start work on maybe a arm server

This commit is contained in:
chaos 2023-09-19 22:30:02 +01:00
parent b4f9cc52e6
commit ebca60021d
No known key found for this signature in database
18 changed files with 413 additions and 29 deletions

View file

@ -7,4 +7,8 @@ rec {
ipv4 = "65.21.145.62";
ipv6 = "2a01:4f9:c010:6a89::1";
};
"hetzner-arm" = {
ipv4 = "65.21.0.145";
ipv6 = "2a01:4f9:c012:9b6b::1";
};
}

View file

@ -176,16 +176,17 @@
]
},
"locked": {
"dirtyRev": "1729b90a2e81b95f0158720816b174532a9b1f2b-dirty",
"dirtyShortRev": "1729b90-dirty",
"lastModified": 1694730023,
"narHash": "sha256-luuXpoTIfcvruZfNF3KsIs5rxbZKHuoJPRiI2kMrAYE=",
"type": "git",
"url": "file:/home/chaos/Projects/piped-flake"
"lastModified": 1695142252,
"narHash": "sha256-rcYxKVb6Mpna3xNSwRHMw/Yzw3tky0+JuMLM5qoBiUw=",
"owner": "ChaotiCryptidz",
"repo": "piped-flake",
"rev": "994a8e983eef9071d73c9b2daad9bd42aac0b1aa",
"type": "gitlab"
},
"original": {
"type": "git",
"url": "file:/home/chaos/Projects/piped-flake"
"owner": "ChaotiCryptidz",
"repo": "piped-flake",
"type": "gitlab"
}
},
"root": {

View file

@ -41,8 +41,7 @@
gitlab_artifacts_sync.inputs.utils.follows = "flake-utils";
gitlab_artifacts_sync.inputs.flake-compat.follows = "flake-compat";
#piped-flake.url = "gitlab:ChaotiCryptidz/piped-flake";
piped-flake.url = "git+file:/home/chaos/Projects/piped-flake";
piped-flake.url = "gitlab:ChaotiCryptidz/piped-flake";
piped-flake.inputs.nixpkgs.follows = "nixpkgs-unstable";
piped-flake.inputs.utils.follows = "flake-utils";
piped-flake.inputs.flake-compat.follows = "flake-compat";

View file

@ -19,7 +19,7 @@
then fontSizesAll.${nixosConfig.networking.hostName}
else fontSizesAll.default;
in {
imports = with tree; [home.gui.base home.apps.kitty home.apps.rofi];
imports = with tree; [home.gui.base home.apps.kitty];
home.packages = with pkgs; [dconf2nix gnome.dconf-editor xclip];
@ -128,15 +128,15 @@ in {
screenshot-clip = ["Print"];
custom-keybindings = [
# Rofi & Kitty
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/rofi/"
#"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/rofi/"
"/org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/kitty/"
];
};
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/rofi" = {
binding = "<Alt>d";
command = "rofi -show run";
name = "rofi";
};
#"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/rofi" = {
# binding = "<Alt>d";
# command = "rofi -show run";
# name = "rofi";
#};
"org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/kitty" = {
binding = "<Alt>Return";
command = "kitty";

View file

@ -0,0 +1,48 @@
{
tree,
modulesPath,
pkgs,
config,
lib,
...
}: let
inherit (lib.strings) escapeShellArgs;
in {
nixpkgs.overlays = [
(final: prev: {
# skips building zsh docs
zsh = prev.zsh.overrideAttrs {
nativeBuildInputs = with final; [autoreconfHook perl groff texinfo pcre util-linux];
};
})
];
imports = with tree; [
(modulesPath + "/installer/netboot/netboot-minimal.nix")
profiles.sshd
users.root
];
boot.kernelParams = ["console=tty0" "console=ttyAMA0,115200" "console=ttyS0,115200"];
documentation.enable = false;
netboot.squashfsCompression = "zstd -Xcompression-level 1";
system.build = {
kexecTarball = pkgs.runCommand "kexec-tarball" {} ''
mkdir kexec $out
cp "${config.system.build.netbootRamdisk}/initrd" kexec/initrd
cp "${config.system.build.kernel}/${config.system.boot.loader.kernelFile}" kexec/bzImage
install -D -m 0755 ${./run.sh} kexec/run
sed -i \
-e 's|@init@|${config.system.build.toplevel}/init|' \
-e 's|@kernelParams@|${escapeShellArgs config.boot.kernelParams}|' \
kexec/run
cp "${pkgs.pkgsStatic.kexec-tools}/bin/kexec" kexec/kexec
tar -cf $out/hetzner-arm-installer.tar kexec
'';
};
system.stateVersion = "23.11";
}

