add flake-parts template

2024-07-15 16:50:36 +02:00
parent 3e3b9fbbb8
commit beded7c21f
7 changed files with 260 additions and 0 deletions
--- a/templates/flake-parts/flake.nix
+++ b/templates/flake-parts/flake.nix
@@ -0,0 +1,111 @@
+{
+  description = "<Put your description here>";
+
+  inputs.clan-core.url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz";
+  inputs.nixpkgs.url = "clan/nixpkgs";
+  inputs.flake-parts.url = "github:hercules-ci/flake-parts";
+  inputs.flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs";
+
+  outputs =
+    inputs@{
+      self,
+      clan-core,
+      flake-parts,
+      ...
+    }:
+    flake-parts.lib.mkFlake { inherit inputs; } ({
+      systems = [
+        "x86_64-linux"
+        "aarch64-linux"
+
+        "x86_64-darwin"
+        "aarch64-darwin"
+      ];
+      imports = [ inputs.clan-core.flakeModules.default ];
+      # https://docs.clan.lol/getting-started/flake-parts/
+      clan = {
+        meta.name = "__CHANGE_ME__"; # Ensure this is unique among all clans you want to use.
+
+        # Make flake available in modules
+        specialArgs.self = {
+          inherit (self) inputs nixosModules packages;
+        };
+        directory = self;
+        machines =
+          { pkgs, ... }:
+          {
+            # "jon" will be the hostname of the machine
+            jon = {
+              imports = [
+                ./modules/shared.nix
+                ./modules/disko.nix
+                ./machines/jon/configuration.nix
+              ];
+
+              nixpkgs.hostPlatform = "x86_64-linux";
+
+              # Set this for clan commands use ssh i.e. `clan machines update`
+              # If you change the hostname, you need to update this line to root@<new-hostname>
+              # This only works however if you have avahi running on your admin machine else use IP
+              clan.core.networking.targetHost = pkgs.lib.mkDefault "root@jon";
+
+              # ssh root@flash-installer.local lsblk --output NAME,ID-LINK,FSTYPE,SIZE,MOUNTPOINT
+              disko.devices.disk.main = {
+                device = "/dev/disk/by-id/__CHANGE_ME__";
+              };
+
+              # IMPORTANT! Add your SSH key here
+              # e.g. > cat ~/.ssh/id_ed25519.pub
+              users.users.root.openssh.authorizedKeys.keys = throw ''
+                Don't forget to add your SSH key here!
+                users.users.root.openssh.authorizedKeys.keys = [ "<YOUR SSH_KEY>" ]
+              '';
+
+              # Zerotier needs one controller to accept new nodes. Once accepted
+              # the controller can be offline and routing still works.
+              clan.core.networking.zerotier.controller.enable = true;
+            };
+            # "sara" will be the hostname of the machine
+            sara = {
+              imports = [
+                ./modules/shared.nix
+                ./modules/disko.nix
+                ./machines/sara/configuration.nix
+              ];
+
+              nixpkgs.hostPlatform = "x86_64-linux";
+
+              # Set this for clan commands use ssh i.e. `clan machines update`
+              # If you change the hostname, you need to update this line to root@<new-hostname>
+              # This only works however if you have avahi running on your admin machine else use IP
+              clan.core.networking.targetHost = pkgs.lib.mkDefault "root@sara";
+
+              # ssh root@flash-installer.local lsblk --output NAME,ID-LINK,FSTYPE,SIZE,MOUNTPOINT
+              disko.devices.disk.main = {
+                device = "/dev/disk/by-id/__CHANGE_ME__";
+              };
+
+              # IMPORTANT! Add your SSH key here
+              # e.g. > cat ~/.ssh/id_ed25519.pub
+              users.users.root.openssh.authorizedKeys.keys = throw ''
+                Don't forget to add your SSH key here!
+                users.users.root.openssh.authorizedKeys.keys = [ "<YOUR SSH_KEY>" ]
+              '';
+
+              /*
+                After jon is deployed, uncomment the following line
+                This will allow sara to share the VPN overlay network with jon
+                The networkId is generated by the first deployment of jon
+              */
+              # clan.core.networking.zerotier.networkId = builtins.readFile ../jon/facts/zerotier-network-id;
+            };
+
+          };
+      };
+      perSystem =
+        { pkgs, inputs', ... }:
+        {
+          devShells.default = pkgs.mkShell { packages = [ inputs'.clan-core.packages.clan-cli ]; };
+        };
+    });
+}
--- a/templates/flake-parts/machines/jon/configuration.nix
+++ b/templates/flake-parts/machines/jon/configuration.nix
@@ -0,0 +1,38 @@
+{ config, ... }:
+let
+  username = config.networking.hostName;
+in
+{
+  imports = [ ./hardware-configuration.nix ];
+
+  # Locale service discovery and mDNS
+  services.avahi.enable = true;
+
+  services.xserver.enable = true;
+  services.xserver.desktopManager.gnome.enable = true;
+  services.xserver.displayManager.gdm.enable = true;
+  # Disable the default gnome apps to speed up deployment
+  services.gnome.core-utilities.enable = false;
+
+  # Enable automatic login for the user.
