bertof/nix-dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

WIP: move nixos modules

Browse source
This commit is contained in:
Filippo Berto 2023-05-14 23:40:45 +02:00
parent d725c3b788
commit 2a5983344d
No known key found for this signature in database
GPG key ID: FE98AE5EC52B1056
29 changed files with 65 additions and 115 deletions
Download patch file Download diff file Expand all files Collapse all files

154
flake.nix
View file

@ -53,11 +53,7 @@
checks = { checks = {
pre-commit-check = pre-commit-hooks.lib.${system}.run { pre-commit-check = pre-commit-hooks.lib.${system}.run {
src = ./.; src = ./.;
hooks = { hooks = { deadnix.enable = true; nixpkgs-fmt.enable = true; statix.enable = true; };
deadnix.enable = true;
nixpkgs-fmt.enable = true;
statix.enable = true;
};
}; };
}; };
@ -110,48 +106,31 @@
age.secrets.thor_wg_priv = { file = ./secrets/thor_wg_priv.age; }; age.secrets.thor_wg_priv = { file = ./secrets/thor_wg_priv.age; };
} }
./nixos_modules/bertof_user.nix ./modules/nixos/users/bertof.nix
# Some defaults # Some basic defaults
./nixos_modules/fwupd.nix ./modules/nixos/basics
./nixos_modules/fstrim.nix
./nixos_modules/btrfs-scrub.nix
./nixos_modules/distributed.nix
./nixos_modules/remote-deploy.nix
./nixos_modules/extended-registry.nix
./nixos_modules/automatic-garbage-collection.nix
./nixos_modules/automatic-upgrade.nix
./nixos_modules/zerotier.nix
]; ];
installerModules = [ installerModules = commonModules ++ [ ./modules/nixos/installer.nix ];
# Nix configuration
nix_configuration
./nixos_modules/bertof_user.nix
./nixos_modules/distributed.nix
./nixos_modules/remote-deploy.nix
./nixos_modules/extended-registry.nix
./nixos_modules/zerotier.nix
./nixos_modules/installer.nix
];
thorConfig = { thorConfig = {
nixosConfigurations = { nixosConfigurations = {
thor = nixpkgs.lib.nixosSystem { thor = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
modules = commonModules ++ [ modules = commonModules ++ [
./modules/nixos/server
./thor/hardware-configuration.nix ./thor/hardware-configuration.nix
nixos-hardware.nixosModules.common-cpu-amd nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
./thor/configuration.nix ./thor/configuration.nix
./nixos_modules/pro_audio.nix ./modules/nixos/pro_audio.nix
./nixos_modules/sesar.nix ./modules/nixos/sesar.nix
./nixos_modules/pentablet.nix ./modules/nixos/pentablet.nix
./nixos_modules/steam-link.nix ./modules/nixos/steam-link.nix
./nixos_modules/kdeconnect.nix ./modules/nixos/kdeconnect.nix
] ++ homeManagerModules ++ [ ] ++ homeManagerModules ++ [
{ home-manager.users.bertof = import ./thor/hm.nix; } { home-manager.users.bertof = import ./thor/hm.nix; }
]; ];
@ -163,18 +142,19 @@
nixosConfigurations = nixosConfigurations =
let let
odinCommonModules = [ odinCommonModules = [
./modules/nixos/laptop
nixos-hardware.nixosModules.common-cpu-intel nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-laptop nixos-hardware.nixosModules.common-pc-laptop
nixos-hardware.nixosModules.common-pc-laptop-ssd nixos-hardware.nixosModules.common-pc-laptop-ssd
./odin/hardware-configuration.nix ./odin/hardware-configuration.nix
./odin/common_configuration.nix ./odin/common_configuration.nix
./nixos_modules/pro_audio.nix ./modules/nixos/pro_audio.nix
./nixos_modules/sesar.nix ./modules/nixos/sesar.nix
./nixos_modules/pentablet.nix ./modules/nixos/pentablet.nix
./nixos_modules/steam-link.nix ./modules/nixos/steam-link.nix
./nixos_modules/kdeconnect.nix ./modules/nixos/kdeconnect.nix
./nixos_modules/garage.nix
] ++ homeManagerModules ++ [ ] ++ homeManagerModules ++ [
{ home-manager.users.bertof = import ./odin/hm.nix; } { home-manager.users.bertof = import ./odin/hm.nix; }
]; ];
@ -205,12 +185,13 @@
({ lib, ... }: { ({ lib, ... }: {
boot.supportedFilesystems = lib.mkForce [ "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "ntfs" "cifs" ]; boot.supportedFilesystems = lib.mkForce [ "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "ntfs" "cifs" ];
}) })
./modules/nixos/server
./freya/hardware-configuration.nix ./freya/hardware-configuration.nix
./freya/configuration.nix ./freya/configuration.nix
