diff options
| author | Jake Zerrer <him@jakezerrer.com> | 2025-11-30 10:49:34 -0500 |
|---|---|---|
| committer | Jake Zerrer <him@jakezerrer.com> | 2025-11-30 12:32:15 -0500 |
| commit | 106bb76d1ed738f38512665ef3c173629cfc75a2 (patch) | |
| tree | 950cf71d5f5a39415d28edf8f3e2d2e00533e9dc | |
| parent | d4369a77d4539725e5e018639101ea4f2d43317f (diff) | |
Create nix server
Create nix server
| -rw-r--r-- | server/.sops.yaml | 12 | ||||
| -rw-r--r-- | server/SETUP.md | 47 | ||||
| -rw-r--r-- | server/bootstrap.nix | 33 | ||||
| -rw-r--r-- | server/disk-config.nix | 41 | ||||
| -rw-r--r-- | server/facter.json | 3022 | ||||
| -rw-r--r-- | server/flake.lock | 120 | ||||
| -rw-r--r-- | server/flake.nix | 73 | ||||
| -rw-r--r-- | server/secrets/secrets.yaml | 25 | ||||
| -rw-r--r-- | server/server.nix | 31 |
9 files changed, 3404 insertions, 0 deletions
diff --git a/server/.sops.yaml b/server/.sops.yaml new file mode 100644 index 0000000..de3a53b --- /dev/null +++ b/server/.sops.yaml @@ -0,0 +1,12 @@ +keys: + - &users: + - &jake age180u4qm6nj3uq4w2ytw26v8n6gjxnvhxwwu8gvkcjta56xd5c79eqvmrumf + - &servers: + - &jakezerrer age1jpj75ma6zv8w6242jl8gt99lee6jlwyna8zh0xvfe0e5yp7hvchswkty0r + +creation_rules: + - path_regex: secrets/.*\.(yaml|json|env|ini)$ + key_groups: + - age: + - *jake + - *jakezerrer diff --git a/server/SETUP.md b/server/SETUP.md new file mode 100644 index 0000000..d187db0 --- /dev/null +++ b/server/SETUP.md @@ -0,0 +1,47 @@ +# Bootstrapping nix on a hetzner VM + +## Step 1 + +Create VM on Hetzner using the console. Be sure to provide the +SSH key that is present on the computer that you will be installing +from. Choose Ubuntu as the OS. + +## Step 2 + +Next, we'll use nixos-anywhere to swap ubuntu for nixos. + +```sh +SERVER_ADDRESS=46.62.232.180 +nix run github:nix-community/nixos-anywhere -- --flake .#bootstrap --generate-hardware-config nixos-facter ./facter.json --target-host root@$SERVER_ADDRESS --build-on remote +``` + +Secrets are committed to this repo. They are encrypted using +the server's SSH key. When we bootstrap a new server, it will +have a new SSH key, so we need to re-encrypt the secrets file. + +```sh +# activate our nix development environment, which includes +# commands necessary for encrypting and descrypting keys +nix develop + +# Copy the SSH key out from the server and convert it to the age format +ssh-keyscan $SERVER_ADDRESS | ssh-to-age 2>1 + +``` +Edit edit secrets/.sops.yaml, setting the server's age key. +Then, run: + +```sh +sops updatekeys secrets/secrets.yaml +``` + +(Aside: I created the original empty secrets file by running +`sops edit secrets/secrets.yaml`.) + +## Step 3 + +Finally, deploy the complete server configuration. + +```sh +nixos-rebuild-ng switch --flake .#server --target-host root@$SERVER_ADDRESS --build-host root@$SERVER_ADDRESS +``` diff --git a/server/bootstrap.nix b/server/bootstrap.nix new file mode 100644 index 0000000..32b65ff --- /dev/null +++ b/server/bootstrap.nix @@ -0,0 +1,33 @@ +{ + config, + modulesPath, + lib, + pkgs, + ... +}@args: +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + (modulesPath + "/profiles/qemu-guest.nix") + ./disk-config.nix + ]; + networking.useDHCP = lib.mkDefault true; + networking.hostName = "jakezerrer"; + + boot.loader.grub.enable = true; + + services.openssh = { + enable = true; + }; + + networking.firewall = { + enable = true; + allowedTCPPorts = [ 22 ]; + }; + + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINPtvI9cG6YLKUWY3R4vg/ky2wAV0izTAkMgWiOS8Tzr him@jakezerrer.com" + ]; + + system.stateVersion = "24.05"; +} diff --git a/server/disk-config.nix b/server/disk-config.nix new file mode 100644 index 0000000..db0963f --- /dev/null +++ b/server/disk-config.nix @@ -0,0 +1,41 @@ +{ + disko.devices = { + disk = { + nvme0 = { + device = "/dev/sda"; + type = "disk"; + content = { + type = "gpt"; + partitions = { + boot = { + size = "1M"; + type = "EF02"; + priority = 1; + }; + ESP = { + type = "EF00"; + size = "500M"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + root = { + size = "100%"; + content = { + type = "btrfs"; + extraArgs = [ "-f" ]; + subvolumes = { + "/rootfs" = { + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/server/facter.json b/server/facter.json new file mode 100644 index 0000000..8653a0d --- /dev/null +++ b/server/facter.json @@ -0,0 +1,3022 @@ +{ + "version": 1, + "system": "x86_64-linux", + "virtualisation": "kvm", + "hardware": { + "bios": { + "apm_info": { + "supported": false, + "enabled": false, + "version": 0, + "sub_version": 0, + "bios_flags": 0 + }, + "vbe_info": { + "version": 0, + "video_memory": 0 + }, + "pnp": true, + "pnp_id": 0, + "lba_support": false, + "low_memory_size": 654336, + "smbios_version": 768 + }, + "bridge": [ + { + "index": 10, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "000c", + "value": 12 + }, + "sub_device": { + "hex": "0000", + "value": 0 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:02.7", + "sysfs_bus_id": "0000:00:02.7", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4271996928, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 7, + "command": 1287, + "header_type": 1, + "secondary_bus": 8, + "irq": 22, + "prog_if": 0 + }, + "driver": "pcieport", + "driver_module": "pcieportdrv", + "drivers": [ + "pcieport" + ], + "driver_modules": [ + "pcieportdrv" + ], + "module_alias": "pci:v00001B36d0000000Csv00001B36sd00000000bc06sc04i00" + }, + { + "index": 11, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 31 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0001", + "name": "ISA bridge", + "value": 1 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "2918", + "value": 10520 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0002", + "value": 2 + }, + "model": "Intel ISA bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:1f.0", + "sysfs_bus_id": "0000:00:1f.0", + "detail": { + "function": 0, + "command": 259, + "header_type": 0, + "secondary_bus": 0, + "irq": 0, + "prog_if": 0 + }, + "driver": "lpc_ich", + "driver_module": "lpc_ich", + "drivers": [ + "lpc_ich" + ], + "driver_modules": [ + "lpc_ich" + ], + "module_alias": "pci:v00008086d00002918sv00001AF4sd00001100bc06sc01i00" + }, + { + "index": 12, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "000c", + "value": 12 + }, + "sub_device": { + "hex": "0000", + "value": 0 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:02.5", + "sysfs_bus_id": "0000:00:02.5", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4271988736, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 5, + "command": 1287, + "header_type": 1, + "secondary_bus": 6, + "irq": 22, + "prog_if": 0 + }, + "driver": "pcieport", + "driver_module": "pcieportdrv", + "drivers": [ + "pcieport" + ], + "driver_modules": [ + "pcieportdrv" + ], + "module_alias": "pci:v00001B36d0000000Csv00001B36sd00000000bc06sc04i00" + }, + { + "index": 15, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "000c", + "value": 12 + }, + "sub_device": { + "hex": "0000", + "value": 0 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:02.3", + "sysfs_bus_id": "0000:00:02.3", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4271980544, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 3, + "command": 1287, + "header_type": 1, + "secondary_bus": 4, + "irq": 22, + "prog_if": 0 + }, + "driver": "pcieport", + "driver_module": "pcieportdrv", + "drivers": [ + "pcieport" + ], + "driver_modules": [ + "pcieportdrv" + ], + "module_alias": "pci:v00001B36d0000000Csv00001B36sd00000000bc06sc04i00" + }, + { + "index": 17, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "000c", + "value": 12 + }, + "sub_device": { + "hex": "0000", + "value": 0 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:02.1", + "sysfs_bus_id": "0000:00:02.1", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4271972352, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 1, + "command": 1287, + "header_type": 1, + "secondary_bus": 2, + "irq": 22, + "prog_if": 0 + }, + "driver": "pcieport", + "driver_module": "pcieportdrv", + "drivers": [ + "pcieport" + ], + "driver_modules": [ + "pcieportdrv" + ], + "module_alias": "pci:v00001B36d0000000Csv00001B36sd00000000bc06sc04i00" + }, + { + "index": 19, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0000", + "name": "Host bridge", + "value": 0 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "29c0", + "value": 10688 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "model": "Intel Host bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:00.0", + "sysfs_bus_id": "0000:00:00.0", + "detail": { + "function": 0, + "command": 259, + "header_type": 0, + "secondary_bus": 0, + "irq": 0, + "prog_if": 0 + }, + "module_alias": "pci:v00008086d000029C0sv00001AF4sd00001100bc06sc00i00" + }, + { + "index": 21, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 3 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "000c", + "value": 12 + }, + "sub_device": { + "hex": "0000", + "value": 0 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:03.0", + "sysfs_bus_id": "0000:00:03.0", + "resources": [ + { + "type": "irq", + "base": 23, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4272001024, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1287, + "header_type": 1, + "secondary_bus": 9, + "irq": 23, + "prog_if": 0 + }, + "driver": "pcieport", + "driver_module": "pcieportdrv", + "drivers": [ + "pcieport" + ], + "driver_modules": [ + "pcieportdrv" + ], + "module_alias": "pci:v00001B36d0000000Csv00001B36sd00000000bc06sc04i00" + }, + { + "index": 22, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "000c", + "value": 12 + }, + "sub_device": { + "hex": "0000", + "value": 0 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:02.6", + "sysfs_bus_id": "0000:00:02.6", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4271992832, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 6, + "command": 1287, + "header_type": 1, + "secondary_bus": 7, + "irq": 22, + "prog_if": 0 + }, + "driver": "pcieport", + "driver_module": "pcieportdrv", + "drivers": [ + "pcieport" + ], + "driver_modules": [ + "pcieportdrv" + ], + "module_alias": "pci:v00001B36d0000000Csv00001B36sd00000000bc06sc04i00" + }, + { + "index": 23, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "000c", + "value": 12 + }, + "sub_device": { + "hex": "0000", + "value": 0 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:02.4", + "sysfs_bus_id": "0000:00:02.4", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4271984640, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 4, + "command": 1287, + "header_type": 1, + "secondary_bus": 5, + "irq": 22, + "prog_if": 0 + }, + "driver": "pcieport", + "driver_module": "pcieportdrv", + "drivers": [ + "pcieport" + ], + "driver_modules": [ + "pcieportdrv" + ], + "module_alias": "pci:v00001B36d0000000Csv00001B36sd00000000bc06sc04i00" + }, + { + "index": 25, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "000c", + "value": 12 + }, + "sub_device": { + "hex": "0000", + "value": 0 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:02.2", + "sysfs_bus_id": "0000:00:02.2", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4271976448, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 2, + "command": 1287, + "header_type": 1, + "secondary_bus": 3, + "irq": 22, + "prog_if": 0 + }, + "driver": "pcieport", + "driver_module": "pcieportdrv", + "drivers": [ + "pcieport" + ], + "driver_modules": [ + "pcieportdrv" + ], + "module_alias": "pci:v00001B36d0000000Csv00001B36sd00000000bc06sc04i00" + }, + { + "index": 27, + "attached_to": 0, + "class_list": [ + "pci", + "bridge" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 2 + }, + "base_class": { + "hex": "0006", + "name": "Bridge", + "value": 6 + }, + "sub_class": { + "hex": "0004", + "name": "PCI bridge", + "value": 4 + }, + "pci_interface": { + "hex": "0000", + "name": "Normal decode", + "value": 0 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1b36", + "value": 6966 + }, + "device": { + "hex": "000c", + "value": 12 + }, + "sub_device": { + "hex": "0000", + "value": 0 + }, + "model": "PCI bridge", + "sysfs_id": "/devices/pci0000:00/0000:00:02.0", + "sysfs_bus_id": "0000:00:02.0", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4271968256, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1287, + "header_type": 1, + "secondary_bus": 1, + "irq": 