diff options
32 files changed, 338 insertions, 2666 deletions
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md deleted file mode 100644 index 70760ae..0000000 --- a/CONTRIBUTING.md +++ /dev/null @@ -1,34 +0,0 @@ -# Branches - -Following branches are used: - -## develop - -This contains all upcoming changes for the next pull request to `main`. -All feature branches should merge into this branch. - -## feature branches - -These branches are created on a per-feature basis and will be merged into `develop`. This merge happens without ci testing and prior review, but a pull request should be opened to trigger a notification. - -## main - -Changes in this branch trigger an automatic rebuild on the server, so all merges should be peer-reviewed and tested. However, exceptions can be made for changes, which close security vulnerabilities. -The only branch able to be merged into `main` is `develop`. - -# Development process - -If adding a new feature you should follow this loose guide: - -1. Clone the repository -1. Allow the `.envrc`: `direnv allow` (see [development environment](#development-environment), if you don't know what this does) -1. Checkout your feature branch from develop: `git checkout -b <feature branch name> develop` -1. Actually make the changes -1. Commit them, while following conventional commits (See [their docs](https://www.conventionalcommits.org/en/v1.0.0/) for further guidance) -1. Push your change and open a pull request to `develop`: `git push --set-upstream origin <feature branch name>` - -# Development environment - -All required tools should be specified in the `devShells` output of the flake. This is because we use [Direnv](https://github.com/direnv/direnv) in combination with [Nix integration](https://github.com/direnv/direnv/wiki/Nix) — in this case [Nix-direnv](https://github.com/nix-community/nix-direnv) — to enforce reliable development environments (and some uncluttering of PATH). - -Setting it up is rather easy, just see [Nix-direnv's install instructions](https://github.com/nix-community/nix-direnv#installation). diff --git a/flake.lock b/flake.lock index 1671f50..1bc5e2a 100644 --- a/flake.lock +++ b/flake.lock @@ -80,9 +80,15 @@ }, "deploy-rs": { "inputs": { - "flake-compat": "flake-compat", - "nixpkgs": "nixpkgs", - "utils": "utils" + "flake-compat": [ + "flake-compat" + ], + "nixpkgs": [ + "nixpkgs" + ], + "utils": [ + "flake-utils" + ] }, "locked": { "lastModified": 1727447169, @@ -121,22 +127,6 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_2": { - "flake": false, - "locked": { "lastModified": 1733328505, "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", "owner": "edolstra", @@ -224,16 +214,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1702272962, - "narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=", + "lastModified": 1734522913, + "narHash": "sha256-tyReZKZRdyODkbcwYnO7xowXx7VCFJ6XzAY7w2aFjs0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e97b3e4186bcadf0ef1b6be22b8558eab1cdeb5d", + "rev": "bf383789c497270e8e20ccc2261cf2c6e18dbda8", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixpkgs-unstable", + "ref": "nixos-24.11-small", "repo": "nixpkgs", "type": "github" } @@ -269,22 +259,6 @@ "type": "github" } }, - "nixpkgs_2": { - "locked": { - "lastModified": 1734522913, - "narHash": "sha256-tyReZKZRdyODkbcwYnO7xowXx7VCFJ6XzAY7w2aFjs0=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "bf383789c497270e8e20ccc2261cf2c6e18dbda8", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-24.11-small", - "repo": "nixpkgs", - "type": "github" - } - }, "ragenix": { "inputs": { "agenix": [ @@ -323,16 +297,16 @@ "crane": "crane", "deploy-rs": "deploy-rs", "disko": "disko", - "flake-compat": "flake-compat_2", + "flake-compat": "flake-compat", "flake-utils": "flake-utils", "impermanence": "impermanence", "library": "library", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs", "nixpkgs-unstable": "nixpkgs-unstable", "ragenix": "ragenix", "rust-overlay": "rust-overlay", "simple-nixos-mailserver": "simple-nixos-mailserver", - "systems": "systems_2", + "systems": "systems", "treefmt-nix": "treefmt-nix" } }, @@ -384,21 +358,6 @@ }, "systems": { "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_2": { - "locked": { "lastModified": 1680978846, "narHash": "sha256-Gtqg8b/v49BFDpDetjclCYXm8mAnTrUzR0JnE2nv5aw=", "owner": "nix-systems", @@ -431,24 +390,6 @@ "repo": "treefmt-nix", "type": "github" } - }, - "utils": { - "inputs": { - "systems": "systems" - }, - "locked": { - "lastModified": 1701680307, - "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index a4ba578..6ff085f 100644 --- a/flake.nix +++ b/flake.nix @@ -15,6 +15,11 @@ }; deploy-rs = { url = "github:serokell/deploy-rs"; + inputs = { + flake-compat.follows = "flake-compat"; + nixpkgs.follows = "nixpkgs"; + utils.follows = "flake-utils"; + }; }; # inputs for following @@ -98,9 +103,23 @@ ... } @ attrs: let system = "x86_64-linux"; - pkgs = nixpkgs.legacyPackages.${system}; nixos-lib = import (nixpkgs + "/nixos/lib") {}; + pkgs = nixpkgs.legacyPackages.${system}; pkgsUnstable = nixpkgs-unstable.legacyPackages.${system}; + deployPackage = + (import nixpkgs { + inherit system; + overlays = [ + deploy-rs.overlays.default + (self: super: { + deploy-rs = { + inherit (pkgs) deploy-rs; + inherit (super.deploy-rs) lib; + }; + }) + ]; + }) + .deploy-rs; specialArgs = attrs @@ -118,19 +137,17 @@ tests = import ./tests {inherit pkgs specialArgs nixLib;}; vhackPackages = import ./pkgs {inherit pkgs nixLib;}; - hosts = import ./hosts {inherit pkgs nixLib nixpkgs specialArgs extraModules;}; + hosts = import ./hosts {inherit pkgs nixLib nixpkgs specialArgs extraModules deployPackage;}; inherit (library) nixLib; treefmtEval = import ./treefmt.nix {inherit treefmt-nix pkgs;}; in { - nixosConfigurations = hosts; - checks."${system}" = nixLib.warnMerge (nixLib.warnMerge tests { formatting = treefmtEval.config.build.check self; } "the flake checks and formatting") - (deploy-rs.lib."${system}".deployChecks self.deploy) + (deployPackage.lib.deployChecks self.deploy) "the flake checks and deploy-rs"; packages."${system}" = vhackPackages; @@ -152,12 +169,6 @@ }; }; - deploy.nodes.server2 = { - hostname = "server2.vhack.eu"; - profiles.system = { - user = "root"; - path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.server2; - }; - }; + inherit (hosts) nixosConfigurations deploy; }; } diff --git a/hardware_config_server2.nix.nixos-facter.json b/hardware_config_server2.nix.nixos-facter.json deleted file mode 100644 index 4e55b91..0000000 --- a/hardware_config_server2.nix.nixos-facter.json +++ /dev/null @@ -1,2425 +0,0 @@ -{ - "version": 1, - "system": "x86_64-linux", - "virtualisation": "kvm", - "hardware": { - "bios": { - "apm_info": { - "supported": false, - "enabled": false, - "version": 0, - "sub_version": 0, - "bios_flags": 0 - }, - "vbe_info": { - "version": 0, - "video_memory": 0 - }, - "pnp": true, - "pnp_id": 0, - "lba_support": false, - "low_memory_size": 654336, - "smbios_version": 520 - }, - "bridge": [ - { - "index": 11, - "attached_to": 0, - "class_list": [ - "pci", - "bridge" - ], - "bus_type": { - "hex": "0004", - "name": "PCI", - "value": 4 - }, - "slot": { - "bus": 0, - "number": 1 - }, - "base_class": { - "hex": "0006", - "name": "Bridge", - "value": 6 - }, - "sub_class": { - "hex": "0001", - "name": "ISA bridge", - "value": 1 - }, - "vendor": { - "hex": "8086", - "name": "Intel Corporation", - "value": 32902 - }, - "sub_vendor": { - "hex": "1af4", - "value": 6900 - }, - "device": { - "hex": "7000", - "value": 28672 - }, - "sub_device": { - "hex": "1100", - "value": 4352 - }, - "model": "Intel ISA bridge", - "sysfs_id": "/devices/pci0000:00/0000:00:01.0", - "sysfs_bus_id": "0000:00:01.0", - "detail": { - "function": 0, - "command": 259, - "header_type": 0, - "secondary_bus": 0, - "irq": 0, - "prog_if": 0 - }, - "module_alias": "pci:v00008086d00007000sv00001AF4sd00001100bc06sc01i00" - }, - { - "index": 13, - "attached_to": 0, - "class_list": [ - "pci", - "bridge" - ], - "bus_type": { - "hex": "0004", - "name": "PCI", - "value": 4 - }, - "slot": { - "bus": 0, - "number": 0 - }, - "base_class": { - "hex": "0006", - "name": "Bridge", - "value": 6 - }, - "sub_class": { - "hex": "0000", - "name": "Host bridge", - "value": 0 - }, - "vendor": { - "hex": "8086", - "name": "Intel Corporation", - "value": 32902 - }, - "sub_vendor": { - "hex": "1af4", - "value": 6900 - }, - "device": { - "hex": "1237", - "value": 4663 - }, - "sub_device": { - "hex": "1100", - "value": 4352 - }, - "revision": { - "hex": "0002", - "value": 2 - }, - "model": "Intel Host bridge", - "sysfs_id": "/devices/pci0000:00/0000:00:00.0", - "sysfs_bus_id": "0000:00:00.0", - "detail": { - "function": 0, - "command": 259, - "header_type": 0, - "secondary_bus": 0, - "irq": 0, - "prog_if": 0 - }, - "module_alias": "pci:v00008086d00001237sv00001AF4sd00001100bc06sc00i00" - }, - { - "index": 14, - "attached_to": 0, - "class_list": [ - "pci", - "bridge" - ], - "bus_type": { - "hex": "0004", - "name": "PCI", - "value": 4 - }, - "slot": { - "bus": 0, - "number": 1 - }, - "base_class": { - "hex": "0006", - "name": "Bridge", - "value": 6 - }, - "sub_class": { - "hex": "0080", - "name": "Bridge", - "value": 128 - }, - "vendor": { - "hex": "8086", - "name": "Intel Corporation", - "value": 32902 - }, - "sub_vendor": { - "hex": "1af4", - "value": 6900 - }, - "device": { - "hex": "7113", - "value": 28947 - }, - "sub_device": { - "hex": "1100", - "value": 4352 - }, - "revision": { - "hex": "0003", - "value": 3 - }, - "model": "Intel Bridge", - "sysfs_id": "/devices/pci0000:00/0000:00:01.3", - "sysfs_bus_id": "0000:00:01.3", - "resources": [ - { - "type": "irq", - "base": 9, - "triggered": 0, - "enabled": true - } - ], - "detail": { - "function": 3, - "command": 259, - "header_type": 0, - "secondary_bus": 0, - "irq": 9, - "prog_if": 0 - }, - "driver": "piix4_smbus", - "driver_module": "i2c_piix4", - "drivers": [ - "piix4_smbus" - ], - "driver_modules": [ - "i2c_piix4" - ], - "module_alias": "pci:v00008086d00007113sv00001AF4sd00001100bc06sc80i00" - } - ], - "cdrom": [ - { - "index": 23, - "attached_to": 16, - "class_list": [ - "cdrom", - "scsi", - "block_device" - ], - "bus_type": { - "hex": "0084", - "name": "SCSI", - "value": 132 - }, - "slot": { - "bus": 0, - "number": 0 - }, - "base_class": { - "hex": "0106", - "name": "Mass Storage Device", - "value": 262 - }, - "sub_class": { - "hex": "0002", - "name": "CD-ROM", - "value": 2 - }, - "pci_interface": { - "hex": "0003", - "name": "DVD", - "value": 3 - }, - "vendor": { - "hex": "0000", - "name": "QEMU", - "value": 0 - }, - "device": { - "hex": "0000", - "name": "QEMU DVD-ROM", - "value": 0 - }, - "revision": { - "hex": "0000", - "name": "2.5+", - "value": 0 - }, - "model": "QEMU DVD-ROM", - "sysfs_id": "/class/block/sr0", - "sysfs_bus_id": "0:0:0:0", - "sysfs_device_link": "/devices/pci0000:00/0000:00:01.1/ata1/host0/target0:0:0/0:0:0:0", - "unix_device_name": "/dev/sr0", - "unix_device_number": { - "type": 98, - "major": 11, - "minor": 0, - "range": 1 - }, - "unix_device_names": [ - "/dev/cdrom", - "/dev/disk/by-diskseq/11", - "/dev/disk/by-id/ata-QEMU_DVD-ROM_QM00001", - "/dev/disk/by-path/pci-0000:00:01.1-ata-1", - "/dev/disk/by-path/pci-0000:00:01.1-ata-1.0", - "/dev/sr0" - ], - "unix_device_name2": "/dev/sg0", - "unix_device_number2": { - "type": 99, - "major": 21, - "minor": 0, - "range": 1 - }, - "driver": "ata_piix", - "driver_module": "ata_piix", - "drivers": [ - "ata_piix", - "sr" - ], - "driver_modules": [ - "ata_piix", - "sr_mod" - ] - } - ], - "cpu": [ - { - "architecture": "x86_64", - "vendor_name": "AuthenticAMD", - "family": 23, - "model": 49, - "stepping": 0, - "features": [ - "fpu", - "vme", - "de", - "pse", - "tsc", - "msr", - "pae", - "mce", - "cx8", - "apic", - "sep", - "mtrr", - "pge", - "mca", - "cmov", - "pat", - "pse36", - "clflush", - "mmx", - "fxsr", - "sse", - "sse2", - "syscall", - "nx", - "mmxext", - "fxsr_opt", - "pdpe1gb", - "rdtscp", - "lm", - "rep_good", - "nopl", - "xtopology", - "cpuid", - "extd_apicid", - "tsc_known_freq", - "pni", - "pclmulqdq", - "ssse3", - "fma", - "cx16", - "sse4_1", - "sse4_2", - "x2apic", - "movbe", - "popcnt", - "tsc_deadline_timer", - "aes", - "xsave", - "avx", - "f16c", - "rdrand", - "hypervisor", - "lahf_lm", - "cmp_legacy", - "cr8_legacy", - "abm", - "sse4a", - "misalignsse", - "3dnowprefetch", - "osvw", - "topoext", - "perfctr_core", - "ssbd", - "ibrs", - "ibpb", - "stibp", - "vmmcall", - "fsgsbase", - "tsc_adjust", - "bmi1", - "avx2", - "smep", - "bmi2", - "rdseed", - "adx", - "smap", - "clflushopt", - "clwb", - "sha_ni", - "xsaveopt", - "xsavec", - "xgetbv1", - "clzero", - "xsaveerptr", - "wbnoinvd", - "arat", - "umip", - "rdpid", - "arch_capabilities" - ], - "bugs": [ - "sysret_ss_attrs", - "null_seg", - "spectre_v1", - "spectre_v2", - "spec_store_bypass", - "retbleed", - "smt_rsb", - "srso", - "ibpb_no_ret" - ], - "bogo": 3992.49, - "cache": 512, - "physical_id": 0, - "siblings": 1, - "cores": 1, - "fpu": true, - "fpu_exception": true, - "cpuid_level": 13, - "write_protect": false, - "tlb_size": 1024, - "clflush_size": 64, - "cache_alignment": 64, - "address_sizes": { - "physical": 40, - "virtual": 48 - } - }, - { - "architecture": "x86_64", - "vendor_name": "AuthenticAMD", - "family": 23, - "model": 49, - "stepping": 0, - "features": [ - "fpu", - "vme", - "de", - "pse", - "tsc", - "msr", - "pae", - "mce", - "cx8", - "apic", - "sep", - "mtrr", - "pge", - "mca", - "cmov", - "pat", - "pse36", - "clflush", - "mmx", - "fxsr", - "sse", - "sse2", - "syscall", - "nx", - "mmxext", - "fxsr_opt", - "pdpe1gb", - "rdtscp", - "lm", - "rep_good", - "nopl", - "xtopology", - "cpuid", - "extd_apicid", - "tsc_known_freq", - "pni", - "pclmulqdq", - "ssse3", - "fma", - "cx16", - "sse4_1", - "sse4_2", - "x2apic", - "movbe", - "popcnt", - "tsc_deadline_timer", - "aes", - "xsave", - "avx", - "f16c", - "rdrand", - "hypervisor", - "lahf_lm", - "cmp_legacy", - "cr8_legacy", - "abm", - "sse4a", - "misalignsse", - "3dnowprefetch", - "osvw", - "topoext", - "perfctr_core", - "ssbd", - "ibrs", - "ibpb", - "stibp", - "vmmcall", - "fsgsbase", - "tsc_adjust", - "bmi1", - "avx2", - "smep", - "bmi2", - "rdseed", - "adx", - "smap", - "clflushopt", - "clwb", - "sha_ni", - "xsaveopt", - "xsavec", - "xgetbv1", - "clzero", - "xsaveerptr", - "wbnoinvd", - "arat", - "umip", - "rdpid", - "arch_capabilities" - ], - "bugs": [ - "sysret_ss_attrs", - "null_seg", - "spectre_v1", - "spectre_v2", - "spec_store_bypass", - "retbleed", - "smt_rsb", - "srso", - "ibpb_no_ret" - ], - "bogo": 3992.49, - "cache": 512, - "physical_id": 1, - "siblings": 1, - "cores": 1, - "fpu": true, - "fpu_exception": true, - "cpuid_level": 13, - "write_protect": false, - "tlb_size": 1024, - "clflush_size": 64, - "cache_alignment": 64, - "address_sizes": { - "physical": 40, - "virtual": 48 - } - }, - { - "architecture": "x86_64", - "vendor_name": "AuthenticAMD", - "family": 23, - "model": 49, - "stepping": 0, - "features": [ - "fpu", - "vme", - "de", - "pse", - "tsc", - "msr", - "pae", - "mce", - "cx8", - "apic", - "sep", - "mtrr", - "pge", - "mca", - "cmov", - "pat", - "pse36", - "clflush", - "mmx", - "fxsr", - "sse", - "sse2", - "syscall", - "nx", - "mmxext", - "fxsr_opt", - "pdpe1gb", - "rdtscp", - "lm", - "rep_good", - "nopl", - "xtopology", - "cpuid", - "extd_apicid", - "tsc_known_freq", - "pni", - "pclmulqdq", - "ssse3", - "fma", - "cx16", - "sse4_1", - "sse4_2", - "x2apic", - "movbe", - "popcnt", - "tsc_deadline_timer", - "aes", - "xsave", - "avx", - "f16c", - "rdrand", - "hypervisor", - "lahf_lm", - "cmp_legacy", - "cr8_legacy", - "abm", - "sse4a", - "misalignsse", - "3dnowprefetch", - "osvw", - "topoext", - "perfctr_core", - "ssbd", - "ibrs", - "ibpb", - "stibp", - "vmmcall", - "fsgsbase", - "tsc_adjust", - "bmi1", - "avx2", - "smep", - "bmi2", - "rdseed", - "adx", - "smap", - "clflushopt", - "clwb", - "sha_ni", - "xsaveopt", - "xsavec", - "xgetbv1", - "clzero", - "xsaveerptr", - "wbnoinvd", - "arat", - "umip", - "rdpid", - "arch_capabilities" - ], - "bugs": [ - "sysret_ss_attrs", - "null_seg", - "spectre_v1", - "spectre_v2", - "spec_store_bypass", - "retbleed", - "smt_rsb", - "srso", - "ibpb_no_ret" - ], - "bogo": 3992.49, - "cache": 512, - "physical_id": 2, - "siblings": 1, - "cores": 1, - "fpu": true, - "fpu_exception": true, - "cpuid_level": 13, - "write_protect": false, - "tlb_size": 1024, - "clflush_size": 64, - "cache_alignment": 64, - "address_sizes": { - "physical": 40, - "virtual": 48 - } - }, - { - "architecture": "x86_64", - "vendor_name": "AuthenticAMD", - "family": 23, - "model": 49, - "stepping": 0, - "features": [ - "fpu", - "vme", - "de", - "pse", - "tsc", - "msr", - "pae", - "mce", - "cx8", - "apic", - "sep", - "mtrr", - "pge", - "mca", - "cmov", - "pat", - "pse36", - "clflush", - "mmx", - "fxsr", - "sse", - "sse2", - "syscall", - "nx", - "mmxext", - "fxsr_opt", - "pdpe1gb", - "rdtscp", - "lm", - "rep_good", - "nopl", - "xtopology", - "cpuid", - "extd_apicid", - "tsc_known_freq", - "pni", - "pclmulqdq", - "ssse3", - "fma", - "cx16", - "sse4_1", - "sse4_2", - "x2apic", - "movbe", - "popcnt", - "tsc_deadline_timer", - "aes", - "xsave", - "avx", - "f16c", - "rdrand", - "hypervisor", - "lahf_lm", - "cmp_legacy", - "cr8_legacy", - "abm", - "sse4a", - "misalignsse", - "3dnowprefetch", - "osvw", - "topoext", - "perfctr_core", - "ssbd", - "ibrs", - "ibpb", - "stibp", - "vmmcall", - "fsgsbase", - "tsc_adjust", - "bmi1", - "avx2", - "smep", - "bmi2", - "rdseed", - "adx", - "smap", - "clflushopt", - "clwb", - "sha_ni", - "xsaveopt", - "xsavec", - "xgetbv1", - "clzero", - "xsaveerptr", - "wbnoinvd", - "arat", - "umip", - "rdpid", - "arch_capabilities" - ], - "bugs": [ - "sysret_ss_attrs", - "null_seg", - "spectre_v1", - "spectre_v2", - "spec_store_bypass", - "retbleed", - "smt_rsb", - "srso", - "ibpb_no_ret" - ], - "bogo": 3992.49, - "cache": 512, - "physical_id": 3, - "siblings": 1, - "cores": 1, - "fpu": true, - "fpu_exception": true, - "cpuid_level": 13, - "write_protect": false, - "tlb_size": 1024, - "clflush_size": 64, - "cache_alignment": 64, - "address_sizes": { - "physical": 40, - "virtual": 48 - } - } - ], - "disk": [ - { - "index": 24, - "attached_to": 18, - "class_list": [ - "disk", - "block_device" - ], - "base_class": { - "hex": "0106", - "name": "Mass Storage Device", - "value": 262 - }, - "sub_class": { - "hex": "0000", - "name": "Disk", - "value": 0 - }, - "model": "Disk", - "sysfs_id": "/class/block/vda", - "sysfs_bus_id": "virtio1", - "sysfs_device_link": "/devices/pci0000:00/0000:00:10.0/virtio1", - "unix_device_name": "/dev/vda", - "unix_device_number": { - "type": 98, - "major": 253, - "minor": 0, - "range": 16 - }, - "unix_device_names": [ - "/dev/disk/by-diskseq/9", - "/dev/disk/by-path/pci-0000:00:10.0", - "/dev/disk/by-path/virtio-pci-0000:00:10.0", - "/dev/vda" - ], - "rom_id": "0x80", - "resources": [ - { - "type": "disk_geo", - "cylinders": 1065220, - "heads": 16, - "sectors": 63, - "size": 0, - "geo_type": "logical" - }, - { - "type": "size", - "unit": "sectors", - "value_1": 1073741824, - "value_2": 512 - } - ], - "driver": "virtio-pci", - "driver_module": "virtio_pci", - "drivers": [ - "virtio-pci", - "virtio_blk" - ], - "driver_modules": [ - "virtio_blk", - "virtio_pci" - ] - } - ], - "graphics_card": [ - { - "index": 17, - "attached_to": 0, - "class_list": [ - "graphics_card", - "pci" - ], - "bus_type": { - "hex": "0004", - "name": "PCI", - "value": 4 - }, - "slot": { - "bus": 0, - "number": 2 - }, - "base_class": { - "hex": "0003", - "name": "Display controller", - "value": 3 - }, - "sub_class": { - "hex": "0000", - "name": "VGA compatible controller", - "value": 0 - }, - "pci_interface": { - "hex": "0000", - "name": "VGA", - "value": 0 - }, - "vendor": { - "hex": "1234", - "value": 4660 - }, - "sub_vendor": { - "hex": "1af4", - "value": 6900 - }, - "device": { - "hex": "1111", - "value": 4369 - }, - "sub_device": { - "hex": "1100", - "value": 4352 - }, - "revision": { - "hex": "0002", - "value": 2 - }, - "model": "VGA compatible controller", - "sysfs_id": "/devices/pci0000:00/0000:00:02.0", - "sysfs_bus_id": "0000:00:02.0", - "resources": [ - { - "type": "mem", - "base": 4261412864, - "range": 8388608, - "enabled": true, - "access": "read_only", - "prefetch": "no" - }, - { - "type": "mem", - "base": 4273799168, - "range": 4096, - "enabled": true, - "access": "read_write", - "prefetch": "no" - }, - { - "type": "mem", - "base": 786432, - "range": 131072, - "enabled": false, - "access": "read_write", - "prefetch": "no" - } - ], - "detail": { - "function": 0, - "command": 3, - "header_type": 0, - "secondary_bus": 0, - "irq": 0, - "prog_if": 0 - }, - "driver": "bochs-drm", - "driver_module": "bochs", - "drivers": [ - "bochs-drm" - ], - "driver_modules": [ - "bochs" - ], - "module_alias": "pci:v00001234d00001111sv00001AF4sd00001100bc03sc00i00" - } - ], - "hub": [ - { - "index": 25, - "attached_to": 9, - "class_list": [ - "usb", - "hub" - ], - "bus_type": { - "hex": "0086", - "name": "USB", - "value": 134 - }, - "slot": { - "bus": 0, - "number": 0 - }, - "base_class": { - "hex": "010a", - "name": "Hub", - "value": 266 - }, - "vendor": { - "hex": "1d6b", - "name": "Linux 6.11.10 uhci_hcd", - "value": 7531 - }, - "device": { - "hex": "0001", - "name": "UHCI Host Controller", - "value": 1 - }, - "revision": { - "hex": "0000", - "name": "6.11", - "value": 0 - }, - "serial": "0000:00:01.2", - "model": "Linux 6.11.10 uhci_hcd UHCI Host Controller", - "sysfs_id": "/devices/pci0000:00/0000:00:01.2/usb1/1-0:1.0", - "sysfs_bus_id": "1-0:1.0", - "resources": [ - { - "type": "baud", - "speed": 12000000, - "bits": 0, - "stop_bits": 0, - "parity": 0, - "handshake": 0 - } - ], - "detail": { - "device_class": { - "hex": "0009", - "name": "hub", - "value": 9 - }, - "device_subclass": { - "hex": "0000", - "name": "per_interface", - "value": 0 - }, - "device_protocol": 0, - "interface_class": { - "hex": "0009", - "name": "hub", - "value": 9 - }, - "interface_subclass": { - "hex": "0000", - "name": "per_interface", - "value": 0 - }, - "interface_protocol": 0, - "interface_number": 0, - "interface_alternate_setting": 0 - }, - "hotplug": "usb", - "driver": "hub", - "drivers": [ - "hub" - ], - "module_alias": "usb:v1D6Bp0001d0611dc09dsc00dp00ic09isc00ip00in00" - } - ], - "memory": [ - { - "index": 7, - "attached_to": 0, - "class_list": [ - "memory" - ], - "base_class": { - "hex": "0101", - "name": "Internally Used Class", - "value": 257 - }, - "sub_class": { - "hex": "0002", - "name": "Main Memory", - "value": 2 - }, - "model": "Main Memory", - "resources": [ - { - "type": "mem", - "base": 0, - "range": 8283017216, - "enabled": true, - "access": "read_write", - "prefetch": "unknown" - }, - { - "type": "phys_mem", - "range": 8053063680 - } - ] - } - ], - "monitor": [ - { - "index": 22, - "attached_to": 17, - "class_list": [ - "monitor" - ], - "base_class": { - "hex": "0100", - "name": "Monitor", - "value": 256 - }, - "sub_class": { - "hex": "0002", - "name": "LCD Monitor", - "value": 2 - }, - "vendor": { - "hex": "4914", - "value": 18708 - }, - "device": { - "hex": "1234", - "name": "QEMU Monitor", - "value": 4660 - }, - "serial": "0", - "model": "QEMU Monitor", - "resources": [ - { - "type": "monitor", - "width": 1024, - "height": 768, - "vertical_frequency": 60, - "interlaced": false - }, - { - "type": "monitor", - "width": 1600, - "height": 1200, - "vertical_frequency": 60, - "interlaced": false - }, - { - "type": "monitor", - "width": 1920, - "height": 1080, - "vertical_frequency": 60, - "interlaced": false - }, - { - "type": "monitor", - "width": 2048, - "height": 1152, - "vertical_frequency": 60, - "interlaced": false - }, - { - "type": "monitor", - "width": 640, - "height": 480, - "vertical_frequency": 60, - "interlaced": false - }, - { - "type": "monitor", - "width": 800, - "height": 600, - "vertical_frequency": 60, - "interlaced": false - }, - { - "type": "size", - "unit": "mm", - "value_1": 260, - "value_2": 195 - } - ], - "detail": { - "manufacture_year": 2014, - "manufacture_week": 42, - "vertical_sync": { - "min": 50, - "max": 125 - }, - "horizontal_sync": { - "min": 30, - "max": 160 - }, - "horizontal_sync_timings": { - "disp": 1024, - "sync_start": 1280, - "sync_end": 1310, - "total": 1382 - }, - "vertical_sync_timings": { - "disp": 768, - "sync_start": 771, - "sync_end": 774, - "total": 794 - }, - "clock": 82290, - "width": 1024, - "height": 768, - "width_millimetres": 260, - "height_millimetres": 195, - "horizontal_flag": 45, - "vertical_flag": 45, - "vendor": "", - "name": "QEMU Monitor" - }, - "driver_info": { - "type": "display", - "width": 2048, - "height": 1152, - "vertical_sync": { - "min": 50, - "max": 125 - }, - "horizontal_sync": { - "min": 30, - "max": 160 - }, - "bandwidth": 0, - "horizontal_sync_timings": { - "disp": 1024, - "sync_start": 1280, - "sync_end": 1310, - "total": 1382 - }, - "vertical_sync_timings": { - "disp": 768, - "sync_start": 771, - "sync_end": 774, - "total": 794 - }, - "horizontal_flag": 45, - "vertical_flag": 45 - } - } - ], - "mouse": [ - { - "index": 26, - "attached_to": 25, - "class_list": [ - "mouse", - "usb" - ], - "bus_type": { - "hex": "0086", - "name": "USB", - "value": 134 - }, - "slot": { - "bus": 0, - "number": 0 - }, - "base_class": { - "hex": "0105", - "name": "Mouse", - "value": 261 - }, - "sub_class": { - "hex": "0003", - "name": "USB Mouse", - "value": 3 - }, - "vendor": { - "hex": "0627", - "name": "QEMU", - "value": 1575 - }, - "device": { - "hex": "0001", - "name": "QEMU USB Tablet", - "value": 1 - }, - "serial": "28754-0000:00:01.2-1", - "compat_vendor": "Unknown", - "compat_device": "Generic USB Mouse", - "model": "QEMU USB Tablet", - "sysfs_id": "/devices/pci0000:00/0000:00:01.2/usb1/1-1/1-1:1.0", - "sysfs_bus_id": "1-1:1.0", - "unix_device_name": "/dev/input/mice", - "unix_device_number": { - "type": 99, - "major": 13, - "minor": 63, - "range": 1 - }, - "unix_device_names": [ - "/dev/input/mice" - ], - "unix_device_name2": "/dev/input/mouse0", - "unix_device_number2": { - "type": 99, - "major": 13, - "minor": 32, - "range": 1 - }, - "resources": [ - { - "type": "baud", - "speed": 12000000, - "bits": 0, - "stop_bits": 0, - "parity": 0, - "handshake": 0 - } - ], - "detail": { - "device_class": { - "hex": "0000", - "name": "per_interface", - "value": 0 - }, - "device_subclass": { - "hex": "0000", - "name": "per_interface", - "value": 0 - }, - "device_protocol": 0, - "interface_class": { - "hex": "0003", - "name": "hid", - "value": 3 - }, - "interface_subclass": { - "hex": "0000", - "name": "per_interface", - "value": 0 - }, - "interface_protocol": 0, - "interface_number": 0, - "interface_alternate_setting": 0 - }, - "hotplug": "usb", - "driver": "usbhid", - "driver_module": "usbhid", - "drivers": [ - "usbhid" - ], - "driver_modules": [ - "usbhid" - ], - "driver_info": { - "type": "mouse", - "db_entry_0": [ - "explorerps/2", - "exps2" - ], - "xf86": "explorerps/2", - "gpm": "exps2", - "buttons": -1, - "wheels": -1 - }, - "module_alias": "usb:v0627p0001d0000dc00dsc00dp00ic03isc00ip00in00" - } - ], - "network_controller": [ - { - "index": 20, - "attached_to": 15, - "class_list": [ - "network_controller" - ], - "bus_type": { - "hex": "008f", - "name": "Virtio", - "value": 143 - }, - "slot": { - "bus": 0, - "number": 0 - }, - "base_class": { - "hex": "0002", - "name": "Network controller", - "value": 2 - }, - "sub_class": { - "hex": "0000", - "name": "Ethernet controller", - "value": 0 - }, - "vendor": "Virtio", - "device": "Ethernet Card 0", - "model": "Virtio Ethernet Card 0", - "sysfs_id": "/devices/pci0000:00/0000:00:03.0/virtio0", - "sysfs_bus_id": "virtio0", - "unix_device_name": "ens3", - "unix_device_names": [ - "ens3" - ], - "resources": [ - { - "type": "hwaddr", - "address": 54 - }, - { - "type": "phwaddr", - "address": 54 - } - ], - "driver": "virtio_net", - "driver_module": "virtio_net", - "drivers": [ - "virtio_net" - ], - "driver_modules": [ - "virtio_net" - ], - "module_alias": "virtio:d00000001v00001AF4" - } - ], - "network_interface": [ - { - "index": 27, - "attached_to": 0, - "class_list": [ - "network_interface" - ], - "base_class": { - "hex": "0107", - "name": "Network Interface", - "value": 263 - }, - "sub_class": { - "hex": "0000", - "name": "Loopback", - "value": 0 - }, - "model": "Loopback network interface", - "sysfs_id": "/class/net/lo", - "unix_device_name": "lo", - "unix_device_names": [ - "lo" - ] - }, - { - "index": 28, - "attached_to": 20, - "class_list": [ - "network_interface" - ], - "base_class": { - "hex": "0107", - "name": "Network Interface", - "value": 263 - }, - "sub_class": { - "hex": "0001", - "name": "Ethernet", - "value": 1 - }, - "model": "Ethernet network interface", - "sysfs_id": "/class/net/ens3", - "sysfs_device_link": "/devices/pci0000:00/0000:00:03.0/virtio0", - "unix_device_name": "ens3", - "unix_device_names": [ - "ens3" - ], - "resources": [ - { - "type": "hwaddr", - "address": 54 - }, - { - "type": "phwaddr", - "address": 54 - } - ], - "driver": "virtio_net", - "driver_module": "virtio_net", - "drivers": [ - "virtio_net" - ], - "driver_modules": [ - "virtio_net" - ] - } - ], - "pci": [ - { - "index": 8, - "attached_to": 0, - "class_list": [ - "pci", - "unknown" - ], - "bus_type": { - "hex": "0004", - "name": "PCI", - "value": 4 - }, - "slot": { - "bus": 0, - "number": 28 - }, - "base_class": { - "hex": "0007", - "name": "Communication controller", - "value": 7 - }, - "sub_class": { - "hex": "0080", - "name": "Communication controller", - "value": 128 - }, - "vendor": { - "hex": "1af4", - "value": 6900 - }, - "sub_vendor": { - "hex": "1af4", - "value": 6900 - }, - "device": { - "hex": "1003", - "value": 4099 - }, - "sub_device": { - "hex": "0003", - "value": 3 - }, - "model": "Communication controller", - "sysfs_id": "/devices/pci0000:00/0000:00:1c.0", - "sysfs_bus_id": "0000:00:1c.0", - "resources": [ - { - "type": "io", - "base": 49344, - "range": 64, - "enabled": true, - "access": "read_write" - }, - { - "type": "irq", - "base": 11, - "triggered": 0, - "enabled": true - }, - { - "type": "mem", - "base": 4269834240, - "range": 16384, - "enabled": true, - "access": "read_only", - "prefetch": "no" - }, - { - "type": "mem", - "base": 4273811456, - "range": 4096, - "enabled": true, - "access": "read_write", - "prefetch": "no" - } - ], - "detail": { - "function": 0, - "command": 1287, - "header_type": 0, - "secondary_bus": 0, - "irq": 11, - "prog_if": 0 - }, - "driver": "virtio-pci", - "driver_module": "virtio_pci", - "drivers": [ - "virtio-pci" - ], - "driver_modules": [ - "virtio_pci" - ], - "module_alias": "pci:v00001AF4d00001003sv00001AF4sd00000003bc07sc80i00" - }, - { - "index": 10, - "attached_to": 0, - "class_list": [ - "pci", - "unknown" - ], - "bus_type": { - "hex": "0004", - "name": "PCI", - "value": 4 - }, - "slot": { - "bus": 0, - "number": 16 - }, - "base_class": { - "hex": "0001", - "name": "Mass storage controller", - "value": 1 - }, - "sub_class": { - "hex": "0000", - "name": "SCSI storage controller", - "value": 0 - }, - "vendor": { - "hex": "1af4", - "value": 6900 - }, - "sub_vendor": { - "hex": "1af4", - "value": 6900 - }, - "device": { - "hex": "1001", - "value": 4097 - }, - "sub_device": { - "hex": "0002", - "value": 2 - }, - "model": "SCSI storage controller", - "sysfs_id": "/devices/pci0000:00/0000:00:10.0", - "sysfs_bus_id": "0000:00:10.0", - "resources": [ - { - "type": "io", - "base": 49152, - "range": 128, - "enabled": true, - "access": "read_write" - }, - { - "type": "irq", - "base": 11, - "triggered": 0, - "enabled": true - }, - { - "type": "mem", - "base": 4269817856, - "range": 16384, - "enabled": true, - "access": "read_only", - "prefetch": "no" - }, - { - "type": "mem", - "base": 4273807360, - "range": 4096, - "enabled": true, - "access": "read_write", - "prefetch": "no" - } - ], - "detail": { - "function": 0, - "command": 1287, - "header_type": 0, - "secondary_bus": 0, - "irq": 11, - "prog_if": 0 - }, - "driver": "virtio-pci", - "driver_module": "virtio_pci", - "drivers": [ - "virtio-pci" - ], - "driver_modules": [ - "virtio_pci" - ], - "module_alias": "pci:v00001AF4d00001001sv00001AF4sd00000002bc01sc00i00" - }, - { - "index": 12, - "attached_to": 0, - "class_list": [ - "pci", - "unknown" - ], - "bus_type": { - "hex": "0004", - "name": "PCI", - "value": 4 - }, - "slot": { - "bus": 0, - "number": 30 - }, - "base_class": { - "hex": "0000", - "name": "Unclassified device", - "value": 0 - }, - "sub_class": { - "hex": "00ff", - "value": 255 - }, - "vendor": { - "hex": "1af4", - "value": 6900 - }, - "sub_vendor": { - "hex": "1af4", - "value": 6900 - }, - "device": { - "hex": "1002", - "value": 4098 - }, - "sub_device": { - "hex": "0005", - "value": 5 - }, - "model": "Unclassified device", - "sysfs_id": "/devices/pci0000:00/0000:00:1e.0", - "sysfs_bus_id": "0000:00:1e.0", - "resources": [ - { - "type": "io", - "base": 49408, - "range": 64, - "enabled": true, - "access": "read_write" - }, - { - "type": "irq", - "base": 10, - "triggered": 0, - "enabled": true - }, - { - "type": "mem", - "base": 4269850624, - "range": 16384, - "enabled": true, - "access": "read_only", - "prefetch": "no" - } - ], - "detail": { - "function": 0, - "command": 263, - "header_type": 0, - "secondary_bus": 0, - "irq": 10, - "prog_if": 0 - }, - "driver": "virtio-pci", - "driver_module": "virtio_pci", - "drivers": [ - "virtio-pci" - ], - "driver_modules": [ - "virtio_pci" - ], - "module_alias": "pci:v00001AF4d00001002sv00001AF4sd00000005bc00scFFi00" - }, - { - "index": 15, - "attached_to": 0, - "class_list": [ - "pci", - "unknown" - ], - "bus_type": { - "hex": "0004", - "name": "PCI", - "value": 4 - }, - "slot": { - "bus": 0, - "number": 3 - }, - "base_class": { - "hex": "0002", - "name": "Network controller", - "value": 2 - }, - "sub_class": { - "hex": "0000", - "name": "Ethernet controller", - "value": 0 - }, - "vendor": { - "hex": "1af4", - "value": 6900 - }, - "sub_vendor": { - "hex": "1af4", - "value": 6900 - }, - "device": { - "hex": "1000", - "value": 4096 - }, - "sub_device": { - "hex": "0001", - "value": 1 - }, - "model": "Ethernet controller", - "sysfs_id": "/devices/pci0000:00/0000:00:03.0", - "sysfs_bus_id": "0000:00:03.0", - "resources": [ - { - "type": "io", - "base": 49280, - "range": 64, - "enabled": true, - "access": "read_write" - }, - { - "type": "irq", - "base": 10, - "triggered": 0, - "enabled": true - }, - { - "type": "mem", - "base": 4269801472, - "range": 16384, - "enabled": true, - "access": "read_only", - "prefetch": "no" - }, - { - "type": "mem", - "base": 4273471488, - "range": 262144, - "enabled": false, - "access": "read_only", - "prefetch": "no" - }, - { - "type": "mem", - "base": 4273803264, - "range": 4096, - "enabled": true, - "access": "read_write", - "prefetch": "no" - } - ], - "detail": { - "function": 0, - "command": 1287, - "header_type": 0, - "secondary_bus": 0, - "irq": 10, - "prog_if": 0 - }, - "driver": "virtio-pci", - "driver_module": "virtio_pci", - "drivers": [ - "virtio-pci" - ], - "driver_modules": [ - "virtio_pci" - ], - "module_alias": "pci:v00001AF4d00001000sv00001AF4sd00000001bc02sc00i00" - } - ], - "storage_controller": [ - { - "index": 16, - "attached_to": 0, - "class_list": [ - "storage_controller", - "pci" - ], - "bus_type": { - "hex": "0004", - "name": "PCI", - "value": 4 - }, - "slot": { - "bus": 0, - "number": 1 - }, - "base_class": { - "hex": "0001", - "name": "Mass storage controller", - "value": 1 - }, - "sub_class": { - "hex": "0001", - "name": "IDE interface", - "value": 1 - }, - "pci_interface": { - "hex": "0080", - "value": 128 - }, - "vendor": { - "hex": "8086", - "name": "Intel Corporation", - "value": 32902 - }, - "sub_vendor": { - "hex": "1af4", - "value": 6900 - }, - "device": { - "hex": "7010", - "value": 28688 - }, - "sub_device": { - "hex": "1100", - "value": 4352 - }, - "model": "Intel IDE interface", - "sysfs_id": "/devices/pci0000:00/0000:00:01.1", - "sysfs_bus_id": "0000:00:01.1", - "resources": [ - { - "type": "io", - "base": 1014, - "range": 1, - "enabled": true, - "access": "read_write" - }, - { - "type": "io", - "base": 368, - "range": 8, - "enabled": true, - "access": "read_write" - }, - { - "type": "io", - "base": 49504, - "range": 16, - "enabled": true, - "access": "read_write" - }, - { - "type": "io", - "base": 496, - "range": 8, - "enabled": true, - "access": "read_write" - }, - { - "type": "io", - "base": 886, - "range": 1, - "enabled": true, - "access": "read_write" - } - ], - "detail": { - "function": 1, - "command": 263, - "header_type": 0, - "secondary_bus": 0, - "irq": 0, - "prog_if": 128 - }, - "driver": "ata_piix", - "driver_module": "ata_piix", - "drivers": [ - "ata_piix" - ], - "driver_modules": [ - "ata_piix" - ], - "module_alias": "pci:v00008086d00007010sv00001AF4sd00001100bc01sc01i80" - }, - { - "index": 18, - "attached_to": 10, - "class_list": [ - "storage_controller" - ], - "bus_type": { - "hex": "008f", - "name": "Virtio", - "value": 143 - }, - "slot": { - "bus": 0, - "number": 0 - }, - "base_class": { - "hex": "0001", - "name": "Mass storage controller", - "value": 1 - }, - "sub_class": { - "hex": "0080", - "name": "Storage controller", - "value": 128 - }, - "vendor": "Virtio", - "device": "Storage 0", - "model": "Virtio Storage 0", - "sysfs_id": "/devices/pci0000:00/0000:00:10.0/virtio1", - "sysfs_bus_id": "virtio1", - "driver": "virtio_blk", - "driver_module": "virtio_blk", - "drivers": [ - "virtio_blk" - ], - "driver_modules": [ - "virtio_blk" - ], - "module_alias": "virtio:d00000002v00001AF4" - } - ], - "system": { - "form_factor": "desktop" - }, - "unknown": [ - { - "index": 19, - "attached_to": 8, - "class_list": [ - "unknown" - ], - "base_class": { - "hex": "0000", - "name": "Unclassified device", - "value": 0 - }, - "sub_class": { - "hex": "0000", - "name": "Unclassified device", - "value": 0 - }, - "vendor": "Virtio", - "device": "", - "model": "Virtio Unclassified device", - "sysfs_id": "/devices/pci0000:00/0000:00:1c.0/virtio2", - "sysfs_bus_id": "virtio2", - "driver": "virtio_console", - "driver_module": "virtio_console", - "drivers": [ - "virtio_console" - ], - "driver_modules": [ - "virtio_console" - ], - "module_alias": "virtio:d00000003v00001AF4" - }, - { - "index": 21, - "attached_to": 12, - "class_list": [ - "unknown" - ], - "base_class": { - "hex": "0000", - "name": "Unclassified device", - "value": 0 - }, - "sub_class": { - "hex": "0000", - "name": "Unclassified device", - "value": 0 - }, - "vendor": "Virtio", - "device": "", - "model": "Virtio Unclassified device", - "sysfs_id": "/devices/pci0000:00/0000:00:1e.0/virtio3", - "sysfs_bus_id": "virtio3", - "driver": "virtio_balloon", - "driver_module": "virtio_balloon", - "drivers": [ - "virtio_balloon" - ], - "driver_modules": [ - "virtio_balloon" - ], - "module_alias": "virtio:d00000005v00001AF4" - } - ], - "usb_controller": [ - { - "index": 9, - "attached_to": 0, - "class_list": [ - "usb_controller", - "pci" - ], - "bus_type": { - "hex": "0004", - "name": "PCI", - "value": 4 - }, - "slot": { - "bus": 0, - "number": 1 - }, - "base_class": { - "hex": "000c", - "name": "Serial bus controller", - "value": 12 - }, - "sub_class": { - "hex": "0003", - "name": "USB Controller", - "value": 3 - }, - "pci_interface": { - "hex": "0000", - "name": "UHCI", - "value": 0 - }, - "vendor": { - "hex": "8086", - "name": "Intel Corporation", - "value": 32902 - }, - "sub_vendor": { - "hex": "1af4", - "value": 6900 - }, - "device": { - "hex": "7020", - "value": 28704 - }, - "sub_device": { - "hex": "1100", - "value": 4352 - }, - "revision": { - "hex": "0001", - "value": 1 - }, - "model": "Intel USB Controller", - "sysfs_id": "/devices/pci0000:00/0000:00:01.2", - "sysfs_bus_id": "0000:00:01.2", - "resources": [ - { - "type": "io", - "base": 49472, - "range": 32, - "enabled": true, - "access": "read_write" - }, - { - "type": "irq", - "base": 11, - "triggered": 0, - "enabled": true - } - ], - "detail": { - "function": 2, - "command": 263, - "header_type": 0, - "secondary_bus": 0, - "irq": 11, - "prog_if": 0 - }, - "driver": "uhci_hcd", - "driver_module": "uhci_hcd", - "drivers": [ - "uhci_hcd" - ], - "driver_modules": [ - "uhci_hcd" - ], - "driver_info": { - "type": "module", - "db_entry_0": [ - "uhci-hcd" - ], - "active": true, - "modprobe": true, - "names": [ - "uhci-hcd" - ], - "module_args": [ - "" - ], - "conf": "" - }, - "module_alias": "pci:v00008086d00007020sv00001AF4sd00001100bc0Csc03i00" - } - ] - }, - "smbios": { - "bios": { - "handle": 