hswaw/machines: add snowflake
This adds one of the 4 new fast machines that will run various one-off
workloads, initially mostly migrated off of the old dell m1000e blade
chassis, such as a virtualized boston-packets.
Change-Id: I4a85f8e14cd79257ad41bbe1519f33595f4e497a
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1981
Reviewed-by: q3k <q3k@hackerspace.pl>
diff --git a/hswaw/machines/snowflake/configuration.nix b/hswaw/machines/snowflake/configuration.nix
new file mode 100644
index 0000000..27d1264
--- /dev/null
+++ b/hswaw/machines/snowflake/configuration.nix
@@ -0,0 +1,59 @@
+{ config, lib, pkgs, ... }:
+
+let
+ ssh-keys = {
+ q3k = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG599UildOrAq+LIOQjKqtGMwjgjIxozI1jtQQRKHtCP q3k@mimeomia"
+ ];
+ implr = [
+ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC33naG1ptCvUcRWX9cj9wXM1nW1lyQC4SvMJzWlr9aMD96O8hQ2JMkuIUgUJvorAY02QRplQ2BuoVoVkdkzwjMyi1bL3OdgcKo7Z1yByClGTTocqNJYY0lcUb6EJH8+6e6F9ydrQlSxNzL1uCaA7phZr+yPcmAmWbSfioXn98yXNkE0emHxzJv/nypJY56sDCMC2IXDRd8L2goDtPwgPEW7bWfAQdIFMJ75xOidZOTxJ8eqyXLw/kxY5UlyX66jdoYz1sE5XUHuoQl1AOG9UdlMo0aMhUvP4pX5l7r7EnA9OttKMFB3oWqkVK/R6ynZ52YNOU5BZ9V+Ppaj34W0xNu+p0mbHcCtXYCTrf/OU0hcZDbDaNTjs6Vtcm2wYw9iAKX7Tex+eOMwUwlrlcyPNRV5BTot7lGNYfauHCSIuWJKN4NhCLR/NtVNh4/94eKkPTwJsY6XqDcS7q49wPAs4DAH7BJgsbHPOqygVHrY0YYEfz3Pj0HTxJHQMCP/hQX4fXEGt0BjgoVJbXPAQtPyeg0JuxiUg+b4CgVVfQ6R060MlM1BZzhmh+FY5MJH6nJppS0aHYCvSg8Z68NUlCPKy0jpcyfuAIWQWwSGG1O010WShQG2ELsvNdg5/4HVdCGNl5mmoom6JOd72FOZyQlHDFfeQUQRn9HOeCq/c51rK99SQ== bartek@IHM"
+ ];
+ patryk = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJVh2GYcw2teiQBSvwDkLgXodnUZyRvYXEkYW/E7hDsC patryk@raven"
+ ];
+ informatic = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDoKB2p/gFaKthQNXeQvSLzhOlLSq3vjVL3AEOBTMXGH informatic@atuin"
+ ];
+ ari = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGfIRe1nH6vwjQTjqHNnkKAdr1VYqGEeQnqInmf3A6UN ar@khas"
+ ];
+ };
+in {
+ imports =
+ [
+ ./hardware-configuration.nix
+ ];
+
+ boot.loader.systemd-boot.enable = true;
+ boot.loader.efi.canTouchEfiVariables = true;
+
+ networking.hostName = "snowflake";
+ networking.nameservers = [ "185.236.240.1" ];
+
+ time.timeZone = "Europe/Warsaw";
+
+ services.openssh.enable = true;
+
+ networking.hostId = "402e0aa7";
+ networking.interfaces = {
+ enp49s0f1.useDHCP = false;
+ enp49s0f0 = {
+ useDHCP = false;
+ ipv4 = {
+ addresses = [{
+ address = "185.236.240.42";
+ prefixLength = 28;
+ }];
+ routes = [{
+ address = "0.0.0.0";
+ prefixLength = 0;
+ via = "185.236.240.33";
+ }];
+ };
+ };
+ };
+
+ system.stateVersion = "24.11";
+ users.users.root.openssh.authorizedKeys.keys = lib.attrsets.foldlAttrs (acc: _: v: v ++ acc) [] ssh-keys;
+}
+
diff --git a/hswaw/machines/snowflake/hardware-configuration.nix b/hswaw/machines/snowflake/hardware-configuration.nix
new file mode 100644
index 0000000..5779174
--- /dev/null
+++ b/hswaw/machines/snowflake/hardware-configuration.nix
@@ -0,0 +1,38 @@
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+ imports =
+ [ (modulesPath + "/installer/scan/not-detected.nix")
+ ];
+
+ boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
+ boot.initrd.kernelModules = [ ];
+ boot.kernelModules = [ "kvm-amd" ];
+ boot.extraModulePackages = [ ];
+
+ fileSystems."/" =
+ { device = "snowflake/ROOT/nixos";
+ fsType = "zfs";
+ };
+
+ fileSystems."/var/lib/libvirt" =
+ { device = "snowflake/libvirt";
+ fsType = "zfs";
+ };
+
+ fileSystems."/nix" =
+ { device = "snowflake/nix";
+ fsType = "zfs";
+ };
+
+ fileSystems."/boot" =
+ { device = "/dev/disk/by-uuid/96F4-21FB";
+ fsType = "vfat";
+ options = [ "fmask=0022" "dmask=0022" ];
+ };
+
+ swapDevices = [ ];
+
+ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+ hardware.cpu.amd.updateMicrocode = true;
+}
diff --git a/ops/hive.nix b/ops/hive.nix
index a8b1eea..e9297c7 100644
--- a/ops/hive.nix
+++ b/ops/hive.nix
@@ -79,6 +79,14 @@
sha256 = "0jf6pnz4s5w9p35wd584hy7p6r5aaq1khfdxv2c1nqnmss05nn2b";
})
{ system = "aarch64-linux"; };
+
+ "snowflake.hackerspace.pl" = import
+ (fetchTarball {
+ # NixOS/nixpkgs/nixos-unstable 2024-06-11
+ url = "https://api.github.com/repos/NixOS/nixpkgs/tarball/c7b821ba2e1e635ba5a76d299af62821cbcb09f3";
+ sha256 = "0gzqmnniwqjs7hqi6y9zxf2by1j2nxa82zsixzskbr1yrw5vfcqr";
+ })
+ { system = "x86_64-linux"; };
};
allowApplyAll = false;
@@ -113,4 +121,5 @@
imports = [ ../hswaw/machines/printmaster.waw.hackerspace.pl/configuration.nix ];
deployment.buildOnTarget = true;
};
+ "snowflake.hackerspace.pl" = import ../hswaw/machines/snowflake/configuration.nix;
}