aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2021-11-01 22:56:32 +0100
committerAlex Auvolat <alex@adnab.me>2021-11-01 22:56:32 +0100
commitdac37b918bbf427a8f499c82ebb464c57ead6478 (patch)
tree2507db827c83940140385a495365423353873a04
downloadnixcfg-dac37b918bbf427a8f499c82ebb464c57ead6478.tar.gz
nixcfg-dac37b918bbf427a8f499c82ebb464c57ead6478.zip
Import initial Nix configuration files
-rw-r--r--configuration.nix111
-rw-r--r--node/carcajou.nix24
-rw-r--r--node/cariacou.nix24
-rw-r--r--node/caribou.nix41
4 files changed, 200 insertions, 0 deletions
diff --git a/configuration.nix b/configuration.nix
new file mode 100644
index 0000000..d500108
--- /dev/null
+++ b/configuration.nix
@@ -0,0 +1,111 @@
+# Edit this configuration file to define what should be installed on
+# your system. Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, ... }:
+
+{
+ imports =
+ [ # Include the results of the hardware scan.
+ ./hardware-configuration.nix
+ # Configuration local for this cluster node (hostname, IP, etc)
+ ./node.nix
+ ];
+
+ # Use the systemd-boot EFI boot loader.
+ boot.loader.systemd-boot.enable = true;
+ boot.loader.timeout = 20;
+ boot.loader.efi.canTouchEfiVariables = true;
+
+ # The global useDHCP flag is deprecated, therefore explicitly set to false here.
+ # Per-interface useDHCP will be mandatory in the future, so this generated config
+ # replicates the default behaviour.
+ networking.useDHCP = false;
+
+ # Set your time zone.
+ time.timeZone = "Europe/Paris";
+
+ networking.extraHosts = ''
+192.168.1.21 cariacou
+192.168.1.22 carcajou
+192.168.1.23 caribou
+192.168.1.23 binarycache
+192.168.1.23 binarycache.home.adnab.me
+ '';
+
+ # Configure network proxy if necessary
+ # networking.proxy.default = "http://user:password@proxy:port/";
+ # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+ # Select internationalisation properties.
+ # i18n.defaultLocale = "en_US.UTF-8";
+ console = {
+ font = "sun12x22";
+ keyMap = "fr";
+ };
+
+ # Enable the X11 windowing system.
+ # services.xserver.enable = true;
+
+ # Configure keymap in X11
+ # services.xserver.layout = "us";
+ # services.xserver.xkbOptions = "eurosign:e";
+
+ # Enable CUPS to print documents.
+ # services.printing.enable = true;
+
+ # Enable sound.
+ # sound.enable = true;
+ # hardware.pulseaudio.enable = true;
+
+ # Enable touchpad support (enabled default in most desktopManager).
+ # services.xserver.libinput.enable = true;
+
+ # Define a user account. Don't forget to set a password with ‘passwd’.
+ users.users.lx = {
+ isNormalUser = true;
+ extraGroups = [ "wheel" "video" ]; # Enable ‘sudo’ for the user.
+ };
+
+ # List packages installed in system profile. To search, run:
+ # $ nix search wget
+ environment.systemPackages = with pkgs; [
+ vim
+ tmux
+ wget
+ htop
+ links
+ git
+ ];
+
+ # Some programs need SUID wrappers, can be configured further or are
+ # started in user sessions.
+ # programs.mtr.enable = true;
+ # programs.gnupg.agent = {
+ # enable = true;
+ # enableSSHSupport = true;
+ # };
+
+ # List services that you want to enable:
+
+ # Enable network time
+ services.ntp.enable = true;
+
+ # Enable the OpenSSH daemon.
+ services.openssh.enable = true;
+
+ # Open ports in the firewall.
+ networking.firewall.allowedTCPPorts = [ 22 ];
+ # networking.firewall.allowedUDPPorts = [ ... ];
+ # Or disable the firewall altogether.
+ # networking.firewall.enable = false;
+
+ # This value determines the NixOS release from which the default
+ # settings for stateful data, like file locations and database versions
+ # on your system were taken. It‘s perfectly fine and recommended to leave
+ # this value at the release version of the first install of this system.
+ # Before changing this value read the documentation for this option
+ # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+ system.stateVersion = "21.05"; # Did you read the comment?
+}
+
diff --git a/node/carcajou.nix b/node/carcajou.nix
new file mode 100644
index 0000000..ae6b488
--- /dev/null
+++ b/node/carcajou.nix
@@ -0,0 +1,24 @@
+# Configuration file local to this node
+
+{ config, pkgs, ... }:
+
+{
+ networking.hostName = "carcajou"; # Define your hostname.
+
+ networking.interfaces.eno1.useDHCP = false;
+ networking.interfaces.eno1.ipv4.addresses = [
+ {
+ address = "192.168.1.22";
+ prefixLength = 24;
+ }
+ ];
+
+ nix = {
+ binaryCaches = [
+ "http://binarycache.home.adnab.me"
+ ];
+ binaryCachePublicKeys = [
+ "binarycache.home.adnab.me:ErR6pMnewf9oVyZJd5uC2nI4EZF49c7Mh86eDZWYZaw="
+ ];
+ };
+}
diff --git a/node/cariacou.nix b/node/cariacou.nix
new file mode 100644
index 0000000..5ed6154
--- /dev/null
+++ b/node/cariacou.nix
@@ -0,0 +1,24 @@
+# Configuration file local to this node
+
+{ config, pkgs, ... }:
+
+{
+ networking.hostName = "cariacou"; # Define your hostname.
+
+ networking.interfaces.eno1.useDHCP = false;
+ networking.interfaces.eno1.ipv4.addresses = [
+ {
+ address = "192.168.1.21";
+ prefixLength = 24;
+ }
+ ];
+
+ nix = {
+ binaryCaches = [
+ "http://binarycache.home.adnab.me"
+ ];
+ binaryCachePublicKeys = [
+ "binarycache.home.adnab.me:ErR6pMnewf9oVyZJd5uC2nI4EZF49c7Mh86eDZWYZaw="
+ ];
+ };
+}
diff --git a/node/caribou.nix b/node/caribou.nix
new file mode 100644
index 0000000..95b0d52
--- /dev/null
+++ b/node/caribou.nix
@@ -0,0 +1,41 @@
+# Configuration file local to this node
+
+{ config, pkgs, ... }:
+
+{
+ networking.hostName = "caribou"; # Define your hostname.
+ # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
+
+ networking.interfaces.eno1.useDHCP = false;
+ networking.interfaces.eno1.ipv4.addresses = [
+ {
+ address = "192.168.1.23";
+ prefixLength = 24;
+ }
+ ];
+ networking.interfaces.enp0s20u1.useDHCP = true;
+
+ # Enable nix-serve
+ services.nix-serve = {
+ enable = true;
+ secretKeyFile = "/var/cache-priv-key.pem";
+ };
+
+ # Configure a Nginx web server to serve NixOS cache
+ services.nginx = {
+ enable = true;
+ virtualHosts = {
+ "binarycache.home.adnab.me" = {
+ serverAliases = [ "binarycache" ];
+ locations."/".extraConfig = ''
+ proxy_pass http://localhost:${toString config.services.nix-serve.port};
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ '';
+ };
+ };
+ };
+
+ networking.firewall.allowedTCPPorts = [ 80 ];
+}