init titan

2024-12-28 22:16:46 -05:00 · 2024-12-28 22:16:46 -05:00 · c24f8a0539
commit c24f8a0539
parent 0e4e2d7a8f
5 changed files with 145 additions and 0 deletions
--- a/flake.lock
+++ b/flake.lock
@ -1,5 +1,26 @@
 {
  "nodes": {
+    "disko": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1734088167,
+        "narHash": "sha256-snPBgTqwn3FPZVdFC5yt7Bnk3squim1vZOZ8CObWykk=",
+        "owner": "nix-community",
+        "repo": "disko",
+        "rev": "65a441502c9382d41ada1adbc9bd31d6c9b00fe2",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "ref": "latest",
+        "repo": "disko",
+        "type": "github"
+      }
+    },
    "home-manager": {
      "inputs": {
        "nixpkgs": [
@ -86,6 +107,7 @@
    },
    "root": {
      "inputs": {
+        "disko": "disko",
        "home-manager": "home-manager",
        "nixpkgs": "nixpkgs",
        "nixpkgs-borg": "nixpkgs-borg",
--- a/flake.nix
+++ b/flake.nix
@ -12,6 +12,11 @@
      inputs.nixpkgs.follows = "nixpkgs";
    };
    treefmt.url = "github:numtide/treefmt-nix";
+    disko = {
+      url = "github:nix-community/disko/latest";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
    nixpkgs-borg.url = "github:cything/nixpkgs/borg";
    nixpkgs-master.url = "github:nixos/nixpkgs/master";
  };
@ -22,6 +27,7 @@
      nixpkgs,
      home-manager,
      treefmt,
+      disko,
      ...
    }@inputs:
    let
@ -110,6 +116,17 @@
              inputs.sops-nix.nixosModules.sops
            ];
          };
+
+          titan = lib.nixosSystem {
+            specialArgs = { inherit inputs outputs; };
+            modules = [
+              {
+                nixpkgs = { inherit pkgs; };
+              }
+              ./hosts/titan
+              disko.nixosModules.disko
+            ];
+          };
        };

      homeConfigurations = {
--- a/hosts/titan/default.nix
+++ b/hosts/titan/default.nix
@ -0,0 +1,50 @@
+{ modulesPath, lib, pkgs, ...}:
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+    (modulesPath + "/profiles/qemu-guest.nix")
+    ../common.nix
+    ./disk-config.nix
+    ./hardware-configuration.nix
+  ];
+
+  boot = {
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+    tmp.cleanOnBoot = true;
+    kernelPackages = pkgs.linuxPackages_latest;
+  };
+
+  services.openssh = {
+    enable = true;
+    settings.PasswordAuthentication = false;
+  };
+
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPdhAQYy0+vS+QmyCd0MAbqbgzyMGcsuuFyf6kg2yKge yt@ytlinux"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINyn2+OoRN4nExti+vFQ1NHEZip0slAoCH9C5/FzvgZD yt@ytnix"
+  ];
+
+  system.stateVersion = "24.05";
+
+  environment.systemPackages = map lib.lowPrio [
+    pkgs.curl
+    pkgs.gitMinimal
+  ];
+
+  users.users.yt = {
+    isNormalUser = true;
+    extraGroups = [
+      "wheel"
+      "networkmanager"
+    ];
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPdhAQYy0+vS+QmyCd0MAbqbgzyMGcsuuFyf6kg2yKge yt@ytlinux"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINyn2+OoRN4nExti+vFQ1NHEZip0slAoCH9C5/FzvgZD yt@ytnix"
+    ];
+  };
+  security.sudo.enable = true;
+  security.sudo.wheelNeedsPassword = false;
+}
--- a/hosts/titan/disk-config.nix
+++ b/hosts/titan/disk-config.nix
@ -0,0 +1,33 @@
+{
+  disko.devices = {
+    disk = {
+      main = {
+        device = "/dev/sda";
+        type = "disk";
+        content = {
+          type = "gpt";
+          partitions = {
+            ESP = {
+              type = "EF00";
+              size = "500M";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+                mountOptions = [ "umask=0077" ];
+              };
+            };
+            root = {
+              size = "100%";
+              content = {
+                type = "filesystem";
+                format = "ext4";
+                mountpoint = "/";
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}
--- a/hosts/titan/hardware-configuration.nix
+++ b/hosts/titan/hardware-configuration.nix
@ -0,0 +1,23 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports = [ ];
+
+  boot.initrd.availableKernelModules = [ "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eth0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  virtualisation.hypervGuest.enable = true;
+}