nix/machines
1
0
Fork 0
Code Issues Releases Packages Activity Actions

Begin getting base setup implemented

Browse source
This commit is contained in:
Kaare Hoff Skovgaard 2025-07-05 15:35:58 +02:00
parent 453099b068
commit 84f6e1a93f
Signed by: khs
GPG key ID: C7D890804F01E9F0
11 changed files with 425 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
result/
.DS_Store

183
flake.lock generated Normal file
View file

@ -0,0 +1,183 @@
{
"nodes": {
"disko": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1751607816,
"narHash": "sha256-5PtrwjqCIJ4DKQhzYdm8RFePBuwb+yTzjV52wWoGSt4=",
"owner": "nix-community",
"repo": "disko",
"rev": "da6109c917b48abc1f76dd5c9bf3901c8c80f662",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"flake-base": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"snowfall-lib": "snowfall-lib",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1751720970,
"narHash": "sha256-Fe8yQfmjlgNSrkBU/5FcYBQVsOFyfxe73C1zfsHhXDU=",
"ref": "refs/heads/main",
"rev": "b3ddb341d8bfe6fb5f618dfee1f720a3deeee47d",
"revCount": 10,
"type": "git",
"url": "https://khs.codes/nix/flake-base"
},
"original": {
"type": "git",
"url": "https://khs.codes/nix/flake-base"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1650374568,
"narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "b4a34015c698c7793d592d66adbab377907a2be8",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils-plus": {
"inputs": {
"flake-utils": "flake-utils"
},
"locked": {
"lastModified": 1715533576,
"narHash": "sha256-fT4ppWeCJ0uR300EH3i7kmgRZnAVxrH+XtK09jQWihk=",
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f",
"type": "github"
},
"original": {
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1751582995,
"narHash": "sha256-u7ubvtxdTnFPpV27AHpgoKn7qHuE7sgWgza/1oj5nzA=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "7a732ed41ca0dd64b4b71b563ab9805a80a7d693",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"disko": "disko",
"flake-base": "flake-base",
"nixpkgs": "nixpkgs"
}
},
"snowfall-lib": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils-plus": "flake-utils-plus",
"nixpkgs": [
"flake-base",
"nixpkgs"
]
},
"locked": {
"lastModified": 1736130495,
"narHash": "sha256-4i9nAJEZFv7vZMmrE0YG55I3Ggrtfo5/T07JEpEZ/RM=",
"owner": "snowfallorg",
"repo": "lib",
"rev": "02d941739f98a09e81f3d2d9b3ab08918958beac",
"type": "github"
},
"original": {
"owner": "snowfallorg",
"repo": "lib",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"flake-base",
"nixpkgs"
]
},
"locked": {
"lastModified": 1750931469,
"narHash": "sha256-0IEdQB1nS+uViQw4k3VGUXntjkDp7aAlqcxdewb/hAc=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "ac8e6f32e11e9c7f153823abc3ab007f2a65d3e1",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

41
flake.nix Normal file
View file

@ -0,0 +1,41 @@
{
description = "A very basic flake";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
flake-base = {
url = "git+https://khs.codes/nix/flake-base";
inputs.nixpkgs.follows = "nixpkgs";
};
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs =
inputs@{ self, ... }:
inputs.flake-base.lib.mkFlake {
inherit inputs;
src = ./.;
systems.modules.nixos = [ inputs.disko.nixosModules.disko ];
snowfall = {
root = ./nix;
namespace = "khscodes";
meta = {
title = "Nix machines for KHS";
name = "Machines";
};
};
modules.nixos.default = {
imports = [
self.nixosModules.hetzner
self.nixosModules.sshd
self.nixosModules.sshd
self.nixosModules.systemd-boot
self.nixosModules.qemu-guest
inputs.disko.nixosModules.disko
];
};
};
}

20
nix/checks/hetzner-sets-ipv6/default.nix Normal file
View file

@ -0,0 +1,20 @@
{ inputs, pkgs, ... }:
pkgs.nixosTest {
name = "hetzner-will-boot";
nodes.machine =
{ ... }:
{
imports = [ inputs.self.nixosModules.default ];
khscodes.hetzner = {
enable = true;
ipv6-addr = "dead:beef:cafe::1";
};
system.stateVersion = "25.05";
};
testScript = ''
machine.start(allow_reboot = True)
machine.wait_for_unit("multi-user.target")
ipv6 = machine.succeed("ip addr")
assert "dead:beef:cafe::1" in ipv6
'';
}

