diff --git a/README.md b/README.md index 8104f1c..3962a65 100644 --- a/README.md +++ b/README.md @@ -34,5 +34,5 @@ Deployment is handled using [deploy-rs](https://github.com/serokell/deploy-rs): ``` -deploy .# +deploy .#tlaternet ``` diff --git a/configuration/hardware-specific/linode/default.nix b/configuration/hardware-specific/linode/default.nix new file mode 100644 index 0000000..8194ec4 --- /dev/null +++ b/configuration/hardware-specific/linode/default.nix @@ -0,0 +1,62 @@ +{ + imports = [ + ./hardware-configuration.nix + ]; + + # Required for the lish console + boot.kernelParams = ["console=ttyS0,19200n8"]; + + services.nginx.domain = "tlater.net"; + + boot.loader = { + # Timeout to allow lish to connect + timeout = 10; + + grub = { + device = "nodev"; + extraConfig = '' + serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1; + terminal_input serial; + terminal_output serial; + ''; + }; + }; + + systemd.network.networks."10-eth0" = { + matchConfig.Name = "eth0"; + + networkConfig = { + DHCP = "no"; + + Address = "178.79.137.55/24"; + Gateway = "178.79.137.1"; + + Domains = "ip.linodeusercontent.com"; + DNS = [ + "178.79.182.5" + "176.58.107.5" + "176.58.116.5" + "176.58.121.5" + "151.236.220.5" + "212.71.252.5" + "212.71.253.5" + "109.74.192.20" + "109.74.193.20" + "109.74.194.20" + "2a01:7e00::9" + "2a01:7e00::3" + "2a01:7e00::c" + "2a01:7e00::5" + "2a01:7e00::6" + "2a01:7e00::8" + "2a01:7e00::b" + "2a01:7e00::4" + "2a01:7e00::7" + "2a01:7e00::2" + ]; + + IPv6PrivacyExtensions = "no"; + IPv6AcceptRA = "yes"; + }; + }; +} diff --git a/configuration/hardware-specific/linode/hardware-configuration.nix b/configuration/hardware-specific/linode/hardware-configuration.nix new file mode 100644 index 0000000..c1776d5 --- /dev/null +++ b/configuration/hardware-specific/linode/hardware-configuration.nix @@ -0,0 +1,39 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/e541bdc3-79d6-459f-9169-92b13b0a8959"; + fsType = "ext4"; + }; + + fileSystems."/var" = + { device = "/dev/disk/by-uuid/79f8fbbd-476d-4e1a-9675-a8474d98f42f"; + fsType = "ext4"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/45c8ad29-3861-4e68-a566-47e6d9269dca"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eth0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/flake.nix b/flake.nix index 21731e6..af41d53 100644 --- a/flake.nix +++ b/flake.nix @@ -42,6 +42,16 @@ ################## nixosConfigurations = { # The actual system definition + tlaternet = nixpkgs.lib.nixosSystem { + inherit system; + specialArgs.flake-inputs = inputs; + + modules = [ + ./configuration + ./configuration/hardware-specific/linode + ]; + }; + hetzner-1 = nixpkgs.lib.nixosSystem { inherit system; specialArgs.flake-inputs = inputs; @@ -57,6 +67,18 @@ # Deployment configuration # ############################ deploy.nodes = { + tlaternet = { + hostname = "tlater.net"; + + profiles.system = { + user = "root"; + path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.tlaternet; + }; + + sshUser = "tlater"; + sshOpts = ["-p" "2222" "-o" "ForwardAgent=yes"]; + }; + hetzner-1 = { hostname = "116.202.158.55";