diff --git a/nixos-anywhere/configuration-vm.nix b/nixos-anywhere/configuration-vm.nix deleted file mode 100644 index 6d3f868..0000000 --- a/nixos-anywhere/configuration-vm.nix +++ /dev/null @@ -1,46 +0,0 @@ -{ modulesPath, config, lib, pkgs, ... }: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - (modulesPath + "/profiles/qemu-guest.nix") - ./disk-config-vm.nix - ]; - boot = { - kernelPackages = pkgs.linuxPackages_latest; - kernelParams = [ "consoleblank=60" ]; - loader = { - timeout = 10; - /* systemd-boot = { - enable = true; - }; - */ - grub = { - device = "nodev"; - efiSupport = true; - efiInstallAsRemovable = true; - forceInstall = true; - }; - efi = { - #canTouchEfiVariables = true; - efiSysMountPoint = "/boot"; - }; - }; - plymouth = { - enable = true; - theme = "breeze"; - }; - kernel = { sysctl = { "vm.swappiness" = 10; }; }; - }; - services.openssh.enable = true; - - environment.systemPackages = - map lib.lowPrio [ pkgs.curl pkgs.git pkgs.git-crypt ]; - - users.users.root = { - initialPassword = "changeme"; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINd8AdVbQQ/Fmw+b9mI8EMYqIoRkwmSwAOtmlte3incL don@loki" - ]; - }; - - system.stateVersion = "24.11"; -} diff --git a/nixos-anywhere/configuration-vps.nix b/nixos-anywhere/configuration-vps.nix deleted file mode 100644 index 5e421cf..0000000 --- a/nixos-anywhere/configuration-vps.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ modulesPath, config, lib, pkgs, ... }: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - (modulesPath + "/profiles/qemu-guest.nix") - ./disk-config-vps.nix - ]; - boot = { - kernelPackages = pkgs.linuxPackages_latest; - kernelParams = [ "consoleblank=60" ]; - loader = { - timeout = 10; - /* systemd-boot = { - enable = true; - }; - */ - grub = { - device = "nodev"; - efiSupport = true; - efiInstallAsRemovable = true; - forceInstall = true; - }; - efi = { - #canTouchEfiVariables = true; - efiSysMountPoint = "/boot"; - }; - }; - plymouth = { - enable = true; - theme = "breeze"; - }; - kernel = { sysctl = { "vm.swappiness" = 10; }; }; - }; - - # Enable networking - networking.networkmanager.enable = true; - networking.enableIPv6 = true; - networking.useDHCP = false; - services.openssh.enable = true; - - # Set your time zone. - time = { - timeZone = "America/Chicago"; - hardwareClockInLocalTime = false; - }; - - environment.systemPackages = - map lib.lowPrio [ pkgs.curl pkgs.git pkgs.git-crypt ]; - - users.users.root = { - initialPassword = "changeme"; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINd8AdVbQQ/Fmw+b9mI8EMYqIoRkwmSwAOtmlte3incL don@loki" - ]; - }; - - system.stateVersion = "24.11"; -} diff --git a/nixos-anywhere/configuration.nix b/nixos-anywhere/configuration.nix index 1113c85..1c85d15 100644 --- a/nixos-anywhere/configuration.nix +++ b/nixos-anywhere/configuration.nix @@ -1,57 +1,47 @@ -{ modulesPath, config, lib, pkgs, ... }: { +{ + modulesPath, + lib, + pkgs, + ... +} @ args: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/profiles/qemu-guest.nix") ./disk-config.nix ]; - disko.devices.disk.main.device = "/dev/sda"; - boot = { - kernelPackages = pkgs.linuxPackages_zen; - kernelParams = [ "consoleblank=60" ]; - # extraModulePackages = [config.boot.kernelPackages.ddcci-driver]; - # kernelModules = ["i2c-dev" "ddcci_backlight"]; - loader = if (pkgs.hostPlatform != lib.mkDefault "aarch64-linux") then { - systemd-boot = { enable = true; }; - efi = { - canTouchEfiVariables = true; - efiSysMountPoint = "/boot"; - }; - } else { - grub.enable = false; - generic-extlinux-compatible.enable = true; - }; - plymouth = { - enable = true; - theme = "breeze"; - }; - kernel = { sysctl = { "vm.swappiness" = 10; }; }; + boot.kernelParams = ["consoleblank=60"]; + boot.plymouth = { + enable = true; + theme = "breeze"; + }; + boot.loader.grub = { + efiSupport = true; + efiInstallAsRemovable = true; }; - - # Enable networking - networking.networkmanager.enable = true; - networking.enableIPv6 = true; - networking.useDHCP = false; services.openssh.enable = true; - # Set your time zone. time = { timeZone = "America/Chicago"; hardwareClockInLocalTime = false; }; - environment.systemPackages = - map lib.lowPrio [ pkgs.curl pkgs.git pkgs.git-crypt ]; + environment.systemPackages = map lib.lowPrio [ + pkgs.curl + pkgs.git + pkgs.git-crypt + pkgs.sops + pkgs.age + ]; - users.users.root = { - initialPassword = "changeme"; - openssh.authorizedKeys.keys = [ + users.users.root.openssh.authorizedKeys.keys = + [ "ssh-dss AAAAB3NzaC1kc3MAAACBAL/6Wxt6Rr9agFaw41WYMU6IoF3X1bpdrFSUJg+CgaIXEnHFZJgNhcGfoGMp9H1ikOy/yN5GDqsEuiDYlWu3Dild0Q8k1cDMiL4m/xUwLDgFByPBYZ2FlAikogFXm5cMLneD7jP82FZKa8YpTzmk78iGNCcCYdrZL+AWgfrKZJ0DAAAAFQC//npxf4/Pq/lKBZED/RLyYKm0qwAAAIEAr5q/6h03QE7cxE71VbpQlEQkDSBmOOxrvoDCKPAT4H9gZGW8PAuJ2MWl3VF1qWcq2BBLzJsPkbVC0BsjyohV2EJsQuf/EUixb6gldUSWL5wOlGBW1pzlMiJ+cTPYqXDS0bcwkrMWtBbUxKZt0dl+LV6q6FpT8QWvqY6dGkAccKwAAACAKDKIyHf7as7R0F0uwd++PW40+pesv48NQIOZOi7KpBeSyHvXFKFEv/thr1QWJaaLAm4PMRBoNq6tC11oRez5p5nSDmJO3HnZirALnmnBWZYPDkKGSONMF4jC0nAmQl3r0u3OwiwJO9MJjTOjy6G7U1j3T0Z3bOdPG1WUHiWAkYE= don@harper" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINd8AdVbQQ/Fmw+b9mI8EMYqIoRkwmSwAOtmlte3incL don@loki" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAB/Rdi63nQcI3GTKxYniXoWibv08D/qoMUewHwqZb4VvSh2RWBVepjWBoehpqrDxr5oGLUP/tBv65KOACP7sRBJ8Bf8wiJTNxFOrJi9qYPta719hP1PVjZZ+PklgZcblO0kaPUVEwhVPvW89uNsL8u2niLQ+m5wt6SMp1LVjXLp4dvpzTj7nbVNkEa8Y55os3S+JuNjDlKT135+LRcn7yF1GUZJ2A6nAKJ+S7NPlJPaWfEUBISic5msn2ZPPyoOQvYZyfIwysdON2a6wBv8SFrHFT3CA+gkwJITcpVk+FB1Cnb476swYYbLSOzHmJmo/LG8Jpw6aZDbvYvocJn6qS8r6iFVHKfvyI9/EsHoEKYndJ4yJWfYijMTX3sm24/fxAVeo9/JHQFQf1JbYPm5QFDWZsSOYCYrQfkBr3NRFNxHT7BnbpD5SH73fiXWr3kWHJchl65kCl6Bp4w5JB4T0fef7V4YhJMh/gs0E1LuRmLP9hgNUCLg/v/1T0DRVaTuSNIJCgS96gWfwYeT8q09035P3G+Xa+Ppa7HS8GTSHQiv4BVMcBphcwexsE50WM9a0sYqLcseua5E68nVwU0s7DY6h/UmgcL3y/4mFCMkGeMffXPfjkz22l7GUOst4PhQkjFFqKt9goqWdw79pXG2HvvY4j4p/92E+NGLTbQCYuj duck@duckland.org 2020-21" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyDBNnaE5SWxVm0Sfum6n+q8Y8+AixsMV3qZNTbMITpAH9M4xvmVmtRLi9en+Nl6HDZG60yB/2woE5IdqmoYVF1Dtdl+E0UNepSlWdfkoqoxzt3xszzEL+aEmmC+nDUWGkE7YpHDX9KI49gJ8LNdQbc9LxLzZ0S93cTJH3D8GKD5ztE2523SAnO7hf3pU5wlSTDRXvyAEii/9MS1NARRXMWWLRRWxiECXGJs3KQm/QdN/M6mpz3KwpbNvUwJTs9G4sYLecL0LHepox3c8c7BAxjcxKgycnzWnFwfPLW/VwQ/n5N/AYaaN0oY31uFBg5dpTOJudxMWujewrtCnAYtYpU1R8b0FU18n677xF+Efsbgq+27A/nveMctg+3/TSVJbKsHyi18UMPc6V8ZmGkMJ7jcYU3F/VpzIrRoWpeMd9OgSQDi/q/DdblGf9PcdHll6mudeDkFWt95PIgLWoUFlWmfe7X+7BGHvtllIw2fUIpiAeKBG8NK1e25oKk4sKs9k= don@loki" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDC8G4NyTDMaIpzZLfBdsBLyL0DRB1BblrbXu2U6VENMslKe6BuJZ0JJgdpcaLTdNLjDklRuTGhbezf9CoCZffIszPXU6uHPSEmb/3y/J3wN4tJKlK2rgENMFMjy8VxOES17b+OcfluliWtxrkHylvnO0UJSFq9gfPXbgMZMhnemTnvMCICmmTd5OeJ+dOhlFW3b7QoaE5Eb98Z/2+DarSBCi0V4ESdufnpVa3NofCerZ56TumN9Lsl2X1qZKHearjRQ3XDObPJ6yaaoQ8pmJs2Tm1FVZJ8UMZL8/I5RtlWK1s/+fgwGIasGWvqKBLTZte5IY95/9FtCcloHYpTRmQnfoIly9ShetA6wsierhMu36G/GmD4813neo62Qh0wZq87/CwNjBW8A6E+J8R+oXBsdjaVT4SNqJZgpuuRit9Jp75Mb3Vmh/wnuD+AtLH7Kmu2kYA+xMvNYvLGEeObb6+HiUheCJhGxW+YRBh9COuxp6+77sitIZovROMimkdJimZ/grWCPSfz0PYbNfuWmu6udmAQOarZ7lhX2b0y/T3I+LP3yoxfAwTFyjjyxJuPRF2grDDEug9pG3EnJLUDAuXh5hSrf1TVg12KQ346+/gllJyQ92HW+0KW/jQV5PsGy6O4ySYSRRaSBkAzjxfDzByzSYDyqhAaINyVwRfKWscIxw== don@dragon" - ]; - }; + ] + ++ (args.extraPublicKeys or []); # this is used for unit-testing this module and can be removed if not needed - system.stateVersion = "24.11"; + system.stateVersion = "25.11"; } diff --git a/nixos-anywhere/disk-config-t2.nix b/nixos-anywhere/disk-config-t2.nix deleted file mode 100644 index 8bfc4b0..0000000 --- a/nixos-anywhere/disk-config-t2.nix +++ /dev/null @@ -1,53 +0,0 @@ -# Example to create a bios compatible gpt partition -{ lib, ... }: { - disko.devices = { - disk.disk1 = { - device = lib.mkDefault "/dev/mmcblk0"; - type = "disk"; - content = { - type = "gpt"; - partitions = { - boot = { - name = "boot"; - size = "1M"; - type = "EF02"; - }; - esp = { - name = "ESP"; - size = "500M"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - }; - }; - root = { - name = "root"; - size = "100%"; - content = { - type = "lvm_pv"; - vg = "pool"; - }; - }; - }; - }; - }; - lvm_vg = { - pool = { - type = "lvm_vg"; - lvs = { - root = { - size = "100%FREE"; - content = { - type = "filesystem"; - format = "ext4"; - mountpoint = "/"; - mountOptions = [ "defaults" ]; - }; - }; - }; - }; - }; - }; -} diff --git a/nixos-anywhere/disk-config-vm.nix b/nixos-anywhere/disk-config-vm.nix deleted file mode 100644 index c6301b3..0000000 --- a/nixos-anywhere/disk-config-vm.nix +++ /dev/null @@ -1,53 +0,0 @@ -# Example