asd
This commit is contained in:
parent
a422c8ab64
commit
84d8e60a17
|
@ -0,0 +1,46 @@
|
||||||
|
{
|
||||||
|
description = "";
|
||||||
|
|
||||||
|
inputs.nixpkgs.follows = "clan-core/nixpkgs";
|
||||||
|
inputs.clan-core.url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz";
|
||||||
|
|
||||||
|
outputs = { self,
|
||||||
|
clan-core,
|
||||||
|
... }@inputs:
|
||||||
|
let
|
||||||
|
# Usage see: https://docs.clan.lol
|
||||||
|
clan = clan-core.lib.buildClan {
|
||||||
|
directory = self;
|
||||||
|
# Ensure this is unique among all clans you want to use.
|
||||||
|
meta.name = "phahgeoc2NoN9ufeithohfeiY1quuuSe9ahNaich";
|
||||||
|
|
||||||
|
# Prerequisite: boot into the installer.
|
||||||
|
# See: https://docs.clan.lol/getting-started/installer
|
||||||
|
# local> mkdir -p ./machines/machine1
|
||||||
|
# local> Edit ./machines/<machine>/configuration.nix to your liking.
|
||||||
|
machines = {
|
||||||
|
# The name will be used as hostname by default.
|
||||||
|
bingus = { };
|
||||||
|
};
|
||||||
|
};
|
||||||
|
in
|
||||||
|
{
|
||||||
|
# All machines managed by Clan.
|
||||||
|
inherit (clan) nixosConfigurations clanInternals;
|
||||||
|
# Add the Clan cli tool to the dev shell.
|
||||||
|
# Use "nix develop" to enter the dev shell.
|
||||||
|
devShells =
|
||||||
|
clan-core.inputs.nixpkgs.lib.genAttrs
|
||||||
|
[
|
||||||
|
"x86_64-linux"
|
||||||
|
"aarch64-linux"
|
||||||
|
"aarch64-darwin"
|
||||||
|
"x86_64-darwin"
|
||||||
|
]
|
||||||
|
(system: {
|
||||||
|
default = clan-core.inputs.nixpkgs.legacyPackages.${system}.mkShell {
|
||||||
|
packages = [ clan-core.packages.${system}.clan-cli ];
|
||||||
|
};
|
||||||
|
});
|
||||||
|
};
|
||||||
|
}
|
|
@ -0,0 +1,35 @@
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
# contains your disk format and partitioning configuration.
|
||||||
|
../../modules/disko.nix
|
||||||
|
# this file is shared among all machines
|
||||||
|
../../modules/shared.nix
|
||||||
|
# enables GNOME desktop (optional)
|
||||||
|
../../modules/gnome.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
# This is your user login name.
|
||||||
|
users.users.user.name = "<your-username>";
|
||||||
|
|
||||||
|
# Set this for clan commands use ssh i.e. `clan machines update`
|
||||||
|
# If you change the hostname, you need to update this line to root@<new-hostname>
|
||||||
|
# This only works however if you have avahi running on your admin machine else use IP
|
||||||
|
clan.core.networking.targetHost = "root@<IP>";
|
||||||
|
|
||||||
|
# You can get your disk id by running the following command on the installer:
|
||||||
|
# Replace <IP> with the IP of the installer printed on the screen or by running the `ip addr` command.
|
||||||
|
# ssh root@<IP> lsblk --output NAME,ID-LINK,FSTYPE,SIZE,MOUNTPOINT
|
||||||
|
disko.devices.disk.main.device = "/dev/disk/by-id/__CHANGE_ME__";
|
||||||
|
|
||||||
|
# IMPORTANT! Add your SSH key here
|
||||||
|
# e.g. > cat ~/.ssh/id_ed25519.pub
|
||||||
|
users.users.root.openssh.authorizedKeys.keys = [
|
||||||
|
''
|
||||||
|
__YOUR_SSH_KEY__
|
||||||
|
''
|
||||||
|
];
|
||||||
|
|
||||||
|
# Zerotier needs one controller to accept new nodes. Once accepted
|
||||||
|
# the controller can be offline and routing still works.
|
||||||
|
clan.core.networking.zerotier.controller.enable = true;
|
||||||
|
}
|
|
@ -0,0 +1,14 @@
|
||||||
|
# Replace this file with an actual hardware-configuration.nix!
|
||||||
|
throw ''
|
||||||
|
Did you forget to generate your hardware config?
|
||||||
|
|
||||||
|
Run the following command:
|
||||||
|
|
||||||
|
'clan machines update-hardware-config <machine_name> <hostname>'
|
||||||
|
|
||||||
|
OR:
|
||||||
|
|
||||||
|
'ssh root@<hostname> nixos-generate-config --no-filesystems --show-hardware-config > hardware-configuration.nix'
|
||||||
|
|
||||||
|
And manually replace this file with the generated "hardware-configuration.nix".
