monorepo lab stuff, init zen

2025-12-27 22:26:02 -06:00 · 2025-12-27 22:26:02 -06:00 · 645e09f9dd
commit 645e09f9dd
parent cfc15bba89
54 changed files with 67498 additions and 406 deletions
--- a/nixos/zen/configuration.nix
+++ b/nixos/zen/configuration.nix
@ -0,0 +1,54 @@
+{ host, config, pkgs, ... }:
+{
+  imports = [
+    ./hardware-configuration.nix
+  ];
+  sops.secrets = {
+    "password" = {
+      sopsFile = ../../secrets/k8s.yaml;
+    };
+    forgejo-runner = {
+      sopsFile = ../../secrets/forgejo-runner.yaml;
+    };
+  };
+  system-sys.zram = false;
+  networking = {
+    hostId = "81238132";
+    firewall = {
+      allowedTCPPorts = [
+        22
+        10250
+        25565 #mc
+        25566 #mc
+      ];
+    };
+  };
+  virtualisation.podman.enable = true;
+  services.gitea-actions-runner = {
+    package = pkgs.forgejo-runner;
+    instances.default = {
+      enable = true;
+      name = host.hostName;
+      url = "https://git.10110110.xyz";
+      tokenFile = config.sops.secrets.forgejo-runner.path;
+      labels = [
+        "ubuntu-latest:docker://node:24-bullseye"
+        "nix-upstream-latest:docker://nixos/nix:latest"
+      ];
+    };
+  };
+  services.k3s = {
+    enable = true;
+    role = "agent";
+    extraFlags = toString [
+      "--flannel-iface=tailscale0"
+    ];
+    tokenFile = config.sops.secrets."password".path;
+    serverAddr = "https://consensus:6443";
+  };
+  services.logind.lidSwitch = "ignore";
+  services.logind.lidSwitchExternalPower = "ignore";
+  hardware.enableRedistributableFirmware = true;
+  hardware.firmware = [ pkgs.linux-firmware ];
+  system.stateVersion = "23.11";
+}
--- a/nixos/zen/hardware-configuration.nix
+++ b/nixos/zen/hardware-configuration.nix
@ -0,0 +1,14 @@
+{ lib, modulesPath, ... }:
+{
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+  boot.loader.grub = {
+    efiSupport = true;
+    efiInstallAsRemovable = true;
+    device = "nodev";
+  };
+  fileSystems."/boot" = { device = "/dev/disk/by-uuid/EECE-9ACB"; fsType = "vfat"; };
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
+  boot.initrd.kernelModules = [ "nvme" ];
+  fileSystems."/" = { device = "/dev/sda2"; fsType = "ext4"; };
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}