From 49e689481d6c132b002e27debdd61dabd485ccd7 Mon Sep 17 00:00:00 2001
From: ahuston-0 <aliceghuston@gmail.com>
Date: Tue, 1 Apr 2025 15:15:51 -0400
Subject: [PATCH] add hetzner and disko config
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
---
disko/hetzner.nix | 47 +++++++++++++++++++
flake.lock | 19 ++++++++
flake.nix | 6 +++
systems/hetzner-bridge/configuration.nix | 22 +++++++++
systems/hetzner-bridge/default.nix | 8 ++++
.../hetzner-bridge/hardware-configuration.nix | 39 +++++++++++++++
systems/hetzner-bridge/networking.nix | 14 ++++++
7 files changed, 155 insertions(+)
create mode 100644 disko/hetzner.nix
create mode 100644 systems/hetzner-bridge/configuration.nix
create mode 100644 systems/hetzner-bridge/default.nix
create mode 100644 systems/hetzner-bridge/hardware-configuration.nix
create mode 100644 systems/hetzner-bridge/networking.nix
diff --git a/disko/hetzner.nix b/disko/hetzner.nix
new file mode 100644
index 0000000..cc4e60b
--- /dev/null
+++ b/disko/hetzner.nix
@@ -0,0 +1,47 @@
+# USAGE in your configuration.nix.
+# Update devices to match your hardware.
+# {
+# imports = [ ./disko-config.nix ];
+# disko.devices.disk.main.device = "/dev/sda";
+# }
+{
+ disko.devices = {
+ disk = {
+ main = {
+ type = "disk";
+ content = {
+ type = "gpt";
+ partitions = {
+ ESP = {
+ type = "EF00";
+ size = "500M";
+ content = {
+ type = "filesystem";
+ format = "vfat";
+ mountpoint = "/boot";
+ mountOptions = [ "umask=0077" ];
+ };
+ priority = 1;
+ };
+ root = {
+ size = "-1G";
+ content = {
+ type = "filesystem";
+ format = "ext4";
+ mountpoint = "/";
+ };
+ };
+ encryptedSwap = {
+ size = "1G";
+ content = {
+ type = "swap";
+ randomEncryption = true;
+ priority = 100; # prefer to encrypt as long as we have space for it
+ };
+ };
+ };
+ };
+ };
+ };
+ };
+}
diff --git a/flake.lock b/flake.lock
index 3a64136..4947de8 100644
--- a/flake.lock
+++ b/flake.lock
@@ -64,6 +64,24 @@
"owner": "tinted-theming",
"repo": "base16-vim",
"rev": "577fe8125d74ff456cf942c733a85d769afe58b7",
+ "disko": {
+ "inputs": {
+ "nixpkgs": [
+ "nixpkgs"
+ ]
+ },
+ "locked": {
+ "lastModified": 1730135292,
+ "narHash": "sha256-CI27qHAbc3/tIe8sb37kiHNaeCqGxNimckCMj0lW5kg=",
+ "owner": "nix-community",
+ "repo": "disko",
+ "rev": "ab58501b2341bc5e0fc88f2f5983a679b075ddf5",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nix-community",
+ "ref": "latest",
+ "repo": "disko",
"type": "github"
}
},
@@ -625,6 +643,7 @@
},
"root": {
"inputs": {
+ "disko": "disko",
"firefox-addons": "firefox-addons",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
diff --git a/flake.nix b/flake.nix
index c85dde6..c16bcdc 100644
--- a/flake.nix
+++ b/flake.nix
@@ -40,6 +40,12 @@
# flake-parts.follows = "flake-parts";
# };
# };
+ disko = {
+ url = "github:nix-community/disko/latest";
+ inputs = {
+ nixpkgs.follows = "nixpkgs";
+ };
+ };
firefox-addons = {
url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
diff --git a/systems/hetzner-bridge/configuration.nix b/systems/hetzner-bridge/configuration.nix
new file mode 100644
index 0000000..78319a7
--- /dev/null
+++ b/systems/hetzner-bridge/configuration.nix
@@ -0,0 +1,22 @@
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}:
+
+{
+ imports = [
+ ../../disko/hetzner.nix
+ ./networking.nix
+ ];
+ disko.devices.disk.main.device = "scsi-0QEMU_QEMU_HARDDISK_55513992";
+
+ boot = {
+ useSystemdBoot = true;
+ };
+
+ hardware.enableAllFirmware = true;
+
+ system.stateVersion = "24.05";
+}
diff --git a/systems/hetzner-bridge/default.nix b/systems/hetzner-bridge/default.nix
new file mode 100644
index 0000000..a83c03a
--- /dev/null
+++ b/systems/hetzner-bridge/default.nix
@@ -0,0 +1,8 @@
+{ inputs, ... }:
+{
+ users = [ "alice" ];
+ modules = [
+ # inputs.attic.nixosModules.atticd
+ inputs.disko.nixosModules.disko
+ ];
+}
diff --git a/systems/hetzner-bridge/hardware-configuration.nix b/systems/hetzner-bridge/hardware-configuration.nix
new file mode 100644
index 0000000..142a05c
--- /dev/null
+++ b/systems/hetzner-bridge/hardware-configuration.nix
@@ -0,0 +1,39 @@
+# Do not modify this file! It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations. Please make changes
+# to /etc/nixos/configuration.nix instead.
+{
+ config,
+ lib,
+ pkgs,
+ modulesPath,
+ ...
+}:
+
+{
+ imports = [
+ (modulesPath + "/profiles/qemu-guest.nix")
+ ];
+
+ boot = {
+ availableKernelModules = [
+ "ahci"
+ "xhci_pci"
+ "virtio_pci"
+ "virtio_scsi"
+ "sd_mod"
+ "sr_mod"
+ ];
+ initrd.kernelModules = [ ];
+ kernelModules = [ ];
+ extraModulePackages = [ ];
+ };
+
+ # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+ # (the default) this is the recommended approach. When using systemd-networkd it's
+ # still possible to use this option, but it's recommended to use it in conjunction
+ # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+ networking.useDHCP = lib.mkDefault true;
+ # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
+
+ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}
diff --git a/systems/hetzner-bridge/networking.nix b/systems/hetzner-bridge/networking.nix
new file mode 100644
index 0000000..256e872
--- /dev/null
+++ b/systems/hetzner-bridge/networking.nix
@@ -0,0 +1,14 @@
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}:
+
+{
+ systemd.network.enable = true;
+ systemd.network.networks."10-wan" = {
+ matchConfig.Name = "enp1s0"; # either ens3 or enp1s0 depending on system, check 'ip addr'
+ networkConfig.DHCP = "ipv4";
+ };
+}