iofq/nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

gigalint everything

Browse source
This commit is contained in:
iofq 2024-01-28 17:41:08 -06:00
parent 2ce46f1cf5
commit d4c31f8fd1
39 changed files with 499 additions and 398 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.envrc
View file

@ -1 +1 @@
use nix
use flake

2
.gitignore vendored
View file

@ -1 +1,3 @@
result
.pre-commit-config.yaml
.direnv/

96
flake.lock generated
View file

@ -3,7 +3,9 @@
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": "nixpkgs",
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
@ -262,7 +264,7 @@
"foundry-nix": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_2"
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1706432964,
@ -489,18 +491,15 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1702272962,
"narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e97b3e4186bcadf0ef1b6be22b8558eab1cdeb5d",
"type": "github"
"lastModified": 1705677747,
"narHash": "sha256-eyM3okYtMgYDgmYukoUzrmuoY4xl4FUujnsv/P6I/zI=",
"path": "/nix/store/kwd6lmx004rkv2r00vj3fcg5ijfvnagk-source",
"rev": "bbe7d8f876fbbe7c959c90ba2ae2852220573261",
"type": "path"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
"id": "nixpkgs",
"type": "indirect"
}
},
"nixpkgs-stable": {
@ -536,19 +535,6 @@
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1705677747,
"narHash": "sha256-eyM3okYtMgYDgmYukoUzrmuoY4xl4FUujnsv/P6I/zI=",
"path": "/nix/store/kwd6lmx004rkv2r00vj3fcg5ijfvnagk-source",
"rev": "bbe7d8f876fbbe7c959c90ba2ae2852220573261",
"type": "path"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1706191920,
"narHash": "sha256-eLihrZAPZX0R6RyM5fYAWeKVNuQPYjAkCUBr+JNvtdE=",
@ -564,22 +550,6 @@
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1704842529,
"narHash": "sha256-OTeQA+F8d/Evad33JMfuXC89VMetQbsU4qcaePchGr4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "eabe8d3eface69f5bb16c18f8662a702f50c20d5",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nvim": {
"inputs": {
"flake-utils": "flake-utils_4",
@ -631,7 +601,9 @@
"flake-compat": "flake-compat_3",
"flake-utils": "flake-utils_5",
"gitignore": "gitignore",
"nixpkgs": "nixpkgs_4",
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
@ -655,10 +627,12 @@
"home-manager": "home-manager",
"microvm": "microvm",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_3",
"nixpkgs": "nixpkgs_2",
"nvim": "nvim",
"pre-commit-hooks": "pre-commit-hooks",
"tfa": "tfa"
"systems": "systems_8",
"tfa": "tfa",
"treefmt-nix": "treefmt-nix_3"
}
},
"spectrum": {
@ -781,6 +755,20 @@
"type": "github"
}
},
"systems_8": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"id": "systems",
"type": "indirect"
}
},
"tfa": {
"inputs": {
"nixpkgs": [
@ -844,6 +832,26 @@
"type": "github"
}
},
"treefmt-nix_3": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1706462057,
"narHash": "sha256-7dG1D4iqqt0bEbBqUWk6lZiSqqwwAO0Hd1L5opVyhNM=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "c6153c2a3ff4c38d231e3ae99af29b87f1df5901",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"utils": {
"inputs": {
"systems": "systems"