to create a bios compatible gpt partition -{ lib, ... }: { - disko.devices = { - disk.disk1 = { - device = lib.mkDefault "/dev/vda"; - type = "disk"; - content = { - type = "gpt"; - partitions = { - boot = { - name = "boot"; - size = "1M"; - type = "EF02"; - }; - esp = { - name = "ESP"; - size = "500M"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - }; - }; - root = { - name = "root"; - size = "100%"; - content = { - type = "lvm_pv"; - vg = "pool"; - }; - }; - }; - }; - }; - lvm_vg = { - pool = { - type = "lvm_vg"; - lvs = { - root = { - size = "100%FREE"; - content = { - type = "filesystem"; - format = "ext4"; - mountpoint = "/"; - mountOptions = [ "defaults" ]; - }; - }; - }; - }; - }; - }; -} diff --git a/nixos-anywhere/disk-config-vps.nix b/nixos-anywhere/disk-config-vps.nix deleted file mode 100644 index d50a504..0000000 --- a/nixos-anywhere/disk-config-vps.nix +++ /dev/null @@ -1,53 +0,0 @@ -# Example to create a bios compatible gpt partition -{ lib, ... }: { - disko.devices = { - disk.disk1 = { - device = lib.mkDefault "/dev/sda"; - type = "disk"; - content = { - type = "gpt"; - partitions = { - boot = { - name = "boot"; - size = "1M"; - type = "EF02"; - }; - esp = { - name = "ESP"; - size = "500M"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - }; - }; - root = { - name = "root"; - size = "100%"; - content = { - type = "lvm_pv"; - vg = "pool"; - }; - }; - }; - }; - }; - lvm_vg = { - pool = { - type = "lvm_vg"; - lvs = { - root = { - size = "100%FREE"; - content = { - type = "filesystem"; - format = "ext4"; - mountpoint = "/"; - mountOptions = [ "defaults" ]; - }; - }; - }; - }; - }; - }; -} diff --git a/nixos-anywhere/disk-config.nix b/nixos-anywhere/disk-config.nix index 115f2cd..4212db9 100644 --- a/nixos-anywhere/disk-config.nix +++ b/nixos-anywhere/disk-config.nix @@ -2,37 +2,38 @@ # Update devices to match your hardware. # { # imports = [ ./disko-config.nix ]; -# disko.devices.disk.main.device = "/dev/sda"; +# disko.devices.disk1.main.device = "/dev/sda"; # } -{ +{lib, ...}: { disko.devices = { - disk = { - main = { - type = "disk"; - content = { - type = "gpt"; - partitions = { - boot = { - size = "1M"; - type = "EF02"; # for grub MBR + disk.disk1 = { + device = lib.mkDefault "/dev/sda"; + type = "disk"; + content = { + type = "gpt"; + partitions = { + boot = { + name = "boot"; + size = "1M"; + type = "EF02"; + }; + esp = { + name = "ESP"; + size = "500M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; }; - ESP = { - size = "1G"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - mountOptions = [ "umask=0077" ]; - }; - }; - root = { - size = "100%"; - content = { - type = "filesystem"; - format = "ext4"; - mountpoint = "/"; - }; + }; + root = { + name = "root"; + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; }; }; }; diff --git a/nixos-anywhere/flake.nix b/nixos-anywhere/flake.nix