summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/lass/default.nix31
-rw-r--r--krebs/Zhosts/helios10
-rw-r--r--lass/1systems/helios.nix72
3 files changed, 113 insertions, 0 deletions
diff --git a/krebs/3modules/lass/default.nix b/krebs/3modules/lass/default.nix
index b99ebf01d..49ff50e8c 100644
--- a/krebs/3modules/lass/default.nix
+++ b/krebs/3modules/lass/default.nix
@@ -228,6 +228,33 @@ with lib;
ssh.privkey.path = <secrets/ssh.id_ed25519>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINAMPlIG+6u75GJ3kvsPF6OoIZsU+u8ZQ+rdviv5fNMD";
};
+ helios = {
+ cores = 2;
+ dc = "lass";
+ nets = {
+ retiolum = {
+ addrs4 = ["10.243.0.3"];
+ addrs6 = ["42:0:0:0:0:0:0:7105"];
+ aliases = [
+ "helios.retiolum"
+ "cgit.helios.retiolum"
+ ];
+ tinc.pubkey = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEA9SItL2mhQpTl95gjSWRstrDajUnI5YbrVCuaDKfw9gRwMyPNiO/y
+ Xwv/w4Ri8NCJZLZGkj2vG3X0EfJFBEPTJPTCbF9fP7PqqVs38BD41txLp+NrFxEq
+ 5fmFk65/eg8ujrNQoOSUGmky/BKqQhWjvxdAWuwjN933wJCcNCxyaUwljHLYEK/I
+ oIJX+spnFmPwmhW9hsOj8K06eHixT13+0W48GG/ZNcV3x5vWxcKUvZ4Qtzz2iMNB
+ hud5kae7xMUfFAzCeKF/zsjuyt2d/xQg1WgR8MXGNgYhNJFSXz94r/bivNO6H4vP
+ Pfjndnh8cD46ADo8woS1nQ19WId+sMbipwIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+ };
+ secure = true;
+ ssh.privkey.path = <secrets/ssh.id_ed25519>;
+ ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDWlIxkX41V55Yker8n4gErx2xcKpXFNKthhbP3+bTJ7";
+ };
};
users = addNames {
@@ -239,5 +266,9 @@ with lib;
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDExWuRcltGM2FqXO695nm6/QY3wU3r1bDTyCpMrLfUSym7TxcXDSmZSWcueexPXV6GENuUfjJPZswOdWqIo5u2AXw9t0aGvwEDmI6uJ7K5nzQOsXIneGMdYuoOaAzWI8pxZ4N+lIP1HsOYttIPDp8RwU6kyG+Ud8mnVHWSTO13C7xC9vePnDP6b+44nHS691Zj3X/Cq35Ls0ISC3EM17jreucdP62L3TKk2R4NCm3Sjqj+OYEv0LAqIpgqSw5FypTYQgNByxRcIcNDlri63Q1yVftUP1338UiUfxtraUu6cqa2CdsHQmtX5mTNWEluVWO3uUKTz9zla3rShC+d3qvr lass@uriel";
mail = "lass@uriel.retiolum";
};
+ lass_helios = {
+ pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDBOnMtgy5GH6R6tHp2ugy5QTe3gAGxh2CKsstSNSNAJwvWGiaWJkbNmgM8KlCWeq1GJBGa95kU4I2BDO5fJd7J9vqyrTGF1+sx0Nwj/ELKSNVxDoKVYiU09pTqSB3pi46i+E8N49y4/8aRhu4/7O2dSTH7OS3YoZpt2Soas+cYJYhQdZtYQAgPX5LOkTfQvPhGR8AzrrTvOUrHyTWaSBEELVZ088LrFT6ibXHcPhwXX7A5+YMS8LLr3KRstySWzJEmfVOJxuMhQJSH1Xiq4bLilVn9V4AK5pCOnlALSYf48SexsCqzBUKgISuncurIBbXtW9EkNTMX3jSKlSQ7WniGRlmzrBAJCh4VXJUZgXDf8hAaPckIRbLosbTnEAauWcfnIXLfvI+bYkURhfYKsWelM+MS6ihk+P2yr8rNT9w5iUVJGVypOXUp45PrFuPn6ayCpNRJzqPwCCPE7fFagzLs7wibIXlrhCnRALT5HHyExFFcQoGvIq/8o+Oia8mrTimb55IDLwkiYrG6I5DPXFPKsTC0hium9T3I8dC+M7n9GbwnLTUK2kWnoklD3HTab21xJTtbF98nQ94df7doqPFxL/jongeZCGMB+PJ+BdQTtHr7tCY0kN2GXpoHxz/2w8YEWTKHhWIUsD+Utf8pDkKQfCqlm7iR7byxL51gHL9Z3Q== lass@helios";
