From e788ffac1be2dbf87ad9fdb9fa4aaad69a0ef442 Mon Sep 17 00:00:00 2001 From: Joseph Hanson Date: Sat, 13 Jul 2024 02:25:36 -0500 Subject: [PATCH] merging manual updates. --- .envrc | 3 ++- .gitignore | 3 ++- nixos/common.nix | 3 +++ nixos/gandalf/configuration.nix | 7 ++++++- nixos/telperion/configuration.nix | 2 +- shell.nix | 30 ++++++++++++++++++++++++++++++ 6 files changed, 44 insertions(+), 4 deletions(-) create mode 100644 shell.nix diff --git a/.envrc b/.envrc index 41fb56c..b19e961 100644 --- a/.envrc +++ b/.envrc @@ -1 +1,2 @@ -export SOPS_AGE_KEY_FILE="$(expand_path ./age.key)" \ No newline at end of file +export SOPS_AGE_KEY_FILE="$(expand_path ./age.key)" +use nix \ No newline at end of file diff --git a/.gitignore b/.gitignore index 803e78e..93361b5 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,5 @@ result result-* .decrypted~secrets.yaml -age.key \ No newline at end of file +age.key +.direnv \ No newline at end of file diff --git a/nixos/common.nix b/nixos/common.nix index 5827334..04e5d9e 100644 --- a/nixos/common.nix +++ b/nixos/common.nix @@ -61,6 +61,8 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIATyScd8ZRhV7uZmrQNSAbRTs9N/Dbx+Y8tGEDny30sA jahanson@Anduril" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO/W445gX2IINRbE6crIMwgN6Ks8LTzAXR86pS9xp335 Sting" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBROTzSefJGJeCNUgNLbE5l4sHHg2fHUO4sCwqvP+zAd Gollum" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAGSFTSVPt43PBpSMSF1dGTzN2JbxztDZUml7g4+PnWe CSI-Driver@talos" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIDJtqzSFK3MN12Lo3Y4DnzJV5NiygIPkR+gun5oEb2q jahanson@legion-new" ]; # Set up users @@ -76,6 +78,7 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETR70eQJiXaJuB+qpI1z+jFOPbEZoQNRcq4VXkojWfU" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAanHn3AWxWfHv51wgDmJwhQrJgsGd+LomJJZ5kXFTP3 jahanson@durincore" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIATyScd8ZRhV7uZmrQNSAbRTs9N/Dbx+Y8tGEDny30sA jahanson@Anduril" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIDJtqzSFK3MN12Lo3Y4DnzJV5NiygIPkR+gun5oEb2q jahanson@legion-new" ]; }; diff --git a/nixos/gandalf/configuration.nix b/nixos/gandalf/configuration.nix index c66213c..6a799f8 100644 --- a/nixos/gandalf/configuration.nix +++ b/nixos/gandalf/configuration.nix @@ -163,7 +163,12 @@ in }; # NFS - services.nfs.server.enable = true; + services.nfs.server = { + enable = true; + statdPort = 4000; + lockdPort = 4001; + mountdPort = 4002; + }; # SMB services.samba-wsdd = { diff --git a/nixos/telperion/configuration.nix b/nixos/telperion/configuration.nix index a39256f..db6eb7c 100644 --- a/nixos/telperion/configuration.nix +++ b/nixos/telperion/configuration.nix @@ -114,7 +114,7 @@ }; # haproxy for load balancing talos and kubernetes api. - services.haproxy = { + services.haproxy = { enable = true; config = '' global diff --git a/shell.nix b/shell.nix new file mode 100644 index 0000000..d1fc12c --- /dev/null +++ b/shell.nix @@ -0,0 +1,30 @@ +# Shell for bootstrapping flake-enabled nix and home-manager +{ pkgs ? let + # If pkgs is not defined, instantiate nixpkgs from locked commit + lock = (builtins.fromJSON (builtins.readFile ./flake.lock)).nodes.nixpkgs.locked; + nixpkgs = fetchTarball { + url = "https://github.com/nixos/nixpkgs/archive/${lock.rev}.tar.gz"; + sha256 = lock.narHash; + }; + system = builtins.currentSystem; + overlays = [ ]; # Explicit blank overlay to avoid interference + in + import nixpkgs { inherit system overlays; } +, ... +}: +pkgs.mkShell { + # Enable experimental features without having to specify the argument + NIX_CONFIG = "experimental-features = nix-command flakes"; + + nativeBuildInputs = with pkgs; [ + nix + home-manager + git + nil + nixpkgs-fmt + go-task + sops + pre-commit + gitleaks + ]; +}