From 00d3d26ee778013b1aa95a9f7fc645975fbb3169 Mon Sep 17 00:00:00 2001 From: Fuwn Date: Wed, 6 Nov 2024 08:03:32 -0800 Subject: hosts: add hoka host and joint configuration --- .sops.yaml | 2 ++ hosts/default.nix | 1 + hosts/hoka/configuration.nix | 3 ++ hosts/hoka/default.nix | 34 +++++++++++++++++++++++ hosts/kioku/configuration.nix | 14 ++-------- hosts/kioku/default.nix | 2 ++ hosts/kioku/hardware-configuration.nix | 42 ---------------------------- hosts/shared/pi/configuration.nix | 17 ++++++++++++ hosts/shared/pi/hardware-configuration.nix | 43 +++++++++++++++++++++++++++++ modules/pi/default.nix | 15 ++++++++++ modules/pi/users.nix | 22 +++++++++++++++ modules/pi/zram.nix | 9 ++++++ modules/usb/default.nix | 11 -------- modules/usb/users.nix | 22 --------------- modules/usb/zram.nix | 9 ------ secrets/hosts.yaml | Bin 3190 -> 3760 bytes 16 files changed, 150 insertions(+), 96 deletions(-) create mode 100644 hosts/hoka/configuration.nix create mode 100644 hosts/hoka/default.nix create mode 100644 hosts/shared/pi/configuration.nix create mode 100644 hosts/shared/pi/hardware-configuration.nix create mode 100644 modules/pi/default.nix create mode 100644 modules/pi/users.nix create mode 100644 modules/pi/zram.nix delete mode 100644 modules/usb/users.nix delete mode 100644 modules/usb/zram.nix diff --git a/.sops.yaml b/.sops.yaml index 62d80d9..d766302 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -6,6 +6,7 @@ keys: - &himeji age14dpp7649l9j8yt4kmnk90pnxplq3eur9xq2t3ujsrqk5luyj8fzq45dghu - &akashi age1zw2q6fqm8zf6swcdrqxyng08ev5xg0s8m5u93q40h5ul3yu8ddwq9q6vfu - &kioku age1zjdjg900vzaeam4vlr4ah09c6g28h9yzq0zvx4zm0vnl909lfawqfn3pj9 + - &hoka age19xlhzf6guy3df2f3m4l3swn539a4cdsl5vct9tmerrfpqukmwvys5y50wn creation_rules: - path_regex: secrets/hosts.ya?ml$ @@ -15,6 +16,7 @@ creation_rules: - *himeji - *akashi - *kioku + - *hoka - path_regex: secrets/ebisu.ya?ml$ key_groups: - age: diff --git a/hosts/default.nix b/hosts/default.nix index c609a4f..e377cb4 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -46,6 +46,7 @@ [ (import ./akashi pcOptions) (import ./himeji minimalOptions) + (import ./hoka minimalOptions) (import ./kansai pcOptions) (import ./kioku minimalOptions) ]; diff --git a/hosts/hoka/configuration.nix b/hosts/hoka/configuration.nix new file mode 100644 index 0000000..ef19f59 --- /dev/null +++ b/hosts/hoka/configuration.nix @@ -0,0 +1,3 @@ +{ + networking.hostName = "hoka"; +} diff --git a/hosts/hoka/default.nix b/hosts/hoka/default.nix new file mode 100644 index 0000000..fceb188 --- /dev/null +++ b/hosts/hoka/default.nix @@ -0,0 +1,34 @@ +{ + inputs, + outputs, + secrets, + self, + kansaiPkgs, + lib, + commonModules, +}: +{ + flake.nixosConfigurations.hoka = lib.nixosSystem { + pkgs = + (kansaiPkgs + { + } + )."aarch64-linux"; + + modules = [ + inputs.raspberry-pi-nix.nixosModules.raspberry-pi + ./configuration.nix + "${self}/hosts/shared/pi/configuration.nix" + "${self}/hosts/shared/pi/hardware-configuration.nix" + ] ++ commonModules; + + specialArgs = { + inherit + inputs + outputs + secrets + self + ; + }; + }; +} diff --git a/hosts/kioku/configuration.nix b/hosts/kioku/configuration.nix index 8d3a630..50b4ebc 100644 --- a/hosts/kioku/configuration.nix +++ b/hosts/kioku/configuration.nix @@ -1,18 +1,8 @@ -{ - self, - ... -}: +{ self, ... }: { imports = [ - "${self}/modules/core" - "${self}/modules/options" "${self}/modules/usb" ]; - config = { - modules.primaryUser = "ebisu"; - networking.hostName = "kioku"; - system.stateVersion = "24.05"; - raspberry-pi-nix.kernel-version = "v6_10_12"; - }; + networking.hostName = "kioku"; } diff --git a/hosts/kioku/default.nix b/hosts/kioku/default.nix index 714f6ad..2858239 100644 --- a/hosts/kioku/default.nix +++ b/hosts/kioku/default.nix @@ -19,6 +19,8 @@ inputs.raspberry-pi-nix.nixosModules.raspberry-pi ./configuration.nix ./hardware-configuration.nix + "${self}/hosts/shared/pi/configuration.nix" + "${self}/hosts/shared/pi/hardware-configuration.nix" ] ++ commonModules; specialArgs = { diff --git a/hosts/kioku/hardware-configuration.nix b/hosts/kioku/hardware-configuration.nix index 8557493..0707797 100644 --- a/hosts/kioku/hardware-configuration.nix +++ b/hosts/kioku/hardware-configuration.nix @@ -1,21 +1,4 @@ -{ lib, secrets, ... }: { - raspberry-pi-nix.board = "bcm2711"; - - networking = { - useDHCP = lib.mkDefault true; - - wireless = - let - network = builtins.elemAt secrets.wifi 0; - in - { - enable = true; - interfaces = [ "wlan0" ]; - networks."${network.ssid}".psk = network.psk; - }; - }; - fileSystems."