iofq/nix
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

gigalint everything

Browse source
This commit is contained in:
iofq 2024-01-28 17:41:08 -06:00
parent 2ce46f1cf5
commit d4c31f8fd1
39 changed files with 499 additions and 398 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.envrc
View file

@ -1 +1 @@
use nix
use flake

2
.gitignore vendored
View file

@ -1 +1,3 @@
result
.pre-commit-config.yaml
.direnv/

96
flake.lock generated
View file

@ -3,7 +3,9 @@
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": "nixpkgs",
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
@ -262,7 +264,7 @@
"foundry-nix": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_2"
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1706432964,
@ -489,18 +491,15 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1702272962,
"narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e97b3e4186bcadf0ef1b6be22b8558eab1cdeb5d",
"type": "github"
"lastModified": 1705677747,
"narHash": "sha256-eyM3okYtMgYDgmYukoUzrmuoY4xl4FUujnsv/P6I/zI=",
"path": "/nix/store/kwd6lmx004rkv2r00vj3fcg5ijfvnagk-source",
"rev": "bbe7d8f876fbbe7c959c90ba2ae2852220573261",
"type": "path"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
"id": "nixpkgs",
"type": "indirect"
}
},
"nixpkgs-stable": {
@ -536,19 +535,6 @@
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1705677747,
"narHash": "sha256-eyM3okYtMgYDgmYukoUzrmuoY4xl4FUujnsv/P6I/zI=",
"path": "/nix/store/kwd6lmx004rkv2r00vj3fcg5ijfvnagk-source",
"rev": "bbe7d8f876fbbe7c959c90ba2ae2852220573261",
"type": "path"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1706191920,
"narHash": "sha256-eLihrZAPZX0R6RyM5fYAWeKVNuQPYjAkCUBr+JNvtdE=",
@ -564,22 +550,6 @@
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1704842529,
"narHash": "sha256-OTeQA+F8d/Evad33JMfuXC89VMetQbsU4qcaePchGr4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "eabe8d3eface69f5bb16c18f8662a702f50c20d5",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nvim": {
"inputs": {
"flake-utils": "flake-utils_4",
@ -631,7 +601,9 @@
"flake-compat": "flake-compat_3",
"flake-utils": "flake-utils_5",
"gitignore": "gitignore",
"nixpkgs": "nixpkgs_4",
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
@ -655,10 +627,12 @@
"home-manager": "home-manager",
"microvm": "microvm",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_3",
"nixpkgs": "nixpkgs_2",
"nvim": "nvim",
"pre-commit-hooks": "pre-commit-hooks",
"tfa": "tfa"
"systems": "systems_8",
"tfa": "tfa",
"treefmt-nix": "treefmt-nix_3"
}
},
"spectrum": {
@ -781,6 +755,20 @@
"type": "github"
}
},
"systems_8": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"id": "systems",
"type": "indirect"
}
},
"tfa": {
"inputs": {
"nixpkgs": [
@ -844,6 +832,26 @@
"type": "github"
}
},
"treefmt-nix_3": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1706462057,
"narHash": "sha256-7dG1D4iqqt0bEbBqUWk6lZiSqqwwAO0Hd1L5opVyhNM=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "c6153c2a3ff4c38d231e3ae99af29b87f1df5901",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"utils": {
"inputs": {
"systems": "systems"