113
flake.nix
View file

@ -4,8 +4,14 @@
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
deploy-rs.url = "github:serokell/deploy-rs";
pre-commit-hooks.url = "github:cachix/pre-commit-hooks.nix";
deploy-rs = {
url = "github:serokell/deploy-rs";
inputs.nixpkgs.follows = "nixpkgs";
};
pre-commit-hooks = {
url = "github:cachix/pre-commit-hooks.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
@ -23,13 +29,25 @@
inputs.nixpkgs.follows = "nixpkgs";
inputs.foundry-nix.url = "github:shazow/foundry.nix";
};
treefmt-nix = {
url = "github:numtide/treefmt-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
microvm = {
url = "github:astro/microvm.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { self, nixpkgs, home-manager, nixos-hardware, nvim, ethereum-nix, deploy-rs, ... } @inputs:
let
outputs = {
self,
nixpkgs,
home-manager,
nvim,
ethereum-nix,
deploy-rs,
systems,
...
} @ inputs: let
attrs = {
username = "e";
};
@ -38,57 +56,52 @@
inherit system;
config.allowUnfree = true;
overlays = [
(final: prev: {
(final: _prev: {
inherit (inputs.nvim.packages.${final.system}) full;
inherit (inputs.tfa.packages.${final.system}) twofa;
})
];
};
eachSystem = f: nixpkgs.lib.genAttrs (import systems) (system: f nixpkgs.legacyPackages.${system});
treefmtEval = eachSystem (pkgs: inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix);
in {
nixosConfigurations = (
import ./nixos { inherit inputs pkgs attrs system ethereum-nix; }
);
homeConfigurations = (
import ./home-manager { inherit inputs pkgs attrs; }
);
deploy.nodes = {
htz = {
hostname = "htz";
sshUser = "root";
remoteBuild = true;
profiles.system = {
user = "root";
path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.htz;
};
};
racknerd = {
hostname = "racknerd";
sshUser = "e";
remoteBuild = true;
profiles.system = {
user = "root";
path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.rknrd;
};
};
};
checks = {
pre-commit-check = inputs.pre-commit-hooks.lib.${system}.run {
src = ./.;
hooks = {
typos.enable = true;
alejandra.enable = true;
deadnix.enable = true;
statix.enable = true;
};
};
};
devShells.${system}.default = pkgs.mkShell {
buildInputs = [
pkgs.nix
pkgs.home-manager
pkgs.git
deploy-rs.packages.${system}.deploy-rs
];
nixosConfigurations = import ./nixos {inherit inputs pkgs attrs system ethereum-nix;};
homeConfigurations = import ./home-manager {inherit inputs pkgs attrs;};
deploy.nodes = {
htz = {
hostname = "htz";
sshUser = "root";
remoteBuild = true;
profiles.system = {
user = "root";
path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.htz;
};
};
}
racknerd = {
hostname = "racknerd";
sshUser = "e";
remoteBuild = true;
profiles.system = {
user = "root";
path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.rknrd;
};
};
};
checks = {
pre-commit-check = inputs.pre-commit-hooks.lib.${system}.run {
src = ./.;
hooks.treefmt.enable = true;
hooks.treefmt.package = eachSystem (pkgs: treefmtEval.${pkgs.system}.config.build.wrapper);
};
};
formatter = eachSystem (pkgs: treefmtEval.${pkgs.system}.config.build.wrapper);
devShells.${system}.default = pkgs.mkShell {
buildInputs = [
pkgs.nix
pkgs.home-manager
pkgs.git
deploy-rs.packages.${system}.deploy-rs
];
};
};
}

11
home-manager/default.nix
View file

@ -1,12 +1,16 @@
{ inputs, pkgs, attrs, ...}:
{
inputs,
pkgs,
attrs,
...
}: {
"e" = inputs.home-manager.lib.homeManagerConfiguration {
inherit pkgs;
extraSpecialArgs = {
inherit inputs attrs;
host = {
hostName = "t14";
username = attrs.username;
inherit (attrs) username;
};
};
modules = [
@ -20,7 +24,7 @@
inherit inputs attrs;
host = {
hostName = "e";
username = attrs.username;
inherit (attrs) username;
};
};
modules = [
@ -28,4 +32,3 @@
];
};
}

5
home-manager/home.nix
View file

@ -1,5 +1,4 @@
{ inputs, ... }:
{
{inputs, ...}: {
programs.home-manager.enable = true;
nix = {
registry.nixpkgs.flake = inputs.nixpkgs;
@ -12,6 +11,6 @@
};
};
};
imports = [ ./shared/programs/min.nix ];
imports = [./shared/programs/min.nix];
xdg.enable = true;
}

3
home-manager/shared/programs/2fa/default.nix
View file

@ -1,5 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
twofa
];

3
home-manager/shared/programs/default.nix
View file

@ -1,5 +1,4 @@
{ home-manager, config, lib, pkgs, ... }:
{
{...}: {
imports = [
./dev
./nvim

3
home-manager/shared/programs/dev/default.nix
View file

@ -1,5 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
ripgrep
k9s

3
home-manager/shared/programs/min.nix
View file

@ -1,5 +1,4 @@
{ home-manager, config, lib, pkgs, ... }:
{
{...}: {
imports = [
./shell
];

3
home-manager/shared/programs/nvim/default.nix
View file

@ -1,5 +1,4 @@
{ pkgs, ...}:
{
{pkgs, ...}: {
home.packages = with pkgs; [
full
];