./nixos_modules/garage.nix ./modules/nixos/garage.nix
./nixos_modules/nextcloud.nix ./modules/nixos/nextcloud.nix
] ++ homeManagerModules ++ [ ] ++ homeManagerModules ++ [
{ home-manager.users.bertof = import ./freya/hm.nix; } { home-manager.users.bertof = import ./freya/hm.nix; }
]; ];
@ -223,11 +204,12 @@
baldur = nixpkgs.lib.nixosSystem { baldur = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
modules = commonModules ++ [ modules = commonModules ++ [
./modules/nixos/server
# ./baldur/hardware-configuration.nix # ./baldur/hardware-configuration.nix
./baldur/configuration.nix ./baldur/configuration.nix
"${nixpkgs}/nixos/modules/virtualisation/digital-ocean-config.nix" "${nixpkgs}/nixos/modules/virtualisation/digital-ocean-config.nix"
./nixos_modules/digitalocean.nix ./modules/nixos/digitalocean.nix
./nixos_modules/garage.nix ./modules/nixos/garage.nix
] ++ homeManagerModules ++ [ ] ++ homeManagerModules ++ [
{ home-manager.users.bertof = import ./baldur/hm.nix; } { home-manager.users.bertof = import ./baldur/hm.nix; }
]; ];
@ -240,6 +222,8 @@
loki = nixpkgs.lib.nixosSystem { loki = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
modules = commonModules ++ [ modules = commonModules ++ [
./modules/nixos/server
nixos-hardware.nixosModules.common-cpu-intel nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
./loki/hardware-configuration.nix ./loki/hardware-configuration.nix
@ -264,78 +248,24 @@
# Map nodes to Deploy-rs deployments # Map nodes to Deploy-rs deployments
deploy.nodes = { deploy.nodes = {
thor = { thor = { hostname = "thor.local"; profiles.system = { user = "root"; path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.thor; }; };
hostname = "thor.local"; odin = { hostname = "odin.local"; profiles.system = { user = "root"; path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.odin; }; };
profiles.system = { loki = { hostname = "loki.local"; profiles.system = { user = "root"; path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.loki; }; };
user = "root"; baldur = { hostname = "baldur.bertof.net"; profiles.system = { user = "root"; path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.baldur; }; };
path = deploy-rs.lib.x86_64-linux.activate.nixos freya = { hostname = "freya.local"; profiles.system = { user = "root"; path = deploy-rs.lib.aarch64-linux.activate.nixos self.nixosConfigurations.freya; }; };
self.nixosConfigurations.thor;
};
};
odin = {
hostname = "odin.local";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.odin;
};
};
loki = {
hostname = "loki.local";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.loki;
};
};
baldur = {
hostname = "baldur.bertof.net";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.baldur;
};
};
freya = {
hostname = "freya.local";
profiles.system = {
user = "root";
path = deploy-rs.lib.aarch64-linux.activate.nixos
self.nixosConfigurations.freya;
};
};
}; };
}; };
images = with flake-utils.lib; images = with flake-utils.lib; eachSystem [ system.x86_64-linux system.aarch64-linux ] (system: {
eachSystem [ system.x86_64-linux system.aarch64-linux ] (system: { packages = {
packages = { # Installer ISO
# Installer ISO install-iso = nixos-generators.nixosGenerate { inherit system; modules = installerModules; format = "install-iso"; };
install-iso = nixos-generators.nixosGenerate { # Aarch64 base image
inherit system; aarch64-base-image = nixos-generators.nixosGenerate { system = flake-utils.lib.system.aarch64-linux; modules = installerModules; format = "sd-aarch64"; };
modules = installerModules; # Installer DigitalOcean
format = "install-iso"; do-image = nixos-generators.nixosGenerate { inherit system; modules = installerModules; format = "do"; };
}; };
});
# Aarch64 base image
aarch64-base-image = nixos-generators.nixosGenerate {
system = flake-utils.lib.system.aarch64-linux;
modules = installerModules;
format = "sd-aarch64";
};
# Installer DigitalOcean
do-image = nixos-generators.nixosGenerate {
inherit system;
modules = installerModules;
format = "do";
};
};
});
in in
builtins.foldl' nixpkgs.lib.recursiveUpdate { } [ builtins.foldl' nixpkgs.lib.recursiveUpdate { } [

