Compare commits
2 commits
ff81f2ca2a
...
cb0871ee3c
Author | SHA1 | Date | |
---|---|---|---|
cb0871ee3c | |||
ca25688c2c |
14 changed files with 18 additions and 266 deletions
|
@ -1,121 +0,0 @@
|
||||||
---
|
|
||||||
# yaml-language-server: $schema=https://taskfile.dev/schema.json
|
|
||||||
version: "3"
|
|
||||||
|
|
||||||
vars:
|
|
||||||
hostname: $HOSTNAME
|
|
||||||
host: '{{ or .host .hostname }}'
|
|
||||||
|
|
||||||
|
|
||||||
tasks:
|
|
||||||
switch:
|
|
||||||
desc: Build and apply nix configuration
|
|
||||||
silent: true
|
|
||||||
requires:
|
|
||||||
vars:
|
|
||||||
- host
|
|
||||||
cmds:
|
|
||||||
- echo "This will switch your config."
|
|
||||||
- task: .prompt_to_continue
|
|
||||||
- git add .
|
|
||||||
- sudo nixos-rebuild switch --flake "{{.ROOT_DIR}}/#{{.hostname}}" --impure
|
|
||||||
preconditions:
|
|
||||||
- sh: which nix
|
|
||||||
msg: "nix not found"
|
|
||||||
- sh: which nixos-rebuild
|
|
||||||
msg: "nixos-rebuild not found"
|
|
||||||
|
|
||||||
deploy-single:
|
|
||||||
desc: Deploy flake to single node
|
|
||||||
# silent: true
|
|
||||||
requires:
|
|
||||||
vars:
|
|
||||||
- host
|
|
||||||
cmds:
|
|
||||||
- echo "This will deploy the local flake to host {{ .host }}."
|
|
||||||
- task: .prompt_to_continue
|
|
||||||
- .taskfiles/nix/update-single-machine.sh {{.host}}
|
|
||||||
preconditions:
|
|
||||||
- sh: which nix
|
|
||||||
msg: "nix not found"
|
|
||||||
- sh: which nixos-rebuild
|
|
||||||
msg: "nixos-rebuild not found"
|
|
||||||
|
|
||||||
deploy-all:
|
|
||||||
desc: Deploy flake to all nodes
|
|
||||||
# silent: true
|
|
||||||
requires:
|
|
||||||
vars:
|
|
||||||
- host
|
|
||||||
cmds:
|
|
||||||
- echo "This will deploy the local flake to all whitelisted hosts."
|
|
||||||
- task: .prompt_to_continue
|
|
||||||
- .taskfiles/nix/update-all.sh
|
|
||||||
preconditions:
|
|
||||||
- sh: which nix
|
|
||||||
msg: "nix not found"
|
|
||||||
- sh: which nixos-rebuild
|
|
||||||
msg: "nixos-rebuild not found"
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
test:
|
|
||||||
desc: Build and apply nix configuration
|
|
||||||
silent: true
|
|
||||||
requires:
|
|
||||||
vars:
|
|
||||||
- host
|
|
||||||
cmds:
|
|
||||||
- echo "This will test your config."
|
|
||||||
- task: .prompt_to_continue
|
|
||||||
- sudo nixos-rebuild test --flake "{{.ROOT_DIR}}/#{{.host}}" --impure
|
|
||||||
preconditions:
|
|
||||||
- sh: which nix
|
|
||||||
msg: "nix not found"
|
|
||||||
- sh: which nixos-rebuild
|
|
||||||
msg: "nixos-rebuild not found"
|
|
||||||
|
|
||||||
dry-run:
|
|
||||||
desc: Build and apply nix configuration
|
|
||||||
silent: true
|
|
||||||
requires:
|
|
||||||
vars:
|
|
||||||
- host
|
|
||||||
cmds:
|
|
||||||
- echo "This will dry-run your config and add your untracked git files."
|
|
||||||
- git add .
|
|
||||||
- nixos-rebuild dry-run --flake "{{.ROOT_DIR}}/#{{.host}}" --impure
|
|
||||||
preconditions:
|
|
||||||
- sh: which nix
|
|
||||||
msg: "nix not found"
|
|
||||||
- sh: which nixos-rebuild
|
|
||||||
msg: "nixos-rebuild not found"
|
|
||||||
|
|
||||||
|
|
||||||
build:
|
|
||||||
desc: Build nix configuration
|
|
||||||
silent: true
|
|
||||||
requires:
|
|
||||||
vars:
|
|
||||||
- host
|
|
||||||
cmds:
|
|
||||||
- git add .
|
|
||||||
- nixos-rebuild build --flake "{{.ROOT_DIR}}/#{{.host}}" --impure --fast
|
|
||||||
- nvd diff /run/current-system result
|
|
||||||
preconditions:
|
|
||||||
- sh: which nix
|
|
||||||
msg: "nix not found"
|
|
||||||
- sh: which nixos-rebuild
|
|
||||||
msg: "nixos-rebuild not found"
|
|
||||||
- sh: which nvd
|
|
||||||
msg: "nvd not found"
|
|
||||||
|
|
||||||
.prompt_to_continue:
|
|
||||||
internal: true
|
|
||||||
prompt: Do you want to continue applying this configuration?
|
|
||||||
|
|
||||||
build-image-rpi4:
|
|
||||||
desc: Build basic machine build-image
|
|
||||||
silent: true
|
|
||||||
cmds:
|
|
||||||
- nix build .#images.rpi4
|
|
|
@ -1,37 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
set -e
|
|
||||||
|
|
||||||
hosts=($(echo $(nix eval .#nixosConfigurations --apply 'pkgs: builtins.concatStringsSep " " (builtins.attrNames pkgs)') | xargs))
|
|
||||||
skip=(
|
|
||||||
"citadel"
|
|
||||||
"rickenbacker"
|
|
||||||
)
|
|
||||||
|
|
||||||
reboot=0
|
|
||||||
|
|
||||||
while getopts ":r" option; do
|
|
||||||
case $option in
|
|
||||||
r)
|
|
||||||
reboot=1
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
|
|
||||||
for host in "${hosts[@]}"; do
|
|
||||||
# Check if the host is in the skip list
|
|
||||||
if [[ " ${skip[*]} " =~ " ${host} " ]]; then
|
|
||||||
continue
|
|
||||||
fi
|
|
||||||
fqdn="$host.l.voltaicforge.com"
|
|
||||||
if [ $reboot -eq 0 ]; then
|
|
||||||
echo $fqdn
|
|
||||||
nixos-rebuild switch -j auto --use-remote-sudo --target-host $fqdn --flake ".#$host"
|
|
||||||
else
|
|
||||||
echo "$fqdn with reboot"
|
|
||||||
nixos-rebuild boot -j auto --use-remote-sudo --target-host $fqdn --flake ".#$host"
|
|
||||||
ssh -i $rsa_key $fqdn 'sudo reboot'
|
|
||||||
fi
|
|
||||||
echo
|
|
||||||
echo
|
|
||||||
done
|
|
|
@ -1,33 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
set -e
|
|
||||||
|
|
||||||
cd /home/truxnell/.local/nix-config
|
|
||||||
|
|
||||||
# rsa_key="~/.nixos/secrets/ssh_keys/ansible/ansible.key"
|
|
||||||
# export NIX_SSHOPTS="-t -i $rsa_key"
|
|
||||||
|
|
||||||
reboot=0
|
|
||||||
|
|
||||||
while getopts ":r" option; do
|
|
||||||
case $option in
|
|
||||||
r)
|
|
||||||
reboot=1
|
|
||||||
host=$2
|
|
||||||
fqdn="$host.l.voltaicforge.com"
|
|
||||||
echo "$fqdn with reboot"
|
|
||||||
nixos-rebuild boot -j auto --use-remote-sudo --target-host $fqdn --flake ".#$host"
|
|
||||||
# ssh -i $rsa_key $fqdn 'sudo reboot'
|
|
||||||
ssh $fqdn 'sudo reboot'
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
|
|
||||||
if [ $reboot -eq 0 ]; then
|
|
||||||
host=$1
|
|
||||||
fqdn="$host.l.voltaicforge.com"
|
|
||||||
echo "$fqdn"
|
|
||||||
nixos-rebuild switch -j auto --use-remote-sudo --target-host $fqdn --flake ".#$host"
|
|
||||||
fi
|
|
||||||
echo
|
|
||||||
echo
|
|
2
.vscode/module.code-snippets
vendored
2
.vscode/module.code-snippets
vendored
|
@ -10,7 +10,7 @@
|
||||||
"with lib;",
|
"with lib;",
|
||||||
"let",
|
"let",
|
||||||
" cfg = config.mySystem.${1}.${2};",
|
" cfg = config.mySystem.${1}.${2};",
|
||||||
" app = \"${3}\""
|
" app = \"${3}\"",
|
||||||
" appFolder = \"apps/${app}\";",
|
" appFolder = \"apps/${app}\";",
|
||||||
" persistentFolder = \"${config.mySystem.persistentFolder}/${appFolder}\";",
|
" persistentFolder = \"${config.mySystem.persistentFolder}/${appFolder}\";",
|
||||||
" user = app;",
|
" user = app;",
|
||||||
|
|
6
.vscode/settings.json
vendored
6
.vscode/settings.json
vendored
|
@ -1,6 +0,0 @@
|
||||||
{
|
|
||||||
"cSpell.words": [
|
|
||||||
"homelab",
|
|
||||||
"Seafile"
|
|
||||||
]
|
|
||||||
}
|
|
|
@ -79,7 +79,7 @@
|
||||||
formatter = forAllSystems (system: nixpkgs.legacyPackages."${system}".nixpkgs-fmt);
|
formatter = forAllSystems (system: nixpkgs.legacyPackages."${system}".nixpkgs-fmt);
|
||||||
|
|
||||||
# setup devshells against shell.nix
|
# setup devshells against shell.nix
|
||||||
devShells = forAllSystems (pkgs: import ./shell.nix { inherit pkgs; });
|
# devShells = forAllSystems (pkgs: import ./shell.nix { inherit pkgs; });
|
||||||
|
|
||||||
# extend lib with my custom functions
|
# extend lib with my custom functions
|
||||||
lib = nixpkgs.lib.extend (
|
lib = nixpkgs.lib.extend (
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ lib, pkgs, self, config, ... }:
|
{ pkgs, config, ... }:
|
||||||
with config;
|
with config;
|
||||||
{
|
{
|
||||||
|
|
||||||
|
@ -79,7 +79,6 @@ with config;
|
||||||
# dev utils
|
# dev utils
|
||||||
direnv # shell environment management
|
direnv # shell environment management
|
||||||
envsubst
|
envsubst
|
||||||
lazygit
|
|
||||||
|
|
||||||
# nix tools
|
# nix tools
|
||||||
nvd
|
nvd
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
{ lib, pkgs, self, config, ... }:
|
{ ... }:
|
||||||
with config;
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./global.nix
|
./global.nix
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ lib, pkgs, self, config, inputs, ... }:
|
{ pkgs, config, ... }:
|
||||||
with config;
|
with config;
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
|
@ -13,9 +13,9 @@ with config;
|
||||||
|
|
||||||
git = {
|
git = {
|
||||||
enable = true;
|
enable = true;
|
||||||
username = "jahanson";
|
username = "Joseph Hanson";
|
||||||
email = "joe@veri.dev";
|
email = "joe@veri.dev";
|
||||||
# signingKey = ""; # TODO setup signing keys n shit
|
signingKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIDSAmssproxG+KsVn2DfuteBAemHrmmAFzCtldpKl4J";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -1,8 +1,4 @@
|
||||||
{ config
|
{ config, lib, ... }:
|
||||||
, pkgs
|
|
||||||
, lib
|
|
||||||
, ...
|
|
||||||
}:
|
|
||||||
with lib; let
|
with lib; let
|
||||||
cfg = config.myHome.security.ssh;
|
cfg = config.myHome.security.ssh;
|
||||||
in
|
in
|
||||||
|
|
|
@ -23,49 +23,15 @@ in
|
||||||
ll = "${pkgs.eza}/bin/eza --long --all --group --header";
|
ll = "${pkgs.eza}/bin/eza --long --all --group --header";
|
||||||
tm = "tmux attach -t (basename $PWD) || tmux new -s (basename $PWD)";
|
tm = "tmux attach -t (basename $PWD) || tmux new -s (basename $PWD)";
|
||||||
x = "exit";
|
x = "exit";
|
||||||
|
# lazydocker --> lazypodman
|
||||||
|
lazypodman="sudo DOCKER_HOST=unix:///run/podman/podman.sock lazydocker";
|
||||||
};
|
};
|
||||||
|
|
||||||
shellAbbrs = {
|
shellAbbrs = {
|
||||||
dup = "git add . ; darwin-rebuild --flake . switch";
|
nrs = "sudo nixos-rebuild switch --flake .";
|
||||||
dupb = "git add . ; darwin-rebuild --flake . build --show-trace ; nvd diff /run/current-system result";
|
|
||||||
nup = "git add . ; sudo nixos-rebuild --flake . switch";
|
|
||||||
nhup = "nh os switch . --dry";
|
|
||||||
nvdiff = "nvd diff /run/current-system result";
|
nvdiff = "nvd diff /run/current-system result";
|
||||||
ap = "ansible-playbook";
|
|
||||||
apb = "ansible-playbook --ask-become";
|
|
||||||
gfp = "git fetch -p && git pull";
|
|
||||||
gitp = "git push";
|
|
||||||
gitpf = "git push -f";
|
|
||||||
tf = "terraform";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
# functions = {
|
|
||||||
# brewup = {
|
|
||||||
# description = "Update homebrew applications";
|
|
||||||
# body = builtins.readFile ./functions/brewup.fish;
|
|
||||||
# };
|
|
||||||
# fish_prompt = {
|
|
||||||
# description = "Set the fish prompt";
|
|
||||||
# body = builtins.readFile ./functions/fish_prompt.fish;
|
|
||||||
# };
|
|
||||||
# fish_right_prompt = {
|
