Configure levanter

diff --git a/README.md b/README.md
new file mode 100644 (file)
index 0000000..1da016d
--- /dev/null
+++ b/README.md
@@ -0,0 +1,5 @@
+# Machines
+
+```shell
+nixos-rebuild --target-host <machine> --sudo --flake . switch
+```

diff --git a/flake.lock b/flake.lock
new file mode 100644 (file)
index 0000000..e73b6c7
--- /dev/null
+++ b/flake.lock
@@ -0,0 +1,45 @@
+{
+  "nodes": {
+    "disko": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1769524058,
+        "narHash": "sha256-zygdD6X1PcVNR2PsyK4ptzrVEiAdbMqLos7utrMDEWE=",
+        "owner": "nix-community",
+        "repo": "disko",
+        "rev": "71a3fc97d80881e91710fe721f1158d3b96ae14d",
+        "type": "github"
+      },
+      "original": {
+        "id": "disko",
+        "type": "indirect"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1770380644,
+        "narHash": "sha256-P7dWMHRUWG5m4G+06jDyThXO7kwSk46C1kgjEWcybkE=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "ae67888ff7ef9dff69b3cf0cc0fbfbcd3a722abe",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "type": "indirect"
+      }
+    },
+    "root": {
+      "inputs": {
+        "disko": "disko",
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}

diff --git a/flake.nix b/flake.nix
new file mode 100644 (file)
index 0000000..99ff495
--- /dev/null
+++ b/flake.nix
@@ -0,0 +1,24 @@
+{
+       inputs = {
+               nixpkgs.url = "nixpkgs";
+
+               disko = {
+                       url = "disko";
+                       inputs.nixpkgs.follows = "nixpkgs";
+               };
+       };
+
+       outputs = { nixpkgs, disko, ... }: let
+               hostname = "levanter";
+               device = "/dev/sda";
+       in {
+               nixosConfigurations.${hostname} = nixpkgs.lib.nixosSystem {
+                       specialArgs = { inherit device hostname; };
+
+                       modules = [
+                               disko.nixosModules.disko
+                               ./levanter/configuration.nix
+                       ];
+               };
+       };
+}

diff --git a/levanter/configuration.nix b/levanter/configuration.nix
new file mode 100644 (file)
index 0000000..79ff330
--- /dev/null
+++ b/levanter/configuration.nix
@@ -0,0 +1,37 @@
+{ device, hostname, ... }: {
+       imports = [
+               ./hardware-configuration.nix
+               ./disko.nix
+               ./komuhn-website.nix
+       ];
+
+       boot.loader.grub = {
+               enable = true;
+               inherit device;
+       };
+
+       networking.hostName = hostname;
+
+       security.pam = {
+               sshAgentAuth.enable = true;
+               services."sudo".sshAgentAuth = true;
+       };
+
+       services.openssh.enable = true;
+
+       users = {
+               mutableUsers = false;
+
+               users."ayo" = {
+                       isNormalUser = true;
+                       extraGroups = [ "wheel" ];
+
+                       openssh.authorizedKeys.keys = [
+                               "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIeBrQONJC4u4M0/gYhsMMcVxs+mVlk5bmT7vtReEyK7 ayo@monsoon"
+                       ];
+               };
+       };
+
+       system.stateVersion = "26.05";
+       nix.settings.trusted-users = [ "ayo" ];
+}

diff --git a/levanter/disko.nix b/levanter/disko.nix
new file mode 100644 (file)
index 0000000..2048867
--- /dev/null
+++ b/levanter/disko.nix
@@ -0,0 +1,22 @@
+{ device, ... }: {
+       disko.devices.disk.${device} = {
+               inherit device;
+
+               content = {
+                       type = "gpt";
+
+                       partitions = {
+                               "boot" = {
+                                       type = "ef02";
+                                       size = "1M";
+                               };
+
+                               "root".content = {
+                                       type = "filesystem";
+                                       format = "ext4";
+                                       mountpoint = "/";
+                               };
+                       };
+               };
+       };
+}

diff --git a/levanter/hardware-configuration.nix b/levanter/hardware-configuration.nix
new file mode 100644 (file)
index 0000000..2a79775
--- /dev/null
+++ b/levanter/hardware-configuration.nix
@@ -0,0 +1,24 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.ens3.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}

diff --git a/levanter/komuhn-website.nix b/levanter/komuhn-website.nix
new file mode 100644 (file)
index 0000000..28e10ad
--- /dev/null
+++ b/levanter/komuhn-website.nix
@@ -0,0 +1,26 @@
+{ pkgs, ... }: {
+       networking.firewall.allowedTCPPorts = [ 443 ];
+
+       services.wordpress = {
+               webserver = "caddy";
+
+               sites."komuhn.org" = {
+                       themes = {
+                               "komuhn" = pkgs.stdenv.mkDerivation {
+                                       name = "komuhn-theme";
+
+                                       src = pkgs.fetchFromGitHub {
+                                               owner = "teamkomuhn";
+                                               repo = "komuhn.org-old";
+                                               rev = "main";
+                                               hash = "sha256-sn9Fvt1DCGVzKVZClmPRL0SadD9krX+h8nwwWwZz0P0=";
+                                       };
+
+                                       installPhase = "mkdir -p $out; cp -R * $out/";
+                               };
+                       };
+
+                       extraConfig = "$table_prefix = \"fwt_\";";
+               };
+       };
+}