/mnt/usb_share" = { device = "/piusb.bin"; fsType = "exfat"; @@ -31,29 +14,4 @@ "fmask=000" ]; }; - - hardware.raspberry-pi.config.all.dt-overlays = - ( - overlays: - lib.attrsets.mapAttrs - (_name: _value: { - enable = true; - params = { }; - }) - ( - lib.listToAttrs ( - map (overlay: { - name = overlay; - value = { }; - }) overlays - ) - ) - ) - [ - "disable-bt" - "dwc2" - "usb_power" - "ramlog" - "hdmi_blanking" - ]; } diff --git a/hosts/shared/pi/configuration.nix b/hosts/shared/pi/configuration.nix new file mode 100644 index 0000000..f3b732a --- /dev/null +++ b/hosts/shared/pi/configuration.nix @@ -0,0 +1,17 @@ +{ + self, + ... +}: +{ + imports = [ + "${self}/modules/core" + "${self}/modules/options" + "${self}/modules/pi" + ]; + + config = { + modules.primaryUser = "ebisu"; + system.stateVersion = "24.05"; + raspberry-pi-nix.kernel-version = "v6_10_12"; + }; +} diff --git a/hosts/shared/pi/hardware-configuration.nix b/hosts/shared/pi/hardware-configuration.nix new file mode 100644 index 0000000..88a8483 --- /dev/null +++ b/hosts/shared/pi/hardware-configuration.nix @@ -0,0 +1,43 @@ +{ lib, secrets, ... }: +{ + raspberry-pi-nix.board = "bcm2711"; + + networking = { + useDHCP = lib.mkDefault true; + + wireless = + let + network = builtins.elemAt secrets.wifi 0; + in + { + enable = true; + interfaces = [ "wlan0" ]; + networks."${network.ssid}".psk = network.psk; + }; + }; + + hardware.raspberry-pi.config.all.dt-overlays = + ( + overlays: + lib.attrsets.mapAttrs + (_name: _value: { + enable = true; + params = { }; + }) + ( + lib.listToAttrs ( + map (overlay: { + name = overlay; + value = { }; + }) overlays + ) + ) + ) + [ + "disable-bt" + "dwc2" + "usb_power" + "ramlog" + "hdmi_blanking" + ]; +} diff --git a/modules/pi/default.nix b/modules/pi/default.nix new file mode 100644 index 0000000..410dbd9 --- /dev/null +++ b/modules/pi/default.nix @@ -0,0 +1,15 @@ +{ + lib, + secrets, + ... +}: +{ + imports = [ + ./users.nix + ./zram.nix + ]; + + time.timeZone = secrets.i18n.timezone; + services.openssh.settings.PermitRootLogin = "prohibit-password"; + networking.firewall.enable = lib.mkForce false; +} diff --git a/modules/pi/users.nix b/modules/pi/users.nix new file mode 100644 index 0000000..eb96893 --- /dev/null +++ b/modules/pi/users.nix @@ -0,0 +1,22 @@ +{ config, secrets, ... }: +{ + users = { + groups.${config.modules.primaryUser} = { }; + + users = + let + defaultOptions = { + initialHashedPassword = secrets.initial_hashed_password; + openssh.authorizedKeys.keys = [ secrets.kioku_openssh_public_key ]; + }; + in + { + root = defaultOptions; + + ${config.modules.primaryUser} = defaultOptions // { + group = config.modules.primaryUser; + isNormalUser = true; + }; + }; + }; +} diff --git a/modules/pi/zram.nix b/modules/pi/zram.nix new file mode 100644 index 0000000..d9df0a9 --- /dev/null +++ b/modules/pi/zram.nix @@ -0,0 +1,9 @@ +{ + zramSwap = { + enable = true; + priority = 100; + memoryMax = 268435456; + algorithm = "lz4"; + memoryPercent = 50; + }; +} diff --git a/modules/usb/default.nix b/modules/usb/default.nix index b255eba..fdcfae1 100644 --- a/modules/usb/default.nix +++ b/modules/usb/default.nix @@ -1,17 +1,6 @@ -{ - lib, - secrets, - ... -}: { imports = [ ./samba.nix - ./users.nix ./watchdog.nix - ./zram.nix ]; - - time.timeZone = secrets.i18n.timezone; - services.openssh.settings.PermitRootLogin = "prohibit-password"; - networking.firewall.enable = lib.mkForce false; } diff --git a/modules/usb/users.nix b/modules/usb/users.nix deleted file mode 100644 index eb96893..0000000 --- a/modules/usb/users.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, secrets, ... }: -{ - users = { - groups.${config.modules.primaryUser} = { }; - - users = - let - defaultOptions = { - initialHashedPassword = secrets.initial_hashed_password; - openssh.authorizedKeys.keys = [ secrets.kioku_openssh_public_key ]; - }; - in - { - root = defaultOptions; - - ${config.modules.primaryUser} = defaultOptions // { - group = config.modules.primaryUser; - isNormalUser = true; - }; - }; - }; -} diff --git a/modules/usb/zram.nix b/modules/usb/zram.nix deleted file mode 100644 index d9df0a9..0000000 --- a/modules/usb/zram.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ - zramSwap = { - enable = true; - priority = 100; - memoryMax = 268435456; - algorithm = "lz4"; - memoryPercent = 50; - }; -} diff --git a/secrets/hosts.yaml b/secrets/hosts.yaml index c51b2e5..c04a6af 100644 Binary files a/secrets/hosts.yaml and b/secrets/hosts.yaml differ -- cgit v1.2.3