better machine conf, rework key/machines management

author: andromeda <andromeda@lenovo> 2025-12-31 01:14:37 +0100
committer: andromeda <andromeda@lenovo> 2025-12-31 01:14:37 +0100
commit: 42a93f042e2c821939fa6aa4ac8945997d5b5099 (patch)
tree: bcc6ec5399cdabd28c9e30faca59d6bea925e7d4 /machines
parent: 07655e513522db296b1032290c7cfb6a5ac64181 (diff)
6 files changed, 117 insertions, 164 deletions
diff --git a/machines/173-249-5-230/hardware-configuration.nix b/machines/173-249-5-230/hardware-configuration.nix
deleted file mode 100644
index bde1c83..0000000
--- a/machines/173-249-5-230/hardware-configuration.nix
+++ /dev/null
@@ -1,69 +0,0 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{
-  config,
-  lib,
-  pkgs,
-  modulesPath,
-  ...
-}: {
-  imports = [
-    (modulesPath + "/installer/scan/not-detected.nix")
-  ];
-
-  boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "sdhci_pci"];
-  boot.initrd.kernelModules = [];
-  boot.kernelModules = ["kvm-intel"];
-  boot.extraModulePackages = [];
-
-  fileSystems."/" = {
-    #device = "none";
-    #fsType = "tmpfs";
-    #options = ["defaults" "size=60%" "mode=755"];
-    device = "/dev/disk/by-uuid/16c93673-4f0e-4010-a7f4-7ccffb20edb7";
-    fsType = "btrfs";
-    options = ["subvol=root"];
-  };
-
-  boot.initrd.postResumeCommands = lib.mkAfter ''
-    mkdir /btrfs_tmp
-    mount ${config.fileSystems."/".device} /btrfs_tmp
-    if [[ -e /btrfs_tmp/root ]]; then
-      mkdir -p /btrfs_tmp/old_roots
-      timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:$M:%S")
-      mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
-    fi
-
-    delete_subvolume_recursively() {
-      IFS=$'\n'
-      for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
-        delete_subvolume_recursively "/btrfs_tmp/$i"
-      done
-      btrfs subvolume delete "$1"
-    }
-
-    for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
-      delete_subvolume_recursively "$i"
-    done
-
-    btrfs subvolume create /btrfs_tmp/root
-    umount /btrfs_tmp
-  '';
-
-  fileSystems."/nix" = {
-    device = "/dev/disk/by-uuid/0e586651-36f4-42b0-99b3-3f0704a894d6";
-    fsType = "btrfs";
-  };
-
-  fileSystems."/boot" = {
-    device = "/dev/disk/by-uuid/F425-55BA";
-    fsType = "vfat";
-    options = ["fmask=0022" "dmask=0022"];
-  };
-
-  swapDevices = [];
-
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-}
diff --git a/machines/173-249-5-230/machine.nix b/machines/173-249-5-230/machine.nix
deleted file mode 100644
index 672d46b..0000000
--- a/machines/173-249-5-230/machine.nix
+++ /dev/null
@@ -1,10 +0,0 @@
-{
-  hostname = "173-249-5-230";
-  usernames = ["mtgmonkey"];
-  system = "x86_64-linux";
-  configuration = ./configuration.nix;
-  hardware-configuration = ./hardware-configuration.nix;
-  pub-keys = {
-    ssh = [];
-  };
-}
diff --git a/machines/173-249-5-230/configuration.nix b/machines/_173-249-5-230/configuration.nix
index 570d428..0fe1e9e 100644
--- a/machines/173-249-5-230/configuration.nix
+++ b/machines/_173-249-5-230/configuration.nix
@@ -1,5 +1,7 @@
 {
   config,
+  lib,
+  modulesPath,
   machine,
   ...
