From b970f6f55050d028bff67a47f75921b19a7e56e2 Mon Sep 17 00:00:00 2001 From: Evan Reichard Date: Mon, 1 Sep 2025 20:09:23 -0400 Subject: [PATCH] add cloud --- README.md | 6 ++ modules/nixos/system/disk/default.nix | 34 +++++++++-- .../x86_64-linux/lin-cloud-kube1/default.nix | 61 +++++++++++++++++++ 3 files changed, 96 insertions(+), 5 deletions(-) create mode 100755 systems/x86_64-linux/lin-cloud-kube1/default.nix diff --git a/README.md b/README.md index e816c94..8069ef7 100755 --- a/README.md +++ b/README.md @@ -14,6 +14,12 @@ sudo nixos-rebuild switch --flake .#lin-va-mbp-personal nix build .#qcowConfigurations.lin-va-rke2 ``` +### NixOS Anywhere + +```bash +nix run github:nix-community/nixos-anywhere -- --flake .#lin-cloud-kube1 --target-host @ +``` + ### Home Manager ```bash diff --git a/modules/nixos/system/disk/default.nix b/modules/nixos/system/disk/default.nix index f0d1895..410538e 100644 --- a/modules/nixos/system/disk/default.nix +++ b/modules/nixos/system/disk/default.nix @@ -21,21 +21,26 @@ in type = "gpt"; partitions = { boot = { - size = "512M"; + name = "boot"; + size = "1M"; + type = "EF02"; + }; + esp = { + name = "ESP"; + size = "500M"; type = "EF00"; content = { type = "filesystem"; format = "vfat"; mountpoint = "/boot"; - mountOptions = [ "umask=0077" ]; }; }; root = { + name = "root"; size = "100%"; content = { - type = "filesystem"; - format = "ext4"; - mountpoint = "/"; + type = "lvm_pv"; + vg = "pool"; }; }; swap = { @@ -50,6 +55,25 @@ in }; }; }; + + lvm_vg = { + pool = { + type = "lvm_vg"; + lvs = { + root = { + size = "100%FREE"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + mountOptions = [ + "defaults" + ]; + }; + }; + }; + }; + }; }; }; } diff --git a/systems/x86_64-linux/lin-cloud-kube1/default.nix b/systems/x86_64-linux/lin-cloud-kube1/default.nix new file mode 100755 index 0000000..964081b --- /dev/null +++ b/systems/x86_64-linux/lin-cloud-kube1/default.nix @@ -0,0 +1,61 @@ +{ namespace, config, lib, modulesPath, ... }: +let + inherit (lib.${namespace}) enabled; + + cfg = config.${namespace}.user; +in +{ + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + system.stateVersion = "25.05"; + time.timeZone = "UTC"; + + boot.loader.grub = { + efiSupport = true; + efiInstallAsRemovable = true; + }; + + reichard = { + nix = enabled; + + system = { + disk = { + enable = true; + diskPath = "/dev/sda"; + }; + networking = { + enable = true; + useStatic = { + interface = "enp3s0"; + address = "23.29.118.42"; + defaultGateway = "23.29.118.1"; + nameservers = [ "1.1.1.1" ]; + }; + }; + }; + + services = { + openssh = enabled; + rke2 = { + enable = true; + openFirewall = false; + disable = [ "rke2-ingress-nginx" ]; + }; + }; + }; + + users.users.${cfg.name} = { + openssh = { + authorizedKeys.keys = [ + # evanreichard@lin-va-mbp-personal + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" + # evanreichard@mac-va-mbp-personal + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV" + # evanreichard@lin-va-thinkpad + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz" + ]; + }; + }; +}