Browse Source

reorganize

master
Yorick van Pelt 2 years ago
parent
commit
be7225c47c
26 changed files with 68 additions and 79 deletions
  1. +12
    -9
      README.md
  2. +1
    -1
      conf
  3. +2
    -7
      logical/ascanius.nix
  4. +2
    -7
      logical/frumar.nix
  5. +2
    -7
      logical/jarvis.nix
  6. +6
    -19
      logical/pennyworth.nix
  7. +7
    -12
      logical/woodhouse.nix
  8. +3
    -3
      physical/default.nix
  9. +2
    -1
      physical/fractal.nix
  10. +2
    -1
      physical/hp8570w.nix
  11. +2
    -1
      physical/kassala.nix
  12. +2
    -1
      physical/nuc.nix
  13. +2
    -1
      physical/xps9360.nix
  14. +3
    -8
      roles/default.nix
  15. +1
    -0
      roles/graphical.nix
  16. +8
    -0
      roles/server.nix
  17. +1
    -1
      roles/workstation.nix
  18. +0
    -0
      services/collectd.nix
  19. +10
    -0
      services/default.nix
  20. +0
    -0
      services/gogs.nix
  21. +0
    -0
      services/graphs.nix
  22. +0
    -0
      services/mail.nix
  23. +0
    -0
      services/pub.nix
  24. +0
    -0
      services/quassel.nix
  25. +0
    -0
      services/website.nix
  26. +0
    -0
      services/xmpp.nix

+ 12
- 9
README.md View File

@@ -7,23 +7,24 @@ Systems
[frumar](https://en.wikipedia.org/wiki/Frumar)
--------

Physical server. Mostly used for files. (storage: 6 TB hdd + 256GB ssd, RAM: 8GB, 2 cores ht)
Physical [server](./roles/server.nix). Mostly used for files. (storage: 6 TB hdd + 256GB ssd, RAM: 8GB, 2 cores ht)

- [git hosting](./roles/gogs.nix)
- [public files](./roles/pub.nix)
- [git hosting](./services/gogs.nix)
- [public files](./services/pub.nix)
- torrents
- [quassel](./roles/quassel.nix)
- [quassel](./services/quassel.nix)

[pennyworth](https://en.wikipedia.org/wiki/Alfred_Pennyworth)
----------

[Server](./roles/server.nix).
VPS (Storage: 80GB, RAM: 1GB, 2 cores)

- [grafana](./roles/graphs.nix)
- [website](./roles/website.nix)
- [email](./roles/mail.nix)
- [prosody](./roles/xmpp.nix)
- [asterisk](./roles/asterisk.nix)
- [grafana](./services/graphs.nix)
- [website](./services/website.nix)
- [email](./services/mail.nix)
- [prosody](./services/xmpp.nix)
- [asterisk](./services/asterisk.nix)

[woodhouse](https://en.wikipedia.org/wiki/List_of_Archer_characters#Recurring_characters)
-----------
@@ -37,6 +38,7 @@ intel nuc connected to the tv (storage: 64GB ssd, RAM: 4GB)
[ascanius](https://en.wikipedia.org/wiki/Frumar)
----------

[workstation](./roles/workstation.nix).
hp elitebook 8570w (RAM: 16GB, 4 cores ht, storage: 256GB ssd + 300GB HDD)

- includes a power saving script
@@ -44,6 +46,7 @@ hp elitebook 8570w (RAM: 16GB, 4 cores ht, storage: 256GB ssd + 300GB HDD)
[jarvis](https://en.wikipedia.org/wiki/Edwin_Jarvis)
--------

[workstation](./roles/workstation.nix).
dell xps 13 (RAM: 16GB, storage: 512GB ssd, 2 cores ht)

- for now, just run powertop --auto-tune after a reboot I guess


+ 1
- 1
conf View File

@@ -5,7 +5,7 @@ then
sudo chgrp nixbld deploy_key
chmod 640 deploy_key
fi
export NIX_PATH="ssh-id-file=`pwd`/deploy_key":secrets=`pwd`/secrets.nix
export NIX_PATH="ssh-id-file=`pwd`/deploy_key":secrets=`pwd`/secrets.nix:yori-nix=`pwd`
case $1 in
git)
export NIX_PATH="nixpkgs=https://github.com/NixOS/nixpkgs/archive/master.tar.gz:nixos-config=`pwd`/logical/$2.nix:$NIX_PATH"


+ 2
- 7
logical/ascanius.nix View File

@@ -1,16 +1,11 @@
{ config, pkgs, ... }:

let secrets = import <secrets>;
in
{
imports =
[ ../physical/hp8570w.nix
../roles/common.nix
../roles/workstation.nix
[ <yori-nix/physical/hp8570w.nix>
<yori-nix/roles/workstation.nix>
];

system.stateVersion = "17.09";
# no, not that Ascanius.
networking.hostName = secrets.hostnames.ascanius;

}

+ 2
- 7
logical/frumar.nix View File

@@ -1,16 +1,11 @@
{ config, pkgs, ... }:
let secrets = import <secrets>;
in
{
imports = [
../physical/fractal.nix
../roles/common.nix
<yori-nix/physical/fractal.nix>
<yori-nix/roles/server.nix>
];


networking.hostName = secrets.hostnames.frumar;

# The NixOS release to be compatible with for stateful data such as databases.
system.stateVersion = "15.09";

services.nginx.enable = true;


+ 2
- 7
logical/jarvis.nix View File

@@ -2,16 +2,11 @@

{
imports =
[ # Include the results of the hardware scan.
../physical/xps9360.nix
../roles/common.nix
../roles/workstation.nix
[ <yori-nix/physical/xps9360.nix>
<yori-nix/roles/workstation.nix>
];

networking.hostName = "jarvis"; # Define your hostname.


# The NixOS release to be compatible with for stateful data such as databases.
system.stateVersion = "17.09";
#networking.enableIPv6 = lib.mkOverride 30 true;



+ 6
- 19
logical/pennyworth.nix View File

@@ -4,27 +4,16 @@

{ config, pkgs, lib, ... }:

let
secrets = import <secrets>;
yoricc = import ../packages/yori-cc.nix;
in
{
imports = [
../physical/kassala.nix
../roles/common.nix
../modules/muflax-blog.nix
<yori-nix/physical/kassala.nix>
<yori-nix/roles/server.nix>
../modules/muflax-blog.nix
];

networking.hostName = secrets.hostnames.pennyworth;

services.nixosManual.enable = false;

environment.noXlibs = true;

networking.enableIPv6 = lib.mkOverride 30 true;

system.stateVersion = "16.03";
yorick = { cpu = null; };
services.nginx.enable = true;
services.yorick = {
@@ -32,11 +21,9 @@ in
mail = {
enable = true;
mainUser = "yorick";
users = {
yorick = with secrets; {
password = yorick_mailPassword;
domains = email_domains;
};
users.yorick = {
password = (import <yori-nix/secrets.nix>).yorick_mailPassword;
domains = ["yori.cc" "yorickvanpelt.nl"];
};
};
xmpp = {


+ 7
- 12
logical/woodhouse.nix View File

@@ -13,26 +13,21 @@ mkFuseMount = device: opts: {
};
in
{
imports =
[ # Include the results of the hardware scan.
../physical/nuc.nix
../roles/common.nix
# ../roles/collectd.nix
../roles/graphical.nix
];
imports = [
<yori-nix/physical/nuc.nix>
<yori-nix/roles/graphical.nix>
];

networking.hostName = secrets.hostnames.woodhouse;

# The NixOS release to be compatible with for stateful data such as databases.
system.stateVersion = "17.09";

# fuse mounts
system.fsPackages = [ pkgs.sshfsFuse ];

fileSystems."/mnt/frumar" = mkFuseMount "yorick@${secrets.hostnames.frumar}:/data/yorick" [];
fileSystems."/mnt/oxygen" = mkFuseMount "yorick@oxygen.obfusk.ch:" [];
fileSystems."/mnt/nyamsas" = mkFuseMount "yorick@nyamsas.quezacotl.nl:" ["port=1337"];

networking.firewall.allowedTCPPorts = [7 8080 9090 9777]; # kodi
# kodi ports
networking.firewall.allowedTCPPorts = [7 8080 9090 9777];

}

roles/hardware.nix → physical/default.nix View File

@@ -1,10 +1,10 @@
{ config, lib, pkgs, ... }:
let cfg = config.yorick; in
let cfg = config.hardware.yorick; in
with lib;
{
options.yorick = {
options.hardware.yorick = {
cpu = mkOption {
type = types.nullOr (types.enum ["intel"]);
type = types.nullOr (types.enum ["intel" "virtual"]);
};
gpu = mkOption {
type = types.nullOr (types.enum ["intel" "nvidia"]);

