Compare commits
No commits in common. "cb0871ee3c29449bd7320794dff8c967fd66d7c7" and "ff81f2ca2a3a02a8b2a4fd24efd1b86cb7489aa5" have entirely different histories.
cb0871ee3c
...
ff81f2ca2a
14 changed files with 266 additions and 18 deletions
121
.taskfiles/nix/Taskfile.yaml
Normal file
121
.taskfiles/nix/Taskfile.yaml
Normal file
|
@ -0,0 +1,121 @@
|
|||
---
|
||||
# yaml-language-server: $schema=https://taskfile.dev/schema.json
|
||||
version: "3"
|
||||
|
||||
vars:
|
||||
hostname: $HOSTNAME
|
||||
host: '{{ or .host .hostname }}'
|
||||
|
||||
|
||||
tasks:
|
||||
switch:
|
||||
desc: Build and apply nix configuration
|
||||
silent: true
|
||||
requires:
|
||||
vars:
|
||||
- host
|
||||
cmds:
|
||||
- echo "This will switch your config."
|
||||
- task: .prompt_to_continue
|
||||
- git add .
|
||||
- sudo nixos-rebuild switch --flake "{{.ROOT_DIR}}/#{{.hostname}}" --impure
|
||||
preconditions:
|
||||
- sh: which nix
|
||||
msg: "nix not found"
|
||||
- sh: which nixos-rebuild
|
||||
msg: "nixos-rebuild not found"
|
||||
|
||||
deploy-single:
|
||||
desc: Deploy flake to single node
|
||||
# silent: true
|
||||
requires:
|
||||
vars:
|
||||
- host
|
||||
cmds:
|
||||
- echo "This will deploy the local flake to host {{ .host }}."
|
||||
- task: .prompt_to_continue
|
||||
- .taskfiles/nix/update-single-machine.sh {{.host}}
|
||||
preconditions:
|
||||
- sh: which nix
|
||||
msg: "nix not found"
|
||||
- sh: which nixos-rebuild
|
||||
msg: "nixos-rebuild not found"
|
||||
|
||||
deploy-all:
|
||||
desc: Deploy flake to all nodes
|
||||
# silent: true
|
||||
requires:
|
||||
vars:
|
||||
- host
|
||||
cmds:
|
||||
- echo "This will deploy the local flake to all whitelisted hosts."
|
||||
- task: .prompt_to_continue
|
||||
- .taskfiles/nix/update-all.sh
|
||||
preconditions:
|
||||
- sh: which nix
|
||||
msg: "nix not found"
|
||||
- sh: which nixos-rebuild
|
||||
msg: "nixos-rebuild not found"
|
||||
|
||||
|
||||
|
||||
test:
|
||||
desc: Build and apply nix configuration
|
||||
silent: true
|
||||
requires:
|
||||
vars:
|
||||
- host
|
||||
cmds:
|
||||
- echo "This will test your config."
|
||||
- task: .prompt_to_continue
|
||||
- sudo nixos-rebuild test --flake "{{.ROOT_DIR}}/#{{.host}}" --impure
|
||||
preconditions:
|
||||
- sh: which nix
|
||||
msg: "nix not found"
|
||||
- sh: which nixos-rebuild
|
||||
msg: "nixos-rebuild not found"
|
||||
|
||||
dry-run:
|
||||
desc: Build and apply nix configuration
|
||||
silent: true
|
||||
requires:
|
||||
vars:
|
||||
- host
|
||||
cmds:
|
||||
- echo "This will dry-run your config and add your untracked git files."
|
||||
- git add .
|
||||
- nixos-rebuild dry-run --flake "{{.ROOT_DIR}}/#{{.host}}" --impure
|
||||
preconditions:
|
||||
- sh: which nix
|
||||
msg: "nix not found"
|
||||
- sh: which nixos-rebuild
|
||||
msg: "nixos-rebuild not found"
|
||||
|
||||
|
||||
build:
|
||||
desc: Build nix configuration
|
||||
silent: true
|
||||
requires:
|
||||
vars:
|
||||
- host
|
||||
cmds:
|
||||
- git add .
