diff --git a/hive.nix b/hive.nix index 61d6780..09881d6 100644 --- a/hive.nix +++ b/hive.nix @@ -10,6 +10,7 @@ in { imports = [ ]; boot.tmp.useTmpfs = true; }; + kat-probook = { name, nodes, ... }: { deployment.allowLocalDeployment = true; @@ -20,6 +21,7 @@ in { ]; networking.hostName = name; }; + kat-r86s = { name, nodes, ... }: { imports = [ ./machines/kat-r86s/configuration.nix @@ -30,7 +32,25 @@ in { "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor" ]; }; - kat-iso = { name, ... }:{ + + kat-test = { name, nodes, ... }: { + deployment = { + allowLocalDeployment = true; + targetHost = "test.kat"; + }; + + imports = [ + ./machines/kat-test/configuration.nix + users.root + users.catvayor + ]; + networking.hostName = name; + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor" + ]; + }; + + kat-iso = { name, pkgs, ... }:{ deployment = { allowLocalDeployment = false; targetHost = null; @@ -48,11 +68,42 @@ in { }; console.keyMap = "fr"; + environment.systemPackages = with pkgs; [ perl git ]; boot.supportedFilesystems = [ "bcachefs" ]; programs.zsh.enable = true; services.openssh.enable = true; users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor" ]; + + environment.etc = { + "config_base.nix" = { + mode = "0444"; + text = '' + { config, lib, pkgs, ... }: { + imports = [ ./hardware-configuration.nix ]; + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.supportedFilesystems = [ "bcachefs" ]; + boot.kernelPackages = pkgs.linuxPackages_latest; + # networking.networkmanager.enable = true; + networking.hostName = "kat-undefined"; + + time.timeZone = "Europe/Paris"; + i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "fr"; + }; + services.netbird.enable = true; + services.openssh.enable = true; + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor" + ]; + system.stateVersion = "23.11"; + } + ''; + }; + }; }; } diff --git a/machines/kat-test/configuration.nix b/machines/kat-test/configuration.nix new file mode 100644 index 0000000..98de6c7 --- /dev/null +++ b/machines/kat-test/configuration.nix @@ -0,0 +1,133 @@ +# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). + +{ config, lib, pkgs, mods, ... }: + +{ + imports = + [ + ./hardware-configuration.nix + ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.supportedFilesystems = [ "bcachefs" ]; + boot.kernelPackages = pkgs.linuxPackages_latest; + + networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + time.timeZone = "Europe/Paris"; + + i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "fr"; + }; + + # Enable the X11 windowing system. + # services.xserver.enable = true; + + # security.polkit.enable = true; + # programs.light.enable = true; + + nixpkgs.config.allowUnfree = true; + + # Configure keymap in X11 + # services.xserver.xkb.layout = "us"; + # services.xserver.xkb.options = "eurosign:e,caps:escape"; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + hardware = { + pulseaudio = { + enable = true; + package = pkgs.pulseaudioFull; + }; + bluetooth = { + enable = true; + powerOnBoot = false; + }; + }; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + programs.zsh.enable = true; + + environment.systemPackages = with pkgs; [ + wget + brightnessctl + nix-search-cli + git + btop + ranger + colmena + tree + ]; + fonts.packages = with pkgs; [ + fira-code-nerdfont + font-awesome + ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + +# services.syncthing = { +# enable = true; +# systemService = true; +# dataDir = "/home/catvayor"; +# user = "catvayor"; +# group = "users"; +# openDefaultPorts = true; +# settings = { +# folders."essentials" = { +# path = "~/essentials"; +# id = "vgpwu-fk3ct"; +# devices = [ "katest" "katel" ]; +# }; +# devices.katest.id = "UPVXT7D-ZQF4E3J-4WKLLRV-2KF7323-7VOMEJJ-4PZVXW4-UQ2YABE-G7ID4AD"; +# devices.katel.id = "DYOKK7J-HZAF5S7-FYTHQF5-UD5GJZ2-4JMV5I5-STUM3HG-5YM2JPR-LATJNAZ"; +# }; +# }; + services.netbird.enable = true; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; + + # This option defines the first version of NixOS you have installed on this particular machine, + # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. + # + # Most users should NEVER change this value after the initial install, for any reason, + # even if you've upgraded your system to a new NixOS release. + # + # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, + # so changing it will NOT upgrade your system. + # + # This value being lower than the current NixOS release does NOT mean your system is + # out of date, out of support, or vulnerable. + # + # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, + # and migrated your data accordingly. + # + # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . + system.stateVersion = "23.11"; # Did you read the comment? + +} + diff --git a/machines/kat-test/hardware-configuration.nix b/machines/kat-test/hardware-configuration.nix new file mode 100644 index 0000000..b555c7a --- /dev/null +++ b/machines/kat-test/hardware-configuration.nix @@ -0,0 +1,41 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "UUID=3d3c874f-7182-4eb1-91a6-ededc6f05fcc"; + fsType = "bcachefs"; + }; + + boot.initrd.luks.devices."disk".device = "/dev/disk/by-uuid/b1e18836-c657-49b2-81f9-8f0b2e4a4283"; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/B405-7B40"; + fsType = "vfat"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/060c35d7-86b0-4901-b882-02443efbfe07"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/modules/ssh.nix b/modules/ssh.nix index 90c6be3..0ccd9a9 100644 --- a/modules/ssh.nix +++ b/modules/ssh.nix @@ -18,6 +18,10 @@ hostname = "129.199.156.112"; proxyJump = "sas.ens"; }; + "test.kat" = { + user = "root"; + hostname = "100.102.129.187"; + }; "sas.ens" = { user = "lbailly";