diff --git a/devices.nix b/devices.nix index a4fbeb4..26a274d 100644 --- a/devices.nix +++ b/devices.nix @@ -38,6 +38,9 @@ in hetzner-vpn2 = { system = "aarch64-linux"; }; + hyperforge = { + system = "aarch64-linux"; + }; muede-lpt2 = { system = "x86_64-linux"; isDesktop = true; diff --git a/nixosConfigurations/forgejo-runner-1/default.nix b/nixosConfigurations/forgejo-runner-1/default.nix index 41c7717..88cc281 100644 --- a/nixosConfigurations/forgejo-runner-1/default.nix +++ b/nixosConfigurations/forgejo-runner-1/default.nix @@ -10,9 +10,6 @@ # uncomment for build check on non arm system (requires --impure) # nixpkgs.buildPlatform = builtins.currentSystem; - services.tailscale.useRoutingFeatures = "both"; - system.autoUpgrade.allowReboot = true; - users.users = { root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY pixel-JuiceSSH" diff --git a/nixosConfigurations/forgejo-runner-1/hardware.nix b/nixosConfigurations/forgejo-runner-1/hardware.nix index e8fbc56..9786ed6 100644 --- a/nixosConfigurations/forgejo-runner-1/hardware.nix +++ b/nixosConfigurations/forgejo-runner-1/hardware.nix @@ -3,56 +3,12 @@ imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; config = { - boot = { - tmp.cleanOnBoot = true; - kernelParams = [ "console=tty" ]; - loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; - }; - initrd = { - availableKernelModules = [ - "xhci_pci" - "virtio_scsi" - "sr_mod" - "virtio_gpu" - ]; - kernelModules = [ ]; - }; - }; - - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/47bc77ff-12e1-4d39-bb5c-fb100ccd3aab"; - fsType = "ext4"; - }; - "/boot" = { - device = "/dev/disk/by-uuid/05F2-8F9A"; - fsType = "vfat"; - options = [ - "fmask=0077" - "dmask=0077" - ]; - }; - }; - - swapDevices = [ - { device = "/dev/disk/by-uuid/bbd18a70-b0bb-4e1a-b45b-3c1f8ecc0c10"; } - ]; - - networking.useNetworkd = true; - systemd.network = { + my.hetznerVm = { enable = true; - networks."10-wan" = { - matchConfig.Name = "enp1s0"; - networkConfig.DHCP = "ipv4"; - address = [ - "2a01:4f8:c013:a524::1/64" - ]; - routes = [ - { Gateway = "fe80::1"; } - ]; - }; + rootUuid = "47bc77ff-12e1-4d39-bb5c-fb100ccd3aab"; + bootUuid = "05F2-8F9A"; + swapUuid = "bbd18a70-b0bb-4e1a-b45b-3c1f8ecc0c10"; + ipv6Address = "2a01:4f8:c013:a524::1/64"; }; }; } diff --git a/nixosConfigurations/hetzner-vpn2/default.nix b/nixosConfigurations/hetzner-vpn2/default.nix index 5974763..b12cecd 100644 --- a/nixosConfigurations/hetzner-vpn2/default.nix +++ b/nixosConfigurations/hetzner-vpn2/default.nix @@ -8,15 +8,11 @@ # uncomment for build check on non arm system (requires --impure) # nixpkgs.buildPlatform = builtins.currentSystem; - services.tailscale.useRoutingFeatures = "both"; - users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY pixel-JuiceSSH" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv pc2 home roaming" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC lpt2-roaming" ]; - - system.autoUpgrade.allowReboot = true; }; } diff --git a/nixosConfigurations/hetzner-vpn2/hardware.nix b/nixosConfigurations/hetzner-vpn2/hardware.nix index d7c96f0..6c9f315 100644 --- a/nixosConfigurations/hetzner-vpn2/hardware.nix +++ b/nixosConfigurations/hetzner-vpn2/hardware.nix @@ -3,56 +3,12 @@ imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; config = { - boot = { - tmp.cleanOnBoot = true; - kernelParams = [ "console=tty" ]; - loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; - }; - initrd = { - availableKernelModules = [ - "xhci_pci" - "virtio_scsi" - "sr_mod" - "virtio_gpu" - ]; - kernelModules = [ ]; - }; - }; - - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/3263489d-9819-433c-b198-9d2e732a94e4"; - fsType = "ext4"; - }; - "/boot" = { - device = "/dev/disk/by-uuid/6C25-6BDC"; - fsType = "vfat"; - options = [ - "fmask=0077" - "dmask=0077" - ]; - }; - }; - - swapDevices = [ - { device = "/dev/disk/by-uuid/e147721d-86b5-40d7-a231-c6ea391c563d"; } - ]; - - networking.useNetworkd = true; - systemd.network = { + my.hetznerVm = { enable = true; - networks."10-wan" = { - matchConfig.Name = "enp1s0"; - networkConfig.DHCP = "ipv4"; - address = [ - "2a01:4f8:c013:65dd::1/64" - ]; - routes = [ - { Gateway = "fe80::1"; } - ]; - }; + rootUuid = "3263489d-9819-433c-b198-9d2e732a94e4"; + bootUuid = "6C25-6BDC"; + swapUuid = "e147721d-86b5-40d7-a231-c6ea391c563d"; + ipv6Address = "2a01:4f8:c013:65dd::1/64"; }; }; } diff --git a/nixosConfigurations/hyperforge/default.nix b/nixosConfigurations/hyperforge/default.nix new file mode 100644 index 0000000..2c64351 --- /dev/null +++ b/nixosConfigurations/hyperforge/default.nix @@ -0,0 +1,16 @@ +{ + imports = [ + ./hardware.nix + ]; + + config = { + # uncomment for build check on non arm system (requires --impure) + # nixpkgs.buildPlatform = builtins.currentSystem; + + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY pixel-JuiceSSH" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv pc2 home roaming" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC lpt2-roaming" + ]; + }; +} diff --git a/nixosConfigurations/hyperforge/hardware.nix b/nixosConfigurations/hyperforge/hardware.nix new file mode 100644 index 0000000..a196adb --- /dev/null +++ b/nixosConfigurations/hyperforge/hardware.nix @@ -0,0 +1,14 @@ +{ modulesPath, ... }: +{ + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + + config = { + my.hetznerVm = { + enable = true; + rootUuid = "73dfcfd2-3a61-4b05-8440-d57072b89eda"; + bootUuid = "E9C2-D85B"; + swapUuid = "737140f2-c2fd-4af9-9974-f05642f8d90e"; + ipv6Address = "2a01:4f8:c013:cbdd::1/64"; + }; + }; +} diff --git a/nixosModules/hetzner-vm.nix b/nixosModules/hetzner-vm.nix new file mode 100644 index 0000000..d59b4ad --- /dev/null +++ b/nixosModules/hetzner-vm.nix @@ -0,0 +1,86 @@ +{ + lib, + config, + ... +}: +let + cfg = config.my.hetznerVm; +in +{ + options.my.hetznerVm = { + enable = lib.mkEnableOption "Hetzner Cloud aarch64 qemu-guest defaults"; + + rootUuid = lib.mkOption { + type = lib.types.str; + description = "UUID of the root ext4 filesystem."; + }; + bootUuid = lib.mkOption { + type = lib.types.str; + description = "UUID of the FAT /boot partition."; + }; + swapUuid = lib.mkOption { + type = lib.types.str; + description = "UUID of the swap device."; + }; + ipv6Address = lib.mkOption { + type = lib.types.str; + description = "Static IPv6 address (with /prefix) assigned to enp1s0."; + example = "2a01:4f8:c013:cbdd::1/64"; + }; + }; + + config = lib.mkIf cfg.enable { + boot = { + tmp.cleanOnBoot = true; + kernelParams = [ "console=tty" ]; + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + initrd = { + availableKernelModules = [ + "xhci_pci" + "virtio_scsi" + "sr_mod" + "virtio_gpu" + ]; + kernelModules = [ ]; + }; + }; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/${cfg.rootUuid}"; + fsType = "ext4"; + }; + "/boot" = { + device = "/dev/disk/by-uuid/${cfg.bootUuid}"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/${cfg.swapUuid}"; } + ]; + + networking.useNetworkd = true; + systemd.network = { + enable = true; + networks."10-wan" = { + matchConfig.Name = "enp1s0"; + networkConfig.DHCP = "ipv4"; + address = [ cfg.ipv6Address ]; + routes = [ + { Gateway = "fe80::1"; } + ]; + }; + }; + + services.tailscale.useRoutingFeatures = "both"; + system.autoUpgrade.allowReboot = true; + }; +}