lzebulon/homelab
lzebulon/homelab
1
0
Fork 0
Code Issues Pull requests Projects 1 Releases Packages Wiki Activity Actions

initial commit

Browse source
This commit is contained in:
Lzebulon 2025-08-06 00:18:58 +02:00
commit 95085a0d24
Signed by: lzebulon
GPG key ID: D6CDAB8050CBBE7D
16 changed files with 294 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
README.md Normal file
View file

@ -0,0 +1,6 @@
# Homelab
C'est le repo de mon homelab sous nixos.

27
flake.lock generated Normal file
View file

@ -0,0 +1,27 @@
{
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1753345091,
"narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "3ff0e34b1383648053bba8ed03f201d3466f90c9",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}

31
flake.nix Normal file
View file

@ -0,0 +1,31 @@
{
description = "Mon homelab";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
};
outputs = { self, nixpkgs }@inputs:
let
system = "x86_64-linux";
in
{
nixosConfigurations = {
hyponix = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = inputs;
modules = [
./hosts/physique/hyponix
./modules
];
};
};
devShells.x86_64-linux.default =
let pkgs = import nixpkgs { inherit system; };
in pkgs.callPackage ./tools/devshell.nix { };
};
}

10
hosts/physique/hyponix/README.md Normal file
View file

@ -0,0 +1,10 @@
# Hyponix
## Caractéristiques
```
Host: ASUSTeK COMPUTER INC. CM6731_CM6431_CM6331
CPU: Intel i5-3350P (4) @3.300GHz
GPU: NVIDIA GeForce GT 625 OEM
Memory : 8G, 1600 MT/s AO2L16BC8R2-BR2S
```

16
hosts/physique/hyponix/default.nix Normal file
View file

@ -0,0 +1,16 @@
{ config, lib, ... }:
{
imports = [
./hardware-configuration.nix
./networking.nix
./services
../../../modules
];
boot.loader.grub.device = "/dev/sda";
networking.hostName = "hyponix";
system.stateVersion = "25.05";
}

27
hosts/physique/hyponix/hardware-configuration.nix Normal file
View file

@ -0,0 +1,27 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "ehci_pci" "ata_piix" "ums_realtek" "usb_storage" "usbhid" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{
device = "/dev/disk/by-uuid/4c0afbf4-08c4-468e-b480-4d1ae13a1073";
fsType = "ext4";
};
swapDevices = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

9
hosts/physique/hyponix/networking.nix Normal file
View file

@ -0,0 +1,9 @@
{ ... }:
{
networking.interfaces.enp5s0 = {
ipv6.addresses = [{
address = "2a02:8428:c272:6f01:aaaa:bbbb:cccc:3142";
prefixLength = 64;
}];
};
}

13
hosts/physique/hyponix/services/default.nix Normal file
View file

@ -0,0 +1,13 @@
{ ... }:
{
imports = [
./fail2ban.nix
./forgejo.nix
];
services.caddy = {
enable = true;
};
networking.firewall.allowedTCPPorts = [80 443];
}

8
hosts/physique/hyponix/services/fail2ban.nix Normal file
View file

@ -0,0 +1,8 @@
{ ... }:
{
services.fail2ban = {
enable = true;
};
services.openssh.settings.LogLevel = "VERBOSE";
}

22
hosts/physique/hyponix/services/forgejo.nix Normal file
View file

@ -0,0 +1,22 @@
{config, ...}:
let
domain = "git.${config.networking.domain}";
in
{
services.forgejo = {
enable = true;
settings = {
server = {
DOMAIN = domain;
};
};
};
services.caddy.virtualHosts."git.${config.networking.domain}" = {
extraConfig = ''
reverse_proxy localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}
'';
};
}

21
modules/common/default.nix Normal file
View file

@ -0,0 +1,21 @@
{ pkgs, ... }:
{
imports = [
./users.nix
];
services.openssh = {
enable = true;
};
programs.htop.enable = true;
networking.domain = "v2.bytestall.info";
environment.systemPackages = with pkgs; [
vim
dig
powertop
];
}

16
modules/common/users.nix Normal file
View file

@ -0,0 +1,16 @@
{ ... }:
{
users = {
mutableUsers = false;
users.lzebulon = {
isNormalUser = true;
hashedPassword = "$y$j9T$l3Sr.4rBoWPTNx9AQNd6n0$rHprSWYdDIv0sjrMz1/47fZSboNL95/v43HZCbsuSM3";
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKCR6uatrqbCViftPwQ17JNVN8KBC02sPAOu+uRKGhLR lzebulon"
];
};
};
}

8
modules/default.nix Normal file
View file

@ -0,0 +1,8 @@
{...}:
{
imports = [
./common
];
nix.settings.experimental-features = [ "flakes" "nix-command" ];
}

27
modules/virtual/default.nix Normal file
View file

@ -0,0 +1,27 @@
{ lib
, config
, ...
}:
with lib;
let
cfg = config.virtualMachines;
in
{
options.virtualMachines = {
enable = mkEnableOption "Enable Module";
vmHost = mkOption {
type = with types; attrsOf (submodule (import ./vm-options.nix { inherit cfg; }));
default = { };
example = literalExpression ''
Todo
'';
description = ''
Declaration d'une vm
'';
};
};
config = mkIf cfg.enable { };
}

37
modules/virtual/vm-options.nix Normal file
View file

@ -0,0 +1,37 @@
{ cfg }:
{ config
, lib
, name
, ...
}:
let
inherit (lib) literalExpression mkOption types;
in
{
options = {
vmid = mkOption {
type = types.int;
description = "id de la vm";
};
networking = {
macAddress = mkOption {
type = with types; listOf str;
example = [ "02:00:00:00:00:00" ];
description = ''
Mac adresse de l'interface reseau de la vm.
Les mac adresses safes sont les suivantes :
x2:xx:xx:xx:xx:xx
x6:xx:xx:xx:xx:xx
xA:xx:xx:xx:xx:xx
xE:xx:xx:xx:xx:xx
avec x n'importe quel valeur
'';
};
};
};
}

16
tools/devshell.nix Normal file
View file

@ -0,0 +1,16 @@
{ pkgs
,
}:
pkgs.mkShell {
name = "homelab";
packages = with pkgs; [
nil
nixpkgs-fmt
];
shellHook = ''
exec zsh
'';
}