+ 2
- 1
physical/fractal.nix View File

@@ -6,10 +6,11 @@
{
imports =
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
<yori-nix/physical>
];

boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" ];
yorick.cpu = "intel";
hardware.yorick.cpu = "intel";

# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;


+ 2
- 1
physical/hp8570w.nix View File

@@ -3,10 +3,11 @@
{
imports = [
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
<yori-nix/physical>
./hp8570w/powerdown.nix
];

yorick = { cpu = "intel"; gpu = "nvidia"; laptop = true; };
hardware.yorick = { cpu = "intel"; gpu = "nvidia"; laptop = true; };

boot = {
loader.grub = {


+ 2
- 1
physical/kassala.nix View File

@@ -3,7 +3,7 @@ let
ipconf = (import <secrets>).ipconf.${config.networking.hostName};
in
{
imports = [ ../modules/nixos-in-place.nix ];
imports = [ ../modules/nixos-in-place.nix <yori-nix/physical> ];
"nixos-in-place" = {
enable = true;
rootfs = "/dev/disk/by-uuid/7165e542-0995-474c-a228-9592339e0604";
@@ -44,4 +44,5 @@ in
ip -6 route add default via ${gateway6} || true
'';
nix.maxJobs = lib.mkDefault 2;
hardware.yorick.cpu = "virtual";
}

+ 2
- 1
physical/nuc.nix View File

@@ -6,10 +6,11 @@
{
imports =
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
<yori-nix/physical>
];

boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
yorick = { cpu = "intel"; gpu = "intel"; };
hardware.yorick = { cpu = "intel"; gpu = "intel"; };

boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;


+ 2
- 1
physical/xps9360.nix View File

@@ -2,8 +2,9 @@
{
imports = [
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
<yori-nix/physical>
];
yorick = { cpu = "intel"; gpu = "intel"; laptop = true; };
hardware.yorick = { cpu = "intel"; gpu = "intel"; laptop = true; };


boot = {


roles/common.nix → roles/default.nix View File

@@ -2,20 +2,15 @@ let secrets = import <secrets>;
in
{ config, pkgs, lib, ...}:
let
machine = with lib; head (splitString "." config.networking.hostName);
machine = lib.removeSuffix ".nix" (builtins.baseNameOf <nixos-config>);
in
{
imports = [
../roles/hardware.nix
../modules/tor-hidden-service.nix
../modules/nginx.nix
../roles/pub.nix
../roles/quassel.nix
../roles/gogs.nix
../roles/mail.nix
../roles/website.nix
../roles/xmpp.nix
<yori-nix/services>
];
networking.hostName = secrets.hostnames.${machine};
time.timeZone = "Europe/Amsterdam";
users.mutableUsers = false;
users.extraUsers.root = {

+ 1
- 0
roles/graphical.nix View File

@@ -2,6 +2,7 @@ let secrets = import <secrets>;
in
{ config, lib, pkgs, ... }:
{
imports = [ <yori-nix/roles> ];
options.yorick.support32bit = with lib;
mkOption { type = types.bool; default = false; };
config = {


+ 8
- 0
roles/server.nix View File

@@ -0,0 +1,8 @@
{
imports = [ <yori-nix/roles> ];
services.nixosManual.enable = false;

environment.noXlibs = true;

}

+ 1
- 1
roles/workstation.nix View File

@@ -1,7 +1,7 @@
{ config, lib, pkgs, ... }:
{
imports = [
../roles/graphical.nix
<yori-nix/roles/graphical.nix>
];
users.extraUsers.yorick.extraGroups = ["input"];
services.redshift = {


roles/collectd.nix → services/collectd.nix View File


+ 10
- 0
services/default.nix View File

@@ -0,0 +1,10 @@
{
imports = [
./gogs.nix
./mail.nix
./pub.nix
./quassel.nix
./website.nix
./xmpp.nix
]
}

roles/gogs.nix → services/gogs.nix View File


roles/graphs.nix → services/graphs.nix View File


roles/mail.nix → services/mail.nix View File


roles/pub.nix → services/pub.nix View File


roles/quassel.nix → services/quassel.nix View File


roles/website.nix → services/website.nix View File


roles/xmpp.nix → services/xmpp.nix View File


Loading…
Cancel
Save