diff --git a/hosts/Infini-OPTIPLEX/bare_install.bash b/hosts/Infini-OPTIPLEX/bare_install.bash new file mode 100755 index 0000000..738a30e --- /dev/null +++ b/hosts/Infini-OPTIPLEX/bare_install.bash @@ -0,0 +1,7 @@ +#!/usr/bin/env bash +# [[file:readme.org::bare_install][bare_install]] +# [[file:readme.org::bare_install][installing]] +echo "LOG: Installing NixOS" +sudo nixos-install --flake /etc/nixos#Infini-OPTIPLEX --no-root-password +# installing ends here +# bare_install ends here diff --git a/hosts/Infini-OPTIPLEX/data_setup.bash b/hosts/Infini-OPTIPLEX/data_setup.bash new file mode 100755 index 0000000..230654f --- /dev/null +++ b/hosts/Infini-OPTIPLEX/data_setup.bash @@ -0,0 +1,16 @@ +#!/usr/bin/env bash +# [[file:readme.org::data_setup][data_setup]] +# [[file:readme.org::data_setup][boilerplate]] +DISK=$1 +PART=$DISK$2 + +sudo mkdir -p /mnt +# boilerplate ends here + +# [[file:readme.org::data_setup][mount_check]] +if mountpoint -q -- "/mnt"; then + echo "ERROR: /mnt is a mounted filesystem, aborting" + exit 1 +fi +# mount_check ends here +# data_setup ends here diff --git a/hosts/Infini-OPTIPLEX/default.nix b/hosts/Infini-OPTIPLEX/default.nix new file mode 100644 index 0000000..4866202 --- /dev/null +++ b/hosts/Infini-OPTIPLEX/default.nix @@ -0,0 +1,44 @@ +{ config, pkgs, lib, private, ... }: { + imports = [ + ./hardware-configuration.nix + ./filesystems.nix + ]; + + system.stateVersion = "23.05"; + + modules = { + boot = { + grub.enable = true; + timeout = 1; + }; + + hardware = { + form.server = true; + }; + }; + + environment.persistence."/persist" = { + directories = [ + "/home" + "/etc/nixos" + "/etc/nixos-private" + + # /var directories + "/var/log" + "/var/lib/systemd/coredump" + "/var/lib/tailscale" + + "/srv" + ]; + + files = [ + "/etc/machine-id" + + "/root/.local/share/nix/trusted-settings.json" + "/root/.ssh/known_hosts" + "/root/.ssh/id_ed25519" + "/root/.ssh/id_ed25519.pub" + "/root/.ssh/immutable_files.txt" + ]; + }; +} diff --git a/hosts/Infini-OPTIPLEX/filesystems.nix b/hosts/Infini-OPTIPLEX/filesystems.nix new file mode 100644 index 0000000..01e389f --- /dev/null +++ b/hosts/Infini-OPTIPLEX/filesystems.nix @@ -0,0 +1,59 @@ +{ config, lib, pkgs, ... }: +let + uuid = uuid: "/dev/disk/by-uuid/${uuid}"; + main = uuid "9d4bf2d8-f139-42e7-937a-541a7870d806"; + commonOptions = [ "autodefrag" "noatime" "ssd" "compress=zstd:1" ]; +in +{ + fileSystems = { + "/" = { + device = "none"; + fsType = "tmpfs"; + options = [ "defaults" "size=16G" "mode=755" ]; + }; + + "/media/main" = { + device = main; + fsType = "btrfs"; + options = commonOptions; + }; + + "/persist" = { + device = main; + fsType = "btrfs"; + options = [ "subvol=root" ] ++ commonOptions; + neededForBoot = true; + }; + + "/etc/ssh" = { + device = main; + fsType = "btrfs"; + options = [ "subvol=root/etc/ssh" ] ++ commonOptions; + neededForBoot = true; + }; + + "/nix" = { + device = main; + fsType = "btrfs"; + options = [ "subvol=nix" ] ++ commonOptions; + neededForBoot = true; + }; + + "/boot" = { + device = main; + fsType = "btrfs"; + options = [ "subvol=boot" ] ++ commonOptions; + neededForBoot = true; + }; + + "/boot/efi" = { + device = uuid "23B2-DCD2"; + fsType = "vfat"; + neededForBoot = true; + }; + }; + + swapDevices = [ + { device = uuid "a002985f-68c9-46a1-b62e-1c6aec6bd3f3"; } + ]; +} diff --git a/hosts/Infini-OPTIPLEX/hardware-configuration.nix b/hosts/Infini-OPTIPLEX/hardware-configuration.nix new file mode 100644 index 0000000..d017e16 --- /dev/null +++ b/hosts/Infini-OPTIPLEX/hardware-configuration.nix @@ -0,0 +1,10 @@ +{ config, lib, pkgs, ... }: + +{ + boot.initrd.availableKernelModules = [ "nvme" "usb_storage" "xhci_pci" "ahci" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; +} diff --git a/hosts/Infini-OPTIPLEX/install.bash b/hosts/Infini-OPTIPLEX/install.bash new file mode 100755 index 0000000..fffb24d --- /dev/null +++ b/hosts/Infini-OPTIPLEX/install.bash @@ -0,0 +1,62 @@ +#!/usr/bin/env bash +# [[file:readme.org::install][install]] +# [[file:readme.org::mount][mount]] +# [[file:readme.org::mount][boilerplate]] +DISK=$1 +PART=$DISK$2 + +sudo mkdir -p /mnt +# boilerplate ends here + +# [[file:readme.org::mount][mount_check]] +if mountpoint -q -- "/mnt"; then + echo "ERROR: /mnt is a mounted filesystem, aborting" + exit 1 +fi +# mount_check ends here + +# [[file:readme.org::mounting][mounting]] +echo "LOG: Mounting tmpfs" +sudo mount -t tmpfs root /mnt + +mntopts="autodefrag,noatime,compress=zstd:1" + +echo "LOG: - Mounting persistent directories" +sudo mkdir -p /mnt/persist /mnt/nix /mnt/boot /mnt/etc/ssh +sudo mount -o subvol=root,$mntopts "${PART}2" /mnt/persist +sudo mount -o subvol=nix,$mntopts "${PART}2" /mnt/nix +sudo mount -o subvol=boot,$mntopts "${PART}2" /mnt/boot +sudo mount -o subvol=root/etc/ssh,$mntopts "${PART}2" /mnt/etc/ssh + +echo "LOG: - - Mounting persistent subdirectories" +sudo mkdir -p /mnt/home +sudo mount --bind /mnt/persist/home /mnt/home + +echo "LOG: - Mounting EFI System Partition" +sudo mkdir -p /mnt/boot/efi +sudo mount "${PART}1" /mnt/boot/efi +# mounting ends here +# mount ends here + +# [[file:readme.org::installing][installing]] +echo "LOG: Installing NixOS" +sudo nixos-install --flake /etc/nixos#Infini-OPTIPLEX --no-root-password +# installing ends here + +# [[file:readme.org::install_extra][install_extra]] +echo "LOG: Cloning configuration" +sudo chown -R infinidoge /mnt/persist/etc/nixos /mnt/persist/etc/nixos-private + +git clone --no-hardlinks --progress ssh://git@github.com/infinidoge/universe.git /mnt/persist/etc/nixos +git clone --no-hardlinks --progress ssh://git@github.com/infinidoge/universe-private.git /mnt/persist/etc/nixos-private + +echo "LOG: Installing Doom Emacs" +git clone --no-hardlinks --progress --depth 1 https://github.com/doomemacs/doomemacs /mnt/persist/home/infinidoge/.config/emacs +HOME=/mnt/persist/home/infinidoge /mnt/persist/home/infinidoge/.config/emacs/bin/doom install --no-config --force +# install_extra ends here + +# [[file:readme.org::cleanup][cleanup]] +echo "LOG: Unmounting all" +sudo umount -R /mnt +# cleanup ends here +# install ends here diff --git a/hosts/Infini-OPTIPLEX/install_extras.bash b/hosts/Infini-OPTIPLEX/install_extras.bash new file mode 100755 index 0000000..2718c2b --- /dev/null +++ b/hosts/Infini-OPTIPLEX/install_extras.bash @@ -0,0 +1,14 @@ +#!