Customizing and adding another host.
This commit is contained in:
parent
cc530d3d5f
commit
6338821f64
15 changed files with 792 additions and 40 deletions
496
flake.lock
Normal file
496
flake.lock
Normal file
|
@ -0,0 +1,496 @@
|
|||
{
|
||||
"nodes": {
|
||||
"crane": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1699217310,
|
||||
"narHash": "sha256-xpW3VFUG7yE6UE6Wl0dhqencuENSkV7qpnpe9I8VbPw=",
|
||||
"owner": "ipetkov",
|
||||
"repo": "crane",
|
||||
"rev": "d535642bbe6f377077f7c23f0febb78b1463f449",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "ipetkov",
|
||||
"ref": "v0.15.0",
|
||||
"repo": "crane",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"dream2nix": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nix-inspect",
|
||||
"nci",
|
||||
"nixpkgs"
|
||||
],
|
||||
"purescript-overlay": "purescript-overlay",
|
||||
"pyproject-nix": "pyproject-nix"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709959559,
|
||||
"narHash": "sha256-Gb+tUU+clGKVBwiznTQf0emZZ+heALqoVwUgI0O13L8=",
|
||||
"owner": "nix-community",
|
||||
"repo": "dream2nix",
|
||||
"rev": "42838c590971da17a4b6483962707b7fb7b8b9a7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "dream2nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-compat": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1696426674,
|
||||
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils": {
|
||||
"inputs": {
|
||||
"systems": "systems"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1710146030,
|
||||
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"home-manager": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1718788307,
|
||||
"narHash": "sha256-SqiOz0sljM0GjyQEVinPXQxaGcbOXw5OgpCWGPgh/vo=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "d7830d05421d0ced83a0f007900898bdcaf2a2ca",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"ref": "master",
|
||||
"repo": "home-manager",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"impermanence": {
|
||||
"locked": {
|
||||
"lastModified": 1717932370,
|
||||
"narHash": "sha256-7C5lCpiWiyPoIACOcu2mukn/1JRtz6HC/1aEMhUdcw0=",
|
||||
"owner": "nix-community",
|
||||
"repo": "impermanence",
|
||||
"rev": "27979f1c3a0d3b9617a3563e2839114ba7d48d3f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "impermanence",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"mk-naked-shell": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1681286841,
|
||||
"narHash": "sha256-3XlJrwlR0nBiREnuogoa5i1b4+w/XPe0z8bbrJASw0g=",
|
||||
"owner": "yusdacra",
|
||||
"repo": "mk-naked-shell",
|
||||
"rev": "7612f828dd6f22b7fb332cc69440e839d7ffe6bd",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "yusdacra",
|
||||
"repo": "mk-naked-shell",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nci": {
|
||||
"inputs": {
|
||||
"crane": "crane",
|
||||
"dream2nix": "dream2nix",
|
||||
"mk-naked-shell": "mk-naked-shell",
|
||||
"nixpkgs": [
|
||||
"nix-inspect",
|
||||
"nixpkgs"
|
||||
],
|
||||
"parts": "parts",
|
||||
"rust-overlay": "rust-overlay",
|
||||
"treefmt": "treefmt"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1710137478,
|
||||
"narHash": "sha256-+hbUWY1PEItyx3CBOGsHlJEDO2wRY2N1mpBhiLBblck=",
|
||||
"owner": "yusdacra",
|
||||
"repo": "nix-cargo-integration",
|
||||
"rev": "f3cc8751427e16ec48c0467357b3f3979a53ae9c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "yusdacra",
|
||||
"repo": "nix-cargo-integration",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix-index-database": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1718507237,
|
||||
"narHash": "sha256-xBEWCxWeRpWQggFFp8ugJCDa63cOJsVvx71R9F0Eowg=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nix-index-database",
|
||||
"rev": "6af2c5e58c20311276f59d247341cafeebfcb6f4",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "nix-index-database",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix-inspect": {
|
||||
"inputs": {
|
||||
"nci": "nci",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"parts": "parts_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1717293583,
|
||||
"narHash": "sha256-Upz+fnWJjzt5WokjO/iaiPbqiwSrqpWjrpcFOqQ4p0E=",
|
||||
"owner": "bluskript",
|
||||
"repo": "nix-inspect",
