add host Remilia

hosts/servers/marisa.nix

@@ -0,0 +1,15 @@
+{lib, config, ...}:
+{
+  imports = 
+  [
+    ./pkgs.nix
+    ./stuff.nix
+    ./marisa/networking.nix
+    ./marisa/hardware.nix
+    ./marisa/boot.nix
+    ./marisa/services.nix
+    ./marisa/cachix.nix
+    ../../configs/nvim.nix
+  ];
+  system.stateVersion = "21.05";
+}

hosts/servers/marisa/boot.nix

@@ -0,0 +1,15 @@
+{config, ...}:
+{
+  boot = {
+    initrd.availableKernelModules = [ "xhci_pci" "usb_storage" "usbhid" "uas" "pcie-brcmstb"];
+    loader = {
+      grub.enable = false;
+      generic-extlinux-compatible.enable= true;
+      raspberryPi= {
+        version = 4;
+        firmwareConfig = "dtparam=sd_poll_once=on";
+        enable = true;  
+      };
+    };
+  };
+}

hosts/servers/marisa/cachix.nix

@@ -0,0 +1,14 @@
+
+# WARN: this file will get overwritten by $ cachix use <name>
+{ pkgs, lib, ... }:
+
+let
+  folder = ./cachix;
+  toImport = name: value: folder + ("/" + name);
+  filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key;
+  imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder));
+in {
+  inherit imports;
+  nix.binaryCaches = ["https://cache.nixos.org/"];
+}
+    

hosts/servers/marisa/cachix/rpi4.nix

@@ -0,0 +1,12 @@
+
+{
+  nix = {
+    binaryCaches = [
+      "https://rpi4.cachix.org"
+    ];
+    binaryCachePublicKeys = [
+      "rpi4.cachix.org-1:fMaYBuIlj/Sa9YTXnXMXoXnVZEoVhnFxOkxseKKlku8="
+    ];
+  };
+}
+    

hosts/servers/marisa/hardware.nix

@@ -0,0 +1,28 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, ... }:
+
+{
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
+      fsType = "ext4";
+    };
+
+  fileSystems."/nix/store" =
+    { device = "/nix/store";
+      fsType = "none";
+      options = [ "bind" ];
+    };
+
+  swapDevices = [
+    {
+      device = "/swapfile";
+      priority = 0;
+      size = 10240;
+    }
+  ];
+
+  powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
+  hardware.firmware = [ pkgs.raspberrypiWirelessFirmware ];
+}

hosts/servers/marisa/networking.nix

@@ -0,0 +1,22 @@
+{config, ...}:
+{
+  networking = {
+    hostName = "Marisa";
+    firewall.allowedTCPPorts = [ 22 80 ];
+    wireless = {
+      enable = false;
+      iwd.enable = true;
+    };
+    interfaces = {
+      wlan0 = {
+        useDHCP = false;
+        ipv4.addresses = [ {
+          prefixLength = 24;
+          address = "192.168.0.159";
+        } ];
+      };
+    };
+    defaultGateway = "192.168.0.1";
+    nameservers = [ "1.1.1.1" "8.8.8.8" ];
+  };
+}

hosts/servers/marisa/services.nix

@@ -0,0 +1,10 @@
+{config, ...}:
+{
+  services = {
+    openssh = {
+      enable = true;
+      permitRootLogin = "yes";
+    };
+    tailscale.enable = true;
+  };
+}

hosts/servers/pkgs.nix

@@ -0,0 +1,34 @@
+{lib, config, pkgs, ...}:
+{
+  environment.systemPackages = with pkgs; [
+    git
+    gnumake
+    htop
+    vim
+    wireguard
+  ];
+  programs = {
+    zsh = {
+      enable = true;
+      promptInit = "PROMPT='%B%F{cyan}%~ %F{blue}>%f%b '\nRPROMPT='%B%F{cyan}%n%f@%F{red}%m%b'";
+      histSize = 12000;
+      enableCompletion = true;
+      syntaxHighlighting.enable = true;
+      autosuggestions. enable = true;
+      ohMyZsh.enable = true;
+    };
+    gnupg = {
+      agent = {
+        enable = true;
+        pinentryFlavor = "curses";
+      };
+    };
+  };
+  nix = {
+    package = pkgs.nixUnstable;
+    extraOptions = ''
+      experimental-features = nix-command ca-references flakes
+    '';
+    trustedUsers = [ "root" ];
+  };
+}

hosts/servers/remilia.nix

@@ -0,0 +1,15 @@
+{lib, config, ...}:
+{
+  imports = 
+  [
+    ./pkgs.nix
+    ./stuff.nix
+    ./remilia/networking.nix
+    ./remilia/hardware.nix
+    ./remilia/boot.nix
+    ./remilia/services.nix
+    ../../configs/nvim.nix
+  ];
+  programs.gnupg.agent.enable = lib.mkForce false;
+  system.stateVersion = "21.11";
+}

hosts/servers/remilia/boot.nix

@@ -0,0 +1,13 @@
+{config, ...}:
+{
+  boot = {
+    initrd.kernelModules = [ "bochs_drm" ];
+    initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" ];
+    kernelModules = [ "kvm-amd" ];
+    kernelParams = [ "console=ttyS0" "console=tty1" "nvme.shutdown_timeout=10" "libiscsi.debug_libiscsi_eh=1" ];
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+  };
+}

hosts/servers/remilia/hardware.nix

@@ -0,0 +1,20 @@
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/d91adce2-9059-4a8a-86e7-dee6ecc85b2b";
+      fsType = "ext4";
+    };
+
+  swapDevices = [
+    { 
+      device="/swapfile";
+      size = 7168;
+      priority = 0;
+    }
+  ];
+}

hosts/servers/remilia/networking.nix

@@ -0,0 +1,13 @@
+{config, ...}:
+{
+  networking = {
+    useDHCP = false;
+    hostName = "Remilia";
+    firewall.allowedTCPPorts = [ 22 80 ];
+    interfaces = {
+      ens3 = {
+        useDHCP = true;
+      };
+    };
+  };
+}

hosts/servers/remilia/services.nix

@@ -0,0 +1,12 @@
+{config, ...}:
+{
+  services = {
+    openssh = {
+      enable = true;
+      permitRootLogin = "yes";
+    };
+  };
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHingN2Aho+KGgEvBMjtoez+W1svl9uVoa4vG0d646j"
+  ];
+}

hosts/servers/stuff.nix

@@ -0,0 +1,26 @@
+{config, pkgs, ...}:
+{
+  time.timeZone = "Asia/Kolkata";
+  environment = {
+    sessionVariables = {
+      EDITOR = "vim";
+    };
+  };
+  security = {
+    sudo.enable = false;
+    doas = {
+      enable = true;
+      extraRules = [
+        {
+          users = [ ];
+          keepEnv = true;
+          persist = true;
+        }
+      ];
+    };
+  };
+  documentation.enable = false;
+  users.extraUsers.root = {
+      shell = pkgs.zsh;
+    };
+}