63
home-manager/shared/programs/shell/default.nix
View file

@ -1,5 +1,4 @@
{ host, ... }:
{
{host, ...}: {
imports = [
./tmux.nix
./git.nix
@ -8,7 +7,7 @@
programs.bash = {
enable = true;
enableCompletion = true;
historyControl = [ "ignorespace" ];
historyControl = ["ignorespace"];
historyIgnore = [
":q"
"exit"
@ -36,36 +35,36 @@
"histappend"
];
bashrcExtra = ''
export PROMPT_COMMAND="prompt_command;history -a"
export PATH="/usr/local/go/bin:~/go/bin:~/.bin:~/.local/bin:$PATH"
export GPG_2FA="mail@10110110.xyz"
export MANPAGER="nvim +Man!"
export EDITOR="nvim"
export _JAVA_AWT_WM_NONREPARENTING=1
export NIX_FLAKE="/home/e/dev/nix"
[[ $- != *i* ]] && return
function exists {
type $1 >/dev/null 2>&1
}
export PROMPT_COMMAND="prompt_command;history -a"
export PATH="/usr/local/go/bin:~/go/bin:~/.bin:~/.local/bin:$PATH"
export GPG_2FA="mail@10110110.xyz"
export MANPAGER="nvim +Man!"
export EDITOR="nvim"
export _JAVA_AWT_WM_NONREPARENTING=1
export NIX_FLAKE="/home/e/dev/nix"
[[ $- != *i* ]] && return
function exists {
type $1 >/dev/null 2>&1
}
function prompt_command {
GIT_BRANCH=$(git symbolic-ref --short HEAD 2>/dev/null | cut -c 1-10)
[[ $GIT_BRANCH != "" ]] && \
PS1="\[\033[38;5;1m\][\u@\h\[$(tput sgr0)\] \[$(tput sgr0)\]\[\033[38;5;7m\]\W\[$(tput sgr0)\]\[\033[38;5;1m\]]\[$(tput sgr0)\]\[$(tput sgr0)\]\[\033[38;5;3m\]($GIT_BRANCH)\[\033[38;5;7m\]\$\[$(tput sgr0)\] " || \
PS1="\[\033[38;5;1m\][\u@\h\[$(tput sgr0)\] \[$(tput sgr0)\]\[\033[38;5;7m\]\W\[$(tput sgr0)\]\[\033[38;5;1m\]]\[$(tput sgr0)\]\[$(tput sgr0)\]\[\033[38;5;3m\]\[\033[38;5;7m\]\$\[$(tput sgr0)\] "
}
bind "set completion-ignore-case on"
bind "set completion-map-case on"
bind "set show-all-if-ambiguous on"
bind "set menu-complete-display-prefix on"
bind '"\t":menu-complete'
bind '"\C-k": previous-history'
bind '"\C-j": next-history'
function cd {
cmd="ls --color=auto"
builtin cd "$@" && $cmd
}
exists "kubectl" && source <(kubectl completion bash)
function prompt_command {
GIT_BRANCH=$(git symbolic-ref --short HEAD 2>/dev/null | cut -c 1-10)
[[ $GIT_BRANCH != "" ]] && \
PS1="\[\033[38;5;1m\][\u@\h\[$(tput sgr0)\] \[$(tput sgr0)\]\[\033[38;5;7m\]\W\[$(tput sgr0)\]\[\033[38;5;1m\]]\[$(tput sgr0)\]\[$(tput sgr0)\]\[\033[38;5;3m\]($GIT_BRANCH)\[\033[38;5;7m\]\$\[$(tput sgr0)\] " || \
PS1="\[\033[38;5;1m\][\u@\h\[$(tput sgr0)\] \[$(tput sgr0)\]\[\033[38;5;7m\]\W\[$(tput sgr0)\]\[\033[38;5;1m\]]\[$(tput sgr0)\]\[$(tput sgr0)\]\[\033[38;5;3m\]\[\033[38;5;7m\]\$\[$(tput sgr0)\] "
}
bind "set completion-ignore-case on"
bind "set completion-map-case on"
bind "set show-all-if-ambiguous on"
bind "set menu-complete-display-prefix on"
bind '"\t":menu-complete'
bind '"\C-k": previous-history'
bind '"\C-j": next-history'
function cd {
cmd="ls --color=auto"
builtin cd "$@" && $cmd
}
exists "kubectl" && source <(kubectl completion bash)
'';
};
programs.fzf = {

