update README

2023-11-23 16:03:07 +01:00 · 2023-11-23 16:03:07 +01:00 · 44713c6933
commit 44713c6933
parent 658f9449fc
9 changed files with 422 additions and 43 deletions
--- a/nix/os/devices/sj-bm-hostkey0/configuration.nix
+++ b/nix/os/devices/sj-bm-hostkey0/configuration.nix
@ -0,0 +1,122 @@
+{
+  modulesPath,
+  repoFlake,
+  packages',
+  pkgs,
+  lib,
+  config,
+  nodeFlake,
+  nodeName,
+  system,
+  ...
+}: let
+in {
+  disabledModules = [
+    # "services/networking/hostapd.nix"
+  ];
+
+  imports = [
+    nodeFlake.inputs.disko.nixosModules.disko
+    repoFlake.inputs.sops-nix.nixosModules.sops
+
+    ../../profiles/common/user.nix
+
+    # TODO
+    # ./network.nix
+    # ./monitoring.nix
+    {
+      services.openssh.enable = true;
+      services.openssh.settings.PermitRootLogin = "yes";
+
+      users.commonUsers = {
+        enable = true;
+        enableNonRoot = true;
+        # rootPasswordFile = config.sops.secrets.passwords-root.path;
+      };
+    }
+  ];
+
+  boot = {
+    kernel = {
+      sysctl = {
+        "net.ipv4.conf.all.forwarding" = true;
+        "net.ipv6.conf.all.forwarding" = true;
+      };
+    };
+  };
+
+  networking = {
+    hostName = nodeName;
+    useNetworkd = true;
+    useDHCP = true;
+
+    # No local firewall.
+    nat.enable = true;
+    firewall.enable = false;
+  };
+
+  disko.devices = let
+    disk = id: {
+      type = "disk";
+      device = "/dev/${id}";
+      content = {
+        type = "gpt";
+        partitions = {
+          boot = {
+            size = "1M";
+            type = "EF02"; # for grub MBR
+          };
+          mdadm = {
+            size = "100%";
+            content = {
+              type = "mdraid";
+              name = "raid0";
+            };
+          };
+        };
+      };
+    };
+  in {
+    disk = {
+      sda = disk "sda";
+      sdb = disk "sdb";
+      sdc = disk "sdc";
+      sdd = disk "sdd";
+    };
+    mdadm = {
+      raid0 = {
+        type = "mdadm";
+        level = 0;
+        content = {
+          type = "gpt";
+          partitions = {
+            primary = {
+              size = "100%";
+              content = {
+                type = "filesystem";
+                format = "btrfs";
+                mountpoint = "/";
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+
+  system.stateVersion = "23.05";
+
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+  boot.initrd.includeDefaultModules = true;
+  boot.initrd.kernelModules = [
+    "dm-raid"
+    "dm-integrity"
+    "xhci_pci_renesas"
+  ];
+
+  hardware.enableRedistributableFirmware = true;
+
+  environment.systemPackages = [
+    pkgs.hdparm
+  ];
+}