1 files changed, 56 insertions, 35 deletions
diff --git a/modules/private/system/dilion.nix b/modules/private/system/dilion.nix
index 5c24656..5abaac0 100644
--- a/modules/private/system/dilion.nix
+++ b/modules/private/system/dilion.nix
@@ -1,59 +1,81 @@
 { privateFiles }:
 { config, pkgs, name, lib, ... }:
 {
-  boot.supportedFilesystems = [ "zfs" ];
+  deployment = {
-  boot.kernelPackages = pkgs.linuxPackages_latest;
+    targetUser = "root";
+    targetHost = config.hostEnv.ips.main.ip4;
+    substituteOnDestination = true;
+  };
+  nixpkgs.system = lib.mkOverride 900 "x86_64-linux";
+  boot = {
+    loader = {
+      grub = {
+        version = 2;
+        devices = [ "/dev/sda" "/dev/sdb" "/dev/sdc" "/dev/sdd" ];
+      };
+      timeout = 1;
+    };
+    blacklistedKernelModules = [ "nvidiafb" ];
+    supportedFilesystems = [ "zfs" ];
+    kernelPackages = pkgs.linuxPackages_latest;
+    kernelModules = [ "kvm-intel" ];
+    initrd.availableKernelModules = [ "ahci" "sd_mod" ];
+    initrd.secrets = {
+      "/boot/pass.key" = "/boot/pass.key";
+    };
+    kernel.sysctl."vm.nr_hugepages" = 256; # for xmr-stak
+  };
+  nix.maxJobs = 8;
+  powerManagement.cpuFreqGovernor = "powersave";
+  hardware.enableRedistributableFirmware = true;
  myEnv = import "${privateFiles}/environment.nix" // { inherit privateFiles; };
+  swapDevices = [ { label = "swap"; } ];
  fileSystems = {
-    "/"           = lib.mkForce { fsType = "zfs"; device = "zpool/root"; };
+    "/"           = { fsType = "zfs"; device = "zpool/root"; };
    "/boot"       = { fsType = "ext4"; device = "/dev/disk/by-uuid/fd1c511e-2bc0-49d5-b8bb-95e7e8c8c816"; };
    "/etc"        = { fsType = "zfs"; device = "zpool/root/etc"; };
    "/home"       = { fsType = "zfs"; device = "zpool/root/home"; };
    "/home/immae" = { fsType = "zfs"; device = "zpool/root/home/immae"; };
    "/tmp"        = { fsType = "zfs"; device = "zpool/root/tmp"; };
    "/var"        = { fsType = "zfs"; device = "zpool/root/var"; };
+    "/data"       = { fsType = "ext4"; label = "data"; };
+    "/nix"        = { fsType = "ext4"; label = "nix"; };
  };
-  boot.initrd.secrets = {
-    "/boot/pass.key" = "/boot/pass.key";
+  services.udev.extraRules = ''
-  };
+    ACTION=="add", SUBSYSTEM=="net", ATTR{address}=="10:bf:48:7f:e6:3b", NAME="eth0"
+  '';
  networking = {
    hostId = "27c3048d"; # generated with head -c4 /dev/urandom | od -A none -t x4
    firewall.enable = false;
-    interfaces."eth0".ipv4.addresses = pkgs.lib.attrsets.mapAttrsToList
+    interfaces."eth0".ipv4.addresses =
-      (n: ips: { address = ips.ip4; prefixLength = 32; })
+      [ { address = config.hostEnv.ips.main.ip4; prefixLength = 27; } ]
-      (pkgs.lib.attrsets.filterAttrs (n: v: n != "main") config.hostEnv.ips);
+      ++ pkgs.lib.attrsets.mapAttrsToList
-    interfaces."eth0".ipv6.addresses = pkgs.lib.flatten (pkgs.lib.attrsets.mapAttrsToList
+        (n: ips: { address = ips.ip4; prefixLength = 32; })
-      (n: ips: map (ip: { address = ip; prefixLength = (if n == "main" && ip == pkgs.lib.head ips.ip6 then 64 else 128); }) (ips.ip6 or []))
+        (pkgs.lib.attrsets.filterAttrs (n: v: n != "main") config.hostEnv.ips);
-      config.hostEnv.ips);
+    interfaces."eth0".ipv6.addresses =
+      [ { address = "2a01:4f8:141:53e7::"; prefixLength = 64; } ]
+      ++ pkgs.lib.flatten (pkgs.lib.attrsets.mapAttrsToList
+        (n: ips: map (ip: { address = ip; prefixLength = (if n == "main" && ip == pkgs.lib.head ips.ip6 then 64 else 128); }) (ips.ip6 or []))
+        config.hostEnv.ips);
+    defaultGateway = { address = "176.9.10.225"; interface = "eth0"; };
+    defaultGateway6 = { address = "fe80::1"; interface = "eth0"; };
