From ad179def494cdf982cc9e7e6d4fdd0cea1fca9f1 Mon Sep 17 00:00:00 2001
From: Ari Gerus <ar@hackerspace.pl>
Date: Tue, 11 Jun 2024 18:35:16 +0200
Subject: [PATCH] hswaw/machines: add snowflake

This adds one of the 4 new fast machines that will run various one-off
workloads, initially mostly migrated off of the old dell m1000e blade
chassis, such as a virtualized boston-packets.

Change-Id: I4a85f8e14cd79257ad41bbe1519f33595f4e497a
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1981
Reviewed-by: q3k <q3k@hackerspace.pl>
---
 hswaw/machines/snowflake/configuration.nix    | 59 +++++++++++++++++++
 .../snowflake/hardware-configuration.nix      | 38 ++++++++++++
 ops/hive.nix                                  |  9 +++
 3 files changed, 106 insertions(+)
 create mode 100644 hswaw/machines/snowflake/configuration.nix
 create mode 100644 hswaw/machines/snowflake/hardware-configuration.nix

diff --git a/hswaw/machines/snowflake/configuration.nix b/hswaw/machines/snowflake/configuration.nix
new file mode 100644
index 00000000..27d1264e
--- /dev/null
+++ b/hswaw/machines/snowflake/configuration.nix
@@ -0,0 +1,59 @@
+{ config, lib, pkgs, ... }:
+
+let
+  ssh-keys = {
+    q3k = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG599UildOrAq+LIOQjKqtGMwjgjIxozI1jtQQRKHtCP q3k@mimeomia"
+    ];
+    implr = [
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC33naG1ptCvUcRWX9cj9wXM1nW1lyQC4SvMJzWlr9aMD96O8hQ2JMkuIUgUJvorAY02QRplQ2BuoVoVkdkzwjMyi1bL3OdgcKo7Z1yByClGTTocqNJYY0lcUb6EJH8+6e6F9ydrQlSxNzL1uCaA7phZr+yPcmAmWbSfioXn98yXNkE0emHxzJv/nypJY56sDCMC2IXDRd8L2goDtPwgPEW7bWfAQdIFMJ75xOidZOTxJ8eqyXLw/kxY5UlyX66jdoYz1sE5XUHuoQl1AOG9UdlMo0aMhUvP4pX5l7r7EnA9OttKMFB3oWqkVK/R6ynZ52YNOU5BZ9V+Ppaj34W0xNu+p0mbHcCtXYCTrf/OU0hcZDbDaNTjs6Vtcm2wYw9iAKX7Tex+eOMwUwlrlcyPNRV5BTot7lGNYfauHCSIuWJKN4NhCLR/NtVNh4/94eKkPTwJsY6XqDcS7q49wPAs4DAH7BJgsbHPOqygVHrY0YYEfz3Pj0HTxJHQMCP/hQX4fXEGt0BjgoVJbXPAQtPyeg0JuxiUg+b4CgVVfQ6R060MlM1BZzhmh+FY5MJH6nJppS0aHYCvSg8Z68NUlCPKy0jpcyfuAIWQWwSGG1O010WShQG2ELsvNdg5/4HVdCGNl5mmoom6JOd72FOZyQlHDFfeQUQRn9HOeCq/c51rK99SQ== bartek@IHM"
+    ];
+    patryk = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJVh2GYcw2teiQBSvwDkLgXodnUZyRvYXEkYW/E7hDsC patryk@raven"
+    ];
+    informatic = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDoKB2p/gFaKthQNXeQvSLzhOlLSq3vjVL3AEOBTMXGH informatic@atuin"
+    ];
+    ari = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGfIRe1nH6vwjQTjqHNnkKAdr1VYqGEeQnqInmf3A6UN ar@khas"
+    ];
+  };
+in {
+  imports =
+    [
+      ./hardware-configuration.nix
+    ];
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "snowflake";
+  networking.nameservers = [ "185.236.240.1" ];
+
+  time.timeZone = "Europe/Warsaw";
+
+  services.openssh.enable = true;
+
+  networking.hostId = "402e0aa7";
+  networking.interfaces = {
+    enp49s0f1.useDHCP = false;
+    enp49s0f0 = {
+      useDHCP = false;
+      ipv4 = {
+        addresses = [{
+          address = "185.236.240.42";
+          prefixLength = 28;
+        }];
+        routes = [{
+          address = "0.0.0.0";
+          prefixLength = 0;
+          via = "185.236.240.33";
+        }];
+      };
+    };
+  };
+
+  system.stateVersion = "24.11";
+  users.users.root.openssh.authorizedKeys.keys = lib.attrsets.foldlAttrs (acc: _: v: v ++ acc) [] ssh-keys;
+}
+
diff --git a/hswaw/machines/snowflake/hardware-configuration.nix b/hswaw/machines/snowflake/hardware-configuration.nix
new file mode 100644
index 00000000..57791749
--- /dev/null
+++ b/hswaw/machines/snowflake/hardware-configuration.nix
@@ -0,0 +1,38 @@
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "snowflake/ROOT/nixos";
+      fsType = "zfs";
+    };
+
+  fileSystems."/var/lib/libvirt" =
+    { device = "snowflake/libvirt";
+      fsType = "zfs";
+    };
+
+  fileSystems."/nix" =
+    { device = "snowflake/nix";
+      fsType = "zfs";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/96F4-21FB";
+      fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" ];
+    };
+
+  swapDevices = [ ];
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = true;
+}
diff --git a/ops/hive.nix b/ops/hive.nix
index a8b1eea0..e9297c71 100644
--- a/ops/hive.nix
+++ b/ops/hive.nix
@@ -79,6 +79,14 @@ in
           sha256 = "0jf6pnz4s5w9p35wd584hy7p6r5aaq1khfdxv2c1nqnmss05nn2b";
         })
         { system = "aarch64-linux"; };
+
+      "snowflake.hackerspace.pl" = import
+        (fetchTarball {
+          # NixOS/nixpkgs/nixos-unstable 2024-06-11
+          url = "https://api.github.com/repos/NixOS/nixpkgs/tarball/c7b821ba2e1e635ba5a76d299af62821cbcb09f3";
+          sha256 = "0gzqmnniwqjs7hqi6y9zxf2by1j2nxa82zsixzskbr1yrw5vfcqr";
+        })
+        { system = "x86_64-linux"; };
     };
 
     allowApplyAll = false;
@@ -113,4 +121,5 @@ in
     imports = [ ../hswaw/machines/printmaster.waw.hackerspace.pl/configuration.nix ];
     deployment.buildOnTarget = true;
   };
+  "snowflake.hackerspace.pl" = import ../hswaw/machines/snowflake/configuration.nix;
 }