hosts: himeji

4 files changed, 148 insertions, 11 deletions

diff --git a/hosts/default.nix b/hosts/default.nix
index 17f5494..9e9b043 100644
--- a/hosts/default.nix
+++ b/hosts/default.nix
@@ -9,18 +9,28 @@ let
   secrets = import ../lib/secrets.nix { inherit self; };
 in
 {
-  flake.nixosConfigurations.kansai = lib.nixosSystem {
-    specialArgs = {
-      inherit inputs outputs secrets;
+  flake.nixosConfigurations = with lib; {
+    kansai = nixosSystem {
+      specialArgs = {
+        inherit inputs outputs secrets;
+      };
+
+      modules = with inputs; [
+        home-manager.nixosModule
+        pia.nixosModule
+        nix-index-database.nixosModules.nix-index
+        nur.nixosModules.nur
+        chaotic.nixosModules.default
+        ./kansai
+      ];
     };
 
-    modules = [
-      inputs.home-manager.nixosModule
-      inputs.pia.nixosModule
-      inputs.nix-index-database.nixosModules.nix-index
-      inputs.nur.nixosModules.nur
-      inputs.chaotic.nixosModules.default
-      ./kansai
-    ];
+    himeji = nixosSystem {
+      specialArgs = {
+        inherit secrets;
+      };
+
+      modules = [ ./himeji ];
+    };
   };
 }
diff --git a/hosts/himeji/default.nix b/hosts/himeji/default.nix
new file mode 100644
index 0000000..7d3f5a1
--- /dev/null
+++ b/hosts/himeji/default.nix
@@ -0,0 +1,26 @@
+{ secrets, ... }:
+{
+  imports = [
+    ./hardware-configuration.nix
+    ./networking.nix
+    ../../modules/networking/vpn/tailscale.nix
+  ];
+
+  boot.tmp.cleanOnBoot = true;
+  zramSwap.enable = true;
+  services.openssh.enable = true;
+  system.stateVersion = "24.05";
+
+  networking = {
+    hostName = "himeji";
+    domain = "";
+  };
+
+  users.users.root = {
+    initialHashedPassword = secrets.initial_hashed_password;
+
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBm/ydlGJiKWMxH6v9SFN3vo/ZkX6eQ+uCmH32gnCkUW"
+    ];
+  };
+}
diff --git a/hosts/himeji/hardware-configuration.nix b/hosts/himeji/hardware-configuration.nix
new file mode 100644
index 0000000..3fca545
--- /dev/null
+++ b/hosts/himeji/hardware-configuration.nix
@@ -0,0 +1,46 @@
+{ modulesPath, lib, ... }:
+{
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+  nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
+
+  boot = {
+    kernelParams = [ "console=tty" ];
+
+    loader.grub = {
+      efiSupport = true;
+      efiInstallAsRemovable = true;
+      device = "nodev";
+    };
+
+    initrd = {
+      availableKernelModules = [
+        "ata_piix"
+        "uhci_hcd"
+        "xen_blkfront"
+        "ahci"
+        "xhci_pci"
+        "virtio_pci"
+        "virtio_scsi"
+        "sd_mod"
+        "sr_mod"
+      ];
+
+      kernelModules = [
+        "nvme"
+        "virtio_gpu"
+      ];
+    };
+  };
+
+  fileSystems = {
+    "/boot" = {
+      device = "/dev/disk/by-uuid/82F0-EC7D";
+      fsType = "vfat";
+    };
+
+    "/" = {
+      device = "/dev/sda1";
+      fsType = "ext4";
+    };
+  };
+}
diff --git a/hosts/himeji/networking.nix b/hosts/himeji/networking.nix
new file mode 100644
index 0000000..75bbae1
--- /dev/null
+++ b/hosts/himeji/networking.nix
@@ -0,0 +1,55 @@
+{ lib, ... }:
+{
+  networking = {
+    nameservers = [ "8.8.8.8" ];
+
+    defaultGateway = "172.31.1.1";
+    dhcpcd.enable = false;
+    usePredictableInterfaceNames = lib.mkForce false;
+
+    defaultGateway6 = {
+      address = "fe80::1";
+      interface = "eth0";
+    };
+
+    interfaces = {
+      eth0 = {
+        ipv4.addresses = [
+          {
+            address = "95.217.11.228";
+            prefixLength = 32;
+          }
+        ];
+
+        ipv6.addresses = [
+          {
+            address = "2a01:4f9:c010:c768::1";
+            prefixLength = 64;
+          }
+          {
+            address = "fe80::9400:3ff:feb6:f8a8";
+            prefixLength = 64;
+          }
+        ];
+
+        ipv4.routes = [
+          {
+            address = "172.31.1.1";
+            prefixLength = 32;
+          }
+        ];
+
+        ipv6.routes = [
+          {
+            address = "fe80::1";
+            prefixLength = 128;
+          }
+        ];
+      };
+    };
+  };
+
+  services.udev.extraRules = ''
+    ATTR{address}=="96:00:03:b6:f8:a8", NAME="eth0"
+  '';
+}