From 4a5441386caf26b67a647bedee258100930206c0 Mon Sep 17 00:00:00 2001
From: catvayor <catvayor@katvayor.net>
Date: Mon, 28 Oct 2024 11:15:27 +0100
Subject: [PATCH] feat(website): created vm

---
 kat/default.nix                             |  4 +-
 machines/kat-manah/default.nix              |  1 +
 machines/kat-www/default.nix                | 81 +++++++++++++++++++++
 machines/kat-www/disks.nix                  | 36 +++++++++
 machines/kat-www/hardware-configuration.nix | 25 +++++++
 modules/ssh.nix                             |  5 ++
 6 files changed, 150 insertions(+), 2 deletions(-)
 create mode 100644 machines/kat-www/default.nix
 create mode 100644 machines/kat-www/disks.nix
 create mode 100644 machines/kat-www/hardware-configuration.nix

diff --git a/kat/default.nix b/kat/default.nix
index 9cc4c83..62c04fd 100644
--- a/kat/default.nix
+++ b/kat/default.nix
@@ -39,11 +39,11 @@ with lib;
     {
       kat = {
         anywhere = pkgs.writeShellApplication {
-          name = "anywhere-deploy_${name}.sh";
+          name = "anywhere-deploy_${config.networking.hostName}.sh";
           runtimeInputs = [ pkgs.nixos-anywhere ];
           # --kexec ${nodes.kat-kexec.config.system.build.kexecTarball}/${nodes.kat-kexec.config.system.kexec-installer.name}-${pkgs.stdenv.hostPlatform.system}.tar.gz
           text = ''
-            nixos-anywhere --store-paths ${config.system.build.diskoScriptNoDeps} ${config.system.build.toplevel} ${config.deployment.targetHost}
+            nixos-anywhere --no-substitute-on-destination --store-paths ${config.system.build.diskoScriptNoDeps} ${config.system.build.toplevel} ${config.deployment.targetHost}
           '';
         };
       };
diff --git a/machines/kat-manah/default.nix b/machines/kat-manah/default.nix
index b6d66ac..5c669db 100644
--- a/machines/kat-manah/default.nix
+++ b/machines/kat-manah/default.nix
@@ -35,6 +35,7 @@
       redirects = [
         "kat-orchid"
         "kat-son"
+        "kat-www"
         "kat-virt"
         "kat-mail-test"
       ];
diff --git a/machines/kat-www/default.nix b/machines/kat-www/default.nix
new file mode 100644
index 0000000..5288e91
--- /dev/null
+++ b/machines/kat-www/default.nix
@@ -0,0 +1,81 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+{
+  deployment = {
+    targetHost = "www.kat";
+    tags = [ "kat-vms" ];
+  };
+
+  imports = [
+    ./hardware-configuration.nix
+    ./disks.nix
+  ];
+
+  boot = {
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+    kernelParams = [ "console=ttyS0" ];
+  };
+
+  kat = {
+    fqdn = "website.katvayor.net";
+    proxies.ip = "192.168.122.7";
+  };
+
+  systemd.network.enable = lib.mkForce false;
+  networking = {
+    useNetworkd = lib.mkForce false;
+    interfaces."enp1s0" = {
+      useDHCP = false;
+      ipv4.addresses = [
+        {
+          address = "192.168.122.7";
+          prefixLength = 24;
+        }
+      ];
+      ipv6.addresses = [
+        {
+          address = "fe80::7";
+          prefixLength = 64;
+        }
+      ];
+    };
+    defaultGateway = "192.168.122.1";
+    defaultGateway6 = {
+      address = "fe80::1";
+      interface = "enp1s0";
+    };
+    nameservers = [
+      "192.168.122.1"
+      "fe80::1%enp1s0"
+    ];
+  };
+
+  networking.firewall.enable = false;
+
+  security.acme = {
+    acceptTerms = true;
+    defaults.email = "root@katvayor.net";
+  };
+  services = {
+    openssh.enable = true;
+    qemuGuest.enable = true;
+    nginx = {
+      enable = true;
+      virtualHosts = {
+        "website.katvayor.net" = {
+          enableACME = true;
+          addSSL = true;
+        };
+      };
+    };
+  };
+
+  system.stateVersion = "23.11";
+}
diff --git a/machines/kat-www/disks.nix b/machines/kat-www/disks.nix
new file mode 100644
index 0000000..16a2ee4
--- /dev/null
+++ b/machines/kat-www/disks.nix
@@ -0,0 +1,36 @@
+{
+  disko.devices = {
+    disk = {
+      vda = {
+        device = "/dev/vda";
+        type = "disk";
+        content = {
+          type = "gpt";
+          partitions = {
+            ESP = {
+              type = "EF00";
+              size = "100M";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+              };
+            };
+            root = {
+              size = "100%";
+              content = {
+                type = "filesystem";
+                format = "bcachefs";
+                mountpoint = "/";
+                mountOptions = [
+                  "fsck"
+                  "fix_errors"
+                ];
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}
diff --git a/machines/kat-www/hardware-configuration.nix b/machines/kat-www/hardware-configuration.nix
new file mode 100644
index 0000000..e8da702
--- /dev/null
+++ b/machines/kat-www/hardware-configuration.nix
@@ -0,0 +1,25 @@
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:
+
+{
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+
+  boot.initrd.availableKernelModules = [
+    "ahci"
+    "xhci_pci"
+    "virtio_pci"
+    "sr_mod"
+    "virtio_blk"
+  ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  networking.useDHCP = lib.mkDefault true;
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}
diff --git a/modules/ssh.nix b/modules/ssh.nix
index 297a79a..fe8962d 100644
--- a/modules/ssh.nix
+++ b/modules/ssh.nix
@@ -39,6 +39,11 @@
         hostname = "fe80::6%%virbr0";
         proxyJump = "manah.kat";
       };
+      "www.kat" = {
+        user = "root";
+        hostname = "fe80::7%%virbr0";
+        proxyJump = "manah.kat";
+      };
 
       "sas.ens" = {
         user = "lbailly";