mara/nixos-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

extract hetzner vm module, add device hyperforge

Browse source
This commit is contained in:
müde 2026-05-27 17:44:03 +02:00
parent 340d51b45a
commit bda4fbe2c0
8 changed files with 129 additions and 105 deletions
Download patch file Download diff file Expand all files Collapse all files

3
devices.nix
View file

@ -38,6 +38,9 @@ in
hetzner-vpn2 = { hetzner-vpn2 = {
system = "aarch64-linux"; system = "aarch64-linux";
}; };
hyperforge = {
system = "aarch64-linux";
};
muede-lpt2 = { muede-lpt2 = {
system = "x86_64-linux"; system = "x86_64-linux";
isDesktop = true; isDesktop = true;

3
nixosConfigurations/forgejo-runner-1/default.nix
View file

@ -10,9 +10,6 @@
# uncomment for build check on non arm system (requires --impure) # uncomment for build check on non arm system (requires --impure)
# nixpkgs.buildPlatform = builtins.currentSystem; # nixpkgs.buildPlatform = builtins.currentSystem;
services.tailscale.useRoutingFeatures = "both";
system.autoUpgrade.allowReboot = true;
users.users = { users.users = {
root.openssh.authorizedKeys.keys = [ root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY pixel-JuiceSSH" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY pixel-JuiceSSH"

54
nixosConfigurations/forgejo-runner-1/hardware.nix
View file

@ -3,56 +3,12 @@
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
config = { config = {
boot = { my.hetznerVm = {
tmp.cleanOnBoot = true;
kernelParams = [ "console=tty" ];
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
initrd = {
availableKernelModules = [
"xhci_pci"
"virtio_scsi"
"sr_mod"
"virtio_gpu"
];
kernelModules = [ ];
};
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/47bc77ff-12e1-4d39-bb5c-fb100ccd3aab";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/05F2-8F9A";
fsType = "vfat";
options = [
"fmask=0077"
"dmask=0077"
];
};
};
swapDevices = [
{ device = "/dev/disk/by-uuid/bbd18a70-b0bb-4e1a-b45b-3c1f8ecc0c10"; }
];
networking.useNetworkd = true;
systemd.network = {
enable = true; enable = true;
networks."10-wan" = { rootUuid = "47bc77ff-12e1-4d39-bb5c-fb100ccd3aab";
matchConfig.Name = "enp1s0"; bootUuid = "05F2-8F9A";
networkConfig.DHCP = "ipv4"; swapUuid = "bbd18a70-b0bb-4e1a-b45b-3c1f8ecc0c10";
address = [ ipv6Address = "2a01:4f8:c013:a524::1/64";
"2a01:4f8:c013:a524::1/64"
];
routes = [
{ Gateway = "fe80::1"; }
];
};
}; };
}; };
} }

4
nixosConfigurations/hetzner-vpn2/default.nix
View file

@ -8,15 +8,11 @@
# uncomment for build check on non arm system (requires --impure) # uncomment for build check on non arm system (requires --impure)
# nixpkgs.buildPlatform = builtins.currentSystem; # nixpkgs.buildPlatform = builtins.currentSystem;
services.tailscale.useRoutingFeatures = "both";
users.users.root.openssh.authorizedKeys.keys = [ users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICdYqY3Y1/f1bsAi5Qfyr/UWuX9ixu96IeAlhoQaJkbf"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY pixel-JuiceSSH" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY pixel-JuiceSSH"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv pc2 home roaming" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv pc2 home roaming"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC lpt2-roaming" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC lpt2-roaming"
]; ];
system.autoUpgrade.allowReboot = true;
}; };
} }