3
home-manager/shared/programs/shell/direnv.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
_: {
programs.direnv = {
enable = true;
enableBashIntegration = true;

5
home-manager/shared/programs/shell/git.nix
View file

@ -1,6 +1,5 @@
{ ... }:
{
programs.git= {
_: {
programs.git = {
enable = true;
userEmail = "cjriddz@protonmail.com";
userName = "iofq";

14
home-manager/shared/programs/shell/tmux.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
_: {
programs.tmux = {
enable = true;
keyMode = "vi";
@ -11,12 +10,11 @@
# vi mode navigation
customPaneNavigationAndResize = true;
extraConfig = ''
bind-key -T copy-mode-vi 'v' send -X begin-selection
bind-key -T copy-mode-vi 'y' send-keys -X copy-pipe-and-cancel 'xclip -sel clip -i'
set -g status-right ""
setw -g status-style 'bg=colour0 fg=colour7'
setw -g window-status-current-format '[#P:#W*] '
bind-key -T copy-mode-vi 'v' send -X begin-selection
bind-key -T copy-mode-vi 'y' send-keys -X copy-pipe-and-cancel 'xclip -sel clip -i'
set -g status-right ""
setw -g status-style 'bg=colour0 fg=colour7'
setw -g window-status-current-format '[#P:#W*] '
'';
};
}

5
home-manager/shared/programs/warrior/default.nix
View file

@ -1,5 +1,8 @@
{ pkgs, config, ... }:
{
pkgs,
config,
...
}: {
programs.taskwarrior = {
enable = true;
colorTheme = "solarized-dark-256";

4
home-manager/shared/wayland/alacritty/default.nix
View file

@ -1,5 +1,4 @@
{ ... }:
{
_: {
programs.alacritty = {
enable = true;
settings = {
@ -78,7 +77,6 @@
action = "ScrollPageDown";
}
];
};
};
}

3
home-manager/shared/wayland/audio/default.nix
View file

@ -1,5 +1,4 @@
{pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
pulseaudio
pulsemixer

3
home-manager/shared/wayland/default.nix
View file

@ -1,5 +1,4 @@
{ home-manager, config, lib, pkgs, ... }:
{
{...}: {
imports = [
./librewolf
./alacritty

