xin/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: xin:6d6e66a056cf7e0e81237173c207bc34c938369e
Branches Tags
xin:master
xin:deploy
xin:testing-weilite
xin:testing-raspite
xin:testing-calcite
xin:next
xin:deploy-comin-eval
..
compare: xin:5da958c996512a82bcb8046faede44c4bc94937f
Branches Tags
xin:deploy
xin:testing-weilite
xin:testing-raspite
xin:testing-calcite
xin:next
xin:deploy-comin-eval
xin:master

No commits in common. "6d6e66a056cf7e0e81237173c207bc34c938369e" and "5da958c996512a82bcb8046faede44c4bc94937f" have entirely different histories.
6d6e66a056 ... 5da958c996

6 changed files with 69 additions and 82 deletions
Show stats Expand all files Collapse all files

36
flake.lock generated
View file

@ -84,11 +84,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1705104164, "lastModified": 1704498488,
"narHash": "sha256-pllCu3Hcm1wP/B0SUxgUXvHeEd4w8s2aVrEQRdIL1yo=", "narHash": "sha256-yINKdShHrtjdiJhov+q0s3Y3B830ujRoSbHduUNyKag=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "0912d26b30332ae6a90e1b321ff88e80492127dd", "rev": "51e44a13acea71b36245e8bd8c7db53e0a3e61ee",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -128,11 +128,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1705108826, "lastModified": 1704590722,
"narHash": "sha256-1xOzPcS8Zr4rqgLoaRwAcKqdCdzrBDaNwT+tiBdXf18=", "narHash": "sha256-exh2bDwYYkdJgm5wLvpWht5bRuPigk8v4Z7l4RegX3Q=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nix-vscode-extensions", "repo": "nix-vscode-extensions",
"rev": "92fd8c24719f08692c36b685de6884a20080edf0", "rev": "7d0eace387cf4fd2812d0791684f4befa0865512",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -166,11 +166,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1704786394, "lastModified": 1704632650,
"narHash": "sha256-aJM0ln9fMGWw1+tjyl5JZWZ3ahxAA2gw2ZpZY/hkEMs=", "narHash": "sha256-83J/nd/NoLqo3vj0S0Ppqe8L+ijIFiGL6HNDfCCUD/Q=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "b34a6075e9e298c4124e35c3ccaf2210c1f3a43b", "rev": "c478b3d56969006e015e55aaece4931f3600c1b2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -182,11 +182,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1704722960, "lastModified": 1704194953,
"narHash": "sha256-mKGJ3sPsT6//s+Knglai5YflJUF2DGj7Ai6Ynopz0kI=", "narHash": "sha256-RtDKd8Mynhe5CFnVT8s0/0yqtWFMM9LmCzXv/YKxnq4=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "317484b1ead87b9c1b8ac5261a8d2dd748a0492d", "rev": "bd645e8668ec6612439a9ee7e71f7eac4099d4f6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -230,11 +230,11 @@
}, },
"nur": { "nur": {
"locked": { "locked": {
"lastModified": 1705110884, "lastModified": 1704645857,
"narHash": "sha256-8t8C+vYVoNsG7uv1cH/vkUHM84EkxGRoPuwk1TMXBZE=", "narHash": "sha256-YRFry+uleoeDKs0kr039eVCN5XSCOuUbgbyKMJRXeFY=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "075357ead2dbaf5c64120371f6a1e57d1ee23a02", "rev": "e72bc8a4fff841c6a131fe40471e4ae401f31096",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -266,11 +266,11 @@
"nixpkgs-stable": "nixpkgs-stable_2" "nixpkgs-stable": "nixpkgs-stable_2"
}, },
"locked": { "locked": {
"lastModified": 1704908274, "lastModified": 1704596510,
"narHash": "sha256-74W9Yyomv3COGRmKi8zvyA5tL2KLiVkBeaYmYLjXyOw=", "narHash": "sha256-tupdwwg1WeX2hNMOQrvtyafTaTVty0QC/gQp7yaYJic=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "c0b3a5af90fae3ba95645bbf85d2b64880addd76", "rev": "f5fbcc0f50e7fc60c4f806fa7a09abccf0826d8a",
"type": "github" "type": "github"
}, },
"original": { "original": {

