remove op5p

This commit is contained in:
Motiejus Jakštys 2024-06-26 22:45:14 +03:00
parent 7b3b356bf5
commit aa4f741840
9 changed files with 1 additions and 15296 deletions

View File

@ -64,12 +64,6 @@ rec {
publicIP = "88.223.107.21";
jakstIP = "100.89.176.4";
};
"vno1-op5p.servers.jakst" = rec {
extraHostNames = [jakstIP vno1IP];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILOB4Kv/bQGUD4pd3otqEMd69xmjguvIStRYoTP1wdhX root@vno1-op5p";
jakstIP = "100.89.176.11";
vno1IP = "192.168.189.12";
};
"vno3-rp3b.servers.jakst" = rec {
extraHostNames = [jakstIP];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBudUFFEBpUVdr26vLJup8Hk6wj1iDbOPPQnJbv6GUGC";

View File

@ -138,36 +138,6 @@
vm-x86_64 = mkVM "x86_64-linux";
vm-aarch64 = mkVM "aarch64-linux";
op5p = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [
{nixpkgs.overlays = overlays;}
./hosts/op5p/configuration.nix
home-manager.nixosModules.home-manager
];
specialArgs = {inherit myData;} // inputs;
};
vno1-op5p = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [
{nixpkgs.overlays = overlays;}
./hosts/vno1-op5p/configuration.nix
home-manager.nixosModules.home-manager
agenix.nixosModules.default
{
age.secrets = {
motiejus-passwd-hash.file = ./secrets/motiejus_passwd_hash.age;
root-passwd-hash.file = ./secrets/root_passwd_hash.age;
sasl-passwd.file = ./secrets/postfix_sasl_passwd.age;
};
}
];
specialArgs = {inherit myData;} // inputs;
};
mtworx = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
@ -348,18 +318,6 @@
};
};
vno1-op5p = {
hostname = myData.hosts."vno1-op5p.servers.jakst".jakstIP;
profiles = {
system = {
sshUser = "motiejus";
path =
self.nixosConfigurations.vno1-op5p.pkgs.deploy-rs.lib.activate.nixos self.nixosConfigurations.vno1-op5p;
user = "root";
};
};
};
vno3-rp3b = {
hostname = myData.hosts."vno3-rp3b.servers.jakst".jakstIP;
profiles = {

View File

@ -1,43 +0,0 @@
{...}: {
imports = [
../../modules
../../shared/platform/orangepi5plus.nix
];
mj = {
stateVersion = "23.11";
timeZone = "UTC";
username = "nixos";
base.users = {
enable = true;
user.initialHashedPassword = "";
root.initialHashedPassword = "";
};
};
services = {
pcscd.enable = true;
};
boot.supportedFilesystems = ["btrfs" "bcachefs"];
fileSystems = {
"/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
options = ["noatime"];
};
};
security.sudo = {
enable = true;
wheelNeedsPassword = false;
};
networking = {
hostName = "op5p";
domain = "jakstys.lt";
firewall.allowedTCPPorts = [22];
};
}

View File

@ -214,10 +214,6 @@
derivationTarget = ".#mtworx";
pingTarget = myData.hosts."mtworx.motiejus.jakst".jakstIP;
}
{
derivationTarget = ".#vno1-op5p";
pingTarget = myData.hosts."vno1-op5p.servers.jakst".jakstIP;
}
{
derivationTarget = ".#vno3-rp3b";
pingTarget = myData.hosts."vno3-rp3b.servers.jakst".jakstIP;
@ -499,10 +495,6 @@
job_name = "vno3-rp3b.servers.jakst";
static_configs = [{targets = ["${myData.hosts."vno3-rp3b.servers.jakst".jakstIP}:${port}"];}];
}
{
job_name = "vno1-op5p.servers.jakst";
static_configs = [{targets = ["${myData.hosts."vno1-op5p.servers.jakst".jakstIP}:${port}"];}];
}
{
job_name = "fwminex.motiejus.jakst";
static_configs = [{targets = ["${myData.hosts."fwminex.motiejus.jakst".jakstIP}:${port}"];}];

