diff --git a/common/services.nix b/common/services.nix index 7f54d98..5a5d950 100755 --- a/common/services.nix +++ b/common/services.nix @@ -15,6 +15,7 @@ zfs nixos-generators sqlite + bun ]; services.openssh.enable = true; diff --git a/flake.nix b/flake.nix index ccd8978..50cf7d1 100755 --- a/flake.nix +++ b/flake.nix @@ -20,6 +20,8 @@ microvm.url = "github:astro/microvm.nix"; microvm.inputs.nixpkgs.follows = "nixpkgs"; + disko.url = "github:nix-community/disko/v1.11.0"; + catppuccin.url = "github:catppuccin/nix"; home-manager = { url = "github:nix-community/home-manager"; @@ -115,6 +117,23 @@ { imports = builtins.attrValues nixosModules; } ]; }; + + baal = nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + specialArgs = { + inherit inputs; + system = "aarch64-linux"; + }; + modules = [ + ./hosts/baal + + agenix.nixosModules.default + disko.nixosModules.disko + + { imports = builtins.attrValues nixosModules; } + + ]; + }; }; }; } diff --git a/hosts/baal/default.nix b/hosts/baal/default.nix new file mode 100644 index 0000000..f4055b9 --- /dev/null +++ b/hosts/baal/default.nix @@ -0,0 +1,42 @@ +{ config, lib, pkgs, modulesPath, inputs, ... }: +{ + imports = [ + ./hardware.nix + ./secrets.nix + + ../../common/system.nix + ../../common/users.nix + ../../common/services.nix + + ../../host-secrets.nix + ]; + + boot = { + loader = { + systemd-boot.enable = true; + efi = { + canTouchEfiVariables = true; + efiSysMountPoint = "/boot"; + }; + }; + initrd.systemd.enable = true; + }; + + system.stateVersion = "24.11"; + nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; + + systemd.targets.multi-user.enable = true; + + networking = { + hostName = "baal"; + hostId = "aaaaaaaa"; + networkmanager.enable = true; + }; + + virtualisation.docker = { + enable = true; + enableOnBoot = true; + }; + + documentation.enable = false; +} diff --git a/hosts/baal/hardware.nix b/hosts/baal/hardware.nix new file mode 100644 index 0000000..0a5e8c0 --- /dev/null +++ b/hosts/baal/hardware.nix @@ -0,0 +1,55 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "virtio_pci" "virtio_scsi" "usbhid" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s6.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; + + disko.devices = { + disk = { + main = { + type = "disk"; + device = "/dev/sda"; + content = { + type = "gpt"; + partitions = { + boot = { + size = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/baal/secrets.nix b/hosts/baal/secrets.nix new file mode 100644 index 0000000..0db3279 --- /dev/null +++ b/hosts/baal/secrets.nix @@ -0,0 +1,3 @@ +{ + +}