From 0f7f9585b3f4fe53df75b36deba76812ca8afc55 Mon Sep 17 00:00:00 2001 From: Hektor Misplon Date: Sun, 1 Feb 2026 22:56:12 +0100 Subject: [PATCH] feat(host): add 'eetion' host (as a test for Orange Pi Zero2 H616) --- deploy/colmena.nix | 29 +++++++++++++---- flake.nix | 9 +++++- hosts/andromache/default.nix | 2 ++ hosts/eetion/default.nix | 62 ++++++++++++++++++++++++++++++++++++ hosts/eetion/hard.nix | 22 +++++++++++++ 5 files changed, 117 insertions(+), 7 deletions(-) create mode 100644 hosts/eetion/default.nix create mode 100644 hosts/eetion/hard.nix diff --git a/deploy/colmena.nix b/deploy/colmena.nix index 0eb7153..85d893c 100644 --- a/deploy/colmena.nix +++ b/deploy/colmena.nix @@ -19,10 +19,27 @@ inputs.colmena.lib.makeHive { vm.deployment.tags = [ "local" ]; - hecuba.deployment = { - targetHost = "hecuba"; - targetUser = "username"; - targetPort = 22; - tags = [ "cloud" ]; - }; + hecuba = + { ... }: + { + imports = [ ../hosts/hecuba ]; + deployment = { + targetHost = "hecuba"; + targetUser = "username"; + targetPort = 22; + tags = [ "cloud" ]; + }; + }; + + eetion = + { ... }: + { + imports = [ ../hosts/eetion ]; + deployment = { + targetHost = "eetion"; + targetUser = "h"; + targetPort = 22; + tags = [ "arm" ]; + }; + }; } diff --git a/flake.nix b/flake.nix index 3256125..df961fb 100644 --- a/flake.nix +++ b/flake.nix @@ -77,7 +77,7 @@ "nixpkgs=${inputs.nixpkgs}" ]; # nixosConfigurations = - (lib.genAttrs hostDirNames ( + (lib.genAttrs (lib.filter (h: h != "eetion") hostDirNames) ( host: nixpkgs.lib.nixosSystem { modules = [ ./hosts/${host} ]; @@ -87,6 +87,13 @@ } )) // { + eetion = nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = [ ./hosts/eetion ]; + specialArgs = { + inherit inputs outputs dotsPath; + }; + }; sd-image-aarch64 = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ diff --git a/hosts/andromache/default.nix b/hosts/andromache/default.nix index 0fb9800..b7b67a4 100644 --- a/hosts/andromache/default.nix +++ b/hosts/andromache/default.nix @@ -90,6 +90,8 @@ in }; }; + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + environment.systemPackages = [ inputs.colmena.packages.${pkgs.system}.colmena ]; diff --git a/hosts/eetion/default.nix b/hosts/eetion/default.nix new file mode 100644 index 0000000..b2b7fd4 --- /dev/null +++ b/hosts/eetion/default.nix @@ -0,0 +1,62 @@ +{ pkgs, ... }: + +# Orange Pi Zero2 H616 +# See + +let + username = "h"; + hostName = "eetion"; +in +{ + imports = [ + ./hard.nix + ../../modules/ssh/hardened-openssh.nix + ]; + + ssh.username = username; + ssh.authorizedHosts = [ + "andromache" + "astyanax" + ]; + + boot.loader = { + grub.enable = false; + generic-extlinux-compatible.enable = true; + }; + + networking.hostName = hostName; + networking.networkmanager.enable = true; + + users.users = { + root.hashedPassword = "!"; + ${username} = { + isNormalUser = true; + extraGroups = [ "wheel" ]; + }; + }; + + security.sudo.wheelNeedsPassword = false; + + services.openssh = { + enable = true; + harden = true; + }; + + environment.systemPackages = with pkgs; [ + vim + git + ]; + + nix.settings = { + experimental-features = [ + "nix-command" + "flakes" + ]; + trusted-users = [ + "root" + "@wheel" + ]; + }; + + system.stateVersion = "26.05"; +} diff --git a/hosts/eetion/hard.nix b/hosts/eetion/hard.nix new file mode 100644 index 0000000..b1d7022 --- /dev/null +++ b/hosts/eetion/hard.nix @@ -0,0 +1,22 @@ +{ lib, modulesPath, ... }: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-label/NIXOS_SD"; + fsType = "ext4"; + options = [ "noatime" ]; + }; + + swapDevices = [ ]; + + nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; +}