diff --git a/nixos-anywhere-nocix/configuration.nix b/nixos-anywhere-nocix/configuration.nix new file mode 100644 index 0000000..d320f97 --- /dev/null +++ b/nixos-anywhere-nocix/configuration.nix @@ -0,0 +1,56 @@ +{ + modulesPath, + lib, + pkgs, + ... +} @ args: +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + (modulesPath + "/profiles/qemu-guest.nix") + ./disk-config.nix + ]; + boot.loader.grub = { + # no need to set devices, disko will add all devices that have a EF02 partition to the list already + # devices = [ ]; + efiSupport = true; + efiInstallAsRemovable = true; + }; + services.openssh.enable = true; + + environment.systemPackages = map lib.lowPrio [ + pkgs.curl + pkgs.gitMinimal + ]; + + networking = { + defaultGateway = { + address = "107.150.59.201"; + interface = "enp2s0"; + }; + defaultGateway6 = { + address = "2604:4300:a:27e::1"; + interface = "enp2s0"; + }; + interfaces.enp2s0 = { + ipv4.addresses = [{ + address = "107.150.59.202"; + prefixLength = 29; + }]; + ipv6.addresses = [{ + address = "2604:4300:a:27e::2"; + prefixLength = 64; + }]; + }; + nameservers = ["192.187.107.16"]; + search = ["nocix.net"]; + }; + users.users.root.openssh.authorizedKeys.keys = + [ + # change this to your ssh key + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBvhtF6nRWlA6PVs71Eek7p0p2PxTd3P6ZEGFV2t75MB eliribble@nixos" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHL1SpT3KR8XeXtH19muncYVrKxWzWdWtJYNTwoJGTm3 eliribble@Elis-Mac-mini.local" + ] ++ (args.extraPublicKeys or []); # this is used for unit-testing this module and can be removed if not needed + + system.stateVersion = "25.05"; +} diff --git a/nixos-anywhere-nocix/disk-config.nix b/nixos-anywhere-nocix/disk-config.nix new file mode 100644 index 0000000..75ae234 --- /dev/null +++ b/nixos-anywhere-nocix/disk-config.nix @@ -0,0 +1,56 @@ +# Example to create a bios compatible gpt partition +{ lib, ... }: +{ + disko.devices = { + disk.disk1 = { + device = lib.mkDefault "/dev/sda"; + type = "disk"; + content = { + type = "gpt"; + partitions = { + boot = { + name = "boot"; + size = "1M"; + type = "EF02"; + }; + esp = { + name = "ESP"; + size = "500M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + root = { + name = "root"; + size = "100%"; + content = { + type = "lvm_pv"; + vg = "pool"; + }; + }; + }; + }; + }; + lvm_vg = { + pool = { + type = "lvm_vg"; + lvs = { + root = { + size = "100%FREE"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + mountOptions = [ + "defaults" + ]; + }; + }; + }; + }; + }; + }; +} diff --git a/nixos-anywhere-nocix/flake.lock b/nixos-anywhere-nocix/flake.lock new file mode 100644 index 0000000..f177352 --- /dev/null +++ b/nixos-anywhere-nocix/flake.lock @@ -0,0 +1,64 @@ +{ + "nodes": { + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1756733629, + "narHash": "sha256-dwWGlDhcO5SMIvMSTB4mjQ5Pvo2vtxvpIknhVnSz2I8=", + "owner": "nix-community", + "repo": "disko", + "rev": "a5c4f2ab72e3d1ab43e3e65aa421c6f2bd2e12a1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, + "nixos-facter-modules": { + "locked": { + "lastModified": 1756491981, + "narHash": "sha256-lXyDAWPw/UngVtQfgQ8/nrubs2r+waGEYIba5UX62+k=", + "owner": "numtide", + "repo": "nixos-facter-modules", + "rev": "c1b29520945d3e148cd96618c8a0d1f850965d8c", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "nixos-facter-modules", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1756819007, + "narHash": "sha256-12V64nKG/O/guxSYnr5/nq1EfqwJCdD2+cIGmhz3nrE=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "aaff8c16d7fc04991cac6245bee1baa31f72b1e1", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "disko": "disko", + "nixos-facter-modules": "nixos-facter-modules", + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/nixos-anywhere-nocix/flake.nix b/nixos-anywhere-nocix/flake.nix new file mode 100644 index 0000000..edb07a9 --- /dev/null +++ b/nixos-anywhere-nocix/flake.nix @@ -0,0 +1,70 @@ +{ + inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; + inputs.disko.url = "github:nix-community/disko"; + inputs.disko.inputs.nixpkgs.follows = "nixpkgs"; + inputs.nixos-facter-modules.url = "github:numtide/nixos-facter-modules"; + + outputs = + { + nixpkgs, + disko, + nixos-facter-modules, + ... + }: + { + nixosConfigurations.hetzner-cloud = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + disko.nixosModules.disko + ./configuration.nix + ]; + }; + # tested with 2GB/2CPU droplet, 1GB droplets do not have enough RAM for kexec + nixosConfigurations.digitalocean = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./digitalocean.nix + disko.nixosModules.disko + { disko.devices.disk.disk1.device = "/dev/vda"; } + ./configuration.nix + ]; + }; + nixosConfigurations.hetzner-cloud-aarch64 = nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = [ + disko.nixosModules.disko + ./configuration.nix + ]; + }; + + # Use this for all other targets + # nixos-anywhere --flake .#generic --generate-hardware-config nixos-generate-config ./hardware-configuration.nix + nixosConfigurations.generic = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + disko.nixosModules.disko + ./configuration.nix + ./hardware-configuration.nix + ]; + }; + + # Slightly experimental: Like generic, but with nixos-facter (https://github.com/numtide/nixos-facter) + # nixos-anywhere --flake .#generic-nixos-facter --generate-hardware-config nixos-facter facter.json + nixosConfigurations.generic-nixos-facter = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + disko.nixosModules.disko + ./configuration.nix + nixos-facter-modules.nixosModules.facter + { + config.facter.reportPath = + if builtins.pathExists ./facter.json then + ./facter.json + else + throw "Have you forgotten to run nixos-anywhere with `--generate-hardware-config nixos-facter ./facter.json`?"; + } + ]; + }; + }; +} + diff --git a/nixos-anywhere-nocix/hardware-configuration.nix b/nixos-anywhere-nocix/hardware-configuration.nix new file mode 100644 index 0000000..9ee6f96 --- /dev/null +++ b/nixos-anywhere-nocix/hardware-configuration.nix @@ -0,0 +1,25 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "ahci" "ohci_pci" "ehci_pci" "xhci_pci" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + #networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp2s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +}