remove op5p
This commit is contained in:
parent
7b3b356bf5
commit
aa4f741840
6
data.nix
6
data.nix
|
|
@ -64,12 +64,6 @@ rec {
|
|||
publicIP = "88.223.107.21";
|
||||
jakstIP = "100.89.176.4";
|
||||
};
|
||||
"vno1-op5p.servers.jakst" = rec {
|
||||
extraHostNames = [jakstIP vno1IP];
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILOB4Kv/bQGUD4pd3otqEMd69xmjguvIStRYoTP1wdhX root@vno1-op5p";
|
||||
jakstIP = "100.89.176.11";
|
||||
vno1IP = "192.168.189.12";
|
||||
};
|
||||
"vno3-rp3b.servers.jakst" = rec {
|
||||
extraHostNames = [jakstIP];
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBudUFFEBpUVdr26vLJup8Hk6wj1iDbOPPQnJbv6GUGC";
|
||||
|
|
|
|||
42
flake.nix
42
flake.nix
|
|
@ -138,36 +138,6 @@
|
|||
vm-x86_64 = mkVM "x86_64-linux";
|
||||
vm-aarch64 = mkVM "aarch64-linux";
|
||||
|
||||
op5p = nixpkgs.lib.nixosSystem {
|
||||
system = "aarch64-linux";
|
||||
modules = [
|
||||
{nixpkgs.overlays = overlays;}
|
||||
./hosts/op5p/configuration.nix
|
||||
home-manager.nixosModules.home-manager
|
||||
];
|
||||
specialArgs = {inherit myData;} // inputs;
|
||||
};
|
||||
|
||||
vno1-op5p = nixpkgs.lib.nixosSystem {
|
||||
system = "aarch64-linux";
|
||||
modules = [
|
||||
{nixpkgs.overlays = overlays;}
|
||||
./hosts/vno1-op5p/configuration.nix
|
||||
home-manager.nixosModules.home-manager
|
||||
|
||||
agenix.nixosModules.default
|
||||
{
|
||||
age.secrets = {
|
||||
motiejus-passwd-hash.file = ./secrets/motiejus_passwd_hash.age;
|
||||
root-passwd-hash.file = ./secrets/root_passwd_hash.age;
|
||||
sasl-passwd.file = ./secrets/postfix_sasl_passwd.age;
|
||||
};
|
||||
}
|
||||
];
|
||||
|
||||
specialArgs = {inherit myData;} // inputs;
|
||||
};
|
||||
|
||||
mtworx = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
|
|
@ -348,18 +318,6 @@
|
|||
};
|
||||
};
|
||||
|
||||
vno1-op5p = {
|
||||
hostname = myData.hosts."vno1-op5p.servers.jakst".jakstIP;
|
||||
profiles = {
|
||||
system = {
|
||||
sshUser = "motiejus";
|
||||
path =
|
||||
self.nixosConfigurations.vno1-op5p.pkgs.deploy-rs.lib.activate.nixos self.nixosConfigurations.vno1-op5p;
|
||||
user = "root";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
vno3-rp3b = {
|
||||
hostname = myData.hosts."vno3-rp3b.servers.jakst".jakstIP;
|
||||
profiles = {
|
||||
|
|
|
|||
|
|
@ -1,43 +0,0 @@
|
|||
{...}: {
|
||||
imports = [
|
||||
../../modules
|
||||
../../shared/platform/orangepi5plus.nix
|
||||
];
|
||||
|
||||
mj = {
|
||||
stateVersion = "23.11";
|
||||
timeZone = "UTC";
|
||||
username = "nixos";
|
||||
|
||||
base.users = {
|
||||
enable = true;
|
||||
user.initialHashedPassword = "";
|
||||
root.initialHashedPassword = "";
|
||||
};
|
||||
};
|
||||
|
||||
services = {
|
||||
pcscd.enable = true;
|
||||
};
|
||||
|
||||
boot.supportedFilesystems = ["btrfs" "bcachefs"];
|
||||
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
device = "/dev/disk/by-label/nixos";
|
||||
fsType = "ext4";
|
||||
options = ["noatime"];
|
||||
};
|
||||
};
|
||||
|
||||
