karaolidis/nix
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add jupiter base

Browse Source 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
This commit is contained in:
Nick Karaolidis
2025-02-23 23:50:06 +00:00
parent 709ed4b9ac
commit d90ad86c16
17 changed files with 383 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
hosts/jupiter/README.md Normal file
View File

@@ -0,0 +1,26 @@
# jupiter
## Post-Install Checklist
## RAID Management
Remember to update [format.nix](format.nix).
### Adding a new drive
```
parted /dev/sdd -- mklabel gpt
parted /dev/sdd -- mkpart primary 0% 100%
cryptsetup luksFormat /dev/sdd
cryptsetup open /dev/sdd storage2
btrfs device add /dev/mapper/storage2 /mnt/storage
btrfs balance start -dconvert=raid1 -mconvert=raid1 /mnt/storage
```
### Removing an old drive
```
sudo btrfs device remove /dev/mapper/storage1 /mnt/storage
btrfs balance start -dconvert=raid1 -mconvert=raid1 /mnt/storage
sudo cryptsetup close storage1
```

54
hosts/jupiter/default.nix Normal file
View File

@@ -0,0 +1,54 @@
{ lib, inputs, ... }:
{
imports = [
../../lib
inputs.disko.nixosModules.disko
./format.nix
./hardware
../common/configs/system/boot
../common/configs/system/btrfs
../common/configs/system/documentation
../common/configs/system/git
../common/configs/system/impermanence
../common/configs/system/neovim
../common/configs/system/networkmanager
../common/configs/system/nix
../common/configs/system/nix-cleanup
../common/configs/system/nixpkgs
../common/configs/system/ntp
../common/configs/system/podman
../common/configs/system/smartmontools
../common/configs/system/sops
../common/configs/system/sshd
../common/configs/system/sudo
../common/configs/system/system
../common/configs/system/users
../common/configs/system/zsh
./users/storm
./users/nick
];
fileSystems."/mnt/storage" = {
label = "storage";
fsType = "btrfs";
options = [
"x-initrd.mount"
"defaults"
"subvol=@"
"compress=zstd:5"
"noatime"
];
};
networking = {
hostName = "jupiter";
extraHosts = lib.strings.concatStringsSep "\n" [ "127.0.0.1 karaolidis.local" ];
};
i18n.defaultLocale = "en_US.UTF-8";
sops.defaultSopsFile = ./secrets/secrets.yaml;
}

137
hosts/jupiter/format.nix Normal file
View File

@@ -0,0 +1,137 @@
{
disko.devices = {
disk = {
main = {
# TODO: Set to correct device
device = "/dev/vda";
type = "disk";
content = {
type = "gpt";
partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
esp = {
name = "esp";
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
# TODO: Set correct swap size and enable
# swap = {
# name = "swap";
# size = "64G";
# content = {
# type = "swap";
# resumeDevice = true;
# };
# };
root = {
name = "root";
size = "100%";
content = {
name = "main";
type = "luks";
passwordFile = "/tmp/keyfile";
settings = {
allowDiscards = true;
};
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes =
let
mountOptions = [
"compress=zstd:1"
"noatime"
];
in
{
"@" = {
mountpoint = "/";
inherit mountOptions;
};
"@persist" = {
mountpoint = "/persist";
inherit mountOptions;
};
"@nix" = {
mountpoint = "/nix";
inherit mountOptions;
};
"@cache" = {
mountpoint = "/cache";
inherit mountOptions;
};
};
};
};
};
};
};
};
storage0 = {
# TODO: Set to correct device
device = "/dev/vdb";
type = "disk";
content = {
type = "gpt";
partitions = {
root = {
name = "root";
size = "100%";
content = {
name = "storage0";
type = "luks";
passwordFile = "/tmp/keyfile";
settings = {
allowDiscards = true;
};
};
};
};
};
};
storage1 = {
# TODO: Set to correct device
device = "/dev/vdc";
type = "disk";
content = {
type = "gpt";
partitions = {
root = {
name = "root";
size = "100%";
content = {
name = "storage1";
type = "luks";
passwordFile = "/tmp/keyfile";
settings = {
allowDiscards = true;
};
# storageN content must be placed on last alphabetical drive
content = {
type = "btrfs";
extraArgs = [ "-f -L storage -m raid1 -d raid1 /dev/mapper/storage0" ];
subvolumes = {
"@" = { };
};
};
};
};
};
};
};
};
};
}

