agate: added

2025-05-05 12:33:23 +08:00 · 2025-05-05 12:33:23 +08:00 · 6f1ae9dcba
commit 6f1ae9dcba
parent 37c29252a3
10 changed files with 284 additions and 56 deletions
--- a/machines/agate/default.nix
+++ b/machines/agate/default.nix
@ -0,0 +1,67 @@
+{ lib, ... }:
+{
+  imports = [
+    ./hardware-configuration.nix
+    ./disk-config.nix
+    ./services
+  ];
+
+  boot.loader.grub = {
+    enable = true;
+    efiSupport = true;
+    efiInstallAsRemovable = true;
+    devices = lib.mkForce [ ];
+    mirroredBoots = [
+      {
+        devices = [
+          "/dev/disk/by-partlabel/disk-ssd1-system_p1"
+        ];
+        path = "/boot0";
+      }
+      {
+        devices = [
+          "/dev/disk/by-partlabel/disk-ssd2-system_p2"
+        ];
+        path = "/boot1";
+      }
+    ];
+  };
+
+  users.users.root.hashedPassword = "$y$j9T$vgLUF3/R0RJpDu7e22fSW.$CPomHsuRziERtNGUnnMZZDQG.Vj7LCe5PUOSbvkwSV3";
+
+  commonSettings = {
+    auth.enable = true;
+    nix = {
+      enable = true;
+    };
+    comin.enable = true;
+    network.localdns.enable = true;
+  };
+  system.stateVersion = "25.05";
+  time.timeZone = "Asia/Shanghai";
+
+  nix.settings = {
+    max-jobs = 8;
+    cores = 16;
+  };
+
+  services.tailscale = {
+    enable = true;
+    openFirewall = true;
+    permitCertUid = "caddy";
+  };
+
+  custom.prometheus.exporters = {
+    enable = true;
+    blackbox = {
+      enable = true;
+    };
+    node = {
+      enable = true;
+    };
+  };
+
+  custom.monitoring = {
+    promtail.enable = true;
+  };
+}
--- a/machines/agate/disk-config.nix
+++ b/machines/agate/disk-config.nix
@ -0,0 +1,91 @@
+{
+  disko.devices = {
+    disk = {
+      ssd1 = {
+        type = "disk";
+        device = "/dev/disk/by-path/pci-0004:49:00.0-sas-exp0x500e004aaaaaaa1f-phy1-lun-0";
+        content = {
+          type = "gpt";
+          partitions = {
+            BOOT = {
+              size = "1M";
+              type = "EF02";
+            };
+            ESP = {
+              size = "500M";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot0";
+              };
+            };
+            system_p1 = {
+              size = "100%";
+            };
+          };
+        };
+      };
+      ssd2 = {
+        type = "disk";
+        device = "/dev/disk/by-path/pci-0004:49:00.0-sas-exp0x500e004aaaaaaa1f-phy2-lun-0";
+        content = {
+          type = "gpt";
+          partitions = {
+            BOOT = {
+              size = "1M";
+              type = "EF02";
+            };
+            ESP = {
+              size = "500M";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot1";
+              };
+            };
+            system_p2 = {
+              size = "100%";
+              content = {
+                type = "btrfs";
+                extraArgs = [
+                  "-f"
+                  "-d raid1"
+                  "/dev/disk/by-partlabel/disk-ssd1-system_p1"
+                ];
+                subvolumes = {
+                  # Subvolume name is different from mountpoint
+                  "/rootfs" = {
+                    mountpoint = "/";
+                  };
+                  # Subvolume name is the same as the mountpoint
+                  "/home" = {
+                    mountOptions = [ "compress=zstd" ];
+                    mountpoint = "/home";
+                  };
+                  # Parent is not mounted so the mountpoint must be set
+                  "/nix" = {
+                    mountOptions = [
+                      "compress=zstd"
+                      "noatime"
+                    ];
+                    mountpoint = "/nix";
+                  };
+                  "/persistent" = {
+                    mountOptions = [
+                      "noatime"
+                      # Lots of dbs in /var/lib, let's disable cow
+                      "nodatacow"
+                    ];
+                    mountpoint = "/var/lib";
+                  };
+                };
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}
--- a/machines/agate/hardware-configuration.nix
+++ b/machines/agate/hardware-configuration.nix
@ -0,0 +1,23 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "mpt3sas" "sr_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
+}
--- a/machines/agate/services/default.nix
+++ b/machines/agate/services/default.nix
@ -0,0 +1,5 @@
+{
+  imports = [
+    ./hydra.nix
+  ];
+}
--- a/machines/agate/services/hydra.nix
+++ b/machines/agate/services/hydra.nix
@ -0,0 +1,8 @@
+{
+  services.hydra = {
+    enable = true;
+    hydraURL = "http://agate.coho-tet.ts.net:3000/";
+    notificationSender = "hydra@localhost";
+    buildMachinesFiles = [ ];
+  };
+}