forked from rarias/jungle
		
	Compare commits
	
		
			9 Commits
		
	
	
		
			7a850ecfbc
			...
			6a6929fa39
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 6a6929fa39 | |||
| cdebb58971 | |||
| 8ee391ed42 | |||
| 13330eb537 | |||
| ea4cc89d17 | |||
| 366615774f | |||
| 23ec609737 | |||
| 00456a86b7 | |||
| e42058f08b | 
| @ -11,11 +11,13 @@ | |||||||
|     ./base/hw.nix |     ./base/hw.nix | ||||||
|     ./base/net.nix |     ./base/net.nix | ||||||
|     ./base/nix.nix |     ./base/nix.nix | ||||||
|  |     ./base/sys-devices.nix | ||||||
|     ./base/ntp.nix |     ./base/ntp.nix | ||||||
|     ./base/rev.nix |     ./base/rev.nix | ||||||
|     ./base/ssh.nix |     ./base/ssh.nix | ||||||
|     ./base/users.nix |     ./base/users.nix | ||||||
|     ./base/watchdog.nix |     ./base/watchdog.nix | ||||||
|     ./base/zsh.nix |     ./base/zsh.nix | ||||||
|  |     ./base/fish.nix | ||||||
|   ]; |   ]; | ||||||
| } | } | ||||||
|  | |||||||
| @ -5,6 +5,8 @@ | |||||||
|     vim wget git htop tmux pciutils tcpdump ripgrep nix-index nixos-option |     vim wget git htop tmux pciutils tcpdump ripgrep nix-index nixos-option | ||||||
|     nix-diff ipmitool freeipmi ethtool lm_sensors cmake gnumake file tree |     nix-diff ipmitool freeipmi ethtool lm_sensors cmake gnumake file tree | ||||||
|     ncdu config.boot.kernelPackages.perf ldns pv |     ncdu config.boot.kernelPackages.perf ldns pv | ||||||
|  |     nix-output-monitor | ||||||
|  |     nixfmt-rfc-style | ||||||
|     # From bsckgs overlay |     # From bsckgs overlay | ||||||
|     osumb |     osumb | ||||||
|   ]; |   ]; | ||||||
|  | |||||||
							
								
								
									
										4
									
								
								m/common/base/fish.nix
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								m/common/base/fish.nix
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,4 @@ | |||||||
|  | { ... }: | ||||||
|  | { | ||||||
|  |   programs.fish.enable = true; | ||||||
|  | } | ||||||
							
								
								
									
										9
									
								
								m/common/base/sys-devices.nix
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										9
									