security.sudo = {
|
||||
enable = true;
|
||||
wheelNeedsPassword = false;
|
||||
};
|
||||
|
||||
networking = {
|
||||
hostName = "op5p";
|
||||
domain = "jakstys.lt";
|
||||
firewall.allowedTCPPorts = [22];
|
||||
};
|
||||
}
|
||||
|
|
@ -214,10 +214,6 @@
|
|||
derivationTarget = ".#mtworx";
|
||||
pingTarget = myData.hosts."mtworx.motiejus.jakst".jakstIP;
|
||||
}
|
||||
{
|
||||
derivationTarget = ".#vno1-op5p";
|
||||
pingTarget = myData.hosts."vno1-op5p.servers.jakst".jakstIP;
|
||||
}
|
||||
{
|
||||
derivationTarget = ".#vno3-rp3b";
|
||||
pingTarget = myData.hosts."vno3-rp3b.servers.jakst".jakstIP;
|
||||
|
|
@ -499,10 +495,6 @@
|
|||
job_name = "vno3-rp3b.servers.jakst";
|
||||
static_configs = [{targets = ["${myData.hosts."vno3-rp3b.servers.jakst".jakstIP}:${port}"];}];
|
||||
}
|
||||
{
|
||||
job_name = "vno1-op5p.servers.jakst";
|
||||
static_configs = [{targets = ["${myData.hosts."vno1-op5p.servers.jakst".jakstIP}:${port}"];}];
|
||||
}
|
||||
{
|
||||
job_name = "fwminex.motiejus.jakst";
|
||||
static_configs = [{targets = ["${myData.hosts."fwminex.motiejus.jakst".jakstIP}:${port}"];}];
|
||||
|
|
|
|||
|
|
@ -1,92 +0,0 @@
|
|||
{
|
||||
config,
|
||||
myData,
|
||||
...
|
||||
}: let
|
||||
#nvme = "/dev/disk/by-id/nvme-WDC_PC_SN730_SDBQNTY-256G-1001_19494D801165";
|
||||
nvme = "/dev/nvme0n1";
|
||||
in {
|
||||
imports = [
|
||||
../../modules
|
||||
|
||||
../../modules/profiles/btrfs
|
||||
|
||||
../../shared/platform/orangepi5plus.nix
|
||||
];
|
||||
|
||||
boot = {
|
||||
initrd = {
|
||||
kernelModules = ["usb_storage"];
|
||||
luks.devices = {
|
||||
luksroot = {
|
||||
#device = "${nvme}-part3";
|
||||
device = "${nvme}p3";
|
||||
allowDiscards = true;
|
||||
keyFileOffset = 9728;
|
||||
keyFileSize = 512;
|
||||
keyFile = "/dev/sda";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
swapDevices = [
|
||||
{
|
||||
device = "${nvme}p2";
|
||||
randomEncryption.enable = true;
|
||||
}
|
||||
];
|
||||
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
device = "/dev/mapper/luksroot";
|
||||
fsType = "btrfs";
|
||||
options = ["noatime" "compress=zstd"];
|
||||
};
|
||||
"/boot" = {
|
||||
device = "${nvme}1";
|
||||
fsType = "ext4";
|
||||
};
|
||||
};
|
||||
|
||||
mj = {
|
||||
stateVersion = "23.11";
|
||||
timeZone = "Europe/Vilnius";
|
||||
username = "motiejus";
|
||||
|
||||
base.users = {
|
||||
enable = true;
|
||||
root.hashedPasswordFile = config.age.secrets.root-passwd-hash.path;
|
||||
user.hashedPasswordFile = config.age.secrets.motiejus-passwd-hash.path;
|
||||
};
|
||||
|
||||
services = {
|
||||
tailscale.enable = true;
|
||||
node_exporter.enable = true;
|
||||
sshguard.enable = true;
|
||||
|
||||
postfix = {
|
||||
enable = true;
|
||||
saslPasswdPath = config.age.secrets.sasl-passwd.path;
|
||||
};
|
||||
|
||||
deployerbot = {
|
||||
follower = {
|
||||
inherit (myData.hosts."vno1-oh2.servers.jakst") publicKey;
|
||||
|
||||
enable = true;
|
||||
sshAllowSubnets = [myData.subnets.tailscale.sshPattern];
