From f2af8d0a7536898d1f24e8e3235c944e8d2b0f4c Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Thu, 28 Mar 2024 18:06:41 +0100 Subject: [PATCH] quitte: move back to bare-metal Das Proxmox ist tot. Lang lebe NixOS! --- flake.nix | 4 +- hosts/quitte/configuration.nix | 16 ++++---- hosts/quitte/hardware-configuration.nix | 52 +++++++++++++++---------- hosts/quitte/network.nix | 6 +-- modules/core/initrd-ssh.nix | 2 +- 5 files changed, 42 insertions(+), 38 deletions(-) diff --git a/flake.nix b/flake.nix index e55c42f..edf868b 100755 --- a/flake.nix +++ b/flake.nix @@ -44,9 +44,7 @@ quitte = self.nixosConfigurations.quitte.config.system.build.toplevel; tomate = self.nixosConfigurations.tomate.config.system.build.toplevel; }); - formatters = forAllSystems (system: { - default = pkgs.${system}.nixpkgs-fmt; - }); + formatter = forAllSystems (system: pkgs.${system}.nixpkgs-fmt); hydraJobs = forAllSystems (system: { quitte = self.packages.${system}.quitte; }); diff --git a/hosts/quitte/configuration.nix b/hosts/quitte/configuration.nix index 2516a8d..56ca69c 100644 --- a/hosts/quitte/configuration.nix +++ b/hosts/quitte/configuration.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ pkgs, config, ... }: { imports = @@ -7,22 +7,22 @@ ./network.nix ]; - # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; - #boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; - #boot.kernelParams = [ "video=VGA-1:1024x768@30" ]; + # boot.kernelParams = [ "video=VGA-1:1024x768@30" ]; boot.loader.efi.canTouchEfiVariables = true; - #boot.supportedFilesystems = [ "zfs" ]; - #boot.zfs.devNodes = "/dev/"; + boot.supportedFilesystems = [ "zfs" ]; + boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; + boot.zfs = { + forceImportRoot = true; + }; - services.qemuGuest.enable = true; + # services.qemuGuest.enable = true; # Set your time zone. time.timeZone = "Europe/Berlin"; i18n.defaultLocale = "en_US.UTF-8"; # List packages installed in system profile. To search, run: - # $ nix search wget environment.systemPackages = with pkgs; [ vim wget diff --git a/hosts/quitte/hardware-configuration.nix b/hosts/quitte/hardware-configuration.nix index 3c7c759..52d637e 100644 --- a/hosts/quitte/hardware-configuration.nix +++ b/hosts/quitte/hardware-configuration.nix @@ -1,42 +1,52 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. { config, lib, modulesPath, ... }: { - imports = - [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; + boot.initrd.availableKernelModules = [ "megaraid_sas" "xhci_pci" "nvme" "ahci" "usbhid" "usb_storage" "sd_mod" "sr_mod" ]; boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; fileSystems."/" = { - device = "/dev/disk/by-uuid/4d57c7c1-ed70-4fb1-af4c-4ba027b75248"; - fsType = "ext4"; + device = "rpool/nixos/root"; + fsType = "zfs"; }; - boot.initrd.luks.devices."luksroot".device = "/dev/disk/by-uuid/cfb9b37e-152d-45e9-b75d-88d71471be45"; + fileSystems."/home" = + { + device = "rpool/nixos/home"; + fsType = "zfs"; + }; + + fileSystems."/nix" = + { + device = "rpool/nixos/nixnew"; + fsType = "zfs"; + }; + + fileSystems."/var/lib" = + { + device = "rpool/nixos/var/lib"; + fsType = "zfs"; + }; + + fileSystems."/var/log" = + { + device = "rpool/nixos/var/log"; + fsType = "zfs"; + }; fileSystems."/boot" = { - device = "/dev/disk/by-uuid/06C4-1FDB"; + device = "/dev/disk/by-uuid/3278-8D00"; fsType = "vfat"; }; swapDevices = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.ens18.useDHCP = lib.mkDefault true; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/hosts/quitte/network.nix b/hosts/quitte/network.nix index 8e53868..03fba0e 100644 --- a/hosts/quitte/network.nix +++ b/hosts/quitte/network.nix @@ -13,9 +13,6 @@ in domain = "ifsr.de"; hostName = "quitte"; rDNS = config.networking.fqdn; - enableIPv6 = true; - useDHCP = true; - interfaces.ens18.useDHCP = true; useNetworkd = true; nftables.enable = true; @@ -23,7 +20,6 @@ in allowedUDPPorts = [ wireguard_port ]; logRefusedConnections = false; }; - wireguard.enable = true; }; services.resolved = { @@ -37,7 +33,7 @@ in # Interfaces on the machine networks."10-wired-default" = { - matchConfig.Name = "ens18"; + matchConfig.Name = "enp65s0f0np0"; address = [ "141.30.30.169/25" ]; routes = [ diff --git a/modules/core/initrd-ssh.nix b/modules/core/initrd-ssh.nix index da26fea..6b7a1a9 100644 --- a/modules/core/initrd-ssh.nix +++ b/modules/core/initrd-ssh.nix @@ -12,7 +12,7 @@ enable = true; networks."10-wired-default" = config.systemd.network.networks."10-wired-default"; }; - users.root.shell = "/bin/systemd-tty-ask-password-agent"; + users.root.shell = "/bin/zfs load-key rpool/nixos"; }; network = { enable = true;