From 7e3457a7245589e0e40bec36a41921a185852aaf Mon Sep 17 00:00:00 2001
From: lilly <li@lly.sh>
Date: Fri, 7 Feb 2025 15:02:33 +0100
Subject: [PATCH] update test system config
---
README.md | 9 ++++++++
flake.lock | 22 ++++++++++++++++++
flake.nix | 6 +++++
modules/base_system.nix | 43 +++++++++++++++++++++++++++++++++---
packages/default.nix | 1 +
systems/default.nix | 8 +++++--
systems/installer.nix | 32 +++++++++++++++++++++++++++
systems/test.eh22.intern.nix | 39 +-------------------------------
8 files changed, 117 insertions(+), 43 deletions(-)
create mode 100644 README.md
create mode 100644 systems/installer.nix
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..a5b2682
--- /dev/null
+++ b/README.md
@@ -0,0 +1,9 @@
+# EH22 Noc-Nix
+
+## Known Machines
+
+- Hypervisor
+ - CCCHH IPMI Address: http://172.31.201.56
+ - CCCHH Proxmox Address: https://10.31.210.248:8006/
+
+
diff --git a/flake.lock b/flake.lock
index efb7113..8f36cb8 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1,5 +1,26 @@
{
"nodes": {
+ "disko": {
+ "inputs": {
+ "nixpkgs": [
+ "nixpkgs"
+ ]
+ },
+ "locked": {
+ "lastModified": 1736864502,
+ "narHash": "sha256-ItkIZyebGvNH2dK9jVGzJHGPtb6BSWLN8Gmef16NeY0=",
+ "owner": "nix-community",
+ "repo": "disko",
+ "rev": "0141aabed359f063de7413f80d906e1d98c0c123",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nix-community",
+ "ref": "latest",
+ "repo": "disko",
+ "type": "github"
+ }
+ },
"flake-utils": {
"inputs": {
"systems": "systems"
@@ -110,6 +131,7 @@
},
"root": {
"inputs": {
+ "disko": "disko",
"home-manager": "home-manager",
"lix": "lix",
"nixpkgs": "nixpkgs",
diff --git a/flake.nix b/flake.nix
index 1afd777..e64b488 100644
--- a/flake.nix
+++ b/flake.nix
@@ -14,6 +14,12 @@
inputs.nixpkgs.follows = "nixpkgs";
};
+ # disk paritioning defined via nix
+ disko = {
+ url = "github:nix-community/disko?ref=latest";
+ inputs.nixpkgs.follows = "nixpkgs";
+ };
+
# secret management
sops-nix = {
url = "github:Mic92/sops-nix";
diff --git a/modules/base_system.nix b/modules/base_system.nix
index 9116cfd..adfa592 100644
--- a/modules/base_system.nix
+++ b/modules/base_system.nix
@@ -23,12 +23,48 @@
"virtio_blk"
];
boot.initrd.kernelModules = [ ];
+
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
- boot.loader.systemd-boot = {
+ boot.loader.grub = {
enable = true;
- configurationLimit = 25;
- editor = false;
+ device = lib.mkDefault "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0";
+ };
+
+ # partitioning and filesystems
+ disko.devices = lib.mkDefault {
+ disk = {
+ system = {
+ type = "disk";
+ device = lib.mkDefault "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0";
+ content = {
+ type = "gpt";
+ partitions = {
+ mbr = {
+ type = "ef02";
+ size = "1M";
+ };
+ swap = {
+ size = lib.mkDefault "8G";
+ content = {
+ type = "swap";
+ discardPolicy = "both";
+ };
+ };
+ root = {
+ type = "8300";
+ size = "100%";
+ content = {
+ type = "filesystem";
+ format = "ext4";
+ mountpoint = "/";
+ mountOptions = [ "defaults" "noatime" ];
+ };
+ };
+ };
+ };
+ };
+ };
};
# settings for nix and nixos
@@ -107,6 +143,7 @@
helix
htop
];
+
#environment.variables = {
# EDITOR = "hx";
# VISUAL = "hx";
diff --git a/packages/default.nix b/packages/default.nix
index 477cd63..5917dfe 100644
--- a/packages/default.nix
+++ b/packages/default.nix
@@ -2,4 +2,5 @@
{
# add new packages here as:
# name = pkgs.callPackage ./package-source.nix {};
+ installer = flake.outputs.nixosConfigurations.installer.config.system.build.isoImage;
}
diff --git a/systems/default.nix b/systems/default.nix
index 8085fc5..466ef17 100644
--- a/systems/default.nix
+++ b/systems/default.nix
@@ -1,7 +1,7 @@
{ flake }:
let
nixpkgs = flake.inputs.nixpkgs;
-
+
# utility function to create a new nixos configuration
# call like `mkSystem "x86_64-linux" "<hostname>.eh22.intern"`
mkSystem =
@@ -13,6 +13,7 @@ let
flake.inputs.home-manager.nixosModules.home-manager
flake.inputs.sops-nix.nixosModules.default
flake.inputs.lix.nixosModules.lixFromNixpkgs
+ flake.inputs.disko.nixosModules.default
../modules/base_system.nix
../modules/user_account.nix
@@ -36,6 +37,9 @@ let
};
in
{
- # exposed hosts at myroot
+ # prod hosts
+
+ # misc hosts
"test.eh22.intern" = mkSystem "x86_64-linux" "test.eh22.intern";
+ "installer" = mkSystem "x86_64-linux" "installer";
}
diff --git a/systems/installer.nix b/systems/installer.nix
new file mode 100644
index 0000000..cae6e41
--- /dev/null
+++ b/systems/installer.nix
@@ -0,0 +1,32 @@
+
+{
+ config,
+ modulesPath,
+ lib,
+ pkgs,
+ ...
+}:
+{
+ imports = [
+ (modulesPath + "/installer/cd-dvd/installation-cd-minimal.nix")
+ ];
+
+ networking.hostName = lib.mkForce "eh22-nixos-installer";
+ networking.wireless.enable = false;
+ system.installer.channel.enable = true;
+ environment.systemPackages = with pkgs; [
+ disko
+ ];
+
+ # configure our own user account in the installer
+ services.getty.autologinUser = lib.mkForce "noc";
+
+ # conflict resolutions
+ services.openssh.settings.PermitRootLogin = lib.mkForce "no";
+ boot.initrd.systemd.enable = lib.mkForce false;
+ boot.loader.grub.enable = lib.mkForce false;
+
+ # this is only okay because the installer does not have any persistence so no data can be in an old/incompatible format
+ system.stateVersion = config.system.nixos.release;
+ home-manager.users.noc.home.stateVersion = config.system.stateVersion;
+}
diff --git a/systems/test.eh22.intern.nix b/systems/test.eh22.intern.nix
index 5bb58c0..91bb896 100644
--- a/systems/test.eh22.intern.nix
+++ b/systems/test.eh22.intern.nix
@@ -4,45 +4,8 @@
{
imports = [ ];
- # boot config
- fileSystems = {
- "/boot" = {
- device = "/dev/disk/by-uuid/94A7-6995";
- fsType = "vfat";
- options = [
- "fmask=0077"
- "dmask=0077"
- ];
- };
- "/" = {
- device = "/dev/disk/by-uuid/4e0b7ea5-8c74-478f-a4e3-ddc5691e4065";
- fsType = "ext4";
- };
- "/srv/data/k8s" = {
- device = "10.0.10.14:/srv/data/k8s";
- fsType = "nfs";
- options = [
- "defaults"
- "_netdev"
- ];
- };
- };
-
# networking config
- networking.useDHCP = false;
- systemd.network = {
- enable = true;
- networks.enp1s0 = {
- matchConfig = {
- Type = "ether";
- MACAddress = "52:54:00:e6:1f:51";
- };
- networkConfig = {
- IPv6AcceptRA = false;
- };
- DHCP = "yes";
- };
- };
+ networking.useDHCP = true;
# DO NOT CHANGE
# this defines the first version of NixOS that was installed on the machine so that programs with non-migratable data files are kept compatible