59
nix/lib/disko-root-lvm/default.nix Normal file
View file

@ -0,0 +1,59 @@
{ ... }:
{
disko-root-lvm =
{
diskName,
device,
espSize ? "500M",
bootPartName ? "ESP",
rootPartName ? "primary",
volumeGroupName ? "mainpool",
rootLvName ? "root",
}:
{
devices.disk = {
"${diskName}" = {
inherit device;
type = "disk";
content = {
type = "gpt";
partitions = {
"${bootPartName}" = {
size = espSize;
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
"${rootPartName}" = {
size = "100%";
content = {
type = "lvm_pv";
vg = volumeGroupName;
};
};
};
};
};
};
devices.lvm_vg = {
"${volumeGroupName}" = {
type = "lvm_vg";
lvs = {
"${rootLvName}" = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = [ "defaults" ];
};
};
};
};
};
};
}

57
nix/modules/nixos/hetzner/default.nix Normal file
View file

@ -0,0 +1,57 @@
{
config,
lib,
system,
...
}:
let
cfg = config.khscodes.hetzner;
in
{
options.khscodes.hetzner = {
enable = lib.mkEnableOption "Enables the machine as a hetzner machine";
ipv6-addr = lib.mkOption {
type = lib.types.nullOr lib.types.str;
description = "IPv6 address of the server, for now detecting this from the server itself is not supported";
default = null;
};
diskName = lib.mkOption {
type = lib.types.str;
default = "nixos";
description = "Name of the root disk device";
};
};
config = lib.mkIf cfg.enable {
disko = lib.khscodes.disko-root-lvm {
device = "/dev/sda";
diskName = cfg.diskName;
};
boot.tmp.cleanOnBoot = lib.mkDefault true;
boot.initrd.kernelModules = lib.mkIf (system == "aarch64-linux") [ "virtio_gpu" ];
boot.kernelParams = lib.mkIf (system == "aarch64-linux") [ "console=tty" ];
zramSwap.enable = lib.mkDefault true;
khscodes.systemd-boot.enable = lib.mkDefault true;
khscodes.qemu-guest.enable = true;
networking = {
useDHCP = false;
useNetworkd = false;
};
systemd.network = {
enable = true;
networks."10-enp1s0" = {
matchConfig.Name = [
"eth0"
"enp1s0"
];
networkConfig = {
DHCP = "ipv4";
};
routes = [ { Gateway = "fe80::1"; } ];
linkConfig.RequiredForOnline = "routable";
address = lib.mkIf (cfg.ipv6-addr != null) [ cfg.ipv6-addr ];
};
};
};
}

16
nix/modules/nixos/qemu-guest/default.nix Normal file
View file

@ -0,0 +1,16 @@
{
config,
lib,
modulesPath,
...
}:
let
cfg = config.khscodes.hetzner;
in
{
options.khscodes.qemu-guest = {
enable = lib.mkEnableOption "Configures machine with NixOS profile for qemu guest";
};
config = lib.mkIf cfg.enable (import "${modulesPath}/profiles/qemu-guest.nix" { });
}

4
nix/modules/nixos/sshd/default.nix Normal file
View file

@ -0,0 +1,4 @@
{ config, lib, ... }:
{
}

32
nix/modules/nixos/systemd-boot/default.nix Normal file
View file

@ -0,0 +1,32 @@
{ config, lib, ... }:
let
cfg = config.khscodes.systemd-boot;
in
{
options.khscodes.systemd-boot = {
enable = lib.mkEnableOption "Enables booting using systemd";
configuration-limit = lib.mkOption {
type = lib.types.int;
description = "";
default = 5;
};
};
config = lib.mkIf cfg.enable {
boot = {
loader = {
systemd-boot = {
enable = true;
configurationLimit = cfg.configuration-limit;
};
grub = {
enable = false;
};
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot";
};
};
};
};
}

6
nix/profiles/nix-base.nix Normal file
View file

@ -0,0 +1,6 @@
{
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
}

5
nix/systems/x86_64-linux/photos.kaareskovgaard.net/default.nix Normal file
View file

@ -0,0 +1,5 @@
{ config, lib, ... }:
{
khscodes.hetzner.enable = true;
system.stateVersion = "25.05";
}