dump-dvb/nix-config
dump-dvb
/
nix-config
mirror of https://github.com/dump-dvb/nix-config.git
3
0
Fork 0
Code Issues Projects Releases Wiki Activity

setup tetra-zw

This commit is contained in:
Markus Schmidl 2024-02-03 00:55:53 +01:00
parent 62931662ce
commit 519e55e6a1
5 changed files with 120 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.sops.yaml
View File

@ -9,6 +9,7 @@ keys:
- &notice-me-senpai age1wxewmzwlzgtsmr29tnu76n30kv29ra5p0ptvr2e3f3ymkqh569kqm07fv4
- &tram-borzoi age10sedt7xftzu383y8g4pxsj0hazht8tnnxhcngedcsl93s4v9uvvsk99er4
- &uranus age1xnaw8ssrq2hpsntnt8kdu4dlqh4lz3dcq5lzwn490cskz886te6sreuale
- &tetra-zw age1nknzqnqm2d7pxxjl4e4w50jk8t8xx947l2qgrjhpqjfd33ypjfusw7nszw
# turmlabor
- &traffic-stop-box-0 age1yxtur968m4xe0m3kj0waqpm2kuuywpp9f6t0rxl4f0262ze9n9jqehw0k5
@ -178,6 +179,8 @@ creation_rules:
- *admin_revol-xut
- *admin_marenz-1
- *admin_marenz-2
age:
- *tetra-zw
- path_regex: secrets/uranus/[^/]+\.yaml$
key_groups:
- pgp:

11
hardware/disk-module/default.nix
View File

@ -12,5 +12,16 @@
echo file binary-dist $diskImage >> $out/nix-support/hydra-build-products
'';
};
system.build.diskImageLegacy = import ./make-disk-image.nix {
name = "${config.networking.hostName}-disk";
partitionTableType = "legacy";
additionalSpace = "0G";
copyChannel = false;
inherit config lib pkgs;
postVM = ''
mkdir -p $out/nix-support
echo file binary-dist $diskImage >> $out/nix-support/hydra-build-products
'';
};
fileSystems."/".autoResize = true;
}

42
hardware/tetra-zw.nix Normal file
View File

@ -0,0 +1,42 @@
{ config, lib, pkgs, ... }:
{
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config
# replicates the default behaviour.
imports = [
./disk-module
];
networking = {
interfaces.enp5s0.useDHCP = lib.mkDefault true;
useDHCP = lib.mkDefault true;
};
networking.useNetworkd = true;
networking.wireguard.enable = true;
deployment-TLMS.net.iface.uplink = {
name = lib.mkDefault "enp5s0";
useDHCP = lib.mkDefault true;
};
boot.tmp.tmpfsSize = "25%";
boot.kernelModules = [ "kvm-intel" "r8168" ];
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
boot.initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" "sdhci_acpi" ];
boot.initrd.kernelModules = [ ];
boot.extraModulePackages = [ ];
# some whoopsie in kernel 6.1.x maybe?
boot.kernelPackages = pkgs.linuxKernel.packages.linux_5_15;
swapDevices = [ ];
fileSystems."/" =
{
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
}

4
hosts/tetra-zw/configuration.nix
View File

@ -1,8 +1,8 @@
{ self, pkgs, config, registry, ... }:
{ self, lib, pkgs, config, registry, ... }:
{
imports = [
"${self}/hardware/dell-wyse-3040.nix"
"${self}/hardware/tetra-zw.nix"
];
boot.tmp.useTmpfs = true;

