diff --git a/README.md b/README.md index 7da3091b..e89685ac 100644 --- a/README.md +++ b/README.md @@ -53,6 +53,30 @@ The `(modulesPath + "/installer/sd-card/sd-image-aarch64.nix")` allows this. - profit +## Hetzner, nixos-anywhere +References: +- +- + +I haven't figured out how to use raid on this machine, as it failed half-way +through the installer when I used the raid configuration. + +### Pitfalls +- nixos-anywhere will wipe the disk, even if you use the flag `--generate-hardware-config`. + +- The command is quite long and isn't non-flake friendly. + Note that the diskoScript has to come before toplevel derivation. + Read more on the order . + ```fish + nixos-anywhere \ + --generate-hardware-config nixos-generate-config ./hardware-configuration.nix \ + -i \ + --store-paths $(nix-build --no-out-link \ + -A nixosConfigurations.hetzner_benchmark.config.system.build.diskoScript \ + -A nixosConfigurations.hetzner_benchmark.config.system.build.toplevel) \ + @ + ``` + # Pitfalls ## `users.mutableUsers` NEVER set this to true without declaratively setting the passwords. diff --git a/default.nix b/default.nix index ccf69117..729c5d87 100644 --- a/default.nix +++ b/default.nix @@ -21,6 +21,12 @@ system = "x86_64-linux"; modules = [ ./nix/configurations/installer.nix ]; }; + + # Not mine, rented on hetzner + hetzner_benchmark = { + system = "x86_64-linux"; + modules = [ ./nix/configurations/hetzner_benchmark.nix ]; + }; }; packages = import ./nix/packages { inherit sources; }; diff --git a/nix/configurations/hetzner_benchmark.nix b/nix/configurations/hetzner_benchmark.nix new file mode 100644 index 00000000..6664da7d --- /dev/null +++ b/nix/configurations/hetzner_benchmark.nix @@ -0,0 +1,111 @@ +# The hetzner machine rented to benchmark the cabal comment parser +let + sources = import ../../npins; + + hostname = "hetzner_benchmark"; + username = "leana"; +in +{ + pkgs, + config, + lib, + ... +}: +let + inherit (lib.modules) mkAliasOptionModule; +in +{ + imports = [ + # + # Shorthands + # + (mkAliasOptionModule [ "me" ] [ "users" "users" username ]) + (mkAliasOptionModule [ "hm" ] [ "home-manager" "users" username ]) + + # + # hostname + # + { _module.args = { inherit hostname; }; } + + # + # nixpkgs + # + { + nixpkgs = { + overlays = map import [ + ../packages/overlay.nix + + # use lix everywhere and wrap it with nom + ../overlays/lix.nix + ../overlays/nix-monitored.nix + ]; + + # Set NIX_PATH and flake registry at the same time + # https://github.com/NixOS/nixpkgs/pull/254405 + flake.source = sources.nixpkgs; + }; + + nix.package = pkgs.nix-monitored; + + system.nixos.version = lib.substring 0 8 sources.nixpkgs.revision; + } + + ./hetzner_benchmark/nixos/hardware-configuration.nix + ./hetzner_benchmark/nixos/misc.nix + + ../nixosModules/common/fish.nix + ../nixosModules/common/disable-command-not-found.nix + ../nixosModules/common/network.nix + ../nixosModules/common/sudo-conf.nix + ../nixosModules/common/system-nixconf.nix + + ../nixosModules/extra/leana.nix + + # + # Extern modules + # + (sources.disko + "/module.nix") + ../disko/hetzner_benchmark/ext4.nix + + # + # home-manager + # + (sources.home-manager + "/nixos") + { + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + sharedModules = [ { home.stateVersion = lib.mkDefault config.system.stateVersion; } ]; + }; + + hm.imports = [ + # + # hostname + # + { _module.args = { inherit hostname; }; } + + # + # home modules + # + ./hetzner_benchmark/home/programs.nix + ./hetzner_benchmark/home/dev.nix + + ../homeModules/common/btop + ../homeModules/common/fish + ../homeModules/common/starship + ../homeModules/common/fzf.nix + ../homeModules/common/tmux + ../homeModules/common/vim + ../homeModules/common/direnv.nix + ../homeModules/common/git.nix + ../homeModules/common/gpg.nix + ../homeModules/common/leana.nix + ../homeModules/common/locale.nix + ../homeModules/common/packages.nix + ../homeModules/common/tealdeer.nix + + ../homeModules/extra/tmux-fish-integration.nix + ]; + } + ]; +} diff --git a/nix/configurations/hetzner_benchmark/home/dev.nix b/nix/configurations/hetzner_benchmark/home/dev.nix new file mode 100644 index 00000000..1a816999 --- /dev/null +++ b/nix/configurations/hetzner_benchmark/home/dev.nix @@ -0,0 +1,23 @@ +{ + programs.git = { + enable = true; + signing.signByDefault = false; # no need to setup the key + }; + + programs.gpg.enable = true; + + nix = { + settings = { + extra-substituters = [ + "https://ghc-nix.cachix.org" + "https://haskell-language-server.cachix.org" + "https://cache.iog.io" + ]; + extra-trusted-public-keys = [ + "ghc-nix.cachix.org-1:ziC/I4BPqeA4VbtOFpFpu6D1t6ymFvRWke/lc2+qjcg=" + "haskell-language-server.cachix.org-1:juFfHrwkOxqIOZShtC4YC1uT1bBcq2RSvC7OMKx0Nz8=" + "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=" + ]; + }; + }; +} diff --git a/nix/configurations/hetzner_benchmark/home/programs.nix b/nix/configurations/hetzner_benchmark/home/programs.nix new file mode 100644 index 00000000..edd900cd --- /dev/null +++ b/nix/configurations/hetzner_benchmark/home/programs.nix @@ -0,0 +1,54 @@ +# TODO: remove some packages for this machine +{ + pkgs, + lib, + config, + ... +}: +{ + home.sessionVariables = + let + fishCfg = config.programs.fish; + in + { + "SHELL" = lib.mkIf fishCfg.enable (lib.getExe fishCfg.package); + }; + + home.packages = [ + pkgs.stow + pkgs.zip + pkgs.unzip + pkgs.gnutar + pkgs.p7zip + pkgs.bc + pkgs.dig + pkgs.hutils + + # pretty tui tools + pkgs.du-dust + pkgs.tokei + pkgs.hyperfine + pkgs.watchexec + pkgs.onefetch + pkgs.just + ]; + + programs = { + neovim = { + enable = true; + defaultEditor = true; + }; + lazygit.enable = true; + fish.enable = true; + starship.enable = true; + tmux.enable = true; + direnv.enable = true; + ripgrep.enable = true; + + btop.enable = true; + }; + + services = { + gpg-agent.enable = true; + }; +} diff --git a/nix/configurations/hetzner_benchmark/nixos/hardware-configuration.nix b/nix/configurations/hetzner_benchmark/nixos/hardware-configuration.nix new file mode 100644 index 00000000..2066ce8f --- /dev/null +++ b/nix/configurations/hetzner_benchmark/nixos/hardware-configuration.nix @@ -0,0 +1,35 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "nvme" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp41s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nix/configurations/hetzner_benchmark/nixos/misc.nix b/nix/configurations/hetzner_benchmark/nixos/misc.nix new file mode 100644 index 00000000..d83a0e7b --- /dev/null +++ b/nix/configurations/hetzner_benchmark/nixos/misc.nix @@ -0,0 +1,13 @@ +{ + boot.loader.grub.enable = true; + + services.openssh.enable = true; + + users.users = { + "root".openssh.authorizedKeys.keys = import ../../../identities.nix ++ [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFza3UN1gWQqh//FkJBzmssQ4lxHdllQGfqPHzG4LQI8 benchmark-machine" + ]; + }; + + system.stateVersion = "25.05"; +} diff --git a/nix/disko/hetzner_benchmark/ext4.nix b/nix/disko/hetzner_benchmark/ext4.nix new file mode 100644 index 00000000..1bd10ef0 --- /dev/null +++ b/nix/disko/hetzner_benchmark/ext4.nix @@ -0,0 +1,37 @@ +{ + disko.devices = { + disk = { + main = { + type = "disk"; + device = "/dev/nvme1n1"; + content = { + type = "gpt"; + partitions = { + boot = { + size = "1M"; + type = "EF02"; + priority = 1; + }; + ESP = { + size = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/nix/disko/hetzner_benchmark/raid.nix b/nix/disko/hetzner_benchmark/raid.nix new file mode 100644 index 00000000..c6ed68d5 --- /dev/null +++ b/nix/disko/hetzner_benchmark/raid.nix @@ -0,0 +1,93 @@ +# I can't get this working for now :( +# Only nvme1n1 is detected in the installer environment +{ + disko.devices = { + disk = { + one = { + type = "disk"; + device = "/dev/nvme0n1"; + content = { + type = "gpt"; + partitions = { + BOOT = { + size = "1M"; + type = "EF02"; # for grub MBR + }; + ESP = { + size = "500M"; + type = "EF00"; + content = { + type = "mdraid"; + name = "boot"; + }; + }; + mdadm = { + size = "100%"; + content = { + type = "mdraid"; + name = "raid1"; + }; + }; + }; + }; + }; + two = { + type = "disk"; + device = "/dev/nvme1n1"; + content = { + type = "gpt"; + partitions = { + boot = { + size = "1M"; + type = "EF02"; # for grub MBR + }; + ESP = { + size = "500M"; + type = "EF00"; + content = { + type = "mdraid"; + name = "boot"; + }; + }; + mdadm = { + size = "100%"; + content = { + type = "mdraid"; + name = "raid1"; + }; + }; + }; + }; + }; + }; + + mdadm = { + boot = { + type = "mdadm"; + level = 1; + metadata = "1.0"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "umask=0077" ]; + }; + }; + raid1 = { + type = "mdadm"; + level = 1; + content = { + type = "gpt"; + partitions.primary = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; +} diff --git a/shell.nix b/shell.nix index 26e3e073..d11a2fa5 100644 --- a/shell.nix +++ b/shell.nix @@ -17,7 +17,8 @@ pkgs.mkShell { just jq npins - disko + nixos-anywhere # comes from nixpkgs + disko # comes from disko flake ] ++ lib.optionals withGHC [ (haskellPackages.ghcWithPackages (self: [