Merge pull request #5 from RAD-Development/jeeves-jr
Seting up Jeeves jr
This commit is contained in:
Richie Cahill
GitHub
55
systems/jeeves-jr/configuration.nix
Normal file
55
systems/jeeves-jr/configuration.nix
Normal file
@ -0,0 +1,55 @@
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
time.timeZone = "America/New_York";
|
||||
console.keyMap = "us";
|
||||
networking.hostId = "1beb3026";
|
||||
|
||||
boot = {
|
||||
# TODO add pool name
|
||||
zfs.extraPools = [ "Main" ];
|
||||
filesystem = "zfs";
|
||||
useSystemdBoot = true;
|
||||
};
|
||||
|
||||
virtualisation = {
|
||||
docker = {
|
||||
enable = true;
|
||||
recommendedDefaults = true;
|
||||
logDriver = "local";
|
||||
daemon."settings" = {
|
||||
experimental = true;
|
||||
exec-opts = [ "native.cgroupdriver=systemd" ];
|
||||
log-opts = {
|
||||
max-size = "10m";
|
||||
max-file = "5";
|
||||
};
|
||||
data-root = "/var/lib/docker";
|
||||
};
|
||||
storageDriver = "overlay2";
|
||||
};
|
||||
|
||||
podman = {
|
||||
enable = true;
|
||||
recommendedDefaults = true;
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
docker-compose
|
||||
];
|
||||
|
||||
services = {
|
||||
nfs.server.enable = true;
|
||||
|
||||
openssh.ports = [ 352 ];
|
||||
smartd.enable = true;
|
||||
zfs = {
|
||||
trim.enable = true;
|
||||
autoScrub.enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall.enable = false;
|
||||
|
||||
system.stateVersion = "23.05";
|
||||
}
|
||||
39
systems/jeeves-jr/hardware.nix
Normal file
39
systems/jeeves-jr/hardware.nix
Normal file
@ -0,0 +1,39 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-amd" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/c59f7261-ebab-4cc9-8f1d-3f4c2e4b1971";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/7295-A442";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/9d4ef549-d426-489d-8332-0a49589c6aed"; }
|
||||
];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
||||
73
systems/jeeves-jr/secrets.yaml
Normal file
73
systems/jeeves-jr/secrets.yaml
Normal file
@ -0,0 +1,73 @@
|
||||
hello: ENC[AES256_GCM,data:y98ZcYZQSYP8GBFysKvD292lU1EPa0o/wV7EHPLelIIHl8bWE5Lz27KUsCnzNQ==,iv:zU9zBeNyAyiLs30ftxrATG/X/U7Z7euLqjDKmg0Lh7Y=,tag:MG61sKRBEvE7T/oWO3rGpA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1lffr5f5nz0nrenv3ekgy27e8sztsx4gfp3hfymkz77mqaa5a4gts0ncrrh
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDc0JiUzQvWlZoTk5yN1Y4
|
||||
WVdiVE96YzdFOUJmcENDN0YwajVQbWFtclFBCmMyc0J1aWIwYi9hZlk2aXNNbjJa
|
||||
WXk4UWowV05MMkR6dWw4VTZlYXM3d1UKLS0tIGxXTEpRZUpMdEphN09XczVLajhB
|
||||
Q2lVZndGa3p6ZWlBSzBJNlVEZmpuTFUKykfMMUhiVnpyU+Wuo+eHFrjfNjeq3byA
|
||||
ktvpewY946v/rUBiyruaaOdCmL0U0Metc+m8gzTdbuTsM7EuY+cTyA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-12-29T20:01:04Z"
|
||||
mac: ENC[AES256_GCM,data:9tUmPHyKY42lT1EfbDK7Es9MIdiR5A0rs/ST89baJMANGIN+oKQzkzDujG2WM8hxvgApl/GuIdy5ZBNZlUM0iYxFUd2a0UBDyjw+xTzWIuQr2/TuI8/cOgp04Kk+M9wNlLzE/dJAXsaqBo0EaHpfwKo/3/J53UfiIZrOtAZv+Qg=,iv:E79aJdvhkG2PfsO06QQa2Pzs3yiSHDARpZtM+uxiZJE=,tag:UwEcwBm22Ep2U2mhDgpQ0w==,type:str]