115
secrets/tetra-zw/secrets.yaml
View File

@ -4,78 +4,87 @@ sops:
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
age:
- recipient: age1nknzqnqm2d7pxxjl4e4w50jk8t8xx947l2qgrjhpqjfd33ypjfusw7nszw
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBieG5JNzFZdFcvMWtWRjh6
bjkwbTVWNW5PaHRSNmx5VU1mSmUyTE9BYXo0CjZZb08vVlJtcEovUE1WQW5oTGRy
SDlyM3ZqZUY2d1IxWCs0MzRYSTRXSGsKLS0tIEw0YlplaGFrY0JtRGUyWXhDTllp
WUZVei9YWndsTG9UWUVGTS93NDN1R0EKQDKCEOfu77GxyAE81CvCifYXte9jvjcL
E6MNUQufOzZFyLXnuPypEUX9WVTg+7yB/4St7+uyV47xX1cI7xfVgQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-11-27T15:03:10Z"
mac: ENC[AES256_GCM,data:OCLKBHUxUNBZFfOReLa/MRndLTOuFWMhG5f7IiXv/lPwgQbD9Rp97hnlbYmtHeheXO8vhZsiwUe7VO/UEN17G5s2sdRLdQpn/gT1XlvqN2cfZhJ9cPRJl6QQ40cYW0GNDlu8bSPY1WI2V+9nCxoDazJvrv8U4sjTa/jGNnX51pI=,iv:Rbrd9tvodC2ON08BMaJ6IvKPXrO07VcgtkOm3XgHXwE=,tag:GtTJtHoLlTBLfR3RV3UgCw==,type:str]
pgp:
- created_at: "2023-11-27T15:02:48Z"
- created_at: "2024-02-02T21:38:45Z"
enc: |-
-----BEGIN PGP MESSAGE-----
wcFMA7zUOKwzpAE7AQ//eU1W4XI5YQH/5LniuIF/W0gBJv3jeKlh3QxEUgnBtBRR
yrf7tzO+4M3qhjhP2JFuyYvipyZ7hM+RFP2hFjEDjBio/GD+PEJgFZn30W7zOkDc
CwK2jRd2t7VnHmy2oQbYMWVtFZkMW6g0nVv+7QXmVlyw+unWV/spgLGI649gvHtK
y2QK1Np8YS11Mj6oaz7oJi5WXTRkZDwuIM8YBPNbynbFsRcyHvsVW4HqFXYd4cC7
PccEwDIlO3nEsWVsBi5xhzANurzRv1LepBWq2ojaCuB7Mnp7G8SADJ45mbUkMswD
CkxO8VFxembH0x815giUC/S+vB3XV74TThP8t1jUkzWWeFroMY8hqscR42yzeIUS
5XfaaYU5qqQQyMteiij1jriOxzDiNHQnKPPQPW2spmnQ6njPTmTCmNIC1H9OjF8h
StTKzKHILRYLO3Fn9INZrGI/ntPjKks8IjwPxcTjh6wqNsu6SgKWxXuxZUGvIbRj
73sQn5r9uI4E/HczGiO3RF/Jcp/btUDHVeWu/nzFseH3H05yJ5ABDllx2VnoHJKT
+9ZCb11psqPX7m0DGWNgREtgybRMJxElm8Ke9QvS6rMXmltlrl5kFbfVngcj0kx5
zsowKHP119mCTuRfZv+YUPJD2tu1sJAq0H7anB6m6HKOEvYvRdNKk42aw414VZjS
UQEZol48PW3DqJjzlBX9bQH0ZL8v6BfFVk6zflTHyS3WLmrUmZHi3atBl6eMrc+A
vu8yXYvIwWaOxNUozmwbrNdYxWT4LPrCFI+9q52vqMaG3Q==
=JfFt
wcFMA7zUOKwzpAE7AQ//VoPu79j3q87/eMLO5y8jNXFbDPgZiA6TRZcP5HQ23RzV
QEdWuU9SKkB0HgLUbFn+e4nToJwHbXAiVp85M0zYnLNr6HnLmEJRB0yNtZW/q2aH
JZOWW5IW2HrACKk9dtRozTrIPjO+xFRzHRZIWHpiz2unAppJywxgPS9sYwCEzyvo
rZHiTFbj4olpMxC1OlX9qbIZp9iOzLkfqdNCg35rYp9WvAGnd+xTO8Tl7ptgzCru
N12jfshMEMPpby1RJWZRuqDds4maTqfoGxnE73UKZlBy2aDOyWcQE4j0yZ1dRBLB
u8tkD59uN1VaCJL8v0n6OKsoj2bP2VXmsAM/2+yu0/ClIMTtfYL50w0ppGaYqV1x
B+ytxkwrlTtACCIIWF6HDFEoW7swafVNzAbKhf44UZZoritNvJgW+pDbFs2okRu6
1s8hbXC+/UkUNnO/80S524a+KZAxs1vtPDSwjczwGgCihym8fvF4zywj7DjHrTi4