index f31fadd..2d524a9 100644 --- a/nixos-anywhere/flake.nix +++ b/nixos-anywhere/flake.nix @@ -2,27 +2,68 @@ inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; inputs.disko.url = "github:nix-community/disko"; inputs.disko.inputs.nixpkgs.follows = "nixpkgs"; + inputs.nixos-facter-modules.url = "github:numtide/nixos-facter-modules"; - outputs = { nixpkgs, disko, ... }: { - nixosConfigurations.fred = nixpkgs.lib.nixosSystem { - stdenv.hostPlatform.system = "x86_64-linux"; - modules = [ disko.nixosModules.disko ./configuration.nix ]; + outputs = + { + nixpkgs, + disko, + nixos-facter-modules, + ... + }: + { + nixosConfigurations.hetzner-cloud = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + disko.nixosModules.disko + ./configuration.nix + ]; + }; + # tested with 2GB/2CPU droplet, 1GB droplets do not have enough RAM for kexec + nixosConfigurations.digitalocean = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./digitalocean.nix + disko.nixosModules.disko + { disko.devices.disk.disk1.device = "/dev/vda"; } + ./configuration.nix + ]; + }; + nixosConfigurations.hetzner-cloud-aarch64 = nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = [ + disko.nixosModules.disko + ./configuration.nix + ]; + }; + + # Use this for all other targets + # nixos-anywhere --flake .#generic --generate-hardware-config nixos-generate-config ./hardware-configuration.nix + nixosConfigurations.generic = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + disko.nixosModules.disko + ./configuration.nix + ./hardware-configuration.nix + ]; + }; + + # Slightly experimental: Like generic, but with nixos-facter (https://github.com/numtide/nixos-facter) + # nixos-anywhere --flake .#generic-nixos-facter --generate-hardware-config nixos-facter facter.json + nixosConfigurations.generic-nixos-facter = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + disko.nixosModules.disko + ./configuration.nix + nixos-facter-modules.nixosModules.facter + { + config.facter.reportPath = + if builtins.pathExists ./facter.json then + ./facter.json + else + throw "Have you forgotten to run nixos-anywhere with `--generate-hardware-config nixos-facter ./facter.json`?"; + } + ]; + }; }; - nixosConfigurations.book = nixpkgs.lib.nixosSystem { - stdenv.hostPlatform.system = "x86_64-linux"; - modules = [ disko.nixosModules.disko ./configuration.nix ]; - }; - nixosConfigurations.t2 = nixpkgs.lib.nixosSystem { - stdenv.hostPlatform.system = "aarch64-linux"; - modules = [ disko.nixosModules.disko ./configuration.nix ]; - }; - nixosConfigurations.vm = nixpkgs.lib.nixosSystem { - stdenv.hostPlatform.system = "x86_64-linux"; - modules = [ disko.nixosModules.disko ./configuration-vm.nix ]; - }; - nixosConfigurations.w2 = nixpkgs.lib.nixosSystem { - stdenv.hostPlatform.system = "x86_64-linux"; - modules = [ disko.nixosModules.disko ./configuration-vps.nix ]; - }; - }; }