3
home-manager/shared/wayland/librewolf/default.nix
View file

@ -1,4 +1,3 @@
{ pkgs, ... }:
{
_: {
programs.librewolf.enable = true;
}

57
home-manager/shared/wayland/sway/default.nix
View file

@ -1,5 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}: {
home.packages = with pkgs; [
wl-clipboard
autotiling-rs
@ -10,12 +14,12 @@
home.sessionVariables = {
# needed for Sway and Firefox to play nice
XDG_CURRENT_DESKTOP = "sway";
MOZ_DBUS_REMOTE=1;
MOZ_DBUS_REMOTE = 1;
};
systemd.user.services.autotiling = {
Install = {
WantedBy = [ "sway-session.target" ];
PartOf = [ "graphical-session.target" ];
WantedBy = ["sway-session.target"];
PartOf = ["graphical-session.target"];
};
Service = {
ExecStart = "${pkgs.autotiling-rs}/bin/autotiling-rs";
@ -65,26 +69,27 @@
};
modifier = "Mod4";
keybindings = let
modifier = config.wayland.windowManager.sway.config.modifier;
in lib.mkOptionDefault {
Prior = "nop";
Next = "nop";
"${modifier}+x" = "kill";
"${modifier}+space" = "exec ${pkgs.dmenu}/bin/dmenu_path | ${pkgs.dmenu}/bin/dmenu | ${pkgs.findutils}/bin/xargs swaymsg exec --";
"${modifier}+bracketleft" = "exec --no-startup-id grimshot --notify save area /tmp/scrot-$(date \"+%Y-%m-%d\"T\"%H:%M:%S\").png";
"${modifier}+bracketright" = "exec --no-startup-id grimshot --notify copy area";
"${modifier}+Shift+Ctrl+l" = "exec loginctl lock-session";
"XF86MonBrightnessDown" = "exec light -U 10";
"XF86MonBrightnessUp" = "exec light -A 10";
"XF86AudioRaiseVolume" = "exec 'pactl set-sink-volume @DEFAULT_SINK@ +1%'";
"XF86AudioLowerVolume" = "exec 'pactl set-sink-volume @DEFAULT_SINK@ -1%'";
"XF86AudioMute" = "exec 'pactl set-sink-mute @DEFAULT_SINK@ toggle'";
"XF86Display" = "exec 'swaymsg \"output eDP-1 toggle\"'";
};
inherit (config.wayland.windowManager.sway.config) modifier;
in
lib.mkOptionDefault {
Prior = "nop";
Next = "nop";
"${modifier}+x" = "kill";
"${modifier}+space" = "exec ${pkgs.dmenu}/bin/dmenu_path | ${pkgs.dmenu}/bin/dmenu | ${pkgs.findutils}/bin/xargs swaymsg exec --";
"${modifier}+bracketleft" = "exec --no-startup-id grimshot --notify save area /tmp/scrot-$(date \"+%Y-%m-%d\"T\"%H:%M:%S\").png";
"${modifier}+bracketright" = "exec --no-startup-id grimshot --notify copy area";
"${modifier}+Shift+Ctrl+l" = "exec loginctl lock-session";
"XF86MonBrightnessDown" = "exec light -U 10";
"XF86MonBrightnessUp" = "exec light -A 10";
"XF86AudioRaiseVolume" = "exec 'pactl set-sink-volume @DEFAULT_SINK@ +1%'";
"XF86AudioLowerVolume" = "exec 'pactl set-sink-volume @DEFAULT_SINK@ -1%'";
"XF86AudioMute" = "exec 'pactl set-sink-mute @DEFAULT_SINK@ toggle'";
"XF86Display" = "exec 'swaymsg \"output eDP-1 toggle\"'";
};
assigns = {
"9" = [
{ class = "discord";}
{ class = "Signal";}
{class = "discord";}
{class = "Signal";}
];
};
bars = [
@ -140,8 +145,8 @@
};
};
extraConfig = ''
bindswitch --reload --locked lid:on exec "[ $(swaymsg -t get_outputs | jq '. | length') -gt 1 ] && swaymsg output eDP-1 disable"
bindswitch --reload --locked lid:off output eDP-1 enable
bindswitch --reload --locked lid:on exec "[ $(swaymsg -t get_outputs | jq '. | length') -gt 1 ] && swaymsg output eDP-1 disable"
bindswitch --reload --locked lid:off output eDP-1 enable
'';
};
programs.i3status = {
@ -169,14 +174,14 @@
format_up = "%signal";
};
};
"memory" = {
"memory" = {
settings = {
format = "%used";
format_degraded = "%used";
threshold_degraded = "1G";
};
};
"battery all" = {
"battery all" = {
settings = {
format = "%percentage%status %remaining";
status_chr = "+";

3
home-manager/shared/wayland/xdg/default.nix
View file

@ -1,5 +1,4 @@
{pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
xdg-utils
];

8
home-manager/t14/home.nix
View file

@ -1,11 +1,14 @@
{ pkgs, attrs, ... }:
{
pkgs,
attrs,
...
}: {
imports = [
../shared/programs/default.nix
../shared/wayland/default.nix
];
home = {
username = attrs.username;
inherit (attrs) username;
homeDirectory = "/home/" + attrs.username;
packages = with pkgs; [
# gaming
@ -26,7 +29,6 @@
# sysutils
appimage-run
wireguard-tools
];
};
programs.ssh = {

7
nixos/configuration.nix
View file

@ -1,10 +1,9 @@
{ host, ... }:
{
{host, ...}: {
users.groups.plugdev = {}; # Create plugdev group
networking.hostName = host.hostName;
users.users.${host.username} = {
isNormalUser = true;
extraGroups = [
extraGroups = [
"wheel"
"plugdev"
"video"
@ -15,7 +14,7 @@
# Enable flakes and unfree packages
nix.settings = {
auto-optimise-store = true;
experimental-features = [ "nix-command" "flakes" ];
experimental-features = ["nix-command" "flakes"];
};
nix.gc = {
automatic = true;

14
nixos/default.nix
View file

@ -1,10 +1,16 @@
{ inputs, pkgs, attrs, system, ... }: {
{
inputs,
pkgs,
attrs,
system,
...
}: {
t14 = inputs.nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs system pkgs;
host = {
hostName = "t14";
username = attrs.username;
inherit (attrs) username;
};
};
modules = [
@ -18,7 +24,7 @@
inherit inputs system pkgs;
host = {
hostName = "rknrd";
username = attrs.username;
inherit (attrs) username;
};
};
modules = [
@ -38,7 +44,7 @@
};
host = {
hostName = "htz";
username = attrs.username;
inherit (attrs) username;
};
};
modules = [