+    nameservers = [
+      "213.133.98.98"
+      "213.133.99.99"
+      "213.133.100.100"
+      "2a01:4f8:0:a0a1::add:1010"
+      "2a01:4f8:0:a102::add:9999"
+      "2a01:4f8:0:a111::add:9898"
+    ];
  };
  myServices.ssh.modules = [ config.myServices.ssh.predefinedModules.regular ];
  imports = builtins.attrValues (import ../..);
-  deployment = {
-    targetEnv = "hetzner";
-    hetzner = {
-      robotUser = config.myEnv.hetzner.user;
-      robotPass = config.myEnv.hetzner.pass;
-      mainIPv4 = config.hostEnv.ips.main.ip4;
-      partitions = ''
-        clearpart --all --initlabel --drives=sda,sdb,sdc,sdd
-        part swap --recommended --label=swap --fstype=swap --ondisk=sda
-        part raid.1 --grow --ondisk=sdc
-        part raid.2 --grow --ondisk=sdd
-        raid / --level=1 --device=md0 --fstype=ext4 --label=root raid.1 raid.2
-        part /nix --grow --label=nix --ondisk=sda
-        part /data --grow --label=data --ondisk=sdb
-      '';
-    };
-  };
  system.nssModules = [ pkgs.libvirt ];
  system.nssDatabases.hosts = lib.mkForce [ "files" "libvirt_guest" "mymachines" "dns" "myhostname" ];
  programs.zsh.enable = true;
@@ -78,7 +100,6 @@
    }
  ];
-  boot.kernel.sysctl."vm.nr_hugepages" = 256; # for xmr-stak
  system.activationScripts.libvirtd_exports = ''
    install -m 0755 -o root -g root -d /var/lib/caldance
  '';

diff --git a/modules/private/system/dilion.nix b/modules/private/system/dilion.nix index 5c24656..5abaac0 100644 --- a/modules/private/system/dilion.nix +++ b/modules/private/system/dilion.nix
@@ -1,59 +1,81 @@
1	{ privateFiles }:	1	{ privateFiles }:
2	{ config, pkgs, name, lib, ... }:	2	{ config, pkgs, name, lib, ... }:
3	{	3	{
4	boot.supportedFilesystems = [ "zfs" ];	4	deployment = {
5	boot.kernelPackages = pkgs.linuxPackages_latest;	5	targetUser = "root";
		6	targetHost = config.hostEnv.ips.main.ip4;
		7	substituteOnDestination = true;
		8	};
		9	nixpkgs.system = lib.mkOverride 900 "x86_64-linux";
		10	boot = {
		11	loader = {
		12	grub = {
		13	version = 2;
		14	devices = [ "/dev/sda" "/dev/sdb" "/dev/sdc" "/dev/sdd" ];
		15	};
		16	timeout = 1;
		17	};
		18	blacklistedKernelModules = [ "nvidiafb" ];
		19	supportedFilesystems = [ "zfs" ];
		20	kernelPackages = pkgs.linuxPackages_latest;
		21	kernelModules = [ "kvm-intel" ];
		22	initrd.availableKernelModules = [ "ahci" "sd_mod" ];
		23	initrd.secrets = {
		24	"/boot/pass.key" = "/boot/pass.key";
		25	};
		26	kernel.sysctl."vm.nr_hugepages" = 256; # for xmr-stak
		27	};
		28	nix.maxJobs = 8;
		29	powerManagement.cpuFreqGovernor = "powersave";
		30	hardware.enableRedistributableFirmware = true;
		31
6	myEnv = import "${privateFiles}/environment.nix" // { inherit privateFiles; };	32	myEnv = import "${privateFiles}/environment.nix" // { inherit privateFiles; };
7		33
		34	swapDevices = [ { label = "swap"; } ];
8	fileSystems = {	35	fileSystems = {
9	"/" = lib.mkForce { fsType = "zfs"; device = "zpool/root"; };	36	"/" = { fsType = "zfs"; device = "zpool/root"; };
10	"/boot" = { fsType = "ext4"; device = "/dev/disk/by-uuid/fd1c511e-2bc0-49d5-b8bb-95e7e8c8c816"; };	37	"/boot" = { fsType = "ext4"; device = "/dev/disk/by-uuid/fd1c511e-2bc0-49d5-b8bb-95e7e8c8c816"; };
11	"/etc" = { fsType = "zfs"; device = "zpool/root/etc"; };	38	"/etc" = { fsType = "zfs"; device = "zpool/root/etc"; };
12	"/home" = { fsType = "zfs"; device = "zpool/root/home"; };	39	"/home" = { fsType = "zfs"; device = "zpool/root/home"; };
13	"/home/immae" = { fsType = "zfs"; device = "zpool/root/home/immae"; };	40	"/home/immae" = { fsType = "zfs"; device = "zpool/root/home/immae"; };
14	"/tmp" = { fsType = "zfs"; device = "zpool/root/tmp"; };	41	"/tmp" = { fsType = "zfs"; device = "zpool/root/tmp"; };
