From 97fca4cc7e18985272119f1ab6b75865042a96e1 Mon Sep 17 00:00:00 2001 From: andromeda Date: Sat, 10 Jan 2026 00:55:44 +0100 Subject: fix up remote 109-199-104-83 --- flake.nix | 1 + machines.nix | 11 +--- machines/109-199-104-83.nix | 35 ----------- machines/lenovo.nix | 73 ---------------------- modules/nixos/boot/109-199-104-83.nix | 6 +- modules/nixos/impermanence.nix | 1 + modules/nixos/laptop.nix | 2 - modules/nixos/machines/109-199-104-83.nix | 49 +++++++++++++++ modules/nixos/machines/lenovo.nix | 73 ++++++++++++++++++++++ .../nixos/networking/networks/109-199-104-83.nix | 18 +----- 10 files changed, 135 insertions(+), 134 deletions(-) delete mode 100644 machines/109-199-104-83.nix delete mode 100644 machines/lenovo.nix create mode 100644 modules/nixos/machines/109-199-104-83.nix create mode 100644 modules/nixos/machines/lenovo.nix diff --git a/flake.nix b/flake.nix index 0b3eafa..b82efd8 100644 --- a/flake.nix +++ b/flake.nix @@ -64,6 +64,7 @@ ++ [ ./users.nix ./secrets.nix + ./modules/nixos/common.nix impermanence.nixosModules.impermanence agenix.nixosModules.default nixos-mailserver.nixosModule diff --git a/machines.nix b/machines.nix index be8023e..853a402 100644 --- a/machines.nix +++ b/machines.nix @@ -9,7 +9,7 @@ # hardware configuration # includes `system.stateVersion` - ./machines/lenovo.nix + ./modules/nixos/machines/lenovo.nix # boot process # systemd-boot @@ -18,9 +18,6 @@ # networking ./modules/nixos/laptop.nix - # boilerplate settings - ./modules/nixos/common.nix - # ly display manager ./modules/nixos/ly.nix @@ -41,7 +38,7 @@ # hardware configuration # verbatim as `nixos-generate-config` AND `system.stateVersion` - ./machines/109-199-104-83.nix + ./modules/nixos/machines/109-199-104-83.nix # boot process # grub boot on /dev/sda @@ -49,6 +46,7 @@ # networking ./modules/nixos/networking/domains/galaxious.de.nix + # uses cloud-init to network ./modules/nixos/networking/networks/109-199-104-83.nix # ssh through port 5522 among other things @@ -57,9 +55,6 @@ ./modules/nixos/networking/ssh-as-root.nix ({config, ...}: {users.users.root.openssh.authorizedKeys.keys = [config.pub-keys.ssh.andromeda];}) - # boilerplate settings - ./modules/nixos/common.nix - # simple-nixos-mailserver email server # mail.domain ./modules/nixos/mailserver.nix diff --git a/machines/109-199-104-83.nix b/machines/109-199-104-83.nix deleted file mode 100644 index 9b61ca4..0000000 --- a/machines/109-199-104-83.nix +++ /dev/null @@ -1,35 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; - - boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod"]; - boot.initrd.kernelModules = []; - boot.kernelModules = []; - boot.extraModulePackages = []; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/159e6a69-b4e2-49c3-a6f0-5fcba0ea6a59"; - fsType = "ext4"; - }; - - fileSystems."/efi" = { - device = "systemd-1"; - fsType = "autofs"; - }; - - swapDevices = []; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - - system.stateVersion = "25.11"; -} diff --git a/machines/lenovo.nix b/machines/lenovo.nix deleted file mode 100644 index 86255b1..0000000 --- a/machines/lenovo.nix +++ /dev/null @@ -1,73 +0,0 @@ -{ - config, - lib, - pkgs, - modulesPath, - ... -}: { - imports = [(modulesPath + "/installer/scan/not-detected.nix")]; - boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "sdhci_pci"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/5455cfb4-0efd-4f55-b496-d2cab3f419b7"; - fsType = "btrfs"; - options = ["subvol=root"]; - }; - - boot.initrd.postResumeCommands = lib.mkAfter '' - mkdir /btrfs_tmp - mount ${config.fileSystems."/".device} /btrfs_tmp - if [[ -e /btrfs_tmp/root ]]; then - mkdir -p /btrfs_tmp/old_roots - timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:$M:%S") - mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp" - fi - - delete_subvolume_recursively() { - IFS=$'\n' - for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do - delete_subvolume_recursively "/btrfs_tmp/$i" - done - btrfs subvolume delete "$1" - } - - for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do - delete_subvolume_recursively "$i" - done - - btrfs subvolume create /btrfs_tmp/root - mkdir /btrfs_tmp/root/persist - mkdir /btrfs_tmp/root/etc - mount ${config.fileSystems."/persist".device} /btrfs_tmp/root/persist -o subvol=persist - cp /btrfs_tmp/root/persist/etc/ssh /btrfs_tmp/root/etc/ssh -r - umount /btrfs_tmp/root/persist - rm -r /btrfs_tmp/root/persist - umount /btrfs_tmp - ''; - - fileSystems."/nix" = { - device = "/dev/disk/by-uuid/0e586651-36f4-42b0-99b3-3f0704a894d6"; - fsType = "btrfs"; - }; - - fileSystems."