|
||||
- nixos-rebuild build --flake "{{.ROOT_DIR}}/#{{.host}}" --impure --fast
|
||||
- nvd diff /run/current-system result
|
||||
preconditions:
|
||||
- sh: which nix
|
||||
msg: "nix not found"
|
||||
- sh: which nixos-rebuild
|
||||
msg: "nixos-rebuild not found"
|
||||
- sh: which nvd
|
||||
msg: "nvd not found"
|
||||
|
||||
.prompt_to_continue:
|
||||
internal: true
|
||||
prompt: Do you want to continue applying this configuration?
|
||||
|
||||
build-image-rpi4:
|
||||
desc: Build basic machine build-image
|
||||
silent: true
|
||||
cmds:
|
||||
- nix build .#images.rpi4
|
37
.taskfiles/nix/update-all.sh
Executable file
37
.taskfiles/nix/update-all.sh
Executable file
|
@ -0,0 +1,37 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
|
||||
hosts=($(echo $(nix eval .#nixosConfigurations --apply 'pkgs: builtins.concatStringsSep " " (builtins.attrNames pkgs)') | xargs))
|
||||
skip=(
|
||||
"citadel"
|
||||
"rickenbacker"
|
||||
)
|
||||
|
||||
reboot=0
|
||||
|
||||
while getopts ":r" option; do
|
||||
case $option in
|
||||
r)
|
||||
reboot=1
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
for host in "${hosts[@]}"; do
|
||||
# Check if the host is in the skip list
|
||||
if [[ " ${skip[*]} " =~ " ${host} " ]]; then
|
||||
continue
|
||||
fi
|
||||
fqdn="$host.l.voltaicforge.com"
|
||||
if [ $reboot -eq 0 ]; then
|
||||
echo $fqdn
|
||||
nixos-rebuild switch -j auto --use-remote-sudo --target-host $fqdn --flake ".#$host"
|
||||
else
|
||||
echo "$fqdn with reboot"
|
||||
nixos-rebuild boot -j auto --use-remote-sudo --target-host $fqdn --flake ".#$host"
|
||||
ssh -i $rsa_key $fqdn 'sudo reboot'
|
||||
fi
|
||||
echo
|
||||
echo
|
||||
done
|
33
.taskfiles/nix/update-single-machine.sh
Executable file
33
.taskfiles/nix/update-single-machine.sh
Executable file
|
@ -0,0 +1,33 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
|
||||
cd /home/truxnell/.local/nix-config
|
||||
|
||||
# rsa_key="~/.nixos/secrets/ssh_keys/ansible/ansible.key"
|
||||
# export NIX_SSHOPTS="-t -i $rsa_key"
|
||||
|
||||
reboot=0
|
||||
|
||||
while getopts ":r" option; do
|
||||
case $option in
|
||||
r)
|
||||
reboot=1
|
||||
host=$2
|
||||
fqdn="$host.l.voltaicforge.com"
|
||||
echo "$fqdn with reboot"
|
||||
nixos-rebuild boot -j auto --use-remote-sudo --target-host $fqdn --flake ".#$host"
|
||||
# ssh -i $rsa_key $fqdn 'sudo reboot'
|
||||
ssh $fqdn 'sudo reboot'
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
if [ $reboot -eq 0 ]; then
|
||||
host=$1
|
||||
fqdn="$host.l.voltaicforge.com"
|
||||
echo "$fqdn"
|
||||
nixos-rebuild switch -j auto --use-remote-sudo --target-host $fqdn --flake ".#$host"
|
||||
fi
|
||||
echo
|
||||
echo
|
2
.vscode/module.code-snippets
vendored
2
.vscode/module.code-snippets
vendored
|
@ -10,7 +10,7 @@
|
|||
"with lib;",
|
||||
"let",
|
||||
" cfg = config.mySystem.${1}.${2};",
|
||||
" app = \"${3}\"",
|
||||
" app = \"${3}\""
|
||||
