From 71fa4110fade5cafe0f1ec4c4a67f0b8bef86a35 Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Mon, 30 Oct 2023 11:21:26 +0200 Subject: feat(users/flokli): add archeology-ec2 This add the EC2 box config to the repo. Change-Id: Id7a888a2cfbf1454cd9f9465018df377e14b4e9f Reviewed-on: https://cl.tvl.fyi/c/depot/+/9836 Tested-by: BuildkiteCI Reviewed-by: flokli --- users/flokli/nixos/archeology-ec2/OWNERS | 1 + .../flokli/nixos/archeology-ec2/configuration.nix | 26 ++++++++++++++++ .../archeology-ec2/hardware-configuration.nix | 36 ++++++++++++++++++++++ users/flokli/nixos/default.nix | 10 ++++-- 4 files changed, 70 insertions(+), 3 deletions(-) create mode 100644 users/flokli/nixos/archeology-ec2/OWNERS create mode 100644 users/flokli/nixos/archeology-ec2/configuration.nix create mode 100644 users/flokli/nixos/archeology-ec2/hardware-configuration.nix diff --git a/users/flokli/nixos/archeology-ec2/OWNERS b/users/flokli/nixos/archeology-ec2/OWNERS new file mode 100644 index 000000000000..b9bc074a8020 --- /dev/null +++ b/users/flokli/nixos/archeology-ec2/OWNERS @@ -0,0 +1 @@ +edef diff --git a/users/flokli/nixos/archeology-ec2/configuration.nix b/users/flokli/nixos/archeology-ec2/configuration.nix new file mode 100644 index 000000000000..2864952e63a4 --- /dev/null +++ b/users/flokli/nixos/archeology-ec2/configuration.nix @@ -0,0 +1,26 @@ +{ depot, pkgs, modulesPath, ... }: + +{ + imports = [ + "${modulesPath}/virtualisation/amazon-image.nix" + ]; + + # Use the TVL binary cache + tvl.cache.enable = true; + + networking.hostName = "archeology-ec2"; + + services.clickhouse.enable = true; + + services.openssh.enable = true; + + users.users.root.openssh.authorizedKeys.keys = [ + "cert-authority ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCvb/7ojfcbKvHIyjnrNUOOgzy44tCkgXY9HLuyFta1jQOE9pFIK19B4dR9bOglPKf145CCL0mSFJNNqmNwwavU2uRn+TQrW+U1dQAk8Gt+gh3O49YE854hwwyMU+xD6bIuUdfxPr+r5al/Ov5Km28ZMlHOs3FoAP0hInK+eAibioxL5rVJOtgicrOVCkGoXEgnuG+LRbOYTwzdClhRUxiPjK8alCbcJQ53AeZHO4G6w9wTr+W5ILCfvW4OmUXCX01sKzaBiQuuFCF6M/H4LlnsPWLMra2twXxkOIhZblwC+lncps9lQaUgiD4koZeOCORvHW00G0L39ilFbbnVcL6Itp/m8RRWm/xRxS4RMnsdV/AhvpRLrhL3lfQ7E2oCeSM36v1S9rdg6a47zcnpL+ahG76Gz39Y7KmVRQciNx7ezbwxj3Q5lZtFykgdfGIAN+bT8ijXMO6m68g60i9Bz4IoMZGkiJGqMYLTxMQ+oRgR3Ro5lbj7E11YBHyeimoBYXYGHMkiuxopQZ7lIj3plxIzhmUlXJBA4jMw9KGHdYaLhaicIYhvQmCTAjrkt2HvxEe6lU8iws2Qv+pB6tAGundN36RVVWAckeQPZ4ZsgDP8V2FfibZ1nsrQ+zBKqaslYMAHs01Cf0Hm0PnCqagf230xaobu0iooNuXx44QKoDnB+w== edef" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTVTXOutUZZjXLB0lUSgeKcSY/8mxKkC0ingGK1whD2 flokli" + ]; + + system.stateVersion = "23.05"; # Did you read the comment? + + environment.systemPackages = [ pkgs.helix pkgs.kakoune pkgs.tmux ]; +} + diff --git a/users/flokli/nixos/archeology-ec2/hardware-configuration.nix b/users/flokli/nixos/archeology-ec2/hardware-configuration.nix new file mode 100644 index 000000000000..7b3d79d70a5d --- /dev/null +++ b/users/flokli/nixos/archeology-ec2/hardware-configuration.nix @@ -0,0 +1,36 @@ +{ lib, modulesPath, ... }: + +{ + imports = + [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { + device = "/dev/disk/by-partlabel/root"; + fsType = "xfs"; + }; + + fileSystems."/boot" = + { + device = "/dev/disk/by-partlabel/boot"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/users/flokli/nixos/default.nix b/users/flokli/nixos/default.nix index b4ed22ed595a..eec0c974ecba 100644 --- a/users/flokli/nixos/default.nix +++ b/users/flokli/nixos/default.nix @@ -1,9 +1,6 @@ { depot, pkgs, lib, ... }: let - inherit (depot.users.flokli.nixos) - archeology; - systemFor = sys: (depot.ops.nixos.nixosFor sys).system; # assumes `name` is configured appropriately in your .ssh/config @@ -22,10 +19,17 @@ rec { ]; })).config.system.build.toplevel; + archeologyEc2System = (depot.ops.nixos.nixosFor ({ ... }: { + imports = [ + ./archeology-ec2/configuration.nix + ]; + })).config.system.build.toplevel; + shell = pkgs.mkShell { name = "flokli-nixos-shell"; packages = [ (deployScript "archeology" archeologySystem) + (deployScript "archeology-ec2" archeologyEc2System) ]; }; } -- cgit 1.4.1