From be7225c47cb0fc989f5afd21f91b97020e4a3dd4 Mon Sep 17 00:00:00 2001 From: Yorick van Pelt Date: Sun, 11 Mar 2018 19:21:08 +0100 Subject: [PATCH] reorganize --- README.md | 21 ++++++++++-------- conf | 2 +- logical/ascanius.nix | 9 ++------ logical/frumar.nix | 9 ++------ logical/jarvis.nix | 9 ++------ logical/pennyworth.nix | 25 ++++++---------------- logical/woodhouse.nix | 19 ++++++---------- roles/hardware.nix => physical/default.nix | 6 +++--- physical/fractal.nix | 3 ++- physical/hp8570w.nix | 3 ++- physical/kassala.nix | 3 ++- physical/nuc.nix | 3 ++- physical/xps9360.nix | 3 ++- roles/{common.nix => default.nix} | 11 +++------- roles/graphical.nix | 1 + roles/server.nix | 8 +++++++ roles/workstation.nix | 2 +- {roles => services}/collectd.nix | 0 services/default.nix | 10 +++++++++ {roles => services}/gogs.nix | 0 {roles => services}/graphs.nix | 0 {roles => services}/mail.nix | 0 {roles => services}/pub.nix | 0 {roles => services}/quassel.nix | 0 {roles => services}/website.nix | 0 {roles => services}/xmpp.nix | 0 26 files changed, 68 insertions(+), 79 deletions(-) rename roles/hardware.nix => physical/default.nix (91%) rename roles/{common.nix => default.nix} (90%) create mode 100644 roles/server.nix rename {roles => services}/collectd.nix (100%) create mode 100644 services/default.nix rename {roles => services}/gogs.nix (100%) rename {roles => services}/graphs.nix (100%) rename {roles => services}/mail.nix (100%) rename {roles => services}/pub.nix (100%) rename {roles => services}/quassel.nix (100%) rename {roles => services}/website.nix (100%) rename {roles => services}/xmpp.nix (100%) diff --git a/README.md b/README.md index 48ea7cb..2b982dd 100644 --- a/README.md +++ b/README.md @@ -7,23 +7,24 @@ Systems [frumar](https://en.wikipedia.org/wiki/Frumar) -------- -Physical server. Mostly used for files. (storage: 6 TB hdd + 256GB ssd, RAM: 8GB, 2 cores ht) +Physical [server](./roles/server.nix). Mostly used for files. (storage: 6 TB hdd + 256GB ssd, RAM: 8GB, 2 cores ht) -- [git hosting](./roles/gogs.nix) -- [public files](./roles/pub.nix) +- [git hosting](./services/gogs.nix) +- [public files](./services/pub.nix) - torrents -- [quassel](./roles/quassel.nix) +- [quassel](./services/quassel.nix) [pennyworth](https://en.wikipedia.org/wiki/Alfred_Pennyworth) ---------- +[Server](./roles/server.nix). VPS (Storage: 80GB, RAM: 1GB, 2 cores) -- [grafana](./roles/graphs.nix) -- [website](./roles/website.nix) -- [email](./roles/mail.nix) -- [prosody](./roles/xmpp.nix) -- [asterisk](./roles/asterisk.nix) +- [grafana](./services/graphs.nix) +- [website](./services/website.nix) +- [email](./services/mail.nix) +- [prosody](./services/xmpp.nix) +- [asterisk](./services/asterisk.nix) [woodhouse](https://en.wikipedia.org/wiki/List_of_Archer_characters#Recurring_characters) ----------- @@ -37,6 +38,7 @@ intel nuc connected to the tv (storage: 64GB ssd, RAM: 4GB) [ascanius](https://en.wikipedia.org/wiki/Frumar) ---------- +[workstation](./roles/workstation.nix). hp elitebook 8570w (RAM: 16GB, 4 cores ht, storage: 256GB ssd + 300GB HDD) - includes a power saving script @@ -44,6 +46,7 @@ hp elitebook 8570w (RAM: 16GB, 4 cores ht, storage: 256GB ssd + 300GB HDD) [jarvis](https://en.wikipedia.org/wiki/Edwin_Jarvis) -------- +[workstation](./roles/workstation.nix). dell xps 13 (RAM: 16GB, storage: 512GB ssd, 2 cores ht) - for now, just run powertop --auto-tune after a reboot I guess diff --git a/conf b/conf index 593359b..130dcff 100755 --- a/conf +++ b/conf @@ -5,7 +5,7 @@ then sudo chgrp nixbld deploy_key chmod 640 deploy_key fi -export NIX_PATH="ssh-id-file=`pwd`/deploy_key":secrets=`pwd`/secrets.nix +export NIX_PATH="ssh-id-file=`pwd`/deploy_key":secrets=`pwd`/secrets.nix:yori-nix=`pwd` case $1 in git) export NIX_PATH="nixpkgs=https://github.com/NixOS/nixpkgs/archive/master.tar.gz:nixos-config=`pwd`/logical/$2.nix:$NIX_PATH" diff --git a/logical/ascanius.nix b/logical/ascanius.nix index 6058945..5d7cd20 100644 --- a/logical/ascanius.nix +++ b/logical/ascanius.nix @@ -1,16 +1,11 @@ { config, pkgs, ... }: -let secrets = import ; -in { imports = - [ ../physical/hp8570w.nix - ../roles/common.nix - ../roles/workstation.nix + [ + ]; system.stateVersion = "17.09"; - # no, not that Ascanius. - networking.hostName = secrets.hostnames.ascanius; } diff --git a/logical/frumar.nix b/logical/frumar.nix index 6917703..aa6450e 100644 --- a/logical/frumar.nix +++ b/logical/frumar.nix @@ -1,16 +1,11 @@ { config, pkgs, ... }: -let secrets = import ; -in { imports = [ - ../physical/fractal.nix - ../roles/common.nix + + ]; - networking.hostName = secrets.hostnames.frumar; - - # The NixOS release to be compatible with for stateful data such as databases. system.stateVersion = "15.09"; services.nginx.enable = true; diff --git a/logical/jarvis.nix b/logical/jarvis.nix index f48bf09..68fa02f 100644 --- a/logical/jarvis.nix +++ b/logical/jarvis.nix @@ -2,16 +2,11 @@ { imports = - [ # Include the results of the hardware scan. - ../physical/xps9360.nix - ../roles/common.nix - ../roles/workstation.nix + [ + ]; - networking.hostName = "jarvis"; # Define your hostname. - - # The NixOS release to be compatible with for stateful data such as databases. system.stateVersion = "17.09"; #networking.enableIPv6 = lib.mkOverride 30 true; diff --git a/logical/pennyworth.nix b/logical/pennyworth.nix index 2dfa35a..67b5416 100644 --- a/logical/pennyworth.nix +++ b/logical/pennyworth.nix @@ -4,27 +4,16 @@ { config, pkgs, lib, ... }: -let - secrets = import ; - yoricc = import ../packages/yori-cc.nix; -in { imports = [ - ../physical/kassala.nix - ../roles/common.nix - ../modules/muflax-blog.nix + + + ../modules/muflax-blog.nix ]; - networking.hostName = secrets.hostnames.pennyworth; - - services.nixosManual.enable = false; - - environment.noXlibs = true; - networking.enableIPv6 = lib.mkOverride 30 true; system.stateVersion = "16.03"; - yorick = { cpu = null; }; services.nginx.enable = true; services.yorick = { @@ -32,11 +21,9 @@ in mail = { enable = true; mainUser = "yorick"; - users = { - yorick = with secrets; { - password = yorick_mailPassword; - domains = email_domains; - }; + users.yorick = { + password = (import ).yorick_mailPassword; + domains = ["yori.cc" "yorickvanpelt.nl"]; }; }; xmpp = { diff --git a/logical/woodhouse.nix b/logical/woodhouse.nix index 463b899..9195169 100644 --- a/logical/woodhouse.nix +++ b/logical/woodhouse.nix @@ -13,26 +13,21 @@ mkFuseMount = device: opts: { }; in { - imports = - [ # Include the results of the hardware scan. - ../physical/nuc.nix - ../roles/common.nix - # ../roles/collectd.nix - ../roles/graphical.nix - ]; + imports = [ + + + ]; - networking.hostName = secrets.hostnames.woodhouse; - - # The NixOS release to be compatible with for stateful data such as databases. system.stateVersion = "17.09"; + # fuse mounts system.fsPackages = [ pkgs.sshfsFuse ]; fileSystems."/mnt/frumar" = mkFuseMount "yorick@${secrets.hostnames.frumar}:/data/yorick" []; fileSystems."/mnt/oxygen" = mkFuseMount "yorick@oxygen.obfusk.ch:" []; fileSystems."/mnt/nyamsas" = mkFuseMount "yorick@nyamsas.quezacotl.nl:" ["port=1337"]; - - networking.firewall.allowedTCPPorts = [7 8080 9090 9777]; # kodi + # kodi ports + networking.firewall.allowedTCPPorts = [7 8080 9090 9777]; } diff --git a/roles/hardware.nix b/physical/default.nix similarity index 91% rename from roles/hardware.nix rename to physical/default.nix index 3583928..0bac40f 100644 --- a/roles/hardware.nix +++ b/physical/default.nix @@ -1,10 +1,10 @@ { config, lib, pkgs, ... }: -let cfg = config.yorick; in +let cfg = config.hardware.yorick; in with lib; { - options.yorick = { + options.hardware.yorick = { cpu = mkOption { - type = types.nullOr (types.enum ["intel"]); + type = types.nullOr (types.enum ["intel" "virtual"]); }; gpu = mkOption { type = types.nullOr (types.enum ["intel" "nvidia"]); diff --git a/physical/fractal.nix b/physical/fractal.nix index 8e3a7a8..f6d5574 100644 --- a/physical/fractal.nix +++ b/physical/fractal.nix @@ -6,10 +6,11 @@ { imports = [ + ]; boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" ]; - yorick.cpu = "intel"; + hardware.yorick.cpu = "intel"; # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; diff --git a/physical/hp8570w.nix b/physical/hp8570w.nix index ac34d0b..543ac75 100644 --- a/physical/hp8570w.nix +++ b/physical/hp8570w.nix @@ -3,10 +3,11 @@ { imports = [ + ./hp8570w/powerdown.nix ]; - yorick = { cpu = "intel"; gpu = "nvidia"; laptop = true; }; + hardware.yorick = { cpu = "intel"; gpu = "nvidia"; laptop = true; }; boot = { loader.grub = { diff --git a/physical/kassala.nix b/physical/kassala.nix index e90671c..0558288 100644 --- a/physical/kassala.nix +++ b/physical/kassala.nix @@ -3,7 +3,7 @@ let ipconf = (import ).ipconf.${config.networking.hostName}; in { - imports = [ ../modules/nixos-in-place.nix ]; + imports = [ ../modules/nixos-in-place.nix ]; "nixos-in-place" = { enable = true; rootfs = "/dev/disk/by-uuid/7165e542-0995-474c-a228-9592339e0604"; @@ -44,4 +44,5 @@ in ip -6 route add default via ${gateway6} || true ''; nix.maxJobs = lib.mkDefault 2; + hardware.yorick.cpu = "virtual"; } diff --git a/physical/nuc.nix b/physical/nuc.nix index c5b2e6b..8b5fc00 100644 --- a/physical/nuc.nix +++ b/physical/nuc.nix @@ -6,10 +6,11 @@ { imports = [ + ]; boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; - yorick = { cpu = "intel"; gpu = "intel"; }; + hardware.yorick = { cpu = "intel"; gpu = "intel"; }; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; diff --git a/physical/xps9360.nix b/physical/xps9360.nix index 8cbd31f..59a5129 100644 --- a/physical/xps9360.nix +++ b/physical/xps9360.nix @@ -2,8 +2,9 @@ { imports = [ + ]; - yorick = { cpu = "intel"; gpu = "intel"; laptop = true; }; + hardware.yorick = { cpu = "intel"; gpu = "intel"; laptop = true; }; boot = { diff --git a/roles/common.nix b/roles/default.nix similarity index 90% rename from roles/common.nix rename to roles/default.nix index bd29e9d..b134c3c 100644 --- a/roles/common.nix +++ b/roles/default.nix @@ -2,20 +2,15 @@ let secrets = import ; in { config, pkgs, lib, ...}: let - machine = with lib; head (splitString "." config.networking.hostName); + machine = lib.removeSuffix ".nix" (builtins.baseNameOf ); in { imports = [ - ../roles/hardware.nix ../modules/tor-hidden-service.nix ../modules/nginx.nix - ../roles/pub.nix - ../roles/quassel.nix - ../roles/gogs.nix - ../roles/mail.nix - ../roles/website.nix - ../roles/xmpp.nix + ]; + networking.hostName = secrets.hostnames.${machine}; time.timeZone = "Europe/Amsterdam"; users.mutableUsers = false; users.extraUsers.root = { diff --git a/roles/graphical.nix b/roles/graphical.nix index 462db09..f098c1a 100644 --- a/roles/graphical.nix +++ b/roles/graphical.nix @@ -2,6 +2,7 @@ let secrets = import ; in { config, lib, pkgs, ... }: { + imports = [ ]; options.yorick.support32bit = with lib; mkOption { type = types.bool; default = false; }; config = { diff --git a/roles/server.nix b/roles/server.nix new file mode 100644 index 0000000..ea430a2 --- /dev/null +++ b/roles/server.nix @@ -0,0 +1,8 @@ +{ + imports = [ ]; + + services.nixosManual.enable = false; + + environment.noXlibs = true; + +} diff --git a/roles/workstation.nix b/roles/workstation.nix index 391410a..2cc2b90 100644 --- a/roles/workstation.nix +++ b/roles/workstation.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: { imports = [ - ../roles/graphical.nix + ]; users.extraUsers.yorick.extraGroups = ["input"]; services.redshift = { diff --git a/roles/collectd.nix b/services/collectd.nix similarity index 100% rename from roles/collectd.nix rename to services/collectd.nix diff --git a/services/default.nix b/services/default.nix new file mode 100644 index 0000000..acf564b --- /dev/null +++ b/services/default.nix @@ -0,0 +1,10 @@ +{ + imports = [ + ./gogs.nix + ./mail.nix + ./pub.nix + ./quassel.nix + ./website.nix + ./xmpp.nix + ] +} diff --git a/roles/gogs.nix b/services/gogs.nix similarity index 100% rename from roles/gogs.nix rename to services/gogs.nix diff --git a/roles/graphs.nix b/services/graphs.nix similarity index 100% rename from roles/graphs.nix rename to services/graphs.nix diff --git a/roles/mail.nix b/services/mail.nix similarity index 100% rename from roles/mail.nix rename to services/mail.nix diff --git a/roles/pub.nix b/services/pub.nix similarity index 100% rename from roles/pub.nix rename to services/pub.nix diff --git a/roles/quassel.nix b/services/quassel.nix similarity index 100% rename from roles/quassel.nix rename to services/quassel.nix diff --git a/roles/website.nix b/services/website.nix similarity index 100% rename from roles/website.nix rename to services/website.nix diff --git a/roles/xmpp.nix b/services/xmpp.nix similarity index 100% rename from roles/xmpp.nix rename to services/xmpp.nix