Merge pull request #12 from randomizedcoder/2025_01_26

2025 01 26

Author: randomizedcoder

Makefile

@@ -24,6 +24,7 @@ hosts:
 	cp ./modules/hosts.nix ./laptops/t14/hosts.nix
 
 	cp ./modules/hosts.nix ./arm/pi5-1-os/hosts.nix
+	cp ./modules/hosts.nix ./chromebox/chromebox3/hosts.nix
 
 #all: hp0 hp1 hp2 hp3 hp4 hp5
 

chromebox/chromebox3/Makefile

@@ -0,0 +1,40 @@
+#
+# nixos/chromebox/chromebox3/Makefile
+#
+EXPECTED_HOSTNAME := chromebox3
+
+ACTUAL_HOSTNAME := $(shell hostname)
+
+all: check_hostname rebuild
+
+check_hostname:
+ifeq ($(ACTUAL_HOSTNAME),$(EXPECTED_HOSTNAME))
+	@echo "Hostnames match: $(ACTUAL_HOSTNAME)"
+else
+	@echo "Error: Hostname does not match. Expected: $(EXPECTED_HOSTNAME), Got: $(ACTUAL_HOSTNAME)"
+	@exit 1
+endif
+
+rebuild:
+	#sudo cp /home/das/nixos/modules/* /etc/nixos/
+	#sudo cp ./*.nix /etc/nixos/
+	#sudo nix-channel --update
+	#sudo nixos-rebuild switch
+	sudo nix flake update;
+	sudo nix-channel --update;
+	sudo nixos-rebuild switch --flake .
+
+try:
+	nix run github:nix-community/nixos-anywhere -- --flake '.#chromebox3' --target-host [email protected]
+#nix run github:nix-community/nixos-anywhere -- --flake '.#chromebox3' --target-host root@chromebox3
+
+gen_hardware:
+	nix run github:numtide/nixos-anywhere -- -f '.#chromebox3' --generate-hardware-config nixos-generate-config ./hardware-configuration.nix
+
+# minutes 10:58
+# https://www.youtube.com/watch?v=U_UwzMhixr8
+vmtest:
+	sudo nix flake update;
+	sudo nix flake lock;
+#nix run github:numtide/nixos-anywhere -- -f '.#chromebox3' --vm-test --generate-hardware-config nixos-generate-config ./hardware-configuration.nix
+	nix run github:numtide/nixos-anywhere -- -f '.#chromebox3' --vm-test

hp3/configuration.nix renamed to chromebox/chromebox3/configuration.nix

@@ -16,62 +16,75 @@
 {
   # https://nixos.wiki/wiki/NixOS_modules
   imports =
-    [ # Include the results of the hardware scan.
-      ./hardware-configuration.nix
-      # sudo nix-channel --add https://github.com/nix-community/home-manager/archive/release-23.11.tar.gz home-manager
-      # sudo nix-channel --update
-      <home-manager/nixos>
-      #
+    [
+      ./disko-chromebox3.nix
       ./sysctl.nix
-      ./wireless.nix
-      ./hosts.nix
-      ./firewall.nix
       ./il8n.nix
-      #./systemdSystem.nix
       ./systemPackages.nix
-      ./home-manager.nix
+      ./hosts.nix
       ./nodeExporter.nix
-      ./prometheus.nix
-      ./grafana.nix
       ./docker-daemon.nix
+      #./k8s_master.nix
+      ./k3s_master.nix
+      #./k3s_node.nix
     ];
 
-  # Bootloader.
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
+  boot.loader.grub = {
+    # no need to set devices, disko will add all devices that have a EF02 partition to the list already
+    # devices = [ ];
+    efiSupport = true;
+    efiInstallAsRemovable = true;
+  };
+
+  #boot.loader.efi.canTouchEfiVariables = true;
 
   # https://nixos.wiki/wiki/Linux_kernel
-  boot.kernelPackages = pkgs.linuxPackages_latest;
-  #boot.kernelPackages = pkgs.linuxPackages_rpi4
+  boot.kernelPackages = pkgs.linuxPackages;
+  #boot.kernelPackages = pkgs.linuxPackages_latest;
+
+  nix = {
+    gc = {
+      automatic = true;                     # Enable automatic execution of the task
+      dates = "weekly";                     # Schedule the task to run weekly
+      options = "--delete-older-than 10d";  # Specify options for the task: delete files older than 10 days
+      randomizedDelaySec = "14m";           # Introduce a randomized delay of up to 14 minutes before executing the task
+    };
+    settings = {
+      auto-optimise-store = true;
+      experimental-features = [ "nix-command" "flakes" ];
+    };
+  };
 
   # https://nixos.wiki/wiki/Networking
   # https://nlewo.github.io/nixos-manual-sphinx/configuration/ipv4-config.xml.html
-  networking.hostName = "hp3";
+  networking.hostName = "chromebox3";
+
+  services.lldpd.enable = true;
 
   # Configure network proxy if necessary
   # networking.proxy.default = "http://user:password@proxy:port/";
   # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
 
   networking.networkmanager.enable = false;
 
-  networking.interfaces.enp1s0f0.useDHCP = false;
-  networking.interfaces.enp1s0f1.useDHCP = false;
-  boot.kernel.sysctl."net.ipv6.conf.enp1s0f0.disable_ipv6" = true;
-  boot.kernel.sysctl."net.ipv6.conf.enp1s0f1.disable_ipv6" = true;
-
-  services.lldpd.enable = true;
-
   # Set your time zone.
   time.timeZone = "America/Los_Angeles";
 
   # Enable touchpad support (enabled default in most desktopManager).
   # services.xserver.libinput.enable = true;
 
+  environment.sessionVariables = {
+    TERM = "xterm-256color";
+    #MY_VARIABLE = "my-value";
+    #ANOTHER_VARIABLE = "another-value";
+  };
+
   # Define a user account. Don't forget to set a password with ‘passwd’.
   users.users.das = {
     isNormalUser = true;
     description = "das";
-    extraGroups = [ "wheel" "networkmanager" "libvirtd" "docker" ];
+    password = "admin123";
+    extraGroups = [ "wheel" "libvirtd" "docker" "kubernetes" ];
     packages = with pkgs; [
     ];
     # https://nixos.wiki/wiki/SSH_public_key_authentication
@@ -94,13 +107,17 @@
 
   services.openssh.enable = true;
 
+  services.timesyncd.enable = true;
+
+  services.fstrim.enable = true;
+
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions
   # on your system were taken. It‘s perfectly fine and recommended to leave
   # this value at the release version of the first install of this system.
   # Before changing this value read the documentation for this option
   # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "24.05"; # Did you read the comment?
+  system.stateVersion = "24.11"; # Did you read the comment?
 
   # virtualisation.libvirtd.enable = true;
   # programs.virt-manager.enable = true;

chromebox/chromebox3/disko-chromebox3.nix

@@ -0,0 +1,99 @@
+#
+# nixos/chromebox/chromebox3
+#
+# Starting point was:
+# https://github.com/nix-community/disko/blob/master/example/lvm-sizes-sort.nix
+#
+# swap
+# https://github.com/nix-community/disko/blob/master/example/swap.nix
+#
+# tmpfs
+# https://github.com/nix-community/disko/blob/master/example/tmpfs.nix
+#
+# Other templates
+# https://github.com/nix-community/disko-templates/blob/main/zfs-impermanence/disko-config.nix
+
+{
+  disko.devices = {
+    disk = {
+      one = {
+        type = "disk";
+        #device = "/dev/vdb"; # --vm-test
+        device = "/dev/sda"; # real
+        content = {
+          type = "gpt";
+          partitions = {
+            boot = {
+              size = "1M";
+              type = "EF02"; # for grub MBR
+            };
+            ESP = {
+              name = "ESP";
+              size = "512M";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+                mountOptions = [ "umask=0077" ];
+              };
+            };
+            primary = {
+              size = "100%";
+              content = {
+                type = "lvm_pv";
+                vg = "pool";
+              };
+            };
+          };
+        };
+      };
+    };
+    lvm_vg = {
+      pool = {
+        type = "lvm_vg";
+        lvs = {
+          swap = {
+            #size = "10%"; # --vm-test
+            size = "32G";
+            content = {
+              type ="swap";
+              #discardPolicy = "both";
+              resumeDevice = true; # resume from hiberation from this device
+            };
+          };
+          atsCache = {
+            #size = "10%"; # --vm-test
+            size = "100G";
+          };
+          sftp = {
+            #size = "10%"; # --vm-test
+            size = "20G";
+            content = {
+              type = "filesystem";
+              format = "xfs";
+              mountpoint = "/tftp";
+              mountOptions = [ "defaults" ];
+            };
+          };
+          root = {
+            size = "90%";
+            content = {
+              type = "filesystem";
+              format = "xfs"; # <---------- xfs!
+              mountpoint = "/";
+              mountOptions = [ "defaults" ];
+              #mountOptions = [ "defaults" "pquota" ];
+            };
+          };
+        };
+      };
+    };
+    # nodev = {
+    #   "/tmp" = {
+    #     fsType = "tmpfs";
+    #     mountOptions = [ "size=200M" ];
+    #   };
+    # };
+  };
+}

chromebox/chromebox3/docker-daemon.nix

@@ -0,0 +1,27 @@
+
+{ config, pkgs, ... }:
+
+{
+  # https://nixos.wiki/wiki/Docker
+  # https://search.nixos.org/options?from=0&size=50&sort=alpha_asc&query=virtualisation.docker
+  # https://search.nixos.org/options?channel=24.05&show=virtualisation.docker.extraOptions&from=0&size=50&sort=alpha_asc&type=packages&query=virtualisation.docker
+  # https://github.com/NixOS/nixpkgs/issues/68349
+  virtualisation.docker.enable = true;
+  virtualisation.docker.daemon.settings = {
+    data-root = "/home/das/docker/";
+    userland-proxy = false;
+    experimental = true;
+    ipv6 = true;
+    fixed-cidr-v6 = "fd00::/80";
+    metrics-addr = "0.0.0.0:9323";
+    # log-driver = "json-file";
+    # log-opts.max-size = "10m";
+    # log-opts.max-file = "10";
+  };
+  #this doesn't work
+  #virtualisation.docker.daemon.settings.log-opts.max-size = "10m";
+  # https://docs.docker.com/reference/cli/dockerd/
+  #virtualisation.docker.extraOptions = "--userland-proxy=false";
+  #virtualisation.docker.extraOptions = "--log-opt=max-size=10m";
+  #virtualisation.docker.extraOptions = "--ipv6";
+}