orchid

2024-08-07 17:26:34 +02:00 · 2024-08-07 17:26:34 +02:00 · ddcc0baf1b
commit ddcc0baf1b
parent 8a82a8d2f4
8 changed files with 203 additions and 1 deletions
--- a/hive.nix
+++ b/hive.nix
@ -167,6 +167,21 @@ in
      ];
    };

+  kat-orchid =
+    { users, ... }:
+    {
+      deployment = {
+        targetHost = "orchid.kat";
+        tags = [ "kat-vms" ];
+      };
+      services.qemuGuest.enable = true;
+      boot.kernelParams = [ "console=ttyS0" ];
+      imports = [
+        ./machines/kat-orchid
+        (users.root { ssh = true; })
+      ];
+    };
+
  kat-iso =
    {
      users,
--- a/machines/kat-manah/default.nix
+++ b/machines/kat-manah/default.nix
@ -90,6 +90,10 @@
          vm = "192.168.122.5";
          sshport = null;
        };
+        "orchid.katvayor.net" = {
+          vm = "192.168.122.6";
+          sshport = 22042;
+        };
      };
    in
    {
--- a/machines/kat-orchid/default.nix
+++ b/machines/kat-orchid/default.nix
@ -0,0 +1,119 @@
+# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
+
+{
+  config,
+  lib,
+  pkgs,
+  mods,
+  ...
+}:
+{
+  imports = [
+    ./hardware-configuration.nix
+    ./disks.nix
+  ];
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+  boot.supportedFilesystems = [ "bcachefs" ];
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+
+  time.timeZone = "Europe/Paris";
+
+  networking = {
+    interfaces."enp1s0" = {
+      useDHCP = false;
+      ipv4.addresses = [
+        {
+          address = "192.168.122.6";
+          prefixLength = 24;
+        }
+      ];
+      ipv6.addresses = [
+        {
+          address = "fe80::6";
+          prefixLength = 64;
+        }
+      ];
+    };
+    defaultGateway = "192.168.122.1";
+    defaultGateway6 = {
+      address = "fe80::1";
+      interface = "enp1s0";
+    };
+    nameservers = [
+      "192.168.122.1"
+      "fe80::1%enp1s0"
+    ];
+  };
+
+  i18n.defaultLocale = "en_US.UTF-8";
+  console = {
+    font = "Lat2-Terminus16";
+    keyMap = "fr";
+  };
+
+  services.dbus.packages = with pkgs; [ dconf ];
+
+  nixpkgs.config.allowUnfree = true;
+
+  programs.zsh.enable = true;
+
+  environment.systemPackages = with pkgs; [
+    wget
+    nix-search-cli
+    git
+    btop
+    ranger
+    screen
+    tree
+  ];
+
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+  };
+
+  services.openssh.enable = true;
+
+  networking.firewall.enable = false;
+
+  security.acme = {
+    acceptTerms = true;
+    defaults.email = "root@katvayor.net";
+  };
+  services.nginx = {
+    enable = true;
+    virtualHosts = {
+      "orchid.katvayor.net" = {
+        enableACME = true;
+        forceSSL = true;
+        locations."/static/" = {
+          alias = "/srv/orchid/";
+        };
+      };
+    };
+  };
+  services.wordpress = {
+    webserver = "nginx";
+    sites."orchid.katvayor.net" = { };
+  };
+  fileSystems."/home/orchid/content/www" = {
+    device = "/srv/orchid";
+    options = [ "bind" ];
+  };
+
+  users.users.orchid = {
+    isNormalUser = true;
+    shell = pkgs.zsh;
+  };
+  home-manager.users.orchid = {
+    home.stateVersion = "23.11";
+    imports = with mods.home; [
+      neovim
+      zsh
+    ];
+  };
+
+  system.stateVersion = "23.11";
+}
--- a/machines/kat-orchid/disks.nix
+++ b/machines/kat-orchid/disks.nix
@ -0,0 +1,33 @@
+{
+  disko.devices = {
+    disk = {
+      vda = {
+        device = "/dev/vda";
+        type = "disk";
+        content = {
+          type = "gpt";
+          partitions = {
+            ESP = {
+              type = "EF00";
+              size = "100M";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+              };
+            };
+            root = {
+              size = "100%";
+              content = {
+                type = "filesystem";
+                format = "bcachefs";
+                mountpoint = "/";
+                mountOptions = [ "fsck" "fix_errors" ];
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}
--- a/machines/kat-orchid/hardware-configuration.nix
+++ b/machines/kat-orchid/hardware-configuration.nix
@ -0,0 +1,25 @@
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:
+
+{
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+
+  boot.initrd.availableKernelModules = [
+    "ahci"
+    "xhci_pci"
+    "virtio_pci"
+    "sr_mod"
+    "virtio_blk"
+  ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  networking.useDHCP = lib.mkDefault true;
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}
--- a/machines/kat-probook/default.nix
+++ b/machines/kat-probook/default.nix
@ -89,7 +89,7 @@
  programs.steam.enable = true;

  # boot.kernelModules = [ "kvm-intel" "kvm-amd" ];
-  # programs.virt-manager.enable = true;
+  programs.virt-manager.enable = true;
  # virtualisation.libvirtd.enable = true;

  system.stateVersion = "23.11";
--- a/machines/kat-watcher/default.nix
+++ b/machines/kat-watcher/default.nix
@ -70,6 +70,7 @@
        "catvayor.sh" = null;
        "test.traque.katvayor.net" = null;
        "son.katvayor.net" = null;
+        "orchid.katvayor.net" = 22042;
      };
    in
    {
--- a/modules/ssh.nix
+++ b/modules/ssh.nix
@ -42,6 +42,11 @@
        hostname = "fe80::5%%virbr0";
        proxyJump = "manah.kat";
      };
+      "orchid.kat" = {
+        user = "root";
+        hostname = "fe80::6%%virbr0";
+        proxyJump = "manah.kat";
+      };

      "sas.ens" = {
        user = "lbailly";