Original commit

systems/selene/basesettings.nix

@@ -0,0 +1,33 @@
+{ ... }:
+{
+  imports = [
+    ./hardware-configuration.nix
+    ./networking.nix # generated at runtime by nixos-infect
+  ];
+
+  boot.tmp.cleanOnBoot = true;
+  zramSwap.enable = true;
+  networking.hostName = "selene";
+  networking.domain = "";
+  networking.firewall = {
+    enable = true;
+    allowedTCPPorts = [
+      22
+      80
+      443
+    ];
+  };
+
+  services.openssh.enable = true;
+  services.openssh.settings.PasswordAuthentication = false;
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKcfmaqbtwSEydV2hge/aDWxfwlKOw/JJZZWy8ycjojH hetzner@maxiemgeldhof.com"
+  ];
+
+  age.identityPaths = [ "/root/.ssh/id_ed25519" ];
+  system.stateVersion = "23.11";
+  nix.settings.experimental-features = [
+    "nix-command"
+    "flakes"
+  ];
+}

systems/selene/hardware.nix

@@ -0,0 +1,13 @@
+{ modulesPath, ... }:
+{
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+  boot.loader.grub = {
+    efiSupport = true;
+    efiInstallAsRemovable = true;
+    device = "nodev";
+  };
+  fileSystems."/boot" = { device = "/dev/disk/by-uuid/7AE2-203E"; fsType = "vfat"; };
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" ];
+  boot.initrd.kernelModules = [ "nvme" ];
+  fileSystems."/" = { device = "/dev/sdc1"; fsType = "ext4"; };
+}

systems/selene/networking.nix

@@ -0,0 +1,44 @@
+{ lib, ... }: {
+  # This file was populated at runtime with the networking
+  # details gathered from the active system.
+  networking = {
+    nameservers = [ "8.8.8.8" ];
+    defaultGateway = "172.31.1.1";
+    defaultGateway6 = {
+      address = "fe80::1";
+      interface = "eth0";
+    };
+    dhcpcd.enable = false;
+    usePredictableInterfaceNames = lib.mkForce false;
+    interfaces = {
+      eth0 = {
+        ipv4.addresses = [{
+          address = "37.27.207.39";
+          prefixLength = 32;
+        }];
+        ipv6.addresses = [
+          {
+            address = "2a01:4f9:c010:bbba::1";
+            prefixLength = 64;
+          }
+          {
+            address = "fe80::9000:6ff:fe5c:ed79";
+            prefixLength = 64;
+          }
+        ];
+        ipv4.routes = [{
+          address = "172.31.1.1";
+          prefixLength = 32;
+        }];
+        ipv6.routes = [{
+          address = "fe80::1";
+          prefixLength = 128;
+        }];
+      };
+
+    };
+  };
+  services.udev.extraRules = ''
+    ATTR{address}=="92:00:06:5c:ed:79", NAME="eth0"
+  '';
+}

systems/selene/system.nix

@@ -0,0 +1,19 @@
+{ agenix }:
+nixpkgs.lib.nixosSystem {
+  system = system;
+  specialArgs = {
+    # This selects the package for the current system and passes it
+    exporter-pkg = jellyfin-exporter.packages.${system}.default;
+  };
+
+  modules = [
+    ./basesettings.nix
+    ./users.nix
+    ../../modules/servermodules/packages.nix
+    (import ./nginx.nix "maxiemgeldhof.com")
+    ../../modules/servermodules/grafana.nix
+    ../../modules/servermodules/jellyfin.nix
+    ./volumes.nix
+    agenix.nixosModules.default
+  ];
+}

systems/selene/users.nix

@@ -0,0 +1,17 @@
+{
+  users.users.selene = {
+    isNormalUser = true;
+    home = "/home/selene";
+    hashedPassword = "$y$j9T$KjOwguW/7P9GvbNg6Yy.k/$8xf3aqnJ909HSjxtpe854RKdiXiPpbOLt.aiuJSfeC0";
+    openssh.authorizedKeys.keys = [
+      (builtins.readFile ../../keys/hetzner.pub)
+      (builtins.readFile ../../keys/asus.pub)
+      (builtins.readFile "../../keys/pacbook.pub")
+    ];
+
+    extraGroups = [
+      "wheel"
+      "networkmanager"
+    ];
+  };
+}

systems/selene/volumes.nix

@@ -0,0 +1,21 @@
+{
+  fileSystems."/mnt/volume-hel1-2" = {
+    device = "/dev/disk/by-id/scsi-0HC_Volume_103422022";
+    fsType = "ext4";
+    options = [
+      "defaults"
+      "discard"
+      "nofail"
+    ];
+  };
+
+  fileSystems."/mnt/volume-hel1-1" = {
+    device = "/dev/disk/by-id/scsi-0HC_Volume_103419450";
+    fsType = "ext4";
+    options = [
+      "defaults"
+      "discard"
+      "nofail"
+    ];
+  };
+}