diff --git a/modules/nixos/my_users/default.nix b/modules/nixos/my_users/default.nix index ea54b88..c7c71cf 100644 --- a/modules/nixos/my_users/default.nix +++ b/modules/nixos/my_users/default.nix @@ -32,6 +32,7 @@ in shell = pkgs.zsh; extraGroups = [ "wheel" ]; hashedPassword = "$y$j9T$9ATrmrhedhb.mAZ4//PiN/$OStCOaJHt3kPA63imTG3zLMWCSLoWCUph5O6jl5mcZ."; + isNormalUser = true; }; root = lib.snowfall.mkUser { hashedPassword = "$6$xa/mFg4OxIbb8XiQ$S2RVyCKcLaKHymFs48u8vj1dv.mQdxt.BQoucJsr8wfcHayXwKfD0C2NIOYY5AEPR9zgnMvFp8d8STKe6wMGR/"; diff --git a/systems/x86_64-linux/nut-gc2/default.nix b/systems/x86_64-linux/nut-gc2/default.nix new file mode 100644 index 0000000..2d943d2 --- /dev/null +++ b/systems/x86_64-linux/nut-gc2/default.nix @@ -0,0 +1,126 @@ +{ + pkgs, + inputs, + lib, + config, + ... +}: +let + inherit (inputs) disko home-manager; +in +{ + imports = [ + disko.nixosModules.disko + home-manager.nixosModules.home-manager + ./disko-config.nix + ./hardware-configuration.nix + ]; + config = { + age.secrets.k3s.file = ../../../secrets/k3s.age; + + my_users.enable = true; + my_nix.enable = true; + + my_k3s = { + enable = true; + role = "agent"; + tokenFile = config.age.secrets.k3s.path; + clusterInit = false; + serverAddr = "https://10.222.0.87:6443"; + nodeIp = "10.222.0.???"; + iface = "ztxh6lvd6t"; + }; + networking.hostName = "nut-gc2"; + + boot = { + tmp.cleanOnBoot = true; + loader.grub.enable = true; + kernel.sysctl = { + "net.ipv4.ip_forward" = 1; + }; + }; + + time.timeZone = "Asia/Singapore"; + + services.udev.extraRules = '' + ATTR{address}=="00:72:f1:f7:47:db", NAME="ens3" + ''; + + networking = { + nameservers = [ + "1.1.1.1" + "8.8.8.8" + ]; + defaultGateway = { + address = "103.149.46.126"; + interface = "ens3"; + }; + defaultGateway6 = { + address = "2a11:8083:11::1"; + interface = "ens3"; + }; + dhcpcd.enable = false; + usePredictableInterfaceNames = lib.mkForce true; + interfaces = { + ens3 = { + ipv4.addresses = [ + { + address = "103.149.46.7"; + prefixLength = 25; + } + ]; + ipv6.addresses = [ + { + address = "2a11:8083:11:13d4::a"; + prefixLength = 64; + } + { + address = "fe80::272:f1ff:fef7:47db"; + prefixLength = 64; + } + ]; + ipv4.routes = [ + { + address = "103.149.46.126"; + prefixLength = 32; + } + ]; + ipv6.routes = [ + { + address = "2a11:8083:11::1"; + prefixLength = 128; + } + ]; + }; + }; + firewall = { + enable = true; + allowedTCPPorts = [ + 22 + ]; + trustedInterfaces = [ + "tailscale0" + "ztxh6lvd6t" + ]; + }; + }; + services.openssh = { + enable = true; + settings.PasswordAuthentication = false; + }; + + services.tailscale.enable = true; + + environment.systemPackages = with pkgs; [ + git + neovim + btop + ]; + + services.zerotierone = { + enable = true; + joinNetworks = [ "23992b9a659115b6" ]; + }; + system.stateVersion = "25.11"; + }; +} diff --git a/systems/x86_64-linux/nut-gc2/hardware-configuration.nix b/systems/x86_64-linux/nut-gc2/hardware-configuration.nix new file mode 100644 index 0000000..5f56688 --- /dev/null +++ b/systems/x86_64-linux/nut-gc2/hardware-configuration.nix @@ -0,0 +1,24 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "ahci" "sd_mod" "sr_mod" "virtio_blk" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.ens3.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +}