init new infra

newinfra/nix/hive.nix

@@ -0,0 +1,93 @@
+{
+  meta = {
+    # Override to pin the Nixpkgs version (recommended). This option
+    # accepts one of the following:
+    # - A path to a Nixpkgs checkout
+    # - The Nixpkgs lambda (e.g., import <nixpkgs>)
+    # - An initialized Nixpkgs attribute set
+    # TODO: Pin
+    nixpkgs = import <nixpkgs>;
+
+    # If your Colmena host has nix configured to allow for remote builds
+    # (for nix-daemon, your user being included in trusted-users)
+    # you can set a machines file that will be passed to the underlying
+    # nix-store command during derivation realization as a builders option.
+    # For example, if you support multiple orginizations each with their own
+    # build machine(s) you can ensure that builds only take place on your
+    # local machine and/or the machines specified in this file.
+    # machinesFile = ./machines.client-a;
+  };
+
+  defaults = { pkgs, ... }: {
+    # This module will be imported by all hosts
+    environment.systemPackages = with pkgs; [
+      vim
+      wget
+      curl
+      traceroute
+      dnsutils
+    ];
+    time.timeZone = "Europe/Zurich";
+    users.users.root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG0n1ikUG9rYqobh7WpAyXrqZqxQoQ2zNJrFPj12gTpP nilsh@PC-Nils'' ];
+
+    boot.tmp.cleanOnBoot = true;
+    zramSwap.enable = true;
+
+    services.openssh.enable = true;
+    # By default, Colmena will replace unknown remote profile
+    # (unknown means the profile isn't in the nix store on the
+    # host running Colmena) during apply (with the default goal,
+    # boot, and switch).
+    # If you share a hive with others, or use multiple machines,
+    # and are not careful to always commit/push/pull changes
+    # you can accidentaly overwrite a remote profile so in those
+    # scenarios you might want to change this default to false.
+    # deployment.replaceUnknownProfiles = true;
+  };
+
+  dns1 = { name, nodes, modulesPath, ... }: {
+    imports = [ ./modules/dns (modulesPath + "/profiles/qemu-guest.nix") ];
+
+    # The name and nodes parameters are supported in Colmena,
+    # allowing you to reference configurations in other nodes.
+    networking.hostName = name;
+
+    deployment.targetHost = "dns1.nilstrieb.dev";
+    deployment.tags = [ "dns" "us" ];
+
+    system.stateVersion = "23.11";
+
+    boot.loader.grub.device = "/dev/sda";
+    boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
+    boot.initrd.kernelModules = [ "nvme" ];
+    fileSystems."/" = { device = "/dev/sda3"; fsType = "ext4"; };
+  };
+
+  /*host-b = {
+    # Like NixOps and Morph, Colmena will attempt to connect to
+    # the remote host using the attribute name by default. You
+    # can override it like:
+    deployment.targetHost = "dns2.infra.noratrieb.dev";
+
+    # It's also possible to override the target SSH port.
+    # For further customization, use the SSH_CONFIG_FILE
+    # environment variable to specify a ssh_config file.
+    deployment.targetPort = 1234;
+
+    # Override the default for this target host
+    deployment.replaceUnknownProfiles = false;
+
+    # You can filter hosts by tags with --on @tag-a,@tag-b.
+    # In this example, you can deploy to hosts with the "web" tag using:
+    #    colmena apply --on @web
+    # You can use globs in tag matching as well:
+    #    colmena apply --on '@infra-*'
+    deployment.tags = [ "dns" "eu" ];
+
+    boot.loader.grub.device = "/dev/sda";
+    fileSystems."/" = {
+      device = "/dev/sda1";
+      fsType = "ext4";
+    };
+  };*/
+}