cascade/nixos
8
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

updates for 2025

Browse Source
This commit is contained in:
James Andariese 2025-04-18 16:13:34 -05:00
parent 1c95536358
commit db35575200
5 changed files with 39 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Makefile
View File

@ -1,4 +1,5 @@
installer.iso: flake.nix modules hosts/installer.nix
nix build .#nixosConfigurations.installer.config.system.build.isoImage
rm -f installer.iso
cp result/iso/nixos-*.iso installer.iso

14
hosts/installer.nix
View File

@ -70,11 +70,11 @@ let installer = pkgs.writeShellApplication {
mount /dev/disk/by-label/BOOT /mnt/boot
mkdir -p /mnt/root
TOKEN="$(dig +short lan-git-token.cascade TXT | tr -d '"')"
TOKEN="$(dig +short lan-auth-token.strudelline.net TXT | tr -d '"')"
umask 0077
mkdir -p /root
printf 'machine git.strudelline.net\nlogin james\npassword %s\n' "$TOKEN" > /root/.netrc
printf 'machine git.strudelline.net\nlogin james\npassword %s\n' "$TOKEN" > /mnt/root/.netrc
printf 'machine git.strudelline.net\nlogin lan-auth\npassword %s\n' "$TOKEN" > /root/.netrc
printf 'machine git.strudelline.net\nlogin lan-auth\npassword %s\n' "$TOKEN" > /mnt/root/.netrc
nixos-install --flake git+https://git.strudelline.net/cascade/nixos#"$HOSTNAME" --impure --no-root-password
'';
@ -82,6 +82,14 @@ let installer = pkgs.writeShellApplication {
in
{
imports = [ (modulesPath + "/installer/cd-dvd/installation-cd-minimal.nix") ];
boot.kernelParams = [ "console=ttyS0,115200n8" ];
boot.loader.grub.extraConfig = "
serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial
terminal_output serial
";
environment.systemPackages = [
installer
];

4
modules/k3s.nix
View File

@ -12,8 +12,8 @@ in
{
networking.nameservers = [
172.16.1.53
172.16.1.8
"172.16.1.53"
"172.16.1.8"
];
system.activationScripts."corenet-flux" = mkIf true ''

23
modules/users.nix Normal file
View File

@ -0,0 +1,23 @@
{config, lib, ...}:
with builtins;
with lib;
let adminGroups =
filter (x: hasAttr x config.users.groups) [ "users" "networkmanager" "wheel" "keyd" "tss" "plugdev" "uinput" "tss" "disk" "dialout" "kvm" "docker" "libvirtd" ]
;
adminUser = name: { hashedPassword, sshKeys ? [], ...}@options: {
users.users."${name}" = {
isNormalUser = true;
description = name;
linger = true;
extraGroups = adminGroups;
hashedPassword = hashedPassword;
openssh.authorizedKeys.keys = if (isList sshKeys) then sshKeys else [ sshKeys ];
};
};
in
{ config = mkMerge [
(adminUser "james" {
hashedPassword = "$6$rounds=3329299$pm3dw//wbFgSL3vc$9oXIvCyHqvQHpcn0cvn686mlbt5T4Qd4c5vgSdI8oNhVGXb7pteLyzN.b2pJ3w22NsPovWoL9M.ScyJXRTPP10";
sshKeys = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA2FMpfO9p2xfATWwaqpT3cGwYOtraiTMfmRXDBI7jrR james";
})
];}

2
types/server.nix
View File

@ -5,6 +5,8 @@
../modules/session.nix
../modules/server.nix
../modules/systemd-efi.nix
../modules/luks.nix
../modules/users.nix
../modules/k3s.nix
];