bertof/nix-dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Installer configuration and baldur boot

Browse source
This commit is contained in:
Filippo Berto 2022-12-18 15:31:07 +01:00
parent fb2c2128d1
commit 44af181073
Signed by: bertof
GPG key ID: 9DBF7E6A1D2CE9ED
4 changed files with 67 additions and 72 deletions
Download patch file Download diff file Expand all files Collapse all files

12
baldur/configuration.nix
View file

@ -1,7 +1,17 @@
{ pkgs, lib, ... }:
with lib; {
boot.loader.systemd-boot.enable = true;
boot = {
growPartition = true;
kernelParams = [ "console=ttyS0" "panic=1" "boot.panic_on_fail" ];
initrd.kernelModules = [ "virtio_scsi" ];
kernelModules = [ "virtio_pci" "virtio_net" ];
loader = {
grub.device = "/dev/vda";
timeout = 0;
grub.configurationLimit = 0;
};
};
# boot = {
# # binfmt.emulatedSystems = [ "armv7l-linux" "aarch64-linux" ];

50
flake.lock generated
View file

@ -3,7 +3,9 @@
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": "nixpkgs",
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
@ -151,7 +153,9 @@
"nixos-generators": {
"inputs": {
"nixlib": "nixlib",
"nixpkgs": "nixpkgs_2"
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1671355134,
@ -184,16 +188,16 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1648219316,
"narHash": "sha256-Ctij+dOi0ZZIfX5eMhgwugfvB+WZSrvVNAyAuANOsnQ=",
"lastModified": 1670939335,
"narHash": "sha256-AJmruD+RI6smxiVnfpmNT7275mZsUdCS5zczeQCyy3o=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "30d3d79b7d3607d56546dd2a6b49e156ba0ec634",
"rev": "8d6da33644bbd082b8a13f73ea2c7338190d7429",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"ref": "release-22.11",
"repo": "nixpkgs",
"type": "github"
}
@ -230,38 +234,6 @@
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1637186689,
"narHash": "sha256-NU7BhgnwA/3ibmCeSzFK6xGi+Bari9mPfn+4cBmyEjw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "7fad01d9d5a3f82081c00fb57918d64145dc904c",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1670939335,
"narHash": "sha256-AJmruD+RI6smxiVnfpmNT7275mZsUdCS5zczeQCyy3o=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8d6da33644bbd082b8a13f73ea2c7338190d7429",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-22.11",
"repo": "nixpkgs",
"type": "github"
}
},
"pre-commit-hooks": {
"inputs": {
"flake-utils": [
@ -321,7 +293,7 @@
"nix-rice": "nix-rice",
"nixos-generators": "nixos-generators",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_3",
"nixpkgs": "nixpkgs",
"nixpkgs-u": "nixpkgs-u",
"pre-commit-hooks": "pre-commit-hooks_2"
}

40
flake.nix
View file

@ -12,22 +12,12 @@
# url = "github:nix-community/home-manager";
# inputs.nixpkgs.follows = "nixpkgs-u";
# };
deploy-rs.url = "github:serokell/deploy-rs";
deploy-rs = { url = "github:serokell/deploy-rs"; inputs = { nixpkgs.follows = "nixpkgs"; }; };
flake-utils.url = "github:numtide/flake-utils";
nixos-generators.url = "github:nix-community/nixos-generators";
nixos-generators = { url = "github:nix-community/nixos-generators"; inputs = { nixpkgs.follows = "nixpkgs"; }; };
nixos-hardware.url = "github:NixOS/nixos-hardware";
nix-rice = {
url = "github:bertof/nix-rice";
inputs = {
nixpkgs.follows = "nixpkgs";
flake-utils.follows = "flake-utils";
};
};
pre-commit-hooks = {
url = "github:cachix/pre-commit-hooks.nix";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils";
};
nix-rice = { url = "github:bertof/nix-rice"; inputs = { nixpkgs.follows = "nixpkgs"; flake-utils.follows = "flake-utils"; }; };
pre-commit-hooks = { url = "github:cachix/pre-commit-hooks.nix"; inputs = { nixpkgs.follows = "nixpkgs"; flake-utils.follows = "flake-utils"; }; };
};
outputs =
@ -37,11 +27,10 @@
, home-manager
, deploy-rs
, flake-utils
, # , nixos-generators
nixos-hardware
, nixos-generators
, nixos-hardware
, nix-rice
, pre-commit-hooks
, nixos-generators
, ...
}:
let
@ -107,6 +96,7 @@
shellHook = ''
${self.checks.${system}.pre-commit-check.shellHook}
'';
LOCAL_KEY = "/etc/nix/key";
};
});
@ -214,6 +204,7 @@
modules = commonModules ++ [
./baldur/hardware-configuration.nix
./baldur/configuration.nix
./nixos_modules/digitalocean.nix
# { home-manager.users.bertof = import ./baldur/hm.nix; }
];
@ -249,22 +240,31 @@
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.loki;
};
};
baldur = {
hostname = "164.90.208.134";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.baldur;
};
};
};
};
images = with flake-utils.lib; eachSystem [ system.x86_64-linux system.aarch64-linux ] (system: {
images = with flake-utils.lib; eachSystem [ system.x86_64-linux system.aarch64-linux ] (system:
{
packages = {
# Installer ISO
install-iso = nixos-generators.nixosGenerate {
inherit system;
modules = commonModules ++ [{ services.openssh = { enable = true; openFirewall = true; }; }];
modules = commonModules ++ [ ./nixos_modules/installer.nix ];
format = "install-iso";
};
# Installer DigitalOcean
do = nixos-generators.nixosGenerate {
inherit system;
modules = commonModules ++ [{ services.openssh = { enable = true; openFirewall = true; }; }];
modules = commonModules ++ [ ./nixos_modules/installer.nix ];
format = "do";
};
};

13
nixos_modules/installer.nix Normal file
View file

@ -0,0 +1,13 @@
{
services.openssh = {
enable = true;
openFirewall = true;
permitRootLogin = "prohibit-password";
passwordAuthentication = false;
};
users.users.root = {
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN+zsSWZFFzQKnATCAvtG+iuSm4qkZHjCtHzGa9B/71W"
];
};
}