18
hosts/jupiter/hardware/default.nix Normal file
View File

@@ -0,0 +1,18 @@
{ ... }:
{
# TODO Remove
hardware.enableAllHardware = true;
# TODO Update
boot.initrd.kernelModules = [
"ahci"
"xhci_pci"
"virtio_pci"
"virtio_scsi"
"virtio_blk"
"virtio_console"
"sd_mod"
];
services.fstrim.enable = true;
}

1
hosts/jupiter/secrets/ssh_host_ed25519_key.pub Normal file
View File

@@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMQoqvM5g/0e/UAH+GHsp0IegTd+Y1WZ+H5TRvypUv03 root@jupiter

62
hosts/jupiter/users/nick/default.nix Normal file
View File

@@ -0,0 +1,62 @@
{ config, lib, ... }:
let
# FIXME: https://github.com/NixOS/nixpkgs/issues/24570
# FIXME: https://github.com/NixOS/nixpkgs/issues/305643
user = "nick";
home = "/home/nick";
in
{
imports = [
../../../common/configs/user/options.nix
(import ../../../common/configs/user/console/btop { inherit user home; })
(import ../../../common/configs/user/console/dive { inherit user home; })
(import ../../../common/configs/user/console/fastfetch { inherit user home; })
(import ../../../common/configs/user/console/git { inherit user home; })
(import ../../../common/configs/user/console/home-manager { inherit user home; })
(import ../../../common/configs/user/console/ip { inherit user home; })
(import ../../../common/configs/user/console/jq { inherit user home; })
(import ../../../common/configs/user/console/lsof { inherit user home; })
(import ../../../common/configs/user/console/ncdu { inherit user home; })
(import ../../../common/configs/user/console/neovim { inherit user home; })
(import ../../../common/configs/user/console/nix { inherit user home; })
(import ../../../common/configs/user/console/nix-cleanup { inherit user home; })
(import ../../../common/configs/user/console/nix-direnv { inherit user home; })
(import ../../../common/configs/user/console/podman { inherit user home; })
(import ../../../common/configs/user/console/ranger { inherit user home; })
(import ../../../common/configs/user/console/sops { inherit user home; })
(import ../../../common/configs/user/console/tmux { inherit user home; })
(import ../../../common/configs/user/console/tree { inherit user home; })
(import ../../../common/configs/user/console/unzip { inherit user home; })
(import ../../../common/configs/user/console/wget { inherit user home; })
(import ../../../common/configs/user/console/xdg { inherit user home; })
(import ../../../common/configs/user/console/zsh { inherit user home; })
];
# echo "password" | mkpasswd -s
sops.secrets."${user}-password" = {
sopsFile = ../../../../secrets/personal/secrets.yaml;
key = "password";
neededForUsers = true;
};
users.users.${user} = {
inherit home;
isNormalUser = true;
email = "nick@karaolidis.com";
fullName = "Nikolaos Karaolidis";
description = "Nikolaos Karaolidis";
hashedPasswordFile = config.sops.secrets."${user}-password".path;
extraGroups = [ "wheel" ];
linger = true;
uid = lib.strings.toInt (builtins.readFile ./uid);
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEWDA5vnIB7KE2VG28Ovg5rXtQqxFwMXsfozLsH0BNZS nick@karaolidis.com"
];
};
home-manager.users.${user}.home = {
username = user;
homeDirectory = home;
};
}

1
hosts/jupiter/users/nick/uid Normal file
View File

@@ -0,0 +1 @@
1000

33
hosts/jupiter/users/storm/default.nix Normal file
View File

@@ -0,0 +1,33 @@
{ lib, ... }:
let
# FIXME: https://github.com/NixOS/nixpkgs/issues/24570
# FIXME: https://github.com/NixOS/nixpkgs/issues/305643
user = "storm";
home = "/home/storm";
in
{
imports = [
../../../common/configs/user/options.nix
(import ../../../common/configs/user/console/home-manager { inherit user home; })
(import ../../../common/configs/user/console/podman { inherit user home; })
(import ../../../common/configs/user/console/sops { inherit user home; })
];
users.users.${user} = {
inherit home;
createHome = true;
isSystemUser = true;
description = "Container Runner";
linger = true;
uid = lib.strings.toInt (builtins.readFile ./uid);
group = user;
};
users.groups.${user}.gid = lib.strings.toInt (builtins.readFile ./uid);
home-manager.users.${user}.home = {
username = user;
homeDirectory = home;
};
}

1
hosts/jupiter/users/storm/uid Normal file
View File

@@ -0,0 +1 @@
999