From 5c56bcb727d52f74b458a7b2e5e67fa3a52e4c5b Mon Sep 17 00:00:00 2001
From: Simon Bruder <simon@sbruder.de>
Date: Sat, 17 Oct 2020 23:18:22 +0200
Subject: [PATCH] Add sayuri

---
 machines/sayuri/README.md                   |  18 ++++++++
 machines/sayuri/configuration.nix           |  43 ++++++++++++++++++++
 machines/sayuri/hardware-configuration.nix  |  33 +++++++++++++++
 machines/sayuri/secrets/data_luks_key       | Bin 0 -> 4118 bytes
 machines/sayuri/secrets/wg-home_private_key | Bin 0 -> 67 bytes
 5 files changed, 94 insertions(+)
 create mode 100644 machines/sayuri/README.md
 create mode 100644 machines/sayuri/configuration.nix
 create mode 100644 machines/sayuri/hardware-configuration.nix
 create mode 100644 machines/sayuri/secrets/data_luks_key
 create mode 100644 machines/sayuri/secrets/wg-home_private_key

diff --git a/machines/sayuri/README.md b/machines/sayuri/README.md
new file mode 100644
index 0000000..dc148e7
--- /dev/null
+++ b/machines/sayuri/README.md
@@ -0,0 +1,18 @@
+# sayuri
+
+## Hardware
+
+HP Z440 workstation.
+
+ * [Intel Xeon E5-1620 v4](https://ark.intel.com/content/www/us/en/ark/products/92991/intel-xeon-processor-e5-1620-v4-10m-cache-3-50-ghz.html)
+ * 16 GiB DDR4 ECC memory
+ * 256GB micron SSD
+ * Sapphire Nitro+ Radeon RX 480
+
+## Purpose
+
+FIMXE
+
+## Name
+
+Sayuri Kurata is a student from *Kanon*
diff --git a/machines/sayuri/configuration.nix b/machines/sayuri/configuration.nix
new file mode 100644
index 0000000..c55bd4e
--- /dev/null
+++ b/machines/sayuri/configuration.nix
@@ -0,0 +1,43 @@
+{ config, pkgs, ... }:
+
+{
+  imports =
+    [
+      ./hardware-configuration.nix
+      ../../modules/cpu/intel.nix
+      ../../modules/gpu/amd.nix
+      (import ../../modules/libvirt.nix { inherit pkgs; gui = true; })
+      ../../modules/restic.nix
+      ../../modules/ssd.nix
+      ../../profiles/base.nix
+      ../../profiles/dev.nix
+      ../../profiles/gui.nix
+      ../../users/simon/base.nix
+    ];
+
+  boot.loader.grub.device = "/dev/disk/by-id/ata-MTFDDAK256TBN-1AR15ABHA_UFZMQ01ZR50NMM";
+
+  boot.initrd.luks.devices = {
+    root = {
+      name = "root";
+      device = "/dev/disk/by-uuid/d7e4d213-8a13-4059-a011-0f68081e86d8";
+      preLVM = true;
+      allowDiscards = true;
+    };
+  };
+
+  fileSystems.data = {
+    mountPoint = "/data";
+    device = "/dev/mapper/data";
+    encrypted = {
+      label = "data";
+      enable = true;
+      blkDev = "/dev/disk/by-uuid/576088d4-9aae-4159-a028-feadb2621a1a";
+      keyFile = "/mnt-root" + toString ./secrets/data_luks_key;
+    };
+  };
+