View file

@ -0,0 +1,19 @@
#!/bin/sh
set -ex
init="@init@"
kernelParams="@kernelParams@"
cd "$(dirname "$(readlink -f "$0")")"
if ! ./kexec --load ./bzImage \
--kexec-syscall-auto \
--initrd=./initrd --no-checks \
--command-line "init=$init $kernelParams"; then
echo "kexec failed, dumping dmesg"
dmesg | tail -n 100
exit 1
fi
./kexec -e

View file

@ -0,0 +1,19 @@
{
tree,
lib,
...
}: let
inherit (lib.lists) forEach;
in {
imports = with tree; [
presets.nixos.serverBase
presets.nixos.serverHetzner
./hardware.nix
./secrets.nix
];
networking.hostName = "hetzner-arm";
home-manager.users.root.home.stateVersion = "23.05";
system.stateVersion = "23.05";
}

View file

@ -25,7 +25,6 @@
};
defaultModules = [
# NO_INLINE
tree.profiles.base
inputs.home-manager-unstable.nixosModules.home-manager
@ -82,6 +81,30 @@ in {
modules = defaultModules ++ [./hetzner-vm/hetzner-vm.nix];
};
# hetzner-arm-installer.nix is generic, this just is for the machine hetzner-arm
# add hostname and IPs to serverIPs.nix
hetzner-arm-installer = nixosUnstableSystem {
specialArgs =
defaultSpecialArgs
// {
hostPath = ./hetzner-arm-installer;
};
system = "aarch64-linux";
# a more minimal module set
modules = with tree; [
profiles.base.hardware
profiles.base.terminals
profiles.base.nix
./hetzner-arm-installer/hetzner-arm-installer.nix
presets.nixos.serverHetzner
({...}: {
networking.hostName = "hetzner-arm";
})
];
};
vault = nixosUnstableSystem {
specialArgs =
defaultSpecialArgs

View file

@ -8,6 +8,11 @@ final: prev: rec {
mk-normal-enc-ssd = final.callPackage ../extras/mk-normal-enc-ssd.nix {};
mk-raspberry-ext-drive = final.callPackage ../extras/mk-raspberry-ext-drive.nix {};
kitty-terminfo = final.runCommand "kitty-terminfo" {} ''
mkdir -p $out/share
cp -r ${./kitty-terminfo/terminfo} $out/share
'';
cockroachdb-bin = final.callPackage ./cockroachdb-bin {};
cockroachdb = cockroachdb-bin;

View file

@ -0,0 +1 @@
xterm-kitty|KovIdTTY:5i:NP:am:cc:hs:km:mi:ms:xn:Co#256:co#80:it#8:li#24:pa#32767:#2=\E[1;2H:#3=\E[2;2~:#4=\E[1;2D:%1=:%c=\E[6;2~:%e=\E[5;2~:%i=\E[1;2C:&8=:&9=\E[1;2E:*4=\E[3;2~:*7=\E[1;2F:@1=\EOE:@7=\EOF:AB=\E[48;5;%dm:AF=\E[38;5;%dm:AL=\E[%dL:DC=\E[%dP:DL=\E[%dM:DO=\E[%dB:F1=\E[23~:F2=\E[24~:F3=\E[1;2P:F4=\E[1;2Q:F5=\E[13;2~:F6=\E[1;2S:F7=\E[15;2~:F8=\E[17;2~:F9=\E[18;2~:FA=\E[19;2~:FB=\E[20;2~:FC=\E[21;2~:FD=\E[23;2~:FE=\E[24;2~:FF=\E[1;5P:FG=\E[1;5Q:FH=\E[13;5~:FI=\E[1;5S:FJ=\E[15;5~:FK=\E[17;5~:FL=\E[18;5~:FM=\E[19;5~:FN=\E[20;5~:FO=\E[21;5~:FP=\E[23;5~:FQ=\E[24;5~:FR=\E[1;6P:FS=\E[1;6Q:FT=\E[13;6~:FU=\E[1;6S:FV=\E[15;6~:FW=\E[17;6~:FX=\E[18;6~:FY=\E[19;6~:FZ=\E[20;6~:Fa=\E[21;6~:Fb=\E[23;6~:Fc=\E[24;6~:Fd=\E[1;3P:Fe=\E[1;3Q:Ff=\E[13;3~:Fg=\E[1;3S:Fh=\E[15;3~:Fi=\E[17;3~:Fj=\E[18;3~:Fk=\E[19;3~:Fl=\E[20;3~:Fm=\E[21;3~:Fn=\E[23;3~:Fo=\E[24;3~:Fp=\E[1;4P:Fq=\E[1;4Q:Fr=\E[13;4~:IC=\E[%d@:..Ic=\E]4;%p1%d;rgb\:%p2%{255}%*%{1000}%/%2.2X/%p3%{255}%*%{1000}%/%2.2X/%p4%{255}%*%{1000}%/%2.2X\E\\:K1=:K3=:K4=:K5=:Km=\E[M:LE=\E[%dD:RA=\E[?7l:RI=\E[%dC:SA=\E[?7h:SF=\E[%dS:SR=\E[%dT:UP=\E[%dA:ZH=\E[3m:ZR=\E[23m:ac=++,,--..00``aaffgghhiijjkkllmmnnooppqqrrssttuuvvwwxxyyzz{{||}}~~:ae=\E(B:al=\E[L:as=\E(0:bl=^G:bt=\E[Z:cb=\E[1K:cd=\E[J:ce=\E[K:ch=\E[%i%dG:cl=\E[H\E[2J:cm=\E[%i%d;%dH:cr=\r:cs=\E[%i%d;%dr:ct=\E[3g:cv=\E[%i%dd:dc=\E[P:dl=\E[M:do=\n:ds=\E]2;\E\\:ec=\E[%dX:ei=\E[4l:fs=^G:ho=\E[H:im=\E[4h:k1=\EOP:k2=\EOQ:k3=\EOR:k4=\EOS:k5=\E[15~:k6=\E[17~:k7=\E[18~:k8=\E[19~:k9=\E[20~:k;=\E[21~:kB=\E[Z:kD=\E[3~:kF=\E[1;2B:kI=\E[2~:kN=\E[6~:kP=\E[5~:kR=\E[1;2A:kb=\177:kd=\EOB:ke=\E[?1l:kh=\EOH:kl=\EOD:kr=\EOC:ks=\E[?1h:ku=\EOA:le=^H:md=\E[1m:me=\E[0m:mh=\E[2m:mr=\E[7m:nd=\E[C:oc=\E]104\007:op=\E[39;49m:r1=\E]\E\\\Ec:rc=\E8:..rp=%p1%c\E[%p2%{1}%-%db:..sa=%?%p9%t\E(0%e\E(B%;\E[0%?%p6%t;1%;%?%p2%t;4%;%?%p1%p3%|%t;7%;%?%p4%t;5%;%?%p7%t;8%;m:sc=\E7:se=\E[27m:sf=\n:so=\E[7m:sr=\EM:st=\EH:ta=^I:te=\E[?1049l:ti=\E[?1049h:ts=\E]2;:u6=\E[%i%d;%dR:u7=\E[6n:..u8=\E[?%[;0123456789]c:u9=\E[c:ue=\E[24m:up=\E[A:us=\E[4m:vb=\E[?5h\E[?5l:ve=\E[?12h\E[?25h:vi=\E[?25l:vs=\E[?12;25h:

View file

@ -0,0 +1,266 @@
xterm-kitty|KovIdTTY,
Su,
Tc,
am,
ccc,
fullkbd,
hs,
km,
mc5i,
mir,
msgr,
npc,
xenl,
colors#256,
cols#80,
it#8,
lines#24,
pairs#32767,
BD=\E[?2004l,
BE=\E[?2004h,
Cr=\E]112\007,
Cs=\E]12;%p1%s\007,
Ms=\E]52;%p1%s;%p2%s\E\\,
PE=\E[201~,
PS=\E[200~,
RV=\E[>c,
Se=\E[2\sq,
Setulc=\E[58:2:%p1%{65536}%/%d:%p1%{256}%/%{255}%&%d:%p1%{255}%&%d%;m,
Smulx=\E[4:%p1%dm,
Ss=\E[%p1%d\sq,
Sync=\EP=%p1%ds\E\\,
XR=\E[>0q,
acsc=++\,\,--..00``aaffgghhiijjkkllmmnnooppqqrrssttuuvvwwxxyyzz{{||}}~~,
bel=^G,
bold=\E[1m,
cbt=\E[Z,
civis=\E[?25l,
clear=\E[H\E[2J,
cnorm=\E[?12h\E[?25h,
cr=^M,
csr=\E[%i%p1%d;%p2%dr,
cub=\E[%p1%dD,
cub1=^H,
cud=\E[%p1%dB,
cud1=^J,
cuf=\E[%p1%dC,
cuf1=\E[C,
cup=\E[%i%p1%d;%p2%dH,
cuu=\E[%p1%dA,
cuu1=\E[A,
cvvis=\E[?12;25h,
dch=\E[%p1%dP,
dch1=\E[P,
dim=\E[2m,
dl=\E[%p1%dM,
dl1=\E[M,
dsl=\E]2;\E\\,
ech=\E[%p1%dX,
ed=\E[J,
el=\E[K,
el1=\E[1K,
flash=\E[?5h$<100/>\E[?5l,
fsl=^G,
home=\E[H,
hpa=\E[%i%p1%dG,
ht=^I,
hts=\EH,
ich=\E[%p1%d@,
il=\E[%p1%dL,
il1=\E[L,
ind=^J,
indn=\E[%p1%dS,
initc=\E]4;%p1%d;rgb\:%p2%{255}%*%{1000}%/%2.2X/%p3%{255}%*%{1000}%/%2.2X/%p4%{255}%*%{1000}%/%2.2X\E\\,
kBEG=\E[1;2E,
kBEG3=\E[1;3E,
kBEG4=\E[1;4E,
kBEG5=\E[1;5E,
kBEG6=\E[1;6E,
kBEG7=\E[1;7E,
kDC=\E[3;2~,
kDC3=\E[3;3~,
kDC4=\E[3;4~,
kDC5=\E[3;5~,
kDC6=\E[3;6~,
kDC7=\E[3;7~,
kDN=\E[1;2B,
kDN3=\E[1;3B,
kDN4=\E[1;4B,
kDN5=\E[1;5B,
kDN6=\E[1;6B,
kDN7=\E[1;7B,
kEND=\E[1;2F,
kEND3=\E[1;3F,
kEND4=\E[1;4F,
kEND5=\E[1;5F,
kEND6=\E[1;6F,
kEND7=\E[1;7F,
kHOM=\E[1;2H,
kHOM3=\E[1;3H,
kHOM4=\E[1;4H,
kHOM5=\E[1;5H,
kHOM6=\E[1;6H,
kHOM7=\E[1;7H,
kIC=\E[2;2~,
kIC3=\E[2;3~,
kIC4=\E[2;4~,
kIC5=\E[2;5~,
kIC6=\E[2;6~,
kIC7=\E[2;7~,
kLFT=\E[1;2D,
kLFT3=\E[1;3D,
kLFT4=\E[1;4D,
kLFT5=\E[1;5D,
kLFT6=\E[1;6D,
kLFT7=\E[1;7D,
kNXT=\E[6;2~,
kNXT3=\E[6;3~,
kNXT4=\E[6;4~,
kNXT5=\E[6;5~,
kNXT6=\E[6;6~,
kNXT7=\E[6;7~,
kPRV=\E[5;2~,
kPRV3=\E[5;3~,
kPRV4=\E[5;4~,
kPRV5=\E[5;5~,
kPRV6=\E[5;6~,
kPRV7=\E[5;7~,
kRIT=\E[1;2C,
kRIT3=\E[1;3C,
kRIT4=\E[1;4C,
kRIT5=\E[1;5C,
kRIT6=\E[1;6C,
kRIT7=\E[1;7C,
kUP=\E[1;2A,
kUP3=\E[1;3A,
kUP4=\E[1;4A,
kUP5=\E[1;5A,
kUP6=\E[1;6A,
kUP7=\E[1;7A,
ka1=,
ka3=,
kbeg=\EOE,
kbs=\177,
kc1=,
kc3=,
kcbt=\E[Z,
kcub1=\EOD,
kcud1=\EOB,
kcuf1=\EOC,
kcuu1=\EOA,
kdch1=\E[3~,
kend=\EOF,
kf1=\EOP,
kf10=\E[21~,
kf11=\E[23~,
kf12=\E[24~,
kf13=\E[1;2P,
kf14=\E[1;2Q,
kf15=\E[13;2~,
kf16=\E[1;2S,
kf17=\E[15;2~,
kf18=\E[17;2~,
kf19=\E[18;2~,
kf2=\EOQ,
kf20=\E[19;2~,
kf21=\E[20;2~,
kf22=\E[21;2~,
kf23=\E[23;2~,
kf24=\E[24;2~,
kf25=\E[1;5P,
kf26=\E[1;5Q,
kf27=\E[13;5~,
kf28=\E[1;5S,
kf29=\E[15;5~,
kf3=\EOR,
kf30=\E[17;5~,
kf31=\E[18;5~,
kf32=\E[19;5~,
kf33=\E[20;5~,
kf34=\E[21;5~,
kf35=\E[23;5~,
kf36=\E[24;5~,
kf37=\E[1;6P,
kf38=\E[1;6Q,
kf39=\E[13;6~,
kf4=\EOS,
kf40=\E[1;6S,
kf41=\E[15;6~,
kf42=\E[17;6~,
kf43=\E[18;6~,
kf44=\E[19;6~,
kf45=\E[20;6~,
kf46=\E[21;6~,
kf47=\E[23;6~,
kf48=\E[24;6~,
kf49=\E[1;3P,
kf5=\E[15~,
kf50=\E[1;3Q,
kf51=\E[13;3~,
kf52=\E[1;3S,
kf53=\E[15;3~,
kf54=\E[17;3~,
kf55=\E[18;3~,
kf56=\E[19;3~,
kf57=\E[20;3~,
kf58=\E[21;3~,
kf59=\E[23;3~,
kf6=\E[17~,
kf60=\E[24;3~,
kf61=\E[1;4P,
kf62=\E[1;4Q,
kf63=\E[13;4~,
kf7=\E[18~,
kf8=\E[19~,
kf9=\E[20~,
khlp=,
khome=\EOH,
kich1=\E[2~,
kind=\E[1;2B,
kmous=\E[M,
knp=\E[6~,
kpp=\E[5~,
kri=\E[1;2A,
kund=,
kxIN=\E[I,
kxOUT=\E[O,
oc=\E]104\007,
op=\E[39;49m,
rc=\E8,
rep=%p1%c\E[%p2%{1}%-%db,
rev=\E[7m,
ri=\EM,
rin=\E[%p1%dT,
ritm=\E[23m,
rmacs=\E(B,
rmam=\E[?7l,
rmcup=\E[?1049l,
rmir=\E[4l,
rmkx=\E[?1l,
rmso=\E[27m,
rmul=\E[24m,
rmxx=\E[29m,
rs1=\E]\E\\\Ec,
sc=\E7,
setab=\E[%?%p1%{8}%<%t4%p1%d%e%p1%{16}%<%t10%p1%{8}%-%d%e48;5;%p1%d%;m,
setaf=\E[%?%p1%{8}%<%t3%p1%d%e%p1%{16}%<%t9%p1%{8}%-%d%e38;5;%p1%d%;m,
setrgbb=\E[48:2:%p1%d:%p2%d:%p3%dm,
setrgbf=\E[38:2:%p1%d:%p2%d:%p3%dm,
sgr=%?%p9%t\E(0%e\E(B%;\E[0%?%p6%t;1%;%?%p2%t;4%;%?%p1%p3%|%t;7%;%?%p4%t;5%;%?%p7%t;8%;m,
sgr0=\E(B\E[m,
sitm=\E[3m,
smacs=\E(0,
smam=\E[?7h,
smcup=\E[?1049h,
smir=\E[4h,
smkx=\E[?1h,
smso=\E[7m,
smul=\E[4m,
smxx=\E[9m,
tbc=\E[3g,
tsl=\E]2;,
u6=\E[%i%d;%dR,
u7=\E[6n,
u8=\E[?%[;0123456789]c,
u9=\E[c,
vpa=\E[%i%p1%dd,

