From 061e17c42e3e23753dcaf046f8c98524b5b6f4fd Mon Sep 17 00:00:00 2001
From: jalr <mail@jalr.de>
Date: Sun, 18 Jul 2021 17:45:25 +0200
Subject: [PATCH 1/4] machines/raven: add nat

---
 machines/raven/configuration.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/machines/raven/configuration.nix b/machines/raven/configuration.nix
index 1596aa7..3dac7be 100644
--- a/machines/raven/configuration.nix
+++ b/machines/raven/configuration.nix
@@ -33,6 +33,11 @@
         prefixLength = 24;
       }];
     };
+    nat = {
+      enable = true;
+      externalInterface = "jt";
+      internalInterfaces = "labdev";
+    };
   };
 
   i18n.defaultLocale = "en_US.UTF-8";
-- 
2.51.2


From 32bd07f9c82799f7c117e379aac46dfa060611d4 Mon Sep 17 00:00:00 2001
From: Simon Bruder <simon@sbruder.de>
Date: Sun, 18 Jul 2021 19:31:37 +0200
Subject: [PATCH 2/4] machines/raven: remove stray neovim in environment

---
 machines/raven/configuration.nix | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/machines/raven/configuration.nix b/machines/raven/configuration.nix
index 3dac7be..01bc59f 100644
--- a/machines/raven/configuration.nix
+++ b/machines/raven/configuration.nix
@@ -60,9 +60,5 @@
 
   services.openssh.enable = true;
 
-  environment.systemPackages = with pkgs; [
-    neovim
-  ];
-
   system.stateVersion = "21.05";
 }
-- 
2.51.2


From 927fdce17f36d6a39e074c37c2b9fd40f11fc04d Mon Sep 17 00:00:00 2001
From: Simon Bruder <simon@sbruder.de>
Date: Sun, 18 Jul 2021 22:27:43 +0200
Subject: [PATCH 3/4] readme: add actual content

---
 README.md | 48 +++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 47 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 318b3f3..331840d 100644
--- a/README.md
+++ b/README.md
@@ -1 +1,47 @@
-# NixOS configurations of the FabLab Bad Windsheim
+# Nix Gscheits
+
+NixOS configurations of the FabLab Bad Windsheim
+
+## General
+
+This project uses Nix Flakes
+which currently are only available in unstable Nix.
+
+To make the project more accessible to users of stable nix,
+a compatibility layer is provided.
+If you use [direnv](https://direnv.net/),
+a wrapper for unstable nix should transparently be added to the shell.
+This might only work if you are a [trusted user](https://nixos.org/manual/nix/stable/#conf-trusted-users).
+
+Secrets for NixOS machines are managed with sops using [sops-nix](https://github.com/Mic92/sops-nix).
+The gpg keys are stored in `keys`
+and a flake app is provided for conveniently displaying the fingerprint of a stored key:
+`nix run .#showKeyFingerprint machines/raven`
+
+### Directory structure
+
+ * `machines`: NixOS configurations for machines.
+ * `modules`: Modules that either alter default values
+   or add modules that can be enabled via options.
+ * `pkgs`: nixpkgs overlay for packages not in nixpkgs.
+
+## Deployment
+
+The deployment uses [krops](https://github.com/krebs/krops)
+(more precisely [Mic92’s fork with flake support](https://github.com/Mic92/krops)).
+
+If your public key is installed for root on the target system,
+deploying is as easy as `nix run .#deploy/hostname`.
+
+Building a configuration locally is possible by running `nixos-rebuild build --flake .#HOSTNAME`
+or on systems with stable Nix (using the compatibility wrapper) `nix build .#nixosConfigurations.HOSTNAME.config.system.build.toplevel`.
+
+## License
+
+This project is licensed under the MIT license.
+For details, please see the [COPYING](./COPYING) file.
+
+Note: The MIT license does not apply to the built packages or system closures,
+only to the source files in this repository.
+It also might not apply to patches included in this repository,
+which may be derivative works.
-- 
2.51.2


From d9de3976fc5a5ef4060ce6546b2e02272cff6795 Mon Sep 17 00:00:00 2001
From: Simon Bruder <simon@sbruder.de>
Date: Sun, 18 Jul 2021 22:31:18 +0200
Subject: [PATCH 4/4] WIP: machines/raven: add readme

---
 machines/raven/README.md | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 machines/raven/README.md

diff --git a/machines/raven/README.md b/machines/raven/README.md
new file mode 100644
index 0000000..ff1372d
--- /dev/null
+++ b/machines/raven/README.md
@@ -0,0 +1,22 @@
+# raven
+
+## setup
+
+```bash
+parted -s /dev/sda -- \
+    mktable GPT \
+    mkpart primary fat32 1MiB 1GiB \
+    set 1 esp on \
+    mkpart primary ext2 1GiB 100%
+
+mkfs.vfat -i 0FEAFAF6 /dev/sda1
+
+cryptsetup luksFormat --type luks2 --uuid=ad04bc72-bc84-42e3-856f-152c162ad88c /dev/sda2
+cryptsetup open --type luks2 /dev/sda2 cryptroot
+
+mkfs.btrfs -U 1ac13504-fb49-4739-a0e3-f87a3f840fb1 /dev/mapper/cryptroot
+
+mount -o compress=zstd /dev/mapper/cryptroot /mnt
+mkdir /mnt/boot
+mount /dev/sda1 /mnt/boot
+```
-- 
2.51.2