/persist" = { - device = "/dev/disk/by-uuid/5455cfb4-0efd-4f55-b496-d2cab3f419b7"; - fsType = "btrfs"; - options = ["subvol=persist"]; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/F425-55BA"; - fsType = "vfat"; - options = ["fmask=0022" "dmask=0022"]; - }; - - swapDevices = []; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; - system.stateVersion = "26.05"; -} diff --git a/modules/nixos/boot/109-199-104-83.nix b/modules/nixos/boot/109-199-104-83.nix index ec2def1..d54de8e 100644 --- a/modules/nixos/boot/109-199-104-83.nix +++ b/modules/nixos/boot/109-199-104-83.nix @@ -1,3 +1,7 @@ { - boot.loader.grub.device = "/dev/sda"; + boot.loader.grub = { + devices = ["/dev/sda"]; + efiSupport = true; + efiInstallAsRemovable = true; + }; } diff --git a/modules/nixos/impermanence.nix b/modules/nixos/impermanence.nix index 7f0062b..91e0dd7 100644 --- a/modules/nixos/impermanence.nix +++ b/modules/nixos/impermanence.nix @@ -7,6 +7,7 @@ "/var/log" "/var/lib/nixos" "/var/lib/systemd/coredump" + "/etc/ssh" ]; files = [ "/etc/machine-id" diff --git a/modules/nixos/laptop.nix b/modules/nixos/laptop.nix index 9002c49..314fead 100644 --- a/modules/nixos/laptop.nix +++ b/modules/nixos/laptop.nix @@ -33,7 +33,5 @@ "/var/lib/bluetooth" # wifi connections "/etc/NetworkManager/system-connections" - # machine ssh keys - "/etc/ssh" ]; } diff --git a/modules/nixos/machines/109-199-104-83.nix b/modules/nixos/machines/109-199-104-83.nix new file mode 100644 index 0000000..85399e9 --- /dev/null +++ b/modules/nixos/machines/109-199-104-83.nix @@ -0,0 +1,49 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; + boot.initrd.kernelModules = []; + boot.kernelModules = []; + boot.extraModulePackages = []; + + fileSystems."/" = { + device = "tmpfs"; + fsType = "tmpfs"; + options = ["defaults" "mode=755"]; + }; + + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/3457e181-b01d-4712-809d-c8b65e863992"; + fsType = "btrfs"; + options = ["subvol=nix"]; + }; + + fileSystems."/persist" = { + device = "/dev/disk/by-uuid/3457e181-b01d-4712-809d-c8b65e863992"; + fsType = "btrfs"; + options = ["subvol=persist"]; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/05FB-0941"; + fsType = "vfat"; + options = ["fmask=0022" "dmask=0022"]; + }; + + swapDevices = []; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + + system.stateVersion = "26.05"; +} diff --git a/modules/nixos/machines/lenovo.nix b/modules/nixos/machines/lenovo.nix new file mode 100644 index 0000000..86255b1 --- /dev/null +++ b/modules/nixos/machines/lenovo.nix @@ -0,0 +1,73 @@ +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [(modulesPath + "/installer/scan/not-detected.nix")]; + boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "sdhci_pci"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/5455cfb4-0efd-4f55-b496-d2cab3f419b7"; + fsType = "btrfs"; + options = ["subvol=root"]; + }; + + boot.initrd.postResumeCommands = lib.mkAfter '' + mkdir /btrfs_tmp + mount ${config.fileSystems."/".device} /btrfs_tmp + if [[ -e /btrfs_tmp/root ]]; then + mkdir -p /btrfs_tmp/old_roots + timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:$M:%S") + mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp" + fi + + delete_subvolume_recursively() { + IFS=$'\n' + for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do + delete_subvolume_recursively "/btrfs_tmp/$i" + done + btrfs subvolume delete "$1" + } + + for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do + delete_subvolume_recursively "$i" + done + + btrfs subvolume create /btrfs_tmp/root + mkdir /btrfs_tmp/root/persist + mkdir /btrfs_tmp/root/etc + mount ${config.fileSystems."/persist".device} /btrfs_tmp/root/persist -o subvol=persist + cp /btrfs_tmp/root/persist/etc/ssh /btrfs_tmp/root/etc/ssh -r + umount /btrfs_tmp/root/persist + rm -r /btrfs_tmp/root/persist + umount /btrfs_tmp + ''; + + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/0e586651-36f4-42b0-99b3-3f0704a894d6"; + fsType = "btrfs"; + }; + + fileSystems."/persist" = { + device = "/dev/disk/by-uuid/5455cfb4-0efd-4f55-b496-d2cab3f419b7"; + fsType = "btrfs"; + options = ["subvol=persist"]; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/F425-55BA"; + fsType = "vfat"; + options = ["fmask=0022" "dmask=0022"]; + }; + + swapDevices = []; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + system.stateVersion = "26.05"; +} diff --git a/modules/nixos/networking/networks/109-199-104-83.nix b/modules/nixos/networking/networks/109-199-104-83.nix index 2cacb55..ad599b1 100644 --- a/modules/nixos/networking/networks/109-199-104-83.nix +++ b/modules/nixos/networking/networks/109-199-104-83.nix @@ -1,7 +1,6 @@ { networking = { - useNetworkd = true; - usePredictableInterfaceNames = true; + useDHCP = false; hostName = "109-199-104-83"; firewall = { enable = true; @@ -9,19 +8,8 @@ allowedUDPPorts = [80 443]; }; }; - systemd.network = { + services.cloud-init = { enable = true; - networks."40-wan" = { - matchConfig.Name = "enx0050565f4fff"; - address = ["2a02:c207:2299:8419::1/64" "109.199.104.83/20"]; - routes = [ - { - Gateway = "109.199.96.1"; - GatewayOnLink = true; - } - {Gateway = "fe80::1";} - ]; - dns = ["2620:fe::fe" "9.9.9.9"]; - }; + network.enable = true; }; } -- cgit v1.3