Binary file not shown.

View file

@ -1,10 +1,5 @@
{
lib,
pkgs,
...
}: let
{lib, ...}: let
inherit (lib.modules) mkForce;
in {
users.defaultUserShell = pkgs.zsh;
security.sudo.wheelNeedsPassword = mkForce false;
}

View file

@ -1,3 +1,5 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [buildPackages.buildPackages.kitty.terminfo];
environment.systemPackages = with pkgs; [
kitty-terminfo
];
}

View file

@ -1,4 +1,5 @@
{pkgs, ...}: {
users.defaultUserShell = pkgs.zsh;
environment.pathsToLink = ["/share/zsh"];
environment.shells = with pkgs; [zsh];
programs.zsh.enable = true;

View file

@ -13,7 +13,7 @@
containerNames = attrNames config.containers;
vaccumSize = "50MB";
vaccumSize = "50M";
in {
environment.systemPackages =
[

View file

@ -1,10 +1,11 @@
{lib, ...}: let
inherit (lib.modules) mkDefault;
inherit (lib.modules) mkOverride;
in {
services.openssh = {
enable = true;
settings = {
PermitRootLogin = "prohibit-password";
PermitRootLogin = mkOverride 50 "prohibit-password";
PasswordAuthentication = false;
KbdInteractiveAuthentication = mkDefault false;
StreamLocalBindUnlink = true;

View file

@ -3,7 +3,7 @@
encUSBMount = pkgs.writeShellScriptBin "enc_usb_mount" ''
set -x
${encUSBMount}/bin/enc_usb_unmount
${encUSBUnmount}/bin/enc_usb_unmount
cat /secrets/usb_encryption_passphrase | cryptsetup luksOpen ${encryptedUSB.encryptedPath} ${encryptedUSB.mapperName} -
mount ${encryptedUSB.mapperPath} -o rw ${encryptedUSB.mountpoint}
'';
@ -29,7 +29,7 @@ in {
systemd.services.enc-usb-unmount = {
path = [pkgs.util-linux pkgs.cryptsetup];
script = ''
${enc_usb_unmount}/bin/enc_usb_unmount
${encUSBMount}/bin/enc_usb_unmount
'';
};