" appFolder = \"apps/${app}\";",
|
||||
" persistentFolder = \"${config.mySystem.persistentFolder}/${appFolder}\";",
|
||||
" user = app;",
|
||||
|
|
6
.vscode/settings.json
vendored
Normal file
6
.vscode/settings.json
vendored
Normal file
|
@ -0,0 +1,6 @@
|
|||
{
|
||||
"cSpell.words": [
|
||||
"homelab",
|
||||
"Seafile"
|
||||
]
|
||||
}
|
|
@ -79,7 +79,7 @@
|
|||
formatter = forAllSystems (system: nixpkgs.legacyPackages."${system}".nixpkgs-fmt);
|
||||
|
||||
# setup devshells against shell.nix
|
||||
# devShells = forAllSystems (pkgs: import ./shell.nix { inherit pkgs; });
|
||||
devShells = forAllSystems (pkgs: import ./shell.nix { inherit pkgs; });
|
||||
|
||||
# extend lib with my custom functions
|
||||
lib = nixpkgs.lib.extend (
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, config, ... }:
|
||||
{ lib, pkgs, self, config, ... }:
|
||||
with config;
|
||||
{
|
||||
|
||||
|
@ -79,6 +79,7 @@ with config;
|
|||
# dev utils
|
||||
direnv # shell environment management
|
||||
envsubst
|
||||
lazygit
|
||||
|
||||
# nix tools
|
||||
nvd
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{ ... }:
|
||||
{ lib, pkgs, self, config, ... }:
|
||||
with config;
|
||||
{
|
||||
imports = [
|
||||
./global.nix
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, config, ... }:
|
||||
{ lib, pkgs, self, config, inputs, ... }:
|
||||
with config;
|
||||
{
|
||||
imports = [
|
||||
|
@ -13,9 +13,9 @@ with config;
|
|||
|
||||
git = {
|
||||
enable = true;
|
||||
username = "Joseph Hanson";
|
||||
username = "jahanson";
|
||||
email = "joe@veri.dev";
|
||||
signingKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIDSAmssproxG+KsVn2DfuteBAemHrmmAFzCtldpKl4J";
|
||||
# signingKey = ""; # TODO setup signing keys n shit
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -1,4 +1,8 @@
|
|||
{ config, lib, ... }:
|
||||
{ config
|
||||
, pkgs
|
||||
, lib
|
||||
, ...
|
||||
}:
|
||||
with lib; let
|
||||
cfg = config.myHome.security.ssh;
|
||||
in
|
||||
|
|
|
@ -23,15 +23,49 @@ in
|
|||
ll = "${pkgs.eza}/bin/eza --long --all --group --header";
|
||||
tm = "tmux attach -t (basename $PWD) || tmux new -s (basename $PWD)";
|
||||
x = "exit";
|
||||
# lazydocker --> lazypodman
|
||||
lazypodman="sudo DOCKER_HOST=unix:///run/podman/podman.sock lazydocker";
|
||||
};
|
||||
|
||||
shellAbbrs = {
|
||||
nrs = "sudo nixos-rebuild switch --flake .";
|
||||
dup = "git add . ; darwin-rebuild --flake . switch";
|
||||
dupb = "git add . ; darwin-rebuild --flake . build --show-trace ; nvd diff /run/current-system result";
|
||||
nup = "git add . ; sudo nixos-rebuild --flake . switch";
|
||||
nhup = "nh os switch . --dry";
|
||||
nvdiff = "nvd diff /run/current-system result";
|
||||
ap = "ansible-playbook";
|
||||
apb = "ansible-playbook --ask-become";
|
||||
gfp = "git fetch -p && git pull";
|
||||
gitp = "git push";
|
||||
gitpf = "git push -f";
|
||||
tf = "terraform";
|
||||
};
|
||||