47
flake.nix
View file

@ -4,8 +4,14 @@
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
deploy-rs.url = "github:serokell/deploy-rs";
pre-commit-hooks.url = "github:cachix/pre-commit-hooks.nix";
deploy-rs = {
url = "github:serokell/deploy-rs";
inputs.nixpkgs.follows = "nixpkgs";
};
pre-commit-hooks = {
url = "github:cachix/pre-commit-hooks.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
@ -23,13 +29,25 @@
inputs.nixpkgs.follows = "nixpkgs";
inputs.foundry-nix.url = "github:shazow/foundry.nix";
};
treefmt-nix = {
url = "github:numtide/treefmt-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
microvm = {
url = "github:astro/microvm.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { self, nixpkgs, home-manager, nixos-hardware, nvim, ethereum-nix, deploy-rs, ... } @inputs:
let
outputs = {
self,
nixpkgs,
home-manager,
nvim,
ethereum-nix,
deploy-rs,
systems,
...
} @ inputs: let
attrs = {
username = "e";
};
@ -38,19 +56,17 @@
inherit system;
config.allowUnfree = true;
overlays = [
(final: prev: {
(final: _prev: {
inherit (inputs.nvim.packages.${final.system}) full;
inherit (inputs.tfa.packages.${final.system}) twofa;
})
];
};
eachSystem = f: nixpkgs.lib.genAttrs (import systems) (system: f nixpkgs.legacyPackages.${system});
treefmtEval = eachSystem (pkgs: inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix);
in {
nixosConfigurations = (
import ./nixos { inherit inputs pkgs attrs system ethereum-nix; }
);
homeConfigurations = (
import ./home-manager { inherit inputs pkgs attrs; }
);
nixosConfigurations = import ./nixos {inherit inputs pkgs attrs system ethereum-nix;};
homeConfigurations = import ./home-manager {inherit inputs pkgs attrs;};
deploy.nodes = {
htz = {
hostname = "htz";
@ -74,14 +90,11 @@
checks = {
pre-commit-check = inputs.pre-commit-hooks.lib.${system}.run {
src = ./.;
hooks = {
typos.enable = true;
alejandra.enable = true;
deadnix.enable = true;
statix.enable = true;
};
hooks.treefmt.enable = true;
hooks.treefmt.package = eachSystem (pkgs: treefmtEval.${pkgs.system}.config.build.wrapper);
};
};
formatter = eachSystem (pkgs: treefmtEval.${pkgs.system}.config.build.wrapper);
devShells.${system}.default = pkgs.mkShell {
buildInputs = [
pkgs.nix

11
home-manager/default.nix
View file

@ -1,12 +1,16 @@
{ inputs, pkgs, attrs, ...}:
{
inputs,
pkgs,
attrs,
...
}: {
"e" = inputs.home-manager.lib.homeManagerConfiguration {
inherit pkgs;
extraSpecialArgs = {
inherit inputs attrs;
host = {
hostName = "t14";
username = attrs.username;
inherit (attrs) username;
};
};
modules = [
@ -20,7 +24,7 @@
inherit inputs attrs;
host = {
hostName = "e";
username = attrs.username;
inherit (attrs) username;
};
};
modules = [
@ -28,4 +32,3 @@
];
};
}

3
home-manager/home.nix
View file

@ -1,5 +1,4 @@
{ inputs, ... }:
{
{inputs, ...}: {
programs.home-manager.enable = true;
nix = {
registry.nixpkgs.flake = inputs.nixpkgs;

3
home-manager/shared/programs/2fa/default.nix
View file

@ -1,5 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
twofa
];

3
home-manager/shared/programs/default.nix
View file

@ -1,5 +1,4 @@
{ home-manager, config, lib, pkgs, ... }:
{
{...}: {
imports = [
./dev
./nvim

3
home-manager/shared/programs/dev/default.nix
View file

@ -1,5 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
ripgrep
k9s

3
home-manager/shared/programs/min.nix
View file

@ -1,5 +1,4 @@
{ home-manager, config, lib, pkgs, ... }:
{
{...}: {
imports = [
./shell
];

3
home-manager/shared/programs/nvim/default.nix
View file

@ -1,5 +1,4 @@
{ pkgs, ...}:
{
{pkgs, ...}: {
home.packages = with pkgs; [
full
];

3
home-manager/shared/programs/shell/default.nix
View file

@ -1,5 +1,4 @@
{ host, ... }:
{
{host, ...}: {
imports = [
./tmux.nix
./git.nix

3
home-manager/shared/programs/shell/direnv.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
_: {
programs.direnv = {
enable = true;
enableBashIntegration = true;

3
home-manager/shared/programs/shell/git.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
_: {
programs.git = {
enable = true;
userEmail = "cjriddz@protonmail.com";

4
home-manager/shared/programs/shell/tmux.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
_: {
programs.tmux = {
enable = true;
keyMode = "vi";
@ -18,5 +17,4 @@
setw -g window-status-current-format '[#P:#W*] '
'';
};
}

5
home-manager/shared/programs/warrior/default.nix
View file

@ -1,5 +1,8 @@
{ pkgs, config, ... }:
{
pkgs,
config,
...
}: {
programs.taskwarrior = {
enable = true;
colorTheme = "solarized-dark-256";

4
home-manager/shared/wayland/alacritty/default.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
_: {
programs.alacritty = {
enable = true;
settings = {
@ -78,7 +77,6 @@
action = "ScrollPageDown";
}
];
};
};
}

3
home-manager/shared/wayland/audio/default.nix
View file

@ -1,5 +1,4 @@
{pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
pulseaudio
pulsemixer

