From eef227d45ac6c710d04661fad1238da4da535e4b Mon Sep 17 00:00:00 2001 From: clerie Date: Wed, 20 Sep 2023 20:35:35 +0200 Subject: [PATCH] hosts/zinc: add host --- flake.nix | 1 + hosts/zinc/configuration.nix | 39 ++++++++++++++++++++++++++ hosts/zinc/hardware-configuration.nix | 40 +++++++++++++++++++++++++++ 3 files changed, 80 insertions(+) create mode 100644 hosts/zinc/configuration.nix create mode 100644 hosts/zinc/hardware-configuration.nix diff --git a/flake.nix b/flake.nix index dbe1216..db98184 100644 --- a/flake.nix +++ b/flake.nix @@ -69,6 +69,7 @@ schule = { name = "schule"; }; storage-2 = { name = "storage-2"; }; web-2 = { name = "web-2"; }; + zinc = { name = "zinc"; }; _iso = { name = "_iso"; }; }; diff --git a/hosts/zinc/configuration.nix b/hosts/zinc/configuration.nix new file mode 100644 index 0000000..4570618 --- /dev/null +++ b/hosts/zinc/configuration.nix @@ -0,0 +1,39 @@ +{ config, pkgs, lib, ... }: + +{ + imports = + [ + ./hardware-configuration.nix + ]; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.loader.timeout = 0; + + boot.initrd.luks = { + devices.lvm = { + device = "/dev/disk/by-uuid/43275d9a-8fe8-4631-bf9c-a95d692b534f"; + bypassWorkqueues = true; + }; + }; + + boot.initrd.network.enable = true; + boot.initrd.network.ssh = { + enable = true; + port = 1022; + shell = "/bin/cryptsetup-askpass"; + authorizedKeys = config.users.users.clerie.openssh.authorizedKeys.keys; + hostKeys = [ + "/var/src/secrets/initrd/ssh_host_ed25519_key" + ]; + }; + boot.initrd.kernelModules = [ "igc" ]; + boot.kernelParams = [ "ip=dhcp" ]; + + networking.hostName = "zinc"; + + system.stateVersion = "23.05"; +} + + diff --git a/hosts/zinc/hardware-configuration.nix b/hosts/zinc/hardware-configuration.nix new file mode 100644 index 0000000..e6941b8 --- /dev/null +++ b/hosts/zinc/hardware-configuration.nix @@ -0,0 +1,40 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.kernelModules = [ "dm-snapshot" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/55d1a555-2c04-4108-beff-f2a93cec124a"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/0509-0D2F"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s20f0u1.useDHCP = lib.mkDefault true; + # networking.interfaces.enp89s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +}