add new setup stuff

2025-05-15 17:26:11 +02:00 · 2025-05-15 17:26:11 +02:00 · 4948c7d2bc
commit 4948c7d2bc
parent 19a6567d44
5 changed files with 205 additions and 45 deletions
--- a/flake.nix
+++ b/flake.nix
@ -4,52 +4,54 @@
    sops-nix.url = "github:Mic92/sops-nix";
  };

-  outputs =
-    inputs:
-    {
-      colmena = {
-        meta = {
-          nixpkgs = import inputs.nixpkgs {
-            system = "x86_64-linux";
-            overlays = [ ];
-          };
+  outputs = inputs: {
+    nixosConfigurations.raid1base = import ./setup { inherit inputs; };
+    colmena = {
+      meta = {
+        nixpkgs = import inputs.nixpkgs {
+          system = "x86_64-linux";
+          overlays = [ ];
        };
-
-        git-system =
-          {
-            name,
-            nodes,
-            pkgs,
-            ...
-          }:
-          {
-            deployment = {
-              targetHost = "somehost.tld";
-              targetPort = 1234;
-              targetUser = "luser";
-            };
-            imports = [ ./git_system.nix ];
-          };
-        runner-system =
-          {
-            name,
-            nodes,
-            pkgs,
-            ...
-          }:
-          {
-            imports = [ ./runner_system.nix ];
-          };
-        dev-system =
-          {
-            name,
-            nodes,
-            pkgs,
-            ...
-          }:
-          {
-            imports = [ ./dev_system.nix inputs.sops-nix.nixosModules.sops ];
-          };
      };
+
+      git-system =
+        {
+          name,
+          nodes,
+          pkgs,
+          ...
+        }:
+        {
+          deployment = {
+            targetHost = "somehost.tld";
+            targetPort = 1234;
+            targetUser = "luser";
+          };
+          imports = [ ./git_system.nix ];
+        };
+      runner-system =
+        {
+          name,
+          nodes,
+          pkgs,
+          ...
+        }:
+        {
+          imports = [ ./runner_system.nix ];
+        };
+      dev-system =
+        {
+          name,
+          nodes,
+          pkgs,
+          ...
+        }:
+        {
+          imports = [
+            ./dev_system.nix
+            inputs.sops-nix.nixosModules.sops
+          ];
+        };
    };
+  };
 }
--- a/setup/README.md
+++ b/setup/README.md
@ -0,0 +1,12 @@
+# Usage
+
+Execute 
+
+```
+nix run nixpkgs#nixos-anywhere -- \
+  --flake .#raid1base \
+  --generate-hardware-config nixos-facter ./facter.json \
+  root@<IP>
+```
+
+in the setup subdirectory
--- a/setup/default.nix
+++ b/setup/default.nix
@ -0,0 +1,23 @@
+{ inputs }:
+inputs.nixpkgs.lib.nixosSystem {
+  system = "x86_64-linux";
+  modules = [
+    inputs.disko.nixosModules.disko
+    ./disk_conf.nix
+
+    inputs.nixos-facter-modules.nixosModules.facter
+    { config.facter.reportPath = ./facter.json; }
+
+    ./mini_conf.nix
+
+    # zfs stuff
+    {
+      # use `head -c4 /dev/urandom | od -A none -t x4` or see nixos options docs for more info
+      # https://search.nixos.org/options?channel=24.11&show=networking.hostId&from=0&size=50&sort=relevance&type=packages&query=hostid
+      networking.hostId = "0a7337de";
+
+      # dunno, maybe not needed but sounds nice
+      boot.loader.grub.zfsSupport = true;
+    }
+  ];
+}
--- a/setup/disk_conf.nix
+++ b/setup/disk_conf.nix
@ -0,0 +1,72 @@
+{
+  disko.devices = {
+    disk =
+      let
+        # This is a general setup which will be replicated on both disks ...
+        # even the boot partition, just the mountpoint is different which will
+        # be set in the nixos configuration
+        diskLayout =
+          { bootName }:
+          {
+            type = "gpt";
+            partitions = {
+              boot = {
+                size = "1M";
+                type = "EF02";
+              };
+              # efi? idk, experiment if this is really needed
+              ESP = {
+                size = "500M";
+                type = "EF00";
+                content = {
+                  type = "filesystem";
+                  format = "vfat";
+                  mountpoint = "/${bootName}";
+                  mountOptions = [ "umask=0077" ];
+                };
+              };
+              zfs = {
+                size = "100%";
+                content = {
+                  type = "zfs";
+                  pool = "zraid";
+                };
+              };
+            };
+          };
+      in
+      {
+        one = {
+          type = "disk";
+          device = "/dev/nvme0n1";
+          content = diskLayout { bootName = "boot"; };
+        };
+        two = {
+          type = "disk";
+          device = "/dev/nvme1n1";
+          content = diskLayout { bootName = "boot-fallback"; };
+        };
+      };
+    zpool = {
+      zraid = {
+        type = "zpool";
+        mode = "mirror";
+        # Workaround: cannot import 'zraid': I/O error in disko tests
+        options.cachefile = "none";
+        rootFsOptions = {
+          compression = "zstd";
+          "com.sun:auto-snapshot" = "true";
+        };
+        mountpoint = "/";
+        postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zraid@blank$' || zfs snapshot zraid@blank";
+
+        datasets = {
+          zfs_fs = {
+            type = "zfs_fs";
+            mountpoint = "/zfs_fs";
+          };
+        };
+      };
+    };
+  };
+}
--- a/setup/mini_conf.nix
+++ b/setup/mini_conf.nix
@ -0,0 +1,51 @@
+{
+  modulesPath,
+  lib,
+  pkgs,
+  ...
+}:
+{
+  imports = [
+    # see https://github.com/NixOS/nixpkgs/tree/master/nixos/modules/installer/scan
+    (modulesPath + "/installer/scan/not-detected.nix")
+    # see https://github.com/NixOS/nixpkgs/tree/master/nixos/modules/profiles
+    (modulesPath + "/profiles/headless.nix")
+  ];
+
+  boot.loader.grub = {
+    # efi? idk experiment if we can leave this away
+    efiSupport = true;
+    efiInstallAsRemovable = true;
+
+    # main device that grub will boot from
+    device = "/dev/nvme0n1";
+
+    # configure second fallback boot partition
+    mirroredBoots = [
+      {
+        devices = [ "/dev/nvme1n1" ];
+        path = "/boot-fallback";
+      }
+    ];
+
+    # dunno, maybe not needed but sounds nice
+    zfsSupport = true;
+  };
+
+  # use `head -c4 /dev/urandom | od -A none -t x4` or see nixos options docs for more info
+  # https://search.nixos.org/options?channel=24.11&show=networking.hostId&from=0&size=50&sort=relevance&type=packages&query=hostid
+  networking.hostId = "0a7337de";
+
+  environment.systemPackages = map lib.lowPrio [
+    pkgs.curl
+    pkgs.gitMinimal
+  ];
+
+  services.openssh.enable = true;
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBA4Kpx7RN53V3uINjRj1Ow7p8/SkKGOnqHG3BR9tNXU cardno:25_310_930"
+    # add yours
+  ];
+
+  system.stateVersion = "24.11";
+}