diff --git a/hosts/komikan/config.nix b/hosts/komikan/config.nix new file mode 100644 index 0000000..23fbebd --- /dev/null +++ b/hosts/komikan/config.nix @@ -0,0 +1,37 @@ +{...}: { + services.openssh = { + enable = true; + authorizedKeysFiles = ["%h/.local/ssh/authorized_keys"]; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "no"; + }; + }; + services.samba = { + enable = true; + openFirewall = true; + settings = { + global = { + "workgroup" = "WORKGROUP"; + "server string" = "komikan"; + "netbios name" = "komikan"; + "security" = "user"; + "use sendfile" = "yes"; + "hosts allow" = "192.168.0. 127.0.0.1 localhost 100.64."; + "hosts deny" = "0.0.0.0/0"; + }; + pool = { + "path" = "/mnt/pool"; + "browseable" = "no"; + "read only" = "no"; + "guest ok" = "no"; + "create mask" = "0644"; + "directory mask" = "0755"; + "force user" = "ahnwuoa"; + "force group" = "users"; + }; + }; + }; + services.tailscale.enable = true; + services.qemuGuest.enable = true; +} diff --git a/hosts/komikan/default.nix b/hosts/komikan/default.nix new file mode 100644 index 0000000..4647c9c --- /dev/null +++ b/hosts/komikan/default.nix @@ -0,0 +1,39 @@ +{ + pkgs, + inputs, + ... +}: { + imports = [ + ../../system + ./hardware-configuration.nix + ./disk.nix + ./config.nix + inputs.disko.nixosModules.disko + ]; + + environment.systemPackages = [pkgs.hd-idle]; + networking.hostName = "komikan"; + time.timeZone = "America/New_York"; + users.users.ahnwuoa = { + isNormalUser = true; + extraGroups = ["wheel"]; + }; + u.has = { + graphical = false; + wine = false; + virt = false; + container = false; + }; + boot.loader.grub = { + useOSProber = false; + efiSupport = false; + }; + systemd.services.hd-idle = { + description = "Disk spin down daemon"; + wantedBy = ["multi-user.target"]; + serviceConfig = { + ExecStart = "${pkgs.hd-idle}/bin/hd-idle"; + }; + }; + boot.loader.efi.canTouchEfiVariables = false; +} diff --git a/hosts/komikan/disk.nix b/hosts/komikan/disk.nix new file mode 100644 index 0000000..1f974ed --- /dev/null +++ b/hosts/komikan/disk.nix @@ -0,0 +1,129 @@ +{pkgs, ...}: { + disko.devices.disk = { + main = { + device = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0"; + type = "disk"; + content = { + type = "gpt"; + partitions = { + boot = { + size = "1M"; + type = "EF02"; # for grub MBR + }; + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + disk1 = { + device = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1"; + type = "disk"; + content = { + type = "gpt"; + partitions.luks = { + size = "100%"; + content = { + type = "luks"; + name = "disk1"; + passwordFile = "/tmp/pass.key"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/mnt/disk1"; + }; + }; + }; + }; + }; + disk2 = { + device = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi2"; + type = "disk"; + content = { + type = "gpt"; + partitions.luks = { + size = "100%"; + content = { + type = "luks"; + name = "disk2"; + passwordFile = "/tmp/pass.key"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/mnt/disk2"; + }; + }; + }; + }; + }; + disk3 = { + device = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi3"; + type = "disk"; + content = { + type = "gpt"; + partitions.luks = { + size = "100%"; + content = { + type = "luks"; + name = "disk3"; + passwordFile = "/tmp/pass.key"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/mnt/disk3"; + }; + }; + }; + }; + }; + parity = { + device = "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi4"; + type = "disk"; + content = { + type = "gpt"; + partitions.luks = { + size = "100%"; + content = { + type = "luks"; + name = "parity"; + passwordFile = "/tmp/pass.key"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/mnt/parity"; + }; + }; + }; + }; + }; + }; + environment.systemPackages = [ + pkgs.mergerfs + pkgs.snapraid + ]; + fileSystems."/mnt/pool" = { + fsType = "fuse.mergerfs"; + device = "/mnt/disk*"; + options = [ + "cache.files=off" + "dropcacheonclose=true" + "category.create=eplus" + ]; + }; + environment.etc."snapraid.conf".text = '' + parity /mnt/parity/snapraid.parity + content /var/snapraid.content + content /mnt/disk1/general/snapraid.content + content /mnt/disk2/general/snapraid.content + content /mnt/disk3/general/snapraid.content + data d1 /mnt/disk1/ + data d2 /mnt/disk2/ + data d3 /mnt/disk3/ + exclude /lost+found/ + ''; +} diff --git a/hosts/komikan/hardware-configuration.nix b/hosts/komikan/hardware-configuration.nix new file mode 100644 index 0000000..f2ad9d9 --- /dev/null +++ b/hosts/komikan/hardware-configuration.nix @@ -0,0 +1,28 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.ens18.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/hosts/komikan/users/ahnwuoa/default.nix b/hosts/komikan/users/ahnwuoa/default.nix new file mode 100644 index 0000000..9852d89 --- /dev/null +++ b/hosts/komikan/users/ahnwuoa/default.nix @@ -0,0 +1,12 @@ +{...}: { + imports = [ + ../../../../user + ]; + + home.username = "ahnwuoa"; + u.has = { + graphical = false; + wine = false; + prog = false; + }; +}