0, - "vendor": "netcup", - "version": "VPS 1000 G11 SE", - "date": "12/04/2024", - "features": null, - "start_address": "0xe8000", - "rom_size": 65536 - }, - "chassis": { - "handle": 768, - "manufacturer": "QEMU", - "version": "pc-i440fx-6.2", - "chassis_type": { - "hex": "0001", - "name": "Other", - "value": 1 - }, - "lock_present": false, - "bootup_state": { - "hex": "0003", - "name": "Safe", - "value": 3 - }, - "power_state": { - "hex": "0003", - "name": "Safe", - "value": 3 - }, - "thermal_state": { - "hex": "0003", - "name": "Safe", - "value": 3 - }, - "security_state": { - "hex": "0002", - "name": "Unknown", - "value": 2 - }, - "oem": "0x0" - }, - "memory_array": [ - { - "handle": 4096, - "location": { - "hex": "0001", - "name": "Other", - "value": 1 - }, - "usage": { - "hex": "0003", - "name": "System memory", - "value": 3 - }, - "ecc": { - "hex": "0006", - "name": "Multi-bit", - "value": 6 - }, - "max_size": 8388608, - "error_handle": 65534, - "slots": 1 - } - ], - "memory_array_mapped_address": [ - { - "handle": 4864, - "array_handle": 4096, - "start_address": 0, - "end_address": 3221225472, - "part_width": 1 - }, - { - "handle": 4865, - "array_handle": 4096, - "start_address": 4294967296, - "end_address": 9663676416, - "part_width": 1 - } - ], - "memory_device": [ - { - "handle": 4352, - "location": "DIMM 0", - "bank_location": "", - "manufacturer": "QEMU", - "part_number": "", - "array_handle": 4096, - "error_handle": 65534, - "width": 0, - "ecc_bits": 0, - "size": 8388608, - "form_factor": { - "hex": "0009", - "name": "DIMM", - "value": 9 - }, - "set": 0, - "memory_type": { - "hex": "0007", - "name": "RAM", - "value": 7 - }, - "memory_type_details": [ - "Other" - ], - "speed": 0 - } - ], - "processor": [ - { - "handle": 1024, - "socket": "CPU 0", - "socket_type": { - "hex": "0001", - "name": "Other", - "value": 1 - }, - "socket_populated": true, - "manufacturer": "QEMU", - "version": "pc-i440fx-6.2", - "part": "", - "processor_type": { - "hex": "0003", - "name": "CPU", - "value": 3 - }, - "processor_family": { - "hex": "0001", - "name": "Other", - "value": 1 - }, - "processor_status": { - "hex": "0001", - "name": "Enabled", - "value": 1 - }, - "clock_ext": 0, - "clock_max": 2000, - "cache_handle_l1": 0, - "cache_handle_l2": 0, - "cache_handle_l3": 0 - }, - { - "handle": 1025, - "socket": "CPU 1", - "socket_type": { - "hex": "0001", - "name": "Other", - "value": 1 - }, - "socket_populated": true, - "manufacturer": "QEMU", - "version": "pc-i440fx-6.2", - "part": "", - "processor_type": { - "hex": "0003", - "name": "CPU", - "value": 3 - }, - "processor_family": { - "hex": "0001", - "name": "Other", - "value": 1 - }, - "processor_status": { - "hex": "0001", - "name": "Enabled", - "value": 1 - }, - "clock_ext": 0, - "clock_max": 2000, - "cache_handle_l1": 0, - "cache_handle_l2": 0, - "cache_handle_l3": 0 - }, - { - "handle": 1026, - "socket": "CPU 2", - "socket_type": { - "hex": "0001", - "name": "Other", - "value": 1 - }, - "socket_populated": true, - "manufacturer": "QEMU", - "version": "pc-i440fx-6.2", - "part": "", - "processor_type": { - "hex": "0003", - "name": "CPU", - "value": 3 - }, - "processor_family": { - "hex": "0001", - "name": "Other", - "value": 1 - }, - "processor_status": { - "hex": "0001", - "name": "Enabled", - "value": 1 - }, - "clock_ext": 0, - "clock_max": 2000, - "cache_handle_l1": 0, - "cache_handle_l2": 0, - "cache_handle_l3": 0 - }, - { - "handle": 1027, - "socket": "CPU 3", - "socket_type": { - "hex": "0001", - "name": "Other", - "value": 1 - }, - "socket_populated": true, - "manufacturer": "QEMU", - "version": "pc-i440fx-6.2", - "part": "", - "processor_type": { - "hex": "0003", - "name": "CPU", - "value": 3 - }, - "processor_family": { - "hex": "0001", - "name": "Other", - "value": 1 - }, - "processor_status": { - "hex": "0001", - "name": "Enabled", - "value": 1 - }, - "clock_ext": 0, - "clock_max": 2000, - "cache_handle_l1": 0, - "cache_handle_l2": 0, - "cache_handle_l3": 0 - } - ], - "system": { - "handle": 256, - "manufacturer": "netcup", - "product": "KVM Server", - "version": "VPS 1000 G11 SE", - "wake_up": { - "hex": "0006", - "name": "Power Switch", - "value": 6 - } - } - } -} diff --git a/hosts/by-name/server1/configuration.nix b/hosts/by-name/server1/configuration.nix index ab7c02a..6bb1067 100644 --- a/hosts/by-name/server1/configuration.nix +++ b/hosts/by-name/server1/configuration.nix @@ -25,7 +25,16 @@ postgresql.enable = true; redlib.enable = true; users.enable = true; - persist.enable = true; + persist = { + enable = true; + directories = [ + "/var/log" + + # TODO(@bpeetz): Instead of persisting that, encode each uid/gid directly in the + # config. <2024-12-24> + "/var/lib/nixos" + ]; + }; }; boot.tmp.cleanOnBoot = true; diff --git a/hosts/by-name/server1/networking.nix b/hosts/by-name/server1/networking.nix index 4e1d64a..dd9b9af 100644 --- a/hosts/by-name/server1/networking.nix +++ b/hosts/by-name/server1/networking.nix @@ -47,6 +47,6 @@ # cat /sys/class/net/eth0/address services.udev.extraRules = '' - ATTR{address}=="66:78:8e:15:33:2e", NAME="eth0" + ATTR{address}=="66:22:6d:82:93:9b", NAME="eth0" ''; } diff --git a/hosts/by-name/server2/configuration.nix b/hosts/by-name/server2/configuration.nix index 571a235..07b78c3 100644 --- a/hosts/by-name/server2/configuration.nix +++ b/hosts/by-name/server2/configuration.nix @@ -8,7 +8,7 @@ back = { enable = true; repositories = { - "${config.services.gitolite.dataDir}/vhack.eu/nixos-server.git" = { + "${config.services.gitolite.dataDir}/repositories/vhack.eu/nixos-server.git" = { domain = "issues.foss-syndicate.org"; port = 9220; }; @@ -20,9 +20,19 @@ domain = "git.foss-syndicate.org"; gitolite.adminPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIME4ZVa+IoZf6T3U08JG93i6QIAJ4amm7mkBzO14JSkz cardno:000F_18F83532"; }; - nginx.enable = true; + nginx = { + enable = true; + redirects = { + "source.foss-syndicate.org" = "https://git.foss-syndicate.org/vhack.eu/nixos-server"; + }; + }; openssh.enable = true; - persist.enable = true; + persist = { + enable = true; + directories = [ + "/var/log" + ]; + }; rust-motd.enable = true; users.enable = true; }; diff --git a/hosts/by-name/server2/networking.nix b/hosts/by-name/server2/networking.nix index e6a96c2..6b7b0ee 100644 --- a/hosts/by-name/server2/networking.nix +++ b/hosts/by-name/server2/networking.nix @@ -1,42 +1,40 @@ -{lib, ...}: let - ipv4 = "185.16.61.132"; - ipv6 = "2a03:4000:a:106::1"; -in { +{lib, ...}: { + # This file was populated at runtime with the networking + # details gathered from the active system. networking = { nameservers = [ - "8.8.8.8" + "46.38.225.230" + "46.38.252.230" + "2a03:4000:0:1::e1e6" ]; - - defaultGateway = { - address = "89.58.56.1"; - interface = "eth0"; - }; + defaultGateway = "185.16.60.1"; defaultGateway6 = { address = "fe80::1"; interface = "eth0"; }; - dhcpcd.enable = false; - usePredictableInterfaceNames = lib.mkForce false; - interfaces = { eth0 = { ipv4.addresses = [ { - address = ipv4; - prefixLength = 22; + address = "185.16.61.132"; + prefixLength = 23; } ]; ipv6.addresses = [ { - address = ipv6; + address = "2a03:4000:a:106:6478:8eff:fe15:332e"; + prefixLength = 64; + } + { + address = "fe80::6478:8eff:fe15:332e"; prefixLength = 64; } ]; ipv4.routes = [ { - address = ipv4; + address = "185.16.60.1"; prefixLength = 32; } ]; @@ -50,6 +48,6 @@ in { }; }; services.udev.extraRules = '' - ATTR{address}=="66:22:6d:82:93:9b", NAME="eth0" + ATTR{address}=="66:78:8e:15:33:2e", NAME="eth0" ''; } diff --git a/hosts/default.nix b/hosts/default.nix index f7df5d3..f53ee35 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -4,22 +4,38 @@ nixpkgs, specialArgs, extraModules, + deployPackage, }: let + hostnames = builtins.fromTOML (builtins.readFile ./host-names.toml); + hosts = nixLib.mkByName { useShards = false; baseDirectory = ./by-name; fileName = "configuration.nix"; - finalizeFunction = name: value: - nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - inherit specialArgs; - modules = - extraModules - ++ [ - ../modules - value - ]; - }; + finalizeFunction = name: value: value; }; -in - hosts + + mkNixosConfiguration = _: value: + nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + inherit specialArgs; + modules = + extraModules + ++ [ + ../modules + value + ]; + }; + nixosConfigurations = builtins.mapAttrs mkNixosConfiguration hosts; + + mkDeploy = name: _: { + hostname = hostnames."