initial server config

2025-02-04 20:08:19 +01:00 · 2025-02-04 20:08:19 +01:00 · 4ef562c1da
commit 4ef562c1da
parent 1071e51afd
9 changed files with 161 additions and 37 deletions
--- a/devices/ellaca/default.nix
+++ b/devices/ellaca/default.nix
@ -0,0 +1,25 @@
+{ pkgs, ... }: {
+  imports = [
+    ./options.nix
+    ./disko.nix
+  ];
+
+  nixpkgs.hostPlatform = "x86_64-linux";
+
+  networking.hostName = "ellaca";
+
+  boot = {
+    initrd = {
+      availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ];
+      kernelModules = [ "amdgpu" ];
+    };
+    kernelPackages = pkgs.linuxPackages_zen;
+    loader = {
+      systemd-boot = {
+        enable = true;
+        editor = false;
+      };
+      efi.canTouchEfiVariables = true;
+    };
+  };
+}
--- a/devices/ellaca/disko.nix
+++ b/devices/ellaca/disko.nix
@ -0,0 +1,50 @@
+{
+  disko.devices = {
+    disk = {
+      main = {
+        type = "disk";
+        device = "/dev/sda";
+        content = {
+          type = "gpt";
+          partitions = {
+            ESP = {
+              priority = 1;
+              name = "BOOT";
+              size = "2G";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+                mountOptions = [ "umask=0077" ];
+              };
+            };
+            root = {
+              size = "100%";
+              content = {
+                type = "btrfs";
+                extraArgs = [ "-f" ]; # Override existing partition
+                subvolumes = {
+                  "/root" = {
+                    mountOptions = [ "compress=zstd" "noatime" ];
+                    mountpoint = "/";
+                  };
+                  "/nix" = {
+                    mountOptions = [ "compress=zstd" "noatime" ];
+                    mountpoint = "/nix";
+                  };
+                  "/swap" = {
+                    mountpoint = "/.swapvol";
+                    swap = {
+                      swapfile.size = "20M";
+                    };
+                  };
+                };
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}
--- a/devices/ellaca/options.nix
+++ b/devices/ellaca/options.nix
@ -0,0 +1,5 @@
+{ ... }: {
+  conf = {
+    stateVersion = "25.05";
+  };
+}
--- a/devices/inkvine/default.nix
+++ b/devices/inkvine/default.nix
@ -1,6 +1,5 @@
-{ lib, config, pkgs, ... }: let
+{ lib, pkgs, ... }: let
  inherit (lib) mkDefault;
-  inherit (config.device) disks;
 in {
  imports = [
    ./options.nix
--- a/flake.lock
+++ b/flake.lock
@ -156,11 +156,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1738448366,
-        "narHash": "sha256-4ATtQqBlgsGqkHTemta0ydY6f7JBRXz4Hf574NHQpkg=",
+        "lastModified": 1738667255,
+        "narHash": "sha256-sMMQb9NydZqQ/MvvtPp+Ny0W9P0Jk0moU7SrTBlO5Vo=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "18fa9f323d8adbb0b7b8b98a8488db308210ed93",
+        "rev": "7abcf59a365430b36f84eaa452a466b11e469e33",
        "type": "github"
      },
      "original": {
@ -207,11 +207,11 @@
        "xwayland-satellite-unstable": "xwayland-satellite-unstable"
      },
      "locked": {
-        "lastModified": 1738583235,
-        "narHash": "sha256-Tk5w3uqp045W/W0mDQT0swwy90ex0l3JWS2crimG8Wo=",
+        "lastModified": 1738659223,
+        "narHash": "sha256-fr3uPkLEDdmyD3CQwFBcRDl96VmkK0Lgr21BIxqk+gY=",
        "owner": "sodiboo",
        "repo": "niri-flake",
-        "rev": "1511396846427b58f1d6ca5442a228ede7673c67",
+        "rev": "297a7208e396ab6e9de88363c538baec8d75ccbb",
        "type": "github"
      },
      "original": {
@ -240,11 +240,11 @@
    "niri-unstable": {
      "flake": false,
      "locked": {
-        "lastModified": 1738579367,
-        "narHash": "sha256-820QsR/C9+Gyn3v65LHNwwW7KxSA6u6MQtky3SUrZ3A=",
+        "lastModified": 1738654964,
+        "narHash": "sha256-30l3hOfTW1kJXcTRQsJ9f0/wE1aaTTACKb4ch6ZlLNU=",
        "owner": "YaLTeR",
        "repo": "niri",
-        "rev": "553b1ba85256e2cb290e8a67f709a14e603606bc",
+        "rev": "7d24ad23c2bc690b22b1f13ad4598dc8323d128b",
        "type": "github"
      },
      "original": {
@ -311,13 +311,28 @@
        "type": "github"
      }
    },
+    "nixos-facter-modules": {
+      "locked": {
+        "lastModified": 1736931726,
+        "narHash": "sha256-aY55yiifyo1XPPpbpH0kWlV1g2dNGBlx6622b7OK8ks=",
+        "owner": "numtide",
+        "repo": "nixos-facter-modules",
+        "rev": "fa11d87b61b2163efbb9aed7b7a5ae0299e5ab9c",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "nixos-facter-modules",
+        "type": "github"
+      }
+    },
    "nixos-hardware": {
      "locked": {
-        "lastModified": 1738471961,
-        "narHash": "sha256-cgXDFrplNGs7bCVzXhRofjD8oJYqqXGcmUzXjHmip6Y=",
+        "lastModified": 1738638143,
+        "narHash": "sha256-ZYMe4c4OCtIUBn5hx15PEGr0+B1cNEpl2dsaLxwY2W0=",
        "owner": "nixos",
        "repo": "nixos-hardware",
-        "rev": "537286c3c59b40311e5418a180b38034661d2536",
+        "rev": "9bdd53f5908453e4d03f395eb1615c3e9a351f70",
        "type": "github"
      },
      "original": {
@ -360,11 +375,11 @@
    },
    "nixpkgs-stable_2": {
      "locked": {
-        "lastModified": 1738435198,
-        "narHash": "sha256-5+Hmo4nbqw8FrW85FlNm4IIrRnZ7bn0cmXlScNsNRLo=",
+        "lastModified": 1738574474,
+        "narHash": "sha256-rvyfF49e/k6vkrRTV4ILrWd92W+nmBDfRYZgctOyolQ=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "f6687779bf4c396250831aa5a32cbfeb85bb07a3",
+        "rev": "fecfeb86328381268e29e998ddd3ebc70bbd7f7c",
        "type": "github"
      },
      "original": {
@ -376,11 +391,11 @@
    },
    "nixpkgs_2": {
      "locked": {
-        "lastModified": 1738410390,
-        "narHash": "sha256-xvTo0Aw0+veek7hvEVLzErmJyQkEcRk6PSR4zsRQFEc=",
+        "lastModified": 1738546358,
+        "narHash": "sha256-nLivjIygCiqLp5QcL7l56Tca/elVqM9FG1hGd9ZSsrg=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "3a228057f5b619feb3186e986dbe76278d707b6e",
+        "rev": "c6e957d81b96751a3d5967a0fd73694f303cc914",
        "type": "github"
      },
      "original": {
@ -392,11 +407,11 @@
    },
    "nixpkgs_3": {
      "locked": {
-        "lastModified": 1738142207,
-        "narHash": "sha256-NGqpVVxNAHwIicXpgaVqJEJWeyqzoQJ9oc8lnK9+WC4=",
+        "lastModified": 1738546358,
+        "narHash": "sha256-nLivjIygCiqLp5QcL7l56Tca/elVqM9FG1hGd9ZSsrg=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "9d3ae807ebd2981d593cddd0080856873139aa40",
+        "rev": "c6e957d81b96751a3d5967a0fd73694f303cc914",
        "type": "github"
      },
      "original": {
@ -413,11 +428,11 @@
        "treefmt-nix": "treefmt-nix"
      },
      "locked": {
-        "lastModified": 1738362438,
-        "narHash": "sha256-EO2dVkMVLThWqv4hobEZEZGWBEuH2Z9SYqQDrbLSclU=",
+        "lastModified": 1738694087,
+        "narHash": "sha256-DUBa5JGTIZcVfCc6CZ1jmGoQY8Ie0SnPhtot6cgTBks=",
        "owner": "nix-community",
        "repo": "nur",
-        "rev": "95ddad0ff0e67c90314c6ca46324dce5f9a910d2",
+        "rev": "970503e14416cb2ba6efbabb2a4519e68221fd46",
        "type": "github"
      },
      "original": {
@ -460,6 +475,7 @@
        "lanzaboote": "lanzaboote",
        "niri": "niri",
        "nix-alien": "nix-alien",
+        "nixos-facter-modules": "nixos-facter-modules",
        "nixos-hardware": "nixos-hardware",
        "nixpkgs": "nixpkgs_2",
        "nur": "nur"
--- a/flake.nix
+++ b/flake.nix
@ -35,6 +35,10 @@
    nix-alien = {
      url = "github:thiagokokada/nix-alien";
    };
+
+    nixos-facter-modules = {
+      url = "github:numtide/nixos-facter-modules";
+    };
  };

  outputs = inputs: import ./outputs.nix inputs;
--- a/modules/server/default.nix
+++ b/modules/server/default.nix
@ -0,0 +1,9 @@
+{ config, ... }: let
+  inherit (config) conf;
+in {
+  imports = [
+    ./ssh
+  ];
+
+  system.stateVersion = conf.stateVersion;
+}
--- a/modules/server/ssh/default.nix
+++ b/modules/server/ssh/default.nix
@ -0,0 +1,7 @@
+{ ... }: {
+  services.openssh.enable = true;
+
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB5i6DgsV5wbkkEJzFbN624Sz0CKg9LGplfJUjeCpAdE"
+  ];
+}
--- a/outputs.nix
+++ b/outputs.nix
@ -1,13 +1,4 @@
-{ nixpkgs,  home-manager, nixos-hardware, disko, niri, lanzaboote, ... }@inputs: let
-  modules = [
-    ./modules
-    ./options.nix
-    niri.nixosModules.niri
-    home-manager.nixosModules.home-manager
-    lanzaboote.nixosModules.lanzaboote
-    disko.nixosModules.disko
-  ];
-in {
+{ nixpkgs,  home-manager, nixos-hardware, disko, niri, lanzaboote, nixos-facter-modules, ... }@inputs: {
  nixosConfigurations = {
    # Framework Laptop 13
    # AMD Ryzen 5 7640U
@ -19,9 +10,27 @@ in {
        inherit inputs;
      };
      modules = [
+        ./options.nix
        ./devices/inkvine
+        ./modules
+        niri.nixosModules.niri
+        home-manager.nixosModules.home-manager
+        lanzaboote.nixosModules.lanzaboote
        nixos-hardware.nixosModules.framework-13-7040-amd
-      ] ++ modules;
+      ];
+    };
+
+    ellaca = nixpkgs.lib.nixosSystem {
+      system = "x86_64-linux";
+      specialArgs = {
+        inherit inputs;
+      };
+      modules = [
+        ./options.nix
+        ./devices/ellaca
+        ./modules/server
+        disko.nixosModules.disko
+      ];
    };
  };
 }