98
flake.nix
View file

@ -9,7 +9,7 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nix-vscode-extensions = { nix-vscode-extensions = {
url = "github:nix-community/nix-vscode-extensions"; url = "github:nix-community/nix-vscode-extensions";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils"; inputs.flake-utils.follows = "flake-utils";
@ -20,7 +20,7 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils"; inputs.flake-utils.follows = "flake-utils";
}; };
nur = { nur = {
url = "github:nix-community/NUR"; url = "github:nix-community/NUR";
}; };
@ -86,7 +86,7 @@
}; };
}; };
}; };
mkNixos = { system, modules, specialArgs ? { } }: nixpkgs.lib.nixosSystem { mkNixos = { system, modules, specialArgs ? {}}: nixpkgs.lib.nixosSystem {
inherit system; inherit system;
specialArgs = specialArgs // { inherit inputs system; }; specialArgs = specialArgs // { inherit inputs system; };
modules = [ modules = [
@ -102,65 +102,57 @@
homeConfigurations = builtins.listToAttrs [ (mkHomeConfiguration "xin" "calcite") ]; homeConfigurations = builtins.listToAttrs [ (mkHomeConfiguration "xin" "calcite") ];
colmenaHive = colmenaHive = colmena.lib.makeHive {
let
deploymentModule = {
deployment.targetUser = "xin";
};
sharedModules = [
self.nixosModules.default
deploymentModule
];
in
colmena.lib.makeHive {
meta = { meta = {
nixpkgs = import nixpkgs { nixpkgs = import nixpkgs {
system = "x86_64-linux"; system = "x86_64-linux";
}; };
machinesFile = ./nixbuild.net; machinesFile = ./nixbuild.net;
specialArgs = { specialArgs = {
inherit inputs; inherit inputs;
}; };
}; };
massicot = { name, nodes, pkgs, ... }: with inputs; { massicot = { name, nodes, pkgs, ... }: with inputs; {
deployment.targetHost = "49.13.13.122"; deployment.targetHost = "49.13.13.122";
deployment.buildOnTarget = true;
imports = [ imports = [
{ nixpkgs.system = "aarch64-linux"; } { nixpkgs.system = "aarch64-linux"; }
machines/massicot self.nixosModules.default
] ++ sharedModules; machines/massicot
];
}; };
sgp-00 = { name, nodes, pkgs, ... }: with inputs; { sgp-00 = { name, nodes, pkgs, ... }: with inputs; {
imports = [ imports = [
machines/dolomite self.nixosModules.default
] ++ sharedModules; machines/dolomite
nixpkgs.system = "x86_64-linux"; ];
networking.hostName = "sgp-00"; nixpkgs.system = "x86_64-linux";
system.stateVersion = "23.11"; networking.hostName = "sgp-00";
deployment = { system.stateVersion = "23.11";
targetHost = "video.namely.icu"; deployment = {
buildOnTarget = false; targetHost = "video.namely.icu";
tags = [ "proxy" ]; buildOnTarget = false;
}; tags = [ "proxy" ];
};
}; };
tok-00 = { name, nodes, pkgs, ... }: with inputs; { tok-00 = { name, nodes, pkgs, ... }: with inputs; {
imports = [ imports = [
machines/dolomite self.nixosModules.default
] ++ sharedModules; machines/dolomite
nixpkgs.system = "x86_64-linux"; ];
networking.hostName = "tok-00"; nixpkgs.system = "x86_64-linux";
system.stateVersion = "23.11"; networking.hostName = "tok-00";
deployment = { system.stateVersion = "23.11";
targetHost = "video01.namely.icu"; deployment = {
buildOnTarget = false; targetHost = "video01.namely.icu";
tags = [ "proxy" ]; buildOnTarget = false;
}; tags = [ "proxy" ];
};
}; };
}; };
nixosConfigurations = { nixosConfigurations = {
calcite = mkNixos { calcite = mkNixos {
@ -170,7 +162,7 @@
machines/calcite/configuration.nix machines/calcite/configuration.nix
(mkHome "xin" "calcite") (mkHome "xin" "calcite")
]; ];
}; };
raspite = mkNixos { raspite = mkNixos {
system = "aarch64-linux"; system = "aarch64-linux";
modules = [ modules = [
@ -194,12 +186,12 @@
} }
]; ];
}).config.system.build.sdImage; }).config.system.build.sdImage;
} // flake-utils.lib.eachDefaultSystem (system: } // flake-utils.lib.eachDefaultSystem (system:
let pkgs = nixpkgs.legacyPackages.${system}; in let pkgs = nixpkgs.legacyPackages.${system}; in
{ {
devShells = { devShells = {
default = pkgs.mkShell { default = pkgs.mkShell {
packages = with pkgs; [ git colmena sops nix-output-monitor rnix-lsp ]; packages = with pkgs; [ git colmena sops nix-output-monitor ];
}; };
}; };
} }

5
machines/dolomite/default.nix
View file

@ -66,17 +66,12 @@
}; };
}; };
services.fail2ban.enable = true; services.fail2ban.enable = true;
programs.mosh.enable = true;
security.sudo = { security.sudo = {
execWheelOnly = true; execWheelOnly = true;
wheelNeedsPassword = false; wheelNeedsPassword = false;
}; };
nix.settings = {
trusted-users = config.users.groups.wheel.members;
};
services.sing-box = let services.sing-box = let
singTls = { singTls = {
enabled = true; enabled = true;

2
machines/massicot/default.nix
View file

@ -87,8 +87,8 @@
KerberosAuthentication = "no"; KerberosAuthentication = "no";
}; };
}; };
services.fail2ban.enable = true; services.fail2ban.enable = true;
programs.mosh.enable = true;
systemd.services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ]; systemd.services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ];
} }

8
modules/home-manager/alacritty.nix
View file

@ -26,13 +26,13 @@ in
dynamic_padding = true; dynamic_padding = true;
}; };
import = [ import = [
"${config.xdg.configHome}/alacritty/catppuccin-macchiato.toml" "${config.xdg.configHome}/alacritty/catppuccin-macchiato.yml"
]; ];
}; };
}; };
xdg.configFile."alacritty/catppuccin-macchiato.toml".source = builtins.fetchurl { xdg.configFile."alacritty/catppuccin-macchiato.yml".source = builtins.fetchurl {
url = "https://raw.githubusercontent.com/catppuccin/alacritty/main/catppuccin-macchiato.toml"; url = "https://raw.githubusercontent.com/catppuccin/alacritty/main/catppuccin-macchiato.yml";
sha256 = "sha256:1iq187vg64h4rd15b8fv210liqkbzkh8sw04ykq0hgpx20w3qilv"; sha256 = "sha256-+m8FyPStdh1A1xMVBOkHpfcaFPcyVL99tIxHuDZ2zXI=";
}; };
}; };
} }

2
modules/home-manager/vscode.nix
View file

@ -5,7 +5,7 @@ let
cfg = config.custom-hm.vscode; cfg = config.custom-hm.vscode;
in in
{ {
options.custom-hm.vscode = { options.custom-hm.vscode = {
enable = mkEnableOption "Vscode config"; enable = mkEnableOption "Vscode config";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {