diff --git a/hosts/arcturus/default.nix b/hosts/arcturus/default.nix new file mode 100644 index 0000000..44be041 --- /dev/null +++ b/hosts/arcturus/default.nix @@ -0,0 +1,126 @@ +{ config, lib, pkgs, ... }: +{ + imports = [ + ./hardware-configuration.nix + ]; + + networking.hostName = "arcturus"; + + # Enable the Flakes feature and the accompaying new nix command-line tool + nix.settings = { + experimental-features = ["nix-command" "flakes"]; + download-buffer-size = 524288000; + trusted-users = ["root" "@wheel"]; + }; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking = { + useNetworkd = false; + useDHCP = false; + + nftables.enable = true; + + firewall = { + allowedTCPPorts = [ + 2222 + ]; + }; + }; + + systemd.network = { + enable = true; + + netdevs = { + "10-bond0" = { + netdevConfig = { + Kind = "bond"; + Name = "bond0"; + }; + bondConfig = { + Mode = "802.3ad"; + TransmitHashPolicy = "layer3+4"; + LACPTransmitRate = "fast"; + MIIMonitorSec = "100ms"; + }; + }; + }; + + networks = { + "30-eno1" = { + matchConfig.Name = "eno1"; + networkConfig.Bond = "bond0"; + }; + "30-eno2" = { + matchConfig.Name = "eno2"; + networkConfig.Bond = "bond0"; + }; + "40-bond0" = { + matchConfig.Name = "bond0"; + linkConfig = { + RequiredForOnline = "carrier"; + }; + networkConfig.LinkLocalAddressing = "no"; + networkConfig.DHCP = "yes"; + vlan = [ "vlan1" ]; + }; + }; + }; + + time.timeZone = "Europe/London"; + + i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "us"; + }; + + users.users.foxora = { + isNormalUser = true; + extraGroups = [ "wheel" ]; + + packages = with pkgs; [ + tree + ]; + + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE7NLaT/J1S/lwFp0YRHN5oTGhFoDYd2yaRKKsBVpqIv aurora@nixarawrui" + ]; + }; + + environment.systemPackages = with pkgs; [ + git + neovim + wget + ]; + + services = { + openssh = { + enable = true; + + ports = [2222]; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "no"; + AllowUsers = ["foxora"]; + UseDns = false; # enables rDNS lookup + X11Forwarding = false; + }; + }; + }; + + security = { + sudo = { + enable = true; + wheelNeedsPassword = true; + }; + + pam = { + sshAgentAuth.enable = true; + services.sudo.sshAgentAuth = true; # pam_ssh_agent_auth module + }; + }; + + system.stateVersion = "25.11"; +} diff --git a/hosts/arcturus/hardware-configuration.nix b/hosts/arcturus/hardware-configuration.nix new file mode 100644 index 0000000..2cb46e2 --- /dev/null +++ b/hosts/arcturus/hardware-configuration.nix @@ -0,0 +1,33 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "ahci" "ehci_pci" "megaraid_sas" "usb_storage" "usbhid" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/7f22e35f-7536-49c4-9c04-88874e87f266"; + fsType = "btrfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/0213-F9A0"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/0d04172b-aed8-42ea-9cb8-e5dcbf960200"; } + ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/snow.nix b/snow.nix index f434d30..8b9dcad 100644 --- a/snow.nix +++ b/snow.nix @@ -14,6 +14,15 @@ cerulean.mkNexus ./. (self: { sddm-silent.nixosModules.default ]; }; + + arcturus = { + system = "x86_64-linux"; + deploy.ssh = { + host = "10.16.1.163"; + port = 2222; + user = "foxora"; + }; + }; }; }; })