iofq/nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

init htz

Browse source
This commit is contained in:
iofq 2024-01-27 14:28:21 -06:00
parent d12c6ef0f3
commit 441d9785c9
12 changed files with 744 additions and 40 deletions
Download patch file Download diff file Expand all files Collapse all files

10
nixos/contabo/hardware-configuration.nix
View file

@ -1,10 +0,0 @@
{ lib, modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
boot.loader.grub.device = "/dev/sda";
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = { device = "/dev/sda3"; fsType = "ext4"; };
}

8
nixos/default.nix
View file

@ -27,17 +27,19 @@
./racknerd/configuration.nix
];
};
contabo = inputs.nixpkgs.lib.nixosSystem {
htz = inputs.nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs system pkgs;
host = {
hostName = "eef";
hostName = "htz";
username = attrs.username;
};
};
modules = [
./configuration.nix
./contabo/configuration.nix
./htz/configuration.nix
inputs.ethereum-nix.nixosModules.default
inputs.microvm.nixosModules.host
];
};
}

6
nixos/contabo/configuration.nix → nixos/htz/configuration.nix
View file

@ -1,13 +1,16 @@
{ pkgs, ... }: {
imports = [
./hardware-configuration.nix
./vms.nix
#./eth.nix
];
environment.systemPackages = with pkgs; [
nfs-utils
vim
];
boot.tmp.cleanOnBoot = true;
zramSwap.enable = false;
networking.hostName = "eef";
networking.hostName = "htz";
networking.domain = "";
networking.firewall = {
enable = true;
@ -34,5 +37,4 @@
};
security.sudo.wheelNeedsPassword = false;
nix.settings.trusted-users = ["e"];
system.stateVersion = "22.11";
}

71
nixos/htz/eth.nix Normal file
View file

@ -0,0 +1,71 @@
{ system, ethereum-nix, ...}: {
services.ethereum.geth.mainnet = {
enable = true;
package = ethereum-nix.packages.${system}.geth;
openFirewall = true;
args = {
http = {
enable = false;
api = ["net" "web3" "eth"];
};
authrpc.jwtsecret = "/etc/nixos/eth_jwt";
};
};
services.nginx.enable = true;
services.nginx.virtualHosts."contabo.10110110.xyz" = {
addSSL = true;
enableACME = true;
root = "/var/www/fam";
};
security.acme = {
acceptTerms = true;
defaults.email = "cjriddz@protonmail.com";
};
networking.firewall = {
enable = true;
allowedTCPPorts = [80 443];
allowedUDPPorts = [];
logRefusedConnections = true;
};
services.ethereum.nimbus-beacon.mainnet = {
enable = true;
package = ethereum-nix.packages.${system}.nimbus;
openFirewall = true;
args = {
nat = "any";
network = "mainnet";
jwt-secret = "/etc/nixos/eth_jwt";
trusted-node-url = "https://sync.invis.tools";
el = ["http://127.0.0.1:8551"];
listen-address = "0.0.0.0";
tcp-port = 9000;
udp-port = 9000;
enr-auto-update = true;
max-peers = "160";
doppelganger-detection = true;
history = "prune";
graffiti = "yo";
metrics = {
enable = true;
port = 5054;
address = "127.0.0.1";
};
rest = {
enable = true;
port = 5052;
address = "0.0.0.0";
allow-origin = "*";
};
payload-builder = {
enable = true;
url = "http://localhost";
};
light-client-data = {
serve = true;
import-mode = "only-new";
max-periods = "3";
};
};
};
}

63
nixos/htz/hardware-configuration.nix Executable file
View file

@ -0,0 +1,63 @@
{ modulesPath, lib, ... }:
{
system.stateVersion = "23.11";
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
boot = {
loader.grub = {
efiSupport = true;
efiInstallAsRemovable = true;
device = "nodev";
};
initrd.availableKernelModules = [
"ata_piix"
"uhci_hcd"
"xen_blkfront"
"vmw_pvscsi"
];
initrd.kernelModules = [ "nvme" ];
};
fileSystems = {
"/boot" = {
device = "/dev/disk/by-uuid/5679-B4CD";
fsType = "vfat";
};
"/" = {
device = "/dev/mapper/ssd1-root";
fsType = "ext4";
};
};
swapDevices = [{
device = "/dev/dm-1";
}];
networking.useNetworkd = true;
networking.nat = {
enable = true;
externalInterface = "enp0s31f6";
internalInterfaces = [ "microvm" ];
};
systemd.network = {
enable = true;
netdevs = {
"10-microvm".netdevConfig = {
Kind = "bridge";
Name = "microvm";
};
};
networks = {
"10-microvm" = {
matchConfig.Name = "microvm";
networkConfig = {
DHCPServer = true;
};
addresses = [ {
addressConfig.Address = "10.0.0.1/24";
}];
};
"11-microvm" = {
matchConfig.Name = "vm-*";
networkConfig.Bridge = "microvm";
};
};
};
}

15
nixos/htz/vms.nix Normal file
View file

@ -0,0 +1,15 @@
{ ... }: {
microvm.vms = {
vm-test = {
config = {
microvm.shares = [{
source = "/nix/store";
mountPoint = "/nix/.ro-store";
tag = "ro-store";
proto = "virtiofs";
}];
system.stateVersion = "23.11";
};
};
};
}

33
nixos/t14/configuration.nix
View file

@ -11,7 +11,7 @@
networking.networkmanager.enable = true;
networking.firewall = {
enable = true;
allowedTCPPorts = [11111];
allowedTCPPorts = [11111 80];
allowedUDPPorts = [];
logRefusedConnections = true;
};
@ -52,6 +52,37 @@
};
};
};
services.tlp = {
enable = true;
settings = {
WIFI_PWR_ON_BAT = "off";
CPU_BOOST_ON_BAT = "0";
CPU_BOOST_ON_AC = "1";
PLATFORM_PROFILE_ON_AC = "performance";
PLATFORM_PROFILE_ON_BAT = "low-power";
CPU_SCALING_GOVERNOR_ON_AC = "performance";
CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
CPU_MIN_PERF_ON_AC = 0;
CPU_MAX_PERF_ON_AC = 100;
CPU_MIN_PERF_ON_BAT = 0;
CPU_MAX_PERF_ON_BAT = 25;
RADEON_DPM_STATE_ON_AC="performance";
RADEON_DPM_STATE_ON_BAT="battery";
RADEON_POWER_PROFILE_ON_AC="high";
RADEON_POWER_PROFILE_ON_BAT="low";
#Optional helps save long term battery health
START_CHARGE_THRESH_BAT0 = 80; # bellow it starts to charge
STOP_CHARGE_THRESH_BAT0 = 95; # above it stops charging
};
};
hardware.opengl.enable = true;
hardware.opengl.extraPackages = [
pkgs.mesa.drivers