|
||||
uidgid = myData.uidgid.updaterbot-deployee;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
services.pcscd.enable = true;
|
||||
|
||||
networking = {
|
||||
hostName = "vno1-op5p";
|
||||
domain = "jakstys.lt";
|
||||
firewall.allowedTCPPorts = [22];
|
||||
};
|
||||
}
|
||||
|
|
@ -10,9 +10,8 @@ let
|
|||
mtworx = (import ./data.nix).hosts."mtworx.motiejus.jakst".publicKey;
|
||||
fra1-a = (import ./data.nix).hosts."fra1-a.servers.jakst".publicKey;
|
||||
vno1-oh2 = (import ./data.nix).hosts."vno1-oh2.servers.jakst".publicKey;
|
||||
vno1-op5p = (import ./data.nix).hosts."vno1-op5p.servers.jakst".publicKey;
|
||||
vno3-rp3b = (import ./data.nix).hosts."vno3-rp3b.servers.jakst".publicKey;
|
||||
systems = [fra1-a vno1-oh2 vno1-op5p vno3-rp3b fwminex];
|
||||
systems = [fra1-a vno1-oh2 vno3-rp3b fwminex];
|
||||
|
||||
mk = auth: keyNames:
|
||||
builtins.listToAttrs (
|
||||
|
|
|
|||
|
|
@ -1,65 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
modulesPath,
|
||||
...
|
||||
}:
|
||||
#let
|
||||
#crossFast = pkgs.crossArm64.pkgsCross.aarch64-multiplatform;
|
||||
#in
|
||||
{
|
||||
mj.skipPerf = true;
|
||||
|
||||
boot = {
|
||||
#kernelPackages = crossNative.linuxPackagesFor (crossFast.buildLinux rec {
|
||||
kernelPackages = pkgs.linuxPackagesFor (pkgs.buildLinux rec {
|
||||
version = "6.10.0-rc1";
|
||||
modDirVersion = "6.10.0-rc1";
|
||||
|
||||
src = builtins.fetchTarball {
|
||||
url = "https://github.com/torvalds/linux/archive/refs/tags/v6.10-rc1.tar.gz";
|
||||
# "unsupported snapshot format" 2024-05-06
|
||||
#url = "https://git.kernel.org/torvalds/t/linux-6.9-rc1.tar.gz";
|
||||
#url = "https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-6.8.tar.xz";
|
||||
sha256 = "sha256:006frl76cwi9a4mw7x6vsyazgrjfiz1gn4q4hvpykqql5mar3a05";
|
||||
};
|
||||
kernelPatches = [
|
||||
{
|
||||
name = "orangepi-5-plus-collabora-${version}";
|
||||
patch = ./orangepi5plus/rk3588-v6.10-rc1.patch;
|
||||
}
|
||||
{
|
||||
name = "rk3588-crypto";
|
||||
patch = ./orangepi5plus/rk3588-crypto.patch;
|
||||
}
|
||||
];
|
||||
extraConfig = ''
|
||||
CRYPTO_DEV_ROCKCHIP2 m
|
||||
CRYPTO_DEV_ROCKCHIP2_DEBUG y
|
||||
'';
|
||||
|
||||
extraMeta.branch = "6.10";
|
||||
});
|
||||
|
||||
loader = {
|
||||
grub.enable = false;
|
||||
generic-extlinux-compatible.enable = true;
|
||||
};
|
||||
|
||||
initrd.kernelModules = ["ahci_dwc" "phy_rockchip_naneng_combphy"];
|
||||
consoleLogLevel = 7;
|
||||
};
|
||||
|
||||
hardware.deviceTree.name = "rockchip/rk3588-orangepi-5-plus.dtb";
|
||||
|
||||
system.build = {
|
||||
sdImage = import "${modulesPath}/../lib/make-disk-image.nix" {
|
||||
name = "orangepi5-sd-image";
|
||||
copyChannel = false;
|
||||
inherit config lib pkgs;
|
||||
};
|
||||
#uboot = crossFast.callPackage ../../hacks/orangepi5plus/uboot {};
|
||||
uboot = pkgs.callPackage ../../hacks/orangepi5plus/uboot {};
|
||||
};
|
||||
}
|
||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue