summaryrefslogtreecommitdiff
path: root/machines/pump-netboot.nix
blob: 5125440c574d66147fe9041cfb3697e981016ccc (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64

{ config, pkgs, lib, modulesPath, ... }: with lib; {
  imports = [
    (modulesPath + "/installer/netboot/netboot-minimal.nix")
  ];
  services.getty.autologinUser = lib.mkForce "root";
  users.users.root.openssh.authorizedKeys.keys = my.sshKeys;

  services.openssh.enable = true;
  sops.age.keyFile = "${config.my.home}/sops/age/keys.txt";
  services.syncthing = {
    cert = builtins.toFile "syncthing-cert" ''
      -----BEGIN CERTIFICATE-----
      MIICGzCCAaKgAwIBAgIIRGieK4FEhD0wCgYIKoZIzj0EAwIwSjESMBAGA1UEChMJ
      U3luY3RoaW5nMSAwHgYDVQQLExdBdXRvbWF0aWNhbGx5IEdlbmVyYXRlZDESMBAG
      A1UEAxMJc3luY3RoaW5nMB4XDTI0MDIxMTAwMDAwMFoXDTQ0MDIwNjAwMDAwMFow
      SjESMBAGA1UEChMJU3luY3RoaW5nMSAwHgYDVQQLExdBdXRvbWF0aWNhbGx5IEdl
      bmVyYXRlZDESMBAGA1UEAxMJc3luY3RoaW5nMHYwEAYHKoZIzj0CAQYFK4EEACID
      YgAEH/4taBY2lcNBXZCxNOklTahIlhN+ypYMOqw7LNlKZVdv7JzRR67akp/F99mF
      PA+IB1CQoPOTXUjnhm84Tob/8MoUA1jM5uspclxXG95eMw2J7E7svBEGJA2RsEQE
      dsU3o1UwUzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
      AQUFBwMCMAwGA1UdEwEB/wQCMAAwFAYDVR0RBA0wC4IJc3luY3RoaW5nMAoGCCqG
      SM49BAMCA2cAMGQCMCP0Ro0ZjGfQf9R3x3neKZzrJxkD11ZK9NBNTaeWAKbrhkjp
      qqW9uTONfIOXZmgtrQIwf6Ykr934UA5I6Rk8qNV8d082n3FNMw1NgK9GmUv2XMZ5
      eOpDAYJrhLx5jb7d3L4/
      -----END CERTIFICATE-----
    '';
  };

  networking.hostName = "pump";
  networking.domain = "vinkies.net";

  boot.supportedFilesystems = [ "zfs" ];
  boot.zfs.forceImportRoot = false;
  networking.hostId = "7da046cb";

  boot.initrd.availableKernelModules = [ "e1000e" ];
  boot.initrd.network = {
    enable = true;
    ssh = {
      enable = true; # Use a different port than your usual SSH port!
      port = 2222;
      hostKeys = [
        (/. + "${config.my.home}" + "/.ssh/initrd/key")
      ];
      authorizedKeys = my.sshKeys;
    };
    postCommands = ''
      echo "zfs load-key -a; killall zfs" >> /root/.profile
    '';
  };

  fileSystems."/data" =
    { device = "zpool/data";
      fsType = "zfs";
      neededForBoot = true;
    };

  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  system.stateVersion = "24.05";
  nix.extraOptions = mkForce ''
    experimental-features = nix-command flakes
  '';
  nix.package = mkForce pkgs.nixVersions.stable;
}
generated by cgit v1.2.3 (git 2.25.1) at 2026-02-12 09:50:19 +0000