dump-dvb/nix-config
dump-dvb
/
nix-config
mirror of https://github.com/dump-dvb/nix-config.git
3
0
Fork 0
Code Issues Projects Releases Wiki Activity

rework traffic-stop-box system generator, add new rpi3 station

This commit is contained in:
oxapentane - 2022-08-22 18:51:00 +02:00
parent 0ea00c4aa0
commit 3e8d2f6067
Signed by: oxapentane
GPG Key ID: 91FA5E5BF9AA901C
10 changed files with 95 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
flake.nix
View File

@ -59,39 +59,65 @@
};
# function that generates a system with the given number
generate_system = (number:
generate_system = (id: hostname: arch: extraModules:
{
"traffic-stop-box-${toString number}" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
"traffic-stop-box-${toString id}" = nixpkgs.lib.nixosSystem {
system = arch;
specialArgs = { inherit inputs; };
modules = [
diskModule
sops-nix.nixosModules.sops
dump-dvb.nixosModules.default
./hosts/traffic-stop-boxes/configuration.nix
./hosts/traffic-stop-boxes/hardware-configuration.nix
./hardware/configuration-dell-wyse-3040.nix
./hosts/traffic-stop-box
./modules/base.nix
./modules/traffic-stop-boxes/radio_wireguard_client.nix
./modules/traffic-stop-boxes/secrets.nix
./modules/traffic-stop-boxes/radio-config.nix
./modules/dump-dvb
{
nixpkgs.overlays = [
dump-dvb.overlays.default
];
dump-dvb.systemNumber = number;
dump-dvb.systemNumber = id;
}
];
] ++ extraModules;
};
}
);
# list of accending system numbers
id_list = [ 0 1 2 3 4 ];
id_list = [
{ # Barkhausen Bau
id = 0;
arch = "x86_64-linux";
extraModules = [
./hardware/configuration-dell-wyse-3040.nix
diskModule
];
}
{ # Zentralwerk
id = 1;
arch = "x86_64-linux";
extraModules = [
./hardware/configuration-dell-wyse-3040.nix
diskModule
];
}
{ # Chemnitz
id = 2;
arch = "x86_64-linux";
extraModules = [
./hardware/configuration-dell-wyse-3040.nix
diskModule
];
}
{
id = 3;
arch = "aarch64-linux";
extraModules = [
(import "${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix")
./hardware/configuration-rpi-3b.nix
];
}
];
# attribute set of all traffic stop boxes
stop_boxes = nixpkgs.lib.foldl (x: y: nixpkgs.lib.mergeAttrs x (generate_system y)) { } id_list;
stop_boxes = nixpkgs.lib.foldl (x: y: nixpkgs.lib.mergeAttrs x (generate_system y.id y.hostname y.arch y.extraModules)) { } id_list;
packages = {
default = self.nixosConfigurations.traffic-stop-box-0.config.system.build.vm;
@ -101,7 +127,7 @@
mobile-box-vm = self.nixosConfigurations.mobile-box.config.system.build.vm;
mobile-box-disk = self.nixosConfigurations.mobile-box.config.system.build.diskImage;
staging-microvm = self.nixosConfigurations.staging-data-hoarder.config.microvm.declaredRunner;
data-hoarder-microvm = self.nixosConfigurations.data-hoarder.config.microvm.declaredRunner;
data-hoarder-microvm = self.nixosConfigurations.data-hoarder.config.microvm.declaredRunner;
} // (import ./pkgs/deployment.nix { inherit self pkgs; systems = stop_boxes; });
in
{
@ -154,6 +180,8 @@
staging-data-hoarder."x86_64-linux" = self.nixosConfigurations.staging-data-hoarder.config.system.build.toplevel;
traffic-stop-box-0."x86_64-linux" = self.nixosConfigurations.traffic-stop-box-0.config.system.build.toplevel;
traffic-stop-box-0-disk."x86_64-linux" = self.nixosConfigurations.traffic-stop-box-0.config.system.build.diskImage;
traffic-stop-box-3."aarch64-linux" = self.nixosConfigurations.traffic-stop-box-3.config.system.build.toplevel;
traffic-stop-box-3-disk."aarch64-linux" = self.nixosConfigurations.traffic-stop-box-3.config.system.build.sdImage;
mobile-box."x86_64-linux" = self.nixosConfigurations.mobile-box.config.system.build.toplevel;
mobile-box-disk."x86_64-linux" = self.nixosConfigurations.mobile-box.config.system.build.diskImage;
sops-binaries."x86_64-linux" = sops-nix.packages."x86_64-linux".sops-install-secrets;

6
hardware/configuration-dell-wyse-3040.nix
View File

@ -7,4 +7,10 @@
networking.useDHCP = false;
networking.interfaces.enp1s0.useDHCP = true;
boot.tmpOnTmpfsSize = "25%";
fileSystems."/" =
{
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
}

27
hardware/configuration-rpi-3b.nix Normal file
View File

@ -0,0 +1,27 @@
{ lib, pkgs, ... }:
{
imports = [
];
boot = {
loader = {
grub.enable = false;
raspberryPi = {
enable = true;
version = 4;
};
};
kernelPackages = pkgs.linuxPackages_latest;
# No ZFS on latest kernel:
supportedFilesystems = lib.mkForce [ "vfat" "ext4" ];
};
# sdImage = {
# compressImage = false;
# imageBaseName = config.networking.hostName;
# firmwareSize = 512;
# };
networking.useDHCP = false;
networking.interfaces.eth0.useDHCP = true;
}

2
hosts/mobile-box/default.nix
View File

@ -1,5 +1,5 @@
{
imports = [
include = [
./configuration.nix
./hardware-configuration.nix
];

0
hosts/traffic-stop-boxes/configuration.nix → hosts/traffic-stop-box/configuration.nix
View File

9
hosts/traffic-stop-box/default.nix Normal file
View File

@ -0,0 +1,9 @@
{
imports = [
./configuration.nix
./hardware-configuration.nix
./radio-config.nix
./secrets.nix
./wireguard-client.nix
];
}

6
hosts/traffic-stop-boxes/hardware-configuration.nix → hosts/traffic-stop-box/hardware-configuration.nix
View File

@ -14,12 +14,6 @@
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
fileSystems."/boot" =
{
device = "/dev/disk/by-label/ESP";

0
modules/traffic-stop-boxes/radio-config.nix → hosts/traffic-stop-box/radio-config.nix
View File

8
hosts/traffic-stop-box/secrets.nix Normal file
View File

@ -0,0 +1,8 @@
{ config, ... }:
{
sops.defaultSopsFile = ../../secrets/traffic-stop-box-${toString config.dump-dvb.systemNumber}/secrets.yaml;
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
sops.secrets.wg-seckey = { };
sops.secrets.telegram-decoder-token.owner = config.users.users.telegram-decoder.name;
}

0
modules/traffic-stop-boxes/radio_wireguard_client.nix → hosts/traffic-stop-box/wireguard-client.nix
View File