feat(deploy): update mirai hostname and add tako deployment config

The commit updates the hostname for the mirai node to include the full domain name and adds a new deployment configuration for a tako node. It also includes changes to the tako configuration file such as updating secret paths, user configuration, timezone, and disk layout settings. Additionally, several services are commented out in the tako configuration.
2025-11-26 18:43:30 +05:30
parent b5399c5cc8
commit f1d8ea6069
4 changed files with 22 additions and 14 deletions
--- a/deploy.nix
+++ b/deploy.nix
@@ -5,7 +5,7 @@
 }: {
  nodes = {
    mirai = {
-      hostname = "mirai";
+      hostname = "mirai.darksailor.dev";
      profiles.system = {
        sshUser = "fs0c131y";
        path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.mirai;
@@ -28,6 +28,14 @@
        user = "root";
      };
    };
    tako = {
      hostname = "tako.darksailor.dev";
      profiles.system = {
        sshUser = "root";
        path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.tako;
        user = "root";
      };
    };
    # kuro = {
    #   hostname = "kuro";
    #   interactiveSudo = true;
--- a/nixos/tako/configuration.nix
+++ b/nixos/tako/configuration.nix
@@ -24,7 +24,7 @@
  security.sudo.wheelNeedsPassword = false;
  sops = {
-    secrets."builder/tako/cache/private" = {};
+    secrets."builder/mirai/cache/private" = {};
    secrets.users = {
      sopsFile = ../../secrets/users.yaml;
      format = "yaml";
@@ -58,7 +58,7 @@
      build-users-group = nixbld
      extra-nix-path = nixpkgs=flake:nixpkgs
      builders-use-substitutes = true
-      secret-key-files = ${config.sops.secrets."builder/tako/cache/private".path}
+      secret-key-files = ${config.sops.secrets."builder/mirai/cache/private".path}
    '';
    gc = {
      automatic = true;
@@ -69,7 +69,7 @@
    distributedBuilds = true;
  };
-  users.users.fs0c131y = {
+  users.users.${device.user} = {
    isNormalUser = true;
    extraGroups = ["wheel" "docker" "media"];
    openssh.authorizedKeys.keyFiles = [
@@ -92,7 +92,7 @@
  # networking.networkmanager.enable = true;  # Easiest to use and most distros use this by default.
  # Set your time zone.
-  time.timeZone = "Europe/Helsinki";
+  time.timeZone = "Asia/Singapore";
  # Configure network proxy if necessary
  # networking.proxy.default = "http://user:password@proxy:port/";
--- a/nixos/tako/disk-config.nix
+++ b/nixos/tako/disk-config.nix
@@ -3,7 +3,7 @@
    disk = {
      one = {
        type = "disk";
-        device = "/dev/nvme0n1";
+        device = "/dev/sda";
        content = {
          type = "gpt";
          partitions = {
@@ -31,7 +31,7 @@
      };
      two = {
        type = "disk";
-        device = "/dev/nvme1n1";
+        device = "/dev/sdb";
        content = {
          type = "gpt";
          partitions = {
@@ -51,7 +51,7 @@
        type = "lvm_vg";
        lvs = {
          root = {
-            size = "64G";
+            size = "128G";
            lvm_type = "mirror";
            content = {
              type = "filesystem";
@@ -72,7 +72,7 @@
            };
          };
          home = {
-            size = "256G";
+            size = "64G";
            lvm_type = "raid0";
            content = {
              type = "filesystem";
--- a/nixos/tako/services/default.nix
+++ b/nixos/tako/services/default.nix
@@ -6,22 +6,22 @@
    ./excalidraw.nix
    ./fail2ban.nix
    ./flaresolverr.nix
-    ./games
+    # ./games
    ./gitea.nix
    ./homepage.nix
    # ./immich.nix
    ./immich.nix
    # ./llama.nix
    ./lldap.nix
-    ./monitoring.nix
+    # ./monitoring.nix
-    ./nextcloud.nix
+    # ./nextcloud.nix
    # ./paperless.nix
    ./prowlarr.nix
    ./resolved.nix
    ./searxng.nix
    ./tailscale.nix
-    ./headscale.nix
+    # ./headscale.nix
-    ./shitpost.nix
+    # ./shitpost.nix
  ];
  services = {
    nix-serve = {