+  networking.hostName = "sayuri";
+
+  networking.wireguard.interfaces.wg-home.ips = [ "10.80.0.5/24" ];
+}
diff --git a/machines/sayuri/hardware-configuration.nix b/machines/sayuri/hardware-configuration.nix
new file mode 100644
index 0000000..e993cc3
--- /dev/null
+++ b/machines/sayuri/hardware-configuration.nix
@@ -0,0 +1,33 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [
+      (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "usb_storage" "usbhid" "sd_mod" ];
+  boot.initrd.kernelModules = [ "dm-snapshot" ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    {
+      device = "/dev/disk/by-uuid/024e31ab-aa98-4070-95be-7980043541ac";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    {
+      device = "/dev/disk/by-uuid/c5bde64b-c629-438d-a78b-c4341796dae9";
+      fsType = "ext2";
+    };
+
+  swapDevices =
+    [{ device = "/dev/disk/by-uuid/78f5277f-a6e5-4297-99cd-d3ea5de5317e"; }];
+
+  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+}
diff --git a/machines/sayuri/secrets/data_luks_key b/machines/sayuri/secrets/data_luks_key
new file mode 100644
index 0000000000000000000000000000000000000000..cac47d4ea98567ba7db3b76a445bd2ffbf8a11bb
GIT binary patch
literal 4118
zcmV+x5b5s#M@dveQdv+`0N=o?S@nASE_09Pn+OOZ{!v|v89#WC;4JF&;bv}z;dL*H
ztO{teT=R^OBsU3<_44{7Vc2}`>H13OiOMyo&-ZqWkCqqgL4$UQmJ%OQ+er2e>n^}=
zY$uz_Apy5zVzfU_{x!^vbT~3bE}16j?^nUI3Zz~JI|;jfMRO)WZ=*qpm*uH6VB_&)
z&hFZlt_L_}fB3F`YTr!`(0*(^*f91MsZaHoP*q9wi*ihf)T1-M<eJOC427xCE|?9~
z;YlVb60|Fb!{MReapAkNQ>X|l69QR}XMe$%_e0QVyX+q@s8lo>q#Sg}(C70m)^yTn
zHZk`kPm<4VtjUouD#v4*>q`$~f~L~kuRemDZ5Hx9v;^t~Np_9gv{p@Bqf=args4tR
zyU9Xwu&AeP>&Rkcd@xUj4`!a`f4R|nS_7w1<Pl2F=xDYhISlwL+~A6q?HWDjnh)~F
z2#9V@XrfJx=ZE(ky46ymjlg_Ap%t=WGXZNUmq{axo_so?Y(~?aH=IH7NJ=SbXkoDG
z8<7d*g@L#(Py<NI2|Gghrmj{Q*id)cIMl*lw}4UFXS<A8#j2Nwb=S_X<_QZRLueIZ
zO5h#^eiZS{o#hFTOOC6h=UcZ3z#%92tou!AOpwPF5f6A0(V)F9J!Mi91@l(5ydP(V
zdb<#h_QVLD9sTit>B6Cbg=Tk78D@;80VvA2yHI(VMK1pR+i#!A$7W*=d~-k{Y5X^;
z^tp<eff}o=qRlCSka)tOP(f^&m7g_iRfo~iErKex1vIUEJNz{YSKbT_AhYPV_>Y}g
zAmSPHxf7jR?Gf>pgzw4<sk<Uw{TwEFj6&NBIL0DEM=H=2h{-IB#t$AJ(}jk45(>1E
z_U7k3s-qUg{3!rrPI%r*<hOX$Jx}*i;{itC@uV{fZbxGiZ*a!_l@_n2OSJ?ry?#5f
z;7XCD!@Z^9HKdw%83x-F?6GrLWAAT{*iDSM2|x+-bY<jEq30}SzmdvBcbU!U*ZLTs
z8nBG+I80bcjRJ(U&UN(zNa%bD<T`TF2yf&S=>$I#U$dYlPz~ORuR-In;x3Rz7O(~A
zkGg(6*+IXkfMktLeBY2qV9;@v|I%y>lyt%)ut?8_3GMfB0Gkc@WHv?6Yp+qCZVO3v
zf3fz-&CIetG?9K&(Y+vJ?EF_G1=SL?6b>Ag)!bd#SciO3Lp%6aAl9A8))*DW7pjR>
zC%+~VF_o&ghky;WJvPrA?}(b5<jOEQ$(kR-Ui`cw$P+AJyfQfMhfVx9jvNN94uqVx
zL!~#Fxy7Zyb|nJlvxp;kP=+{g+gPk4;IzlUmgw_ih?7QMub3w0{|_0wh@god3DK>I
zoe-FdeVl?QH1~2*aO$p_@EJrTA<rY@t(UmXWes*t$!Z$Z-gV@+Ci03P%QKIDl+Oq$
z&X}qix+7(G!RjzW8-A+@QO~bJ%Y+laqi3NPBFP015=uRwO$%9_hZ!LtH)i%B<s3zT
zc(ikFmsmVzhHnL$cymj3>T~?-7nmqr0;3wok7{zzMd)x2ns@veqA)v#9;6VYsnEAI
zY#CUhb%J7tP4l=ajm%zRkq$l;@^hQd5-NFrxZ&w5BEn&$Ey$cKt9YR>x)de@&P7AM
zHX=fuY1V8n(yThyNNe580Lc!1@kp*6dlXe)qroy@ve|aL$xnEE#Q<%jeH);%3YnnJ
zu3Q!3hcRG_DE0&goKic8*r4bUa4ZOs`w0NulP!6zZGW-SE20&f=An;4>aQgaAA1j@
zjLOlI;~~KAIvg^9JThyNmfIvzw)5a1C5<ruL@h!r{`N_MgSNB?Pu=TF&*)9o;@`qJ
zNO``bux_Iy;^FPpCsH#`gi&EAvJuZt7cvoT21~?eo1L5tv%NPTPk)vm6p=Q~;H{5S
z_Y!6Hqcf7dF0eHOmL3lYJX?D<tM!~S5P-RiiUq7xVtMdDcWq2VUBt4Gxm?^OcaVJq
z%344G)}w|tKuwgf6_s_Z`2A?tAn))zJ4D^VPI6hD7~=s^I0Tr{Q18?+9~RG}+}^Vv
z`eKv{_-hKI*M|oO3LBM|vZrt9Mho4<wLqM>fqEm;<8f-u6v|sdW9qF;&x&Z+lY_=v
ze$xLQ*s@a6t=}mqaw`n(^Qf(RSy7!$h=FTBacUxwF&i{gqS<Ot-BM_n_#ys)p9OZ-
zy<2+{rg_xLf}alem3>#U2JZS)hU;d0q8u|6SH$w;U`O{+Woc5N7$p;VJgtAr;d<^`
zkTsNhmcfCKo4RJAmH><2J1}Q9F>2g_G*-Q16s$54OJiviuY(Ew)qgc%(SzgNnduCu
z3FHHouQtrIyJVcXzrZ&5TRCihswzJLryF!y=2#b_XlsgoX%e^l>$SXcwg+{{Lral@
zR(JeMXm+27FmMn4&W1DS5&af!LE;j7$sSUO#}h`qnTe!+yCCJF;S=iM%VOa@dn9Vo
z)CehA6cuoNGn5~Gu&dyglpxHDia0kS!ck~&4%jD2a+dWCoLTPBiIzW0m#EaVCp8`z
z913YAv^%ZlAb0!evqTxG+9Xk7q2Tl_Ci~C0o_*_~T)(iWmHSIT9BSVxy&$5b+O7iO
zbEX(E!31d*!JJ#v`6&2t$Dp6<(k8L<!l!qJdu+(I_Vr+xpw`z`>9Oh$wsKS&Tu=hE
zvIr`0z(yiU7R12_O|XM&Gd*m<z+?29N6r~7j`{woH)txE>9<5>iBE-&{=QI&Jn*BC
zaML_VI}g_wo?W+3Qu`~Yi+ibjyxxL4o+e?JRK)vg)g1INR_GggL>Z$+$IGO$Stwh&
z5OwP<;p2Rx;5Csh?}0&2VBG-B!#mQ3kjge%iOna2l(zRL{Bh9O5ovO?;W#-ha#3*A
zrx?P>B~bIO5NGPX)0-r`8smQe>;?ucob<#PsC4yZPr1xnW@O9Z8iMq-;77b72RRlf
zU4;=59sGV)4`VI`M(h!Bkh)?J!6e?O9_3vo&X-OWKX2FO0$s08Eilwh=`sU|fs`jp
z{<f>j_=5BRu9mF7VJyR6AwyeNRj(}qV)pkKhDcXx8Z>B-?r=F4mEyA*Sz*N9wc?a`
zi%yY*BX!GYL$Q)SjLa}6GnY^OW}3Izo#7D<+Q5WHfcrhA4w{5{OgAbj`!W4UD|2o_
z<l%PAd`*Rd@Mocrf|hMBJBE^izmFjAR7bH;BNXEgXJSiW%VSlb+_`@$iMh+XHhT6_
zwR!A$(mfjfr8!Ss1hos3CO~RqZ=#&$fx6lhXvZhE(Vr;E?_|0?xSTm#(M=;ewS5BD
z_2vfryM~+z$5+vpyN2QXGSZ(ayxuM@4A3+zE*Iw$$wuKmB5lU3pKWzCD(Ar#B~i~7
z+zTL!s}(jE`s@xy-*#14HwU@<htvHlG$KO+0VVxamjMR&Kv`!0A)Xh<CE+Q1_=cp{
z?02X=Qm06i;mdiTX1W#?T|i+J>_TidNq8K^2cP@a(IHD&j4o#cQPMh0OAYncuHLz9
zY$~~oDu8XKk5l9lhLJ!G7nARs4|v)@#`r&i;;EdyF}*H1UX-4;Kt|f~+#c1l_6u(i
zm2U7XQ&8&~HiM%`Be|J@EBEcdi5udn<?2pvZdg1KJ%MOpEN#D0rq3PE=>H(npM3i7
zlap$a0sPUm5|Hpms5x2>Ul{ta`xx%XRd-j8HC(<5#yng@2&X#`oKgaFkF~2L5+@nQ
zwDu?>jp?kVSr7t>8Gfy+yf4nV)XA;RCuD$!u140kx~--?X~C1<xf${3LD3k-Yf?^T
z?a-wo%=)0vtaDCnR<wQmBzs-5h=8&CtDE^GO#fMfbheCn#O@6jN-eC(Lw3d`NW?s$
zA1iF2=N)8y9t)-sighBkcS4lvfWb3FcgoEE2on<`PTg0@0IZyvnKZkC7AI*wUJSu6
z3uiA>w(|T+P#6L)3N76qGesB{0#wN7?;{Ub<15lN$(b4R0rABOR34h1mip|c$eXA#
zevc^0&MR=5_LYYAHUps>x%@a|;MPIs>@vC97Z?(@HR430f8~|6hzG&vgFI7BI@RT?