|
||||
"rev": "c55921e1d1cf980ff6351273fde6cedd5d8fa320",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "bluskript",
|
||||
"repo": "nix-inspect",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix-vscode-extensions": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat",
|
||||
"flake-utils": "flake-utils",
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1718846729,
|
||||
"narHash": "sha256-3I+g3oxXPfEb496qEkwTooJ0hI/PN0vsJQU8GxW/0UA=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nix-vscode-extensions",
|
||||
"rev": "234ea51e28005f0ff2dc1a8b0e9331eb419a145b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "nix-vscode-extensions",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixos-hardware": {
|
||||
"locked": {
|
||||
"lastModified": 1718894893,
|
||||
"narHash": "sha256-hxQBUtDbFOCCW1CsFZTS9Q5Ov1ZKdJgbBZHSez1M6iA=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixos-hardware",
|
||||
"rev": "083823b7904e43a4fc1c7229781417e875359a42",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "master",
|
||||
"repo": "nixos-hardware",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1709961763,
|
||||
"narHash": "sha256-6H95HGJHhEZtyYA3rIQpvamMKAGoa8Yh2rFV29QnuGw=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "3030f185ba6a4bf4f18b87f345f104e6a6961f34",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-stable": {
|
||||
"locked": {
|
||||
"lastModified": 1718478900,
|
||||
"narHash": "sha256-v43N1gZLcGkhg3PdcrKUNIZ1L0FBzB2JqhIYEyKAHEs=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "c884223af91820615a6146af1ae1fea25c107005",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "release-23.11",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1718714799,
|
||||
"narHash": "sha256-FUZpz9rg3gL8NVPKbqU8ei1VkPLsTIfAJ2fdAf5qjak=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "c00d587b1a1afbf200b1d8f0b0e4ba9deb1c7f0e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nur": {
|
||||
"locked": {
|
||||
"lastModified": 1718898304,
|
||||
"narHash": "sha256-0bYagVoLe12JbB/JCTrSb0to41Y/odrqMIbKcszApNM=",
|
||||
"owner": "nix-community",
|
||||
"repo": "NUR",
|
||||
"rev": "e45d69976a66cdee301f3145063033e540f0621e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "NUR",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"parts": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": [
|
||||
"nix-inspect",
|
||||
"nci",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709336216,
|
||||
"narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"parts_2": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": [
|
||||
"nix-inspect",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709336216,
|
||||
"narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"purescript-overlay": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nix-inspect",
|
||||
"nci",
|
||||
"dream2nix",
|
||||
"nixpkgs"
|
||||
],
|
||||
"slimlock": "slimlock"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1696022621,
|
||||
"narHash": "sha256-eMjFmsj2G1E0Q5XiibUNgFjTiSz0GxIeSSzzVdoN730=",
|
||||
"owner": "thomashoneyman",
|
||||
"repo": "purescript-overlay",
|
||||
"rev": "047c7933abd6da8aa239904422e22d190ce55ead",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "thomashoneyman",
|
||||
"repo": "purescript-overlay",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"pyproject-nix": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1702448246,
|
||||
"narHash": "sha256-hFg5s/hoJFv7tDpiGvEvXP0UfFvFEDgTdyHIjDVHu1I=",
|
||||
"owner": "davhau",
|
||||
"repo": "pyproject.nix",
|
||||
"rev": "5a06a2697b228c04dd2f35659b4b659ca74f7aeb",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "davhau",
|
||||
"ref": "dream2nix",
|
||||
"repo": "pyproject.nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"home-manager": "home-manager",
|
||||
"impermanence": "impermanence",
|
||||
"nix-index-database": "nix-index-database",
|
||||
"nix-inspect": "nix-inspect",
|
||||
"nix-vscode-extensions": "nix-vscode-extensions",
|
||||
"nixos-hardware": "nixos-hardware",
|
||||
"nixpkgs": "nixpkgs_2",
|
||||
"nur": "nur",
|
||||
"sops-nix": "sops-nix"
|
||||
}
|
||||
},
|
||||
