feat: introduce Oracle VMs and Hetzner VMs as hardware types
This includes aarch64-linux variants for these hosters. Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
This commit is contained in:
parent
acaaad68bb
commit
3b6be269d6
|
@ -6,8 +6,8 @@
|
||||||
./hardening.nix
|
./hardening.nix
|
||||||
./nix.nix
|
./nix.nix
|
||||||
./raito-proxy-aware-nginx.nix
|
./raito-proxy-aware-nginx.nix
|
||||||
./raito-vm.nix
|
|
||||||
./sysadmin
|
./sysadmin
|
||||||
|
./hardware
|
||||||
./zsh.nix
|
./zsh.nix
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
7
common/hardware/default.nix
Normal file
7
common/hardware/default.nix
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
{ ... }: {
|
||||||
|
imports = [
|
||||||
|
./raito-vm.nix
|
||||||
|
./oracle-vm.nix
|
||||||
|
./hetzner.nix
|
||||||
|
];
|
||||||
|
}
|
76
common/hardware/hetzner.nix
Normal file
76
common/hardware/hetzner.nix
Normal file
|
@ -0,0 +1,76 @@
|
||||||
|
|
||||||
|
{ lib, config, ... }:
|
||||||
|
let
|
||||||
|
cfg = config.bagel.hardware.hetzner;
|
||||||
|
inherit (lib) mkEnableOption mkIf mkOption types;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options.bagel.hardware.hetzner = {
|
||||||
|
enable = mkEnableOption "Hetzner's hardware defaults";
|
||||||
|
|
||||||
|
platformType = mkOption {
|
||||||
|
# Only VMs are supported.
|
||||||
|
type = types.enum [ "virtual-machine" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
system = mkOption {
|
||||||
|
# Only the aarch64-linux VM Hetzner is supported.
|
||||||
|
type = types.enum [ "aarch64-linux" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
networking.wan = {
|
||||||
|
mac = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
description = "MAC address of the WAN interface in the Hetzner machine";
|
||||||
|
};
|
||||||
|
address = mkOption {
|
||||||
|
type = types.listOf types.str;
|
||||||
|
description = "List of static addresses attached to the WAN interface";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = mkIf cfg.enable {
|
||||||
|
# A bunch of stuff is virtio.
|
||||||
|
boot.initrd.availableKernelModules = [
|
||||||
|
"xhci_pci"
|
||||||
|
"usbhid"
|
||||||
|
"sr_mod"
|
||||||
|
"virtio_gpu"
|
||||||
|
"virtio_scsi"
|
||||||
|
"virtio_rng"
|
||||||
|
"virtio_pci"
|
||||||
|
];
|
||||||
|
|
||||||
|
boot.loader.systemd-boot.enable = true;
|
||||||
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
|
||||||
|
networking.useDHCP = lib.mkDefault false;
|
||||||
|
|
||||||
|
# Stolen from the netplan provided by aarch64 Ubuntu images.
|
||||||
|
systemd.network.enable = true;
|
||||||
|
systemd.network.links."10-wan" = {
|
||||||
|
linkConfig.Name = "wan";
|
||||||
|
matchConfig.MACAddress = cfg.networking.mac;
|
||||||
|
};
|
||||||
|
systemd.network.networks."10-wan" = {
|
||||||
|
matchConfig.Name = "wan";
|
||||||
|
networkingConfig.Address = cfg.networking.address;
|
||||||
|
linkConfig.RequiredForOnline = true;
|
||||||
|
DHCP = "ipv4";
|
||||||
|
routes = [
|
||||||
|
{
|
||||||
|
routeConfig = {
|
||||||
|
Destination = "::/0";
|
||||||
|
GatewayOnLink = true;
|
||||||
|
Gateway = "fe80::1";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
dhcpV4Config = {
|
||||||
|
RouteMetric = 100;
|
||||||
|
UseMTU = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
44
common/hardware/oracle-vm.nix
Normal file
44
common/hardware/oracle-vm.nix
Normal file
|
@ -0,0 +1,44 @@
|
||||||
|
|
||||||
|
{ lib, config, ... }:
|
||||||
|
let
|
||||||
|
cfg = config.bagel.hardware.oracle-vm;
|
||||||
|
inherit (lib) mkEnableOption mkIf mkOption types;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options.bagel.hardware.oracle-vm = {
|
||||||
|
enable = mkEnableOption "Oracle's VM hardware defaults";
|
||||||
|
|
||||||
|
system = mkOption {
|
||||||
|
# Only the free Oracle VMs are supported.
|
||||||
|
type = types.enum [ "aarch64-linux" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = mkIf cfg.enable {
|
||||||
|
boot.loader.systemd-boot.enable = true;
|
||||||
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
|
||||||
|
boot.initrd.availableKernelModules = [ "xhci_pci" "virtio_pci" "usbhid" "sr_mod" ];
|
||||||
|
boot.initrd.kernelModules = [ ];
|
||||||
|
boot.kernelModules = [ ];
|
||||||
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
|
nixpkgs.hostPlatform = cfg.system;
|
||||||
|
|
||||||
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||||
|
# still possible to use this option, but it's recommended to use it in conjunction
|
||||||
|
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||||
|
networking.useDHCP = lib.mkDefault false;
|
||||||
|
# Examples:
|
||||||
|
# 2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
|
||||||
|
# link/ether 02:00:17:00:91:6e brd ff:ff:ff:ff:ff:ff
|
||||||
|
# inet 10.0.0.94/24 brd 10.0.0.255 scope global dynamic noprefixroute enp0s3
|
||||||
|
# valid_lft 44162sec preferred_lft 33362sec
|
||||||
|
# inet6 fe80::17ff:fe00:916e/64 scope link
|
||||||
|
# valid_lft forever preferred_lft forever
|
||||||
|
# [root@build02-aarch64-lahfa:~]# ip r
|
||||||
|
# default via 10.0.0.1 dev enp0s3 proto dhcp src 10.0.0.94 metric 1002 mtu 9000
|
||||||
|
networking.interfaces.enp0s3.useDHCP = lib.mkDefault true;
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in a new issue