From 93b8d31a338b94dd01c53941eccf6c7833a75662 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kier=C3=A1n=20Meinhardt?= <kmein@posteo.de>
Date: Fri, 20 May 2022 23:04:15 +0200
Subject: [PATCH] feat: init ful

---
 configs/ssh.nix                        |  6 ++--
 flake.nix                              |  5 ++-
 lib/retiolum-network.nix               |  5 +++
 systems/ful/configuration.nix          | 46 ++++++++++++++++++++++++++
 systems/ful/hardware-configuration.nix | 38 +++++++++++++++++++++
 5 files changed, 96 insertions(+), 4 deletions(-)
 create mode 100644 systems/ful/configuration.nix
 create mode 100644 systems/ful/hardware-configuration.nix

diff --git a/configs/ssh.nix b/configs/ssh.nix
index 3c321d7..7298f12 100644
--- a/configs/ssh.nix
+++ b/configs/ssh.nix
@@ -57,9 +57,9 @@ in {
         hostname = "135.181.85.233";
         user = "root";
       };
-      oracle = {
-        hostname = "130.61.171.199";
-        user = "ubuntu";
+      ful = {
+        hostname = "ful.r";
+        user = "root";
       };
     };
   };
diff --git a/flake.nix b/flake.nix
index 8c1601a..fbf29d1 100644
--- a/flake.nix
+++ b/flake.nix
@@ -119,7 +119,10 @@
           type = "app";
           program = deployScriptFor {
             inherit name;
-            host = "${name}.r";
+            host =
+              if name != "ful"
+              then "${name}.r"
+              else "130.61.209.15";
           };
         };
       });
diff --git a/lib/retiolum-network.nix b/lib/retiolum-network.nix
index 8cdd2be..82a9b13 100644
--- a/lib/retiolum-network.nix
+++ b/lib/retiolum-network.nix
@@ -4,6 +4,11 @@
     ipv6 = "42:0:3c46:861f:a118:8e9a:82c9:3d";
   };
 
+  ful = {
+    ipv4 = "10.243.2.107";
+    ipv6 = "42:0:3c46:2c8b:a564:1213:9fb4:1bc4";
+  };
+
   zaatar = {
     ipv4 = "10.243.2.34";
     ipv6 = "42:0:3c46:156e:10b6:3bd6:6e82:b2cd";
diff --git a/systems/ful/configuration.nix b/systems/ful/configuration.nix
new file mode 100644
index 0000000..fc69daf
--- /dev/null
+++ b/systems/ful/configuration.nix
@@ -0,0 +1,46 @@
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}: let
+  inherit (import <niveum/lib>) kieran retiolumAddresses;
+in {
+  imports = [
+    ./hardware-configuration.nix
+    <niveum/configs/monitoring.nix>
+    <niveum/configs/nix.nix>
+    <niveum/configs/save-space.nix>
+    <niveum/configs/spacetime.nix>
+    <niveum/configs/sshd.nix>
+    <niveum/modules/retiolum.nix>
+  ];
+
+  nix.nixPath = ["/var/src"];
+
+  networking = {
+    firewall.allowedTCPPorts = [80 443];
+    hostName = "ful";
+    interfaces.enp0s3.useDHCP = true;
+    retiolum = retiolumAddresses.ful;
+    useDHCP = false;
+  };
+
+  system.stateVersion = "21.11";
+
+  services.nginx = {
+    enable = true;
+    recommendedGzipSettings = true;
+    recommendedOptimisation = true;
+    recommendedProxySettings = true;
+    recommendedTlsSettings = true;
+    sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
+  };
+
+  security.acme = {
+    acceptTerms = true;
+    email = kieran.email;
+  };
+
+  environment.systemPackages = [pkgs.vim pkgs.git pkgs.tmux pkgs.python3];
+}
diff --git a/systems/ful/hardware-configuration.nix b/systems/ful/hardware-configuration.nix
new file mode 100644
index 0000000..566c567
--- /dev/null
+++ b/systems/ful/hardware-configuration.nix
@@ -0,0 +1,38 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  imports = [<nixpkgs/nixos/modules/profiles/qemu-guest.nix>];
+
+  boot = {
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+    initrd = {
+      availableKernelModules = ["virtio_pci" "usbhid"];
+      kernelModules = ["bochs_drm"];
+    };
+    kernelModules = [
+      "console=ttyS0"
+      "console=tty1"
+      "nvme.shutdown_timeout=10"
+      "libiscsi.debug_libiscsi_eh=1"
+    ];
+    extraModulePackages = [];
+  };
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/9bf751c7-cf32-49fb-9354-17694c7a46e0";
+    fsType = "ext4";
+  };
+
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/7817-285D";
+    fsType = "vfat";
+  };
+
+  swapDevices = [];
+}