Setup Commit

hosts/base.nix

@@ -0,0 +1,91 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, lib, ... }:
+
+{
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+
+  boot = {
+    loader = lib.mkDefault {
+      efi.canTouchEfiVariables = false;
+      grub = {
+        enable = true;
+        efiSupport = true;
+        efiInstallAsRemovable = true;
+        devices = ["nodev"];
+      };
+    };
+    kernelParams = [ "ipv6.disable=1" ];
+  };
+
+  # system.autoUpgrade = mkDefault {
+  #   enable = true;
+  #   flake = "https://git.nyxerinys.dev/nyxerinys/nix-config";
+  #   flags = [
+  #     "--update-input" "nixpkgs"
+  #     "--update-input" "secrets"
+  #     "--commit-lock-file"
+  #   ];
+  #   dates = "04:00"; # Runs every day at 4 AM
+  #   randomizedDelaySec = "1h"; # Prevents all your machines from hitting the repo at once
+  # };
+
+  networking.hostName = lib.mkDefault "nixos";
+
+  # Enable networking
+  networking.networkmanager = { enable = true; };
+  networking.enableIPv6 = false;
+  # Set your time zone.
+  time.timeZone = "America/Chicago";
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "en_US.UTF-8";
+    LC_IDENTIFICATION = "en_US.UTF-8";
+    LC_MEASUREMENT = "en_US.UTF-8";
+    LC_MONETARY = "en_US.UTF-8";
+    LC_NAME = "en_US.UTF-8";
+    LC_NUMERIC = "en_US.UTF-8";
+    LC_PAPER = "en_US.UTF-8";
+    LC_TELEPHONE = "en_US.UTF-8";
+    LC_TIME = "en_US.UTF-8";
+  };
+
+  # Configure keymap in X11
+  services.xserver.xkb = {
+    layout = "us";
+    variant = "";
+  };
+
+  users.users.nyxerinys = {
+    isNormalUser = true;
+    description = "Nyx";
+    extraGroups = [ "networkmanager" "wheel"];
+    packages = with pkgs; [];
+    openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7wPByAa6fsn7deoMRbnveEVXgwP8CTs3A1yCGCe+YRSDjS64MMcr5zoHjvlpKfRdsFCaiEXCnNiMSC9sZfmvZOFO3ptecNFnmt6gAZ7X67bYdTQedwiy7mK6JXAiRmv83YSblL5DaQY+jswIeTTyVk5A76tnCOzFVfFyRd0QOmjmF1vu0ii2zhVvODsfrB3wi7+fbPYONIA7nUVL13UFvavOKtEupSdN3LGhiYKNItrTzmCCSOPpttrkj/Bvqspt6kPJE82n+ryoWpOmzAsz+YdHCsZN16CDwkOOWzD2HrHzDUEt50kImlpTFthhGfysp7zO9dalZApMH5yPH7kRjztwBmttLh9b2+j08j/Z48WsHCyZaQws7xLW/08bh/4xGL5yoQeZ00UHWrJbH/WEnfKWpsQ9YJmA3xD3FVOvGjslmVHzBqCes9XRbTkLJTcOhTsBOYsZ0Eq6oZQ2AyFqWnn2RT604HtVmDqjtVMd2DEPkAmhCj2OW9ygjBFTnF8G55O2Pd2g9Y7zSv3i6F97ztQeqbNUfuAgEQ+9QYbEgxXVXMLnKIAZG+TBScl5Nk+mm/4oeKlESCfjgi5HIeda8IENEE48XJknb9MDpL1XP2s4fbnBRQS9f+OsDj5i86PAgLeEbVaq9OgifdxZKSTi6jZg4m3ZBGhK8kFjnbrKgMQ==" ];
+  };
+
+  nixpkgs.config.allowUnfree = true;
+
+  environment.systemPackages = with pkgs; [
+    git
+    pciutils
+    sysstat
+    xivlauncher
+  ];
+
+  services.openssh.enable = true;
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "25.11"; # Did you read the comment?
+
+}

hosts/servers/blades/1-alpha/default.nix

@@ -0,0 +1,33 @@
+{ config, pkgs, lib, ... }:
+{
+  imports = [
+    ../../../../modules/vrrp.nix
+    ../../../../modules/nginx.nix
+  ];
+
+  networking.hostName = "alpha";
+
+  nyxs-nix.services.vrrp = {
+    enable = true;
+    priority = 200;
+    peers = [
+      "10.5.0.102"
+    ];
+  };
+
+  systemd.network.links."10-eth0" = {
+    matchConfig.PermanentMACAddress = "00:25:90:e6:e1:0e";
+    linkConfig.Name = "eth0";
+  };
+  
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/29a440ba-305c-4041-b45d-502b5cf3a514";
+    fsType = "ext4";
+  };
+
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/A579-28EC";
+    fsType = "vfat";
+    options = [ "fmask=0077" "dmask=0077" ];
+  };
+}

