randomizedcoder · randomizedcoder · Oct 17, 2025 · Oct 15, 2025 · Oct 17, 2025
diff --git a/chromebox/chromebox1/Makefile b/chromebox/chromebox1/Makefile
@@ -0,0 +1,43 @@
+#
+# nixos/chromebox/chromebox1/Makefile
+#
+EXPECTED_HOSTNAME := chromebox1
+
+ACTUAL_HOSTNAME := $(shell hostname)
+
+all: check_hostname rebuild
+
+check_hostname:
+ifeq ($(ACTUAL_HOSTNAME),$(EXPECTED_HOSTNAME))
+	@echo "Hostnames match: $(ACTUAL_HOSTNAME)"
+else
+	@echo "Error: Hostname does not match. Expected: $(EXPECTED_HOSTNAME), Got: $(ACTUAL_HOSTNAME)"
+	@exit 1
+endif
+
+rebuild:
+	#sudo cp /home/das/nixos/modules/* /etc/nixos/
+	#sudo cp ./*.nix /etc/nixos/
+	#sudo nix-channel --update
+	#sudo nixos-rebuild switch
+	sudo nix flake update;
+	#sudo nix-channel --update;
+	sudo nixos-rebuild switch --flake .
+
+anywhere:
+	nix run github:nix-community/nixos-anywhere -- --flake '.#chromebox1' --target-host root@172.16.40.179
+#nix run github:nix-community/nixos-anywhere -- --flake '.#chromebox3' --target-host root@chromebox3
+
+gen_hardware:
+	nix run github:numtide/nixos-anywhere -- -f '.#chromebox1' --generate-hardware-config nixos-generate-config ./hardware-configuration.nix --target-host root@172.16.40.179
+
+# minutes 10:58
+# https://www.youtube.com/watch?v=U_UwzMhixr8
+vmtest:
+	sudo nix flake update;
+	sudo nix flake lock;
+#nix run github:numtide/nixos-anywhere -- -f '.#chromebox1' --vm-test --generate-hardware-config nixos-generate-config ./hardware-configuration.nix
+	nix run github:numtide/nixos-anywhere -- -f '.#chromebox1' --vm-test
+
+sync:
+	rsync -av /home/das/nixos/chromebox/chromebox1/ 172.16.40.179:/home/das/nixos/chromebox/chromebox1/
diff --git a/chromebox/chromebox1/configuration.nix b/chromebox/chromebox1/configuration.nix
@@ -0,0 +1,132 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+# sudo nixos-rebuild switch
+# sudo nix-channel --update
+# nix-shell -p vim
+# nmcli device wifi connect MYSSID password PWORD
+# systemctl restart display-manager.service
+
+{ config, pkgs, ... }:
+
+# https://nixos.wiki/wiki/FAQ#How_can_I_install_a_package_from_unstable_while_remaining_on_the_stable_channel.3F
+# https://discourse.nixos.org/t/differences-between-nix-channels/13998
+
+{
+  # https://nixos.wiki/wiki/NixOS_modules
+  imports =
+    [
+      ./disko-chromebox1.nix
+      #./hardware-configuration.nix
+      ./sysctl.nix
+      ./il8n.nix
+      ./systemPackages.nix
+      ./hosts.nix
+      ./nodeExporter.nix
+      #./docker-daemon.nix
+      #./k8s_master.nix
+      #./k3s_master.nix
+      #./k3s_node.nix
+    ];
+
+  # boot.loader.grub = {
+  #   # no need to set devices, disko will add all devices that have a EF02 partition to the list already
+  #   # devices = [ ];
+  #   efiSupport = true;
+  #   efiInstallAsRemovable = true;
+  # };
+
+  # Use the systemd-boot EFI boot loader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  #boot.loader.efi.canTouchEfiVariables = true;
+
+  # https://nixos.wiki/wiki/Linux_kernel
+  boot.kernelPackages = pkgs.linuxPackages;
+  #boot.kernelPackages = pkgs.linuxPackages_latest;
+
+  nix = {
+    gc = {
+      automatic = true;                     # Enable automatic execution of the task
+      dates = "weekly";                     # Schedule the task to run weekly
+      options = "--delete-older-than 10d";  # Specify options for the task: delete files older than 10 days
+      randomizedDelaySec = "14m";           # Introduce a randomized delay of up to 14 minutes before executing the task
+    };
+    settings = {
+      auto-optimise-store = true;
+      experimental-features = [ "nix-command" "flakes" ];
+    };
+  };
+
+  # https://nixos.wiki/wiki/Networking
+  # https://nlewo.github.io/nixos-manual-sphinx/configuration/ipv4-config.xml.html
+  networking.hostName = "chromebox1";
+
+  services.lldpd.enable = true;
+
+  # Configure network proxy if necessary
+  # networking.proxy.default = "http://user:password@proxy:port/";
+  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+  networking.networkmanager.enable = false;
+
+  # Set your time zone.
+  time.timeZone = "America/Los_Angeles";
+
+  # Enable touchpad support (enabled default in most desktopManager).