|
||||||
# description = "Set the right prompt";
|
|
||||||
# body = builtins.readFile ./functions/fish_right_prompt.fish;
|
|
||||||
# };
|
|
||||||
# fish_title = {
|
|
||||||
# description = "Set the title";
|
|
||||||
# body = builtins.readFile ./functions/fish_title.fish;
|
|
||||||
# };
|
|
||||||
# fwatch = {
|
|
||||||
# description = "Watch with fish alias support";
|
|
||||||
# body = builtins.readFile ./functions/fwatch.fish;
|
|
||||||
# };
|
|
||||||
# git_current_branch = {
|
|
||||||
# description = "Display the current branch";
|
|
||||||
# body = builtins.readFile ./functions/git_current_branch.fish;
|
|
||||||
# };
|
|
||||||
# };
|
|
||||||
|
|
||||||
interactiveShellInit = ''
|
interactiveShellInit = ''
|
||||||
# Erase fish_mode_prompt function
|
# Erase fish_mode_prompt function
|
||||||
functions -e fish_mode_prompt
|
functions -e fish_mode_prompt
|
||||||
|
@ -109,15 +75,6 @@ in
|
||||||
home.sessionVariables.fish_greeting = "";
|
home.sessionVariables.fish_greeting = "";
|
||||||
|
|
||||||
programs.nix-index.enable = true;
|
programs.nix-index.enable = true;
|
||||||
|
|
||||||
# programs.fish = {
|
|
||||||
# functions = {
|
|
||||||
# agent = {
|
|
||||||
# description = "Start SSH agent";
|
|
||||||
# body = builtins.readFile ./functions/agent.fish;
|
|
||||||
# };
|
|
||||||
# };
|
|
||||||
# };
|
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -45,6 +45,11 @@ in
|
||||||
rebase = {
|
rebase = {
|
||||||
autoStash = true;
|
autoStash = true;
|
||||||
};
|
};
|
||||||
|
user = {
|
||||||
|
signingKey = cfg.signingKey;
|
||||||
|
};
|
||||||
|
gpg.format = "ssh";
|
||||||
|
gpg.program = "${pkgs._1password}/bin/op-ssh-sign";
|
||||||
};
|
};
|
||||||
aliases = {
|
aliases = {
|
||||||
co = "checkout";
|
co = "checkout";
|
||||||
|
@ -62,15 +67,12 @@ in
|
||||||
# Python virtualenvs
|
# Python virtualenvs
|
||||||
".venv"
|
".venv"
|
||||||
];
|
];
|
||||||
# signing = lib.mkIf (cfg.signingKey != "") {
|
|
||||||
# signByDefault = true;
|
|
||||||
# key = cfg.signingKey;
|
|
||||||
# };
|
|
||||||
};
|
};
|
||||||
|
|
||||||
home.packages = [
|
home.packages = [
|
||||||
pkgs.git-filter-repo
|
pkgs.git-filter-repo
|
||||||
pkgs.tig
|
pkgs.tig
|
||||||
|
pkgs.lazygit
|
||||||
];
|
];
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ lib, config, pkgs, nixpkgs, self, ... }:
|
{ lib, nixpkgs, ... }:
|
||||||
{
|
{
|
||||||
## Below is to align shell/system to flake's nixpkgs
|
## Below is to align shell/system to flake's nixpkgs
|
||||||
## ref: https://nixos-and-flakes.thiscute.world/best-practices/nix-path-and-flake-registry
|
## ref: https://nixos-and-flakes.thiscute.world/best-practices/nix-path-and-flake-registry
|
||||||
|
@ -14,8 +14,6 @@
|
||||||
# https://github.com/NixOS/nix/issues/9574
|
# https://github.com/NixOS/nix/issues/9574
|
||||||
settings.nix-path = lib.mkForce "nixpkgs=/etc/nix/inputs/nixpkgs";
|
settings.nix-path = lib.mkForce "nixpkgs=/etc/nix/inputs/nixpkgs";
|
||||||
|
|
||||||
###
|
|
||||||
|
|
||||||
settings = {
|
settings = {
|
||||||
# Enable flakes
|
# Enable flakes
|
||||||
experimental-features = [
|
experimental-features = [
|
||||||
|
|
|
@ -12,8 +12,6 @@
|
||||||
import nixpkgs { inherit system overlays; }
|
import nixpkgs { inherit system overlays; }
|
||||||
, ...
|
, ...
|
||||||
}:
|
}:
|
||||||
let
|
|
||||||
in
|
|
||||||
pkgs.mkShell {
|
pkgs.mkShell {
|
||||||
# Enable experimental features without having to specify the argument
|
# Enable experimental features without having to specify the argument
|
||||||
NIX_CONFIG = "experimental-features = nix-command flakes";
|
NIX_CONFIG = "experimental-features = nix-command flakes";
|
||||||
|
|
Reference in a new issue