diff options
| author | Karel Kočí <cynerd@email.cz> | 2022-02-21 21:54:09 +0100 |
|---|---|---|
| committer | Karel Kočí <cynerd@email.cz> | 2022-06-10 14:05:48 +0200 |
| commit | 93b0545d11bf8c7f065203f7f3eaf1d0e3730dce (patch) | |
| tree | da93fa5fcd14c493d8ccd86c98f40d26c9697869 /nixos/machine | |
| download | nixos-personal-93b0545d11bf8c7f065203f7f3eaf1d0e3730dce.tar.gz nixos-personal-93b0545d11bf8c7f065203f7f3eaf1d0e3730dce.tar.bz2 nixos-personal-93b0545d11bf8c7f065203f7f3eaf1d0e3730dce.zip | |
Add initial version
Diffstat (limited to 'nixos/machine')
| -rw-r--r-- | nixos/machine/adm-mpd.nix | 23 | ||||
| -rw-r--r-- | nixos/machine/adm-omnia.nix | 10 | ||||
| -rw-r--r-- | nixos/machine/adm-omnia2.nix | 10 | ||||
| -rw-r--r-- | nixos/machine/albert.nix | 31 | ||||
| -rw-r--r-- | nixos/machine/binky.nix | 60 | ||||
| -rw-r--r-- | nixos/machine/default.nix | 17 | ||||
| -rw-r--r-- | nixos/machine/errol.nix | 35 | ||||
| -rw-r--r-- | nixos/machine/lipwig.nix | 58 | ||||
| -rw-r--r-- | nixos/machine/ridcully.nix | 31 | ||||
| -rw-r--r-- | nixos/machine/spt-mox.nix | 31 | ||||
| -rw-r--r-- | nixos/machine/spt-mox2.nix | 78 | ||||
| -rw-r--r-- | nixos/machine/spt-mpd.nix | 23 | ||||
| -rw-r--r-- | nixos/machine/spt-omnia.nix | 10 | ||||
| -rw-r--r-- | nixos/machine/susan.nix | 26 |
14 files changed, 443 insertions, 0 deletions
diff --git a/nixos/machine/adm-mpd.nix b/nixos/machine/adm-mpd.nix new file mode 100644 index 0000000..3e103e1 --- /dev/null +++ b/nixos/machine/adm-mpd.nix @@ -0,0 +1,23 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + + config = { + fileSystems = { + "/" = { + device = "/dev/mmcblk0p2"; + options = ["compress=lzo" "subvol=@nix"]; + }; + "/home" = { + device = "/dev/mmcblk0p2"; + options = ["compress=lzo" "subvol=@home"]; + }; + "/boot" = { + device = "/dev/mmcblk0p1"; + }; + }; + }; + +} diff --git a/nixos/machine/adm-omnia.nix b/nixos/machine/adm-omnia.nix new file mode 100644 index 0000000..21bfeb6 --- /dev/null +++ b/nixos/machine/adm-omnia.nix @@ -0,0 +1,10 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + + config = { + }; + +} diff --git a/nixos/machine/adm-omnia2.nix b/nixos/machine/adm-omnia2.nix new file mode 100644 index 0000000..21bfeb6 --- /dev/null +++ b/nixos/machine/adm-omnia2.nix @@ -0,0 +1,10 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + + config = { + }; + +} diff --git a/nixos/machine/albert.nix b/nixos/machine/albert.nix new file mode 100644 index 0000000..0adad68 --- /dev/null +++ b/nixos/machine/albert.nix @@ -0,0 +1,31 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + + config = { + cynerd.desktop.enable = true; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/1c9bafac-fcf8-41c4-b394-bca5917ca82d"; + options = ["compress=lzo" "subvol=@nix"]; + }; + "/home" = { + device = "/dev/disk/by-uuid/1c9bafac-fcf8-41c4-b394-bca5917ca82d"; + options = ["compress=lzo" "subvol=@home"]; + }; + "/boot" = { + device = "/dev/disk/by-uuid/E403-124B"; + }; + + "/home2" = { + device = "/dev/disk/by-uuid/55e177a1-215e-475b-ba9c-771b5fa3f8f0"; + options = ["compress=lzo" "subvol=@home"]; + }; + }; + + }; + +} diff --git a/nixos/machine/binky.nix b/nixos/machine/binky.nix new file mode 100644 index 0000000..849c719 --- /dev/null +++ b/nixos/machine/binky.nix @@ -0,0 +1,60 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + + config = { + cynerd = { + desktop = { + enable = true; + laptop = true; + }; + wifiClient = true; + develop = true; + }; + + boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usb_storage" "sd_mod"]; + boot.kernelModules = ["kvm-amd"]; + + boot.initrd.luks.devices = { + "encroot".device = "/dev/disk/by-uuid/b317feb5-d68d-4ec3-a24f-0307c116cac8"; + }; + fileSystems = { + "/" = { + device = "/dev/mapper/encroot"; + fsType = "btrfs"; + options = ["compress=lzo" "subvol=@"]; + }; + "/nix" = { + device = "/dev/mapper/encroot"; + fsType = "btrfs"; + options = ["compress=lzo" "subvol=@nix"]; + }; + "/home" = { + device = "/dev/mapper/encroot"; + fsType = "btrfs"; + options = ["compress=lzo" "subvol=@home"]; + }; + "/boot" = { + device = "/dev/disk/by-uuid/8F7D-A154"; + fsType = "vfat"; + }; + }; + + services.syncthing = { + enable = true; + user = mkDefault "cynerd"; + group = mkDefault "cynerd"; + openDefaultPorts = true; + + overrideDevices = false; + overrideFolders = false; + + dataDir = "/home/cynerd"; + configDir = "/home/cynerd/.config/syncthing"; + }; + + }; + +} diff --git a/nixos/machine/default.nix b/nixos/machine/default.nix new file mode 100644 index 0000000..bfd2594 --- /dev/null +++ b/nixos/machine/default.nix @@ -0,0 +1,17 @@ +{ + machine-albert = import ./albert.nix; + machine-binky = import ./binky.nix; + machine-errol = import ./errol.nix; + machine-lipwig = import ./lipwig.nix; + machine-ridcully = import ./ridcully.nix; + machine-susan = import ./susan.nix; + + machine-spt-omnia = import ./spt-omnia.nix; + machine-spt-mox = import ./spt-mox.nix; + machine-spt-mox2 = import ./spt-mox2.nix; + machine-spt-mpd = import ./spt-mpd.nix; + + machine-adm-omnia = import ./adm-omnia.nix; + machine-adm-omnia2 = import ./adm-omnia2.nix; + machine-adm-mpd = import ./spt-mpd.nix; +} diff --git a/nixos/machine/errol.nix b/nixos/machine/errol.nix new file mode 100644 index 0000000..707d8eb --- /dev/null +++ b/nixos/machine/errol.nix @@ -0,0 +1,35 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + + config = { + cynerd.desktop.enable = true; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/b4b3dd52-29d0-4cb9-91c9-694dfcd9672c"; + options = ["compress=lzo" "subvol=@nix"]; + }; + "/home" = { + device = "/dev/disk/by-uuid/b4b3dd52-29d0-4cb9-91c9-694dfcd9672c"; + options = ["compress=lzo" "subvol=@home"]; + }; + "/boot" = { + device = "/dev/disk/by-uuid/87B0-A1D5"; + }; + + "/home2" = { + device = "/dev/disk/by-uuid/259d078f-b3d9-4bcc-90cc-6a0d7271a03d"; + options = ["compress=lzo" "subvol=@home"]; + }; + "/var/build" = { + device = "/dev/disk/by-uuid/259d078f-b3d9-4bcc-90cc-6a0d7271a03d"; + options = ["compress=lzo" "subvol=@build" "uid=build" "gid=build"]; + }; + }; + + }; + +} diff --git a/nixos/machine/lipwig.nix b/nixos/machine/lipwig.nix new file mode 100644 index 0000000..aa3d448 --- /dev/null +++ b/nixos/machine/lipwig.nix @@ -0,0 +1,58 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + + config = { + boot.isContainer = true; + boot.loader.initScript.enable = true; + + cynerd.openvpn.enable = true; + + # Git ###################################################################### + services.gitolite = { + enable = false; + user = "git"; + group = "git"; + dataDir = "/var/lib/git"; + adminPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIaMmBV0wPvG5JQIWxi20IDlLokhRBumTEbUUD9TNWoY Bootstrap gitolite key"; + }; + services.gitDaemon = { + enable = false; + user = "gitdemon"; + group = "gitdaemon"; + basePath = "/var/lib/git/repositories"; + }; + + # CalDAV and CardDAV ####################################################### + services.radicale = { + enable = true; + settings = { + server = { + hosts = [ "0.0.0.0:5232" "[::]:5232" ]; + ssl = true; + certificate = "/run/secrets/radicale/radicale.crt"; + key = "/run/secrets/radicale/radicale.key"; + }; + encoding = { + request = "utf-8"; + stock = "utf-8"; + }; + auth = { + type = "htpasswd"; + htpasswd_filename = "/run/secrets/radicale/users"; + htpasswd_encryption = "bcrypt"; + delay = 1; + }; + storage = { + filesystem_folder = "/var/lib/radicale/"; + }; + web = { + type = "none"; + }; + }; + }; + }; + +} diff --git a/nixos/machine/ridcully.nix b/nixos/machine/ridcully.nix new file mode 100644 index 0000000..882f967 --- /dev/null +++ b/nixos/machine/ridcully.nix @@ -0,0 +1,31 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + + config = { + cynerd.desktop.enable = true; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/3b3063aa-c284-4075-bb37-8820df12a2f5"; + options = ["compress=lzo" "subvol=@nix"]; + }; + "/home" = { + device = "/dev/disk/by-uuid/3b3063aa-c284-4075-bb37-8820df12a2f5"; + options = ["compress=lzo" "subvol=@home"]; + }; + "/boot" = { + device = "/dev/disk/by-uuid/C1A0-B7C9"; + }; + + "/home2" = { + device = "/dev/disk/by-uuid/c9aa0b7b-7482-4d4a-bcc3-8bd6a853ae7f"; + options = ["compress=lzo" "subvol=@home"]; + }; + }; + + }; + +} diff --git a/nixos/machine/spt-mox.nix b/nixos/machine/spt-mox.nix new file mode 100644 index 0000000..eb304b2 --- /dev/null +++ b/nixos/machine/spt-mox.nix @@ -0,0 +1,31 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + + config = { + networking = { + vlans = { + "eth0.2" = { + id = 2; + interface = "eth0"; + }; + }; + bridges = { + brlan = { + interfaces = [ + "eth0" "lan1" "lan2" "lan3" "lan4" + ]; + }; + brguest = { + interfaces = [ + "eth0.2" + ]; + }; + }; + dhcpcd.allowInterfaces = [ "brlan" ]; + }; + }; + +} diff --git a/nixos/machine/spt-mox2.nix b/nixos/machine/spt-mox2.nix new file mode 100644 index 0000000..ed6a028 --- /dev/null +++ b/nixos/machine/spt-mox2.nix @@ -0,0 +1,78 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + + config = { + + #boot.kernelPatches = [{ + # name = "rwtm"; + # patch = null; + # extraConfig = '' + # TURRIS_MOX_RWTM y + # ARMADA_37XX_RWTM_MBOX y + # ''; + #}]; + + networking.hostapd = { + "mlan0" = { + countryCode = "CZ"; + ssid = "TurrisRules"; + wpa = true; + wpaPskFile = "/run/secrets/wifi/TurrisRules.psk"; + }; + "wlp1s0" = { + countryCode = "CZ"; + hwMode = "a"; + channel = 36; + ieee80211ac = true; + ht_capab = ["HT40+" "LDPC" "SHORT-GI-20" "SHORT-GI-40" "TX-STBC" "RX-STBC1" "MAX-AMSDU-7935" "DSSS_CCK-40"]; + vht_capab = ["RXLDPC" "SHORT-GI-80" "TX-STBC-2BY1" "RX-ANTENNA-PATTERN" "TX-ANTENNA-PATTERN" "RX-STBC-1" "MAX-MPDU-11454" "MAX-A-MPDU-LEN-EXP7"]; + ssid = "TurrisRules5"; + wpa = true; + wpaPskFile = "/run/secrets/wifi/TurrisRules5.psk"; + bss = { + "wlp1s0host" = { + ssid = "NixTurris5Guest"; + wpa = true; + wpaPassphrase = "somepassword"; + }; + }; + }; + }; + + networking = { + vlans = { + "eth0.2" = { + id = 2; + interface = "eth0"; + }; + }; + bridges = { + brlan = { + interfaces = [ + "eth0" #"mlan0" "wlp1s0" + ]; + }; + brguest = { + interfaces = [ + "eth0.2" #"mlan0host" "wlp1s0host" + ]; + }; + }; + interfaces.brlan = { + ipv4 = { + addresses = [{ + address = config.cynerd.hosts.spt.mox2; + prefixLength = 24; + }]; + }; + }; + defaultGateway = config.cynerd.hosts.spt.omnia; + nameservers = [ config.cynerd.hosts.spt.omnia "1.1.1.1" "8.8.8.8" ]; + dhcpcd.allowInterfaces = [ "brlan" ]; + }; + }; + +} diff --git a/nixos/machine/spt-mpd.nix b/nixos/machine/spt-mpd.nix new file mode 100644 index 0000000..3e103e1 --- /dev/null +++ b/nixos/machine/spt-mpd.nix @@ -0,0 +1,23 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + + config = { + fileSystems = { + "/" = { + device = "/dev/mmcblk0p2"; + options = ["compress=lzo" "subvol=@nix"]; + }; + "/home" = { + device = "/dev/mmcblk0p2"; + options = ["compress=lzo" "subvol=@home"]; + }; + "/boot" = { + device = "/dev/mmcblk0p1"; + }; + }; + }; + +} diff --git a/nixos/machine/spt-omnia.nix b/nixos/machine/spt-omnia.nix new file mode 100644 index 0000000..21bfeb6 --- /dev/null +++ b/nixos/machine/spt-omnia.nix @@ -0,0 +1,10 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + + config = { + }; + +} diff --git a/nixos/machine/susan.nix b/nixos/machine/susan.nix new file mode 100644 index 0000000..b452ed9 --- /dev/null +++ b/nixos/machine/susan.nix @@ -0,0 +1,26 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + + config = { + cynerd.desktop.enable = true; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/e092a3ad-fb32-44fa-bc1f-14c2733da033"; + options = ["compress=lzo" "subvol=@nix"]; + }; + "/home" = { + device = "/dev/disk/by-uuid/e092a3ad-fb32-44fa-bc1f-14c2733da033"; + options = ["compress=lzo" "subvol=@home"]; + }; + "/boot" = { + device = "/dev/disk/by-uuid/EB3E-3635"; + }; + }; + + }; + +} |