more hcloud stuff :3

2024-04-07 13:50:21 +02:00 · 2024-04-07 13:50:21 +02:00 · 8902ed72ac
commit 8902ed72ac
parent 6546b56bfb
8 changed files with 50 additions and 50 deletions
--- a/flake.nix
+++ b/flake.nix
@ -62,6 +62,7 @@
            imports = [ ./hosts/${name} ./profiles/base ];

            networking.hostName = name;
+            networking.domain = "cherrykitten.xyz";

            home-manager.extraSpecialArgs = {
              inherit inputs outputs;
--- a/hosts/ocelot/default.nix
+++ b/hosts/ocelot/default.nix
@ -1,10 +1,39 @@
-{ ... }: {
+{ lib, ... }: {
  imports = [
-    ./hardware-configuration.nix
    ./gotosocial.nix
+    ../../profiles/hcloud
  ];
+  fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
+
+  networking = {
+    nameservers = [
+      "8.8.8.8"
+    ];
+    defaultGateway = "172.31.1.1";
+    defaultGateway6 = {
+      address = "fe80::1";
+      interface = "eth0";
+    };
+    dhcpcd.enable = false;
+    usePredictableInterfaceNames = lib.mkForce false;
+    interfaces = {
+      eth0 = {
+        ipv4.addresses = [
+          { address = "128.140.109.125"; prefixLength = 32; }
+        ];
+        ipv6.addresses = [
+          { address = "2a01:4f8:c2c:bd32::1"; prefixLength = 64; }
+          { address = "fe80::9400:3ff:fe24:677a"; prefixLength = 64; }
+        ];
+        ipv4.routes = [{ address = "172.31.1.1"; prefixLength = 32; }];
+        ipv6.routes = [{ address = "fe80::1"; prefixLength = 128; }];
+      };
+
+    };
+  };
+  services.udev.extraRules = ''
+    ATTR{address}=="96:00:03:24:67:7a", NAME="eth0"
+  '';

-  boot.tmp.cleanOnBoot = true;
-  zramSwap.enable = true;
  system.stateVersion = "23.11";
 }
--- a/hosts/ocelot/hardware-configuration.nix
+++ b/hosts/ocelot/hardware-configuration.nix
@ -1,39 +0,0 @@
-{ modulesPath, lib, ... }: {
-  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
-  boot.loader.grub.device = "/dev/sda";
-  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
-  boot.initrd.kernelModules = [ "nvme" ];
-  fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
-
-
-  networking = {
-    nameservers = [
-      "8.8.8.8"
-    ];
-    defaultGateway = "172.31.1.1";
-    defaultGateway6 = {
-      address = "fe80::1";
-      interface = "eth0";
-    };
-    dhcpcd.enable = false;
-    usePredictableInterfaceNames = lib.mkForce false;
-    interfaces = {
-      eth0 = {
-        ipv4.addresses = [
-          { address = "128.140.109.125"; prefixLength = 32; }
-        ];
-        ipv6.addresses = [
-          { address = "2a01:4f8:c2c:bd32::1"; prefixLength = 64; }
-          { address = "fe80::9400:3ff:fe24:677a"; prefixLength = 64; }
-        ];
-        ipv4.routes = [{ address = "172.31.1.1"; prefixLength = 32; }];
-        ipv6.routes = [{ address = "fe80::1"; prefixLength = 128; }];
-      };
-
-    };
-  };
-  services.udev.extraRules = ''
-    ATTR{address}=="96:00:03:24:67:7a", NAME="eth0"
-  '';
-
-}
--- a/misc/nixos-infect
+++ b/misc/nixos-infect
@ -1 +1 @@
-Subproject commit ed6a87bc3a5e5c44cff4b30e5900b436b92ad9a1
+Subproject commit 9f826561fd578f38aded0962cfcfea70155c8536
--- a/profiles/base/default.nix
+++ b/profiles/base/default.nix
@ -1,4 +1,4 @@
-{ lib, config, pkgs, inputs, ... }: {
+{ lib, pkgs, inputs, ... }: {
  imports = [
    ../../users/root
    ../../users/sammy
@ -7,7 +7,6 @@

  deployment.tags = [ pkgs.stdenv.hostPlatform.system ];
  deployment.targetUser = lib.mkDefault "sammy";
-  deployment.targetHost = lib.mkDefault config.networking.fqdnOrHostName;

  nix = {
    settings = {
--- a/profiles/hcloud/default.nix
+++ b/profiles/hcloud/default.nix
@ -0,0 +1,12 @@
+{ modulesPath, config, ... }: {
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+
+  zramSwap.enable = true;
+  boot.tmp.cleanOnBoot = true;
+  boot.loader.grub.device = "/dev/sda";
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
+  boot.initrd.kernelModules = [ "nvme" ];
+
+  deployment.targetHost = (builtins.elemAt config.networking.interfaces.eth0.ipv4.addresses 0).address;
+  deployment.tags = [ "hcloud" "hetzner" "cloud"];
+}
--- a/users/root/default.nix
+++ b/users/root/default.nix
@ -1,13 +1,12 @@
 { pkgs, lib, ... }:
 {
  deployment.keys."root_password_hash" = {
-    destDir = "/nix/persist/keys";
    keyCommand = [ "pass" "users/root/hashedPassword" ];
  };

  users.users.root = {
    shell = pkgs.fish;
-    hashedPasswordFile = lib.mkDefault "/nix/persist/keys/root_password_hash";
+    hashedPasswordFile = lib.mkDefault "/run/keys/root_password_hash";
  };

  home-manager.users.root = import ./home.nix;
--- a/users/sammy/default.nix
+++ b/users/sammy/default.nix
@ -1,7 +1,6 @@
 { pkgs, lib, ... }:
 {
  deployment.keys."sammy_password_hash" = {
-    destDir = "/nix/persist/keys";
    keyCommand = [ "pass" "users/sammy/hashedPassword" ];
  };

@ -10,7 +9,7 @@
    extraGroups = [ "networkmanager" "wheel" "docker" ];
    shell = pkgs.fish;
    openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJZyQSZw+pExsx2RXB+yxbaJGB9mtvudbQ/BP7E1yKvr openpgp:0x6068FEBB" ];
-    hashedPasswordFile = lib.mkDefault "/nix/persist/keys/sammy_password_hash";
+    hashedPasswordFile = lib.mkDefault "/run/keys/sammy_password_hash";
  };

  home-manager.users.sammy = import ./home.nix;