From c7513ebd2509afda6807f559bb5a7aea2fa29803 Mon Sep 17 00:00:00 2001 From: iofq Date: Sat, 1 Jun 2024 05:00:33 -0500 Subject: [PATCH] rm htz --- nixos/default.nix | 25 ------- nixos/htz/configuration.nix | 61 ---------------- nixos/htz/eth.nix | 72 ------------------- nixos/htz/hardware-configuration.nix | 100 --------------------------- nixos/htz/vms/default.nix | 99 -------------------------- nixos/htz/vms/k3s.nix | 29 -------- nixos/htz/vms/pool.nix | 34 --------- nixos/t14/configuration.nix | 2 +- 8 files changed, 1 insertion(+), 421 deletions(-) delete mode 100644 nixos/htz/configuration.nix delete mode 100644 nixos/htz/eth.nix delete mode 100755 nixos/htz/hardware-configuration.nix delete mode 100644 nixos/htz/vms/default.nix delete mode 100644 nixos/htz/vms/k3s.nix delete mode 100644 nixos/htz/vms/pool.nix diff --git a/nixos/default.nix b/nixos/default.nix index f0f5f65..d59b69d 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -41,29 +41,4 @@ in { ./racknerd/configuration.nix ]; }; - htz = inputs.nixpkgs.lib.nixosSystem { - specialArgs = { - inherit inputs system pkgs; - addressList = { - vm-k3s = { - name = "vm-k3s"; - ipv4 = "10.0.0.3"; - subnet = "/24"; - mac = "02:00:00:00:00:03"; - }; - }; - host = { - hostName = "htz"; - inherit (attrs) username; - }; - }; - modules = - defaultModules - ++ [ - ./configuration.nix - ./htz/configuration.nix - inputs.ethereum-nix.nixosModules.default - inputs.microvm.nixosModules.host - ]; - }; } diff --git a/nixos/htz/configuration.nix b/nixos/htz/configuration.nix deleted file mode 100644 index 2cd4448..0000000 --- a/nixos/htz/configuration.nix +++ /dev/null @@ -1,61 +0,0 @@ -{ - addressList, - lib, - pkgs, - ... -}: { - imports = [ - ./hardware-configuration.nix - ./vms - ./eth.nix - ]; - environment.systemPackages = with pkgs; [ - git - bridge-utils - ]; - networking = { - hostName = "htz"; - firewall = { - enable = true; - allowedTCPPorts = [22]; - logRefusedConnections = true; - trustedInterfaces = ["microvm"]; - }; - # Map addressList to entries in /etc/hosts - extraHosts = - builtins.concatStringsSep "\n" - (lib.attrsets.mapAttrsToList (k: v: "${v.ipv4} ${k}") addressList); - }; - fileSystems."/var/lib/private/nimbus-beacon-mainnet" = { - device = "/eth2"; - options = ["bind"]; - }; - fileSystems."/var/lib/private/geth-mainnet" = { - device = "/eth1"; - options = ["bind"]; - }; - services = { - tailscale.enable = true; - openssh = { - enable = true; - settings = { - PasswordAuthentication = false; - PermitRootLogin = "prohibit-password"; - }; - }; - }; - users.users = { - root = { - openssh.authorizedKeys.keys = [''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHM4Zr0PFN7QdOG2aJ+nuzRCK6caulrpY6bphA1Ppl8Y e@t14'']; - }; - e = { - isNormalUser = true; - extraGroups = ["wheel"]; - home = "/home/e"; - openssh.authorizedKeys.keys = [''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHM4Zr0PFN7QdOG2aJ+nuzRCK6caulrpY6bphA1Ppl8Y e@t14'']; - }; - }; - security.sudo.wheelNeedsPassword = false; - nix.settings.trusted-users = ["e"]; - system.stateVersion = "23.11"; -} diff --git a/nixos/htz/eth.nix b/nixos/htz/eth.nix deleted file mode 100644 index 3210dfe..0000000 --- a/nixos/htz/eth.