|
||||
pgp:
|
||||
- created_at: "2023-12-29T20:00:57Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQILA84hNUGIgI/nAQ/4/do2eDz0KPLhCY7MH0HCyf9m2tZXvOy7+2pqYxdrKtwP
|
||||
H5+3O9R3iobBfksnaW8bTU2WK5t7OP4SlKYAeBi0uHoWVt8w/RcrZmVaItOlrDHA
|
||||
4ER64Izuc9ih6Ug/SOGvkE2NymUpPgsJ6YHyQESy8JdETr1swNOemlbgOYXgg1h2
|
||||
T7hLdEKQtnYNLMMsO8jZOcPlbCGM0PXZQrWN67kXlWJwkx6qls6XmuXDvAofIQ2C
|
||||
+GiaR6RDrsa9eofe34TT/FJG2IlAfPnE1sCcy9EYgU+nw6xwMCNn/d7qMqMDZGw/
|
||||
xRMmnH5ujULsAohZFvCnmZue2BXkhSRrsuLePs4edOS1gm97qaPHQUv3vmDTCpWY
|
||||
581K0CaauIHq9Gz8zK999jJNFG0Hmi4w9nRajErC8QvzIymgvzbsJHXkVjzYJjT2
|
||||
NYZ3D/YKbu7zyt3EYLZ0wtHysjdYD9PUsg16X5XxNUV7EHGhUt6mpX+P/h13ZSMq
|
||||
uwog7ByMUG70cQwqLpJFL40rFpq5mlK4JnonVN0+0PWy7LGxYM8q2WvylP6SDiZy
|
||||
3EqaqMlAwQsNO+7YStk7IonxoWZ6ff7fD8MtKZ/faBjmSzYsjl7F6o5HUd7APtV/
|
||||
/HMjbauqHomCoWEyfDNiDKu2lla1MM/wUEacgvpYbW5BAlZoxUtO1MXDRDpIKNJc
|
||||
AR99EIS9Q1KBmfuzqHuIMrRBy4iHg1nHyvtj/Zh/2AjetnQgdDc5skPuHRL/Bo/2
|
||||
V8PrlL8j1AHrdL4id31drlLQS4zA0QiJj1gDT1fJgInSU29vPed3ZGDCKCU=
|
||||
=BkkQ
|
||||
-----END PGP MESSAGE-----
|
||||
fp: F63832C3080D6E1AC77EECF80B4245FFE305BC82
|
||||
- created_at: "2023-12-29T20:00:57Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hF4DqDJbhoEBo+ISAQdApXkJrfSY9LoDQLwRS8ZVY63huJelc3KtOVccvM64kxUw
|
||||
zhXvuT0ZGQA4PwpvZYK1NOu+T73S5khrbIDe9QzTveyKt6zOqxwK6tn22bs3DLAk
|
||||
1GYBCQIQKypNWKA8hJina5Dng/h/qA0ZmRJaAJJmQA/1uRFi582CpE+fzBsCjmNQ
|
||||
1x2YgfPRHobReKl0khPml7hMmLbdcVvaJ9vIb/gluazT1htu6Ozox/zEwHweUZmX
|
||||
xozdi1jGYcw=
|
||||
=n5SU
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 8F79E6CD6434700615867480D11A514F5095BFA8
|
||||
- created_at: "2023-12-29T20:00:57Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMA29thaGx06tOARAAmhgBXtcqr5bttn6DLFBqNWaLX34FgjTjHlogiKgX3WTv
|
||||
ZOluzpxbS7jylBHC0cnbgjz9vWEgg3LVzglrlOHl35SX/E09eBn/qs8I7na3o+7K
|
||||
WdmJG7j3VtYdNyu4BULjGmAUIZE75/aSiIPnIDR3PwKpY6LtKI/jhs69hhmiZ+2r
|
||||
M3Q91Kk4M7CsqBMUXxFFUOD7r8ZlKfsAn80gpdb/pN8gp0U1pp5JkT9Kz2WjJkzK
|
||||
/vf/5f7+/8OA/WFbuY488LVSuckHvGGDXjrmoLA78/agYaH1J6qTvar5eCvIetu9
|
||||
wU9cm6ieztHMOV0Nok46gYWWaKQkH6jmAVneYLAsvBm7QxEJGLlFGF5pUsniqx4A
|
||||
PtDIw9EmKNnumnsHyfR+8qOgG/4/8AqPklEo9Dxsqcjj++EEvHN2lE9BwdqVNSw9
|
||||
ZHJ9DXhPKjwq7VD7jvBeElituUzvPb5aPruTL2AxjQ3h0cMj/QmegO5FtBDpRpnN
|
||||
TpW2FGuayueEgJSV3YJVTJUwmtxgTkL2SMHgW80I7pAq85O4fKETIAR97DCEDPrH
|
||||
jgI/EEjJg+PlfuAaqo2kgVgYyE6DVkDbIKgF2k8VNFX7XBmnN7xB4apVKx8nJXc+
|
||||
l7AbJiJy89giQpYWGE5A8fBrYMbvexLMfeKYtZR7t82gkNxOoKBOl0F2T+Ol+L7S
|
||||
XAGgZuN612AlW9QhZCgjwIxFPK+MR2ff9hIZBVPqx4F45/Gooqxw1iCyitQwlgqL
|
||||
bpTlKyuZbrgTVekV9vxnYhms6Uvyys1V9bUrKGgpV+9YS4Zfzh+5fN8wQ8Pw
|
||||
=HVMH
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 29F5017C95D9E60B1B1E8407072B0E0B8312DFE3
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
Reference in New Issue
Block a user