22, + "prog_if": 0 + }, + "driver": "pcieport", + "driver_module": "pcieportdrv", + "drivers": [ + "pcieport" + ], + "driver_modules": [ + "pcieportdrv" + ], + "module_alias": "pci:v00001B36d0000000Csv00001B36sd00000000bc06sc04i00" + } + ], + "cdrom": [ + { + "index": 36, + "attached_to": 9, + "class_list": [ + "cdrom", + "scsi", + "block_device" + ], + "bus_type": { + "hex": "0084", + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 1, + "number": 0 + }, + "base_class": { + "hex": "0106", + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "hex": "0002", + "name": "CD-ROM", + "value": 2 + }, + "pci_interface": { + "hex": "0003", + "name": "DVD", + "value": 3 + }, + "vendor": { + "hex": "0000", + "name": "QEMU", + "value": 0 + }, + "device": { + "hex": "0000", + "name": "QEMU DVD-ROM", + "value": 0 + }, + "revision": { + "hex": "0000", + "name": "2.5+", + "value": 0 + }, + "model": "QEMU DVD-ROM", + "sysfs_id": "/class/block/sr0", + "sysfs_bus_id": "1:0:0:0", + "sysfs_device_link": "/devices/pci0000:00/0000:00:1f.2/ata1/host1/target1:0:0/1:0:0:0", + "unix_device_name": "/dev/sr0", + "unix_device_number": { + "type": 98, + "major": 11, + "minor": 0, + "range": 1 + }, + "unix_device_names": [ + "/dev/cdrom", + "/dev/disk/by-id/ata-QEMU_DVD-ROM_QM00001", + "/dev/disk/by-path/pci-0000:00:1f.2-ata-1", + "/dev/disk/by-path/pci-0000:00:1f.2-ata-1.0", + "/dev/sr0" + ], + "unix_device_name2": "/dev/sg1", + "unix_device_number2": { + "type": 99, + "major": 21, + "minor": 1, + "range": 1 + }, + "driver": "ahci", + "driver_module": "ahci", + "drivers": [ + "ahci", + "sr" + ], + "driver_modules": [ + "ahci", + "sr_mod" + ] + } + ], + "cpu": [ + { + "architecture": "x86_64", + "vendor_name": "AuthenticAMD", + "family": 23, + "model": 49, + "stepping": 0, + "features": [ + "fpu", + "vme", + "de", + "pse", + "tsc", + "msr", + "pae", + "mce", + "cx8", + "apic", + "sep", + "mtrr", + "pge", + "mca", + "cmov", + "pat", + "pse36", + "clflush", + "mmx", + "fxsr", + "sse", + "sse2", + "ht", + "syscall", + "nx", + "mmxext", + "fxsr_opt", + "pdpe1gb", + "rdtscp", + "lm", + "rep_good", + "nopl", + "xtopology", + "cpuid", + "extd_apicid", + "tsc_known_freq", + "pni", + "pclmulqdq", + "ssse3", + "fma", + "cx16", + "sse4_1", + "sse4_2", + "x2apic", + "movbe", + "popcnt", + "aes", + "xsave", + "avx", + "f16c", + "rdrand", + "hypervisor", + "lahf_lm", + "cmp_legacy", + "cr8_legacy", + "abm", + "sse4a", + "misalignsse", + "3dnowprefetch", + "osvw", + "topoext", + "perfctr_core", + "ssbd", + "ibrs", + "ibpb", + "stibp", + "vmmcall", + "fsgsbase", + "bmi1", + "avx2", + "smep", + "bmi2", + "rdseed", + "adx", + "smap", + "clflushopt", + "clwb", + "sha_ni", + "xsaveopt", + "xsavec", + "xgetbv1", + "clzero", + "xsaveerptr", + "wbnoinvd", + "arat", + "umip", + "rdpid" + ], + "bugs": [ + "sysret_ss_attrs", + "null_seg", + "spectre_v1", + "spectre_v2", + "spec_store_bypass", + "retbleed", + "smt_rsb", + "srso", + "ibpb_no_ret" + ], + "bogo": 4990.62, + "cache": 512, + "units": 4, + "physical_id": 0, + "siblings": 4, + "cores": 4, + "fpu": true, + "fpu_exception": true, + "cpuid_level": 13, + "write_protect": false, + "tlb_size": 1024, + "clflush_size": 64, + "cache_alignment": 64, + "address_sizes": { + "physical": "0x28", + "virtual": "0x30" + } + } + ], + "disk": [ + { + "index": 37, + "attached_to": 32, + "class_list": [ + "disk", + "scsi", + "block_device" + ], + "bus_type": { + "hex": "0084", + "name": "SCSI", + "value": 132 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "0106", + "name": "Mass Storage Device", + "value": 262 + }, + "sub_class": { + "hex": "0000", + "name": "Disk", + "value": 0 + }, + "vendor": { + "hex": "0000", + "name": "QEMU", + "value": 0 + }, + "device": { + "hex": "0000", + "name": "QEMU HARDDISK", + "value": 0 + }, + "revision": { + "hex": "0000", + "name": "2.5+", + "value": 0 + }, + "model": "QEMU HARDDISK", + "sysfs_id": "/class/block/sda", + "sysfs_bus_id": "0:0:0:0", + "sysfs_device_link": "/devices/pci0000:00/0000:00:02.5/0000:06:00.0/virtio5/host0/target0:0:0/0:0:0:0", + "unix_device_name": "/dev/sda", + "unix_device_number": { + "type": 98, + "major": 8, + "minor": 0, + "range": 16 + }, + "unix_device_names": [ + "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_107499753", + "/dev/disk/by-path/pci-0000:06:00.0-scsi-0:0:0:0", + "/dev/sda" + ], + "unix_device_name2": "/dev/sg0", + "unix_device_number2": { + "type": 99, + "major": 21, + "minor": 0, + "range": 1 + }, + "rom_id": "0x80", + "resources": [ + { + "type": "disk_geo", + "cylinders": 9959, + "heads": 255, + "sectors": 63, + "size": "0x0", + "geo_type": "logical" + }, + { + "type": "size", + "unit": "sectors", + "value_1": 160006144, + "value_2": 512 + } + ], + "driver": "virtio_scsi", + "driver_module": "virtio_scsi", + "drivers": [ + "sd", + "virtio_scsi" + ], + "driver_modules": [ + "sd_mod", + "virtio_scsi" + ] + } + ], + "graphics_card": [ + { + "index": 14, + "attached_to": 0, + "class_list": [ + "graphics_card", + "pci" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 1 + }, + "base_class": { + "hex": "0003", + "name": "Display controller", + "value": 3 + }, + "sub_class": { + "hex": "0000", + "name": "VGA compatible controller", + "value": 0 + }, + "pci_interface": { + "hex": "0000", + "name": "VGA", + "value": 0 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1050", + "value": 4176 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0001", + "value": 1 + }, + "model": "VGA compatible controller", + "sysfs_id": "/devices/pci0000:00/0000:00:01.0", + "sysfs_bus_id": "0000:00:01.0", + "resources": [ + { + "type": "irq", + "base": 21, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4244635648, + "range": 8388608, + "enabled": true, + "access": "read_only", + "prefetch": "no" + }, + { + "type": "mem", + "base": 4271964160, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 786432, + "range": 131072, + "enabled": false, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 829465559040, + "range": 16384, + "enabled": true, + "access": "read_only", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1287, + "header_type": 0, + "secondary_bus": 0, + "irq": 21, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": [ + "virtio-pci" + ], + "driver_modules": [ + "virtio_pci" + ], + "module_alias": "pci:v00001AF4d00001050sv00001AF4sd00001100bc03sc00i00" + } + ], + "hub": [ + { + "index": 38, + "attached_to": 13, + "class_list": [ + "usb", + "hub" + ], + "bus_type": { + "hex": "0086", + "name": "USB", + "value": 134 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "010a", + "name": "Hub", + "value": 266 + }, + "vendor": { + "hex": "1d6b", + "name": "Linux 6.14.10 xhci-hcd", + "value": 7531 + }, + "device": { + "hex": "0002", + "name": "xHCI Host Controller", + "value": 2 + }, + "revision": { + "hex": "0000", + "name": "6.14", + "value": 0 + }, + "serial": "0000:02:00.0", + "model": "Linux 6.14.10 xhci-hcd xHCI Host Controller", + "sysfs_id": "/devices/pci0000:00/0000:00:02.1/0000:02:00.0/usb1/1-0:1.0", + "sysfs_bus_id": "1-0:1.0", + "resources": [ + { + "type": "baud", + "speed": 480000000, + "bits": 0, + "stop_bits": 0, + "parity": 0, + "handshake": 0 + } + ], + "detail": { + "device_class": { + "hex": "0009", + "name": "hub", + "value": 9 + }, + "device_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "device_protocol": 1, + "interface_class": { + "hex": "0009", + "name": "hub", + "value": 9 + }, + "interface_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "interface_protocol": 0, + "interface_number": 0, + "interface_alternate_setting": 0 + }, + "hotplug": "usb", + "driver": "hub", + "driver_module": "usbcore", + "drivers": [ + "hub" + ], + "driver_modules": [ + "usbcore" + ], + "module_alias": "usb:v1D6Bp0002d0614dc09dsc00dp01ic09isc00ip00in00" + }, + { + "index": 40, + "attached_to": 13, + "class_list": [ + "usb", + "hub" + ], + "bus_type": { + "hex": "0086", + "name": "USB", + "value": 134 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "010a", + "name": "Hub", + "value": 266 + }, + "vendor": { + "hex": "1d6b", + "name": "Linux 6.14.10 xhci-hcd", + "value": 7531 + }, + "device": { + "hex": "0003", + "name": "xHCI Host Controller", + "value": 3 + }, + "revision": { + "hex": "0000", + "name": "6.14", + "value": 0 + }, + "serial": "0000:02:00.0", + "model": "Linux 6.14.10 xhci-hcd xHCI Host Controller", + "sysfs_id": "/devices/pci0000:00/0000:00:02.1/0000:02:00.0/usb2/2-0:1.0", + "sysfs_bus_id": "2-0:1.0", + "detail": { + "device_class": { + "hex": "0009", + "name": "hub", + "value": 9 + }, + "device_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "device_protocol": 3, + "interface_class": { + "hex": "0009", + "name": "hub", + "value": 9 + }, + "interface_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "interface_protocol": 0, + "interface_number": 0, + "interface_alternate_setting": 0 + }, + "hotplug": "usb", + "driver": "hub", + "driver_module": "usbcore", + "drivers": [ + "hub" + ], + "driver_modules": [ + "usbcore" + ], + "module_alias": "usb:v1D6Bp0003d0614dc09dsc00dp03ic09isc00ip00in00" + } + ], + "memory": [ + { + "index": 7, + "attached_to": 0, + "class_list": [ + "memory" + ], + "base_class": { + "hex": "0101", + "name": "Internally Used Class", + "value": 257 + }, + "sub_class": { + "hex": "0002", + "name": "Main Memory", + "value": 2 + }, + "model": "Main Memory", + "resources": [ + { + "type": "mem", + "base": 0, + "range": 8130957312, + "enabled": true, + "access": "read_write", + "prefetch": "unknown" + }, + { + "type": "phys_mem", + "range": 8053063680 + } + ] + } + ], + "monitor": [ + { + "index": 34, + "attached_to": 14, + "class_list": [ + "monitor" + ], + "base_class": { + "hex": "0100", + "name": "Monitor", + "value": 256 + }, + "sub_class": { + "hex": "0002", + "name": "LCD Monitor", + "value": 2 + }, + "vendor": { + "hex": "4914", + "value": 18708 + }, + "device": { + "hex": "1234", + "name": "QEMU Monitor", + "value": 4660 + }, + "serial": "0", + "model": "QEMU Monitor", + "resources": [ + { + "type": "monitor", + "width": 1024, + "height": 768, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 1280, + "height": 800, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 1600, + "height": 1200, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 1920, + "height": 1080, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 2048, + "height": 1152, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 640, + "height": 480, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "monitor", + "width": 800, + "height": 600, + "vertical_frequency": 60, + "interlaced": false + }, + { + "type": "size", + "unit": "mm", + "value_1": 325, + "value_2": 203 + } + ], + "detail": { + "manufacture_year": 2014, + "manufacture_week": 42, + "vertical_sync": { + "min": 50, + "max": 125 + }, + "horizontal_sync": { + "min": 30, + "max": 160 + }, + "horizontal_sync_timings": { + "disp": 1280, + "sync_start": 1600, + "sync_end": 1638, + "total": 1728 + }, + "vertical_sync_timings": { + "disp": 800, + "sync_start": 804, + "sync_end": 808, + "total": 828 + }, + "clock": 107300, + "width": 1280, + "height": 800, + "width_millimetres": 325, + "height_millimetres": 203, + "horizontal_flag": 45, + "vertical_flag": 45, + "vendor": "", + "name": "QEMU Monitor" + }, + "driver_info": { + "type": "display", + "width": 2048, + "height": 1152, + "vertical_sync": { + "min": 50, + "max": 125 + }, + "horizontal_sync": { + "min": 30, + "max": 160 + }, + "bandwidth": 0, + "horizontal_sync_timings": { + "disp": 1280, + "sync_start": 1600, + "sync_end": 1638, + "total": 1728 + }, + "vertical_sync_timings": { + "disp": 800, + "sync_start": 804, + "sync_end": 808, + "total": 828 + }, + "horizontal_flag": 45, + "vertical_flag": 45 + } + } + ], + "mouse": [ + { + "index": 39, + "attached_to": 38, + "class_list": [ + "mouse", + "usb" + ], + "bus_type": { + "hex": "0086", + "name": "USB", + "value": 134 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "0105", + "name": "Mouse", + "value": 261 + }, + "sub_class": { + "hex": "0003", + "name": "USB Mouse", + "value": 3 + }, + "vendor": { + "hex": "0627", + "name": "QEMU", + "value": 1575 + }, + "device": { + "hex": "0001", + "name": "QEMU USB Tablet", + "value": 1 + }, + "serial": "28754-0000:00:02.1:00.0-1", + "compat_vendor": "Unknown", + "compat_device": "Generic USB Mouse", + "model": "QEMU USB