From 9d6523abf523706cc36e1e930ed136e1c12a8050 Mon Sep 17 00:00:00 2001 From: Fiscal Velvet Poet Date: Tue, 5 Mar 2024 23:05:20 +1000 Subject: [PATCH] pred: initial commit of new host --- hardware/binaryLane_vm.nix | 51 ++++++++++++++++++++++++++++++++++++ nixos/hosts/pred/default.nix | 33 +++++++++++++++++++++++ outputs.nix | 6 +++++ secrets/fiscalvelvetpoet.age | 29 ++++++++++---------- secrets/forgejo.age | 20 +++++++------- secrets/root.age | 27 ++++++++++--------- secrets/secrets.nix | 1 + 7 files changed, 130 insertions(+), 37 deletions(-) create mode 100644 hardware/binaryLane_vm.nix create mode 100644 nixos/hosts/pred/default.nix diff --git a/hardware/binaryLane_vm.nix b/hardware/binaryLane_vm.nix new file mode 100644 index 0000000..9715f83 --- /dev/null +++ b/hardware/binaryLane_vm.nix @@ -0,0 +1,51 @@ +# Configuration common to all Reciproka Kolektivo Binary Lane VMs +{ + config, + pkgs, + lib, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") # Import the NixOS Qemu guest settings + ../profiles/host_common.nix + ../profiles/server_common.nix + ]; + + boot = { + initrd = { + availableKernelModules = ["ata_piix" "sr_mod" "uhci_hcd" "virtio_blk" "virtio_pci"]; + }; + loader = { + grub = { + enable = true; + device = "/dev/vda"; + }; + }; + }; + + # File systems configuration for the Linode VMs + fileSystems."/" = { + device = "/dev/disk/by-label/nixos"; + fsType = "ext4"; + }; + + swapDevices = [ + { + device = "/dev/disk/by-label/swap"; + } + ]; + + nix.settings.max-jobs = lib.mkDefault 4; + + networking = { + domain = "reciproka.co"; + useDHCP = lib.mkDefault true; + firewall = { + enable = true; + trustedInterfaces = ["lo"]; + }; + }; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/nixos/hosts/pred/default.nix b/nixos/hosts/pred/default.nix new file mode 100644 index 0000000..37ebdf8 --- /dev/null +++ b/nixos/hosts/pred/default.nix @@ -0,0 +1,33 @@ +# NixOS configuration for pred +# +# , AKA Michael Carlton or just "pred", was an Australian +# anarcho-sydnicalist who helped set up Catalyst, a radical community activist +# tech collective in Sydney, Australia. They went on to provide information +# technology services for a wide range of activist and commmunity based +# organisations around both Sydney and Australia. In the process, knowledge was +# shared, skills were learned and taught - from building and maintaining +# hardware to writing