3
home-manager/shared/wayland/default.nix
View file

@ -1,5 +1,4 @@
{ home-manager, config, lib, pkgs, ... }:
{
{...}: {
imports = [
./librewolf
./alacritty

3
home-manager/shared/wayland/librewolf/default.nix
View file

@ -1,4 +1,3 @@
{ pkgs, ... }:
{
_: {
programs.librewolf.enable = true;
}

11
home-manager/shared/wayland/sway/default.nix
View file

@ -1,5 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}: {
home.packages = with pkgs; [
wl-clipboard
autotiling-rs
@ -65,8 +69,9 @@
};
modifier = "Mod4";
keybindings = let
modifier = config.wayland.windowManager.sway.config.modifier;
in lib.mkOptionDefault {
inherit (config.wayland.windowManager.sway.config) modifier;
in
lib.mkOptionDefault {
Prior = "nop";
Next = "nop";
"${modifier}+x" = "kill";

3
home-manager/shared/wayland/xdg/default.nix
View file

@ -1,5 +1,4 @@
{pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
xdg-utils
];

8
home-manager/t14/home.nix
View file

@ -1,11 +1,14 @@
{ pkgs, attrs, ... }:
{
pkgs,
attrs,
...
}: {
imports = [
../shared/programs/default.nix
../shared/wayland/default.nix
];
home = {
username = attrs.username;
inherit (attrs) username;
homeDirectory = "/home/" + attrs.username;
packages = with pkgs; [
# gaming
@ -26,7 +29,6 @@
# sysutils
appimage-run
wireguard-tools
];
};
programs.ssh = {

3
nixos/configuration.nix
View file

@ -1,5 +1,4 @@
{ host, ... }:
{
{host, ...}: {
users.groups.plugdev = {}; # Create plugdev group
networking.hostName = host.hostName;
users.users.${host.username} = {

14
nixos/default.nix
View file

@ -1,10 +1,16 @@
{ inputs, pkgs, attrs, system, ... }: {
{
inputs,
pkgs,
attrs,
system,
...
}: {
t14 = inputs.nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs system pkgs;
host = {
hostName = "t14";
username = attrs.username;
inherit (attrs) username;
};
};
modules = [
@ -18,7 +24,7 @@
inherit inputs system pkgs;
host = {
hostName = "rknrd";
username = attrs.username;
inherit (attrs) username;
};
};
modules = [
@ -38,7 +44,7 @@
};
host = {
hostName = "htz";
username = attrs.username;
inherit (attrs) username;
};
};
modules = [

12
nixos/htz/configuration.nix
View file

@ -1,4 +1,8 @@
{ pkgs, addressList, ... }: {
{
pkgs,
addressList,
...
}: {
imports = [
./hardware-configuration.nix
./vms
@ -18,11 +22,13 @@
};
nat = {
enable = true;
forwardPorts = [ {
forwardPorts = [
{
proto = "tcp";
sourcePort = 80;
destination = addressList.vm-test.ipv4;
} ];
}
];
};
};
services.openssh.enable = true;

7
nixos/htz/eth.nix
View file

@ -1,4 +1,8 @@
{ system, ethereum-nix, ...}: {
{
system,
ethereum-nix,
...
}: {
services.ethereum.geth.mainnet = {
enable = true;
package = ethereum-nix.packages.${system}.geth;
@ -67,5 +71,4 @@
};
};
};
}

17
nixos/htz/hardware-configuration.nix
View file

@ -1,5 +1,8 @@
{ modulesPath, lib, ... }:
{
modulesPath,
lib,
...
}: {
imports = [(modulesPath + "/profiles/qemu-guest.nix")];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
boot = {
@ -27,9 +30,11 @@
fsType = "ext4";
};
};
swapDevices = [{
swapDevices = [
{
device = "/dev/dm-1";
}];
}
];
zramSwap.enable = false;
networking = {
useNetworkd = true;
@ -54,9 +59,11 @@
DHCPServer = true;
IPv6SendRA = true;
};
addresses = [ {
addresses = [
{
addressConfig.Address = "10.0.0.1/24";
} ];
}
];
};
"11-microvm" = {
matchConfig.Name = "vm-*";

