summary refs log tree commit diff stats
path: root/hosts/by-name
diff options
context:
space:
mode:
authorBenedikt Peetz <benedikt.peetz@b-peetz.de>2024-12-24 17:59:52 +0100
committerBenedikt Peetz <benedikt.peetz@b-peetz.de>2024-12-24 17:59:52 +0100
commit8245579c8af73c8f40f5978878c7944c814ba04f (patch)
tree006caa951e345f481be3b91b85bcfda1061956d9 /hosts/by-name
parentrefactor(modules/impermanence): Migrate to by-name while distributing mods (diff)
downloadnixos-server-8245579c8af73c8f40f5978878c7944c814ba04f.tar.gz
nixos-server-8245579c8af73c8f40f5978878c7944c814ba04f.zip
[WIP]
Diffstat (limited to 'hosts/by-name')
-rw-r--r--hosts/by-name/server1/configuration.nix36
-rw-r--r--hosts/by-name/server1/hardware.nix14
-rw-r--r--hosts/by-name/server1/networking.nix50
-rw-r--r--hosts/by-name/server2/configuration.nix36
-rw-r--r--hosts/by-name/server2/hardware.nix14
-rw-r--r--hosts/by-name/server2/networking.nix50
6 files changed, 200 insertions, 0 deletions
diff --git a/hosts/by-name/server1/configuration.nix b/hosts/by-name/server1/configuration.nix
new file mode 100644
index 0000000..c0e76db
--- /dev/null
+++ b/hosts/by-name/server1/configuration.nix
@@ -0,0 +1,36 @@
+{config, ...}: {
+  imports = [
+    ./networking.nix # network configuration that just works
+    ./hardware.nix
+
+    ../../../system
+  ];
+
+  vhack = {
+    back = {
+      enable = true;
+      repositories = {
+        "${config.services.gitolite.dataDir}/vhack.eu/nixos-config.git" = {
+          domain = "issues.vhack.eu";
+          port = 9220;
+        };
+      };
+    };
+    etesync.enable = true;
+    git-server.enable = true;
+    nginx.enable = true;
+    nix-sync.enable = true;
+    openssh.enable = true;
+    peertube.enable = true;
+    postgresql.enable = true;
+    redlib.enable = true;
+    users.enable = true;
+  };
+
+  boot.tmp.cleanOnBoot = true;
+  zramSwap.enable = true;
+  networking.hostName = "server1";
+  networking.domain = "vhack.eu";
+
+  system.stateVersion = "22.11";
+}
diff --git a/hosts/by-name/server1/hardware.nix b/hosts/by-name/server1/hardware.nix
new file mode 100644
index 0000000..9abc64c
--- /dev/null
+++ b/hosts/by-name/server1/hardware.nix
@@ -0,0 +1,14 @@
+{modulesPath, ...}: {
+  imports = [
+    (modulesPath + "/profiles/qemu-guest.nix")
+    (modulesPath + "/profiles/headless.nix")
+  ];
+
+  vhack.disko = {
+    enable = true;
+    # FIXME: Find a better way to specify the disk
+    disk = "/dev/vda";
+  };
+  boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk"];
+  boot.initrd.kernelModules = [];
+}
diff --git a/hosts/by-name/server1/networking.nix b/hosts/by-name/server1/networking.nix
new file mode 100644
index 0000000..cd0484f
--- /dev/null
+++ b/hosts/by-name/server1/networking.nix
@@ -0,0 +1,50 @@
+{lib, ...}: {
+  # This file was populated at runtime with the networking
+  # details gathered from the active system.
