Gleipnir/nixos-systems
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Attempt to make new corp hardware the definitive corp hardware

Browse source 
This is...a big change. If I run this on the old corp server it will
break a lot, LOT of stuff. So don't do that. This is also the first time
I'm attempting to use disko to fully define a server in a single step
rather than as a bootstrapping step.
This commit is contained in:
Eli Ribble 2025-09-08 20:36:59 +00:00
parent 803e1d4b4f
commit 79c577cfff
5 changed files with 146 additions and 56 deletions
Download patch file Download diff file Expand all files Collapse all files

21
flake.lock generated
View file

@ -1,5 +1,25 @@
{
"nodes": {
"disko": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1757255839,
"narHash": "sha256-XH33B1X888Xc/xEXhF1RPq/kzKElM0D5C9N6YdvOvIc=",
"owner": "nix-community",
"repo": "disko",
"rev": "c8a0e78d86b12ea67be6ed0f7cae7f9bfabae75a",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
@ -169,6 +189,7 @@
},
"root": {
"inputs": {
"disko": "disko",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"nixvim": "nixvim",

12
flake.nix
View file

@ -2,6 +2,10 @@
description = "Multi-host NixOS configuration";
inputs = {
disko = {
inputs.nixpkgs.follows = "nixpkgs";
url = "github:nix-community/disko";
};
home-manager = {
url = "github:nix-community/home-manager/release-25.05";
inputs.nixpkgs.follows = "nixpkgs";
@ -14,7 +18,7 @@
sops-nix.url = "github:Mic92/sops-nix";
};
outputs = { self, home-manager, nixpkgs, nixvim, sops-nix, ...}:
outputs = { self, disko, home-manager, nixpkgs, nixvim, sops-nix, ...}:
let
configFiles = pkgs.stdenv.mkDerivation {
name = "config-files";
@ -30,15 +34,15 @@
nixosConfigurations = {
corp = import ./system.nix {
configuration = ./host/corp/configuration.nix;
inherit configFiles home-manager nixpkgs nixvim sops-nix system;
inherit configFiles disko home-manager nixpkgs nixvim sops-nix system;
};
"sync.nidus.cloud" = import ./system.nix {
configuration = ./host/sync/configuration.nix;
inherit configFiles home-manager nixpkgs nixvim sops-nix system;
inherit configFiles disko home-manager nixpkgs nixvim sops-nix system;
};
test-corp = nixpkgs.lib.nixosSystem {
configuration = ./host/test-corp/configuration.nix;
inherit configFiles home-manager nixpkgs nixvim sops-nix system;
inherit configFiles disko home-manager nixpkgs nixvim sops-nix system;
};
};
};

89
host/corp/disk-config.nix Normal file
View file

@ -0,0 +1,89 @@
# Example to create a bios compatible gpt partition
{ lib, ... }:
{
disko.devices = {
disk = {
sda = {
device = "/dev/sda";
type = "disk";
content = {
type = "gpt";
partitions = {
MBR = {
size = "1M";
type = "EF02"; # for grub MBR
};
boot = {
size = "500M";
type = "EF00"; # for grub MBR
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"defaults"
];
};
};
root = {
size = "100%";
content = {
type = "lvm_pv";
vg = "pool";
};
};
};
};
};
sdb = {
device = "/dev/sdb";
type = "disk";
content = {
type = "gpt";
partitions = {
bigdisk = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/mnt/bigdisk";
mountOptions = [
"defaults"
];
};
};
};
};
};
};
lvm_vg = {
pool = {
type = "lvm_vg";
lvs = {
root = {
size = "50G";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = [
"defaults"
];
};
};
var = {
size = "100%FREE";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/var";
mountOptions = [
"defaults"
];
};
};
};
};
};
};
}

77
host/corp/networking.nix
View file

@ -1,53 +1,28 @@
{ lib, ... }: {
# This file was populated at runtime with the networking
# details gathered from the active system.
networking = {
hostName = "corp";
defaultGateway = {
address = "159.89.144.1";
interface = "eth0";
};
defaultGateway6 = {
address = "2604:a880:2:d1::1";
interface = "eth0";
};
dhcpcd.enable = false;
domain = "gleipnir.technology";
firewall.enable = false;
interfaces = {
eth0 = {
ipv4.addresses = [
{ address="159.89.154.99"; prefixLength=20; }
{ address="10.46.0.5"; prefixLength=16; }
];
ipv4.routes = [ { address = "159.89.144.1"; prefixLength = 32; } ];
ipv6.addresses = [
{ address="2604:a880:2:d1::7f9a:6001"; prefixLength=64; }
{ address="fe80::d4a8:45ff:fe46:cd11"; prefixLength=64; }
];
ipv6.routes = [ { address = "2604:a880:2:d1::1"; prefixLength = 128; } ];
};
eth1 = {
ipv4.addresses = [
{ address="10.120.0.2"; prefixLength=20; }
];
ipv6.addresses = [
{ address="fe80::4ac:1fff:fe36:cb24"; prefixLength=64; }
];
};
};
nameservers = [
"67.207.67.3"
"67.207.67.2"
"67.207.67.3"
"67.207.67.2"
"67.207.67.3"
"67.207.67.2"
];
usePredictableInterfaceNames = lib.mkForce false;
};
services.udev.extraRules = ''
ATTR{address}=="d6:a8:45:46:cd:11", NAME="eth0"
ATTR{address}=="06:ac:1f:36:cb:24", NAME="eth1"
'';
networking = {
defaultGateway = {
address = "107.150.59.201";
interface = "enp2s0";
};
defaultGateway6 = {
address = "2604:4300:a:27e::1";
interface = "enp2s0";
};
dhcpcd.enable = false;
domain = "gleipnir.technology";
firewall.enable = false;
hostName = "corp";
interfaces.enp2s0 = {
ipv4.addresses = [{
address = "107.150.59.202";
prefixLength = 29;
}];
ipv6.addresses = [{
address = "2604:4300:a:27e::2";
prefixLength = 64;
}];
};
nameservers = ["192.187.107.16"];
search = ["nocix.net"];
};
}

3
system.nix
View file

@ -1,4 +1,4 @@
{ configFiles, configuration, home-manager, nixpkgs, nixvim, sops-nix, system, ... }:
{ configFiles, configuration, disko, home-manager, nixpkgs, nixvim, sops-nix, system, ... }:
let
allowed-unfree-packages = [
"corefonts"
@ -6,6 +6,7 @@ let
];
in nixpkgs.lib.nixosSystem {
modules = [
disko.nixosModules.disko
home-manager.nixosModules.home-manager
{
home-manager.extraSpecialArgs = { inherit configFiles; };