nix/profiles/system" --set "${SYSTEM}"
mkdir -m 0775 -p "${REMOTE_ROOT}/etc"
touch "${REMOTE_ROOT}/etc/NIXOS"
ln -sfn /proc/mounts "${REMOTE_ROOT}/etc/mtab"
NIXOS_INSTALL_BOOTLOADER=1 nixos-enter --root "${REMOTE_ROOT}" -c "/run/current-system/bin/switch-to-configuration boot"
EOF
ssh "${REMOTE_HOST}" -- bash "${TMPSH}"

6
pkgs/clerie-system-remote-install/default.nix Normal file
View File

@ -0,0 +1,6 @@
{ pkgs, ... }:
pkgs.writeShellApplication {
name = "clerie-system-remote-install";
text = builtins.readFile ./clerie-system-remote-install.sh;
}

1
pkgs/overlay.nix
View File

@ -1,6 +1,7 @@
final: prev: { final: prev: {
clerie-backup = final.callPackage ./clerie-backup {}; clerie-backup = final.callPackage ./clerie-backup {};
clerie-keys = final.callPackage ./clerie-keys {}; clerie-keys = final.callPackage ./clerie-keys {};
clerie-system-remote-install = final.callPackage ./clerie-system-remote-install {};
clerie-system-upgrade = final.callPackage ./clerie-system-upgrade/clerie-system-upgrade.nix {}; clerie-system-upgrade = final.callPackage ./clerie-system-upgrade/clerie-system-upgrade.nix {};
clerie-merge-nixfiles-update = final.callPackage ./clerie-update-nixfiles/clerie-merge-nixfiles-update.nix {}; clerie-merge-nixfiles-update = final.callPackage ./clerie-update-nixfiles/clerie-merge-nixfiles-update.nix {};
clerie-sops = final.callPackage ./clerie-sops/clerie-sops.nix {}; clerie-sops = final.callPackage ./clerie-sops/clerie-sops.nix {};