homeserver i guess

flake.nix

@@ -154,22 +154,32 @@
         path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.kittykat;
       };
     };
-    nixosConfigurations.pirate = nixpkgs.lib.nixosSystem {
+
+    nixosConfigurations.overlord = nixpkgs.lib.nixosSystem {
       inherit system;
       specialArgs = {inherit inputs;};
       modules = [
-        ./hosts/pirate/configuration.nix
+        ./hosts/overlord/configuration.nix
         nixarr.nixosModules.default
         agenix.nixosModules.default
         inputs.disko.nixosModules.disko
       ];
     };
-    deploy.nodes.pirate = {
-      hostname = "pirate";
+
+    deploy.nodes.overlord = {
+      hostname = "overlord";
       profiles.system = {
         sshUser = "root";
         user = "root";
-        path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.pirate;
+        path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.overlord;
+      };
+    };
+    deploy.nodes.beatrice = {
+      hostname = "beatrice";
+      profiles.system = {
+        sshUser = "root";
+        user = "root";
+        path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.beatrice;
       };
     };
     checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;

hosts/beatrice/configuration.nix

@@ -44,6 +44,9 @@
       };
     };
   };
+  environment.systemPackages = [
+    pkgs.jdk17_headless
+  ];
 
   system.stateVersion = "25.05"; # Did you read the comment?
 }

hosts/overlord/configuration.nix

@@ -0,0 +1,18 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  imports = [
+    ./hardware-configuration.nix
+    ./disko.nix
+    ../../modules/nixos/networking/ssh.nix
+    ../../modules/nixos/users/tulg.nix
+    ../../modules/servers/common.nix
+    ../../modules/servers/per-host/overlord/nixarr.nix
+  ];
+
+  networking.hostName = "overlord";
+  system.stateVersion = "25.05";
+}

hosts/overlord/disko.nix

@@ -1,16 +1,15 @@
 {
   disko.devices = {
     disk = {
-      main = {
+      nixos = {
         type = "disk";
-        device = "/dev/sda";
+        device = "/dev/nvme0n1";
         content = {
           type = "gpt";
           partitions = {
             boot = {
               size = "1M";
-              type = "EF02";
-              priority = 1;
+              type = "EF02"; # for grub MBR
             };
             ESP = {
               size = "512M";

hosts/overlord/hardware-configuration.nix

@@ -0,0 +1,32 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}: {
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "sd_mod"];
+  boot.initrd.kernelModules = ["dm-snapshot"];
+  boot.kernelModules = ["kvm-amd"];
+  boot.extraModulePackages = [];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp8s0.useDHCP = lib.mkDefault true;
+  fileSystems."/mnt/2tbhdd" = {
+    device = "/dev/disk/by-uuid/29c2878a-6b8b-4719-addc-ed57dd647d7b";
+    fsType = "ext4";
+  };
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

hosts/pirate/hardware-configuration.nix

@@ -1,17 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  modulesPath,
-  ...
-}: {
-  imports = [
-    (modulesPath + "/profiles/qemu-guest.nix")
-  ];
-  boot.loader.grub = {
-    enable = true;
-    efiSupport = true;
-  };
-  networking.useDHCP = lib.mkDefault true;
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-}

modules/servers/common.nix

@@ -1,22 +1,9 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}: {
-  imports = [
-    ./hardware-configuration.nix
-    ./disko.nix
-    ./nixarr.nix
-    ../../modules/nixos/networking/ssh.nix
-    ../../modules/nixos/users/tulg.nix
-  ];
-
-  networking.hostName = "pirate";
+{pkgs, ...}: {
   environment.systemPackages = with pkgs; [
     nano
     fastfetch
     kitty
+    jdk17_headless
   ];
   services.openssh = {
     settings = {
@@ -31,5 +18,4 @@
 
   nixpkgs.config.allowUnfree = true;
   nix.settings.experimental-features = ["nix-command" "flakes"];
-  system.stateVersion = "25.05";
 }

modules/servers/per-host/overlord/nixarr.nix

@@ -4,8 +4,8 @@
     # These two values are also the default, but you can set them to whatever
     # else you want
     # WARNING: Do _not_ set them to `/home/user/whatever`, it will not work!
-    mediaDir = "/data/media";
-    stateDir = "/data/media/.state/nixarr";
+    mediaDir = "/mnt/2tbhdd/nixarr/media";
+    stateDir = "/mnt/2tbhdd/nixarr/.state/nixarr";
 
     vpn = {
       enable = false;
@@ -61,5 +61,5 @@
     sonarr.enable = false;
   };
   services.prowlarr.settings.auth.required = "DisabledForLocalAddresses";
-  networking.firewall.allowedTCPPorts = [6881];
+  networking.firewall.allowedTCPPorts = [6881 8085 8096];
 }