2 files changed, 188 insertions, 0 deletions

diff --git a/configuration.nix b/configuration.nix
new file mode 100644
index 0000000..8bb2a7c
--- /dev/null
+++ b/configuration.nix
@@ -0,0 +1,125 @@
+{ lib, config, pkgs, modulesPath, ... }:
+let
+  kentSshKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICzXYZ0uwhhyOeHSBHSGQF+Y++qyoLEuyWnmF3/BJ5jp kent";
+  ciSshKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBoe/bwC67CzRrnWzAP/qMeiVzp0RhHxFkLzM1DSxuvw ci";
+in
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "nvme" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-label/root";
+      fsType = "xfs";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-label/boot";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices = [ ];
+
+  networking.useDHCP = lib.mkDefault true;
+  nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
+  boot.swraid.enable = true;
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = false;
+
+  networking.hostName = "nixos";
+  
+  console = {
+    font = "Lat2-Terminus16";
+    keyMap = "dvorak";
+  };
+
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  services.openssh.enable = true;
+
+  users.users = { 
+    root = {
+      openssh.authorizedKeys.keys = [ kentSshKey ];
+    };
+
+    kent = {
+      isNormalUser = true;
+      openssh.authorizedKeys.keys = [ kentSshKey ];
+    };
+
+    testdashboard = {
+      isNormalUser = true;
+      openssh.authorizedKeys.keys = [ ciSshKey ];
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    pciutils
+    killall
+    file
+    schedtool
+    nix-prefetch-github
+    usbutils
+    lsof
+    smem
+    sysstat
+    wget
+    gnupg
+    git
+    htop
+    moreutils
+
+    direnv
+    tmux
+
+    irssi
+    vim
+
+    # ktest / dev
+    brotli
+    config.boot.kernelPackages.perf
+    getopt
+    flex
+    bison
+    gcc
+    clang
+    gdb
+    gnumake
+    bc
+    pkg-config
+    binutils
+    (python3.withPackages (p: with p; [ ply GitPython ]))
+    pahole
+    qemu
+    nixos-shell
+    minicom
+    socat
+    vde2
+    elfutils
+    ncurses
+    openssl
+    zlib
+    lcov
+  ];
+  
+  nix = {
+    daemonCPUSchedPolicy = "idle";
+    settings = {
+      auto-optimise-store = true;
+      trusted-users = [ "@wheel" ];
+    };
+    extraOptions = ''
+      experimental-features = nix-command flakes
+    '';
+  };
+
+  system.stateVersion = "22.05";
+}
+
diff --git a/provision.sh b/provision.sh
new file mode 100755
index 0000000..7a19796
--- /dev/null
+++ b/provision.sh
@@ -0,0 +1,63 @@
+#!/usr/bin/env bash
+
+set -o errexit
+
+if [[ ! -v 1 ]]; then
+    echo "please supply a name for the new machine"
+    exit 1
+fi
+
+modprobe vfat
+modprobe nls_cp437
+modprobe nls_iso8859_1
+
+for i in `seq 0 1`; do
+    dev=/dev/nvme${i}n1
+
+    sfdisk $dev << EOF
+    label: gpt
+    label-id: 591FD8E0-4CDB-4F4F-A59E-AC8D9D129CF1
+    device: /dev/nvme0n1
+    unit: sectors
+    first-lba: 2048
+    last-lba: 7501476494
+    sector-size: 512
+
+    /dev/nvme0n1p1 : start=        2048, size=     2097152, type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B, uuid=5F5806A4-0D71-E84E-80F2-E0C4BDB45368
+    /dev/nvme0n1p2 : start=     2099200, size=    33554432, type=0657FD6D-A4AB-43C4-84E5-0933C84B4F4F, uuid=F4C86757-DC77-6947-AAB7-7D8D61B72A41
+    /dev/nvme0n1p3 : start=    35653632, size=  7465822208, type=A19D880F-05FC-4D3B-A006-743F0F84911E, uuid=D3C2B7ED-DED3-354B-880D-018B4D00829F
+EOF
+
+    sleep 1
+    mkswap -L swap${i} ${dev}p2
+#    swapon ${dev}p2
+done
+
+mdadm --create --force -n2 -l0 /dev/md0 /dev/nvme0n1p3 /dev/nvme1n1p3
+mkfs.xfs -f -L root /dev/md0
+mount /dev/md0 /mnt
+
+mkdir -p /mnt/boot
+mkfs.fat -F 32 -n boot /dev/nvme0n1p1
+mount -o umask=077 /dev/disk/by-label/boot /mnt/boot
+
+mkdir -p inst /mnt/nix /mnt/etc/nixos
+
+cp configuration.nix /mnt/etc/nixos
+
+# Replace host name.
+sed -i 's/  networking.hostName = "nixos";/ networking.hostName = "'$1'";/' /mnt/etc/nixos/configuration.nix
+
+cd /mnt
+mkdir -p etc dev mnt proc sys
+cp /etc/resolv.conf etc
+
+for fn in dev proc sys; do mount --bind "/${fn}" "${fn}"; done
+
+curl -L https://nixos.org/nix/install | sh -s -- --daemon
+. $HOME/.nix-profile/etc/profile.d/nix.sh
+nix-channel --add https://nixos.org/channels/nixos-24.05 nixpkgs
+nix-channel --update
+
+nix-env -f '<nixpkgs>' -iA nixos-install-tools
+nixos-install --no-root-password