challenger: finalize init

2024-07-02 00:22:02 +02:00 · 2024-07-02 00:22:02 +02:00 · 8ab2615279
parent 097ded10b5
commit 8ab2615279
5 changed files with 16 additions and 13 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@ -1,15 +1,14 @@
 keys:
-  - &user_felixalb_old age1n6j9umxfn5ekvmsrqngdhux0y994yh72sd5xdt6sxec86k4dyu9shsgjkw
-  - &user_felixalb age1nj7ju6f3jfvzw4c0sxywthjmztwp7rwqceun8xw2tlfrt7qymatser4vqf
-  - &host_voyager age14jzavfeg47pgnrstea6yzvh3s3a578nj8hkk8g79vxyzpn86gslscp23qu
+  - &host_challenger age1j43eqpnq5hy6zt3gmdtzdnne2yfvccd832kpt69qavst44leec6sj2l773
  - &host_defiant age128md9emufxu35kgww3a90sw40vvc60f5xul9n9ndvw4lfnj3ndaqq44u64
+  - &host_voyager age14jzavfeg47pgnrstea6yzvh3s3a578nj8hkk8g79vxyzpn86gslscp23qu
+  - &user_felixalb age1nj7ju6f3jfvzw4c0sxywthjmztwp7rwqceun8xw2tlfrt7qymatser4vqf

 creation_rules:
  # Global secrets
  - path_regex: secrets/[^/]+\.yaml$
    key_groups:
    - age:
-      - *user_felixalb_old
      - *user_felixalb

  # Host specific secrets
@ -17,7 +16,6 @@ creation_rules:
    key_groups:
    - age:
      - *host_voyager
-      - *user_felixalb_old
      - *user_felixalb

  - path_regex: secrets/defiant/[^/]+\.yaml$
@ -29,5 +27,5 @@ creation_rules:
  - path_regex: secrets/challenger/[^/]+\.yaml$
    key_groups:
    - age:
-      # - *host_defiant
+      - *host_challenger
      - *user_felixalb
--- a/base.nix
+++ b/base.nix
@ -57,6 +57,7 @@
    rsync
    screen
    unzip
+    vim
    wget
    zip
  ];
--- a/hosts/challenger/configuration.nix
+++ b/hosts/challenger/configuration.nix
@ -12,7 +12,7 @@

  networking = {
    hostName = "challenger";
-    bridges.br0.interfaces = [ "eno1" ]; # TODO
+    bridges.br0.interfaces = [ "enp5s0" ];
    interfaces.br0.useDHCP = false;
    interfaces.br0.ipv4.addresses = [
      { address = "192.168.10.161"; prefixLength = 24; }
--- a/hosts/challenger/filesystems.nix
+++ b/hosts/challenger/filesystems.nix
@ -6,7 +6,7 @@

  # Local zfs
  boot = {
-    zfs.extraPools = [ "tank" ];
+    # zfs.extraPools = [ "tank" ];
    supportedFilesystems = [ "zfs" ];
    kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
  };
--- a/hosts/challenger/hardware-configuration.nix
+++ b/hosts/challenger/hardware-configuration.nix
@ -8,22 +8,26 @@
    [ (modulesPath + "/installer/scan/not-detected.nix")
    ];

-  boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "mpt3sas" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
  boot.extraModulePackages = [ ];

  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/TODO";
+    { device = "/dev/disk/by-uuid/a4ed02e2-4223-4686-95b0-b29cbd517afe";
      fsType = "ext4";
    };

  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/TODO";
+    { device = "/dev/disk/by-uuid/2467-77B7";
      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
    };

-  swapDevices = [ ];
+  swapDevices = [ {
+    device = "/swapfile";
+    size = 16*1024;
+  } ];

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's