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ - system, - inputs, - ... -}: { - networking = { - firewall = { - allowedTCPPorts = [9000 30303]; - allowedUDPPorts = [9000 30303]; - logRefusedConnections = true; - trustedInterfaces = ["microvm"]; - interfaces."tailscale0".allowedTCPPorts = [5052 8545]; - }; - }; - # virtualisation.oci-containers.containers = { - # besu = { - # image = "hyperledger/besu:24.3-graalvm"; - # ports = [ - # "0.0.0.0:30303:30303" - # "0.0.0.0:30303:30303/udp" - # "100.79.221.28:8551:8551" - # ]; - # volumes = [ - # "/eth1/besu:/var/lib/besu" - # "/etc/nixos/eth_jwt:/var/lib/jwtsecret/jwt.hex" - # ]; - # environment = { - # JAVA_OPTS = "\"-Xmx16192m\""; - # }; - # cmd = [ - # "--Xsnapsync-synchronizer-flat-db-healing-enabled=true" - # "--data-path=/var/lib/besu" - # "--data-storage-format=bonsai" - # "--engine-jwt-secret=/var/lib/jwtsecret/jwt.hex" - # "--engine-rpc-enabled" - # "--engine-rpc-port=8551" - # "--fast-sync-min-peers=3" - # "--nat-method=docker" - # "--network=mainnet" - # "--sync-mode=X_SNAP" - # ]; - # }; - services.ethereum.geth.mainnet = { - enable = true; - package = inputs.ethereum-nix.packages.${system}.geth; - openFirewall = false; - args = { - http = { - enable = true; - addr = "0.0.0.0"; - vhosts = ["htz.tailc353f.ts.net"]; - }; - authrpc.jwtsecret = "/etc/nixos/eth_jwt"; - }; - }; - services.ethereum.nimbus-beacon.mainnet = { - enable = true; - package = inputs.ethereum-nix.packages.${system}.nimbus; - openFirewall = false; - args = { - user = "nimbus"; - jwt-secret = "/etc/nixos/eth_jwt"; - trusted-node-url = "https://sync.invis.tools"; - enr-auto-update = true; - rest = { - enable = true; - address = "0.0.0.0"; - }; - light-client-data.max-periods = "3"; - }; - }; -} diff --git a/nixos/htz/hardware-configuration.nix b/nixos/htz/hardware-configuration.nix deleted file mode 100755 index 0c0dcb9..0000000 --- a/nixos/htz/hardware-configuration.nix +++ /dev/null @@ -1,100 +0,0 @@ -{ - modulesPath, - lib, - config, - ... -}: { - imports = [(modulesPath + "/installer/scan/not-detected.nix")]; - boot = { - kernelModules = ["kvm-intel"]; - tmp.cleanOnBoot = true; - loader.grub = { - efiSupport = true; - efiInstallAsRemovable = true; - device = "nodev"; - }; - initrd = { - kernelModules = ["nvme" "dm-snapshot"]; - availableKernelModules = [ - "ahci" - "ata_piix" - "sd_mod" - "uhci_hcd" - "vmw_pvscsi" - "xen_blkfront" - "xhci_pci" - ]; - }; - }; - fileSystems."/" = { - device = "/dev/disk/by-uuid/2d5aa5d0-e6c5-4b5d-b295-d5248da994fc"; - fsType = "ext4"; - }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/8480-5FBB"; - fsType = "vfat"; - }; - fileSystems."/eth1" = { - device = "/dev/disk/by-uuid/d674ba1d-dde0-4c8d-bdc7-0cb240d6de62"; - fsType = "ext4"; - }; - fileSystems."/eth2" = { - device = "/dev/disk/by-uuid/c2c7cf35-dc97-4ca3-823f-1e892bcba6f5"; - fsType = "ext4"; - }; - fileSystems."/var/lib/microvms" = { - device = "/dev/disk/by-uuid/06af31e6-7ac6-4066-a56b-9feaae14508b"; - fsType = "ext4"; - }; - swapDevices = [ - {device = "/dev/disk/by-uuid/d4b0d80e-d570-4d21-bbe4-0f31bd50cbcc";} - ]; - - zramSwap.enable = false; - networking = { - useNetworkd = true; - nat = { - enable = true; - externalInterface = "enp0s31f6"; - internalInterfaces = ["microvm"]; - }; - }; - systemd.network = { - enable = true; - netdevs = { - "10-microvm".netdevConfig = { - Kind = "bridge"; - Name = "microvm"; - }; - }; - networks = { - "10-microvm" = { - matchConfig.Name = "microvm"; - networkConfig = { - DHCPServer = true; - IPv6SendRA = false; - }; - dhcpServerConfig = { - PoolOffset = 128; - PoolSize = 64; - EmitDNS = true; - }; - addresses = [ - { - addressConfig.Address = "10.0.0.1/24"; - } - ]; - }; - "11-microvm" = { - matchConfig.Name = "vm-*"; - networkConfig.Bridge = "microvm"; - }; - "12-microvm" = { - matchConfig.Name = "vnet*"; - networkConfig.Bridge = "microvm"; - }; - }; - }; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/nixos/htz/vms/default.nix b/nixos/htz/vms/default.nix deleted file mode 100644 index ef6653e..0000000 --- a/nixos/htz/vms/default.nix +++ /dev/null @@ -1,99 +0,0 @@ -{ - lib, - pkgs, - addressList, - ... -}: let - genVMConfig = { - name, - config ? {}, - ... - }: { - restartIfChanged = true; - inherit pkgs; - # Merge custom config passed with defaults - config = - lib.attrsets.recursiveUpdate - { - microvm = { - shares = [ - { - source = "/nix/store"; - mountPoint = "/nix/.ro-store"; - tag = "ro-store"; - proto = "virtiofs"; - } - ]; - interfaces = [ - { - type = "tap"; - id = name; - inherit (addressList.