feat: add riscv64 cluster - rolling girls

2026-04-17 14:39:44 +02:00 · 2023-08-16 01:22:15 +08:00
parent f682523804
commit f5c1148c94
11 changed files with 471 additions and 14 deletions
--- a/modules/nixos/core-riscv64.nix
+++ b/modules/nixos/core-riscv64.nix
@@ -0,0 +1,74 @@
+{config, pkgs, nixpkgs, ...}: {
+
+  # =========================================================================
+  #      Base NixOS Configuration
+  # =========================================================================
+
+  # Set your time zone.
+  time.timeZone = "Asia/Shanghai";
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  nix.settings = {
+    # Manual optimise storage: nix-store --optimise
+    # https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-auto-optimise-store
+    auto-optimise-store = true;
+    builders-use-substitutes = true;
+    # enable flakes globally
+    experimental-features = ["nix-command" "flakes"];
+  };
+
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
+  #
+  # TODO feel free to add or remove packages here.
+  environment.systemPackages = with pkgs; [
+    neovim
+
+    # networking
+    mtr      # A network diagnostic tool
+    iperf3   # A tool for measuring TCP and UDP bandwidth performance
+    nmap     # A utility for network discovery and security auditing
+    ldns     # replacement of dig, it provide the command `drill`
+    socat    # replacement of openbsd-netcat
+    tcpdump  # A powerful command-line packet analyzer
+
+    # archives
+    zip
+    xz
+    unzip
+    p7zip
+    zstd
+    gnutar
+
+    # misc
+    file
+    which
+    tree
+    gnused
+    gawk
+    tmux
+    docker-compose
+  ];
+
+  # replace default editor with neovim
+  environment.variables.EDITOR = "nvim";
+
+  virtualisation.docker = {
+    enable = true;
+    # start dockerd on boot.
+    # This is required for containers which are created with the `--restart=always` flag to work.
+    enableOnBoot = true;
+  };
+
+  services.openssh = {
+    enable = true;
+    settings = {
+      X11Forwarding = true;
+      PermitRootLogin = "prohibit-password";  # disable root login with password
+      PasswordAuthentication = false; # disable password login
+    };
+    openFirewall = true;
+  };
+}
--- a/modules/nixos/remote-building.nix
+++ b/modules/nixos/remote-building.nix
@@ -73,6 +73,7 @@
  # define the host alias for remote builders
  # this config will be written to /etc/ssh/ssh_config
  programs.ssh.extraConfig = ''
+    # idols
    Host ai
      HostName 192.168.5.100
      Port 22
@@ -88,6 +89,19 @@
    Host kana
      HostName 192.168.5.103
      Port 22
+
+    # rolling girls
+    Host nozomi
+      HostName 192.168.5.104
+      Port 22
+
+    Host yukina
+      HostName 192.168.5.105
+      Port 22
+
+    Host chiaya
+      HostName 192.168.5.106
+      Port 22
  '';

  # define the host key for remote builders so that nix can verify all the remote builders