Tablet", + "sysfs_id": "/devices/pci0000:00/0000:00:02.1/0000:02:00.0/usb1/1-1/1-1:1.0", + "sysfs_bus_id": "1-1:1.0", + "unix_device_name": "/dev/input/mice", + "unix_device_number": { + "type": 99, + "major": 13, + "minor": 63, + "range": 1 + }, + "unix_device_names": [ + "/dev/input/mice" + ], + "unix_device_name2": "/dev/input/mouse0", + "unix_device_number2": { + "type": 99, + "major": 13, + "minor": 32, + "range": 1 + }, + "resources": [ + { + "type": "baud", + "speed": 480000000, + "bits": 0, + "stop_bits": 0, + "parity": 0, + "handshake": 0 + } + ], + "detail": { + "device_class": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "device_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "device_protocol": 0, + "interface_class": { + "hex": "0003", + "name": "hid", + "value": 3 + }, + "interface_subclass": { + "hex": "0000", + "name": "per_interface", + "value": 0 + }, + "interface_protocol": 0, + "interface_number": 0, + "interface_alternate_setting": 0 + }, + "hotplug": "usb", + "driver": "usbhid", + "driver_module": "usbhid", + "drivers": [ + "usbhid" + ], + "driver_modules": [ + "usbhid" + ], + "driver_info": { + "type": "mouse", + "db_entry_0": [ + "explorerps/2", + "exps2" + ], + "xf86": "explorerps/2", + "gpm": "exps2", + "buttons": -1, + "wheels": -1 + }, + "module_alias": "usb:v0627p0001d0000dc00dsc00dp00ic03isc00ip00in00" + } + ], + "network_controller": [ + { + "index": 28, + "attached_to": 16, + "class_list": [ + "network_controller" + ], + "bus_type": { + "hex": "008f", + "name": "Virtio", + "value": 143 + }, + "slot": { + "bus": 0, + "number": 0 + }, + "base_class": { + "hex": "0002", + "name": "Network controller", + "value": 2 + }, + "sub_class": { + "hex": "0000", + "name": "Ethernet controller", + "value": 0 + }, + "vendor": "Virtio", + "device": "Ethernet Card 0", + "model": "Virtio Ethernet Card 0", + "sysfs_id": "/devices/pci0000:00/0000:00:02.0/0000:01:00.0/virtio1", + "sysfs_bus_id": "virtio1", + "unix_device_name": "enp1s0", + "unix_device_names": [ + "enp1s0" + ], + "resources": [ + { + "type": "hwaddr", + "address": 57 + }, + { + "type": "phwaddr", + "address": 57 + } + ], + "driver": "virtio_net", + "driver_module": "virtio_net", + "drivers": [ + "virtio_net" + ], + "driver_modules": [ + "virtio_net" + ], + "module_alias": "virtio:d00000001v00001AF4" + } + ], + "network_interface": [ + { + "index": 41, + "attached_to": 0, + "class_list": [ + "network_interface" + ], + "base_class": { + "hex": "0107", + "name": "Network Interface", + "value": 263 + }, + "sub_class": { + "hex": "0000", + "name": "Loopback", + "value": 0 + }, + "model": "Loopback network interface", + "sysfs_id": "/class/net/lo", + "unix_device_name": "lo", + "unix_device_names": [ + "lo" + ] + }, + { + "index": 42, + "attached_to": 28, + "class_list": [ + "network_interface" + ], + "base_class": { + "hex": "0107", + "name": "Network Interface", + "value": 263 + }, + "sub_class": { + "hex": "0001", + "name": "Ethernet", + "value": 1 + }, + "model": "Ethernet network interface", + "sysfs_id": "/class/net/enp1s0", + "sysfs_device_link": "/devices/pci0000:00/0000:00:02.0/0000:01:00.0/virtio1", + "unix_device_name": "enp1s0", + "unix_device_names": [ + "enp1s0" + ], + "resources": [ + { + "type": "hwaddr", + "address": 57 + }, + { + "type": "phwaddr", + "address": 57 + } + ], + "driver": "virtio_net", + "driver_module": "virtio_net", + "drivers": [ + "virtio_net" + ], + "driver_modules": [ + "virtio_net" + ] + } + ], + "pci": [ + { + "index": 8, + "attached_to": 25, + "class_list": [ + "pci", + "unknown" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 3, + "number": 0 + }, + "base_class": { + "hex": "0007", + "name": "Communication controller", + "value": 7 + }, + "sub_class": { + "hex": "0080", + "name": "Communication controller", + "value": 128 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1043", + "value": 4163 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0001", + "value": 1 + }, + "model": "Communication controller", + "sysfs_id": "/devices/pci0000:00/0000:00:02.2/0000:03:00.0", + "sysfs_bus_id": "0000:03:00.0", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4265607168, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 827854946304, + "range": 16384, + "enabled": true, + "access": "read_only", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1287, + "header_type": 0, + "secondary_bus": 0, + "irq": 22, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": [ + "virtio-pci" + ], + "driver_modules": [ + "virtio_pci" + ], + "module_alias": "pci:v00001AF4d00001043sv00001AF4sd00001100bc07sc80i00" + }, + { + "index": 16, + "attached_to": 27, + "class_list": [ + "pci", + "unknown" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 1, + "number": 0 + }, + "base_class": { + "hex": "0002", + "name": "Network controller", + "value": 2 + }, + "sub_class": { + "hex": "0000", + "name": "Ethernet controller", + "value": 0 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1041", + "value": 4161 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0001", + "value": 1 + }, + "model": "Ethernet controller", + "sysfs_id": "/devices/pci0000:00/0000:00:02.0/0000:01:00.0", + "sysfs_bus_id": "0000:01:00.0", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4269801472, + "range": 524288, + "enabled": false, + "access": "read_only", + "prefetch": "no" + }, + { + "type": "mem", + "base": 4270325760, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 828928688128, + "range": 16384, + "enabled": true, + "access": "read_only", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1287, + "header_type": 0, + "secondary_bus": 0, + "irq": 22, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": [ + "virtio-pci" + ], + "driver_modules": [ + "virtio_pci" + ], + "module_alias": "pci:v00001AF4d00001041sv00001AF4sd00001100bc02sc00i00" + }, + { + "index": 18, + "attached_to": 0, + "class_list": [ + "pci", + "unknown" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 31 + }, + "base_class": { + "hex": "000c", + "name": "Serial bus controller", + "value": 12 + }, + "sub_class": { + "hex": "0005", + "name": "SMBus", + "value": 5 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "2930", + "value": 10544 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0002", + "value": 2 + }, + "model": "Intel SMBus", + "sysfs_id": "/devices/pci0000:00/0000:00:1f.3", + "sysfs_bus_id": "0000:00:1f.3", + "resources": [ + { + "type": "io", + "base": 1792, + "range": 64, + "enabled": true, + "access": "read_write" + }, + { + "type": "irq", + "base": 16, + "triggered": 0, + "enabled": true + } + ], + "detail": { + "function": 3, + "command": 259, + "header_type": 0, + "secondary_bus": 0, + "irq": 16, + "prog_if": 0 + }, + "driver": "i801_smbus", + "driver_module": "i2c_i801", + "drivers": [ + "i801_smbus" + ], + "driver_modules": [ + "i2c_i801" + ], + "module_alias": "pci:v00008086d00002930sv00001AF4sd00001100bc0Csc05i00" + }, + { + "index": 24, + "attached_to": 23, + "class_list": [ + "pci", + "unknown" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 5, + "number": 0 + }, + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "00ff", + "value": 255 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1044", + "value": 4164 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0001", + "value": 1 + }, + "model": "Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:02.4/0000:05:00.0", + "sysfs_bus_id": "0000:05:00.0", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4261412864, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 826781204480, + "range": 16384, + "enabled": true, + "access": "read_only", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1287, + "header_type": 0, + "secondary_bus": 0, + "irq": 22, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": [ + "virtio-pci" + ], + "driver_modules": [ + "virtio_pci" + ], + "module_alias": "pci:v00001AF4d00001044sv00001AF4sd00001100bc00scFFi00" + }, + { + "index": 26, + "attached_to": 15, + "class_list": [ + "pci", + "unknown" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 4, + "number": 0 + }, + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "00ff", + "value": 255 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1045", + "value": 4165 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0001", + "value": 1 + }, + "model": "Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:02.3/0000:04:00.0", + "sysfs_bus_id": "0000:04:00.0", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 827318075392, + "range": 16384, + "enabled": true, + "access": "read_only", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 263, + "header_type": 0, + "secondary_bus": 0, + "irq": 22, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": [ + "virtio-pci" + ], + "driver_modules": [ + "virtio_pci" + ], + "module_alias": "pci:v00001AF4d00001045sv00001AF4sd00001100bc00scFFi00" + } + ], + "storage_controller": [ + { + "index": 9, + "attached_to": 0, + "class_list": [ + "storage_controller", + "pci" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 0, + "number": 31 + }, + "base_class": { + "hex": "0001", + "name": "Mass storage controller", + "value": 1 + }, + "sub_class": { + "hex": "0006", + "value": 6 + }, + "pci_interface": { + "hex": "0001", + "value": 1 + }, + "vendor": { + "hex": "8086", + "name": "Intel Corporation", + "value": 32902 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "2922", + "value": 10530 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0002", + "value": 2 + }, + "model": "Intel Mass storage controller", + "sysfs_id": "/devices/pci0000:00/0000:00:1f.2", + "sysfs_bus_id": "0000:00:1f.2", + "resources": [ + { + "type": "io", + "base": 49216, + "range": 32, + "enabled": true, + "access": "read_write" + }, + { + "type": "irq", + "base": 47, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4272005120, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 2, + "command": 1287, + "header_type": 0, + "secondary_bus": 0, + "irq": 47, + "prog_if": 1 + }, + "driver": "ahci", + "driver_module": "ahci", + "drivers": [ + "ahci" + ], + "driver_modules": [ + "ahci" + ], + "module_alias": "pci:v00008086d00002922sv00001AF4sd00001100bc01sc06i01" + }, + { + "index": 20, + "attached_to": 12, + "class_list": [ + "storage_controller", + "pci" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 6, + "number": 0 + }, + "base_class": { + "hex": "0001", + "name": "Mass storage controller", + "value": 1 + }, + "sub_class": { + "hex": "0000", + "name": "SCSI storage controller", + "value": 0 + }, + "vendor": { + "hex": "1af4", + "value": 6900 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "1048", + "value": 4168 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0001", + "value": 1 + }, + "model": "SCSI storage controller", + "sysfs_id": "/devices/pci0000:00/0000:00:02.5/0000:06:00.0", + "sysfs_bus_id": "0000:06:00.0", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4259315712, + "range": 4096, + "enabled": true, + "access": "read_write", + "prefetch": "no" + }, + { + "type": "mem", + "base": 826244333568, + "range": 16384, + "enabled": true, + "access": "read_only", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1287, + "header_type": 0, + "secondary_bus": 0, + "irq": 22, + "prog_if": 0 + }, + "driver": "virtio-pci", + "driver_module": "virtio_pci", + "drivers": [ + "virtio-pci" + ], + "driver_modules": [ + "virtio_pci" + ], + "module_alias": "pci:v00001AF4d00001048sv00001AF4sd00001100bc01sc00i00" + } + ], + "system": { + "form_factor": "desktop" + }, + "unknown": [ + { + "index": 29, + "attached_to": 24, + "class_list": [ + "unknown" + ], + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "vendor": "Virtio", + "device": "", + "model": "Virtio Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:02.4/0000:05:00.0/virtio4", + "sysfs_bus_id": "virtio4", + "driver": "virtio_rng", + "driver_module": "virtio_rng", + "drivers": [ + "virtio_rng" + ], + "driver_modules": [ + "virtio_rng" + ], + "module_alias": "virtio:d00000004v00001AF4" + }, + { + "index": 30, + "attached_to": 8, + "class_list": [ + "unknown" + ], + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "vendor": "Virtio", + "device": "", + "model": "Virtio Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:02.2/0000:03:00.0/virtio2", + "sysfs_bus_id": "virtio2", + "driver": "virtio_console", + "driver_module": "virtio_console", + "drivers": [ + "virtio_console" + ], + "driver_modules": [ + "virtio_console" + ], + "module_alias": "virtio:d00000003v00001AF4" + }, + { + "index": 31, + "attached_to": 14, + "class_list": [ + "unknown" + ], + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "vendor": "Virtio", + "device": "", + "model": "Virtio Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:01.0/virtio0", + "sysfs_bus_id": "virtio0", + "driver": "virtio_gpu", + "driver_module": "virtio_gpu", + "drivers": [ + "virtio_gpu" + ], + "driver_modules": [ + "virtio_gpu" + ], + "module_alias": "virtio:d00000010v00001AF4" + }, + { + "index": 32, + "attached_to": 20, + "class_list": [ + "unknown" + ], + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "vendor": "Virtio", + "device": "", + "model": "Virtio Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:02.5/0000:06:00.0/virtio5", + "sysfs_bus_id": "virtio5", + "driver": "virtio_scsi", + "driver_module": "virtio_scsi", + "drivers": [ + "virtio_scsi" + ], + "driver_modules": [ + "virtio_scsi" + ], + "module_alias": "virtio:d00000008v00001AF4" + }, + { + "index": 33, + "attached_to": 26, + "class_list": [ + "unknown" + ], + "base_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "sub_class": { + "hex": "0000", + "name": "Unclassified device", + "value": 0 + }, + "vendor": "Virtio", + "device": "", + "model": "Virtio Unclassified device", + "sysfs_id": "/devices/pci0000:00/0000:00:02.3/0000:04:00.0/virtio3", + "sysfs_bus_id": "virtio3", + "driver": "virtio_balloon", + "driver_module": "virtio_balloon", + "drivers": [ + "virtio_balloon" + ], + "driver_modules": [ + "virtio_balloon" + ], + "module_alias": "virtio:d00000005v00001AF4" + }, + { + "index": 35, + "attached_to": 0, + "class_list": [ + "unknown" + ], + "base_class": { + "hex": "0007", + "name": "Communication controller", + "value": 7 + }, + "sub_class": { + "hex": "0000", + "name": "Serial controller", + "value": 0 + }, + "pci_interface": { + "hex": "0002", + "name": "16550", + "value": 2 + }, + "device": { + "hex": "0000", + "name": "16550A", + "value": 0 + }, + "model": "16550A", + "unix_device_name": "/dev/ttyS0", + "unix_device_names": [ + "/dev/ttyS0" + ], + "resources": [ + { + "type": "io", + "base": 1016, + "range": 0, + "enabled": true, + "access": "read_write" + }, + { + "type": "irq", + "base": 4, + "triggered": 0, + "enabled": true + } + ] + } + ], + "usb_controller": [ + { + "index": 13, + "attached_to": 17, + "class_list": [ + "usb_controller", + "pci" + ], + "bus_type": { + "hex": "0004", + "name": "PCI", + "value": 4 + }, + "slot": { + "bus": 2, + "number": 0 + }, + "base_class": { + "hex": "000c", + "name": "Serial bus controller", + "value": 12 + }, + "sub_class": { + "hex": "0003", + "name": "USB Controller", + "value": 3 + }, + "pci_interface": { + "hex": "0030", + "value": 48 + }, + "vendor": { + "hex": "1b36", + "value": 6966 + }, + "sub_vendor": { + "hex": "1af4", + "value": 6900 + }, + "device": { + "hex": "000d", + "value": 13 + }, + "sub_device": { + "hex": "1100", + "value": 4352 + }, + "revision": { + "hex": "0001", + "value": 1 + }, + "model": "USB Controller", + "sysfs_id": "/devices/pci0000:00/0000:00:02.1/0000:02:00.0", + "sysfs_bus_id": "0000:02:00.0", + "resources": [ + { + "type": "irq", + "base": 22, + "triggered": 0, + "enabled": true + }, + { + "type": "mem", + "base": 4267704320, + "range": 16384, + "enabled": true, + "access": "read_write", + "prefetch": "no" + } + ], + "detail": { + "function": 0, + "command": 1287, + "header_type": 0, + "secondary_bus": 0, + "irq": 22, + "prog_if": 48 + }, + "driver": "xhci_hcd", + "driver_module": "xhci_pci", + "drivers": [ + "xhci_hcd" + ], + "driver_modules": [ + "xhci_pci" + ], + "module_alias": "pci:v00001B36d0000000Dsv00001AF4sd00001100bc0Csc03i30" + } + ] + }, + "smbios": { + "bios": { + "handle": 0, + "vendor": "Hetzner", + "version": "20171111", + "date": "11/11/2017", + "features": null, + "start_address": "0xe8000", + "rom_size": 65536 + }, + "board": { + "handle": 512, + "manufacturer": "KVM", + "product": "Standard PC (Q35 + ICH9, 2009)", + "version": "pc-q35-8.2", + "board_type": { + "hex": "000a", + "name": "Motherboard", + "value": 10 + }, + "features": [ + "Hosting Board" + ], + "location": "", + "chassis": 768 + }, + "chassis": [ + { + "handle": 768, + "manufacturer": "QEMU", + "version": "NotSpecified", + "chassis_type": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "lock_present": false, + "bootup_state": { + "hex": "0003", + "name": "Safe", + "value": 3 + }, + "power_state": { + "hex": "0003", + "name": "Safe", + "value": 3 + }, + "thermal_state": { + "hex": "0003", + "name": "Safe", + "value": 3 + }, + "security_state": { + "hex": "0002", + "name": "Unknown", + "value": 2 + }, + "oem": "0x0" + } + ], + "memory_array": [ + { + "handle": 4096, + "location": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "usage": { + "hex": "0003", + "name": "System memory", + "value": 3 + }, + "ecc": { + "hex": "0006", + "name": "Multi-bit", + "value": 6 + }, + "max_size": "0x7d0000", + "error_handle": 65534, + "slots": 1 + } + ], + "memory_array_mapped_address": [ + { + "handle": 4864, + "array_handle": 4096, + "start_address": "0x0", + "end_address": "0x80000000", + "part_width": 1 + }, + { + "handle": 4865, + "array_handle": 4096, + "start_address": "0x100000000", + "end_address": "0x274000000", + "part_width": 1 + } + ], + "memory_device": [ + { + "handle": 4352, + "location": "DIMM 0", + "bank_location": "", + "manufacturer": "QEMU", + "part_number": "", + "array_handle": 4096, + "error_handle": 65534, + "width": 0, + "ecc_bits": 0, + "size": 8192000, + "form_factor": { + "hex": "0009", + "name": "DIMM", + "value": 9 + }, + "set": 0, + "memory_type": { + "hex": "0007", + "name": "RAM", + "value": 7 + }, + "memory_type_details": [ + "Other" + ], + "speed": 0 + } + ], + "processor": [ + { + "handle": 1024, + "socket": "CPU 0", + "socket_type": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "socket_populated": true, + "manufacturer": "QEMU", + "version": "NotSpecified", + "part": "", + "processor_type": { + "hex": "0003", + "name": "CPU", + "value": 3 + }, + "processor_family": { + "hex": "0001", + "name": "Other", + "value": 1 + }, + "processor_status": { + "hex": "0001", + "name": "Enabled", + "value": 1 + }, + "clock_ext": 0, + "clock_max": 2000, + "cache_handle_l1": 0, + "cache_handle_l2": 0, + "cache_handle_l3": 0 + } + ], + "system": { + "handle": 256, + "manufacturer": "Hetzner", + "product": "vServer", + "version": "20171111", + "wake_up": { + "hex": "0006", + "name": "Power Switch", + "value": 6 + } + } + } +} diff --git a/server/flake.lock b/server/flake.lock new file mode 100644 index 0000000..f9e8103 --- /dev/null +++ b/server/flake.lock @@ -0,0 +1,120 @@ +{ + "nodes": { + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1764350888, + "narHash": "sha256-6Rp18zavTlnlZzcoLoBTJMBahL2FycVkw2rAEs3cQvo=", + "owner": "nix-community", + "repo": "disko", + "rev": "2055a08fd0e2fd41318279a5355eb8a161accf26", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, + "nixos-facter-modules": { + "locked": { + "lastModified": 1764252389, + "narHash": "sha256-3bbuneTKZBkYXlm0bE36kUjiDsasoIC1GWBw/UEJ9T4=", + "owner": "numtide", + "repo": "nixos-facter-modules", + "rev": "5ea68886d95218646d11d3551a476d458df00778", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "nixos-facter-modules", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1764242076, + "narHash": "sha256-sKoIWfnijJ0+9e4wRvIgm/HgE27bzwQxcEmo2J/gNpI=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "2fad6eac6077f03fe109c4d4eb171cf96791faa4", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1761236834, + "narHash": "sha256-+pthv6hrL5VLW2UqPdISGuLiUZ6SnAXdd2DdUE+fV2Q=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "d5faa84122bc0a1fd5d378492efce4e289f8eac1", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "disko": "disko", + "nixos-facter-modules": "nixos-facter-modules", + "nixpkgs": "nixpkgs", + "sops-nix": "sops-nix", + "treefmt-nix": "treefmt-nix" + } + }, + "sops-nix": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1764483358, + "narHash": "sha256-EyyvCzXoHrbL467YSsQBTWWg4sR96MH1sPpKoSOelB4=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "5aca6ff67264321d47856a2ed183729271107c9c", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1762938485, + "narHash": "sha256-AlEObg0syDl+Spi4LsZIBrjw+snSVU4T8MOeuZJUJjM=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "5b4ee75aeefd1e2d5a1cc43cf6ba65eba75e83e4", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/server/flake.nix b/server/flake.nix new file mode 100644 index 0000000..47a9d09 --- /dev/null +++ b/server/flake.nix @@ -0,0 +1,73 @@ +{ + description = "jakezerrer.com"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + disko = { + url = "github:nix-community/disko"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + treefmt-nix.url = "github:numtide/treefmt-nix"; + nixos-facter-modules.url = "github:numtide/nixos-facter-modules"; + sops-nix = { + url = "github:Mic92/sops-nix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + }; + + outputs = + { + self, + nixpkgs, + disko, + nixos-facter-modules, + treefmt-nix, + sops-nix, + }: + { + devShells = { + aarch64-darwin.default = + let + pkgs = import nixpkgs { system = "aarch64-darwin"; }; + treefmt = treefmt-nix.lib.evalModule pkgs { + projectRootFile = "flake.nix"; + programs.nixfmt.enable = true; + }; + in + pkgs.mkShell { + buildInputs = [ + treefmt.config.build.wrapper + pkgs.nixos-rebuild-ng + pkgs.sops + pkgs.age + pkgs.ssh-to-age + ]; + }; + }; + nixosConfigurations = { + bootstrap = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + disko.nixosModules.disko + sops-nix.nixosModules.sops + ./disk-config.nix + ./bootstrap.nix + nixos-facter-modules.nixosModules.facter + { config.facter.reportPath = ./facter.json; } + ]; + }; + + server = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + disko.nixosModules.disko + sops-nix.nixosModules.sops + ./disk-config.nix + ./server.nix + nixos-facter-modules.nixosModules.facter + { config.facter.reportPath = ./facter.json; } + ]; + }; + }; + }; +} diff --git a/server/secrets/secrets.yaml b/server/secrets/secrets.yaml new file mode 100644 index 0000000..563cc3c --- /dev/null +++ b/server/secrets/secrets.yaml @@ -0,0 +1,25 @@ +hello: ENC[AES256_GCM,data:DY8pwgpRZsmofS25XfWcOjAJHE3GRn1AT45bEVYyz/LSL+ENOHEolMcORN4D/Q==,iv:eKkFkshVdYBSqpKPQM5hU8AG6ATSiKr3DZM3p6Cx2Jg=,tag:22JXnrMojl40gRNbpLIzKQ==,type:str] +sops: + age: + - recipient: age180u4qm6nj3uq4w2ytw26v8n6gjxnvhxwwu8gvkcjta56xd5c79eqvmrumf + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMUHgvM0JRcFF2N2ZEOWVM + L1YwbTQ4Y1N4RmxGdXQrVHEzOWlPUC9ud0ZRClRXRzZUc201cGIwd3dXb0RrTDlP + V2lxdkhyR2RSQmZUS3V0VXMwRlZkVm8KLS0tIFFoK1VyeUlHRDhrUVJUdDBxUTA5 + MHgzeFFoMHpFc09taWFqWTdLZU1odDQKH9/7v/Roepy/Kwd+fTBSD5L6A9UDnmYT + eIr6BqjRBRWCCOi6jUXNYYj9ZYlCU/qhHZDaqyE4lXGlyDr0SuJ5hw== + -----END AGE ENCRYPTED FILE----- + - recipient: age1jpj75ma6zv8w6242jl8gt99lee6jlwyna8zh0xvfe0e5yp7hvchswkty0r + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkSlFxdkV1aHM2R2lRQllz + SWdyMExTSkVwQk9jbzdKQ09TZE9IcHcyZ1NjCjNQTVp4TmsxUWpCclk2clY3TlFJ + OXRCd3djK3Bza1NHVlpUR3pPZG96VzQKLS0tIEhZK2cyVkt1ZGdrZitxdVBGVThB + aFZwM0d6alRLQjFLOGxVUlFtZTBNM2sKIixsArToVlVlslbLEGF+Nus2nY5YWYyH + FdoQTvXAmKf8/gaye7WVERiNq1K6h4/52X+XThoe4wBaDnTiUpHmjg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-11-30T16:44:35Z" + mac: ENC[AES256_GCM,data:Fgxolcxv0ZaS3+AGX0541cquXYiDIDS7m/AT/8m6drR4zY3iKYwLFi6U8ohSV+VGzc1mK3y8krpzPIB8BGKiyXB4PvF8flrcFm/Tv6kfJ3Egnjr+U4tq+clXL3Ve41cbiniAh34PBXSWhrJTd/4B2fSTwEER0tnymTviafxCuvs=,iv:lxm2mGhg35RxzLNYIgrSJWaEhzxh/drq6vpuMZmgh3Q=,tag:zQcNbfjieXTKNpnokq/6IQ==,type:str] + unencrypted_suffix: _unencrypted + version: 3.11.0 diff --git a/server/server.nix b/server/server.nix new file mode 100644 index 0000000..dd475e5 --- /dev/null +++ b/server/server.nix @@ -0,0 +1,31 @@ +{ + config, + modulesPath, + lib, + pkgs, + ... +}@args: +{ + imports = [ + ./bootstrap.nix + ]; + + users.mutableUsers = false; + + sops = { + defaultSopsFile = ./secrets/secrets.yaml; + defaultSopsFormat = "yaml"; + + age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + + secrets = { }; + }; + + networking.firewall = { + allowedTCPPorts = lib.mkForce [ + 22 + 80 + 443 + ]; + }; +} |