+ mail = "lass@helios.retiolum";
+ };
};
}
diff --git a/krebs/Zhosts/helios b/krebs/Zhosts/helios
new file mode 100644
index 000000000..b34b7f180
--- /dev/null
+++ b/krebs/Zhosts/helios
@@ -0,0 +1,10 @@
+Subnet = 42:0:0:0:0:0:0:7105/128
+Subnet = 10.243.0.3/32
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEA9SItL2mhQpTl95gjSWRstrDajUnI5YbrVCuaDKfw9gRwMyPNiO/y
+Xwv/w4Ri8NCJZLZGkj2vG3X0EfJFBEPTJPTCbF9fP7PqqVs38BD41txLp+NrFxEq
+5fmFk65/eg8ujrNQoOSUGmky/BKqQhWjvxdAWuwjN933wJCcNCxyaUwljHLYEK/I
+oIJX+spnFmPwmhW9hsOj8K06eHixT13+0W48GG/ZNcV3x5vWxcKUvZ4Qtzz2iMNB
+hud5kae7xMUfFAzCeKF/zsjuyt2d/xQg1WgR8MXGNgYhNJFSXz94r/bivNO6H4vP
+Pfjndnh8cD46ADo8woS1nQ19WId+sMbipwIDAQAB
+-----END RSA PUBLIC KEY-----
diff --git a/lass/1systems/helios.nix b/lass/1systems/helios.nix
new file mode 100644
index 000000000..93b24c793
--- /dev/null
+++ b/lass/1systems/helios.nix
@@ -0,0 +1,72 @@
+{ config, pkgs, ... }:
+
+with builtins;
+{
+ imports = [
+ ../2configs/baseX.nix
+ ../2configs/browsers.nix
+ ../2configs/programs.nix
+ #{
+ # users.extraUsers = {
+ # root = {
+ # openssh.authorizedKeys.keys = map readFile [
+ # ../../krebs/Zpubkeys/uriel.ssh.pub
+ # ];
+ # };
+ # };
+ #}
+ ];
+
+ krebs.build.host = config.krebs.hosts.helios;
+
+ networking.wireless.enable = true;
+
+ hardware.enableAllFirmware = true;
+ nixpkgs.config.allowUnfree = true;
+
+ boot = {
+ loader.grub.enable = true;
+ loader.grub.version = 2;
+ loader.grub.device = "/dev/sda";
+
+ initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ];
+ initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
+ initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
+ #kernelModules = [ "kvm-intel" "msr" ];
+ kernelModules = [ "msr" ];
+ };
+ fileSystems = {
+ "/" = {
+ device = "/dev/pool/nix";
+ fsType = "ext4";
+ };
+
+ "/boot" = {
+ device = "/dev/sda1";
+ };
+ };
+
+ #services.udev.extraRules = ''
+ # SUBSYSTEM=="net", ATTR{address}=="64:27:37:7d:d8:ae", NAME="wl0"
+ # SUBSYSTEM=="net", ATTR{address}=="f0:de:f1:b8:c8:2e", NAME="et0"
+ #'';
+
+ services.xserver = {
+ videoDriver = "intel";
+ vaapiDrivers = [ pkgs.vaapiIntel ];
+ deviceSection = ''
+ Option "AccelMethod" "sna"
+ BusID "PCI:0:2:0"
+ '';
+ };
+
+ services.xserver.synaptics = {
+ enable = true;
+ twoFingerScroll = true;
+ accelFactor = "0.035";
+ additionalOptions = ''
+ Option "FingerHigh" "60"
+ Option "FingerLow" "60"
+ '';
+ };
+}