|
||||
# functions = {
|
||||
# brewup = {
|
||||
# description = "Update homebrew applications";
|
||||
# body = builtins.readFile ./functions/brewup.fish;
|
||||
# };
|
||||
# fish_prompt = {
|
||||
# description = "Set the fish prompt";
|
||||
# body = builtins.readFile ./functions/fish_prompt.fish;
|
||||
# };
|
||||
# fish_right_prompt = {
|
||||
# description = "Set the right prompt";
|
||||
# body = builtins.readFile ./functions/fish_right_prompt.fish;
|
||||
# };
|
||||
# fish_title = {
|
||||
# description = "Set the title";
|
||||
# body = builtins.readFile ./functions/fish_title.fish;
|
||||
# };
|
||||
# fwatch = {
|
||||
# description = "Watch with fish alias support";
|
||||
# body = builtins.readFile ./functions/fwatch.fish;
|
||||
# };
|
||||
# git_current_branch = {
|
||||
# description = "Display the current branch";
|
||||
# body = builtins.readFile ./functions/git_current_branch.fish;
|
||||
# };
|
||||
# };
|
||||
|
||||
interactiveShellInit = ''
|
||||
# Erase fish_mode_prompt function
|
||||
functions -e fish_mode_prompt
|
||||
|
@ -75,6 +109,15 @@ in
|
|||
home.sessionVariables.fish_greeting = "";
|
||||
|
||||
programs.nix-index.enable = true;
|
||||
|
||||
# programs.fish = {
|
||||
# functions = {
|
||||
# agent = {
|
||||
# description = "Start SSH agent";
|
||||
# body = builtins.readFile ./functions/agent.fish;
|
||||
# };
|
||||
# };
|
||||
# };
|
||||
})
|
||||
];
|
||||
}
|
||||
|
|
|
@ -45,11 +45,6 @@ in
|
|||
rebase = {
|
||||
autoStash = true;
|
||||
};
|
||||
user = {
|
||||
signingKey = cfg.signingKey;
|
||||
};
|
||||
gpg.format = "ssh";
|
||||
gpg.program = "${pkgs._1password}/bin/op-ssh-sign";
|
||||
};
|
||||
aliases = {
|
||||
co = "checkout";
|
||||
|
@ -67,12 +62,15 @@ in
|
|||
# Python virtualenvs
|
||||
".venv"
|
||||
];
|
||||
# signing = lib.mkIf (cfg.signingKey != "") {
|
||||
# signByDefault = true;
|
||||
# key = cfg.signingKey;
|
||||
# };
|
||||
};
|
||||
|
||||
home.packages = [
|
||||
pkgs.git-filter-repo
|
||||
pkgs.tig
|
||||
pkgs.lazygit
|
||||
];
|
||||
})
|
||||
];
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ lib, nixpkgs, ... }:
|
||||
{ lib, config, pkgs, nixpkgs, self, ... }:
|
||||
{
|
||||
## Below is to align shell/system to flake's nixpkgs
|
||||
## ref: https://nixos-and-flakes.thiscute.world/best-practices/nix-path-and-flake-registry
|
||||
|
@ -14,6 +14,8 @@
|
|||
# https://github.com/NixOS/nix/issues/9574
|
||||
settings.nix-path = lib.mkForce "nixpkgs=/etc/nix/inputs/nixpkgs";
|
||||
|
||||
###
|
||||
|
||||
settings = {
|
||||
# Enable flakes
|
||||
experimental-features = [
|
||||
|
|
|
@ -12,6 +12,8 @@
|
|||
import nixpkgs { inherit system overlays; }
|
||||
, ...
|
||||
}:
|
||||
let
|
||||
in
|
||||
pkgs.mkShell {
|
||||
# Enable experimental features without having to specify the argument
|
||||
NIX_CONFIG = "experimental-features = nix-command flakes";
|
||||
|
|
Reference in a new issue