${name}"; + profiles.system = { + user = "root"; + path = deployPackage.lib.activate.nixos nixosConfigurations."${name}"; + }; + }; + deploy = {nodes = builtins.mapAttrs mkDeploy hosts;}; +in { + inherit nixosConfigurations deploy; +} diff --git a/hosts/host-names.toml b/hosts/host-names.toml new file mode 100644 index 0000000..fd5b960 --- /dev/null +++ b/hosts/host-names.toml @@ -0,0 +1,2 @@ +server1 = "server1.vhack.eu" +server2 = "server2.vhack.eu" diff --git a/modules/by-name/ba/back/module.nix b/modules/by-name/ba/back/module.nix index f732f02..2bc5159 100644 --- a/modules/by-name/ba/back/module.nix +++ b/modules/by-name/ba/back/module.nix @@ -63,7 +63,7 @@ services = lib.mapAttrs' (gitPath: config: { - name = builtins.replaceStrings ["/"] ["_"] "back-${gitPath}-${config.domain}"; + name = builtins.replaceStrings ["/"] ["_"] "back-${config.domain}"; value = mkUnit gitPath config.port; }) cfg.repositories; diff --git a/modules/by-name/co/constants/module.nix b/modules/by-name/co/constants/module.nix new file mode 100644 index 0000000..a28ea0c --- /dev/null +++ b/modules/by-name/co/constants/module.nix @@ -0,0 +1,43 @@ +# This file is inspired by the `nixos/modules/misc/ids.nix` +# file in nixpkgs. +{lib, ...}: { + options.vhack.constants = { + ids.uids = lib.mkOption { + internal = true; + description = '' + The user IDs used in the vhack.eu nixos config. + ''; + type = lib.types.attrsOf lib.types.int; + }; + ids.gids = lib.mkOption { + internal = true; + description = '' + The group IDs used in the vhack.eu nixos config. + ''; + type = lib.types.attrsOf lib.types.int; + }; + }; + + config.vhack.constants = { + ids.uids = { + acme = 328; + dhcpcd = 329; + nscd = 330; + sshd = 331; + systemd-oom = 332; + + # As per the NixOS file, the uids should not be greater or equal to 400; + }; + ids.gids = { + acme = 328; + dhcpcd = 329; + nscd = 330; + sshd = 331; + systemd-oom = 332; + resolvconf = 333; # This group is not matched to an user? + systemd-coredump = 151; # matches systemd-coredump user + + # The gid should match the uid. Thus should not be >= 400; + }; + }; +} diff --git a/modules/by-name/co/coredump/module.nix b/modules/by-name/co/coredump/module.nix new file mode 100644 index 0000000..ce28ed9 --- /dev/null +++ b/modules/by-name/co/coredump/module.nix @@ -0,0 +1,18 @@ +{ + config, + lib, + ... +}: let + cfg = config.vhack.systemd.coredump; +in { + options.vhack.systemd.coredump = { + # NOTE(@bpeetz): Enabled by default, because that is what NixOS also does. <2024-12-25> + enable = (lib.mkEnableOption "oomd") // {default = true;}; + }; + + config = lib.mkIf cfg.enable { + users = { + groups.systemd-coredump.gid = config.vhack.constants.ids.gids.systemd-coredump; + }; + }; +} diff --git a/modules/by-name/dh/dhcpcd/module.nix b/modules/by-name/dh/dhcpcd/module.nix new file mode 100644 index 0000000..0e35af3 --- /dev/null +++ b/modules/by-name/dh/dhcpcd/module.nix @@ -0,0 +1,18 @@ +{ + config, + lib, + ... +}: let + cfg = config.vhack.dhcpcd; +in { + options.vhack.dhcpcd = { + enable = (lib.mkEnableOption "dhcpcd") // {default = config.networking.dhcpcd.enable;}; + }; + + config = lib.mkIf cfg.enable { + users = { + users.dhcpcd.uid = config.vhack.constants.ids.uids.dhcpcd; + groups.dhcpcd.gid = config.vhack.constants.ids.gids.dhcpcd; + }; + }; +} diff --git a/modules/by-name/fa/fail2ban/module.nix b/modules/by-name/fa/fail2ban/module.nix index a95e267..c619ef9 100644 --- a/modules/by-name/fa/fail2ban/module.nix +++ b/modules/by-name/fa/fail2ban/module.nix @@ -13,8 +13,9 @@ in { vhack.persist.directories = [ { directory = "/var/lib/fail2ban"; - user = "fail2ban"; - group = "fail2ban"; + # TODO: Fail2ban should probably run under a dedicated `fail2ban` user. <2024-12-25> + user = "root"; + group = "root"; mode = "0700"; } ]; diff --git a/modules/by-name/gi/git-server/module.nix b/modules/by-name/gi/git-server/module.nix index a374f4c..db35897 100644 --- a/modules/by-name/gi/git-server/module.nix +++ b/modules/by-name/gi/git-server/module.nix @@ -48,13 +48,23 @@ in { }; # Needed for the nginx proxy and the virtual host - vhack.nginx.enable = true; + vhack = { + nginx.enable = true; + persist.directories = [ + { + directory = "/var/lib/gitolite"; + user = "git"; + group = "git"; + mode = "0755"; + } + ]; + }; services = { gitolite = { inherit (cfg.gitolite) adminPubkey; enable = true; - dataDir = "/srv/gitolite"; + dataDir = "/var/lib/gitolite"; user = "git"; group = "git"; extraGitoliteRc = '' diff --git a/modules/by-name/im/impermanence/module.nix b/modules/by-name/im/impermanence/module.nix index d645bcb..1c916e2 100644 --- a/modules/by-name/im/impermanence/module.nix +++ b/modules/by-name/im/impermanence/module.nix @@ -20,11 +20,6 @@ in { directories = [ "/etc/nixos" - "/var/log" - - # TODO(@bpeetz): Instead of persisting that, encode each uid/gid directly in the - # config. <2024-12-24> - "/var/lib/nixos" ] ++ cfg.directories; files = [ diff --git a/modules/by-name/ng/nginx/module.nix b/modules/by-name/ng/nginx/module.nix index 30406fe..39919c9 100644 --- a/modules/by-name/ng/nginx/module.nix +++ b/modules/by-name/ng/nginx/module.nix @@ -3,20 +3,13 @@ config, ... }: let - importedRedirects = import ./redirects.nix {}; - mkRedirect = { - key, - value, - }: { - name = key; - value = { - forceSSL = true; - enableACME = true; - locations."/".return = "301 ${value}"; - }; + mkRedirect = _: value: { + forceSSL = true; + enableACME = true; + locations."/".return = "301 ${value}"; }; - redirects = builtins.listToAttrs (builtins.map mkRedirect importedRedirects); + redirects = builtins.mapAttrs mkRedirect cfg.redirects; cfg = config.vhack.nginx; in { @@ -33,12 +26,28 @@ in { really be useful for tests. ''; }; + + redirects = lib.mkOption { + type = lib.types.attrsOf lib.types.str; + default = {}; + description = '' + An attrset of redirects to add. + The keys are the domain that should than be redirected to the url specified as + value. + ''; + }; }; config = lib.mkIf cfg.enable { vhack.persist.directories = [ "/var/lib/acme" ]; + + users = { + users.acme.uid = config.vhack.constants.ids.uids.acme; + groups.acme.gid = config.vhack.constants.ids.gids.acme; + }; + security.acme = { acceptTerms = true; defaults = { @@ -56,8 +65,9 @@ in { }; services.nginx = { enable = true; - # The merge here is fine, as no domain should be specified twice - #virtualHosts = + virtualHosts = redirects; + + # FIXME(@bpeetz): Migrate to a host. <2024-12-25> # { # "gallery.s-schoeffel.de" = { # forceSSL = true; @@ -65,7 +75,6 @@ in { # root = "/srv/gallery.s-schoeffel.de"; # }; # } - # // redirects; }; }; } diff --git a/modules/by-name/ng/nginx/redirects.nix b/modules/by-name/ng/nginx/redirects.nix deleted file mode 100644 index a021e72..0000000 --- a/modules/by-name/ng/nginx/redirects.nix +++ /dev/null @@ -1,6 +0,0 @@ -{...