From a82a3f95c097eced8412c0d78843da6d96dc71c7 Mon Sep 17 00:00:00 2001
From: h7x4 <h7x4@nani.wtf>
Date: Wed, 8 Mar 2023 15:26:07 +0100
Subject: [PATCH] tsuki: move hardware config to configuration file

---
 hosts/tsuki/configuration.nix                | 77 +++++++++++++++-----
 hosts/tsuki/extra-hardware-configuration.nix | 13 ----
 hosts/tsuki/hardware-configuration.nix       | 31 --------
 secrets/default.yaml                         |  7 +-
 4 files changed, 65 insertions(+), 63 deletions(-)
 delete mode 100644 hosts/tsuki/extra-hardware-configuration.nix
 delete mode 100644 hosts/tsuki/hardware-configuration.nix

diff --git a/hosts/tsuki/configuration.nix b/hosts/tsuki/configuration.nix
index f53dafb..8e7bf5d 100644
--- a/hosts/tsuki/configuration.nix
+++ b/hosts/tsuki/configuration.nix
@@ -1,8 +1,7 @@
-{ secrets, ... }:
+{ config, lib, secrets, modulesPath, ... }:
 {
   imports = [
-    ./hardware-configuration.nix
-    ./extra-hardware-configuration.nix
+    (modulesPath + "/profiles/qemu-guest.nix")
 
     # ./services/calibre.nix
     ./services/gitea
@@ -51,19 +50,6 @@
 
   # security.pam.services.login.unixAuth = true;
 
-  boot.loader = {
-    grub = {
-      enable = true;
-      version = 2;
-      efiSupport = true;
-      fsIdentifier = "label";
-      device = "nodev";
-      efiInstallAsRemovable = true;
-    };
-    # efi.efiSysMountPoint = "/boot/efi";
-    # efi.canTouchEfiVariables = true;
-  };
-
   networking = {
     hostName = "Tsuki";
     networkmanager.enable = true;
@@ -98,11 +84,68 @@
     };
     groups = {
       media = {};
-      nix-builder = {};
     };
   };
 