"rust-overlay": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1710123130,
|
||||
"narHash": "sha256-EoGL/WSM1M2L099Q91mPKO/FRV2iu2ZLOEp3y5sLfiE=",
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"rev": "73aca260afe5d41d3ebce932c8d896399c9d5174",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"slimlock": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nix-inspect",
|
||||
"nci",
|
||||
"dream2nix",
|
||||
"purescript-overlay",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1688610262,
|
||||
"narHash": "sha256-Wg0ViDotFWGWqKIQzyYCgayeH8s4U1OZcTiWTQYdAp4=",
|
||||
"owner": "thomashoneyman",
|
||||
"repo": "slimlock",
|
||||
"rev": "b5c6cdcaf636ebbebd0a1f32520929394493f1a6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "thomashoneyman",
|
||||
"repo": "slimlock",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"sops-nix": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"nixpkgs-stable": "nixpkgs-stable"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1718506969,
|
||||
"narHash": "sha256-Pm9I/BMQHbsucdWf6y9G3xBZh3TMlThGo4KBbeoeczg=",
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "797ce4c1f45a85df6dd3d9abdc53f2691bea9251",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"treefmt": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nix-inspect",
|
||||
"nci",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1710088047,
|
||||
"narHash": "sha256-eSqKs6ZCsX9xJyNYLeMDMrxzIDsYtaWClfZCOp0ok6Y=",
|
||||
"owner": "numtide",
|
||||
"repo": "treefmt-nix",
|
||||
"rev": "720322c5352d7b7bd2cb3601a9176b0e91d1de7d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "treefmt-nix",
|
||||
"type": "github"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
"version": 7
|
||||
}
|
183
flake.nix
183
flake.nix
|
@ -0,0 +1,183 @@
|
|||
{
|
||||
description = "My NixOS flake";
|
||||
|
||||
inputs = {
|
||||
# Nixpkgs and unstable
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||
|
||||
# impermanence
|
||||
# https://github.com/nix-community/impermanence
|
||||
impermanence.url = "github:nix-community/impermanence";
|
||||
|
||||
# Nix User Repository: User contributed nix packages
|
||||
nur.url = "github:nix-community/NUR";
|
||||
|
||||
# nix-community hardware quirks
|
||||
# https://github.com/nix-community
|
||||
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
|
||||
|
||||
# home-manager - unstable
|
||||
# https://github.com/nix-community/home-manager
|
||||
home-manager = {
|
||||
url = "github:nix-community/home-manager/master";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
# sops-nix - secrets with mozilla sops
|
||||
# https://github.com/Mic92/sops-nix
|
||||
sops-nix = {
|
||||
url = "github:Mic92/sops-nix";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
# VSCode community extensions
|
||||
# https://github.com/nix-community/nix-vscode-extensions
|
||||
nix-vscode-extensions = {
|
||||
url = "github:nix-community/nix-vscode-extensions";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
# nix-index database
|
||||
# https://github.com/nix-community/nix-index-database
|
||||
nix-index-database = {
|
||||
url = "github:nix-community/nix-index-database";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
# nix-inspect - inspect nix derivations usingn a TUI interface
|
||||
# https://github.com/bluskript/nix-inspect
|
||||
nix-inspect = {
|
||||
url = "github:bluskript/nix-inspect";
|
||||
};
|
||||
};
|
||||
|
||||
outputs =
|
||||
{ self, nixpkgs, sops-nix, home-manager, nix-vscode-extensions, impermanence, ... } @ inputs:
|
||||
let
|
||||
forAllSystems = nixpkgs.lib.genAttrs [
|
||||
"aarch64-linux"
|
||||
"x86_64-linux"
|
||||
];
|
||||
in
|
||||
rec {
|
||||
# Use nixpkgs-fmt for 'nix fmt'
|
||||
formatter = forAllSystems (system: nixpkgs.legacyPackages."${system}".nixpkgs-fmt);
|
||||
|
||||
# setup devshells against shell.nix
|
||||
# devShells = forAllSystems (pkgs: import ./shell.nix { inherit pkgs; });
|
||||
|
||||
# extend lib with my custom functions
|
||||
lib = nixpkgs.lib.extend (
|
||||
final: prev: {
|
||||
inherit inputs;
|
||||
myLib = import ./nixos/lib { inherit inputs; lib = final; };
|
||||
}
|
||||
);
|
||||
|
||||
nixosConfigurations =
|
||||
let
|
||||
inherit inputs;
