--- /dev/null
+# Machines
+
+```shell
+nixos-rebuild --target-host <machine> --sudo --flake . switch
+```
--- /dev/null
+{
+ "nodes": {
+ "disko": {
+ "inputs": {
+ "nixpkgs": [
+ "nixpkgs"
+ ]
+ },
+ "locked": {
+ "lastModified": 1769524058,
+ "narHash": "sha256-zygdD6X1PcVNR2PsyK4ptzrVEiAdbMqLos7utrMDEWE=",
+ "owner": "nix-community",
+ "repo": "disko",
+ "rev": "71a3fc97d80881e91710fe721f1158d3b96ae14d",
+ "type": "github"
+ },
+ "original": {
+ "id": "disko",
+ "type": "indirect"
+ }
+ },
+ "nixpkgs": {
+ "locked": {
+ "lastModified": 1770380644,
+ "narHash": "sha256-P7dWMHRUWG5m4G+06jDyThXO7kwSk46C1kgjEWcybkE=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "ae67888ff7ef9dff69b3cf0cc0fbfbcd3a722abe",
+ "type": "github"
+ },
+ "original": {
+ "id": "nixpkgs",
+ "type": "indirect"
+ }
+ },
+ "root": {
+ "inputs": {
+ "disko": "disko",
+ "nixpkgs": "nixpkgs"
+ }
+ }
+ },
+ "root": "root",
+ "version": 7
+}
--- /dev/null
+{
+ inputs = {
+ nixpkgs.url = "nixpkgs";
+
+ disko = {
+ url = "disko";
+ inputs.nixpkgs.follows = "nixpkgs";
+ };
+ };
+
+ outputs = { nixpkgs, disko, ... }: let
+ hostname = "levanter";
+ device = "/dev/sda";
+ in {
+ nixosConfigurations.${hostname} = nixpkgs.lib.nixosSystem {
+ specialArgs = { inherit device hostname; };
+
+ modules = [
+ disko.nixosModules.disko
+ ./levanter/configuration.nix
+ ];
+ };
+ };
+}
--- /dev/null
+{ device, hostname, ... }: {
+ imports = [
+ ./hardware-configuration.nix
+ ./disko.nix
+ ./komuhn-website.nix
+ ];
+
+ boot.loader.grub = {
+ enable = true;
+ inherit device;
+ };
+
+ networking.hostName = hostname;
+
+ security.pam = {
+ sshAgentAuth.enable = true;
+ services."sudo".sshAgentAuth = true;
+ };
+
+ services.openssh.enable = true;
+
+ users = {
+ mutableUsers = false;
+
+ users."ayo" = {
+ isNormalUser = true;
+ extraGroups = [ "wheel" ];
+
+ openssh.authorizedKeys.keys = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIeBrQONJC4u4M0/gYhsMMcVxs+mVlk5bmT7vtReEyK7 ayo@monsoon"
+ ];
+ };
+ };
+
+ system.stateVersion = "26.05";
+ nix.settings.trusted-users = [ "ayo" ];
+}
--- /dev/null
+{ device, ... }: {
+ disko.devices.disk.${device} = {
+ inherit device;
+
+ content = {
+ type = "gpt";
+
+ partitions = {
+ "boot" = {
+ type = "ef02";
+ size = "1M";
+ };
+
+ "root".content = {
+ type = "filesystem";
+ format = "ext4";
+ mountpoint = "/";
+ };
+ };
+ };
+ };
+}
--- /dev/null
+# Do not modify this file! It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations. Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+ imports =
+ [ (modulesPath + "/profiles/qemu-guest.nix")
+ ];
+
+ boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" ];
+ boot.initrd.kernelModules = [ ];
+ boot.kernelModules = [ "kvm-intel" ];
+ boot.extraModulePackages = [ ];
+
+ # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+ # (the default) this is the recommended approach. When using systemd-networkd it's
+ # still possible to use this option, but it's recommended to use it in conjunction
+ # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+ networking.useDHCP = lib.mkDefault true;
+ # networking.interfaces.ens3.useDHCP = lib.mkDefault true;
+
+ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}
--- /dev/null
+{ pkgs, ... }: {
+ networking.firewall.allowedTCPPorts = [ 443 ];
+
+ services.wordpress = {
+ webserver = "caddy";
+
+ sites."komuhn.org" = {
+ themes = {
+ "komuhn" = pkgs.stdenv.mkDerivation {
+ name = "komuhn-theme";
+
+ src = pkgs.fetchFromGitHub {
+ owner = "teamkomuhn";
+ repo = "komuhn.org-old";
+ rev = "main";
+ hash = "sha256-sn9Fvt1DCGVzKVZClmPRL0SadD9krX+h8nwwWwZz0P0=";
+ };
+
+ installPhase = "mkdir -p $out; cp -R * $out/";
+ };
+ };
+
+ extraConfig = "$table_prefix = \"fwt_\";";
+ };
+ };
+}
projects / machines.git / commitdiff