From 6e55786568a9650f25fa50baf536f9ab1dc0defa Mon Sep 17 00:00:00 2001 From: ahuston-0 Date: Thu, 5 Dec 2024 00:32:33 -0500 Subject: [PATCH] add hetzner and disko config Signed-off-by: ahuston-0 --- disko/hetzner.nix | 47 +++++++++++++++++++ flake.lock | 22 +++++++++ flake.nix | 6 +++ systems/hetzner-bridge/configuration.nix | 22 +++++++++ systems/hetzner-bridge/default.nix | 8 ++++ .../hetzner-bridge/hardware-configuration.nix | 39 +++++++++++++++ systems/hetzner-bridge/networking.nix | 14 ++++++ 7 files changed, 158 insertions(+) create mode 100644 disko/hetzner.nix create mode 100644 systems/hetzner-bridge/configuration.nix create mode 100644 systems/hetzner-bridge/default.nix create mode 100644 systems/hetzner-bridge/hardware-configuration.nix create mode 100644 systems/hetzner-bridge/networking.nix diff --git a/disko/hetzner.nix b/disko/hetzner.nix new file mode 100644 index 0000000..cc4e60b --- /dev/null +++ b/disko/hetzner.nix @@ -0,0 +1,47 @@ +# USAGE in your configuration.nix. +# Update devices to match your hardware. +# { +# imports = [ ./disko-config.nix ]; +# disko.devices.disk.main.device = "/dev/sda"; +# } +{ + disko.devices = { + disk = { + main = { + type = "disk"; + content = { + type = "gpt"; + partitions = { + ESP = { + type = "EF00"; + size = "500M"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "umask=0077" ]; + }; + priority = 1; + }; + root = { + size = "-1G"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + encryptedSwap = { + size = "1G"; + content = { + type = "swap"; + randomEncryption = true; + priority = 100; # prefer to encrypt as long as we have space for it + }; + }; + }; + }; + }; + }; + }; +} diff --git a/flake.lock b/flake.lock index c98862f..0948d7f 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,26 @@ { "nodes": { + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1730135292, + "narHash": "sha256-CI27qHAbc3/tIe8sb37kiHNaeCqGxNimckCMj0lW5kg=", + "owner": "nix-community", + "repo": "disko", + "rev": "ab58501b2341bc5e0fc88f2f5983a679b075ddf5", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "latest", + "repo": "disko", + "type": "github" + } + }, "firefox-addons": { "inputs": { "flake-utils": [ @@ -302,6 +323,7 @@ }, "root": { "inputs": { + "disko": "disko", "firefox-addons": "firefox-addons", "flake-compat": "flake-compat", "flake-parts": "flake-parts", diff --git a/flake.nix b/flake.nix index d669454..3071d3f 100644 --- a/flake.nix +++ b/flake.nix @@ -38,6 +38,12 @@ # flake-parts.follows = "flake-parts"; # }; # }; + disko = { + url = "github:nix-community/disko/latest"; + inputs = { + nixpkgs.follows = "nixpkgs"; + }; + }; firefox-addons = { url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons"; diff --git a/systems/hetzner-bridge/configuration.nix b/systems/hetzner-bridge/configuration.nix new file mode 100644 index 0000000..78319a7 --- /dev/null +++ b/systems/hetzner-bridge/configuration.nix @@ -0,0 +1,22 @@ +{ + config, + lib, + pkgs, + ... +}: + +{ + imports = [ + ../../disko/hetzner.nix + ./networking.nix + ]; + disko.devices.disk.main.device = "scsi-0QEMU_QEMU_HARDDISK_55513992"; + + boot = { + useSystemdBoot = true; + }; + + hardware.enableAllFirmware = true; + + system.stateVersion = "24.05"; +} diff --git a/systems/hetzner-bridge/default.nix b/systems/hetzner-bridge/default.nix new file mode 100644 index 0000000..a83c03a --- /dev/null +++ b/systems/hetzner-bridge/default.nix @@ -0,0 +1,8 @@ +{ inputs, ... }: +{ + users = [ "alice" ]; + modules = [ + # inputs.attic.nixosModules.atticd + inputs.disko.nixosModules.disko + ]; +} diff --git a/systems/hetzner-bridge/hardware-configuration.nix b/systems/hetzner-bridge/hardware-configuration.nix new file mode 100644 index 0000000..142a05c --- /dev/null +++ b/systems/hetzner-bridge/hardware-configuration.nix @@ -0,0 +1,39 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot = { + availableKernelModules = [ + "ahci" + "xhci_pci" + "virtio_pci" + "virtio_scsi" + "sd_mod" + "sr_mod" + ]; + initrd.kernelModules = [ ]; + kernelModules = [ ]; + extraModulePackages = [ ]; + }; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/systems/hetzner-bridge/networking.nix b/systems/hetzner-bridge/networking.nix new file mode 100644 index 0000000..256e872 --- /dev/null +++ b/systems/hetzner-bridge/networking.nix @@ -0,0 +1,14 @@ +{ + config, + lib, + pkgs, + ... +}: + +{ + systemd.network.enable = true; + systemd.network.networks."10-wan" = { + matchConfig.Name = "enp1s0"; # either ens3 or enp1s0 depending on system, check 'ip addr' + networkConfig.DHCP = "ipv4"; + }; +}