nrabulinski/settei
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Migrated legion over. Started migrating hijiri

Browse source
This commit is contained in:
Nikodem Rabuliński 2023-09-20 09:47:17 +02:00
parent 31dd42d37d
commit f79b3d6ff7
No known key found for this signature in database
GPG key ID: FF629AA9E08138DB
40 changed files with 397 additions and 228 deletions
Download patch file Download diff file Expand all files Collapse all files

16
hosts/legion/default.nix
View file

@ -1,18 +1,17 @@
{config, ...}: let
inherit (config.assets) sshKeys;
in {
{
configurations.nixos.legion = {
config,
lib,
username,
...
}: {
imports = [
./hardware.nix
# ./disks.nix
./initrd.nix
./msmtp.nix
];
nixpkgs.system = "x86_64-linux";
nixpkgs.hostPlatform = "x86_64-linux";
specialisation = {
nas.configuration = ./nas;
@ -28,10 +27,15 @@ in {
hostName = "legion";
hostId = builtins.substring 0 8 (builtins.readFile ./machine-id);
networkmanager.enable = true;
useDHCP = true;
firewall.trustedInterfaces = ["tailscale0"];
};
systemd.services.NetworkManager-wait-online.enable = false;
powerManagement.cpuFreqGovernor = "performance";
age.secrets.niko-pass.file = ../../secrets/legion-niko-pass.age;
users.users.${username}.hashedPasswordFile = config.age.secrets.niko-pass.path;
common.hercules.enable = true;
};
}

8
hosts/legion/disks.nix
View file

@ -1,6 +1,10 @@
args: let
args:
/*
let
bootDevice = args.bootDevice or "/dev/nvme0n1";
in {
in
*/
{
assertions = [
{
assertion = false;

4
hosts/legion/hardware.nix
View file

@ -1,9 +1,11 @@
{...}: {
{config, ...}: {
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "uas"];
boot.extraModulePackages = with config.boot.kernelPackages; [acpi_call];
boot.kernelModules = ["kvm-intel" "i2c-dev" "acpi_call"];
boot.blacklistedKernelModules = ["nouveau"];
# Needed for enableAllFirmware
nixpkgs.config.allowUnfree = true;
hardware = {
enableAllFirmware = true;
cpu.intel.updateMicrocode = true;

14
hosts/legion/initrd.nix
View file

@ -1,14 +0,0 @@
{
config,
username,
...
}: {
boot.initrd = {
availableKernelModules = ["ath10k_pci" "r8169"];
network.enable = true;
network.ssh = {
enable = true;
authorizedKeys = config.users.users.${username}.openssh.authorizedKeys.keys;
};
};
}

1
hosts/legion/machine-id Normal file
View file

@ -0,0 +1 @@
524209a432724c7abaf04398cdd6eecd

34
hosts/legion/msmtp.nix Normal file
View file

@ -0,0 +1,34 @@
# TODO: Potentially make this a common module?
{
pkgs,
config,
username,
...
}: let
mail = "alert@nrab.lol";
aliases = pkgs.writeText "mail-aliases" ''
${username}: nikodem@rabulinski.com
root: ${mail}
'';
in {
age.secrets.alert-plaintext.file = ../../secrets/alert-plain-pass.age;
programs.msmtp = {
enable = true;
setSendmail = true;
defaults = {
inherit aliases;
tls = "on";
auth = "login";
tls_starttls = "off";
};
accounts = {
default = {
host = "mail.nrab.lol";
passwordeval = "cat ${config.age.secrets.alert-plaintext.path}";
user = mail;
from = mail;
};
};
};
}

9
hosts/legion/nas/default.nix
View file

@ -1,5 +1,6 @@
{
pkgs,
lib,
username,
...
}: {
@ -7,7 +8,7 @@
./media.nix
];
boot.supportedFilesystems = ["zfs"];
boot.supportedFilesystems = ["ext4" "zfs"];
boot.zfs.extraPools = ["yottapool"];
services.zfs = {
@ -15,7 +16,7 @@
zed.settings = {
ZED_DEBUG_LOG = "/tmp/zed.debug.log";
ZED_EMAIL_ADDR = [username];
ZED_EMAIL_PROG = "${pkgs.msmtp}/bin/msmtp";
ZED_EMAIL_PROG = lib.getExe pkgs.msmtp;
ZED_EMAIL_OPTS = "@ADDRESS@";
ZED_NOTIFY_INTERVAL_SECS = 3600;
@ -26,8 +27,8 @@
};
};
fileSystems."/nix-cache" = {
device = "/dev/disk/by-label/CACHE";
fileSystems."/bulk" = {
device = "/dev/disk/by-label/BULK";
fsType = "ext4";
};
}

4
hosts/legion/nas/media.nix
View file

@ -1,4 +1,4 @@
{
{username, ...}: {
services.jellyfin.enable = true;
services.radarr.enable = true;
services.sonarr.enable = true;
@ -13,6 +13,6 @@
jellyfin.extraGroups = ["radarr" "sonarr"];
radarr.extraGroups = ["deluge"];
sonarr.extraGroups = ["deluge"];
niko.extraGroups = ["deluge"];
${username}.extraGroups = ["deluge"];
};
}