ipC/V5qAbmGuVPz8wuY/af72O4tRrpwalc6aeTuYNds26B30t7wahQ5fL7ezI8zx
aCA72gc8G5aLXl7PsWEoIIrEkJDoT4thhBqCIeyYS8zN+BhqA35EQKw6WzhP3e7K
CopaqNYnKT/A5juNkiYMhn1jHETCTiPFGj24k7IE83p2+zJgFhNgGeBgCGq8gIbS
UQGk1w+bQPAyTej2TCskzeJlzP2TcGS745NYDPFvaoqfjOwpWV6w1ImNIuaErtzt
aLjPOzYKV+dHQfKtBbdcRUl6UWII5mjxLc0fy+sXRyUS5g==
=7AW5
-----END PGP MESSAGE-----
fp: DD0998E6CDF294537FC604F991FA5E5BF9AA901C
- created_at: "2023-11-27T15:02:48Z"
- created_at: "2024-02-02T21:38:45Z"
enc: |-
-----BEGIN PGP MESSAGE-----
wcFMA/YLzOYaRIJJAQ//Tp/AENqZMJjyAyp5IzAgVATmoRpB7expbKSr0JCYfcio
aJepbsSzKyauYu53+brUYa7kj+VjduGiCaXr0DCewMpohZj54gBDDnj8/XNTjesL
R6BgSgCm14abvvs++yR7Q8aIxeua0V+i5jYLM5U/CICFRFhKVJvkHtEabNfyG7Hu
FDCxdqOdm78uKvDW7NMrnu7ixfRsS5my+c+NFuWYFsda8xloM5iTPHMjx0S+7acB
F2LZCff5N6f0QvPtlrxj5nD5aQnMql93maSFsKYoKi/o6MMb75qtSYfWUeVl/fu0
JFK+pcsJmqsHtrLSv1UniCfqe5MGN6AzS49QGgoTmYZLC2DyNNRbG+ISRs14KJAE
wJ3rfSQuVHKYN/2P+dmAi5w4aRea0pIrLYtQNqLYNBqH45IFVgSslDA7GL56epco
wI3Wc1uxQPWS7EODOBKPebA3u+Hxu49i/8bCYk5Pgkp8w6dTm5Ok2i4tc60pBwIA
Yjp9GPjfF+ld0vgG1NPz+fxx/TH9zzkhg/MvDgtJvYlpG/SnB8F6WxJ7oKZrk4I8
NuInneZjit2U2Dxk2BCYS2yUI0aitivzIS/41xuCCmCWDC3h/+6Tg/DaXElLH7Oo
sMY4hAXYaB8TxLakHJRs9/Rl2HCi+m9cTN3ygscmVT/aFMCScuO6MkUxIPc+ZBLS
UQFHogD3IiDvySf9Tc8kkBysIA7nUHNwUTr9Q/QKAUXnInxZANuYa5Uqapqn/W+w
GdfL2pry3DF1hz1oBEsc2z+l0hww9hzHscJ1jrE/GwVRXA==
=jk+v
wcFMA/YLzOYaRIJJAQ//bXXT68Yd7aXnSgjUvBeK1CCStZ8EcB7zR0+6RTC9ZfIC
hSAo2lRZcMQ8vPHOLKEetCL5V2nb1eZB0dIPWjeHBnH3vj/mWmgGdx6I5Cg7W6+h
wlapkDL765hd3eQodxpPC9KYMVuhDrDVULdtotOlfmm6+SyqB1r3pQqHwS9Soc2y
dPDgE1Le/aGFy4bSt3e0m7ofqxMW+URdnFH3OnrZd35j+UU1gFw6aSXjrxVq3upk
QTbsa7gb07AiHit+ENI0jjXjYrG0m88SupCpXIa43Qg5xhHKiVFMLXdCmCsIS2LX
AbHVs/qYikcdJQvEDdjJwoqpmsb+DnGnFmNfTZqxJWOOfIK9q4keAQ4DVwJCgVyj
mXMBgND+lDKW3I1EIaGD/e5J7wv6kVqkHWRsbxrfSdBktoj7XZdyqjrWkShBY5GO
BDS/XbolP3YL1IPMlSUSicMkl69145WvxNFRjFaywdgDcX1Ou/C0hgN2FzYeSbwP
y4IkjNaYxkmL3NV7LO5SeoAM6Yct4Xh/7TCtCGqyInf94h0k8PgaEOSxPdUVtNWs
3OpKGbZHYVCefaCV7Dx/FPKktqBxDHKLPRpSvDlY+CjtkV/nvhPsPfVOz6uhtK1i
7gVxs0XFpnE4AxXsV8DvC5+MJ18wLDpb8Rb21/zm27aVjcxu3K88NCB68G5gwXDS
UQH9nxw8cOMAPXbDxV/6sfLvWhpmxkzEa8qHoH0SY0NNWHfiTLDr+XkOBA/grq+f
knBojZ+Qr9y5JDN6fQHK7pQGcZweZkNFbPa40tRUVoG2BQ==
=ojT1
-----END PGP MESSAGE-----
fp: 91EBE87016391323642A6803B966009D57E69CC6
- created_at: "2023-11-27T15:02:48Z"
enc: |