10
modules/nixos/basics/default.nix Normal file
View file

@ -0,0 +1,10 @@
{ lib, ... }:
let
src = ./.;
files = builtins.readDir src;
nixFiles = builtins.attrNames (lib.attrsets.filterAttrs (name: type: type != "directory" && lib.hasSuffix ".nix" name && !(lib.hasSuffix "default.nix" name)) files);
imports = builtins.map (path: src + ("/" + path)) nixFiles;
in
{
inherit imports;
}

0
nixos_modules/distributed.nix → modules/nixos/basics/distributed.nix
View file

0
nixos_modules/extended-registry.nix → modules/nixos/basics/extended-registry.nix
View file

0
nixos_modules/remote-deploy.nix → modules/nixos/basics/remote-deploy.nix
View file

0
nixos_modules/zerotier.nix → modules/nixos/basics/zerotier.nix
View file

0
nixos_modules/big_data.nix → modules/nixos/big_data.nix
View file

0
nixos_modules/defcon.nix → modules/nixos/defcon.nix
View file

0
nixos_modules/digitalocean.nix → modules/nixos/digitalocean.nix
View file

0
nixos_modules/dnsmasq.nix → modules/nixos/dnsmasq.nix
View file

2
nixos_modules/garage.nix → modules/nixos/garage.nix
View file

@ -1,7 +1,7 @@
{ pkgs, config, lib, ... }: { { pkgs, config, lib, ... }: {
users.groups.garage = { }; users.groups.garage = { };
users.users.garage = { isSystemUser = true; group = "garage"; }; users.users.garage = { isSystemUser = true; group = "garage"; };
age.secrets.garage_rpc_secret = { file = ../secrets/garage_rpc_secret.age; owner = "garage"; }; age.secrets.garage_rpc_secret = { file = ../../secrets/garage_rpc_secret.age; owner = "garage"; };
networking.firewall.interfaces."ztmjfdwjkp".allowedTCPPorts = [ networking.firewall.interfaces."ztmjfdwjkp".allowedTCPPorts = [
3901 3901

0
nixos_modules/installer.nix → modules/nixos/installer.nix
View file

0
nixos_modules/k3s.nix → modules/nixos/k3s.nix
View file

0
nixos_modules/kdeconnect.nix → modules/nixos/kdeconnect.nix
View file

0
nixos_modules/mind.nix → modules/nixos/mind.nix
View file

4
nixos_modules/nextcloud.nix → modules/nixos/nextcloud.nix
View file

@ -1,8 +1,8 @@
{ pkgs, config, ... }: { { pkgs, config, ... }: {
age.secrets = { age.secrets = {
nextcloud_admin_secret = { file = ../secrets/nextcloud_admin_secret.age; owner = "nextcloud"; }; nextcloud_admin_secret = { file = ../../secrets/nextcloud_admin_secret.age; owner = "nextcloud"; };
nextcloud_bucket_secret = { file = ../secrets/nextcloud_bucket_secret.age; owner = "nextcloud"; }; nextcloud_bucket_secret = { file = ../../secrets/nextcloud_bucket_secret.age; owner = "nextcloud"; };
}; };
# services.nginx.virtualHosts.${config.services.nextcloud.hostName} = { # services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {

0
nixos_modules/nix-serve.nix → modules/nixos/nix-serve.nix
View file

0
nixos_modules/pentablet.nix → modules/nixos/pentablet.nix
View file

0
nixos_modules/pro_audio.nix → modules/nixos/pro_audio.nix
View file

0
nixos_modules/automatic-garbage-collection.nix → modules/nixos/server/automatic-garbage-collection.nix
View file

0
nixos_modules/automatic-upgrade.nix → modules/nixos/server/automatic-upgrade.nix
View file

0
nixos_modules/btrfs-scrub.nix → modules/nixos/server/btrfs-scrub.nix
View file

10
modules/nixos/server/default.nix Normal file
View file

@ -0,0 +1,10 @@
{ lib, ... }:
let
src = ./.;
files = builtins.readDir src;
nixFiles = builtins.attrNames (lib.attrsets.filterAttrs (name: type: type != "directory" && lib.hasSuffix ".nix" name && !(lib.hasSuffix "default.nix" name)) files);
imports = builtins.map (path: src + ("/" + path)) nixFiles;
in
{
inherit imports;
}

0
nixos_modules/fstrim.nix → modules/nixos/server/fstrim.nix
View file

0
nixos_modules/fwupd.nix → modules/nixos/server/fwupd.nix
View file

0
nixos_modules/sesar.nix → modules/nixos/sesar.nix
View file

0
nixos_modules/steam-link.nix → modules/nixos/steam-link.nix
View file

0
nixos_modules/tailscale.nix → modules/nixos/tailscale.nix
View file

0
nixos_modules/bertof_user.nix → modules/nixos/users/bertof.nix
View file