}: [ - { - key = "source.vhack.eu"; - value = "https://codeberg.org/vhack.eu/nixos-server"; - } -] diff --git a/modules/by-name/ni/nix-sync/internal_module.nix b/modules/by-name/ni/nix-sync/internal_module.nix index e3b55c9..4e28586 100644 --- a/modules/by-name/ni/nix-sync/internal_module.nix +++ b/modules/by-name/ni/nix-sync/internal_module.nix @@ -55,7 +55,7 @@ out_paths=$(mktemp); nix build . --print-out-paths --experimental-features 'nix-command flakes' > "$out_paths"; - [ "$(wc -l < "$out_paths")" -gt 1 ] && {echo "To many out-paths"; exit 1;} + [ "$(wc -l < "$out_paths")" -gt 1 ] && { echo "To many out-paths"; exit 1; } out_path="$(cat "$out_paths")"; rm ${esa repoPath}; ln -s "$out_path" ${esa repoPath}; @@ -71,7 +71,7 @@ out_paths=$(mktemp); nix build ${esa repoCachePath} --print-out-paths --experimental-features 'nix-command flakes' > "$out_paths"; - [ "$(wc -l < "$out_paths")" -gt 1 ] && {echo "To many out-paths"; exit 1;} + [ "$(wc -l < "$out_paths")" -gt 1 ] && { echo "To many out-paths"; exit 1; } out_path="$(cat "$out_paths")"; ln -s "$out_path" ${esa repoPath}; rm "$out_paths"; diff --git a/modules/by-name/ns/nscd/module.nix b/modules/by-name/ns/nscd/module.nix new file mode 100644 index 0000000..428ae3b --- /dev/null +++ b/modules/by-name/ns/nscd/module.nix @@ -0,0 +1,25 @@ +{ + config, + lib, + ... +}: let + cfg = config.vhack.nscd; +in { + options.vhack.nscd = { + # NOTE(@bpeetz): This is enabled by default in NixOS. + # Because of this reason: + # > Whether to enable the Name Service Cache Daemon. Disabling this is + # > strongly discouraged, as this effectively disables NSS Lookups from + # > all non-glibc NSS modules, including the ones provided by systemd. + # + # As such we should also always enable it. <2024-12-25> + enable = (lib.mkEnableOption "nscd") // {default = true;}; + }; + + config = lib.mkIf cfg.enable { + users = { + users.nscd.uid = config.vhack.constants.ids.uids.nscd; + groups.nscd.gid = config.vhack.constants.ids.gids.nscd; + }; + }; +} diff --git a/modules/by-name/oo/oomd/module.nix b/modules/by-name/oo/oomd/module.nix new file mode 100644 index 0000000..3b39236 --- /dev/null +++ b/modules/by-name/oo/oomd/module.nix @@ -0,0 +1,19 @@ +{ + config, + lib, + ... +}: let + cfg = config.vhack.systemd.oomd; +in { + options.vhack.systemd.oomd = { + # NOTE(@bpeetz): Enabled by default, because that is what NixOS also does. <2024-12-25> + enable = (lib.mkEnableOption "oomd") // {default = true;}; + }; + + config = lib.mkIf cfg.enable { + users = { + users.systemd-oom.uid = config.vhack.constants.ids.uids.systemd-oom; + groups.systemd-oom.gid = config.vhack.constants.ids.gids.systemd-oom; + }; + }; +} diff --git a/modules/by-name/op/openssh/module.nix b/modules/by-name/op/openssh/module.nix index 49290b9..83aeadf 100644 --- a/modules/by-name/op/openssh/module.nix +++ b/modules/by-name/op/openssh/module.nix @@ -37,6 +37,11 @@ in { ]; */ + users = { + users.sshd.uid = config.vhack.constants.ids.uids.sshd; + groups.sshd.gid = config.vhack.constants.ids.gids.sshd; + }; + services.openssh = { enable = true; settings.PasswordAuthentication = false; diff --git a/modules/by-name/re/resolvconf/module.nix b/modules/by-name/re/resolvconf/module.nix new file mode 100644 index 0000000..ff99696 --- /dev/null +++ b/modules/by-name/re/resolvconf/module.nix @@ -0,0 +1,16 @@ +{ + config, + lib, + ... +}: let + cfg = config.vhack.resolvconf; +in { + options.vhack.resolvconf = { + # NOTE(@bpeetz): This condition is taken directly from NixOS. <2024-12-25> + enable = lib.mkEnableOption "resolvconf" // {default = !(config.environment.etc ? "resolv.conf");}; + }; + + config = lib.mkIf cfg.enable { + users.groups.resolvconf.gid = config.vhack.constants.ids.gids.resolvconf; + }; +} diff --git a/modules/by-name/ru/rust-motd/module.nix b/modules/by-name/ru/rust-motd/module.nix index ee88762..a6998f4 100644 --- a/modules/by-name/ru/rust-motd/module.nix +++ b/modules/by-name/ru/rust-motd/module.nix @@ -5,6 +5,20 @@ ... }: let cfg = config.vhack.rust-motd; + + # List all users that can login + pred = n: v: ( + false # <- just here for neat formatting + || v.initialHashedPassword != null + || v.initialPassword != null + || v.hashedPassword != null + || v.hashedPasswordFile != null + || v.password != null + || v.passwordFile != null + || v.openssh.authorizedKeys.keys != [] + || v.openssh.authorizedKeys.keyFiles != [] + ); + userList = builtins.mapAttrs (n: v: 2) (lib.filterAttrs pred config.users.users); in { options.vhack.rust-motd = { enable = lib.mkEnableOption "rust-motd"; @@ -69,11 +83,7 @@ in { jails = ["sshd"]; #, "anotherjail"] }; - last_login = { - sils = 2; - soispha = 2; - nightingale = 2; - }; + last_login = userList; last_run = {}; }; diff --git a/modules/by-name/us/users/module.nix b/modules/by-name/us/users/module.nix index bdffbdc..a197b13 100644 --- a/modules/by-name/us/users/module.nix +++ b/modules/by-name/us/users/module.nix @@ -17,7 +17,7 @@ inherit name uid; isNormalUser = true; home = "/home/${name}"; - initialHashedPassword = password; + hashedPassword = password; extraGroups = [ "wheel" ]; @@ -54,8 +54,8 @@ in { users = { root = { - initialHashedPassword = null; # to lock root - openssh.authorizedKeys.keys = []; + hashedPassword = lib.mkForce null; # to lock root + openssh.authorizedKeys.keys = lib.mkForce []; }; } // extraUsers; diff --git a/notes/deploy.md b/notes/deploy.md index 127d0e9..8d159b1 100644 --- a/notes/deploy.md +++ b/notes/deploy.md @@ -1,7 +1,23 @@ -# Full redeployment +# Full redeployment or first deployment -After a complete server purge just run (requires a root password and _some_ Linux distribution running on it.): +This requires a root password and _some_ Linux distribution running on it. -```sh -./scripts/deploy.sh "<ssh url>" "<hostname>" +We assume that following variables are set. + +```bash +HOST="<host-name>" # e.g., server1 +SSH_URL="<ssh-url>" # e.g., root@server1.vhack.eu +``` + +## Generate a networking configuration + +```bash +scp scripts/mk_network_config.sh "$SSH_URL:/root/" +ssh "$SSH_URL" /root/mk_networking_config.sh > "hosts/by-name/$HOST/networking.nix" +``` + +## Re-deploy + +```bash +./scripts/deploy.sh "$SSH_URL" "$HOST" ``` diff --git a/prepare-commit-msg b/prepare-commit-msg deleted file mode 100755 index 6066d40..0000000 --- a/prepare-commit-msg +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# -# Insert selected git-bug issue identifier in the comment. -# if no selected issue, print in comments the list of open issues. -# -cmtChar=`git config --get core.commentchar` -hashChar="#" -if [ "$cmtChar" = "" ] -then - cmtChar="#" -fi -if [ "$cmtChar" = "#" ] -then - hashChar=":" -fi - -ISSUE=`git bug show --field shortId` -if [ "$ISSUE" = "" ] -then - echo "$cmtChar !!!!! insert $hashChar<issue_id> in your comment, pick one in list below." >> "$1" - git bug ls status:open |sed 's/ open\t/ /'| sed "s/^/$cmtChar/" >> "$1" -else - sed -i "1i$hashChar$ISSUE " "$1" -fi diff --git a/scripts/deploy.sh b/scripts/deploy.sh index 00e9011..5c7b0e6 100755 --- a/scripts/deploy.sh +++ b/scripts/deploy.sh @@ -11,7 +11,6 @@ root="$(git rev-parse --show-toplevel)" nix run github:numtide/nixos-anywhere -- \ --flake ".#$host_name" \ --target-host "$ssh_url" \ - --generate-hardware-config nixos-generate-config "$root/hardware_config_$host_name.nix" \ - --generate-hardware-config nixos-facter "$root/hardware_config_$host_name.json" + --generate-hardware-config nixos-generate-config "$root/hosts/by-name/$host_name/hardware_config_$ssh_url.nix" # vim: ft=sh diff --git a/scripts/mk_network_config.sh b/scripts/mk_network_config.sh index d929530..3c853fb 100755 --- a/scripts/mk_network_config.sh +++ b/scripts/mk_network_config.sh @@ -41,7 +41,7 @@ EOF -e 's/127[0-9.]+/8.8.8.8/' \ -e 's/::1/8.8.8.8/') - if [[ "$eth0_name" = eth* ]]; then + if [[ $eth0_name == eth* ]]; then predictable_inames="usePredictableInterfaceNames = lib.mkForce false;" else predictable_inames="usePredictableInterfaceNames = lib.mkForce true;" diff --git a/tests/by-name/ba/back/test.nix b/tests/by-name/ba/back/test.nix index 220d100..63f2837 100644 --- a/tests/by-name/ba/back/test.nix +++ b/tests/by-name/ba/back/test.nix @@ -104,7 +104,7 @@ in ''}") with subtest("back server starts"): - server.wait_for_unit("${builtins.replaceStrings ["/"] ["_"] "back-${gitRepoPath}-${domain}.service"}") + server.wait_for_unit("${builtins.replaceStrings ["/"] ["_"] "back-${domain}.service"}") with subtest("client can access the server"): client.succeed("${pkgs.writeShellScript "curl-back" '' diff --git a/tests/by-name/gi/git-server/test.nix b/tests/by-name/gi/git-server/test.nix index 0cf3ee8..5cd8c33 100644 --- a/tests/by-name/gi/git-server/test.nix +++ b/tests/by-name/gi/git-server/test.nix @@ -62,18 +62,8 @@ in ../../../../modules ]; - system.activationScripts = { - gitolite = { - text = '' - if ! [ -d /srv/gitolite ]; then - mkdir --parents /srv/gitolite - chown -R git:git /srv/gitolite - fi - ''; - }; - }; - vhack = { + persist.enable = true; openssh.enable = true; nginx = { enable = true; |