/usr/bin/env bash +# [[file:readme.org::install_extras][install_extras]] +# [[file:readme.org::install_extras][install_extra]] +echo "LOG: Cloning configuration" +sudo chown -R infinidoge /mnt/persist/etc/nixos /mnt/persist/etc/nixos-private + +git clone --no-hardlinks --progress ssh://git@github.com/infinidoge/universe.git /mnt/persist/etc/nixos +git clone --no-hardlinks --progress ssh://git@github.com/infinidoge/universe-private.git /mnt/persist/etc/nixos-private + +echo "LOG: Installing Doom Emacs" +git clone --no-hardlinks --progress --depth 1 https://github.com/doomemacs/doomemacs /mnt/persist/home/infinidoge/.config/emacs +HOME=/mnt/persist/home/infinidoge /mnt/persist/home/infinidoge/.config/emacs/bin/doom install --no-config --force +# install_extra ends here +# install_extras ends here diff --git a/hosts/Infini-OPTIPLEX/mount.bash b/hosts/Infini-OPTIPLEX/mount.bash new file mode 100755 index 0000000..84ccbcb --- /dev/null +++ b/hosts/Infini-OPTIPLEX/mount.bash @@ -0,0 +1,38 @@ +#!/usr/bin/env bash +# [[file:readme.org::mount][mount]] +# [[file:readme.org::mount][boilerplate]] +DISK=$1 +PART=$DISK$2 + +sudo mkdir -p /mnt +# boilerplate ends here + +# [[file:readme.org::mount][mount_check]] +if mountpoint -q -- "/mnt"; then + echo "ERROR: /mnt is a mounted filesystem, aborting" + exit 1 +fi +# mount_check ends here + +# [[file:readme.org::mount][mounting]] +echo "LOG: Mounting tmpfs" +sudo mount -t tmpfs root /mnt + +mntopts="autodefrag,noatime,compress=zstd:1" + +echo "LOG: - Mounting persistent directories" +sudo mkdir -p /mnt/persist /mnt/nix /mnt/boot /mnt/etc/ssh +sudo mount -o subvol=root,$mntopts "${PART}2" /mnt/persist +sudo mount -o subvol=nix,$mntopts "${PART}2" /mnt/nix +sudo mount -o subvol=boot,$mntopts "${PART}2" /mnt/boot +sudo mount -o subvol=root/etc/ssh,$mntopts "${PART}2" /mnt/etc/ssh + +echo "LOG: - - Mounting persistent subdirectories" +sudo mkdir -p /mnt/home +sudo mount --bind /mnt/persist/home /mnt/home + +echo "LOG: - Mounting EFI System Partition" +sudo mkdir -p /mnt/boot/efi +sudo mount "${PART}1" /mnt/boot/efi +# mounting ends here +# mount ends here diff --git a/hosts/Infini-OPTIPLEX/prep.bash b/hosts/Infini-OPTIPLEX/prep.bash new file mode 100755 index 0000000..62ca482 --- /dev/null +++ b/hosts/Infini-OPTIPLEX/prep.bash @@ -0,0 +1,50 @@ +#!/usr/bin/env bash +# [[file:readme.org::preparation][preparation]] +# [[file:readme.org::boilerplate][boilerplate]] +DISK=$1 +PART=$DISK$2 + +sudo mkdir -p /mnt +# boilerplate ends here + +# [[file:readme.org::mount_check][mount_check]] +if mountpoint -q -- "/mnt"; then + echo "ERROR: /mnt is a mounted filesystem, aborting" + exit 1 +fi +# mount_check ends here + +# [[file:readme.org::partitioning][partitioning]] +echo "LOG: Partitioning $DISK" +sudo parted $DISK -- mktable gpt +sudo parted $DISK -s -- mkpart ESP fat32 1MiB 512MiB +sudo parted $DISK -s -- mkpart primary btrfs 512MiB -12GiB +sudo parted $DISK -s -- mkpart primary linux-swap -12GiB 100% +sudo parted $DISK -s -- set 1 esp on +# partitioning ends here + +# [[file:readme.org::filesystems][filesystems]] +echo "LOG: Making filesystems" +echo "- Making fat32 