- created_at: "2024-02-02T21:38:45Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQEMA1N/l9+zlMQzAQf/UbfrpOO9me+hJTy36IIJUoU90CKRJCf9IRfeFXVKok1F
4zIFtYkj1ioSVYkm2cJ64pVirIEVgTPeuitc3dATfHsu0Y08hHeCQMs9DiaYzXy2
/VTau11c87ZBoDm9pLWij/MsCFwi3WGa1UALCunKEtPV3Ljp39+NRu8y3OyOZHjN
ktHY0MEntjCzmD8BXx5bkOQ6pOFoKPFY92150Csl73Nnn232Vsaff4ZwStt2FONP
xcXjWdQKH24WigNG/gLa4MMT6grwGkuy08XTkr3cwPMPpekOboDdH+5GsDBkA8jU
LCQ+bVAo/ChtqdD4OOGpxcECr2CuczWLYsyktJaIb9JeAd6KyTBugKmMEV9WxpKm
9l33mLVTpg77qFlKf0Y/axo0eIp7EQqxlpbiQuRZu2aM4s/a3uZ3OLnrVexvSQ1X
5PLZyfkx+TO26/YRCkMxht1Uql08wzWMqZGDglpMTw==
=jhUj
hQEMA1N/l9+zlMQzAQf/Y05YUc9u+Svty1Li8YriUoTxKw/w1gp7tb1pZ4aQB0AP
QHSHvMlCmD3iNTXOU1QNxz/QVfnqKXjZkpyUqlErYSpMMcFYyo7N8mt0zBdeup3h
9y52CvNt6mDDLonq8ZGreOk3B8LyicsAflTp7AvjGW4PF7Fr/tziM2oQn/lZHAbO
52Fe3Um69AzLVgzGor2LL2Nn1bb8a76q3EG6tOaFnNoyAi+JK/5+D5jV33ppfJgs
SFoxgDxZs1Nrhyswa8Or6F+LWxukOkM1+65+CEAd6mwqQTswpwk7/NWLEG4R4Ep4
eUwdXHG/pEKgpJ6uwSlINtU69kaiGks15tdoRuZwUdJeAb56FOwm0tURogrLRp77
vZrAIKfRw/T8dg9srQJTHS7Ak/TYI+zHgpj7U2XwkQdS5sPSIsAeLYwP6D8TdMT4
aRDnn8Yf7ADq+SMZDxAZQNA7Yk8DwkytcZsel8KlmQ==
=3ygH
-----END PGP MESSAGE-----
fp: 069836A578F7939612DB4934F77D0F7E247A1EE4
- created_at: "2023-11-27T15:02:48Z"
enc: |
- created_at: "2024-02-02T21:38:45Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQEMA1N/l9+zlMQzAQf/ZuCGHKsISv+rSeUfayaYBxCWYAIHbx5vVg0ydtq8tWar
U6T0A3cergkfZfIX/trsWQqI/TVkc6UL8MDBnOZEYy0qd07tDL+OUlwX6UI7IO+K
bth8nkTnVthnjCUh4a6VSt4ZeeiYCKJb+ndLDr9Z6qwCRE5cJXDX7NUOJVC7fkOP
ae/UvFrqppH8JVw/7LZKIu+w6mp7z736cs/o+AhHRuqGnCiNPqF0d7LF8qCpFX07
hwHCkl6CMc8MCoLQsa3mdzhaNpJWU/qkQ7h1S73W8g3wtv7Dpi9kTNhJ1lT+wZKp
MWBvrHJgHaaSVDCNJq7PLUqoxavL0ul9G0tVYrMLttJeAZ76OKiO1i3JCU1JymOT
sX3pVzE8MBlDcrpRDQJ4c7/LBPX6qAhnxvyZHawARUWNH2UtVA9ceCW11Jqk+Owg
W4FcSvBnXpb0LG0i4qozXvxfAwWm6Hu57Pbqm/YOGw==
=/DPb
hQEMA1N/l9+zlMQzAQgAkvldc6xEY3+Ns3+1zaDDhOqZwXV9uPeRZXyBO+U5nBt6
pddEe06jX/atkBr6zwZls6rnCG/c1zeLWpC2FlMcL4W4VY0snsNY6vLI5FXhS2PD
Med1ir2duYOo5LZqVVvzGsxGIRbkcni5F0Bq7mWCW2E1MWO9qIdHNTLlYjQq4BtR
zRbp4UuwMBXNI78+vrSrV87mpCavAJ6Nde6I32iPcxJe0Juv1i7OG3AKyRYcWcmE
exBQP7/DLSxTpDazlbYVgROrsCi4CSQ2WW2e3JDM7cb6WYL0zaAJUq75LFRSX+HL
WLRUXjbmdIt25eJaNB/0WnfbYstaTJXLxclp864q99JeAYBN0etvjxFGWiPCF3hM
ZjWxk+1EV+ORuP9GvnMRdNAQwBc1HUTWw9HZZN41YyceI8p66OsiMB4HP3Wi9mE3
MQKuWY3wA1alqbFWrB4ssvmug+nyQdqMpLzEDBYu9Q==
=K/Lc
-----END PGP MESSAGE-----
fp: ED06986DFAAE6A61B751DC2F537F97DFB394C433
unencrypted_suffix: _unencrypted