From: Ayo Reis <hey@ayoreis.com>
Date: Sat, 7 Feb 2026 19:10:54 +0000 (+0000)
Subject: Configure levanter
X-Git-Url: https://git.ayoreis.com/machines.git/commitdiff_plain/5e0a5c52e7689f605d35b00d2a161ae68befc4f2?ds=inline

Configure levanter
---

5e0a5c52e7689f605d35b00d2a161ae68befc4f2
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..1da016d
--- /dev/null
+++ b/README.md
@@ -0,0 +1,5 @@
+# Machines
+
+```shell
+nixos-rebuild --target-host <machine> --sudo --flake . switch
+```
diff --git a/flake.lock b/flake.lock
new file mode 100644
index 0000000..e73b6c7
--- /dev/null
+++ b/flake.lock
@@ -0,0 +1,45 @@
+{
+  "nodes": {
+    "disko": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1769524058,
+        "narHash": "sha256-zygdD6X1PcVNR2PsyK4ptzrVEiAdbMqLos7utrMDEWE=",
+        "owner": "nix-community",
+        "repo": "disko",
+        "rev": "71a3fc97d80881e91710fe721f1158d3b96ae14d",
+        "type": "github"
+      },
+      "original": {
+        "id": "disko",
+        "type": "indirect"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1770380644,
+        "narHash": "sha256-P7dWMHRUWG5m4G+06jDyThXO7kwSk46C1kgjEWcybkE=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "ae67888ff7ef9dff69b3cf0cc0fbfbcd3a722abe",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "type": "indirect"
+      }
+    },
+    "root": {
+      "inputs": {
+        "disko": "disko",
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/flake.nix b/flake.nix
new file mode 100644
index 0000000..99ff495
--- /dev/null
+++ b/flake.nix
@@ -0,0 +1,24 @@
+{
+	inputs = {
+		nixpkgs.url = "nixpkgs";
+
+		disko = {
+			url = "disko";
+			inputs.nixpkgs.follows = "nixpkgs";
+		};
+	};
+
+	outputs = { nixpkgs, disko, ... }: let
+		hostname = "levanter";
+		device = "/dev/sda";
+	in {
+		nixosConfigurations.${hostname} = nixpkgs.lib.nixosSystem {
+			specialArgs = { inherit device hostname; };
+
+			modules = [
+				disko.nixosModules.disko
+				./levanter/configuration.nix
+			];
+		};
+	};
+}
diff --git a/levanter/configuration.nix b/levanter/configuration.nix
new file mode 100644
index 0000000..79ff330
--- /dev/null
+++ b/levanter/configuration.nix
@@ -0,0 +1,37 @@
+{ device, hostname, ... }: {
+	imports = [
+		./hardware-configuration.nix
+		./disko.nix
+		./komuhn-website.nix
+	];
+
+	boot.loader.grub = {
+		enable = true;
+		inherit device;
+	};
+
+	networking.hostName = hostname;
+
+	security.pam = {
+		sshAgentAuth.enable = true;
+		services."sudo".sshAgentAuth = true;
+	};
+
+	services.openssh.enable = true;
+
+	users = {
+		mutableUsers = false;
+
+		users."ayo" = {
+			isNormalUser = true;
+			extraGroups = [ "wheel" ];
+
+			openssh.authorizedKeys.keys = [
+				"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIeBrQONJC4u4M0/gYhsMMcVxs+mVlk5bmT7vtReEyK7 ayo@monsoon"
+			];
+		};
+	};
+
+	system.stateVersion = "26.05";
+	nix.settings.trusted-users = [ "ayo" ];
+}
diff --git a/levanter/disko.nix b/levanter/disko.nix
new file mode 100644
index 0000000..2048867
--- /dev/null
+++ b/levanter/disko.nix
@@ -0,0 +1,22 @@
+{ device, ... }: {
+	disko.devices.disk.${device} = {
+		inherit device;
+
+		content = {
+			type = "gpt";
+
+			partitions = {
+				"boot" = {
+					type = "ef02";
+					size = "1M";
+				};
+
+				"root".content = {
+					type = "filesystem";
+					format = "ext4";
+					mountpoint = "/";
+				};
+			};
+		};
+	};
+}
diff --git a/levanter/hardware-configuration.nix b/levanter/hardware-configuration.nix
new file mode 100644
index 0000000..2a79775
--- /dev/null
+++ b/levanter/hardware-configuration.nix
@@ -0,0 +1,24 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.ens3.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}
diff --git a/levanter/komuhn-website.nix b/levanter/komuhn-website.nix
new file mode 100644
index 0000000..28e10ad
--- /dev/null
+++ b/levanter/komuhn-website.nix
@@ -0,0 +1,26 @@
+{ pkgs, ... }: {
+	networking.firewall.allowedTCPPorts = [ 443 ];
+
+	services.wordpress = {
+		webserver = "caddy";
+
+		sites."komuhn.org" = {
+			themes = {
+				"komuhn" = pkgs.stdenv.mkDerivation {
+					name = "komuhn-theme";
+
+					src = pkgs.fetchFromGitHub {
+						owner = "teamkomuhn";
+						repo = "komuhn.org-old";
+						rev = "main";
+						hash = "sha256-sn9Fvt1DCGVzKVZClmPRL0SadD9krX+h8nwwWwZz0P0=";
+					};
+
+					installPhase = "mkdir -p $out; cp -R * $out/";
+				};
+			};
+
+			extraConfig = "$table_prefix = \"fwt_\";";
+		};
+	};
+}