From e0240e64ee1d1f6f08f94b38bc8a5202286c4861 Mon Sep 17 00:00:00 2001 From: punkfairie Date: Tue, 25 Feb 2025 20:12:54 -0800 Subject: [PATCH] feat(nixos): Add marleynet config --- modules/nixos/base/networking/default.nix | 11 ++++- modules/nixos/bundles/server/default.nix | 1 + modules/nixos/services/ddclient/default.nix | 17 ++++++++ modules/nixos/services/prometheus/default.nix | 22 ++++++++++ overlays/ddclient/default.nix | 10 +++++ systems/x86_64-linux/marleynet/default.nix | 17 ++++++++ .../marleynet/hardware-configuration.nix | 41 +++++++++++++++++++ 7 files changed, 117 insertions(+), 2 deletions(-) create mode 100644 modules/nixos/services/ddclient/default.nix create mode 100644 modules/nixos/services/prometheus/default.nix create mode 100644 overlays/ddclient/default.nix create mode 100644 systems/x86_64-linux/marleynet/default.nix create mode 100644 systems/x86_64-linux/marleynet/hardware-configuration.nix diff --git a/modules/nixos/base/networking/default.nix b/modules/nixos/base/networking/default.nix index 1b3f722..5c87ecc 100644 --- a/modules/nixos/base/networking/default.nix +++ b/modules/nixos/base/networking/default.nix @@ -3,7 +3,14 @@ config, ... }: { - networking.networkmanager.enable = true; + networking = { + networkmanager.enable = true; - networking.wireless.enable = lib.mkIf config.marleyos.isServer false; + firewall = { + enable = true; + allowedTCPPorts = [80 443]; + }; + + wireless.enable = lib.mkIf config.marleyos.isServer false; + }; } diff --git a/modules/nixos/bundles/server/default.nix b/modules/nixos/bundles/server/default.nix index d3a6581..5dda8e2 100644 --- a/modules/nixos/bundles/server/default.nix +++ b/modules/nixos/bundles/server/default.nix @@ -22,6 +22,7 @@ in { }; services = { + ddclient = enabled; docker = enabled; openssh = enabled; }; diff --git a/modules/nixos/services/ddclient/default.nix b/modules/nixos/services/ddclient/default.nix new file mode 100644 index 0000000..a2a2266 --- /dev/null +++ b/modules/nixos/services/ddclient/default.nix @@ -0,0 +1,17 @@ +{ + lib, + config, + ... +}: let + cfg = config.marleyos.services.ddclient; +in { + options.marleyos.services.ddclient.enable = lib.mkEnableOption "ddclient"; + + config = lib.mkIf cfg.enable { + services.ddclient = { + enable = true; + + configFile = /home/marley/ddclient.conf; + }; + }; +} diff --git a/modules/nixos/services/prometheus/default.nix b/modules/nixos/services/prometheus/default.nix new file mode 100644 index 0000000..4484583 --- /dev/null +++ b/modules/nixos/services/prometheus/default.nix @@ -0,0 +1,22 @@ +{ + lib, + config, + ... +}: let + cfg = config.marleyos.services.prometheus; +in { + options.marleyos.services.prometheus.enable = lib.mkEnableOption "prometheus"; + + config = lib.mkIf cfg.enable { + services.prometheus = { + exporters = { + node = { + enable = true; + port = 9002; + openFirewall = true; + enabledCollectors = ["systemd"]; + }; + }; + }; + }; +} diff --git a/overlays/ddclient/default.nix b/overlays/ddclient/default.nix new file mode 100644 index 0000000..502d2f7 --- /dev/null +++ b/overlays/ddclient/default.nix @@ -0,0 +1,10 @@ +_: final: prev: { + ddclient = prev.polybar.overrideAttrs { + src = final.fetchFromGitHub { + owner = "ddclient"; + repo = "ddclient"; + rev = "1c0ba9a1260111f2eb75e76718d218ae2ee0b29f"; + sha256 = "sha256-O9beXB1pcub2WzdvujpqRYTrZqOSwI8zy9CvWcLpb4o="; + }; + }; +} diff --git a/systems/x86_64-linux/marleynet/default.nix b/systems/x86_64-linux/marleynet/default.nix new file mode 100644 index 0000000..94c8c4d --- /dev/null +++ b/systems/x86_64-linux/marleynet/default.nix @@ -0,0 +1,17 @@ +{lib, ...}: let + inherit (lib.marleyos) enabled; +in { + imports = [./hardware-configuration.nix]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostName = "marleynet"; + + users.users.marley.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDcKsDGK8C5W6eRsJQSdAOTFVZnkKRWjnyn4iDR8zMi7 marley@nyx" + + # iphone + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+hMOzQBPmi6Rjw7fYvwn43w1Dgk+GEooGPnQz2RTcK Generated By Termius" + ]; +} diff --git a/systems/x86_64-linux/marleynet/hardware-configuration.nix b/systems/x86_64-linux/marleynet/hardware-configuration.nix new file mode 100644 index 0000000..b7a42f4 --- /dev/null +++ b/systems/x86_64-linux/marleynet/hardware-configuration.nix @@ -0,0 +1,41 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "ehci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/3f183af5-7f86-4afa-9dd3-bd3638bbe0ff"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/71E4-867F"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/42dd4dc9-6dfc-4c45-9e17-8b9049eb3037"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp3s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +}