From 3ae1457bc45a0cc08b30cc63b92f47eecff56a14 Mon Sep 17 00:00:00 2001
From: seth <getchoo@tuta.io>
Date: Tue, 25 Apr 2023 21:59:08 -0400
Subject: hosts: init atlas

---
 hosts/atlas/default.nix | 50 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)
 create mode 100644 hosts/atlas/default.nix

(limited to 'hosts/atlas/default.nix')

diff --git a/hosts/atlas/default.nix b/hosts/atlas/default.nix
new file mode 100644
index 0000000..3d52b66
--- /dev/null
+++ b/hosts/atlas/default.nix
@@ -0,0 +1,50 @@
+{
+  config,
+  hercules-ci-agent,
+  pkgs,
+  ...
+}: {
+  imports = [
+    ./hardware-configuration.nix
+    hercules-ci-agent.nixosModules.agent-service
+  ];
+
+  server.enable = true;
+
+  boot.cleanTmpDir = true;
+
+  environment.systemPackages = with pkgs; [
+    hercules-ci-agent.packages.x86_64-linux.hercules-ci-cli
+  ];
+
+  networking.hostName = "atlas";
+  nix.settings.trusted-users = ["atlas"];
+
+  services.hercules-ci-agent.enable = true;
+
+  swapDevices = [
+    {
+      device = "/swapfile";
+      size = 16384;
+    }
+  ];
+
+  system.stateVersion = "22.11";
+
+  users.users = let
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMPV9wiDwXVyoVh347CAulkdGzG7+1m/rZ1aV5fk3BHM atlas getchoo@tuta.io"
+    ];
+  in {
+    root = {inherit openssh;};
+    atlas = {
+      extraGroups = ["wheel"];
+      isNormalUser = true;
+      shell = pkgs.bash;
+      passwordFile = config.age.secrets.atlasPassword.path;
+      inherit openssh;
+    };
+  };
+
+  zramSwap.enable = true;
+}
-- 
cgit v1.2.3