View File

@ -1,92 +0,0 @@
{
config,
myData,
...
}: let
#nvme = "/dev/disk/by-id/nvme-WDC_PC_SN730_SDBQNTY-256G-1001_19494D801165";
nvme = "/dev/nvme0n1";
in {
imports = [
../../modules
../../modules/profiles/btrfs
../../shared/platform/orangepi5plus.nix
];
boot = {
initrd = {
kernelModules = ["usb_storage"];
luks.devices = {
luksroot = {
#device = "${nvme}-part3";
device = "${nvme}p3";
allowDiscards = true;
keyFileOffset = 9728;
keyFileSize = 512;
keyFile = "/dev/sda";
};
};
};
};
swapDevices = [
{
device = "${nvme}p2";
randomEncryption.enable = true;
}
];
fileSystems = {
"/" = {
device = "/dev/mapper/luksroot";
fsType = "btrfs";
options = ["noatime" "compress=zstd"];
};
"/boot" = {
device = "${nvme}1";
fsType = "ext4";
};
};
mj = {
stateVersion = "23.11";
timeZone = "Europe/Vilnius";
username = "motiejus";
base.users = {
enable = true;
root.hashedPasswordFile = config.age.secrets.root-passwd-hash.path;
user.hashedPasswordFile = config.age.secrets.motiejus-passwd-hash.path;
};
services = {
tailscale.enable = true;
node_exporter.enable = true;
sshguard.enable = true;
postfix = {
enable = true;
saslPasswdPath = config.age.secrets.sasl-passwd.path;
};
deployerbot = {
follower = {
inherit (myData.hosts."vno1-oh2.servers.jakst") publicKey;
enable = true;
sshAllowSubnets = [myData.subnets.tailscale.sshPattern];
uidgid = myData.uidgid.updaterbot-deployee;
};
};
};
};
services.pcscd.enable = true;
networking = {
hostName = "vno1-op5p";
domain = "jakstys.lt";
firewall.allowedTCPPorts = [22];
};
}

View File

@ -10,9 +10,8 @@ let
mtworx = (import ./data.nix).hosts."mtworx.motiejus.jakst".publicKey;
fra1-a = (import ./data.nix).hosts."fra1-a.servers.jakst".publicKey;
vno1-oh2 = (import ./data.nix).hosts."vno1-oh2.servers.jakst".publicKey;
vno1-op5p = (import ./data.nix).hosts."vno1-op5p.servers.jakst".publicKey;
vno3-rp3b = (import ./data.nix).hosts."vno3-rp3b.servers.jakst".publicKey;
systems = [fra1-a vno1-oh2 vno1-op5p vno3-rp3b fwminex];
systems = [fra1-a vno1-oh2 vno3-rp3b fwminex];
mk = auth: keyNames:
builtins.listToAttrs (

View File

@ -1,65 +0,0 @@
{
config,
lib,
pkgs,
modulesPath,
...
}:
#let
#crossFast = pkgs.crossArm64.pkgsCross.aarch64-multiplatform;
#in
{
mj.skipPerf = true;
boot = {
#kernelPackages = crossNative.linuxPackagesFor (crossFast.buildLinux rec {
kernelPackages = pkgs.linuxPackagesFor (pkgs.buildLinux rec {
version = "6.10.0-rc1";
modDirVersion = "6.10.0-rc1";
src = builtins.fetchTarball {
url = "https://github.com/torvalds/linux/archive/refs/tags/v6.10-rc1.tar.gz";
# "unsupported snapshot format" 2024-05-06
#url = "https://git.kernel.org/torvalds/t/linux-6.9-rc1.tar.gz";
#url = "https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-6.8.tar.xz";
sha256 = "sha256:006frl76cwi9a4mw7x6vsyazgrjfiz1gn4q4hvpykqql5mar3a05";
};
kernelPatches = [
{
name = "orangepi-5-plus-collabora-${version}";
patch = ./orangepi5plus/rk3588-v6.10-rc1.patch;
}
{
name = "rk3588-crypto";
patch = ./orangepi5plus/rk3588-crypto.patch;
}
];
extraConfig = ''
CRYPTO_DEV_ROCKCHIP2 m
CRYPTO_DEV_ROCKCHIP2_DEBUG y
'';
extraMeta.branch = "6.10";
});
loader = {
grub.enable = false;
generic-extlinux-compatible.enable = true;
};
initrd.kernelModules = ["ahci_dwc" "phy_rockchip_naneng_combphy"];
consoleLogLevel = 7;
};
hardware.deviceTree.name = "rockchip/rk3588-orangepi-5-plus.dtb";
system.build = {
sdImage = import "${modulesPath}/../lib/make-disk-image.nix" {
name = "orangepi5-sd-image";
copyChannel = false;
inherit config lib pkgs;
};
#uboot = crossFast.callPackage ../../hacks/orangepi5plus/uboot {};
uboot = pkgs.callPackage ../../hacks/orangepi5plus/uboot {};
};
}

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff