Compare commits

...

15 commits

11 changed files with 340 additions and 14 deletions

13
cachix.nix Normal file
View file

@ -0,0 +1,13 @@
# WARN: this file will get overwritten by $ cachix use <name>
{ pkgs, lib, ... }:
let
folder = ./cachix;
toImport = name: value: folder + ("/" + name);
filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key;
imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder));
in {
inherit imports;
nix.settings.substituters = ["https://cache.nixos.org/"];
}

13
cachix/hsndev.nix Normal file
View file

@ -0,0 +1,13 @@
{
nix = {
settings = {
substituters = [
"https://hsndev.cachix.org"
];
trusted-public-keys = [
"hsndev.cachix.org-1:vN1/XGBZtMLnTFYDmTLDrullgZHSUYY3Kqt+Yg/C+tE="
];
};
};
}

View file

@ -1,5 +1,61 @@
{ {
"nodes": { "nodes": {
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
"lastModified": 1708091384,
"narHash": "sha256-dTGGw2y8wvfjr+J9CjQbfdulOq72hUG17HXVNxpH1yE=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "0a0187794ac7f7a1e62cda3dabf8dc041f868790",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1698882062,
"narHash": "sha256-HkhafUayIqxXyHH1X8d9RDl1M2CkFgZLjKD3MzabiEo=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "8c9fa2545007b49a5db5f650ae91f227672c3877",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"home-manager": { "home-manager": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -21,13 +77,35 @@
"type": "github" "type": "github"
} }
}, },
"nix-fast-build": {
"inputs": {
"flake-parts": "flake-parts",
"nixpkgs": [
"nixpkgs"
],
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1703607026,
"narHash": "sha256-Emh0BPoqlS4ntp2UJrwydXfIP4qIMF0VBB2FUE3/M/E=",
"owner": "Mic92",
"repo": "nix-fast-build",
"rev": "4376b8a33b217ee2f78ba3dcff01a3e464d13a46",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "nix-fast-build",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1708294118, "lastModified": 1709128929,
"narHash": "sha256-evZzmLW7qoHXf76VCepvun1esZDxHfVRFUJtumD7L2M=", "narHash": "sha256-GWrv9a+AgGhG4/eI/CyVVIIygia7cEy68Huv3P8oyaw=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "e0da498ad77ac8909a980f07eff060862417ccf7", "rev": "c8e74c2f83fe12b4e5a8bd1abbc090575b0f7611",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -37,10 +115,122 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-lib": {
"locked": {
"dir": "lib",
"lastModified": 1698611440,
"narHash": "sha256-jPjHjrerhYDy3q9+s5EAsuhyhuknNfowY6yt6pjn9pc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0cbe9f69c234a7700596e943bfae7ef27a31b735",
"type": "github"
},
"original": {
"dir": "lib",
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1708819810,
"narHash": "sha256-1KosU+ZFXf31GPeCBNxobZWMgHsSOJcrSFA6F2jhzdE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "89a2a12e6c8c6a56c72eb3589982c8e2f89c70ea",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"deploy-rs": "deploy-rs",
"home-manager": "home-manager", "home-manager": "home-manager",
"nixpkgs": "nixpkgs" "nix-fast-build": "nix-fast-build",
"nixpkgs": "nixpkgs",
"sops-nix": "sops-nix"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1708987867,
"narHash": "sha256-k2lDaDWNTU5sBVHanYzjDKVDmk29RHIgdbbXu5sdzBA=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "a1c8de14f60924fafe13aea66b46157f0150f4cf",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"nix-fast-build",
"nixpkgs"
]
},
"locked": {
"lastModified": 1698438538,
"narHash": "sha256-AWxaKTDL3MtxaVTVU5lYBvSnlspOS0Fjt8GxBgnU0Do=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "5deb8dc125a9f83b65ca86cf0c8167c46593e0b1",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1701680307,
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
} }
} }
}, },

View file

@ -17,10 +17,47 @@
url = "github:nix-community/home-manager/release-23.11"; url = "github:nix-community/home-manager/release-23.11";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
# nix-fast-build
nix-fast-build = {
url = "github:Mic92/nix-fast-build";
inputs.nixpkgs.follows = "nixpkgs";
};
# sops-nix
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
# deploy-rs
deploy-rs = {
url = "github:serokell/deploy-rs";
inputs.nixpkgs.follows = "nixpkgs";
};
}; };
# The `@` syntax here is used to alias the attribute set of the # The `@` syntax here is used to alias the attribute set of the
# inputs's parameter, making it convenient to use inside the function. # inputs's parameter, making it convenient to use inside the function.
outputs = { self, nixpkgs, home-manager, ... }@inputs: { outputs = { self, nixpkgs, home-manager, ... }@inputs:
let
forAllSystems = nixpkgs.lib.genAttrs [
"aarch64-linux"
"x86_64-linux"
];
in
{
hosts = import ./hosts.nix;
pkgs = forAllSystems (localSystem: import nixpkgs {
inherit localSystem;
config = {
allowUnfree = true;
allowAliases = true;
};
});
packages = forAllSystems (import ./packages inputs);
nixosConfigurations = { nixosConfigurations = {
"durincore" = nixpkgs.lib.nixosSystem { "durincore" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
@ -68,5 +105,6 @@
]; ];
}; };
}; };
}; };
} }

View file

@ -43,7 +43,7 @@
functions = { functions = {
fish_greeting = { fish_greeting = {
description = "Set the fish greeting"; description = "Set the fish greeting";
body = "neofetch"; body = "fastfetch";
}; };
}; };
}; };
@ -92,14 +92,16 @@
# kubernetes # kubernetes
k9s k9s
kubectl kubectl
kubelogin-oidc # omni login for k8s
krew krew
fluxcd fluxcd
kubernetes-helm kubernetes-helm
cilium-cli cilium-cli
hubble hubble
lens
# misc # misc
neofetch fastfetch
cowsay cowsay
file file
which which
@ -109,6 +111,7 @@
gawk gawk
zstd zstd
gnupg gnupg
fira-code-nerdfont
# nix related # nix related
# #
@ -149,6 +152,7 @@
# Dev # Dev
vscode vscode
termius termius
atuin
]; ];
# starship - an customizable prompt for any shell # starship - an customizable prompt for any shell

View file

@ -9,6 +9,13 @@
homeDirectory = "/home/jahanson"; homeDirectory = "/home/jahanson";
}; };
imports = [
"${fetchTarball "https://github.com/msteen/nixos-vscode-server/tarball/master"}/modules/vscode-server/home.nix"
];
services.vscode-server.enable = true;
# basic configuration of git, please change to your own # basic configuration of git, please change to your own
programs.git = { programs.git = {
enable = true; enable = true;
@ -44,7 +51,7 @@
functions = { functions = {
fish_greeting = { fish_greeting = {
description = "Set the fish greeting"; description = "Set the fish greeting";
body = "neofetch"; body = "fastfetch";
}; };
}; };
}; };
@ -76,7 +83,7 @@
# here is some command line tools I use frequently # here is some command line tools I use frequently
# feel free to add your own or remove some of them # feel free to add your own or remove some of them
neofetch fastfetch
go-task go-task
# terminal file managers # terminal file managers

View file

@ -69,7 +69,7 @@
functions = { functions = {
fish_greeting = { fish_greeting = {
description = "Set the fish greeting"; description = "Set the fish greeting";
body = "neofetch"; body = "fastfetch";
}; };
}; };
}; };
@ -79,7 +79,7 @@
# here is some command line tools I use frequently # here is some command line tools I use frequently
# feel free to add your own or remove some of them # feel free to add your own or remove some of them
neofetch fastfetch
go-task go-task
# terminal file managers # terminal file managers

21
hosts.nix Normal file
View file

@ -0,0 +1,21 @@
{
durincore = {
type = "nixos";
hostPlatform = "x86_64-linux";
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsUe5YF5z8vGcEYtQX7AAiw2rJygGf2l7xxr8nZZa7w";
};
gandalf = {
type = "nixos";
address = "gandalf.jahanson.tech";
hostPlatform = "x86_64-linux";
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsUe5YF5z8vGcEYtQX7AAiw2rJygGf2l7xxr8nZZa7w";
remoteBuild = true;
};
este = {
type = "nixos";
address = "este.jahanson.tech";
hostPlatform = "x86_64-linux";
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsUe5YF5z8vGcEYtQX7AAiw2rJygGf2l7xxr8nZZa7w";
remoteBuild = true;
};
}