|
||||||
|
''
|
|
@ -0,0 +1,34 @@
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
../../modules/disko.nix
|
||||||
|
../../modules/shared.nix
|
||||||
|
# enables GNOME desktop (optional)
|
||||||
|
../../modules/gnome.nix
|
||||||
|
];
|
||||||
|
# Put your username here for login
|
||||||
|
users.users.user.name = "<your-username>";
|
||||||
|
|
||||||
|
# Set this for clan commands use ssh i.e. `clan machines update`
|
||||||
|
# If you change the hostname, you need to update this line to root@<new-hostname>
|
||||||
|
# This only works however if you have avahi running on your admin machine else use IP
|
||||||
|
clan.core.networking.targetHost = "root@<IP>";
|
||||||
|
|
||||||
|
# You can get your disk id by running the following command on the installer:
|
||||||
|
# Replace <IP> with the IP of the installer printed on the screen or by running the `ip addr` command.
|
||||||
|
# ssh root@<IP> lsblk --output NAME,ID-LINK,FSTYPE,SIZE,MOUNTPOINT
|
||||||
|
disko.devices.disk.main.device = "/dev/disk/by-id/__CHANGE_ME__";
|
||||||
|
|
||||||
|
# IMPORTANT! Add your SSH key here
|
||||||
|
# e.g. > cat ~/.ssh/id_ed25519.pub
|
||||||
|
users.users.root.openssh.authorizedKeys.keys = [
|
||||||
|
''
|
||||||
|
__YOUR_SSH_KEY__
|
||||||
|
''
|
||||||
|
];
|
||||||
|
/*
|
||||||
|
After jon is deployed, uncomment the following line
|
||||||
|
This will allow sara to share the VPN overlay network with jon
|
||||||
|
The networkId is generated by the first deployment of jon
|
||||||
|
*/
|
||||||
|
# clan.core.networking.zerotier.networkId = builtins.readFile ../jon/facts/zerotier-network-id;
|
||||||
|
}
|
|
@ -0,0 +1,10 @@
|
||||||
|
# Replace this file with an actual hardware-configuration.nix!
|
||||||
|
throw ''
|
||||||
|
Did you forget to generate your hardware config?
|
||||||
|
|
||||||
|
Run the following command:
|
||||||
|
|
||||||
|
'ssh root@<hostname> nixos-generate-config --no-filesystems --show-hardware-config > hardware-configuration.nix'
|
||||||
|
|
||||||
|
Then replace this file with the generated "hardware-configuration.nix".
|
||||||
|
''
|
|
@ -0,0 +1,61 @@
|
||||||
|
{
|
||||||
|
lib,
|
||||||
|
clan-core,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
|
let
|
||||||
|
suffix = config.clan.core.vars.generators.disk-id.files.diskId.value;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
clan-core.clanModules.disk-id
|
||||||
|
];
|
||||||
|
|
||||||
|
# DO NOT EDIT THIS FILE AFTER INSTALLATION of a machine
|
||||||
|
# Otherwise your system might not boot because of missing partitions / filesystems
|
||||||
|
boot.loader.grub.efiSupport = lib.mkDefault true;
|
||||||
|
boot.loader.grub.efiInstallAsRemovable = lib.mkDefault true;
|
||||||
|
disko.devices = {
|
||||||
|
disk = {
|
||||||
|
"main" = {
|
||||||
|
# suffix is to prevent disk name collisions
|
||||||
|
name = "main-" + suffix;
|
||||||
|
type = "disk";
|
||||||
|
# Set the following in flake.nix for each maschine:
|
||||||
|
# device = <uuid>;
|
||||||
|
content = {
|
||||||
|
type = "gpt";
|
||||||
|
partitions = {
|
||||||
|
"boot" = {
|
||||||
|
size = "1M";
|
||||||
|
type = "EF02"; # for grub MBR
|
||||||
|
priority = 1;
|
||||||
|
};
|
||||||
|
"ESP" = {
|
||||||
|
size = "512M";
|
||||||
|
type = "EF00";
|
||||||
|
content = {
|
||||||
|
type = "filesystem";
|
||||||
|
format = "vfat";
|
||||||
|
mountpoint = "/boot";
|
||||||
|
mountOptions = [ "nofail" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"root" = {
|
||||||
|
size = "100%";
|
||||||
|
content = {
|
||||||
|
type = "filesystem";
|
||||||
|
format = "ext4";
|
||||||
|
# format = "btrfs";
|
||||||
|
# format = "bcachefs";
|
||||||
|
mountpoint = "/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -0,0 +1,5 @@
|
||||||
|
{
|
||||||
|
services.xserver.enable = true;
|
||||||
|
services.xserver.desktopManager.gnome.enable = true;
|
||||||
|
services.xserver.displayManager.gdm.enable = true;
|
||||||
|
}
|
|
@ -0,0 +1,29 @@
|
||||||
|
{ config, clan-core, ... }:
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
# Enables the OpenSSH server for remote access
|
||||||
|
clan-core.clanModules.sshd
|
||||||
|
# Set a root password
|
||||||
|
clan-core.clanModules.root-password
|
||||||
|
clan-core.clanModules.user-password
|
||||||
|
clan-core.clanModules.state-version
|
||||||
|
];
|
||||||
|
|
||||||
|
# Locale service discovery and mDNS
|
||||||
|
services.avahi.enable = true;
|
||||||
|
|
||||||
|
# generate a random password for our user below
|
||||||
|
# can be read using `clan secrets get <machine-name>-user-password` command
|
||||||
|
clan.user-password.user = "user";
|
||||||
|
users.users.user = {
|
||||||
|
isNormalUser = true;
|
||||||
|
extraGroups = [
|
||||||
|
"wheel"
|
||||||
|
"networkmanager"
|
||||||
|
"video"
|
||||||
|
"input"
|
||||||
|
];
|
||||||
|
uid = 1000;
|
||||||
|
openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys;
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in New Issue