+  services.displayManager.autoLogin = {
+    enable = true;
+    user = username;
+  };
+
+  users.users.${username} = {
+    initialPassword = username;
+    isNormalUser = true;
+    extraGroups = [
+      "wheel"
+      "networkmanager"
+      "video"
+      "audio"
+      "input"
+      "dialout"
+      "disk"
+    ];
+    uid = 1000;
+    openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys;
+  };
+}
--- a/templates/flake-parts/machines/jon/hardware-configuration.nix
+++ b/templates/flake-parts/machines/jon/hardware-configuration.nix
@@ -0,0 +1,14 @@
+# Replace this file with an actual hardware-configuration.nix!
+throw ''
+  Did you forget to generate your hardware config?
+
+  Run the following command:
+
+  'clan machines hw-generate <maschine_name> <hostname>'
+
+  OR:
+
+  'ssh root@<hostname> nixos-generate-config --no-filesystems --show-hardware-config > hardware-configuration.nix'
+
+  And manually eplace this file with the generated "hardware-configuration.nix".
+''
--- a/templates/flake-parts/machines/sara/configuration.nix
+++ b/templates/flake-parts/machines/sara/configuration.nix
@@ -0,0 +1,39 @@
+{ config, ... }:
+
+let
+  username = config.networking.hostName;
+in
+{
+  imports = [ ./hardware-configuration.nix ];
+
+  # Locale service discovery and mDNS
+  services.avahi.enable = true;
+
+  services.xserver.enable = true;
+  services.xserver.desktopManager.gnome.enable = true;
+  services.xserver.displayManager.gdm.enable = true;
+  # Disable the default gnome apps to speed up deployment
+  services.gnome.core-utilities.enable = false;
+
+  # Enable automatic login for the user.
+  services.displayManager.autoLogin = {
+    enable = true;
+    user = username;
+  };
+
+  users.users.${username} = {
+    initialPassword = username;
+    isNormalUser = true;
+    extraGroups = [
+      "wheel"
+      "networkmanager"
+      "video"
+      "audio"
+      "input"
+      "dialout"
+      "disk"
+    ];
+    uid = 1000;
+    openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys;
+  };
+}
--- a/templates/flake-parts/machines/sara/hardware-configuration.nix
+++ b/templates/flake-parts/machines/sara/hardware-configuration.nix
@@ -0,0 +1,10 @@
+# Replace this file with an actual hardware-configuration.nix!
+throw ''
+  Did you forget to generate your hardware config?
+
+  Run the following command:
+
+  'ssh root@<hostname> nixos-generate-config --no-filesystems --show-hardware-config > hardware-configuration.nix'
+
+  Then replace this file with the generated "hardware-configuration.nix".
+''
--- a/templates/flake-parts/modules/disko.nix
+++ b/templates/flake-parts/modules/disko.nix
@@ -0,0 +1,41 @@
+{ lib, ... }:
+{
+  boot.loader.grub.efiSupport = lib.mkDefault true;
+  boot.loader.grub.efiInstallAsRemovable = lib.mkDefault true;
+  disko.devices = {
+    disk = {
+      main = {
+        type = "disk";
+        # Set the following in flake.nix for each maschine:
+        # device = <uuid>;
+        content = {
+          type = "gpt";
+          partitions = {
+            boot = {
+              size = "1M";
+              type = "EF02"; # for grub MBR
+              priority = 1;
+            };
+            ESP = {
+              size = "512M";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+              };
+            };
+            root = {
+              size = "100%";
+              content = {
+                type = "filesystem";
+                format = "ext4";
+                mountpoint = "/";
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}
--- a/templates/flake-parts/modules/shared.nix
+++ b/templates/flake-parts/modules/shared.nix
@@ -0,0 +1,7 @@
+{ clan-core, ... }:
+{
+  imports = [
+    clan-core.clanModules.sshd
+    clan-core.clanModules.root-password
+  ];
+}