hosts/servers/blades/2-beta/default.nix

@@ -0,0 +1,33 @@
+{ config, pkgs, lib, ... }:
+{
+  imports = [
+    ../../../../modules/vrrp.nix
+    ../../../../modules/nginx.nix
+  ];
+
+  networking.hostName = "beta";
+
+  nyxs-nix.services.vrrp = {
+    enable = true;
+    priority = 150;
+    peers = [
+      "10.5.0.101"
+    ];
+  };
+
+  systemd.network.links."10-eth0" = {
+    matchConfig.PermanentMACAddress = "00:25:90:e6:e1:10";
+    linkConfig.Name = "eth0";
+  };
+
+  fileSystems."/" = { 
+    device = "/dev/disk/by-uuid/7422bf7a-0760-41f2-aad3-28eff66c4b4d";
+    fsType = "ext4";
+  };
+
+  fileSystems."/boot" = { 
+    device = "/dev/disk/by-uuid/0DED-C0F5";
+    fsType = "vfat";
+    options = [ "fmask=0077" "dmask=0077" ];
+  };
+}

hosts/servers/blades/3-gamma/default.nix

@@ -0,0 +1,29 @@
+{ config, pkgs, lib, ... }:
+{
+  imports = [
+    ../../../../modules/k3s
+  ];
+
+  networking.hostName = "gamma";
+
+  nyxs-nix.services.k3s = {
+    enable = true;
+    initServer = true;
+  };
+
+  systemd.network.links."10-eth0" = {
+    matchConfig.PermanentMACAddress = "00:25:90:e6:e1:09";
+    linkConfig.Name = "eth0";
+  };
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/8d8325bb-b5ba-469b-8054-b295bbbc70c2";
+    fsType = "ext4";
+  };
+
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/0954-3305";
+    fsType = "vfat";
+    options = [ "fmask=0077" "dmask=0077" ];
+  };
+}

hosts/servers/blades/4-delta/default.nix

@@ -0,0 +1,28 @@
+{ config, pkgs, lib, ... }:
+{
+  imports = [
+    ../../../../modules/k3s
+  ];
+
+  networking.hostName = "delta";
+
+  nyxs-nix.services.k3s = {
+    enable = true;
+  };
+
+  systemd.network.links."10-eth0" = {
+    matchConfig.PermanentMACAddress = "00:25:90:e6:e1:63";
+    linkConfig.Name = "eth0";
+  };
+
+  fileSystems."/" = { 
+    device = "/dev/disk/by-uuid/103ed8d1-3681-4d67-938c-e7349447fcbb";
+    fsType = "ext4";
+  };
+
+  fileSystems."/boot" = { 
+    device = "/dev/disk/by-uuid/4EB3-06A1";
+    fsType = "vfat";
+    options = [ "fmask=0077" "dmask=0077" ];
+  };
+}

hosts/servers/blades/5-epsilon/default.nix

@@ -0,0 +1,28 @@
+{ config, pkgs, lib, ... }:
+{
+  imports = [
+    ../../../../modules/k3s
+  ];
+
+  networking.hostName = "epsilon";
+
+  nyxs-nix.services.k3s = {
+    enable = true;
+  };
+
+  systemd.network.links."10-eth0" = {
+    matchConfig.PermanentMACAddress = "00:25:90:e6:e1:21";
+    linkConfig.Name = "eth0";
+  };
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/a0c8475c-cda8-4ceb-bbad-50d9537924be";
+    fsType = "ext4";
+  };
+
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/8D63-DF1F";
+    fsType = "vfat";
+    options = [ "fmask=0077" "dmask=0077" ];
+  };
+}

hosts/servers/blades/default.nix

@@ -0,0 +1,8 @@
+{ config, lib, pkgs, modulesPath, ... }: 
+{
+  imports = [ 
+    ./hardware.nix
+    ../../../modules/sops.nix
+  ];
+
+}

hosts/servers/blades/hardware.nix

@@ -0,0 +1,16 @@
+{ config, lib, pkgs, modulesPath, ... }: 
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+  
+  swapDevices = [ ];
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

hosts/servers/blades/systems.nix

@@ -0,0 +1,43 @@
+{ inputs }:
+{
+  alpha = inputs.nixpkgs.lib.nixosSystem {
+    modules = [
+      ../../base.nix
+      ../blades
+      ./1-alpha
+    ];
+    specialArgs = { inherit inputs; };
+  };
+  beta = inputs.nixpkgs.lib.nixosSystem {
+    modules = [
+      ../../base.nix
+      ../blades
+      ./2-beta
+    ];
+    specialArgs = { inherit inputs; };
+  };
+  gamma = inputs.nixpkgs.lib.nixosSystem {
+    modules = [
+      ../../base.nix
+      ../blades
+      ./3-gamma
+    ];
+    specialArgs = { inherit inputs; };
+  };
+  delta = inputs.nixpkgs.lib.nixosSystem {
+    modules = [
+      ../../base.nix
+      ../blades
+      ./4-delta
+    ];
+    specialArgs = { inherit inputs; };
+  };
+  epsilon = inputs.nixpkgs.lib.nixosSystem {
+    modules = [
+      ../../base.nix
+      ../blades
+      ./5-epsilon
+    ];
+    specialArgs = { inherit inputs; };
+  };
+}

hosts/servers/iris/default.nix

@@ -0,0 +1,27 @@
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+    ../../modules/sops.nix
+  ];
+
+  networking.hostName = "iris";
+
+  boot.loader.grub.enable = false;
+  boot.loader.generic-extlinux-compatible.enable = true;
+
+  boot.initrd.availableKernelModules = [ "usbhid" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
+      fsType = "ext4";
+    };
+
+  swapDevices = [ ];
+
+  nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
+}