filesystem on ${PART}1" +sudo mkfs.fat -F 32 -n boot "${PART}1" +echo "- Making btrfs filesystem on ${PART}2" +sudo mkfs.btrfs "${PART}2" -L "Infini-OPTIPLEX" -f +echo "- Making swap space on ${PART}3" +sudo mkswap -L swap "${PART}3" +# filesystems ends here + +# [[file:readme.org::subvolumes][subvolumes]] +echo "LOG: Making subvolumes on ${PART}2" +sudo mount "${PART}2" /mnt +sudo btrfs subvolume create /mnt/root +sudo btrfs subvolume create /mnt/root/home +sudo mkdir -p /mnt/root/etc +sudo btrfs subvolume create /mnt/root/etc/nixos +sudo btrfs subvolume create /mnt/root/etc/nixos-private +sudo btrfs subvolume create /mnt/root/etc/ssh +sudo btrfs subvolume create /mnt/boot +sudo btrfs subvolume create /mnt/nix +sudo btrfs subvolume create /mnt/nix/store +sudo umount /mnt +# subvolumes ends here +# preparation ends here diff --git a/hosts/Infini-OPTIPLEX/readme.org b/hosts/Infini-OPTIPLEX/readme.org new file mode 100644 index 0000000..9cb2d9c --- /dev/null +++ b/hosts/Infini-OPTIPLEX/readme.org @@ -0,0 +1,179 @@ +#+TITLE: Infini-OPTIPLEX Setup +#+AUTHOR: Infinidoge +#+OPTIONS: toc:nil +#+LaTeX_CLASS_OPTIONS: [12pt] +#+LATEX_HEADER: \usepackage[margin=1in]{geometry} + +* Partition Scheme + +| Position | Label | FS Type | Size | Type | +|----------+-------------------+------------------+------+----------------------| +| 1 | =boot= | =vfat= / =fat32= | 511M | EFI System Partition | +| 2 | =Infini-OPTIPLEX= | =btrfs= | Rest | Root Partition | +| 3 | =swap= | =swap= | 24G | Swap Space | + +* Configuration + +Setup for another server hosting computer, which I keep with me at college. Using the =server= form factor from =hardware/form=. + +* Setup Scripts + +#+NAME: preparation +#+BEGIN_SRC bash :tangle prep.bash :shebang "#!/usr/bin/env bash" :noweb yes :comments noweb +<> + +<> + +<> + +<> + +<> +#+END_SRC + +#+NAME: install +#+BEGIN_SRC bash :tangle install.bash :shebang "#!/usr/bin/env bash" :noweb yes :comments noweb +<> + +<> + +<> + +<> +#+END_SRC + +#+NAME: mount +#+BEGIN_SRC bash :tangle mount.bash :shebang "#!/usr/bin/env bash" :noweb yes :comments noweb +<> + +<> + +<> +#+END_SRC + +#+NAME: bare_install +#+BEGIN_SRC bash :tangle bare_install.bash :shebang "#!/usr/bin/env bash" :noweb yes :comments noweb +<> +#+END_SRC + +#+NAME: install_extras +#+BEGIN_SRC bash :tangle install_extras.bash :shebang "#!/usr/bin/env bash" :noweb yes :comments noweb +<> +#+END_SRC + +** Script Boilerplate + +#+NAME: boilerplate +#+BEGIN_SRC bash +DISK=$1 +PART=$DISK$2 + +sudo mkdir -p /mnt +#+END_SRC + +#+NAME: mount_check +#+BEGIN_SRC bash +if mountpoint -q -- "/mnt"; then + echo "ERROR: /mnt is a mounted filesystem, aborting" + exit 1 +fi +#+END_SRC + +** Partitioning + +#+NAME: partitioning +#+BEGIN_SRC bash +echo "LOG: Partitioning $DISK" +sudo parted $DISK -- mktable gpt +sudo parted $DISK -s -- mkpart ESP fat32 1MiB 512MiB +sudo parted $DISK -s -- mkpart primary btrfs 512MiB -12GiB +sudo parted $DISK -s -- mkpart primary linux-swap -12GiB 100% +sudo parted $DISK -s -- set 1 esp on +#+END_SRC + +** Making Filesystems + +#+NAME: filesystems +#+BEGIN_SRC bash +echo "LOG: Making filesystems" +echo "- Making fat32 filesystem on ${PART}1" +sudo mkfs.fat -F 32 -n boot "${PART}1" +echo "- Making btrfs filesystem on ${PART}2" +sudo mkfs.btrfs "${PART}2" -L "Infini-OPTIPLEX" -f +echo "- Making swap space on ${PART}3" +sudo mkswap -L swap "${PART}3" +#+END_SRC + +** Making Subvolumes + +#+NAME: subvolumes +#+BEGIN_SRC bash +echo "LOG: Making subvolumes on ${PART}2" +sudo mount "${PART}2" /mnt +sudo btrfs subvolume create /mnt/root +sudo btrfs subvolume create /mnt/root/home +sudo mkdir -p /mnt/root/etc +sudo btrfs subvolume create /mnt/root/etc/nixos +sudo btrfs subvolume create /mnt/root/etc/nixos-private +sudo btrfs subvolume create /mnt/root/etc/ssh +sudo btrfs subvolume create /mnt/boot +sudo btrfs subvolume create /mnt/nix +sudo btrfs subvolume create /mnt/nix/store +sudo umount /mnt +#+END_SRC + +** Mounting Volumes + +#+NAME: mounting +#+BEGIN_SRC bash +echo "LOG: Mounting tmpfs" +sudo mount -t tmpfs root /mnt + +mntopts="autodefrag,noatime,compress=zstd:1" + +echo "LOG: - Mounting persistent directories" +sudo mkdir -p /mnt/persist /mnt/nix /mnt/boot /mnt/etc/ssh +sudo mount -o subvol=root,$mntopts "${PART}2" /mnt/persist +sudo mount -o subvol=nix,$mntopts "${PART}2" /mnt/nix +sudo mount -o subvol=boot,$mntopts "${PART}2" /mnt/boot +sudo mount -o subvol=root/etc/ssh,$mntopts "${PART}2" /mnt/etc/ssh + +echo "LOG: - - Mounting persistent subdirectories" +sudo mkdir -p /mnt/home +sudo mount --bind /mnt/persist/home /mnt/home + +echo "LOG: - Mounting EFI System Partition" +sudo mkdir -p /mnt/boot/efi +sudo mount "${PART}1" /mnt/boot/efi +#+END_SRC + +** Installing + +#+NAME: installing +#+BEGIN_SRC bash +echo "LOG: Installing NixOS" +sudo nixos-install --flake /etc/nixos#Infini-OPTIPLEX --no-root-password +#+END_SRC + +** Extra (Install) + +#+NAME: install_extra +#+BEGIN_SRC bash +echo "LOG: Cloning configuration" +sudo chown -R infinidoge /mnt/persist/etc/nixos /mnt/persist/etc/nixos-private + +git clone --no-hardlinks --progress ssh://git@github.com/infinidoge/universe.git /mnt/persist/etc/nixos +git clone --no-hardlinks --progress ssh://git@github.com/infinidoge/universe-private.git /mnt/persist/etc/nixos-private + +echo "LOG: Installing Doom Emacs" +git clone --no-hardlinks --progress --depth 1 https://github.com/doomemacs/doomemacs /mnt/persist/home/infinidoge/.config/emacs +HOME=/mnt/persist/home/infinidoge /mnt/persist/home/infinidoge/.config/emacs/bin/doom install --no-config --force +#+END_SRC + +** Cleanup + +#+NAME: cleanup +#+BEGIN_SRC bash +echo "LOG: Unmounting all" +sudo umount -R /mnt +#+END_SRC diff --git a/users/root/ssh-keys.nix b/users/root/ssh-keys.nix index e2a13e0..1db7e00 100644 --- a/users/root/ssh-keys.nix +++ b/users/root/ssh-keys.nix @@ -2,4 +2,5 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDr+9QqgaRCDbX0JPGc7IklJVHuIlyTpGRJlL7gpsPv5 root@Infini-DESKTOP" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILpoorDhO2CdjU8WR4Xyi2oh/4cGnLMbRwypKY90drPu root@Infini-FRAMEWORK" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhEbaLMlKApKtQn4+6yYwWCzAu8DBKdlXYz7N96CMHM root@Infini-SERVER" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGQe81gbL+CQHCTu0z69gAMQ2Sgznlxfzsb5qL4ROuB0 root@Infini-OPTIPLEX" ]