+  # services.xserver.libinput.enable = true;
+
+  environment.sessionVariables = {
+    TERM = "xterm-256color";
+    #MY_VARIABLE = "my-value";
+    #ANOTHER_VARIABLE = "another-value";
+  };
+
+  # Define a user account. Don't forget to set a password with ‘passwd’.
+  users.users.das = {
+    isNormalUser = true;
+    description = "das";
+    password = "admin123";
+    extraGroups = [ "wheel" "libvirtd" "docker" "kubernetes" ];
+    # packages = with pkgs; [
+    # ];
+    # https://nixos.wiki/wiki/SSH_public_key_authentication
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGMCFUMSCFJX95eLfm7P9r72NBp9I1FiXwNwJ+x/HGPV das@t"
+    ];
+  };
+
+  # Some programs need SUID wrappers, can be configured further or are
+  # started in user sessions.
+  # programs.mtr.enable = true;
+  # programs.gnupg.agent = {
+  #   enable = true;
+  #   enableSSHSupport = true;
+  # };
+  programs.gnupg.agent = {
+     enable = true;
+     enableSSHSupport = true;
+  };
+
+  services.openssh.enable = true;
+
+  services.timesyncd.enable = true;
+
+  services.fstrim.enable = true;
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "25.05"; # Did you read the comment?
+
+  # virtualisation.libvirtd.enable = true;
+  # programs.virt-manager.enable = true;
+  # services.qemuGuest.enable = true;
+
+  # https://wiki.nixos.org/wiki/Laptop
+}
diff --git a/chromebox/chromebox1/disko-chromebox1.nix b/chromebox/chromebox1/disko-chromebox1.nix
@@ -0,0 +1,85 @@
+#
+# nixos/chromebox/chromebox1
+#
+# Starting point was:
+# https://github.com/nix-community/disko/blob/master/example/lvm-sizes-sort.nix
+#
+# swap
+# https://github.com/nix-community/disko/blob/master/example/swap.nix
+#
+# tmpfs
+# https://github.com/nix-community/disko/blob/master/example/tmpfs.nix
+#
+# Other templates
+# https://github.com/nix-community/disko-templates/blob/main/zfs-impermanence/disko-config.nix
+
+{
+  disko.devices = {
+    disk = {
+      one = {
+        type = "disk";
+        #device = "/dev/vdb"; # --vm-test
+        device = "/dev/sda"; # real
+        content = {
+          type = "gpt";
+          partitions = {
+            boot = {
+              size = "1M";
+              type = "EF02"; # for grub MBR
+            };
+            ESP = {
+              name = "ESP";
+              size = "512M";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+                mountOptions = [ "umask=0077" ];
+              };
+            };
+            primary = {
+              size = "100%";
+              content = {
+                type = "lvm_pv";
+                vg = "pool";
+              };
+            };
+          };
+        };
+      };
+    };
+    lvm_vg = {
+      pool = {
+        type = "lvm_vg";
+        lvs = {
+          swap = {
+            #size = "10%"; # --vm-test
+            size = "32G";
+            content = {
+              type ="swap";
+              #discardPolicy = "both";
+              resumeDevice = true; # resume from hiberation from this device
+            };
+          };
+          root = {
+            size = "90%";
+            content = {
+              type = "filesystem";
+              format = "xfs"; # <---------- xfs!
+              mountpoint = "/";
+              mountOptions = [ "defaults" ];
+              #mountOptions = [ "defaults" "pquota" ];
+            };
+          };
+        };
+      };
+    };
+    # nodev = {
+    #   "/tmp" = {
+    #     fsType = "tmpfs";
+    #     mountOptions = [ "size=200M" ];
+    #   };
+    # };
+  };
+}
diff --git a/chromebox/chromebox1/docker-daemon.nix b/chromebox/chromebox1/docker-daemon.nix
@@ -0,0 +1,27 @@
+
+{ config, pkgs, ... }:
+
+{
+  # https://nixos.wiki/wiki/Docker
+  # https://search.nixos.org/options?from=0&size=50&sort=alpha_asc&query=virtualisation.docker
+  # https://search.nixos.org/options?channel=24.05&show=virtualisation.docker.extraOptions&from=0&size=50&sort=alpha_asc&type=packages&query=virtualisation.docker
+  # https://github.com/NixOS/nixpkgs/issues/68349
+  virtualisation.docker.enable = true;
+  virtualisation.docker.daemon.settings = {
+    data-root = "/home/das/docker/";
+    userland-proxy = false;
+    experimental = true;
+    ipv6 = true;
+    fixed-cidr-v6 = "fd00::/80";
+    metrics-addr = "0.0.0.0:9323";
+    # log-driver = "json-file";
+    # log-opts.max-size = "10m";
+    # log-opts.max-file = "10";
+  };
+  #this doesn't work
+  #virtualisation.docker.daemon.settings.log-opts.max-size = "10m";
+  # https://docs.docker.com/reference/cli/dockerd/
+  #virtualisation.docker.extraOptions = "--userland-proxy=false";
+  #virtualisation.docker.extraOptions = "--log-opt=max-size=10m";
+  #virtualisation.docker.extraOptions = "--ipv6";
+}
diff --git a/chromebox/chromebox1/flake.lock b/chromebox/chromebox1/flake.lock