|
||||
# Import overlays for building nixosconfig with them.
|
||||
overlays = import ./nixos/overlays { inherit inputs; };
|
||||
# generate a base nixos configuration with the specified overlays, hardware modules, and any extraModules applied
|
||||
mkNixosConfig =
|
||||
{ hostname
|
||||
, system ? "x86_64-linux"
|
||||
, nixpkgs ? inputs.nixpkgs
|
||||
, hardwareModules ? [ ]
|
||||
# basemodules is the base of the entire machine building
|
||||
# here we import all the modules and setup home-manager
|
||||
, baseModules ? [
|
||||
sops-nix.nixosModules.sops
|
||||
home-manager.nixosModules.home-manager
|
||||
impermanence.nixosModules.impermanence
|
||||
./nixos/profiles/global.nix # all machines get a global profile
|
||||
./nixos/modules/nixos # all machines get nixos modules
|
||||
./nixos/hosts/${hostname} # load this host's config folder for machine-specific config
|
||||
{
|
||||
home-manager = {
|
||||
useUserPackages = true;
|
||||
useGlobalPkgs = true;
|
||||
extraSpecialArgs = {
|
||||
inherit inputs hostname system;
|
||||
};
|
||||
};
|
||||
}
|
||||
]
|
||||
, profileModules ? [ ]
|
||||
}:
|
||||
nixpkgs.lib.nixosSystem {
|
||||
inherit system lib;
|
||||
modules = baseModules ++ hardwareModules ++ profileModules;
|
||||
specialArgs = { inherit self inputs nixpkgs; };
|
||||
# Add our overlays
|
||||
pkgs = import nixpkgs {
|
||||
inherit system;
|
||||
overlays = builtins.attrValues overlays;
|
||||
config = {
|
||||
allowUnfree = true;
|
||||
allowUnfreePredicate = _: true;
|
||||
};
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
"durincore" = mkNixosConfig {
|
||||
# T470 Thinkpad
|
||||
# Nix dev laptop
|
||||
hostname = "durincore";
|
||||
system = "x86_64-linux";
|
||||
hardwareModules = [
|
||||
./nixos/profiles/hw-thinkpad-t470.nix
|
||||
inputs.nixos-hardware.nixosModules.lenovo-thinkpad-t470s
|
||||
];
|
||||
profileModules = [
|
||||
./nixos/profiles/role-workstation.nix
|
||||
./nixos/profiles/role-dev.nix
|
||||
{ home-manager.users.jahanson = ./nixos/home/jahanson/workstation.nix; }
|
||||
];
|
||||
};
|
||||
|
||||
"legiondary" = mkNixosConfig {
|
||||
# Legion 15arh05h AMD/Nvidia
|
||||
# Nix gaming laptop
|
||||
hostname = "legiondary";
|
||||
system = "x86_64-linux";
|
||||
hardwareModules = [
|
||||
./nixos/profiles/hw-legion-15arh05h.nix
|
||||
inputs.nixos-hardware.nixosModules.lenovo-legion-15arh05h
|
||||
];
|
||||
profileModules = [
|
||||
./nixos/profiles/role-dev.nix
|
||||
./nixos/profiles/role-gaming.nix
|
||||
./nixos/profiles/role-workstation.nix
|
||||
{ home-manager.users.jahanson = ./nixos/home/jahanson/workstation.nix; }
|
||||
];
|
||||
};
|
||||
|
||||
"varda" = mkNixosConfig {
|
||||
# Arm64 cax21 @ Hetzner
|
||||
# forgejo server
|
||||
hostname = "varda";
|
||||
system = "aarch64-linux";
|
||||
hardwareModules = [
|
||||
./nixos/profiles/hw-hetzner-cax.nix
|
||||
];
|
||||
profileModules = [
|
||||
./nixos/profiles/role-server.nix
|
||||
{ home-manager.users.jahanson = ./nixos/home/jahanson/server.nix; }
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
# Convenience output that aggregates the outputs for home, nixos.
|
||||
# Also used in ci to build targets generally.
|
||||
top =
|
||||
let
|
||||
nixtop = nixpkgs.lib.genAttrs
|
||||
(builtins.attrNames inputs.self.nixosConfigurations)
|
||||
(attr: inputs.self.nixosConfigurations.${attr}.config.system.build.toplevel);
|
||||
in
|
||||
nixtop;
|
||||
};
|
||||
}
|
|
@ -10,6 +10,7 @@ with config;
|
|||
myHome.shell = {
|
||||
starship.enable = true;
|
||||
fish.enable = true;
|
||||
wezterm.enable = true;
|
||||
|
||||
git = {
|
||||
enable = true;
|
||||
|
|
|
@ -22,7 +22,7 @@ with lib.hm.gvariant; {
|
|||
"org/gnome/shell" = {
|
||||
disabled-extensions = [ "apps-menu@gnome-shell-extensions.gcampax.github.com" "light-style@gnome-shell-extensions.gcampax.github.com" "places-menu@gnome-shell-extensions.gcampax.github.com" "drive-menu@gnome-shell-extensions.gcampax.github.com" "window-list@gnome-shell-extensions.gcampax.github.com" "workspace-indicator@gnome-shell-extensions.gcampax.github.com" ];
|
||||
enabled-extensions = [ "appindicatorsupport@rgcjonas.gmail.com" "caffeine@patapon.info" "dash-to-dock@micxgx.gmail.com" "gsconnect@andyholmes.github.io" "Vitals@CoreCoding.com" "sp-tray@sp-tray.esenliyim.github.com" ];
|
||||
favorite-apps = [ "org.gnome.Nautilus.desktop" "firefox.desktop" "org.wezfurlong.wezterm.desktop" "PrusaGcodeviewer.desktop" "spotify.desktop" "org.gnome.Console.desktop" "codium.desktop" "discord.desktop" ];
|
||||
favorite-apps = [ "org.gnome.Nautilus.desktop" "vivaldi-stable.desktop" "org.wezfurlong.wezterm.desktop" "org.gnome.Console.desktop" "code.desktop" "discord.desktop" ];
|
||||
};
|
||||
"org/gnome/nautilus/preferences" = {
|
||||
default-folder-viewer = "list-view";
|
||||
|
|
|
@ -1,8 +1,4 @@
|
|||
{ config
|
||||
, pkgs
|
||||
, lib
|
||||
, ...
|
||||
}:
|
||||
{ config, pkgs, lib, ... }:
|
||||
with lib; let
|
||||
cfg = config.myHome.shell.wezterm;
|
||||
in
|
||||
|
@ -16,7 +12,7 @@ in
|
|||
|
||||
config = mkIf cfg.enable {
|
||||
# xdg.configFile."wezterm/wezterm.lua".source = config.lib.file.mkOutOfStoreSymlink cfg.configPath;
|
||||
programs.wezterm.package = pkgs.unstable.wezterm;
|
||||
programs.wezterm.package = pkgs.wezterm;
|
||||
programs.wezterm = {
|
||||
enable = true;
|
||||
extraConfig = ''
|
||||
|
|
33
nixos/hosts/legiondary/default.nix
Normal file
33
nixos/hosts/legiondary/default.nix
Normal file
|
@ -0,0 +1,33 @@
|
|||
{ ... }: {
|
||||
config = {
|
||||
|
||||
# hardware-configuration.nix - half of the hardware-configuration.nix file
|
||||
|
||||
networking.hostId = "ad4380db";
|
||||
networking.hostName = "durincore";
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "rpool/root";
|
||||
fsType = "zfs";
|
||||
};
|
||||
|
||||
fileSystems."/home" =
|
||||
{ device = "rpool/home";
|
||||
fsType = "zfs";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/F1B9-CA7C";
|
||||
fsType = "vfat";
|
||||
options = [ "fmask=0077" "dmask=0077" ];
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
# System settings and services.
|
||||
mySystem = {
|
||||
system.motd.networkInterfaces = [ "enp0s31f6" "wlp4s0" ];
|
||||
};
|
||||
|
||||
};
|
||||
}
|
|
@ -76,7 +76,9 @@ in
|
|||
COOKIE_NAME = "session";
|
||||
};
|
||||
};
|
||||
mailerPasswordFile = config.sops.secrets."services/forgejo/smtp/password".path;
|
||||
secrets = {
|
||||
mailer.PASSWD = config.sops.secrets."services/forgejo/smtp/password".path;
|
||||
};
|
||||
};
|
||||
# sops
|
||||
sops.secrets."services/forgejo/smtp/password" = {
|
||||
|
|
|
@ -67,17 +67,6 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
### gatus integration
|
||||
mySystem.services.gatus.monitors = mkIf cfg.monitor [
|
||||
{
|
||||
name = app;
|
||||
group = "${category}";
|
||||
url = "https://${url}";
|
||||
interval = "1m";
|
||||
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
|
||||
}
|
||||
];
|
||||
|
||||
### Ingress
|
||||
services.nginx.virtualHosts.${host} = {
|
||||
useACMEHost = config.networking.domain;
|
||||
|
|
0
nixos/overlays/.gitkeep
Normal file
0
nixos/overlays/.gitkeep
Normal file
9
nixos/overlays/README.md
Normal file
9
nixos/overlays/README.md
Normal file
|
@ -0,0 +1,9 @@
|
|||
### Adding overlays
|
||||
|
||||
Overlays should be added as individual nix files to `./nixos/overlays` with format
|
||||
|
||||
```nix
|
||||
final: prev: {
|
||||
hello = (prev.hello.overrideAttrs (oldAttrs: { doCheck = false; }));
|
||||
}
|
||||
```
|
14
nixos/overlays/default.nix
Normal file
14
nixos/overlays/default.nix
Normal file
|
@ -0,0 +1,14 @@
|
|||
{ inputs
|
||||
, ...