${name}) mac; - } - ]; - }; - systemd.network = { - enable = true; - networks."20-lan" = { - matchConfig.Type = "ether"; - networkConfig = { - Address = [(addressList.${name}.ipv4 + addressList.${name}.subnet)]; - Gateway = "10.0.0.1"; - DNS = ["1.1.1.1"]; - IPv6AcceptRA = true; - DHCP = "no"; - }; - }; - networks."19-docker" = { - matchConfig.Name = "veth*"; - linkConfig = { - Unmanaged = true; - }; - }; - }; - services.openssh = { - enable = true; - listenAddresses = [ - { - addr = addressList.${name}.ipv4; - port = 22; - } - ]; - settings.PasswordAuthentication = false; - settings.KbdInteractiveAuthentication = false; - }; - networking.firewall = { - enable = true; - allowedTCPPorts = [22]; - allowedUDPPorts = []; - logRefusedConnections = true; - }; - users.users = { - root = { - openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIItTJm2iu/5xacOoh4/JAvMtHE62duDlVVXpvVP+uQMR root@htz'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHM4Zr0PFN7QdOG2aJ+nuzRCK6caulrpY6bphA1Ppl8Y e@t14'' - ]; - }; - e = { - isNormalUser = true; - extraGroups = ["wheel"]; - openssh.authorizedKeys.keys = [ - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIItTJm2iu/5xacOoh4/JAvMtHE62duDlVVXpvVP+uQMR root@htz'' - ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILU2TUxKyGKoZ68IG4hw23RmxVf72u5K9W0StkgTr0b2 e@t14'' - ]; - }; - }; - documentation.enable = false; - system.stateVersion = "23.11"; - } - config; - }; -in { - microvm.vms = { - vm-k3s = genVMConfig { - name = "vm-k3s"; - config = import ./k3s.nix {inherit pkgs;}; - }; - }; -} diff --git a/nixos/htz/vms/k3s.nix b/nixos/htz/vms/k3s.nix deleted file mode 100644 index be87966..0000000 --- a/nixos/htz/vms/k3s.nix +++ /dev/null @@ -1,29 +0,0 @@ -{pkgs, ...}: { - environment.systemPackages = with pkgs; [ - k3s - ]; - services.k3s = { - enable = true; - role = "server"; - extraFlags = toString [ - "--disable traefik" - "--tls-san vm-k3s.tailc353f.ts.net" - ]; - }; - networking.firewall = { - allowedTCPPorts = [6443]; - }; - services.tailscale.enable = true; - microvm = { - vcpu = 2; - mem = 4096; - volumes = [ - { - image = "/var/lib/microvms/vm-k3s/vm-k3s-root.img"; - label = "vm-pool-root"; - mountPoint = "/"; - size = 100000; - } - ]; - }; -} diff --git a/nixos/htz/vms/pool.nix b/nixos/htz/vms/pool.nix deleted file mode 100644 index a4cae4b..0000000 --- a/nixos/htz/vms/pool.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ - system, - inputs, - pkgs, - ... -}: { - imports = [inputs.ethereum-nix.nixosModules.default]; - - environment.systemPackages = with pkgs; [ - vim - inputs.ethereum-nix.packages.${system}.rocketpool - docker-compose - ]; - environment.interactiveShellInit = '' - alias rp='rocketpool --allow-root' - ''; - virtualisation = { - docker = { - enable = true; - }; - }; - microvm = { - vcpu = 2; - mem = 4096; - volumes = [ - { - image = "/var/lib/microvms/vm-pool/vm-pool-root.img"; - label = "vm-pool-root"; - mountPoint = "/"; - size = 40000; - } - ]; - }; -} diff --git a/nixos/t14/configuration.nix b/nixos/t14/configuration.nix index ce33210..1e34ae7 100755 --- a/nixos/t14/configuration.nix +++ b/nixos/t14/configuration.nix @@ -93,7 +93,7 @@ in { ids = ["*"]; settings = { main = { - pause = "esc"; + pause = "timeout(esc, 150, space)"; scrolllock = "layer(shift)"; }; };