bertof/nix-dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

WIP: move nixos modules

Browse source
This commit is contained in:
Filippo Berto 2023-05-14 23:40:45 +02:00
parent d725c3b788
commit 2a5983344d
No known key found for this signature in database
GPG key ID: FE98AE5EC52B1056
29 changed files with 65 additions and 115 deletions
Download patch file Download diff file Expand all files Collapse all files

154
flake.nix
View file

@ -53,11 +53,7 @@
checks = {
pre-commit-check = pre-commit-hooks.lib.${system}.run {
src = ./.;
hooks = {
deadnix.enable = true;
nixpkgs-fmt.enable = true;
statix.enable = true;
};
hooks = { deadnix.enable = true; nixpkgs-fmt.enable = true; statix.enable = true; };
};
};
@ -110,48 +106,31 @@
age.secrets.thor_wg_priv = { file = ./secrets/thor_wg_priv.age; };
}
./nixos_modules/bertof_user.nix
./modules/nixos/users/bertof.nix
# Some defaults
./nixos_modules/fwupd.nix
./nixos_modules/fstrim.nix
./nixos_modules/btrfs-scrub.nix
./nixos_modules/distributed.nix
./nixos_modules/remote-deploy.nix
./nixos_modules/extended-registry.nix
./nixos_modules/automatic-garbage-collection.nix
./nixos_modules/automatic-upgrade.nix
./nixos_modules/zerotier.nix
# Some basic defaults
./modules/nixos/basics
];
installerModules = [
# Nix configuration
nix_configuration
./nixos_modules/bertof_user.nix
./nixos_modules/distributed.nix
./nixos_modules/remote-deploy.nix
./nixos_modules/extended-registry.nix
./nixos_modules/zerotier.nix
./nixos_modules/installer.nix
];
installerModules = commonModules ++ [ ./modules/nixos/installer.nix ];
thorConfig = {
nixosConfigurations = {
thor = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = commonModules ++ [
./modules/nixos/server
./thor/hardware-configuration.nix
nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-pc-ssd
./thor/configuration.nix
./nixos_modules/pro_audio.nix
./nixos_modules/sesar.nix
./nixos_modules/pentablet.nix
./nixos_modules/steam-link.nix
./nixos_modules/kdeconnect.nix
./modules/nixos/pro_audio.nix
./modules/nixos/sesar.nix
./modules/nixos/pentablet.nix
./modules/nixos/steam-link.nix
./modules/nixos/kdeconnect.nix
] ++ homeManagerModules ++ [
{ home-manager.users.bertof = import ./thor/hm.nix; }
];
@ -163,18 +142,19 @@
nixosConfigurations =
let
odinCommonModules = [
./modules/nixos/laptop
nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-laptop
nixos-hardware.nixosModules.common-pc-laptop-ssd
./odin/hardware-configuration.nix
./odin/common_configuration.nix
./nixos_modules/pro_audio.nix
./nixos_modules/sesar.nix
./nixos_modules/pentablet.nix
./nixos_modules/steam-link.nix
./nixos_modules/kdeconnect.nix
./nixos_modules/garage.nix
./modules/nixos/pro_audio.nix
./modules/nixos/sesar.nix
./modules/nixos/pentablet.nix
./modules/nixos/steam-link.nix
./modules/nixos/kdeconnect.nix
] ++ homeManagerModules ++ [
{ home-manager.users.bertof = import ./odin/hm.nix; }
];
@ -205,12 +185,13 @@
({ lib, ... }: {
boot.supportedFilesystems = lib.mkForce [ "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "ntfs" "cifs" ];
})
./modules/nixos/server
./freya/hardware-configuration.nix
./freya/configuration.nix
./nixos_modules/garage.nix
./nixos_modules/nextcloud.nix
./modules/nixos/garage.nix
./modules/nixos/nextcloud.nix
] ++ homeManagerModules ++ [
{ home-manager.users.bertof = import ./freya/hm.nix; }
];
@ -223,11 +204,12 @@
baldur = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = commonModules ++ [
./modules/nixos/server
# ./baldur/hardware-configuration.nix
./baldur/configuration.nix
"${nixpkgs}/nixos/modules/virtualisation/digital-ocean-config.nix"
./nixos_modules/digitalocean.nix
./nixos_modules/garage.nix
./modules/nixos/digitalocean.nix
./modules/nixos/garage.nix
] ++ homeManagerModules ++ [
{ home-manager.users.bertof = import ./baldur/hm.nix; }
];
@ -240,6 +222,8 @@
loki = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = commonModules ++ [
./modules/nixos/server
nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-ssd
./loki/hardware-configuration.nix
@ -264,78 +248,24 @@
# Map nodes to Deploy-rs deployments
deploy.nodes = {
thor = {
hostname = "thor.local";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.thor;
};
};
odin = {
hostname = "odin.local";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.odin;
};
};
loki = {
hostname = "loki.local";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.loki;
};
};
baldur = {
hostname = "baldur.bertof.net";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.baldur;
};
};
freya = {
hostname = "freya.local";
profiles.system = {
user = "root";
path = deploy-rs.lib.aarch64-linux.activate.nixos
self.nixosConfigurations.freya;
};
};
thor = { hostname = "thor.local"; profiles.system = { user = "root"; path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.thor; }; };
odin = { hostname = "odin.local"; profiles.system = { user = "root"; path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.odin; }; };
loki = { hostname = "loki.local"; profiles.system = { user = "root"; path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.loki; }; };
baldur = { hostname = "baldur.bertof.net"; profiles.system = { user = "root"; path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.baldur; }; };
freya = { hostname = "freya.local"; profiles.system = { user = "root"; path = deploy-rs.lib.aarch64-linux.activate.nixos self.nixosConfigurations.freya; }; };
};
};
images = with flake-utils.lib;
eachSystem [ system.x86_64-linux system.aarch64-linux ] (system: {
packages = {
# Installer ISO
install-iso = nixos-generators.nixosGenerate {
inherit system;
modules = installerModules;
format = "install-iso";
};
# Aarch64 base image
aarch64-base-image = nixos-generators.nixosGenerate {
system = flake-utils.lib.system.aarch64-linux;
modules = installerModules;
format = "sd-aarch64";
};
# Installer DigitalOcean
do-image = nixos-generators.nixosGenerate {
inherit system;
modules = installerModules;
format = "do";
};
};
});
images = with flake-utils.lib; eachSystem [ system.x86_64-linux system.aarch64-linux ] (system: {
packages = {
# Installer ISO
install-iso = nixos-generators.nixosGenerate { inherit system; modules = installerModules; format = "install-iso"; };
# Aarch64 base image
aarch64-base-image = nixos-generators.nixosGenerate { system = flake-utils.lib.system.aarch64-linux; modules = installerModules; format = "sd-aarch64"; };
# Installer DigitalOcean
do-image = nixos-generators.nixosGenerate { inherit system; modules = installerModules; format = "do"; };
};
});
in
builtins.foldl' nixpkgs.lib.recursiveUpdate { } [