|
||||
}:
|
||||
{
|
||||
nur = inputs.nur.overlay;
|
||||
# The unstable nixpkgs set (declared in the flake inputs) will
|
||||
# be accessible through 'pkgs.unstable'
|
||||
unstable-packages = final: _prev: {
|
||||
unstable = import inputs.nixpkgs-unstable {
|
||||
inherit (final) system;
|
||||
config.allowUnfree = true;
|
||||
};
|
||||
};
|
||||
}
|
30
nixos/profiles/hw-legion-15arh05h.nix
Normal file
30
nixos/profiles/hw-legion-15arh05h.nix
Normal file
|
@ -0,0 +1,30 @@
|
|||
{ config, lib, ... }:
|
||||
{
|
||||
boot = {
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
loader = {
|
||||
systemd-boot = {
|
||||
enable = true;
|
||||
};
|
||||
efi = {
|
||||
canTouchEfiVariables = true;
|
||||
};
|
||||
};
|
||||
# Kernel mods
|
||||
initrd = {
|
||||
availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" ];
|
||||
kernelModules = [ ];
|
||||
};
|
||||
kernelModules = [ "kvm-intel" ];
|
||||
extraModulePackages = [ ];
|
||||
};
|
||||
|
||||
networking = {
|
||||
useDHCP = lib.mkDefault true;
|
||||
};
|
||||
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
19
nixos/profiles/role-gaming.nix
Normal file
19
nixos/profiles/role-gaming.nix
Normal file
|
@ -0,0 +1,19 @@
|
|||
{ ... }:
|
||||
{
|
||||
# Enable module for NVIDIA graphics
|
||||
mySystem.hardware.nvidia.enable = true;
|
||||
|
||||
boot = {
|
||||
# for managing/mounting ntfs
|
||||
supportedFilesystems = [ "ntfs" ];
|
||||
|
||||
loader = {
|
||||
systemd-boot.enable = true;
|
||||
efi.canTouchEfiVariables = true;
|
||||
grub.memtest86.enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
# set xserver videodrivers for NVIDIA 4080 gpu
|
||||
services.xserver.videoDrivers = [ "nvidia" ];
|
||||
}
|
|
@ -1,4 +1,4 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
{ lib, pkgs, ... }:
|
||||
# Role for headless servers
|
||||
# covers raspi's, sbc, NUC etc, anything
|
||||
# that is headless and minimal for running services
|
||||
|
@ -6,19 +6,10 @@ with lib;
|
|||
{
|
||||
config = {
|
||||
# Enable monitoring for remote scraiping
|
||||
mySystem.services.promMonitoring.enable = true;
|
||||
mySystem.services.rebootRequiredCheck.enable = true;
|
||||
mySystem.security.wheelNeedsSudoPassword = false;
|
||||
mySystem.services.cockpit.enable = true;
|
||||
mySystem.system.motd.enable = true;
|
||||
mySystem.services.gatus.monitors = [{
|
||||
name = config.networking.hostName;
|
||||
group = "servers";
|
||||
url = "icmp://${config.networking.hostName}";
|
||||
interval = "1m";
|
||||
conditions = [ "[CONNECTED] == true" ];
|
||||
}];
|
||||
|
||||
nix.settings = {
|
||||
# TODO factor out into mySystem
|
||||
# Avoid disk full issues
|
||||
|
|
|
@ -13,15 +13,8 @@ with config;
|
|||
# TODO decide if i drop to bash on pis?
|
||||
shell.fish.enable = true;
|
||||
|
||||
# TODO make nfs server configurable
|
||||
# nfs.nas = {
|
||||
# enable = true;
|
||||
# lazy = true;
|
||||
# };
|
||||
|
||||
system.resticBackup.local.enable = false;
|
||||
system.resticBackup.remote.enable = false;
|
||||
|
||||
};
|
||||
|
||||
boot = {
|
||||
|
@ -43,10 +36,6 @@ with config;
|
|||
fwupd.enable = config.boot.loader.systemd-boot.enable; # fwupd does not work in BIOS mode
|
||||
thermald.enable = true;
|
||||
smartd.enable = true;
|
||||
|
||||
# required for yubikey
|
||||
udev.packages = [ pkgs.yubikey-personalization ];
|
||||
pcscd.enable = true;
|
||||
};
|
||||
|
||||
hardware = {
|
||||
|
|
Loading…
Reference in a new issue