mirror of
https://github.com/CHN-beta/nixos.git
synced 2024-10-22 23:39:02 +08:00
devices.xmupc2: init
This commit is contained in:
parent
097010113d
commit
075a5f255f
114
devices/xmupc2/default.nix
Normal file
114
devices/xmupc2/default.nix
Normal file
@ -0,0 +1,114 @@
|
||||
inputs:
|
||||
{
|
||||
config =
|
||||
{
|
||||
nixos =
|
||||
{
|
||||
system =
|
||||
{
|
||||
fileSystems =
|
||||
{
|
||||
mount =
|
||||
{
|
||||
vfat."/dev/disk/by-uuid/467C-02E3" = "/boot/efi";
|
||||
btrfs =
|
||||
{
|
||||
"/dev/disk/by-uuid/2f9060bc-09b5-4348-ad0f-3a43a91d158b" = { "/nix" = "/nix"; "/nix/boot" = "/boot"; };
|
||||
"/dev/disk/by-uuid/a04a1fb0-e4ed-4c91-9846-2f9e716f6e12" =
|
||||
{
|
||||
"/nix/rootfs" = "/nix/rootfs";
|
||||
"/nix/persistent" = "/nix/persistent";
|
||||
"/nix/nodatacow" = "/nix/nodatacow";
|
||||
"/nix/rootfs/current" = "/";
|
||||
};
|
||||
};
|
||||
};
|
||||
swap = [ "/nix/swap/swap" ];
|
||||
rollingRootfs =
|
||||
{
|
||||
device = "/dev/disk/by-uuid/a04a1fb0-e4ed-4c91-9846-2f9e716f6e12";
|
||||
waitDevices = [ "/dev/disk/by-partuuid/cdbfc7d4-965e-42f2-89a3-eb2202849429" ];
|
||||
};
|
||||
};
|
||||
grub.installDevice = "efi";
|
||||
nixpkgs =
|
||||
{
|
||||
march = "skylake";
|
||||
cuda =
|
||||
{
|
||||
enable = true;
|
||||
capabilities =
|
||||
[
|
||||
# p5000 p400
|
||||
"6.1"
|
||||
# 2080 Ti
|
||||
"7.5"
|
||||
# 3090
|
||||
"8.6"
|
||||
# 4090
|
||||
"8.9"
|
||||
];
|
||||
forwardCompat = false;
|
||||
};
|
||||
};
|
||||
gui = { preferred = false; autoStart = true; };
|
||||
kernel.patches = [ "cjktty" "lantian" ];
|
||||
networking.hostname = "xmupc2";
|
||||
};
|
||||
hardware =
|
||||
{
|
||||
cpus = [ "intel" ];
|
||||
gpu.type = "nvidia";
|
||||
bluetooth.enable = true;
|
||||
joystick.enable = true;
|
||||
printer.enable = true;
|
||||
sound.enable = true;
|
||||
};
|
||||
packages.packageSet = "workstation";
|
||||
virtualization = { waydroid.enable = true; docker.enable = true; kvmHost = { enable = true; gui = true; }; };
|
||||
services =
|
||||
{
|
||||
snapper.enable = true;
|
||||
fontconfig.enable = true;
|
||||
sshd = { enable = true; passwordAuthentication = true; };
|
||||
xray.client =
|
||||
{
|
||||
enable = true;
|
||||
serverAddress = "74.211.99.69";
|
||||
serverName = "vps6.xserver.chn.moe";
|
||||
dns.extraInterfaces = [ "docker0" ];
|
||||
};
|
||||
firewall.trustedInterfaces = [ "virbr0" "waydroid0" ];
|
||||
smartd.enable = true;
|
||||
beesd =
|
||||
{
|
||||
enable = true;
|
||||
instances = { root = { device = "/"; hashTableSizeMB = 16384; threads = 4; }; };
|
||||
};
|
||||
wireguard =
|
||||
{
|
||||
enable = true;
|
||||
peers = [ "vps6" ];
|
||||
publicKey = "JEY7D4ANfTpevjXNvGDYO6aGwtBGRXsf/iwNwjwDRQk=";
|
||||
wireguardIp = "192.168.83.7";
|
||||
};
|
||||
slurm =
|
||||
{
|
||||
enable = true;
|
||||
cpu = { cores = 16; threads = 2; };
|
||||
memoryMB = 94208;
|
||||
gpus = { "3090" = 1; "4090" = 1; };
|
||||
};
|
||||
xrdp = { enable = true; hostname = [ "xmupc2.chn.moe" ]; };
|
||||
samba =
|
||||
{
|
||||
enable = true;
|
||||
hostsAllowed = "192.168. 127.";
|
||||
shares = { home.path = "/home"; root.path = "/"; };
|
||||
};
|
||||
};
|
||||
bugs = [ "xmunet" "amdpstate" ];
|
||||
users.users = [ "chn" "xll" "zem" "yjq" "gb" ];
|
||||
};
|
||||
};
|
||||
}
|
44
devices/xmupc2/secrets/default.yaml
Normal file
44
devices/xmupc2/secrets/default.yaml
Normal file
@ -0,0 +1,44 @@
|
||||
acme:
|
||||
cloudflare.ini: ENC[AES256_GCM,data:PjCyozvFTXxA///enYYbaMZ8ISfFjJviLVKfdOcMSi5G3CEjEsp1Ez4krbgy4/eJo4v9HfTN0bMmUnl2OHOyzTg=,iv:e1iQZ5JUHkzfnfP956Lzl3FWs11xdULctA5MZsALtU0=,tag:8X2Q/Hixxn/ci4XRSUDidg==,type:str]
|
||||
nginx:
|
||||
maxmind-license: ENC[AES256_GCM,data:/7R7w+fiMw54Cmd7y/wT/s8RMqFMf3Fc0Mph0ZhURmCzowkmLEhtmw==,iv:i+Z+2NbssI864Edwf73SQfaeFuWoqr+U8eQ/8R23FOk=,tag:8ITlkS97vlsmHM1HDk6/3A==,type:str]
|
||||
xray-client:
|
||||
uuid: ENC[AES256_GCM,data:4PM/d263HgBseIgRplgo5ahJ8u8HuPznXt2hW5O+VawS6WjP,iv:98Ymj4eiCGQPMcaHBI9zJAaRagm82mF0LY2c9bzA+/s=,tag:8imXq/hxAxS5XKy0uWIBPw==,type:str]
|
||||
wireguard:
|
||||
privateKey: ENC[AES256_GCM,data:Azaqung7llErB7/IdnOnEkwjQ39yQHKcO7VgvMDCDTExM7nS0zx+yMYX4ls=,iv:FX8oLHMBVEnKkYOg8q2A9vFmtRZDws5T87+lEl7+2G8=,tag:DdOQUbNKB6JK7Tp6McQ0Og==,type:str]
|
||||
users:
|
||||
xll: ENC[AES256_GCM,data:tGzKVg4prhg9oXOSX0FJIAWdF79CWsFuiU8U12dSnkBIgRXPZlJkz9mLLTENm6SjftItt/ku4MDj94KnM+nPYkIorTYtEuergg==,iv:oavvRf7/21LuDksUiXLfR2/qQNz5O6JyroxX1DwC6gc=,tag:qYbW1ZQtXo+2qGrl5wuZkA==,type:str]
|
||||
zem: ENC[AES256_GCM,data:r2BDtAfMohsnoqw51/flvkiXe/EtJtDhakEyOTPX2E7cikfPtPD9iJPd2RnNkS3QPBKg08ex5ce2e3ywzGgNX5RKrxIacpxSSA==,iv:VfhEqTvS9qVFGif+SkBdz8VR6BXEnncMYcPQW4qqNk8=,tag:t4JBEhX+6iqnrd0JoLKpmA==,type:str]
|
||||
yjq: ENC[AES256_GCM,data:Yb9gVDrWhpmBYI8JlGee30J+PVFVGLo4btFVGToUVj3Sr2bPetY96mEJoxYQha7SPKBoZ7+ePzWYiYOi43MZ6sYndj3C6sYmYg==,iv:2H2+ZmIIDJAKds1XSMqVcUpsix3rbxLkVlBIIAK3ifg=,tag:7redx03BsscRrk+e7dqXdg==,type:str]
|
||||
gb: ENC[AES256_GCM,data:ZoprrHc2l0nkqy4ujYQfxNENMEnfpRhCIxX7jMPoWeTrJt2sE1AloWeVFsArJKTx8krpW96X3AXpUIauMH9kc/CviPop2QMgDw==,iv:fOIVPEHDvyZ45G9uRbx2gBE0KuZy+aEWALlXusDJ1YU=,tag:G6hZLn9/99Kj+wZAeNyxkQ==,type:str]
|
||||
mariadb:
|
||||
slurm: ENC[AES256_GCM,data:qQMD8SKNmxb3PdScXNqppF9zkX7dV5i7rvljvZuhiI5zLnu77qYCHBW6ymh0mrY14N9NjxmQZhZWX/H8TvBlcg==,iv:J5N3LjCYW3QmuEkMBpl7qvPFW1Z9ZoPLkj45jKcIW9U=,tag:Tl+ld07+lVkmzt7f/f2MqQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age19ax6vm3pv8rph5tq3mmehd9sy9jk823tw8svsd790r0lkslycquqvlwz9m
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5RWIreCtMeTZ0UE9Zd2di
|
||||
VE9tR0x6SUNyWjlPV1BqMU5Tb0RTSXNGN2hNCkxuVjFFb0xJZTBMekxqdE96RlRh
|
||||
czF0dHQxdVhsNE5tVWg0Q2RmYktsWDgKLS0tIFY3dHRlbFpsWUsyTzA3RVR1Qyts
|
||||
UUJHMU13cm1lOXhRYzhSWlFyTFltYWcKDUxABRGskWWpHEFL44gHYzAqaQ3AmBDt
|
||||
LcL/4IiEs3TwOpuY+WTVx8JKZBOsxcSlNahiDuCnoTbL4gZTPnd0pA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1hnarptkze0ujpp05dqr8uma04cxg9zqcx68qgpks5uf5l6rpk5gqhh8wxg
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwbHd4ZHhsTk5leDlreC9E
|
||||
TVAzRXVuS0Judk5zTGVWRVhWSUhpMFdscEg0ClVFYzZYZG9hNjJKTlRVZ1I3eXVq
|
||||
M2Y5by85dE1QM25yQ3g3bFVSL2tsVlkKLS0tIHVYbGxrT0hOQkZ5SHBsQ3UyaVly
|
||||
ZDNHUjE2QVlCV3p0NHdKYW5IMHVBZzQKkZtfyvfroOntg3yRjMw4jQHiQj8eaB2h
|
||||
IeIHfW4y01mmVT2ofbtB0xYpjcl4gtUlQ8X3tn5iJ9P8gcVo0G598A==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-02-26T06:04:25Z"
|
||||
mac: ENC[AES256_GCM,data:2d3i3rcRYrB58vJuyhP4AIB11Ns+zQq0Pli1LF4sAKb75OmJ/qlRcwJKlOCASdY95FfzOQDGjfZheg58fVSd9EbYxX+npMXGUiODa8JRTHgQye3/qjFv14v49zKFJ0dNs13XnOEA4QAry/7gDlb0+M44bNRGPSZSoFX2yJ53smw=,iv:I1YDN6+26BmaWR84kq9zXNXjQ4cRvtzrS2Q13PlUjp0=,tag:sgxcTpOr7T2oXjb5qLRrqw==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
24
devices/xmupc2/secrets/munge.key
Normal file
24
devices/xmupc2/secrets/munge.key
Normal file
@ -0,0 +1,24 @@
|
||||
{
|
||||
"data": "ENC[AES256_GCM,data:tuEymMXW0f7Rui5wrz/xozphTEq6ffkYIfNIoURFNHwH2Cg+aKHz2ox0gk02BJARhPMDrxCYlChkcrEI0ma/T0eBe9sWz3tA8AOwU1lHSZ06d/JWzW7IUIyTac2mnjt3/jY/qpnR4A8wtHwD0j4zkzXgUgFwq7k/fs24acEE4Jo=,iv:iDTS0xswLrwkOYmfomE5hluVONgJYia/RjINDy7T3R0=,tag:oIYNpFCuT2D+X1QEJJiHew==,type:str]",
|
||||
"sops": {
|
||||
"kms": null,
|
||||
"gcp_kms": null,
|
||||
"azure_kv": null,
|
||||
"hc_vault": null,
|
||||
"age": [
|
||||
{
|
||||
"recipient": "age19ax6vm3pv8rph5tq3mmehd9sy9jk823tw8svsd790r0lkslycquqvlwz9m",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3aFRRa0NsOUp5MEg3UHcx\nc3g1VFZEQS9Tci9QSnNFYnIrT3hUdVU5cWxjCnU5UXVEdTFXczJzcHVvSjF2WHdB\nYmpyQVVaUFozKzJIZThBbXUxb2k2YzAKLS0tIHE1QXVrOXo1Y3VXMzJJYitWU3Qv\neDF1cndrSi94clh1cS9NczN0UW9pOXcKtrnIj3WovMYdcg5nWnnyRhJhTGLrlwxW\nxQ6bmNrfbZedmCNdjY2lPXmudMXJ8YlWe/HGCe94x3iFlaSwCIGUsA==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
},
|
||||
{
|
||||
"recipient": "age1hnarptkze0ujpp05dqr8uma04cxg9zqcx68qgpks5uf5l6rpk5gqhh8wxg",
|
||||
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBocFl1SHJEemRySlBnMmNn\nVW9RS1NNdlo4M3l2WGlQaHJmbDBHcjMwaVVnCnY5WExPOXZJVEdYSlJ6UTRBMGJj\ncmlYaUNVV1hnWTNkaWVuV2VuaXN2eU0KLS0tIDBTYnd2NmVYTUJKaHZWRWo3ZlUx\nTEtPZWc2RE1XNG9WTXFOTllWVUVWeUkK+9aLz1rygGAQjpG+oMNUtrDkQaDfg+2q\nnl/CtZZrFD6NXGw6Di0X5t9fQu295NTJ/0qjXnfMigG8gDtxkE+/7g==\n-----END AGE ENCRYPTED FILE-----\n"
|
||||
}
|
||||
],
|
||||
"lastmodified": "2024-02-26T06:04:53Z",
|
||||
"mac": "ENC[AES256_GCM,data:y0RkPyUwwff95BFL951TxS/x5ORzMsxFJVjopSw+8iVtswD8MT1nmsbwyth4C9OnJ/IAtnZk/CjAt72a68AZpPI+2W/JqJq20ohFoquDNhTlsoyLWdO3Vjrd+Wo3hp0+iKQ3e/uYrF1sTqQO9a3OIxu2sVLM0gEDmIe2nJpLJQo=,iv:EjXTQvVdjzfClNfQ3rPxAFVWVqr7sSOz4ap+nshPEAk=,tag:DcIlf9W7NNqQ+gf8f46MwQ==,type:str]",
|
||||
"pgp": null,
|
||||
"unencrypted_suffix": "_unencrypted",
|
||||
"version": "3.8.1"
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user