15	"/var" = { fsType = "zfs"; device = "zpool/root/var"; };	42	"/var" = { fsType = "zfs"; device = "zpool/root/var"; };
		43	"/data" = { fsType = "ext4"; label = "data"; };
		44	"/nix" = { fsType = "ext4"; label = "nix"; };
16	};	45	};
17	boot.initrd.secrets = {	46
18	"/boot/pass.key" = "/boot/pass.key";	47	services.udev.extraRules = ''
19	};	48	ACTION=="add", SUBSYSTEM=="net", ATTR{address}=="10:bf:48:7f:e6:3b", NAME="eth0"
		49	'';
20		50
21	networking = {	51	networking = {
22	hostId = "27c3048d"; # generated with head -c4 /dev/urandom \| od -A none -t x4	52	hostId = "27c3048d"; # generated with head -c4 /dev/urandom \| od -A none -t x4
23	firewall.enable = false;	53	firewall.enable = false;
24	interfaces."eth0".ipv4.addresses = pkgs.lib.attrsets.mapAttrsToList	54	interfaces."eth0".ipv4.addresses =
25	(n: ips: { address = ips.ip4; prefixLength = 32; })	55	[ { address = config.hostEnv.ips.main.ip4; prefixLength = 27; } ]
26	(pkgs.lib.attrsets.filterAttrs (n: v: n != "main") config.hostEnv.ips);	56	++ pkgs.lib.attrsets.mapAttrsToList
27	interfaces."eth0".ipv6.addresses = pkgs.lib.flatten (pkgs.lib.attrsets.mapAttrsToList	57	(n: ips: { address = ips.ip4; prefixLength = 32; })
28	(n: ips: map (ip: { address = ip; prefixLength = (if n == "main" && ip == pkgs.lib.head ips.ip6 then 64 else 128); }) (ips.ip6 or []))	58	(pkgs.lib.attrsets.filterAttrs (n: v: n != "main") config.hostEnv.ips);
29	config.hostEnv.ips);	59	interfaces."eth0".ipv6.addresses =
		60	[ { address = "2a01:4f8:141:53e7::"; prefixLength = 64; } ]
		61	++ pkgs.lib.flatten (pkgs.lib.attrsets.mapAttrsToList
		62	(n: ips: map (ip: { address = ip; prefixLength = (if n == "main" && ip == pkgs.lib.head ips.ip6 then 64 else 128); }) (ips.ip6 or []))
		63	config.hostEnv.ips);
		64	defaultGateway = { address = "176.9.10.225"; interface = "eth0"; };
		65	defaultGateway6 = { address = "fe80::1"; interface = "eth0"; };
		66	nameservers = [
		67	"213.133.98.98"
		68	"213.133.99.99"
		69	"213.133.100.100"
		70	"2a01:4f8:0:a0a1::add:1010"
		71	"2a01:4f8:0:a102::add:9999"
		72	"2a01:4f8:0:a111::add:9898"
		73	];
30	};	74	};
31		75
32	myServices.ssh.modules = [ config.myServices.ssh.predefinedModules.regular ];	76	myServices.ssh.modules = [ config.myServices.ssh.predefinedModules.regular ];
33	imports = builtins.attrValues (import ../..);	77	imports = builtins.attrValues (import ../..);
34		78
35	deployment = {
36	targetEnv = "hetzner";
37	hetzner = {
38	robotUser = config.myEnv.hetzner.user;
39	robotPass = config.myEnv.hetzner.pass;
40	mainIPv4 = config.hostEnv.ips.main.ip4;
41	partitions = ''
42	clearpart --all --initlabel --drives=sda,sdb,sdc,sdd
43
44	part swap --recommended --label=swap --fstype=swap --ondisk=sda
45
46	part raid.1 --grow --ondisk=sdc
47	part raid.2 --grow --ondisk=sdd
48
49	raid / --level=1 --device=md0 --fstype=ext4 --label=root raid.1 raid.2
50
51	part /nix --grow --label=nix --ondisk=sda
52	part /data --grow --label=data --ondisk=sdb
53	'';
54	};
55	};
56
57	system.nssModules = [ pkgs.libvirt ];	79	system.nssModules = [ pkgs.libvirt ];
58	system.nssDatabases.hosts = lib.mkForce [ "files" "libvirt_guest" "mymachines" "dns" "myhostname" ];	80	system.nssDatabases.hosts = lib.mkForce [ "files" "libvirt_guest" "mymachines" "dns" "myhostname" ];
59	programs.zsh.enable = true;	81	programs.zsh.enable = true;
@@ -78,7 +100,6 @@
78	}	100	}
79	];	101	];
80		102
81	boot.kernel.sysctl."vm.nr_hugepages" = 256; # for xmr-stak
82	system.activationScripts.libvirtd_exports = ''	103	system.activationScripts.libvirtd_exports = ''
83	install -m 0755 -o root -g root -d /var/lib/caldance	104	install -m 0755 -o root -g root -d /var/lib/caldance
84	'';	105	'';