feat: adding kolyma-5 ns server

kolyma-labs · Dec 1, 2024 · 5ebb77a · 5ebb77a
1 parent b29446b
commit 5ebb77a
Show file tree

Hide file tree

Showing 10 changed files with 357 additions and 1 deletion.
diff --git a/flake.lock b/flake.lock
diff --git a/flake.nix b/flake.nix
@@ -23,6 +23,12 @@
       inputs.nixpkgs.follows = "nixpkgs";
     };
 
+    # Disko
+    disko = {
+      url = "github:nix-community/disko";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
     # Flake utils for eachSystem
     flake-utils.url = "github:numtide/flake-utils";
 
@@ -127,6 +133,7 @@
             "Kolyma-2"
             "Kolyma-3"
             "Kolyma-4"
+            "Kolyma-5"
           ];
         };
       };

diff --git a/nixos/kolyma-4/services/bind.nix b/nixos/kolyma-4/services/bind.nix
@@ -0,0 +1,33 @@
+{ outputs, ... }:
+{
+  imports = [ outputs.nixosModules.bind ];
+
+  # Enable Nameserver hosting
+  services.nameserver = {
+    enable = true;
+    type = "slave";
+    zones = [
+      # Personal Space
+      "orzklv.uz"
+      "kolyma.uz"
+      "katsuki.moe"
+      "gulag.uz"
+
+      # Not that personal
+      "khakimovs.uz"
+      "dumba.uz"
+
+      # Projects
+      "slave.uz"
+      "floss.uz"
+      "sabine.uz"
+      "rust-lang.uz"
+      "osmon-lang.uz"
+      "xinux.uz"
+      "haskell.uz"
+      "niggerlicious.uz"
+      "misskey.uz"
+    ];
+    masters = [ "167.235.96.40" ];
+  };
+}
diff --git a/nixos/kolyma-5/configuration.nix b/nixos/kolyma-5/configuration.nix
@@ -0,0 +1,58 @@
+{
+  inputs,
+  outputs,
+  lib,
+  config,
+  pkgs,
+  ...
+}:
+{
+  imports = [
+    # If you want to use modules your own flake exports (from modules/nixos):
+    outputs.nixosModules.ssh
+    outputs.nixosModules.zsh
+    outputs.nixosModules.boot
+    outputs.nixosModules.data
+    outputs.nixosModules.maid
+    outputs.nixosModules.motd
+    outputs.nixosModules.root
+    outputs.nixosModules.secret
+    outputs.nixosModules.network
+    outputs.nixosModules.nixpkgs
+
+    # User configs
+    outputs.nixosModules.users.sakhib
+
+    # Import your deployed service list
+    ./services
+
+    # Import your generated (nixos-generate-config) hardware configuration
+    ./hardware-configuration.nix
+
+    # Home Manager NixOS Module
+    inputs.home-manager.nixosModules.home-manager
+  ];
+
+  # Hostname of the system
+  networking.hostName = "Kolyma-4";
+
+  # Entirely disable hibernation
+  systemd.sleep.extraConfig = ''
+    AllowSuspend=no
+    AllowHibernation=no
+    AllowHybridSleep=no
+    AllowSuspendThenHibernate=no
+  '';
+
+  # Don't ask for password
+  security.sudo.wheelNeedsPassword = false;
+
+  # Open ports in the firewall.
+  # networking.firewall.allowedTCPPorts = [ ... ];
+  # networking.firewall.allowedUDPPorts = [ ... ];
+  # Or disable the firewall altogether.
+  # networking.firewall.enable = false;
+
+  # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
+  system.stateVersion = "24.11";
+}
diff --git a/nixos/kolyma-5/disk-configuration.nix b/nixos/kolyma-5/disk-configuration.nix
@@ -0,0 +1,112 @@
+{
+  disko.devices = {
+    disk = {
+      nvme0n1 = {
+        type = "disk";
+        device = "/dev/nvme0n1";
+        content = {
+          type = "gpt";
+          partitions = {
+            BOOT = {
+              size = "1M";
+              type = "EF02";
+              priority = 1;
+            };
+            ESP = {
+              size = "500M";
+              type = "EF00";
+              priority = 2;
+              content = {
+                type = "mdraid";
+                name = "boot";
+              };
+            };
+            SWAP = {
+              size = "130G";
+              content = {
+                type = "mdraid";
+                name = "swap";
+              };
+            };
+            ROOT = {
+              size = "100%";
+              content = {
+                type = "mdraid";
+                name = "root";
+              };
+            };
+          };