+  networking = {
+    nameservers = [
+      "8.8.8.8"
+    ];
+    defaultGateway = {
+      address = "89.58.56.1";
+      interface = "eth0";
+    };
+    defaultGateway6 = {
+      address = "fe80::1";
+      interface = "eth0";
+    };
+    dhcpcd.enable = false;
+    usePredictableInterfaceNames = lib.mkForce false;
+    interfaces = {
+      eth0 = {
+        ipv4.addresses = [
+          {
+            address = "89.58.58.33";
+            prefixLength = 22;
+          }
+        ];
+        ipv6.addresses = [
+          {
+            address = "2a03:4000:6a:3f3::1";
+            prefixLength = 64;
+          }
+        ];
+        ipv4.routes = [
+          {
+            address = "89.58.56.1";
+            prefixLength = 32;
+          }
+        ];
+        ipv6.routes = [
+          {
+            address = "fe80::1";
+            prefixLength = 128;
+          }
+        ];
+      };
+    };
+  };
+  services.udev.extraRules = ''
+    ATTR{address}=="66:22:6d:82:93:9b", NAME="eth0"
+  '';
+}
diff --git a/hosts/by-name/server2/configuration.nix b/hosts/by-name/server2/configuration.nix
new file mode 100644
index 0000000..571a235
--- /dev/null
+++ b/hosts/by-name/server2/configuration.nix
@@ -0,0 +1,36 @@
+{config, ...}: {
+  imports = [
+    ./networking.nix # network configuration that just works
+    ./hardware.nix
+  ];
+
+  vhack = {
+    back = {
+      enable = true;
+      repositories = {
+        "${config.services.gitolite.dataDir}/vhack.eu/nixos-server.git" = {
+          domain = "issues.foss-syndicate.org";
+          port = 9220;
+        };
+      };
+    };
+    fail2ban.enable = true;
+    git-server = {
+      enable = true;
+      domain = "git.foss-syndicate.org";
+      gitolite.adminPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIME4ZVa+IoZf6T3U08JG93i6QIAJ4amm7mkBzO14JSkz cardno:000F_18F83532";
+    };
+    nginx.enable = true;
+    openssh.enable = true;
+    persist.enable = true;
+    rust-motd.enable = true;
+    users.enable = true;
+  };
+
+  boot.tmp.cleanOnBoot = true;
+  zramSwap.enable = true;
+  networking.hostName = "server2";
+  networking.domain = "vhack.eu";
+
+  system.stateVersion = "24.11";
+}
diff --git a/hosts/by-name/server2/hardware.nix b/hosts/by-name/server2/hardware.nix
new file mode 100644
index 0000000..9abc64c
--- /dev/null
+++ b/hosts/by-name/server2/hardware.nix
@@ -0,0 +1,14 @@
+{modulesPath, ...}: {
+  imports = [
+    (modulesPath + "/profiles/qemu-guest.nix")
+    (modulesPath + "/profiles/headless.nix")
+  ];
+
+  vhack.disko = {
+    enable = true;
+    # FIXME: Find a better way to specify the disk
+    disk = "/dev/vda";
+  };
+  boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk"];
+  boot.initrd.kernelModules = [];
+}
diff --git a/hosts/by-name/server2/networking.nix b/hosts/by-name/server2/networking.nix
new file mode 100644
index 0000000..cd0484f
--- /dev/null
+++ b/hosts/by-name/server2/networking.nix
@@ -0,0 +1,50 @@
+{lib, ...}: {
+  # This file was populated at runtime with the networking
+  # details gathered from the active system.
+  networking = {
+    nameservers = [
+      "8.8.8.8"
+    ];
+    defaultGateway = {
+      address = "89.58.56.1";
+      interface = "eth0";
+    };
+    defaultGateway6 = {
+      address = "fe80::1";
+      interface = "eth0";
+    };
+    dhcpcd.enable = false;
+    usePredictableInterfaceNames = lib.mkForce false;
+    interfaces = {
+      eth0 = {
+        ipv4.addresses = [
+          {
+            address = "89.58.58.33";
+            prefixLength = 22;
+          }
+        ];
+        ipv6.addresses = [
+          {
+            address = "2a03:4000:6a:3f3::1";
+            prefixLength = 64;
+          }
+        ];
+        ipv4.routes = [
+          {
+            address = "89.58.56.1";
+            prefixLength = 32;
+          }
+        ];
+        ipv6.routes = [
+          {
+            address = "fe80::1";
+            prefixLength = 128;
+          }
+        ];
+      };
+    };
+  };
+  services.udev.extraRules = ''
+    ATTR{address}=="66:22:6d:82:93:9b", NAME="eth0"
+  '';
+}