host: add homeless

system-nix/flake.nix

@@ -97,6 +97,55 @@
           };
         };
       };
+      nixosConfigurations.homeless = nixpkgs.lib.nixosSystem {
+        system = "x86_64-linux";
+        modules = [
+          ./configuration.nix
+        ];
+        specialArgs = {
+          hostname = "homeless";
+          _networking = {
+            firewall = {
+              enable = false;
+              allowedTCPPorts = [ 80 443 ];
+            };
+            useDHCP = false;
+            interfaces.eth0.useDHCP = true;
+          };
+          _boot.loader.grub.enable = true;
+          _boot.loader.grub.version = 2;
+          _services.openssh = {
+            permitRootLogin = "no";
+            enable = true;
+          };
+          _services.gitea = {
+            enable = true;
+            stateDir = "/gitea";
+            rootUrl = "https://git.pegasust.com";
+            settings = {
+              repository = {
+                "ENABLE_PUSH_CREATE_USER" = true;
+                "ENABLE_PUSH_CREATE_ORG" = true;
+              };
+            };
+          };
+          _services.nginx = {
+            enable = true;
+            clientMaxBodySize = "100m"; # Allow big file transfers over git :^)
+            recommendedGzipSettings = true;
+            recommendedOptimisation = true;
+            recommendedProxySettings = true;
+            recommendedTlsSettings = true;
+            virtualHosts."git.pegasust.com" = {
+              # Gitea hostname
+              sslCertificate = "/var/lib/acme/git.pegasust.com/fullchain.pem";
+              sslCertificateKey = "/var/lib/acme/git.pegasust.com/key.pem";
+              forceSSL = true; # Runs on port 80 and 443
+              locations."/".proxyPass = "http://localhost:3000/"; # Proxy to Gitea
+            };
+          };
+        };
+      };
       nixosConfigurations.nyx = nixpkgs.lib.nixosSystem {
         system = "x86_64-linux";
         modules = [

system-nix/hardware-configuration.nix

@@ -0,0 +1,42 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelParams = [ "console=ttyS0,19200n8" ];
+  boot.loader.grub.extraConfig = ''
+    serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
+    terminal_input serial;
+    terminal_output serial
+  '';
+  boot.loader.grub.forceInstall = true;
+  boot.loader.grub.device = "nodev";
+  boot.loader.timeout = 10;
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/sda";
+      fsType = "ext4";
+    };
+
+  swapDevices =
+    [ { device = "/dev/sdb"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp0s5.useDHCP = lib.mkDefault true;
+
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

system-nix/profiles/homeless/hardware-configuration.nix

@@ -0,0 +1,42 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelParams = [ "console=ttyS0,19200n8" ];
+  boot.loader.grub.extraConfig = ''
+    serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
+    terminal_input serial;
+    terminal_output serial
+  '';
+  boot.loader.grub.forceInstall = true;
+  boot.loader.grub.device = "nodev";
+  boot.loader.timeout = 10;
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/sda";
+      fsType = "ext4";
+    };
+
+  swapDevices =
+    [ { device = "/dev/sdb"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp0s5.useDHCP = lib.mkDefault true;
+
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}