Compare commits

...

15 commits

11 changed files with 340 additions and 14 deletions

13
cachix.nix Normal file
View file

@ -0,0 +1,13 @@
# WARN: this file will get overwritten by $ cachix use <name>
{ pkgs, lib, ... }:
let
folder = ./cachix;
toImport = name: value: folder + ("/" + name);
filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key;
imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder));
in {
inherit imports;
nix.settings.substituters = ["https://cache.nixos.org/"];
}

13
cachix/hsndev.nix Normal file
View file

@ -0,0 +1,13 @@
{
nix = {
settings = {
substituters = [
"https://hsndev.cachix.org"
];
trusted-public-keys = [
"hsndev.cachix.org-1:vN1/XGBZtMLnTFYDmTLDrullgZHSUYY3Kqt+Yg/C+tE="
];
};
};
}

View file

@ -1,5 +1,61 @@
{
"nodes": {
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
"lastModified": 1708091384,
"narHash": "sha256-dTGGw2y8wvfjr+J9CjQbfdulOq72hUG17HXVNxpH1yE=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "0a0187794ac7f7a1e62cda3dabf8dc041f868790",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1698882062,
"narHash": "sha256-HkhafUayIqxXyHH1X8d9RDl1M2CkFgZLjKD3MzabiEo=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "8c9fa2545007b49a5db5f650ae91f227672c3877",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@ -21,13 +77,35 @@
"type": "github"
}
},
"nix-fast-build": {
"inputs": {
"flake-parts": "flake-parts",
"nixpkgs": [
"nixpkgs"
],
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1703607026,
"narHash": "sha256-Emh0BPoqlS4ntp2UJrwydXfIP4qIMF0VBB2FUE3/M/E=",
"owner": "Mic92",
"repo": "nix-fast-build",
"rev": "4376b8a33b217ee2f78ba3dcff01a3e464d13a46",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "nix-fast-build",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1708294118,
"narHash": "sha256-evZzmLW7qoHXf76VCepvun1esZDxHfVRFUJtumD7L2M=",
"lastModified": 1709128929,
"narHash": "sha256-GWrv9a+AgGhG4/eI/CyVVIIygia7cEy68Huv3P8oyaw=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "e0da498ad77ac8909a980f07eff060862417ccf7",
"rev": "c8e74c2f83fe12b4e5a8bd1abbc090575b0f7611",
"type": "github"
},
"original": {
@ -37,10 +115,122 @@
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"dir": "lib",
"lastModified": 1698611440,
"narHash": "sha256-jPjHjrerhYDy3q9+s5EAsuhyhuknNfowY6yt6pjn9pc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0cbe9f69c234a7700596e943bfae7ef27a31b735",
"type": "github"
},
"original": {
"dir": "lib",
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1708819810,
"narHash": "sha256-1KosU+ZFXf31GPeCBNxobZWMgHsSOJcrSFA6F2jhzdE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "89a2a12e6c8c6a56c72eb3589982c8e2f89c70ea",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"deploy-rs": "deploy-rs",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs"
"nix-fast-build": "nix-fast-build",
"nixpkgs": "nixpkgs",
"sops-nix": "sops-nix"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1708987867,
"narHash": "sha256-k2lDaDWNTU5sBVHanYzjDKVDmk29RHIgdbbXu5sdzBA=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "a1c8de14f60924fafe13aea66b46157f0150f4cf",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"nix-fast-build",
"nixpkgs"
]
},
"locked": {
"lastModified": 1698438538,
"narHash": "sha256-AWxaKTDL3MtxaVTVU5lYBvSnlspOS0Fjt8GxBgnU0Do=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "5deb8dc125a9f83b65ca86cf0c8167c46593e0b1",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1701680307,
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},

View file

@ -17,10 +17,47 @@
url = "github:nix-community/home-manager/release-23.11";
inputs.nixpkgs.follows = "nixpkgs";
};
# nix-fast-build
nix-fast-build = {
url = "github:Mic92/nix-fast-build";
inputs.nixpkgs.follows = "nixpkgs";
};
# sops-nix
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
# deploy-rs
deploy-rs = {
url = "github:serokell/deploy-rs";
inputs.nixpkgs.follows = "nixpkgs";
};
};
# The `@` syntax here is used to alias the attribute set of the
# inputs's parameter, making it convenient to use inside the function.
outputs = { self, nixpkgs, home-manager, ... }@inputs: {
outputs = { self, nixpkgs, home-manager, ... }@inputs:
let
forAllSystems = nixpkgs.lib.genAttrs [
"aarch64-linux"
"x86_64-linux"
];
in
{
hosts = import ./hosts.nix;
pkgs = forAllSystems (localSystem: import nixpkgs {
inherit localSystem;
config = {
allowUnfree = true;
allowAliases = true;
};
});
packages = forAllSystems (import ./packages inputs);
nixosConfigurations = {
"durincore" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
@ -68,5 +105,6 @@
];
};
};
};
}

View file

@ -43,7 +43,7 @@
functions = {
fish_greeting = {
description = "Set the fish greeting";
body = "neofetch";
body = "fastfetch";
};
};
};
@ -92,14 +92,16 @@
# kubernetes
k9s
kubectl
kubelogin-oidc # omni login for k8s
krew
fluxcd
kubernetes-helm
cilium-cli
hubble
lens
# misc
neofetch
fastfetch
cowsay
file
which
@ -109,6 +111,7 @@
gawk
zstd
gnupg
fira-code-nerdfont
# nix related
#
@ -149,6 +152,7 @@
# Dev
vscode
termius
atuin
];
# starship - an customizable prompt for any shell

