From 55473f78ad7b015737a0e18355338fafa90f73aa Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 13 Jan 2024 10:47:37 +0800 Subject: [PATCH 1/2] chore: fix format --- flake.nix | 98 ++++++++++++++++++--------------- machines/dolomite/default.nix | 5 ++ machines/massicot/default.nix | 2 +- modules/home-manager/vscode.nix | 2 +- 4 files changed, 60 insertions(+), 47 deletions(-) diff --git a/flake.nix b/flake.nix index e5d7755..c8182ad 100644 --- a/flake.nix +++ b/flake.nix @@ -9,7 +9,7 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - nix-vscode-extensions = { + nix-vscode-extensions = { url = "github:nix-community/nix-vscode-extensions"; inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "flake-utils"; @@ -20,7 +20,7 @@ inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "flake-utils"; }; - + nur = { url = "github:nix-community/NUR"; }; @@ -86,7 +86,7 @@ }; }; }; - mkNixos = { system, modules, specialArgs ? {}}: nixpkgs.lib.nixosSystem { + mkNixos = { system, modules, specialArgs ? { } }: nixpkgs.lib.nixosSystem { inherit system; specialArgs = specialArgs // { inherit inputs system; }; modules = [ @@ -102,57 +102,65 @@ homeConfigurations = builtins.listToAttrs [ (mkHomeConfiguration "xin" "calcite") ]; - colmenaHive = colmena.lib.makeHive { + colmenaHive = + let + deploymentModule = { + deployment.targetUser = "xin"; + }; + sharedModules = [ + self.nixosModules.default + deploymentModule + ]; + in + colmena.lib.makeHive { meta = { - nixpkgs = import nixpkgs { - system = "x86_64-linux"; - }; - machinesFile = ./nixbuild.net; - specialArgs = { - inherit inputs; - }; + nixpkgs = import nixpkgs { + system = "x86_64-linux"; + }; + machinesFile = ./nixbuild.net; + specialArgs = { + inherit inputs; + }; }; massicot = { name, nodes, pkgs, ... }: with inputs; { - deployment.targetHost = "49.13.13.122"; + deployment.targetHost = "49.13.13.122"; + deployment.buildOnTarget = true; - imports = [ - { nixpkgs.system = "aarch64-linux"; } - self.nixosModules.default - machines/massicot - ]; + imports = [ + { nixpkgs.system = "aarch64-linux"; } + machines/massicot + ] ++ sharedModules; }; sgp-00 = { name, nodes, pkgs, ... }: with inputs; { - imports = [ - self.nixosModules.default - machines/dolomite - ]; - nixpkgs.system = "x86_64-linux"; - networking.hostName = "sgp-00"; - system.stateVersion = "23.11"; - deployment = { - targetHost = "video.namely.icu"; - buildOnTarget = false; - tags = [ "proxy" ]; - }; + imports = [ + machines/dolomite + ] ++ sharedModules; + nixpkgs.system = "x86_64-linux"; + networking.hostName = "sgp-00"; + system.stateVersion = "23.11"; + deployment = { + targetHost = "video.namely.icu"; + buildOnTarget = false; + tags = [ "proxy" ]; + }; }; tok-00 = { name, nodes, pkgs, ... }: with inputs; { - imports = [ - self.nixosModules.default - machines/dolomite - ]; - nixpkgs.system = "x86_64-linux"; - networking.hostName = "tok-00"; - system.stateVersion = "23.11"; - deployment = { - targetHost = "video01.namely.icu"; - buildOnTarget = false; - tags = [ "proxy" ]; - }; + imports = [ + machines/dolomite + ] ++ sharedModules; + nixpkgs.system = "x86_64-linux"; + networking.hostName = "tok-00"; + system.stateVersion = "23.11"; + deployment = { + targetHost = "video01.namely.icu"; + buildOnTarget = false; + tags = [ "proxy" ]; + }; }; - }; + }; nixosConfigurations = { calcite = mkNixos { @@ -162,7 +170,7 @@ machines/calcite/configuration.nix (mkHome "xin" "calcite") ]; - }; + }; raspite = mkNixos { system = "aarch64-linux"; modules = [ @@ -186,12 +194,12 @@ } ]; }).config.system.build.sdImage; - } // flake-utils.lib.eachDefaultSystem (system: + } // flake-utils.lib.eachDefaultSystem (system: let pkgs = nixpkgs.legacyPackages.${system}; in { devShells = { default = pkgs.mkShell { - packages = with pkgs; [ git colmena sops nix-output-monitor ]; + packages = with pkgs; [ git colmena sops nix-output-monitor rnix-lsp ]; }; }; } diff --git a/machines/dolomite/default.nix b/machines/dolomite/default.nix index e10df8b..bb91fa5 100644 --- a/machines/dolomite/default.nix +++ b/machines/dolomite/default.nix @@ -66,12 +66,17 @@ }; }; services.fail2ban.enable = true; + programs.mosh.enable = true; security.sudo = { execWheelOnly = true; wheelNeedsPassword = false; }; + nix.settings = { + trusted-users = config.users.groups.wheel.members; + }; + services.sing-box = let singTls = { enabled = true; diff --git a/machines/massicot/default.nix b/machines/massicot/default.nix index 283dadb..7a40b4e 100644 --- a/machines/massicot/default.nix +++ b/machines/massicot/default.nix @@ -87,8 +87,8 @@ KerberosAuthentication = "no"; }; }; - services.fail2ban.enable = true; + programs.mosh.enable = true; systemd.services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ]; } diff --git a/modules/home-manager/vscode.nix b/modules/home-manager/vscode.nix index 38e70e9..f8c98cc 100644 --- a/modules/home-manager/vscode.nix +++ b/modules/home-manager/vscode.nix @@ -5,7 +5,7 @@ let cfg = config.custom-hm.vscode; in { - options.custom-hm.vscode = { + options.custom-hm.vscode = { enable = mkEnableOption "Vscode config"; }; config = mkIf cfg.enable { From 6d6e66a056cf7e0e81237173c207bc34c938369e Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sat, 13 Jan 2024 11:06:58 +0800 Subject: [PATCH 2/2] bump version --- flake.lock | 36 +++++++++++++++--------------- modules/home-manager/alacritty.nix | 8 +++---- 2 files changed, 22 insertions(+), 22 deletions(-) diff --git a/flake.lock b/flake.lock index 45cbde5..2cf70b8 100644 --- a/flake.lock +++ b/flake.lock @@ -84,11 +84,11 @@ ] }, "locked": { - "lastModified": 1704498488, - "narHash": "sha256-yINKdShHrtjdiJhov+q0s3Y3B830ujRoSbHduUNyKag=", + "lastModified": 1705104164, + "narHash": "sha256-pllCu3Hcm1wP/B0SUxgUXvHeEd4w8s2aVrEQRdIL1yo=", "owner": "nix-community", "repo": "home-manager", - "rev": "51e44a13acea71b36245e8bd8c7db53e0a3e61ee", + "rev": "0912d26b30332ae6a90e1b321ff88e80492127dd", "type": "github" }, "original": { @@ -128,11 +128,11 @@ ] }, "locked": { - "lastModified": 1704590722, - "narHash": "sha256-exh2bDwYYkdJgm5wLvpWht5bRuPigk8v4Z7l4RegX3Q=", + "lastModified": 1705108826, + "narHash": "sha256-1xOzPcS8Zr4rqgLoaRwAcKqdCdzrBDaNwT+tiBdXf18=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "7d0eace387cf4fd2812d0791684f4befa0865512", + "rev": "92fd8c24719f08692c36b685de6884a20080edf0", "type": "github" }, "original": { @@ -166,11 +166,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1704632650, - "narHash": "sha256-83J/nd/NoLqo3vj0S0Ppqe8L+ijIFiGL6HNDfCCUD/Q=", + "lastModified": 1704786394, + "narHash": "sha256-aJM0ln9fMGWw1+tjyl5JZWZ3ahxAA2gw2ZpZY/hkEMs=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "c478b3d56969006e015e55aaece4931f3600c1b2", + "rev": "b34a6075e9e298c4124e35c3ccaf2210c1f3a43b", "type": "github" }, "original": { @@ -182,11 +182,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1704194953, - "narHash": "sha256-RtDKd8Mynhe5CFnVT8s0/0yqtWFMM9LmCzXv/YKxnq4=", + "lastModified": 1704722960, + "narHash": "sha256-mKGJ3sPsT6//s+Knglai5YflJUF2DGj7Ai6Ynopz0kI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "bd645e8668ec6612439a9ee7e71f7eac4099d4f6", + "rev": "317484b1ead87b9c1b8ac5261a8d2dd748a0492d", "type": "github" }, "original": { @@ -230,11 +230,11 @@ }, "nur": { "locked": { - "lastModified": 1704645857, - "narHash": "sha256-YRFry+uleoeDKs0kr039eVCN5XSCOuUbgbyKMJRXeFY=", + "lastModified": 1705110884, + "narHash": "sha256-8t8C+vYVoNsG7uv1cH/vkUHM84EkxGRoPuwk1TMXBZE=", "owner": "nix-community", "repo": "NUR", - "rev": "e72bc8a4fff841c6a131fe40471e4ae401f31096", + "rev": "075357ead2dbaf5c64120371f6a1e57d1ee23a02", "type": "github" }, "original": { @@ -266,11 +266,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1704596510, - "narHash": "sha256-tupdwwg1WeX2hNMOQrvtyafTaTVty0QC/gQp7yaYJic=", + "lastModified": 1704908274, + "narHash": "sha256-74W9Yyomv3COGRmKi8zvyA5tL2KLiVkBeaYmYLjXyOw=", "owner": "Mic92", "repo": "sops-nix", - "rev": "f5fbcc0f50e7fc60c4f806fa7a09abccf0826d8a", + "rev": "c0b3a5af90fae3ba95645bbf85d2b64880addd76", "type": "github" }, "original": { diff --git a/modules/home-manager/alacritty.nix b/modules/home-manager/alacritty.nix index 9f10b00..4c79b19 100644 --- a/modules/home-manager/alacritty.nix +++ b/modules/home-manager/alacritty.nix @@ -26,13 +26,13 @@ in dynamic_padding = true; }; import = [ - "${config.xdg.configHome}/alacritty/catppuccin-macchiato.yml" + "${config.xdg.configHome}/alacritty/catppuccin-macchiato.toml" ]; }; }; - xdg.configFile."alacritty/catppuccin-macchiato.yml".source = builtins.fetchurl { - url = "https://raw.githubusercontent.com/catppuccin/alacritty/main/catppuccin-macchiato.yml"; - sha256 = "sha256-+m8FyPStdh1A1xMVBOkHpfcaFPcyVL99tIxHuDZ2zXI="; + xdg.configFile."alacritty/catppuccin-macchiato.toml".source = builtins.fetchurl { + url = "https://raw.githubusercontent.com/catppuccin/alacritty/main/catppuccin-macchiato.toml"; + sha256 = "sha256:1iq187vg64h4rd15b8fv210liqkbzkh8sw04ykq0hgpx20w3qilv"; }; }; }