30
nixos/htz/vms/default.nix
View file

@ -1,24 +1,38 @@
{ lib, pkgs, addressList, ... }:
let genVMConfig = { name, config ? {}, ro-store ? true }: {
{
lib,
pkgs,
addressList,
...
}: let
genVMConfig = {
name,
config ? {},
ro-store ? true,
}: {
restartIfChanged = true;
pkgs = pkgs;
config = config // {
inherit pkgs;
config =
config
// {
microvm = {
shares = lib.mkIf (ro-store == true) [{
shares = lib.mkIf ro-store [
{
source = "/nix/store";
mountPoint = "/nix/.ro-store";
tag = "ro-store";
proto = "virtiofs";
}];
}
];
interfaces = [
{
type = "tap";
id = name;
mac = addressList.${name}.mac;
inherit (addressList.${name}) mac;
}
];
};
} // import ./vmDefaults.nix { inherit name addressList; };
}
// import ./vmDefaults.nix {inherit name addressList;};
};
in {
microvm.vms = {

27
nixos/htz/vms/headscale.nix Normal file
View file

@ -0,0 +1,27 @@
{config, ...}: let
domain = "ts.10110110.xyz";
in {
services = {
headscale = {
enable = true;
address = "0.0.0.0";
port = 8080;
serverUrl = "https://${domain}";
dns = {baseDomain = "10110110.xyz";};
settings = {logtail.enabled = false;};
};
services.nginx = {
enable = true;
virtualHosts.${domain} = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString config.services.headscale.port}";
proxyWebsockets = true;
};
};
};
};
system.stateVersion = "23.11";
}

2
nixos/htz/vms/vm-test.nix
View file

@ -1,4 +1,4 @@
{ ... }: {
_: {
networking.firewall = {
enable = true;
allowedTCPPorts = [80];

9
nixos/htz/vms/vmDefaults.nix
View file

@ -1,4 +1,8 @@
{ name, addressList, ...}: {
{
name,
addressList,
...
}: {
systemd.network = {
enable = true;
networks."20-lan" = {
@ -27,7 +31,8 @@
root = {
openssh.authorizedKeys.keys = [
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIItTJm2iu/5xacOoh4/JAvMtHE62duDlVVXpvVP+uQMR root@htz''
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILU2TUxKyGKoZ68IG4hw23RmxVf72u5K9W0StkgTr0b2 e@t14'' ];
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILU2TUxKyGKoZ68IG4hw23RmxVf72u5K9W0StkgTr0b2 e@t14''
];
};
e = {
isNormalUser = true;

6
nixos/racknerd/configuration.nix
View file

@ -1,4 +1,8 @@
{ inputs, pkgs, system, ... }: {
{
pkgs,
system,
...
}: {
imports = [
./hardware-configuration.nix
./minecraft.nix

10
nixos/racknerd/hardware-configuration.nix
View file

@ -1,10 +1,16 @@
{ config, lib, pkgs, modulesPath, ... }:
{
lib,
modulesPath,
...
}: {
imports = [(modulesPath + "/profiles/qemu-guest.nix")];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
boot.loader.grub.device = "/dev/vda";
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi"];
boot.initrd.kernelModules = ["nvme"];
fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; };
fileSystems."/" = {
device = "/dev/vda1";
fsType = "ext4";
};
swapDevices = [{device = "/dev/vda2";}];
}

1
nixos/racknerd/minecraft.nix
View file

@ -16,5 +16,4 @@
k359 = "a5ccc07c-144d-4dd0-b07c-48c4d5302b58";
};
};
}

6
nixos/t14/configuration.nix
View file

@ -1,7 +1,5 @@
{ pkgs, ... }:
{
imports =
[
{pkgs, ...}: {
imports = [
./hardware-configuration.nix
./nano.nix
];

19
nixos/t14/hardware-configuration.nix
View file

@ -1,11 +1,14 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
config,
lib,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["nvme" "ehci_pci" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
@ -13,13 +16,13 @@
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/f56e8356-3915-4ff8-957c-de7f9a72b326";
fileSystems."/" = {
device = "/dev/disk/by-uuid/f56e8356-3915-4ff8-957c-de7f9a72b326";
fsType = "btrfs";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/346A-5AF5";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/346A-5AF5";
fsType = "vfat";
};

3
nixos/t14/nano.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
_: {
services.udev.extraRules = ''
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="1b7c", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="2b7c", MODE="0660", TAG+="uaccess", TAG+="udev-acl"

6
treefmt.nix Normal file
View file

@ -0,0 +1,6 @@
_: {
projectRootFile = "flake.nix";
programs.alejandra.enable = true;
programs.deadnix.enable = true;
programs.statix.enable = true;
}