24
nixos/htz/configuration.nix
View file

@ -1,8 +1,12 @@
{ pkgs, addressList, ... }: {
{
pkgs,
addressList,
...
}: {
imports = [
./hardware-configuration.nix
./vms
#./eth.nix
#./eth.nix
];
environment.systemPackages = with pkgs; [
vim
@ -18,11 +22,13 @@
};
nat = {
enable = true;
forwardPorts = [ {
proto = "tcp";
sourcePort = 80;
destination = addressList.vm-test.ipv4;
} ];
forwardPorts = [
{
proto = "tcp";
sourcePort = 80;
destination = addressList.vm-test.ipv4;
}
];
};
};
services.openssh.enable = true;
@ -32,12 +38,12 @@
};
e = {
isNormalUser = true;
extraGroups = [ "wheel" ];
extraGroups = ["wheel"];
home = "/home/e";
openssh.authorizedKeys.keys = [''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHM4Zr0PFN7QdOG2aJ+nuzRCK6caulrpY6bphA1Ppl8Y e@t14''];
};
};
security.sudo.wheelNeedsPassword = false;
nix.settings.trusted-users = ["e"];
system.stateVersion = "23.11";
system.stateVersion = "23.11";
}

45
nixos/htz/eth.nix
View file

@ -1,4 +1,8 @@
{ system, ethereum-nix, ...}: {
{
system,
ethereum-nix,
...
}: {
services.ethereum.geth.mainnet = {
enable = true;
package = ethereum-nix.packages.${system}.geth;
@ -12,15 +16,15 @@
};
};
services.nginx.enable = true;
services.nginx.virtualHosts."contabo.10110110.xyz" = {
addSSL = true;
enableACME = true;
root = "/var/www/fam";
};
security.acme = {
acceptTerms = true;
defaults.email = "cjriddz@protonmail.com";
};
services.nginx.virtualHosts."contabo.10110110.xyz" = {
addSSL = true;
enableACME = true;
root = "/var/www/fam";
};
security.acme = {
acceptTerms = true;
defaults.email = "cjriddz@protonmail.com";
};
networking.firewall = {
enable = true;
allowedTCPPorts = [80 443];
@ -46,26 +50,25 @@
history = "prune";
graffiti = "yo";
metrics = {
enable = true;
port = 5054;
address = "127.0.0.1";
enable = true;
port = 5054;
address = "127.0.0.1";
};
rest = {
enable = true;
port = 5052;
address = "0.0.0.0";
allow-origin = "*";
enable = true;
port = 5052;
address = "0.0.0.0";
allow-origin = "*";
};
payload-builder = {
enable = true;
url = "http://localhost";
};
light-client-data = {
serve = true;
import-mode = "only-new";
max-periods = "3";
serve = true;
import-mode = "only-new";
max-periods = "3";
};
};
};
}

33
nixos/htz/hardware-configuration.nix
View file

@ -1,6 +1,9 @@
{ modulesPath, lib, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
modulesPath,
lib,
...
}: {
imports = [(modulesPath + "/profiles/qemu-guest.nix")];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
boot = {
tmp.cleanOnBoot = true;
@ -11,11 +14,11 @@
};
initrd.availableKernelModules = [
"ata_piix"
"uhci_hcd"
"xen_blkfront"
"vmw_pvscsi"
"uhci_hcd"
"xen_blkfront"
"vmw_pvscsi"
];
initrd.kernelModules = [ "nvme" ];
initrd.kernelModules = ["nvme"];
};
fileSystems = {
"/boot" = {
@ -27,16 +30,18 @@
fsType = "ext4";
};
};
swapDevices = [{
device = "/dev/dm-1";
}];
swapDevices = [
{
device = "/dev/dm-1";
}
];
zramSwap.enable = false;
networking = {
useNetworkd = true;
nat = {
enable = true;
externalInterface = "enp0s31f6";
internalInterfaces = [ "microvm" ];
internalInterfaces = ["microvm"];
};
};
systemd.network = {
@ -54,9 +59,11 @@
DHCPServer = true;
IPv6SendRA = true;
};
addresses = [ {
addressConfig.Address = "10.0.0.1/24";
} ];
addresses = [
{
addressConfig.Address = "10.0.0.1/24";
}
];
};
"11-microvm" = {
matchConfig.Name = "vm-*";