View file

@ -9,6 +9,13 @@
homeDirectory = "/home/jahanson";
};
imports = [
"${fetchTarball "https://github.com/msteen/nixos-vscode-server/tarball/master"}/modules/vscode-server/home.nix"
];
services.vscode-server.enable = true;
# basic configuration of git, please change to your own
programs.git = {
enable = true;
@ -44,7 +51,7 @@
functions = {
fish_greeting = {
description = "Set the fish greeting";
body = "neofetch";
body = "fastfetch";
};
};
};
@ -76,7 +83,7 @@
# here is some command line tools I use frequently
# feel free to add your own or remove some of them
neofetch
fastfetch
go-task
# terminal file managers

View file

@ -69,7 +69,7 @@
functions = {
fish_greeting = {
description = "Set the fish greeting";
body = "neofetch";
body = "fastfetch";
};
};
};
@ -79,7 +79,7 @@
# here is some command line tools I use frequently
# feel free to add your own or remove some of them
neofetch
fastfetch
go-task
# terminal file managers

21
hosts.nix Normal file
View file

@ -0,0 +1,21 @@
{
durincore = {
type = "nixos";
hostPlatform = "x86_64-linux";
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsUe5YF5z8vGcEYtQX7AAiw2rJygGf2l7xxr8nZZa7w";
};
gandalf = {
type = "nixos";
address = "gandalf.jahanson.tech";
hostPlatform = "x86_64-linux";
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsUe5YF5z8vGcEYtQX7AAiw2rJygGf2l7xxr8nZZa7w";
remoteBuild = true;
};
este = {
type = "nixos";
address = "este.jahanson.tech";
hostPlatform = "x86_64-linux";
pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsUe5YF5z8vGcEYtQX7AAiw2rJygGf2l7xxr8nZZa7w";
remoteBuild = true;
};
}

View file

@ -1,6 +1,7 @@
{ config, lib, pkgs, ... }:
{
imports = [ ../cachix.nix ];
# Bootloader.
boot = {
loader = {
@ -20,6 +21,7 @@
};
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.settings.trusted-users = [ "root" "jahanson" ];
# Enable fish
programs.fish.enable = true;
@ -31,6 +33,7 @@
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPHFQ3hDjjrKsecn3jmSWYlRXy4IJCrepgU1HaIV5VcmB3mUFmIZ/pCZnPmIG/Gbuqf1PP2FQDmHMX5t0hTYG9A="
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETR70eQJiXaJuB+qpI1z+jFOPbEZoQNRcq4VXkojWfU"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAanHn3AWxWfHv51wgDmJwhQrJgsGd+LomJJZ5kXFTP3 jahanson@durincore"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIATyScd8ZRhV7uZmrQNSAbRTs9N/Dbx+Y8tGEDny30sA jahanson@Anduril"
];
# Set up users
@ -45,9 +48,10 @@
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPHFQ3hDjjrKsecn3jmSWYlRXy4IJCrepgU1HaIV5VcmB3mUFmIZ/pCZnPmIG/Gbuqf1PP2FQDmHMX5t0hTYG9A="
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETR70eQJiXaJuB+qpI1z+jFOPbEZoQNRcq4VXkojWfU"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAanHn3AWxWfHv51wgDmJwhQrJgsGd+LomJJZ5kXFTP3 jahanson@durincore"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIATyScd8ZRhV7uZmrQNSAbRTs9N/Dbx+Y8tGEDny30sA jahanson@Anduril"
];
};
};
# Default editor
environment.variables.EDITOR = "vim";
# Time zone.
@ -89,4 +93,4 @@
# Enable/Start Tailscale service
services.tailscale.enable = true;
}
}

View file

@ -32,6 +32,16 @@
settings.KbdInteractiveAuthentication = false;
};
services.hydra = {
enable = true;
hydraURL = "http://10.1.1.56:3000"; # externally visible URL
notificationSender = "hydra@localhost"; # e-mail of hydra service
# a standalone hydra will require you to unset the buildMachinesFiles list to avoid using a nonexistant /etc/nix/machines
buildMachinesFiles = [];
# you will probably also want, otherwise *everything* will be built from scratch
useSubstitutes = true;
};
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];

26
packages/default.nix Normal file
View file

@ -0,0 +1,26 @@
{
self,
nix-fast-build,
...
}:
hostPlatform:
let
inherit (self.pkgs."x86_64-linux") callPackage lib linkFarm;
hostDrvs = lib.mapAttrs (_: nixos: nixos.config.system.build.toplevel) self.nixosConfigurations;
compatHosts = lib.filterAttrs (_: host: host.hostPlatform == hostPlatform) self.hosts;
compatHostDrvs = lib.mapAttrs
(name: _: hostDrvs.${name})
compatHosts;
compatHostsFarm = linkFarm "hosts-x86_64-linux" (lib.mapAttrsToList (name: path: { inherit name path; }) compatHostDrvs);
in
compatHostDrvs
// (lib.optionalAttrs (compatHosts != { }) {
default = compatHostsFarm;
}) // {
inherit (nix-fast-build.packages."x86_64-linux") nix-fast-build;
inherit (self.pkgs."x86_64-linux") cachix nix-eval-jobs;
}