initial server config

2025-02-04 20:08:19 +01:00 · 2025-02-04 20:08:19 +01:00 · 4ef562c1da
commit 4ef562c1da
parent 1071e51afd
9 changed files with 161 additions and 37 deletions
--- a/devices/ellaca/default.nix
+++ b/devices/ellaca/default.nix
@ -0,0 +1,25 @@
 { pkgs, ... }: {
  imports = [
    ./options.nix
    ./disko.nix
  ];
  nixpkgs.hostPlatform = "x86_64-linux";
  networking.hostName = "ellaca";
  boot = {
    initrd = {
      availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ];
      kernelModules = [ "amdgpu" ];
    };
    kernelPackages = pkgs.linuxPackages_zen;
    loader = {
      systemd-boot = {
        enable = true;
        editor = false;
      };
      efi.canTouchEfiVariables = true;
    };
  };
 }
--- a/devices/ellaca/disko.nix
+++ b/devices/ellaca/disko.nix
@ -0,0 +1,50 @@
 {
  disko.devices = {
    disk = {
      main = {
        type = "disk";
        device = "/dev/sda";
        content = {
          type = "gpt";
          partitions = {
            ESP = {
              priority = 1;
              name = "BOOT";
              size = "2G";
              type = "EF00";
              content = {
                type = "filesystem";
                format = "vfat";
                mountpoint = "/boot";
                mountOptions = [ "umask=0077" ];
              };
            };
            root = {
              size = "100%";
              content = {
                type = "btrfs";
                extraArgs = [ "-f" ]; # Override existing partition
                subvolumes = {
                  "/root" = {
                    mountOptions = [ "compress=zstd" "noatime" ];
                    mountpoint = "/";
                  };
                  "/nix" = {
                    mountOptions = [ "compress=zstd" "noatime" ];
                    mountpoint = "/nix";
                  };
                  "/swap" = {
                    mountpoint = "/.swapvol";
                    swap = {
                      swapfile.size = "20M";
                    };
                  };
                };
              };
            };
          };
        };
      };
    };
  };
 }
--- a/devices/ellaca/options.nix
+++ b/devices/ellaca/options.nix
@ -0,0 +1,5 @@
 { ... }: {
  conf = {
    stateVersion = "25.05";
  };
 }
--- a/devices/inkvine/default.nix
+++ b/devices/inkvine/default.nix
@ -1,6 +1,5 @@
-{ lib, config, pkgs, ... }: let
+{ lib, pkgs, ... }: let
  inherit (lib) mkDefault;
  inherit (config.device) disks;
 in {
  imports = [
    ./options.nix
--- a/flake.lock
+++ b/flake.lock
@ -156,11 +156,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1738448366,
+        "lastModified": 1738667255,
-        "narHash": "sha256-4ATtQqBlgsGqkHTemta0ydY6f7JBRXz4Hf574NHQpkg=",
+        "narHash": "sha256-sMMQb9NydZqQ/MvvtPp+Ny0W9P0Jk0moU7SrTBlO5Vo=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "18fa9f323d8adbb0b7b8b98a8488db308210ed93",
+        "rev": "7abcf59a365430b36f84eaa452a466b11e469e33",
        "type": "github"
      },
      "original": {
@ -207,11 +207,11 @@
        "xwayland-satellite-unstable": "xwayland-satellite-unstable"
      },
      "locked": {
-        "lastModified": 1738583235,
+        "lastModified": 1738659223,
-        "narHash": "sha256-Tk5w3uqp045W/W0mDQT0swwy90ex0l3JWS2crimG8Wo=",
+        "narHash": "sha256-fr3uPkLEDdmyD3CQwFBcRDl96VmkK0Lgr21BIxqk+gY=",
        "owner": "sodiboo",
        "repo": "niri-flake",
-        "rev": "1511396846427b58f1d6ca5442a228ede7673c67",
+        "rev": "297a7208e396ab6e9de88363c538baec8d75ccbb",
        "type": "github"
      },
      "original": {
@ -240,11 +240,11 @@
    "niri-unstable": {
      "flake": false,
      "locked": {
-        "lastModified": 1738579367,
+        "lastModified": 1738654964,
-        "narHash": "sha256-820QsR/C9+Gyn3v65LHNwwW7KxSA6u6MQtky3SUrZ3A=",
+        "narHash": "sha256-30l3hOfTW1kJXcTRQsJ9f0/wE1aaTTACKb4ch6ZlLNU=",
        "owner": "YaLTeR",
        "repo": "niri",
-        "rev": "553b1ba85256e2cb290e8a67f709a14e603606bc",
+        "rev": "7d24ad23c2bc690b22b1f13ad4598dc8323d128b",
        "type": "github"
      },
      "original": {
@ -311,13 +311,28 @@
        "type": "github"
      }
    },
    "nixos-facter-modules": {
      "locked": {
        "lastModified": 1736931726,
        "narHash": "sha256-aY55yiifyo1XPPpbpH0kWlV1g2dNGBlx6622b7OK8ks=",
        "owner": "numtide",
        "repo": "nixos-facter-modules",
        "rev": "fa11d87b61b2163efbb9aed7b7a5ae0299e5ab9c",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "nixos-facter-modules",
        "type": "github"
      }
    },
    "nixos-hardware": {
      "locked": {
