diff options
Diffstat (limited to 'krebs')
-rw-r--r-- | krebs/1systems/arcadeomat/config.nix | 87 | ||||
-rw-r--r-- | krebs/1systems/arcadeomat/hw.nix | 25 | ||||
-rw-r--r-- | krebs/3modules/krebs/default.nix | 24 |
3 files changed, 136 insertions, 0 deletions
diff --git a/krebs/1systems/arcadeomat/config.nix b/krebs/1systems/arcadeomat/config.nix new file mode 100644 index 000000000..8a2b0202e --- /dev/null +++ b/krebs/1systems/arcadeomat/config.nix @@ -0,0 +1,87 @@ +{ config,lib, pkgs, ... }: +let + shack-ip = config.krebs.build.host.nets.shack.ip4.addr; + ext-if = "et0"; + external-mac = "52:54:b0:0b:af:fe"; + mainUser = "krebs"; + +in +{ + imports = [ + ./hw.nix + <stockholm/krebs> + <stockholm/krebs/2configs> + + #<stockholm/krebs/2configs/binary-cache/nixos.nix> + #<stockholm/krebs/2configs/binary-cache/prism.nix> + + <stockholm/krebs/2configs/shack/ssh-keys.nix> + <stockholm/krebs/2configs/save-diskspace.nix> + <stockholm/krebs/2configs/shack/prometheus/node.nix> + + ]; + # use your own binary cache, fallback use cache.nixos.org (which is used by + # apt-cacher-ng in first place) + + # local discovery in shackspace + nixpkgs.config.packageOverrides = pkgs: { tinc = pkgs.tinc_pre; }; + krebs.tinc.retiolum.extraConfig = "TCPOnly = yes"; + + + #networking = { + # firewall.enable = false; + # firewall.allowedTCPPorts = [ 8088 8086 8083 ]; + # interfaces."${ext-if}".ipv4.addresses = [ + # { + # address = shack-ip; + # prefixLength = 20; + # } + # ]; + + # defaultGateway = "10.42.0.1"; + # nameservers = [ "10.42.0.100" "10.42.0.200" ]; + #}; + + ##################### + # uninteresting stuff + ##################### + krebs.build.host = config.krebs.hosts.arcadeomat; + users.users."${mainUser}" = { + uid = 9001; + extraGroups = [ "audio" "video" ]; + isNormalUser = true; + }; + boot.kernel.sysctl = { + # Enable IPv6 Privacy Extensions + "net.ipv6.conf.all.use_tempaddr" = 2; + "net.ipv6.conf.default.use_tempaddr" = 2; + }; + + + time.timeZone = "Europe/Berlin"; + + # avahi + services.avahi = { + enable = true; + wideArea = false; + }; + environment.systemPackages = with pkgs;[ glxinfo sdlmame ]; + nixpkgs.config.allowUnfree = true; + hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.legacy_340; + boot.kernelPackages = pkgs.linuxPackages_5_4; + + services.xserver = { + videoDrivers = [ "nvidia" ]; + enable = true; + windowManager = { + awesome.enable = true; + awesome.noArgb = true; + awesome.luaModules = [ pkgs.luaPackages.vicious ]; + }; + displayManager.defaultSession = lib.mkDefault "none+awesome"; + displayManager.autoLogin = { + enable = true; + user = mainUser; + }; + }; +} diff --git a/krebs/1systems/arcadeomat/hw.nix b/krebs/1systems/arcadeomat/hw.nix new file mode 100644 index 000000000..b24deeecb --- /dev/null +++ b/krebs/1systems/arcadeomat/hw.nix @@ -0,0 +1,25 @@ + +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "ahci" "ohci_pci" "ehci_pci" "pata_atiixp" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/0aae456e-0548-4917-a282-11d5d4e403cf"; + fsType = "ext4"; + }; + + swapDevices = [ ]; + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "/dev/sda"; + boot.loader.grub.copyKernels = true; + +} diff --git a/krebs/3modules/krebs/default.nix b/krebs/3modules/krebs/default.nix index 776b893f5..f796f0323 100644 --- a/krebs/3modules/krebs/default.nix +++ b/krebs/3modules/krebs/default.nix @@ -187,6 +187,30 @@ in { ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPpVwKv9mQGfcn5oFwuitq+b6Dz4jBG9sGhVoCYFw5RY"; syncthing.id = "DK5CEE2-PNUXYCE-Q42H2HP-623GART-B7KS4VK-HU2RBGQ-EK6QPUP-HUL3PAR"; }; + arcadeomat = { + ci = true; + nets = { + retiolum = { + ip4.addr = "10.243.77.67"; + aliases = [ + "arcadeomat.r" + ]; + tinc.pubkey = '' + -----BEGIN RSA PUBLIC KEY----- + MIIBCgKCAQEAzpXyEATt8+ElxPq650/fkboEC9RvTWqN6UIAl/R4Zu+uDhAZ2ekb + HBjoSbRxu/0w2I37nwWUhEOemxGm4PXCgWrtO0jeRF4nVNYu3ZBppA3vuVALUWq7 + apxRUEL9FdsWQlXGo4PVd20dGaDTi8M/Ggo755MStVTY0rRLluxyPq6VAa015sNg + 4NOFuWm0NDn4e+qrahTCTiSjbCU8rWixm0GktV40kdg0QAiFbEcRhuXF1s9/yojk + 7JT/nFg6LELjWUSSNZnioj5oSfVbThDRelIld9VaAKBAZZ5/zy6T2XSeDfoepytH + 8aw6itEuTCy1M1DTiTG+12SPPw+ubG+NqQIDAQAB + -----END RSA PUBLIC KEY----- + Ed25519PublicKey = n/HMlgTTyLa0fcXqSBO/G6sVOUYh2yZ5PfU4vLI9CJO + ''; + }; + }; + ssh.privkey.path = <secrets/ssh.id_ed25519>; + ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOu6EVN3928qWiWszqBUzOjeQJRvFozTBl4xAhBP/Ymc"; + }; wolf = { ci = true; nets = { |