60
nixos/htz/vms/default.nix
View file

@ -1,30 +1,44 @@
{ lib, pkgs, addressList, ... }:
let genVMConfig = { name, config ? {}, ro-store ? true }: {
restartIfChanged = true;
pkgs = pkgs;
config = config // {
microvm = {
shares = lib.mkIf (ro-store == true) [{
source = "/nix/store";
mountPoint = "/nix/.ro-store";
tag = "ro-store";
proto = "virtiofs";
}];
interfaces = [
{
type = "tap";
id = name;
mac = addressList.${name}.mac;
}
];
};
} // import ./vmDefaults.nix { inherit name addressList; };
};
{
lib,
pkgs,
addressList,
...
}: let
genVMConfig = {
name,
config ? {},
ro-store ? true,
}: {
restartIfChanged = true;
inherit pkgs;
config =
config
// {
microvm = {
shares = lib.mkIf ro-store [
{
source = "/nix/store";
mountPoint = "/nix/.ro-store";
tag = "ro-store";
proto = "virtiofs";
}
];
interfaces = [
{
type = "tap";
id = name;
inherit (addressList.${name}) mac;
}
];
};
}
// import ./vmDefaults.nix {inherit name addressList;};
};
in {
microvm.vms = {
vm-test = genVMConfig {
name = "vm-test";
config = import ./vm-test.nix { inherit pkgs addressList; };
config = import ./vm-test.nix {inherit pkgs addressList;};
};
};
}

27
nixos/htz/vms/headscale.nix Normal file
View file

@ -0,0 +1,27 @@
{config, ...}: let
domain = "ts.10110110.xyz";
in {
services = {
headscale = {
enable = true;
address = "0.0.0.0";
port = 8080;
serverUrl = "https://${domain}";
dns = {baseDomain = "10110110.xyz";};
settings = {logtail.enabled = false;};
};
services.nginx = {
enable = true;
virtualHosts.${domain} = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString config.services.headscale.port}";
proxyWebsockets = true;
};
};
};
};
system.stateVersion = "23.11";
}

2
nixos/htz/vms/vm-test.nix
View file

@ -1,4 +1,4 @@
{ ... }: {
_: {
networking.firewall = {
enable = true;
allowedTCPPorts = [80];

11
nixos/htz/vms/vmDefaults.nix
View file

@ -1,4 +1,8 @@
{ name, addressList, ...}: {
{
name,
addressList,
...
}: {
systemd.network = {
enable = true;
networks."20-lan" = {
@ -27,11 +31,12 @@
root = {
openssh.authorizedKeys.keys = [
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIItTJm2iu/5xacOoh4/JAvMtHE62duDlVVXpvVP+uQMR root@htz''
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILU2TUxKyGKoZ68IG4hw23RmxVf72u5K9W0StkgTr0b2 e@t14'' ];
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILU2TUxKyGKoZ68IG4hw23RmxVf72u5K9W0StkgTr0b2 e@t14''
];
};
e = {
isNormalUser = true;
extraGroups = [ "wheel" ];
extraGroups = ["wheel"];
openssh.authorizedKeys.keys = [
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIItTJm2iu/5xacOoh4/JAvMtHE62duDlVVXpvVP+uQMR root@htz''
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILU2TUxKyGKoZ68IG4hw23RmxVf72u5K9W0StkgTr0b2 e@t14''

14
nixos/racknerd/configuration.nix
View file

@ -1,4 +1,8 @@
{ inputs, pkgs, system, ... }: {
{
pkgs,
system,
...
}: {
imports = [
./hardware-configuration.nix
./minecraft.nix
@ -19,20 +23,20 @@
services.openssh.enable = true;
users.users = {
root = {
openssh.authorizedKeys.keys = [''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILU2TUxKyGKoZ68IG4hw23RmxVf72u5K9W0StkgTr0b2 e@t14'' ];
openssh.authorizedKeys.keys = [''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILU2TUxKyGKoZ68IG4hw23RmxVf72u5K9W0StkgTr0b2 e@t14''];
};
e = {
isNormalUser = true;
extraGroups = [ "wheel" ];
extraGroups = ["wheel"];
packages = with pkgs; [
vim
htop
tree
];
openssh.authorizedKeys.keys = [''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILU2TUxKyGKoZ68IG4hw23RmxVf72u5K9W0StkgTr0b2 e@t14'' ];
openssh.authorizedKeys.keys = [''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILU2TUxKyGKoZ68IG4hw23RmxVf72u5K9W0StkgTr0b2 e@t14''];
};
};
security.sudo.wheelNeedsPassword = false;
nix.settings.trusted-users = ["e"];
system.stateVersion = "22.11";
system.stateVersion = "22.11";
}