View file

@ -1,6 +1,7 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
{ {
imports = [ ../cachix.nix ];
# Bootloader. # Bootloader.
boot = { boot = {
loader = { loader = {
@ -20,6 +21,7 @@
}; };
nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.settings.trusted-users = [ "root" "jahanson" ];
# Enable fish # Enable fish
programs.fish.enable = true; programs.fish.enable = true;
@ -31,6 +33,7 @@
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPHFQ3hDjjrKsecn3jmSWYlRXy4IJCrepgU1HaIV5VcmB3mUFmIZ/pCZnPmIG/Gbuqf1PP2FQDmHMX5t0hTYG9A=" "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPHFQ3hDjjrKsecn3jmSWYlRXy4IJCrepgU1HaIV5VcmB3mUFmIZ/pCZnPmIG/Gbuqf1PP2FQDmHMX5t0hTYG9A="
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETR70eQJiXaJuB+qpI1z+jFOPbEZoQNRcq4VXkojWfU" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETR70eQJiXaJuB+qpI1z+jFOPbEZoQNRcq4VXkojWfU"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAanHn3AWxWfHv51wgDmJwhQrJgsGd+LomJJZ5kXFTP3 jahanson@durincore" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAanHn3AWxWfHv51wgDmJwhQrJgsGd+LomJJZ5kXFTP3 jahanson@durincore"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIATyScd8ZRhV7uZmrQNSAbRTs9N/Dbx+Y8tGEDny30sA jahanson@Anduril"
]; ];
# Set up users # Set up users
@ -45,9 +48,10 @@
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPHFQ3hDjjrKsecn3jmSWYlRXy4IJCrepgU1HaIV5VcmB3mUFmIZ/pCZnPmIG/Gbuqf1PP2FQDmHMX5t0hTYG9A=" "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPHFQ3hDjjrKsecn3jmSWYlRXy4IJCrepgU1HaIV5VcmB3mUFmIZ/pCZnPmIG/Gbuqf1PP2FQDmHMX5t0hTYG9A="
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETR70eQJiXaJuB+qpI1z+jFOPbEZoQNRcq4VXkojWfU" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETR70eQJiXaJuB+qpI1z+jFOPbEZoQNRcq4VXkojWfU"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAanHn3AWxWfHv51wgDmJwhQrJgsGd+LomJJZ5kXFTP3 jahanson@durincore" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAanHn3AWxWfHv51wgDmJwhQrJgsGd+LomJJZ5kXFTP3 jahanson@durincore"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIATyScd8ZRhV7uZmrQNSAbRTs9N/Dbx+Y8tGEDny30sA jahanson@Anduril"
]; ];
}; };
# Default editor # Default editor
environment.variables.EDITOR = "vim"; environment.variables.EDITOR = "vim";
# Time zone. # Time zone.
@ -89,4 +93,4 @@
# Enable/Start Tailscale service # Enable/Start Tailscale service
services.tailscale.enable = true; services.tailscale.enable = true;
} }

View file

@ -32,6 +32,16 @@
settings.KbdInteractiveAuthentication = false; settings.KbdInteractiveAuthentication = false;
}; };
services.hydra = {
enable = true;
hydraURL = "http://10.1.1.56:3000"; # externally visible URL
notificationSender = "hydra@localhost"; # e-mail of hydra service
# a standalone hydra will require you to unset the buildMachinesFiles list to avoid using a nonexistant /etc/nix/machines
buildMachinesFiles = [];
# you will probably also want, otherwise *everything* will be built from scratch
useSubstitutes = true;
};
# Open ports in the firewall. # Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ];

26
packages/default.nix Normal file
View file

@ -0,0 +1,26 @@
{
self,
nix-fast-build,
...
}:
hostPlatform:
let
inherit (self.pkgs."x86_64-linux") callPackage lib linkFarm;
hostDrvs = lib.mapAttrs (_: nixos: nixos.config.system.build.toplevel) self.nixosConfigurations;
compatHosts = lib.filterAttrs (_: host: host.hostPlatform == hostPlatform) self.hosts;
compatHostDrvs = lib.mapAttrs
(name: _: hostDrvs.${name})
compatHosts;
compatHostsFarm = linkFarm "hosts-x86_64-linux" (lib.mapAttrsToList (name: path: { inherit name path; }) compatHostDrvs);
in
compatHostDrvs
// (lib.optionalAttrs (compatHosts != { }) {
default = compatHostsFarm;
}) // {
inherit (nix-fast-build.packages."x86_64-linux") nix-fast-build;
inherit (self.pkgs."x86_64-linux") cachix nix-eval-jobs;
}