54
nixosConfigurations/hetzner-vpn2/hardware.nix
View file

@ -3,56 +3,12 @@
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
config = { config = {
boot = { my.hetznerVm = {
tmp.cleanOnBoot = true;
kernelParams = [ "console=tty" ];
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
initrd = {
availableKernelModules = [
"xhci_pci"
"virtio_scsi"
"sr_mod"
"virtio_gpu"
];
kernelModules = [ ];
};
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/3263489d-9819-433c-b198-9d2e732a94e4";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/6C25-6BDC";
fsType = "vfat";
options = [
"fmask=0077"
"dmask=0077"
];
};
};
swapDevices = [
{ device = "/dev/disk/by-uuid/e147721d-86b5-40d7-a231-c6ea391c563d"; }
];
networking.useNetworkd = true;
systemd.network = {
enable = true; enable = true;
networks."10-wan" = { rootUuid = "3263489d-9819-433c-b198-9d2e732a94e4";
matchConfig.Name = "enp1s0"; bootUuid = "6C25-6BDC";
networkConfig.DHCP = "ipv4"; swapUuid = "e147721d-86b5-40d7-a231-c6ea391c563d";
address = [ ipv6Address = "2a01:4f8:c013:65dd::1/64";
"2a01:4f8:c013:65dd::1/64"
];
routes = [
{ Gateway = "fe80::1"; }
];
};
}; };
}; };
} }

16
nixosConfigurations/hyperforge/default.nix Normal file
View file

@ -0,0 +1,16 @@
{
imports = [
./hardware.nix
];
config = {
# uncomment for build check on non arm system (requires --impure)
# nixpkgs.buildPlatform = builtins.currentSystem;
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFCJUpbpB3KEKVoKWsKoar9J4RNah8gmQoSH6jQEw5dY pixel-JuiceSSH"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO1CRn4yYTL4XUdCebE8Z4ZeuMujBjorTdWifg911EOv pc2 home roaming"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC lpt2-roaming"
];
};
}

14
nixosConfigurations/hyperforge/hardware.nix Normal file
View file

@ -0,0 +1,14 @@
{ modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
config = {
my.hetznerVm = {
enable = true;
rootUuid = "73dfcfd2-3a61-4b05-8440-d57072b89eda";
bootUuid = "E9C2-D85B";
swapUuid = "737140f2-c2fd-4af9-9974-f05642f8d90e";
ipv6Address = "2a01:4f8:c013:cbdd::1/64";
};
};
}

86
nixosModules/hetzner-vm.nix Normal file
View file

@ -0,0 +1,86 @@
{
lib,
config,
...
}:
let
cfg = config.my.hetznerVm;
in
{
options.my.hetznerVm = {
enable = lib.mkEnableOption "Hetzner Cloud aarch64 qemu-guest defaults";
rootUuid = lib.mkOption {
type = lib.types.str;
description = "UUID of the root ext4 filesystem.";
};
bootUuid = lib.mkOption {
type = lib.types.str;
description = "UUID of the FAT /boot partition.";
};
swapUuid = lib.mkOption {
type = lib.types.str;
description = "UUID of the swap device.";
};
ipv6Address = lib.mkOption {
type = lib.types.str;
description = "Static IPv6 address (with /prefix) assigned to enp1s0.";
example = "2a01:4f8:c013:cbdd::1/64";
};
};
config = lib.mkIf cfg.enable {
boot = {
tmp.cleanOnBoot = true;
kernelParams = [ "console=tty" ];
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
initrd = {
availableKernelModules = [
"xhci_pci"
"virtio_scsi"
"sr_mod"
"virtio_gpu"
];
kernelModules = [ ];
};
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/${cfg.rootUuid}";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/${cfg.bootUuid}";
fsType = "vfat";
options = [
"fmask=0077"
"dmask=0077"
];
};
};
swapDevices = [
{ device = "/dev/disk/by-uuid/${cfg.swapUuid}"; }
];
networking.useNetworkd = true;
systemd.network = {
enable = true;
networks."10-wan" = {
matchConfig.Name = "enp1s0";
networkConfig.DHCP = "ipv4";
address = [ cfg.ipv6Address ];
routes = [
{ Gateway = "fe80::1"; }
];
};
};
services.tailscale.useRoutingFeatures = "both";
system.autoUpgrade.allowReboot = true;
};
}