feat: added eris

2025-12-06 21:17:14 -06:00 · 2025-10-24 18:20:56 -05:00 · 2025-10-24 18:20:56 -05:00 · 74f9c483ad
commit 74f9c483ad
parent c469f48b4e
11 changed files with 212 additions and 0 deletions
--- a/flake.nix
+++ b/flake.nix
@ -149,6 +149,16 @@
              inputs.lix-module.nixosModules.default
              inputs.sops-nix.nixosModules.sops
            ];
            eris = inputs.self.lib.mkLinuxSystem [
              ./systems/eris
              ./profiles/user0
              config.nixosModules.eris
              config.nixosModules.core
              config.nixosModules.mantle
              inputs.home-manager.nixosModules.home-manager
              inputs.lix-module.nixosModules.default
              inputs.sops-nix.nixosModules.sops
            ];
          };
          templates = {
            haskell = {
--- a/modules/config/default.nix
+++ b/modules/config/default.nix
@ -231,6 +231,7 @@ in
          ceresStorageDriveName = "NAS1";
          ceresIP = "192.168.50.140";
          erisIP = "192.168.50.139";
          deimosIP = "192.168.50.176";
          marsIP = "192.168.50.218";
          phoneIP = "192.168.50.243";
@ -244,6 +245,8 @@ in
            desktopLabel = "Mars";
            server = "ceres";
            serverLabel = "Ceres";
            eris = "eris";
            erisLabel = "Eris";
            laptop = "deimos";
            laptopLabel = "Deimos";
            laptop2 = "phobos";
--- a/modules/config/devices/config/eris.nix
+++ b/modules/config/devices/config/eris.nix
@ -0,0 +1,31 @@
 { moduleFunctions }:
 let
  inherit (moduleFunctions.devicesFunctions)
    fileModeAndDirMode
    ownerExclusiveReadWriteMask
    sambaPermissions
    userIdForUser0
    erisIP
    deviceNames
    ;
  erisName = deviceNames.eris;
 in
 {
  label = deviceNames.serverLabel;
  name = erisName;
  sync = {
    address0 = "";
  };
  ip = {
    address0 = erisIP;
  };
  boot = {
    options = ownerExclusiveReadWriteMask;
  };
  samba0 = {
    mount = "/mnt/media/${erisName}";
    device = "//${erisIP}";
    options = sambaPermissions ++ fileModeAndDirMode ++ userIdForUser0;
  };
 }
--- a/modules/home/default.nix
+++ b/modules/home/default.nix
@ -11,6 +11,7 @@ in
        deimos
        ceres
        phobos
        eris
        ;
      inherit (config.people)
        user0
@ -154,5 +155,12 @@ in
            ;
        };
      };
      "${eris.name}-${user0}" = {
        imports = builtins.attrValues {
          inherit (modules)
            cli
            ;
        };
      };
    };
 }
--- a/modules/nixos/default.nix
+++ b/modules/nixos/default.nix
@ -73,6 +73,14 @@ in
      };
    };
    eris = {
      imports = builtins.attrValues {
        inherit (modules)
          nextcloud
          ;
      };
    };
    crust = {
      imports = builtins.attrValues {
        inherit (modules)
--- a/systems/eris/config/boot.nix
+++ b/systems/eris/config/boot.nix
@ -0,0 +1,43 @@
 {
  pkgs,
  config,
  ...
 }:
 {
  boot = {
    extraModulePackages = [
      config.boot.kernelPackages.v4l2loopback.out
    ];
    supportedFilesystems = [
      "ntfs"
    ];
    initrd = {
      availableKernelModules = [
        "nvme"
        "ahci"
        "xhci_pci"
        "usb_storage"
        "usbhid"
        "sd_mod"
      ];
      kernelModules = [
      ];
    };
    kernelModules = [
      "kvm-amd"
      "vfio-pci"
      "v4l2loopback"
    ];
    kernelPackages = pkgs.linuxPackages_latest;
    loader = {
      efi = {
        canTouchEfiVariables = true;
        efiSysMountPoint = "/boot";
      };
      systemd-boot.enable = true;
    };
  };
 }
--- a/systems/eris/config/filesystem.nix
+++ b/systems/eris/config/filesystem.nix
@ -0,0 +1,18 @@
 {
  fileSystems = {
    "/" = {
      device = "/dev/disk/by-uuid/de4e681b-0667-4bf8-8d6e-c50894aa41cd";
      fsType = "ext4";
    };
    "/boot" = {
      device = "/dev/disk/by-uuid/C68D-B1C0";
      fsType = "vfat";
    };
  };
  swapDevices = [
    { device = "/dev/disk/by-uuid/259fcc06-912c-4bd3-b781-8f77449e935a"; }
  ];
  services.udisks2.enable = true;
 }
--- a/systems/eris/config/graphics.nix
+++ b/systems/eris/config/graphics.nix
@ -0,0 +1,17 @@
 {
  hardware = {
    graphics = {
      enable = true;
    };
  };
  services.xserver = {
    videoDrivers = [
      "intel"
      "modesetting"
    ];
    deviceSection = ''
      Option "TearFree" "true"
    '';
  };
 }
--- a/systems/eris/config/hardware.nix
+++ b/systems/eris/config/hardware.nix
@ -0,0 +1,15 @@
 {
  config,
  lib,
  pkgs,
  ...
 }:
 {
  hardware = {
    firmware = [
      pkgs.rtl8761b-firmware
    ];
    enableAllFirmware = true;
    cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
  };
 }
--- a/systems/eris/config/networking.nix
+++ b/systems/eris/config/networking.nix
@ -0,0 +1,42 @@
 {
  lib,
  flake,
  ...
 }:
 let
  inherit (flake.config.machines.devices) eris;
 in
 {
  networking = {
    hostName = eris.name;
    networkmanager.enable = true;
    nftables.enable = true;
    useDHCP = lib.mkDefault true;
    firewall = {
      enable = true;
      allowedTCPPorts = [
        22 # SSH
        25 # SMTP
        139 # SMTP
        587 # SMTP
        2525 # SMTP
      ];
    };
  };
  services = {
    avahi = {
      enable = true;
      openFirewall = true;
      nssmdns4 = true;
      publish = {
        enable = true;
        userServices = true;
      };
    };
    sshd.enable = true;
    openssh = {
      enable = true;
      settings.PasswordAuthentication = false;
    };
  };
 }
--- a/systems/eris/default.nix
+++ b/systems/eris/default.nix
@ -0,0 +1,17 @@
 { lib, ... }:
 let
  configPath = ./config;
  ceresImports =
    let
      files = builtins.attrNames (builtins.readDir configPath);
    in
    map (name: configPath + "/${name}") (
      builtins.filter (name: builtins.match ".*\\.nix$" name != null) files
    );
 in
 {
  imports = ceresImports;
  nixpkgs.hostPlatform = lib.mkForce "x86_64-linux";
  system.stateVersion = lib.mkForce "24.05";
 }