10
modules/nixos/basics/default.nix Normal file
View file

@ -0,0 +1,10 @@
{ lib, ... }:
let
src = ./.;
files = builtins.readDir src;
nixFiles = builtins.attrNames (lib.attrsets.filterAttrs (name: type: type != "directory" && lib.hasSuffix ".nix" name && !(lib.hasSuffix "default.nix" name)) files);
imports = builtins.map (path: src + ("/" + path)) nixFiles;
in
{
inherit imports;
}

0
nixos_modules/distributed.nix → modules/nixos/basics/distributed.nix
View file

0
nixos_modules/extended-registry.nix → modules/nixos/basics/extended-registry.nix
View file

0
nixos_modules/remote-deploy.nix → modules/nixos/basics/remote-deploy.nix
View file

0
nixos_modules/zerotier.nix → modules/nixos/basics/zerotier.nix
View file

0
nixos_modules/big_data.nix → modules/nixos/big_data.nix
View file

0
nixos_modules/defcon.nix → modules/nixos/defcon.nix
View file

0
nixos_modules/digitalocean.nix → modules/nixos/digitalocean.nix
View file

0
nixos_modules/dnsmasq.nix → modules/nixos/dnsmasq.nix
View file

2
nixos_modules/garage.nix → modules/nixos/garage.nix
View file

@ -1,7 +1,7 @@
{ pkgs, config, lib, ... }: {
users.groups.garage = { };
users.users.garage = { isSystemUser = true; group = "garage"; };
age.secrets.garage_rpc_secret = { file = ../secrets/garage_rpc_secret.age; owner = "garage"; };
age.secrets.garage_rpc_secret = { file = ../../secrets/garage_rpc_secret.age; owner = "garage"; };
networking.firewall.interfaces."ztmjfdwjkp".allowedTCPPorts = [
3901

0
nixos_modules/installer.nix → modules/nixos/installer.nix
View file

0
nixos_modules/k3s.nix → modules/nixos/k3s.nix
View file

0
nixos_modules/kdeconnect.nix → modules/nixos/kdeconnect.nix
View file

0
nixos_modules/mind.nix → modules/nixos/mind.nix
View file

4
nixos_modules/nextcloud.nix → modules/nixos/nextcloud.nix
View file

@ -1,8 +1,8 @@
{ pkgs, config, ... }: {
age.secrets = {
nextcloud_admin_secret = { file = ../secrets/nextcloud_admin_secret.age; owner = "nextcloud"; };
nextcloud_bucket_secret = { file = ../secrets/nextcloud_bucket_secret.age; owner = "nextcloud"; };
nextcloud_admin_secret = { file = ../../secrets/nextcloud_admin_secret.age; owner = "nextcloud"; };
nextcloud_bucket_secret = { file = ../../secrets/nextcloud_bucket_secret.age; owner = "nextcloud"; };
};
# services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {

0
nixos_modules/nix-serve.nix → modules/nixos/nix-serve.nix
View file

0
nixos_modules/pentablet.nix → modules/nixos/pentablet.nix
View file

0
nixos_modules/pro_audio.nix → modules/nixos/pro_audio.nix
View file

0
nixos_modules/automatic-garbage-collection.nix → modules/nixos/server/automatic-garbage-collection.nix
View file

0
nixos_modules/automatic-upgrade.nix → modules/nixos/server/automatic-upgrade.nix
View file

0
nixos_modules/btrfs-scrub.nix → modules/nixos/server/btrfs-scrub.nix
View file

10
modules/nixos/server/default.nix Normal file
View file

@ -0,0 +1,10 @@
{ lib, ... }:
let
src = ./.;
files = builtins.readDir src;
nixFiles = builtins.attrNames (lib.attrsets.filterAttrs (name: type: type != "directory" && lib.hasSuffix ".nix" name && !(lib.hasSuffix "default.nix" name)) files);
imports = builtins.map (path: src + ("/" + path)) nixFiles;
in
{
inherit imports;
}

0
nixos_modules/fstrim.nix → modules/nixos/server/fstrim.nix
View file

0
nixos_modules/fwupd.nix → modules/nixos/server/fwupd.nix
View file

0
nixos_modules/sesar.nix → modules/nixos/sesar.nix
View file

0
nixos_modules/steam-link.nix → modules/nixos/steam-link.nix
View file

0
nixos_modules/tailscale.nix → modules/nixos/tailscale.nix
View file

0
nixos_modules/bertof_user.nix → modules/nixos/users/bertof.nix
View file