 }: {
@@ -38,8 +40,9 @@
       allowedTCPPorts = [80 443];
       allowedUDPPorts = [80 443];
     };
-    hostName = machine.hostname;
+    hostName = lib.strings.removePrefix "_" machine.hostname;
     domain = "";
+    useDHCP = true;
   };
   nix.settings = {
     experimental-features = [
@@ -73,6 +76,52 @@
     description = "mtgmonkey";
     hashedPasswordFile = builtins.toString config.age.secrets.secret2.path;
     extraGroups = ["wheel"];
-    openssh.authorizedKeys.keys = machine.pub-keys.ssh;
+    openssh.authorizedKeys.keys = [(import ../../pub-keys.nix).ssh.andromeda];
   };
+  imports = [
+    (modulesPath + "/profiles/qemu-guest.nix")
+  ];
+  boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
+  boot.initrd.kernelModules = [];
+  boot.kernelModules = [];
+  boot.extraModulePackages = [];
+  fileSystems."/" = {
+    device = "none";
+    fsType = "tmpfs";
+    options = ["defaults" "size=30%" "mode=755"];
+  };
+  boot.initrd.postResumeCommands = lib.mkAfter ''
+    mkdir /btrfs_tmp
+    mount ${config.fileSystems."/".device} /btrfs_tmp
+    if [[ -e /btrfs_tmp/root ]]; then
+      mkdir -p /btrfs_tmp/old_roots
+      timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:$M:%S")
+      mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
+    fi
+
+    delete_subvolume_recursively() {
+      IFS=$'\n'
+      for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
+        delete_subvolume_recursively "/btrfs_tmp/$i"
+      done
+      btrfs subvolume delete "$1"
+    }
+
+    for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
+      delete_subvolume_recursively "$i"
+    done
+
+    btrfs subvolume create /btrfs_tmp/root
+    umount /btrfs_tmp
+  '';
+  fileSystems."/nix" = {
+    device = "/dev/disk/by-uuid/6b481376-9716-4559-946b-62097c2380f1";
+    fsType = "ext4";
+  };
+  fileSystems."/efi" = {
+    device = "systemd-1";
+    fsType = "autofs";
+  };
+  swapDevices = [];
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
 }
diff --git a/machines/laptop/hardware-configuration.nix b/machines/laptop/hardware-configuration.nix
deleted file mode 100644
index 8ebef80..0000000
--- a/machines/laptop/hardware-configuration.nix
+++ /dev/null
@@ -1,75 +0,0 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{
-  config,
-  lib,
-  pkgs,
-  modulesPath,
-  ...
-}: {
-  imports = [
-    (modulesPath + "/installer/scan/not-detected.nix")
-  ];
-
-  boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "sdhci_pci"];
-  boot.initrd.kernelModules = [];
-  boot.kernelModules = ["kvm-intel"];
-  boot.extraModulePackages = [];
-
-  fileSystems."/" = {
-    #device = "none";
-    #fsType = "tmpfs";
-    #options = ["defaults" "size=60%" "mode=755"];
-    device = "/dev/disk/by-uuid/5455cfb4-0efd-4f55-b496-d2cab3f419b7";
-    fsType = "btrfs";
-    options = ["subvol=root"];
-  };
-
-  boot.initrd.postResumeCommands = lib.mkAfter ''
-    mkdir /btrfs_tmp
-    mount ${config.fileSystems."/".device} /btrfs_tmp
-    if [[ -e /btrfs_tmp/root ]]; then
-      mkdir -p /btrfs_tmp/old_roots
-      timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:$M:%S")
-      mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
-    fi
-
-    delete_subvolume_recursively() {
-      IFS=$'\n'
-      for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
-        delete_subvolume_recursively "/btrfs_tmp/$i"
-      done
-      btrfs subvolume delete "$1"
-    }
-
-    for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
-      delete_subvolume_recursively "$i"
-    done
-
-    btrfs subvolume create /btrfs_tmp/root
-    mkdir /btrfs_tmp/root/nix
-    mkdir /btrfs_tmp/root/etc
-    mount ${config.fileSystems."/nix".device} /btrfs_tmp/root/nix
-    cp /btrfs_tmp/root/nix/persist/etc/ssh /btrfs_tmp/root/etc/ssh -r
-    umount /btrfs_tmp/root/nix
-    rm -r /btrfs_tmp/root/nix
-    umount /btrfs_tmp
-  '';
-
-  fileSystems."/nix" = {
-    device = "/dev/disk/by-uuid/0e586651-36f4-42b0-99b3-3f0704a894d6";
-    fsType = "btrfs";
-  };
-
-  fileSystems."/boot" = {
-    device = "/dev/disk/by-uuid/F425-55BA";
-    fsType = "vfat";
-    options = ["fmask=0022" "dmask=0022"];
-  };
-
-  swapDevices = [];
-
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-}
diff --git a/machines/laptop/machine.nix b/machines/laptop/machine.nix
deleted file mode 100644
index 77c15b5..0000000
--- a/machines/laptop/machine.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{
-  hostname = "lenovo";
-  usernames = ["andromeda" "mtgmonkey"];
-  system = "x86_64-linux";
-  configuration = ./configuration.nix;
-  hardware-configuration = ./hardware-configuration.nix;
-  pub-keys.ssh = [];
-}
diff --git a/machines/laptop/configuration.nix b/machines/lenovo/configuration.nix
index 58b019e..1b42b9d 100644
--- a/machines/laptop/configuration.nix
+++ b/machines/lenovo/configuration.nix
@@ -1,6 +1,8 @@
 {
   config,
   lib,
+  pkgs,
+  modulesPath,
   machine,
   ...
 }: {
@@ -111,4 +113,68 @@
       "wheel"
     ];
   };
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "sdhci_pci"];
+  boot.initrd.kernelModules = [];
+  boot.kernelModules = ["kvm-intel"];
+  boot.extraModulePackages = [];
+
+  fileSystems."/" = {
+    #device = "none";
+    #fsType = "tmpfs";
+    #options = ["defaults" "size=60%" "mode=755"];
+    device = "/dev/disk/by-uuid/5455cfb4-0efd-4f55-b496-d2cab3f419b7";
+    fsType = "btrfs";
+    options = ["subvol=root"];
+  };
+
+  boot.initrd.postResumeCommands = lib.mkAfter ''
+    mkdir /btrfs_tmp
+    mount ${config.fileSystems."/".device} /btrfs_tmp
+    if [[ -e /btrfs_tmp/root ]]; then
+      mkdir -p /btrfs_tmp/old_roots
+      timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:$M:%S")
+      mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
+    fi
+
+    delete_subvolume_recursively() {
+      IFS=$'\n'
+      for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
+        delete_subvolume_recursively "/btrfs_tmp/$i"
+      done
+      btrfs subvolume delete "$1"
+    }
+
+    for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
+      delete_subvolume_recursively "$i"
+    done
+
+    btrfs subvolume create /btrfs_tmp/root
+    mkdir /btrfs_tmp/root/nix
+    mkdir /btrfs_tmp/root/etc
+    mount ${config.fileSystems."/nix".device} /btrfs_tmp/root/nix
+    cp /btrfs_tmp/root/nix/persist/etc/ssh /btrfs_tmp/root/etc/ssh -r
+    umount /btrfs_tmp/root/nix
+    rm -r /btrfs_tmp/root/nix
+    umount /btrfs_tmp
+  '';
+
+  fileSystems."/nix" = {
+    device = "/dev/disk/by-uuid/0e586651-36f4-42b0-99b3-3f0704a894d6";
+    fsType = "btrfs";
+  };
+
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/F425-55BA";
+    fsType = "vfat";
+    options = ["fmask=0022" "dmask=0022"];
+  };
+
+  swapDevices = [];
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }
author	andromeda <andromeda@lenovo>	2025-12-31 01:14:37 +0100
committer	andromeda <andromeda@lenovo>	2025-12-31 01:14:37 +0100
commit	42a93f042e2c821939fa6aa4ac8945997d5b5099 (patch)
tree	bcc6ec5399cdabd28c9e30faca59d6bea925e7d4 /machines
parent	07655e513522db296b1032290c7cfb6a5ac64181 (diff)