								
								m/common/base/sys-devices.nix
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,9 @@ | |||||||
|  | { | ||||||
|  |   nix.settings.system-features = [ "sys-devices" ]; | ||||||
|  | 
 | ||||||
|  |   programs.nix-required-mounts.enable = true; | ||||||
|  |   programs.nix-required-mounts.allowedPatterns.sys-devices.paths = [ | ||||||
|  |     "/sys/devices/system/cpu" | ||||||
|  |     "/sys/devices/system/node" | ||||||
|  |   ]; | ||||||
|  | } | ||||||
| @ -87,6 +87,12 @@ | |||||||
|         openssh.authorizedKeys.keys = [ |         openssh.authorizedKeys.keys = [ | ||||||
|           "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIIFiqXqt88VuUfyANkZyLJNiuroIITaGlOOTMhVDKjf abonerib@bsc" |           "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIIFiqXqt88VuUfyANkZyLJNiuroIITaGlOOTMhVDKjf abonerib@bsc" | ||||||
|         ]; |         ]; | ||||||
|  |         shell = pkgs.fish; | ||||||
|  |         packages = with pkgs; [ | ||||||
|  |           starship | ||||||
|  |           jujutsu | ||||||
|  |           neovim | ||||||
|  |         ]; | ||||||
|       }; |       }; | ||||||
| 
 | 
 | ||||||
|       vlopez = { |       vlopez = { | ||||||
|  | |||||||
| @ -27,7 +27,7 @@ | |||||||
|           name = "apex"; |           name = "apex"; | ||||||
|           publicKey = "VwhcN8vSOzdJEotQTpmPHBC52x3Hbv1lkFIyKubrnUA="; |           publicKey = "VwhcN8vSOzdJEotQTpmPHBC52x3Hbv1lkFIyKubrnUA="; | ||||||
|           # List of IPs assigned to this peer within the tunnel subnet. Used to configure routing. |           # List of IPs assigned to this peer within the tunnel subnet. Used to configure routing. | ||||||
|           allowedIPs = [ "10.106.0.30/32" ]; |           allowedIPs = [ "10.106.0.30/32" "10.0.40.7/32" ]; | ||||||
|         } |         } | ||||||
|         { |         { | ||||||
|           name = "raccoon"; |           name = "raccoon"; | ||||||
| @ -40,6 +40,7 @@ | |||||||
| 
 | 
 | ||||||
|   networking.hosts = { |   networking.hosts = { | ||||||
|     "10.106.0.30" = [ "apex" ]; |     "10.106.0.30" = [ "apex" ]; | ||||||
|  |     "10.0.40.7" = [ "hut" ]; | ||||||
|     "10.106.0.236" = [ "raccoon" ]; |     "10.106.0.236" = [ "raccoon" ]; | ||||||
|     "10.0.44.4" = [ "tent" ]; |     "10.0.44.4" = [ "tent" ]; | ||||||
|   }; |   }; | ||||||
|  | |||||||
| @ -4,6 +4,7 @@ | |||||||
|   imports = [ |   imports = [ | ||||||
|     ../common/ssf.nix |     ../common/ssf.nix | ||||||
|     ../module/hut-substituter.nix |     ../module/hut-substituter.nix | ||||||
|  |     ./virtualization.nix | ||||||
|   ]; |   ]; | ||||||
| 
 | 
 | ||||||
|   # Select this using the ID to avoid mismatches |   # Select this using the ID to avoid mismatches | ||||||
| @ -30,4 +31,5 @@ | |||||||
|       prefixLength = 24; |       prefixLength = 24; | ||||||
|     } ]; |     } ]; | ||||||
|   }; |   }; | ||||||
|  | 
 | ||||||
| } | } | ||||||
|  | |||||||
							
								
								
									
										40
									
								
								m/weasel/virtualization.nix
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										40
									
								
								m/weasel/virtualization.nix
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,40 @@ | |||||||
|  | { | ||||||
|  |   lib, | ||||||
|  |   pkgs, | ||||||
|  |   config, | ||||||
|  |   ... | ||||||
|  | }: | ||||||
|  | 
 | ||||||
|  | { | ||||||
|  |   # Enable common container config files in /etc/containers | ||||||
|  |   virtualisation.containers.enable = true; | ||||||
|  |   virtualisation = { | ||||||
|  |     podman = { | ||||||
|  |       enable = true; | ||||||
|  | 
 | ||||||
|  |       # Required for containers under podman-compose to be able to talk to each other. | ||||||
|  |       defaultNetwork.settings.dns_enabled = true; | ||||||
|  |     }; | ||||||
|  |   }; | ||||||
|  | 
 | ||||||
|  |   # We cannot use /home since nfs does not support fileattrs needed by podman | ||||||
|  |   systemd.tmpfiles.settings = { | ||||||
|  |     "podman-users" = lib.mapAttrs' ( | ||||||
|  |       name: value: | ||||||
|  |       lib.nameValuePair ("/var/lib/podman-users/" + name) { | ||||||
|  |         d = { | ||||||
|  |           group = value.group; | ||||||
|  |           mode = value.homeMode; | ||||||
|  |           user = name; | ||||||
|  |         }; | ||||||
|  |       } | ||||||
|  |     ) (lib.filterAttrs (_: x: x.isNormalUser) config.users.users); | ||||||
|  |   }; | ||||||
|  | 
 | ||||||
|  |   # Useful other development tools | ||||||
|  |   environment.systemPackages = with pkgs; [ | ||||||
|  |     dive # look into docker image layers | ||||||
|  |     podman-tui # status of containers in the terminal | ||||||
|  |     podman-compose # start group of containers for dev | ||||||
|  |   ]; | ||||||
|  | } | ||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user