computer code. It was from this original initiative that +# an open-posting model of web publishing was developed for the J18 protest +# that occured worldwide in 1999. The codebase was named 'Active' and went on +# to power the first Indymedia site. As they say, "the rest is history." +# +# Rest in Power, Pred, we miss ya. +# +# https://archive.org/stream/PredTxt/Pred-txt_djvu.txt +# https://indymedia.org.au/2012/04/25/interview-with-pred-predaor-mike-carlton.html +# https://www.youtube.com/watch?v=Cfe3ExZivdQ +{ + config, + pkgs, + ... +}: { + imports = [ + ../../../hardware/binaryLane_vm.nix + ]; + + # Comment out deployment when building the SD Image. + deployment.targetHost = "203.57.51.158"; + networking.hostName = "pred"; # Define your hostname. + + system.stateVersion = "23.11"; # The version of NixOS originally installed +} diff --git a/outputs.nix b/outputs.nix index 33f3421..f7f1586 100644 --- a/outputs.nix +++ b/outputs.nix @@ -38,6 +38,12 @@ in { ragenix.nixosModules.default ]; }; + pred = { + imports = [ + ./nixos/hosts/pred + ragenix.nixosModules.default + ]; + }; toscano = { imports = [ ./nixos/hosts/toscano/configuration.nix diff --git a/secrets/fiscalvelvetpoet.age b/secrets/fiscalvelvetpoet.age index 9fc2784..41ec06d 100644 --- a/secrets/fiscalvelvetpoet.age +++ b/secrets/fiscalvelvetpoet.age @@ -1,16 +1,17 @@ -----BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFAvWjlQZyBXZGxN -eVRsL3QyT1BPc1dOWmt4Z213czlHV1gwV0JldkRQREZ1YkZtRjNnCm9yMlpSV1dK -R2szbEtnQ2tUOXJzWGMyUk9BQldkbjVCa1RwejJ6U01JdGsKLT4gc3NoLWVkMjU1 -MTkgUWQwZXBRIFJ0TmhHZHVqam1wWkFRbUFHSWFEYk9CbzVmWnYwUWtjZ3hsQ3Z5 -Y1JYRDgKajR1a3Nnay9SeFlId2ZDTDd6VVNlZXRpY0h3cTh0R3ExUWRRcGovbVl3 -cwotPiBzc2gtZWQyNTUxOSBmNVRoQWcgN3BhVlk2Q0Z4RksvL1dLUmhCZFd1VUNs -ZmtqREtpMDAzWkRyMGZML016cwpKKzloVUxLWWcxcjZOQ2czaSt1b1hqTkFrSUc2 -bUJUV2crYUl3TVhQUzBzCi0+IDxSI243aidNLWdyZWFzZSBPIVk1J2QKa3RGampV -dlBKMitIV0ltUGhDNFcwK0c5dGFOSHJaRjlRZUppNXJPbmFFZnkwZkZKOHBmMk9P -ZmV2L1NZbzF5Kwo3Vlk5Ci0tLSA3MkZtc2V5QXRBLzg3eTNGZkRTZVo4K1hQbkR5 -cDUwakRsMjBXWms1U0YwCuls+HqLpYE1XR6thkvMuUi/HALGGLyrzLhgDQp/2fDd -qf27fBHxGH+LUVE/AtkcEuYvqRGOV92MFHP42wARbzTHPoT+JEtbJH9pghCRHE8l -Zi52BJ+9Erk+AGvDyS02ziP5bstBs2uWt9y143tjuZAPLEcKAeWaPmUzxpj+zd4w -3/5keHREdbw9xhJiXYYz55K26V/vyqHm9fz5tP32GhN0 +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFAvWjlQZyB4MEY0 +aUltV21JME9tcFBhRzhJQ1VqUEtyaFZwT1Rsc0pnUkhTbnVxUm1rCjFXZUNtMVV5 +YzFwSzVwMlZmZEFLempSS3RyVXhxUXBPMDJFZ1ZCMnNyeVUKLT4gc3NoLWVkMjU1 +MTkgUWQwZXBRIEhoOXN0NkVuaDdhOEhrcjh2ZzNTRUNwclFNQ29CeTBsMmRtV3Jy +SFc1Z28KcGRJL1VIZnZaYm4wWURuU1VwSDVyQUZWMjlQeDZqVCtLRlZWTW5PSytM +dwotPiBzc2gtZWQyNTUxOSBmNVRoQWcgREIzQkNUcVY2bUNwckU5SjBYMVZFQkpF +TG1FVVJmd1RPRFRpQjZ6bjV3SQpoNVA5TkJ5MWVoTzUydG85M2YxbWM3b0lPbDJl +UnZ0U1BiejRQU2xIZlRrCi0+ICxuQXgnZC1ncmVhc2UgIXxMTFZpPXYKLzdCaWhl +WXlXSFgrT0hYampkRkl0Z0dBQzhNR0pYR3hRNTdncDBJbGZKd2F1Y0wvM0g4bGJs +NUwvUUpwL2Vycgp3ZjBGRXpRNVB5ZU50OWdacWx3blhSSnBBQQotLS0gejhLWElM +ZVNxNG9jY2loek9PWStadm5XdVJ3c0N2Nk4wald6Y3BkcUV4ZwptbI7LcKE5OKmc +GZKvX5TfnEwLVTzTzN0Ns4HIZwwnErRxwlXDbbX1LnAxgcO0ZRXd1xAxXTsz/s53 +IycJiQkPPCYynSV3OcYyQmXUxqXI0/fNFURjBvUWwrlI7aKfh8dOTbi6AtbDam8R +RdTw0H0os2NWH0p7KlqrVKo9vfkMekssfDS0OW/kFBj8tNKn82cP88pMqca7MwEQ +uMZ5Bn8kow== -----END AGE ENCRYPTED FILE----- diff --git a/secrets/forgejo.age b/secrets/forgejo.age index 0fe9805..73b98bc 100644 --- a/secrets/forgejo.age +++ b/secrets/forgejo.age @@ -1,12 +1,12 @@ -----BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFAvWjlQZyB1VGRL -OHRURUVFSjhzMmRmQWI1MnNrMUJDNlVEeHYrTTNQN0syV0xNSHlFCnBLSFNIMUpw -akZZenB4WWNwRWZ1WHh3ZmZURkZDUmR3WVFHMC9QZXZSZTQKLT4gc3NoLWVkMjU1 -MTkgZjVUaEFnIDIvUmk5NTZ2N29zRTE4MG9NRjk2VEtZbHdMZ3U4bHpVMnFCbHgr -NXlXMUkKcmtkVE4rRnRyWGRDd1RVK2djVlkxRnArQWJSOTJRTEIySjRKZUtvYWtB -dwotPiBhdi1ncmVhc2UgeFlgICp7MXZ4ClBBVUUzQTVKMDFZMVFUdlRvUE9GaXFv -clBVUlcvTDhmMVpCWHdjenJpTlIrNlJ6MDJZZTFEWE5QN3Y1dUFFZDMKYWdRaWor -Nk1lSzZoZFlGSG1WVTVxTVRJdjlmNFdGK3k2RnMKLS0tIE5Dcmh2THcvWmNCbXVS -V3lIbHB6UVlnUm10TjhRMURvbEFVdVhURVM0UGcKQ9Mo+lNHm5eeutxfecchV7Yb -593Y2GZGoxQTzIWXoWZkzPkeDxLOpUk+OTkgnNclDJ9xPXyanTSS +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFAvWjlQZyBTdmph +NDNlY24xZXBSc2w2ZjN5K3l6YXkyNXhiK1g3djdwK3g4MmdrOEdZClU4UWt4Z0U2 +NkRLYWxqL05vbEpQVkk2RXFRTlBWWHBQd2JjYWtZZFVIS3cKLT4gc3NoLWVkMjU1 +MTkgZjVUaEFnIEl0RGoxVlVzKzhabkJuU010NG1yNEN6U2l0S3EvSHBvWDNIcDlm +WG9jQTQKMExHeXN0eHVtRVhhMHN0UDZrNXl0MVlsUkJzaXdBeEU4cE5vTjVqSTVF +bwotPiBuMFhTMy1ncmVhc2UgdVxmMG0rID1IMDx9IEB9RgpaQnNDaElQZ0x6K1ht +WjYvWlNPUmcvdVExWFpnbk1HNWt0Rm5Za0dHTmdLVm9nZm8vNnhNdldLS040bUQ3 +dUZXCjdCT1ZCZwotLS0gZk1paHJBbUlJRzJUU3dqYlE3Z1hwYXd2YmlHUmtCbENB +L2d3cGh0UldWbwpD4cbpEnC0tJAGBF7MpnYC9PsCg/JltTzUA6zbMDUWtsozxG1z +2PkX1DKolXm01W2qeTQl2p5mlFk= -----END AGE ENCRYPTED FILE----- diff --git a/secrets/root.age b/secrets/root.age index f976633..7245425 100644 --- a/secrets/root.age +++ b/secrets/root.age @@ -1,15 +1,16 @@ -----BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFAvWjlQZyBaeFBB -cWc4V2pHNU40Q0xMRXgxRVdFZWRRZTh5NDhPNlhDZEd3Tk4zc0c4CmJrSTFoanBw -dG9pYmJIVCs2TzkxazJjV1ptRzlSZkRmU2NGT0dtWkZHR0kKLT4gc3NoLWVkMjU1 -MTkgUWQwZXBRIFdBWmljU0F0U3UrWXEyZnl2MGY5VThxVmE1QkwyMmswRVRFRGFl -YnpYMDQKekZQOTFQeStBUTNTSW1ibUdHM05YSDBxUFY4dGVhTkpHejUwTklCTUpM -YwotPiBzc2gtZWQyNTUxOSBmNVRoQWcgSzAzMGFvVERReU1nRVhvdHdVK0FzajJj -VFZ3aXY1aWl1UW5ReDl4VHBrMApJYm9iRlVQUGNPWlpxcy9MTExhcnZrT0J6UDE0 -WUtTTUduOFlPNVFZTUs0Ci0+IHhxKC1ncmVhc2UgWl9vNyA7NilCVVshWSBEcEgv -RGBpIGgmWAoxVjVrRHVndzI4MmJhN3EwQVEKLS0tIFJabHFPdmtseWhyaTBjV1o0 -Zm1LVEJZY0F0NFJuZUk0anhGdTRkVlFOMmcKRtPfpCjUf05Jnow5FU3OvZc3FLGm -R462mLJoaBg4qhPr7+kxYRrGy2T0yoZLdglOJV4rHwvYWpNglY1o2Jo+I/mG1yAd -F+afAb9mQVYreWyQuj7t71Vm1VUdQrsG85lFxdbLbS7ZzITCOrjejgoj6wMPwAgl -iPHgOccOAPoiDQTSOdGEm3H4k8we/HSfpW7cPowwExtQCK7PSs30XeJsg4o= +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IFAvWjlQZyBXTG1K +OE15S2ZkZXd6RTc5R3JZeGU0YjF2TVhLOE1jYW1TWDRFSFdadkVzCmQ5TXUvb2d3 +ZldYcEdhYnFuVzVLcXozakNDOXUrdFNweGpBRVF5cUVLU28KLT4gc3NoLWVkMjU1 +MTkgUWQwZXBRIG0wNk1YYzdUSE1WS1RJanBJK1IvZUpxaC9NVHp0Z2JyRkJxSlEy +VnhJRW8KVUxDNTJ1cXNLRXFDcFZtMk9Lb2NFaVhsWENCSHhDbjh3c1dBMnlnRytm +WQotPiBzc2gtZWQyNTUxOSBmNVRoQWcgajU4b1R2blEzaUovTkFJcHBkV01OWTVN +cVlROVY3V2szUTJkbnh1cnpHUQpZbVVXaGpDaWdNcEJhVjNxa3BOaThDbnEyWGdQ +R3BXL21Cb0FmU2NQMHJVCi0+IFlFOWEtZ3JlYXNlIF9Ud3hhIDh7IF80Pi8KMWhF +dWszMTVpNDNaQU1KZUx4ZVhtc0xuVFBQUGVQSzUrUjF5NjdBd0xhbnJ0U3VveHJv +TGRDWmdQVUlZVWlvagptUmYwRlNHSWxJYUEvZwotLS0gSGhiMkN3eWFRQnNnaWNN +NFVySCs5R1NGelg4ckx1S09HcDBaVGZUZlpJNApJ6FRxoquBSUxeI/k7qfrV1TFN +KjENnVJPTQ+toUC0nsZnsseJbcudpbZbkihaObqqAsDuB2gvWiyNMuBbDLAGgjRz +oYJTSO9LLXLINo/oQOdVaASuviMrtZy/zOVYkQCKdlUo4EouFLYnJ2k6KWUCUXcp +CrMAZv/DU/uetOr1JYKaRxsvIn8j92PHOkkuh7oGb7UpXpxlrRWDiemTe3qfiw== -----END AGE ENCRYPTED FILE----- diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 2d39616..b71b71a 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -11,6 +11,7 @@ let users = [fiscalvelvetpoet]; flemming = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK16f3Fjj0BY9vjtXahezMAP3I329hHEQXCceRTkr+Yu"; + pred = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMK5BOK1ldtZ+SV4QxfNm/PfOLOWv3/VHf/JbdMMoMzw"; toscano = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGWcukRkNUQUbgXQle8q9xszDZOnDf3BVpPSFgycJVVE"; systems = [flemming toscano]; in {