+        };
+      };
+      nvme1n1 = {
+        type = "disk";
+        device = "/dev/nvme1n1";
+        content = {
+          type = "gpt";
+          partitions = {
+            BOOT = {
+              size = "1M";
+              type = "EF02";
+            };
+            ESP = {
+              size = "500M";
+              type = "EF00";
+              content = {
+                type = "mdraid";
+                name = "boot";
+              };
+            };
+            SWAP = {
+              size = "130G";
+              content = {
+                type = "mdraid";
+                name = "swap";
+              };
+            };
+            ROOT = {
+              size = "100%";
+              content = {
+                type = "mdraid";
+                name = "root";
+              };
+            };
+          };
+        };
+      };
+    };
+    mdadm = {
+      root = {
+        type = "mdadm";
+        level = 1;
+        content = {
+          type = "gpt";
+          partitions.primary = {
+            size = "100%";
+            content = {
+              type = "filesystem";
+              format = "ext4";
+              mountpoint = "/";
+            };
+          };
+        };
+      };
+      boot = {
+        type = "mdadm";
+        level = 1;
+        metadata = "1.0";
+        content = {
+          type = "filesystem";
+          format = "vfat";
+          mountpoint = "/boot";
+        };
+      };
+      swap = {
+        type = "mdadm";
+        level = 1;
+        content = {
+          type = "swap";
+        };
+      };
+    };
+  };
+}
diff --git a/nixos/kolyma-5/hardware-configuration.nix b/nixos/kolyma-5/hardware-configuration.nix
@@ -0,0 +1,53 @@
+{
+  inputs,
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:
+{
+  imports = [
+    # Disko partitioning
+    inputs.disko.nixosModules.disko
+    ./disk-configuration.nix
+
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "ahci"
+    "nvme"
+    "usbhid"
+  ];
+  boot.initrd.kernelModules = [ "nvme" ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  boot.bios = {
+    enable = true;
+    uefi = true;
+    raided = true;
+    mirrors = [
+      "/dev/nvme0n1"
+      "/dev/nvme1n1"
+    ];
+  };
+
+  network = {
+    enable = true;
+
+    ipv4 = {
+      enable = true;
+      address = "65.109.74.214";
+    };
+
+    ipv6 = {
+      enable = true;
+      address = "2a01:4f9:3071:31ce::";
+    };
+  };
+
+  nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
+}
diff --git a/nixos/kolyma-5/services/bind.nix b/nixos/kolyma-5/services/bind.nix
@@ -0,0 +1,33 @@
+{ outputs, ... }:
+{
+  imports = [ outputs.nixosModules.bind ];
+
+  # Enable Nameserver hosting
+  services.nameserver = {
+    enable = true;
+    type = "master";
+    zones = [
+      # Personal Space
+      "orzklv.uz"
+      "kolyma.uz"
+      "katsuki.moe"
+      "gulag.uz"
+
+      # Not that personal
+      "khakimovs.uz"
+      "dumba.uz"
+
+      # Projects
+      "slave.uz"
+      "floss.uz"
+      "sabine.uz"
+      "rust-lang.uz"
+      "osmon-lang.uz"
+      "xinux.uz"
+      "haskell.uz"
+      "niggerlicious.uz"
+      "misskey.uz"
+    ];
+    slaves = [ "65.109.74.214" ];
+  };
+}
diff --git a/nixos/kolyma-5/services/container.nix b/nixos/kolyma-5/services/container.nix
@@ -0,0 +1,11 @@
+{ outputs, ... }:
+{
+  imports = [ outputs.nixosModules.container ];
+
+  # Enable containerization
+  services.containers = {
+    enable = true;
+    instances = { };
+    ports = [ ];
+  };
+}
diff --git a/nixos/kolyma-5/services/default.nix b/nixos/kolyma-5/services/default.nix
@@ -0,0 +1,15 @@
+# Fallback validation point of all modules
+{ ... }:
+{
+  # List all modules here to be included on config
+  imports = [
+    # Bind nameserver service for hosting personal domains
+    ./bind.nix
+
+    # List of docker instances hosted in this machine
+    ./container.nix
+
+    # Web server & proxy virtual hosts via caddy
+    ./www.nix
+  ];
+}