+  sops.secrets."drives/cirno/credentials" = {};
+
+  fileSystems = let
+    nfsDrive = drivename: {
+      device = "10.0.0.36:/mnt/PoolsClosed/${drivename}";
+      fsType = "nfs";
+      options = [ "vers=3" "local_lock=all" ];
+    };
+  in {
+    "/" = {
+      device = "/dev/disk/by-uuid/54b9fd58-0df5-410c-ab87-766860967653";
+      fsType = "btrfs";
+    };
+
+    "/boot" = {
+      device = "/dev/disk/by-uuid/0A60-2885";
+      fsType = "vfat";
+    };
+
+    "/data2/backup" = nfsDrive "backup";
+    "/data2/momiji" = nfsDrive "momiji";
+    "/data2/media" = nfsDrive "media";
+    "/data2/postgres" = nfsDrive "postgres";
+    "/data2/home" = nfsDrive "home";
+
+    "/data2/cirno" = {
+      device = "//10.0.0.36/cirno";
+      fsType = "cifs";
+      options = [
+        "vers=3.0"
+        "cred=${config.sops.secrets."drives/cirno/credentials".path}"
+        "rw"
+        "uid=1000"
+      ];
+    };
+  };
+
+  swapDevices = [{ device = "/dev/disk/by-uuid/92a1a33f-89a8-45de-a45e-6c303172cd7f"; }];
+
   virtualisation = {
     docker.enable = true;
   };
+
+  boot = {
+    initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
+    initrd.kernelModules = [ ];
+    kernelModules = [ ];
+    extraModulePackages = [ ];
+    loader = {
+      grub = {
+        enable = true;
+        version = 2;
+        efiSupport = true;
+        fsIdentifier = "label";
+        device = "nodev";
+        efiInstallAsRemovable = true;
+      };
+      # efi.efiSysMountPoint = "/boot/efi";
+      # efi.canTouchEfiVariables = true;
+    };
+  };
 }
diff --git a/hosts/tsuki/extra-hardware-configuration.nix b/hosts/tsuki/extra-hardware-configuration.nix
deleted file mode 100644
index 7ef040b..0000000
--- a/hosts/tsuki/extra-hardware-configuration.nix
+++ /dev/null
@@ -1,13 +0,0 @@
-{ ... }: let
-  nfsDrive = drivename: {
-    device = "10.0.0.36:/mnt/PoolsClosed/${drivename}";
-    fsType = "nfs";
-    options = [ "nfsvers=3" ];
-  };
-in {
-  fileSystems."/data2/backup" = nfsDrive "backup";
-  fileSystems."/data2/momiji" = nfsDrive "momiji";
-  fileSystems."/data2/media" = nfsDrive "media";
-  fileSystems."/data2/postgres" = nfsDrive "postgres";
-  fileSystems."/data2/home" = nfsDrive "home";
-}
diff --git a/hosts/tsuki/hardware-configuration.nix b/hosts/tsuki/hardware-configuration.nix
deleted file mode 100644
index abe483d..0000000
--- a/hosts/tsuki/hardware-configuration.nix
+++ /dev/null
@@ -1,31 +0,0 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
-{
-  imports =
-    [ (modulesPath + "/profiles/qemu-guest.nix")
-    ];
-
-  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ ];
-  boot.extraModulePackages = [ ];
-
-  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/54b9fd58-0df5-410c-ab87-766860967653";
-      fsType = "btrfs";
-    };
-
-  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/0A60-2885";
-      fsType = "vfat";
-    };
-
-  swapDevices =
-    [ { device = "/dev/disk/by-uuid/92a1a33f-89a8-45de-a45e-6c303172cd7f"; }
-    ];
-
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-}
diff --git a/secrets/default.yaml b/secrets/default.yaml
index c89e2d8..6f8358b 100644
--- a/secrets/default.yaml
+++ b/secrets/default.yaml
@@ -4,6 +4,9 @@ hedgedoc:
     env: ENC[AES256_GCM,data:4i2I7S5hKp3mjROMwa3WQinbgmxXhKzSaWspzF12TIDm9g3Bgie0jfSxbDuPjJYq1mZ8oQ2Jzdi2N+Q4blOk9fZO3VREoU0qFrfqm8RqBw3a7hpisXzu9okYnzrW2JiVxNGWwZbuiCG1SzdMOMHq/ZqLEJdu7Pxm9cY9xBSZthap1DCFyr7dmjHt3AnEQemsDpxSaWKD2Dfs1gyA23rLAFBd,iv:lfB6uaXULUNme7cGyN+bKuXPsbgpjMrxrRy2L96HltY=,tag:uu37bZ4g/PA2mgzs3ioLCQ==,type:str]
 cloudflare:
     api-key: ENC[AES256_GCM,data:dqKGLnIlPAgBNTxcRo6Q55hKoe8Qg9UCmDvJioJdhBxmjTXQrf0LFL/iMC73K+Kj0ejuzBRJaqfN6548aZZTSDb8hPTygh7PEILqdxNrap9uDm229eJM/zrShOIRaNLH,iv:pUkuU3Es20ujDtOYfGZodxEUZSlfAe/45ewEkPG1GP4=,tag:sA7nMLldPRRo0jwcdF34ng==,type:str]
+drives:
+    cirno:
+        credentials: ENC[AES256_GCM,data:ypMZhs7dQw/IlcLwHwFcIZw0N+kCzvFGLe3gEqZVe1hj0lzK8MCfxAR8GpA=,iv:by5ljMzOuuY4b6BDUQNLhp8/gcXDNe+rHkqhFzjNA6c=,tag:3C5iYsxEWwAKs9Blgr5o6g==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -19,8 +22,8 @@ sops:
             UE1YWkplaFBhV01CU0FDYTQ3NlkwVkUKMJyCfyh/vcj/VU7shtFF4YRRVaWdcMNh
             rp9lZmRZpc9mARXYAj9RlkI/uuSzxshtqb5AGXKmSV0hncazxu75kg==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2023-03-08T13:37:44Z"
-    mac: ENC[AES256_GCM,data:SrdyqQbOyFct6Hj+fBgAz4MBbHOKDvSKF4OsRgq4/byI7BTdtRaFD1tq0nndP84xfapiLhd8o6f2ZrncyrYkciNiZcFN2Dj7lAg8LOuIpYeh/TTOLsWXTyfjJ7rK2x845kEDoR9oTWUDM2yKFrvIZzZuxavDw71eEYzg2QxJCAI=,iv:quIGgipT59h8PwlYcDKd8K5pW0TPXM3T+lvdegLkwKk=,tag:Yv+Yg5tSOhuL3/iSbJMT1Q==,type:str]
+    lastmodified: "2023-03-08T13:59:50Z"
+    mac: ENC[AES256_GCM,data:NQdwXLJAd7eRGZ7wM/nO7DJWaqf8wJWw2X3fcc2NViZbmKToJjezmizU+23k5wcqp5kdSM/wfiu2SQn9fRiZ7aYMjTxsmXncUy6jmh4xSf7L7pVSEKMuzOCDifrhaok0U7Lc0F+1Q5I1IPrWVtEGKRMWBYo8vLAD6z47BWXiQ10=,iv:MKu+k8wN0ywXwhzrG/WYAk/aQv0C3N/Er7IKvQeKEY4=,tag:l6Jk3HH1K5ZgKGzLnB34Xg==,type:str]
     pgp:
         - created_at: "2023-03-07T12:32:53Z"
           enc: |