z0BZVuAfLgAyCQje=@7+>Ak^bc<}-{oXEsuzvBI#nHniGPp`uiDybR6<b|2?i64SnT
z-@V;B$|J!SSEW>h`w|Lh*}&7q!@<ebdkxT%&5WZ_tgVmvt-o9)a1}Y;b(oT?Ce<tp
zb<x}PWj3G<X7`ux5)t~fR_I2bfHaCzt+_kW6>B_Vi)}ke+Yv(BsS%I5-x|MpWx%Sj
z<s-;oGTl!{*M>0cUpMI66Q0DpdS7U=>eDc4C!s{L?VJc@ECCD4IQ()AqHaBnKElq8
zU#?OWL=SVI8Q<(uEW%^0Ua|6AS6gIk^PSVp@Rve&<}Z`_dD(K6r3@l^8wd2U+YvFs
zi}kcxWdnMF3_$~k_V#jDDhWne5u_5Mm~TJ$WD|LO*>Ql0BMC}16lvmj<7G+>MT6ML
z5FLWC2jMK2a;pCs{YP<(LH3U%7igWgd?U-MXy0kmqaaf1COT{HAUwg;C(OrF20(T0
zcYRE=Ffj+Lhjn)OevYa;dp<L`ogA19D6Uddb%fOV^s(*M3Ra;#v4z{)Vzz(WR5%bt
zLYJy$FaH(@CVO+&+PTyecsI)_+#{#T11z0?uRnmk8P4nxX#`HSJB#^T*{rY>T#e!N
z0_#b8F#jGi8$6`~VTLRo_}i{<BEHvW{4cJ4q$BqMj6qbKv_xR4qAhN;hjSf&Azgc$
z<%T+BnKaTdfEa-EgFt^&-reOEH?t>iNpL;c3flNy2$ce^Xp?K+&;olgJ*~Qk8IDu3
zU|2eLc&B#9c;}gjJZ6eN!Q${qO0$z-thXC!9q%GXn3AEnzJNX9zKsaQl}IsFgD6nl
z88Y)QLJmvDyipth;v>n_8nLVOQijKal_Mm$5EmrRWH~=DN5h;-uKOG5roLligB@K6
zOVzv2V<L8v?PCZvZ+cS_n`?HwpPF-)*US7JV|r$R<L%4ONzYDAx3k^qm(^O(*V0VV
zx1!jZP7eh5mz@0SF5`r^g82JUgBR_yqgKDo?Uf+iGuz!1mkOCPi^5pDD)#XV${WzT
zLR75uxk0wk2Yqf1P&k+LeS<7nAw`~-Cq5M(U-ok-WseR{rMl!cmlM)^Gv|^1%`z(A
z9p24>Cy0V%yTy$g*$<>lK<mO9CHY9glBK~Qw_?ZM)Nl>)a8@5W8D&T0L8iN4O`)|J
z;~_)(J?>8j@grX5gB)VLJ~C+YBZNg2yg~a{X=&#%g1Oyf@kmAeb{jphFPD0N#CC8b
zajHGJ<*R<<^rDVDESO1#VnhT~P{h<xA0372caVmTg9mDz9y}lj2k}-=I~7kYsR0_+
zIzXq06I3p04nY~&+LR7*-lTKvFO_iCxO`hbt$1;<iHR@{f)?D)3NSznfz^(2J6eRo
U3^1R#cb;R1#au2T;@k!po{bCMZvX%Q

literal 0
HcmV?d00001

diff --git a/machines/sayuri/secrets/wg-home_private_key b/machines/sayuri/secrets/wg-home_private_key
new file mode 100644
index 0000000000000000000000000000000000000000..321042c65d2f89eb448b0508320904281f817eb4
GIT binary patch
literal 67
zcmV-J0KESIM@dveQdv+`03f!!@a3s5_Cx%D9uUS&lv7moF#Q*IqnDu8^sq3IP9BG^
ZZ9jlaZDJ{l>LryI-zmUaEKJK{v*i89A7TIi

literal 0
HcmV?d00001