-        "lastModified": 1738471961,
+        "lastModified": 1738638143,
-        "narHash": "sha256-cgXDFrplNGs7bCVzXhRofjD8oJYqqXGcmUzXjHmip6Y=",
+        "narHash": "sha256-ZYMe4c4OCtIUBn5hx15PEGr0+B1cNEpl2dsaLxwY2W0=",
        "owner": "nixos",
        "repo": "nixos-hardware",
-        "rev": "537286c3c59b40311e5418a180b38034661d2536",
+        "rev": "9bdd53f5908453e4d03f395eb1615c3e9a351f70",
        "type": "github"
      },
      "original": {
@ -360,11 +375,11 @@
    },
    "nixpkgs-stable_2": {
      "locked": {
-        "lastModified": 1738435198,
+        "lastModified": 1738574474,
-        "narHash": "sha256-5+Hmo4nbqw8FrW85FlNm4IIrRnZ7bn0cmXlScNsNRLo=",
+        "narHash": "sha256-rvyfF49e/k6vkrRTV4ILrWd92W+nmBDfRYZgctOyolQ=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "f6687779bf4c396250831aa5a32cbfeb85bb07a3",
+        "rev": "fecfeb86328381268e29e998ddd3ebc70bbd7f7c",
        "type": "github"
      },
      "original": {
@ -376,11 +391,11 @@
    },
    "nixpkgs_2": {
      "locked": {
-        "lastModified": 1738410390,
+        "lastModified": 1738546358,
-        "narHash": "sha256-xvTo0Aw0+veek7hvEVLzErmJyQkEcRk6PSR4zsRQFEc=",
+        "narHash": "sha256-nLivjIygCiqLp5QcL7l56Tca/elVqM9FG1hGd9ZSsrg=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "3a228057f5b619feb3186e986dbe76278d707b6e",
+        "rev": "c6e957d81b96751a3d5967a0fd73694f303cc914",
        "type": "github"
      },
      "original": {
@ -392,11 +407,11 @@
    },
    "nixpkgs_3": {
      "locked": {
-        "lastModified": 1738142207,
+        "lastModified": 1738546358,
-        "narHash": "sha256-NGqpVVxNAHwIicXpgaVqJEJWeyqzoQJ9oc8lnK9+WC4=",
+        "narHash": "sha256-nLivjIygCiqLp5QcL7l56Tca/elVqM9FG1hGd9ZSsrg=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "9d3ae807ebd2981d593cddd0080856873139aa40",
+        "rev": "c6e957d81b96751a3d5967a0fd73694f303cc914",
        "type": "github"
      },
      "original": {
@ -413,11 +428,11 @@
        "treefmt-nix": "treefmt-nix"
      },
      "locked": {
-        "lastModified": 1738362438,
+        "lastModified": 1738694087,
-        "narHash": "sha256-EO2dVkMVLThWqv4hobEZEZGWBEuH2Z9SYqQDrbLSclU=",
+        "narHash": "sha256-DUBa5JGTIZcVfCc6CZ1jmGoQY8Ie0SnPhtot6cgTBks=",
        "owner": "nix-community",
        "repo": "nur",
-        "rev": "95ddad0ff0e67c90314c6ca46324dce5f9a910d2",
+        "rev": "970503e14416cb2ba6efbabb2a4519e68221fd46",
        "type": "github"
      },
      "original": {
@ -460,6 +475,7 @@
        "lanzaboote": "lanzaboote",
        "niri": "niri",
        "nix-alien": "nix-alien",
        "nixos-facter-modules": "nixos-facter-modules",
        "nixos-hardware": "nixos-hardware",
        "nixpkgs": "nixpkgs_2",
        "nur": "nur"
--- a/flake.nix
+++ b/flake.nix
@ -35,6 +35,10 @@
    nix-alien = {
      url = "github:thiagokokada/nix-alien";
    };
    nixos-facter-modules = {
      url = "github:numtide/nixos-facter-modules";
    };
  };
  outputs = inputs: import ./outputs.nix inputs;
--- a/modules/server/default.nix
+++ b/modules/server/default.nix
@ -0,0 +1,9 @@
 { config, ... }: let
  inherit (config) conf;
 in {
  imports = [
    ./ssh
  ];
  system.stateVersion = conf.stateVersion;
 }
--- a/modules/server/ssh/default.nix
+++ b/modules/server/ssh/default.nix
@ -0,0 +1,7 @@
 { ... }: {
  services.openssh.enable = true;
  users.users.root.openssh.authorizedKeys.keys = [
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB5i6DgsV5wbkkEJzFbN624Sz0CKg9LGplfJUjeCpAdE"
  ];
 }
--- a/outputs.nix
+++ b/outputs.nix
@ -1,13 +1,4 @@
-{ nixpkgs,  home-manager, nixos-hardware, disko, niri, lanzaboote, ... }@inputs: let
+{ nixpkgs,  home-manager, nixos-hardware, disko, niri, lanzaboote, nixos-facter-modules, ... }@inputs: {
  modules = [
    ./modules
    ./options.nix
    niri.nixosModules.niri
    home-manager.nixosModules.home-manager
    lanzaboote.nixosModules.lanzaboote
    disko.nixosModules.disko
  ];
 in {
  nixosConfigurations = {
    # Framework Laptop 13
    # AMD Ryzen 5 7640U
@ -19,9 +10,27 @@ in {
        inherit inputs;
      };
      modules = [
        ./options.nix
        ./devices/inkvine
        ./modules
        niri.nixosModules.niri
        home-manager.nixosModules.home-manager
        lanzaboote.nixosModules.lanzaboote
        nixos-hardware.nixosModules.framework-13-7040-amd
-      ] ++ modules;
+      ];
    };
    ellaca = nixpkgs.lib.nixosSystem {
      system = "x86_64-linux";
      specialArgs = {
        inherit inputs;
      };
      modules = [
        ./options.nix
        ./devices/ellaca
        ./modules/server
        disko.nixosModules.disko
      ];
    };
  };
 }