chore: moved all config out of hive.nix and full nixfmt

2024-10-27 10:47:35 +01:00 · 2024-10-27 10:47:35 +01:00 · 7f5761a250
commit 7f5761a250
parent bc23fda1c2
18 changed files with 366 additions and 352 deletions
--- a/machines/kat-orchid/default.nix
+++ b/machines/kat-orchid/default.nix
@ -9,33 +9,47 @@
  ...
 }:
 {
+  deployment = {
+    targetHost = "orchid.kat";
+    tags = [ "kat-vms" ];
+  };
  imports = [
    ./hardware-configuration.nix
    ./disks.nix
  ];

-  boot.loader = {
-    systemd-boot.enable = true;
-    efi.canTouchEfiVariables = true;
+  boot = {
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+    kernelParams = [ "console=ttyS0" ];
  };

-  kat.proxies = {
-    ip = "192.168.122.6";
-    aliases = [
-      "simply-wise.fr"
-      "www.simply-wise.fr"
-    ];
-    open-tcp = [
-      {
-        internal = 22;
-        external = 22042;
-      }
-    ];
+  kat = {
+    fqdn = "orchid.katvayor.net";
+    proxies = {
+      ip = "192.168.122.6";
+      aliases = [
+        "simply-wise.fr"
+        "www.simply-wise.fr"
+      ];
+      open-tcp = [
+        {
+          internal = 22;
+          external = 22042;
+        }
+      ];
+    };
  };

  systemd.network.enable = lib.mkForce false;
  networking = {
    useNetworkd = lib.mkForce false;
+    firewall.allowedTCPPorts = [
+      80
+      443
+    ];
    interfaces."enp1s0" = {
      useDHCP = false;
      ipv4.addresses = [
@ -64,13 +78,6 @@

  nixpkgs.config.allowUnfree = true;

-  services.openssh.enable = true;
-
-  networking.firewall.allowedTCPPorts = [
-    80
-    443
-  ];
-
  security.acme = {
    acceptTerms = true;
    defaults.email = "root@katvayor.net";
@ -79,33 +86,37 @@
      "www.simply-wise.fr"
    ];
  };
-  services.nginx = {
-    enable = true;
-    virtualHosts = {
-      "orchid.katvayor.net" = {
-        enableACME = true;
-        forceSSL = true;
-        locations = {
-          "/static/".alias = "/srv/orchid/";
-          "/" = {
-            recommendedProxySettings = true;
-            proxyPass = "https://192.168.123.2/";
+  services = {
+    openssh.enable = true;
+    qemuGuest.enable = true;
+    nginx = {
+      enable = true;
+      virtualHosts = {
+        "orchid.katvayor.net" = {
+          enableACME = true;
+          forceSSL = true;
+          locations = {
+            "/static/".alias = "/srv/orchid/";
+            "/" = {
+              recommendedProxySettings = true;
+              proxyPass = "https://192.168.123.2/";
+            };
          };
        };
-      };
-      "simply-wise.fr" = {
-        useACMEHost = "orchid.katvayor.net";
-        forceSSL = true;
-        serverAliases = [ "www.simply-wise.fr" ];
-        locations."/" = {
-          root = pkgs.runCommand "building" { } ''
-            mkdir -p $out
-            ln -nsf ${./building.html} $out/building.html
-          '';
-          extraConfig = ''
-            internal;
-            error_page 404 =503 /building.html;
-          '';
+        "simply-wise.fr" = {
+          useACMEHost = "orchid.katvayor.net";
+          forceSSL = true;
+          serverAliases = [ "www.simply-wise.fr" ];
+          locations."/" = {
+            root = pkgs.runCommand "building" { } ''
+              mkdir -p $out
+              ln -nsf ${./building.html} $out/building.html
+            '';
+            extraConfig = ''
+              internal;
+              error_page 404 =503 /building.html;
+            '';
+          };
        };
      };
    };
--- a/machines/kat-orchid/disks.nix
+++ b/machines/kat-orchid/disks.nix
@ -22,7 +22,10 @@
                type = "filesystem";
                format = "bcachefs";
                mountpoint = "/";
-                mountOptions = [ "fsck" "fix_errors" ];
+                mountOptions = [
+                  "fsck"
+                  "fix_errors"
+                ];
              };
            };
          };