forked from Fediversity/Fediversity
76 lines
1.6 KiB
Nix
76 lines
1.6 KiB
Nix
{ config, lib, ... }:
|
|
|
|
let
|
|
inherit (lib) mkDefault mkForce;
|
|
|
|
in
|
|
{
|
|
imports = [
|
|
../common/options.nix
|
|
../common/nixos
|
|
./forgejo-actions-runner.nix
|
|
];
|
|
|
|
procolixVm = {
|
|
name = "forgejo-ci";
|
|
domain = "procolix.com";
|
|
|
|
ipv4 = {
|
|
interface = "enp1s0f0";
|
|
address = "192.168.201.65";
|
|
prefixLength = 24;
|
|
gateway = "192.168.201.1";
|
|
};
|
|
ipv6.enable = false;
|
|
|
|
# Most Procolix machines are QEMU VMs so the options are tailored to them by
|
|
# default. `forgejo-ci` is not, so we need to explicitly disable them.
|
|
isQemuVm = false;
|
|
};
|
|
|
|
networking = {
|
|
nftables.enable = mkForce false;
|
|
hostId = "1d6ea552";
|
|
};
|
|
|
|
hardware.cpu.intel.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware;
|
|
|
|
boot = {
|
|
## In an initial version, we used `mkForce` to remove QEMU VM-specific
|
|
## kernel modules. This is a terrible idea as it will also remove other
|
|
## kernel modules, for instance the ones added for ZFS.
|
|
initrd = {
|
|
availableKernelModules = [
|
|
"ahci"
|
|
"xhci_pci"
|
|
"ehci_pci"
|
|
"nvme"
|
|
"megaraid_sas"
|
|
"usbhid"
|
|
"usb_storage"
|
|
"sd_mod"
|
|
];
|
|
kernelModules = [ ];
|
|
};
|
|
kernelModules = [ "kvm-intel" ];
|
|
};
|
|
|
|
fileSystems."/" = {
|
|
device = "rpool/root";
|
|
fsType = "zfs";
|
|
};
|
|
|
|
fileSystems."/home" = {
|
|
device = "rpool/home";
|
|
fsType = "zfs";
|
|
};
|
|
|
|
fileSystems."/boot" = {
|
|
device = "/dev/disk/by-uuid/50B2-DD3F";
|
|
fsType = "vfat";
|
|
options = [
|
|
"fmask=0077"
|
|
"dmask=0077"
|
|
];
|
|
};
|
|
}
|