18
nixos/racknerd/hardware-configuration.nix
View file

@ -1,10 +1,16 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
lib,
modulesPath,
...
}: {
imports = [(modulesPath + "/profiles/qemu-guest.nix")];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
boot.loader.grub.device = "/dev/vda";
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; };
swapDevices = [ { device = "/dev/vda2"; } ];
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi"];
boot.initrd.kernelModules = ["nvme"];
fileSystems."/" = {
device = "/dev/vda1";
fsType = "ext4";
};
swapDevices = [{device = "/dev/vda2";}];
}

3
nixos/racknerd/minecraft.nix
View file

@ -1,4 +1,4 @@
{ pkgs, ... }: {
{pkgs, ...}: {
services.minecraft-server = {
enable = true;
eula = true;
@ -16,5 +16,4 @@
k359 = "a5ccc07c-144d-4dd0-b07c-48c4d5302b58";
};
};
}

164
nixos/t14/configuration.nix
View file

@ -1,95 +1,93 @@
{ pkgs, ... }:
{
imports =
[
./hardware-configuration.nix
./nano.nix
];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
{pkgs, ...}: {
imports = [
./hardware-configuration.nix
./nano.nix
];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.networkmanager.enable = true;
networking.firewall = {
enable = true;
allowedTCPPorts = [11111 80];
allowedUDPPorts = [];
logRefusedConnections = true;
};
environment.systemPackages = with pkgs; [
cryptsetup
nfs-utils
];
virtualisation.podman = {
enable = true;
dockerCompat = true;
};
networking.networkmanager.enable = true;
networking.firewall = {
enable = true;
allowedTCPPorts = [11111 80];
allowedUDPPorts = [];
logRefusedConnections = true;
};
environment.systemPackages = with pkgs; [
cryptsetup
nfs-utils
];
virtualisation.podman = {
enable = true;
dockerCompat = true;
};
programs.light.enable = true;
security.pam.services.swaylock = {};
services.pipewire = {
enable = true;
alsa.enable = true;
pulse.enable = true;
};
programs.ssh = {
startAgent = true;
};
services.flatpak.enable = true;
services.dbus.enable = true;
xdg.portal = {
enable = true;
xdgOpenUsePortal = true;
wlr.enable = true;
extraPortals = [
pkgs.xdg-desktop-portal-gtk
pkgs.xdg-desktop-portal-wlr
programs.light.enable = true;
security.pam.services.swaylock = {};
services.pipewire = {
enable = true;
alsa.enable = true;
pulse.enable = true;
};
programs.ssh = {
startAgent = true;
};
services.flatpak.enable = true;
services.dbus.enable = true;
xdg.portal = {
enable = true;
xdgOpenUsePortal = true;
wlr.enable = true;
extraPortals = [
pkgs.xdg-desktop-portal-gtk
pkgs.xdg-desktop-portal-wlr
];
config = {
common = {
default = [
"*"
];
config = {
common = {
default = [
"*"
];
};
};
};
};
};
services.tlp = {
enable = true;
settings = {
WIFI_PWR_ON_BAT = "off";
CPU_BOOST_ON_BAT = "0";
CPU_BOOST_ON_AC = "1";
services.tlp = {
enable = true;
settings = {
WIFI_PWR_ON_BAT = "off";
CPU_BOOST_ON_BAT = "0";
CPU_BOOST_ON_AC = "1";
PLATFORM_PROFILE_ON_AC = "performance";
PLATFORM_PROFILE_ON_BAT = "low-power";
CPU_SCALING_GOVERNOR_ON_AC = "performance";
CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
PLATFORM_PROFILE_ON_AC = "performance";
PLATFORM_PROFILE_ON_BAT = "low-power";
CPU_SCALING_GOVERNOR_ON_AC = "performance";
CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
CPU_MIN_PERF_ON_AC = 0;
CPU_MAX_PERF_ON_AC = 100;
CPU_MIN_PERF_ON_BAT = 0;
CPU_MAX_PERF_ON_BAT = 25;
RADEON_DPM_STATE_ON_AC="performance";
RADEON_DPM_STATE_ON_BAT="battery";
RADEON_POWER_PROFILE_ON_AC="high";
RADEON_POWER_PROFILE_ON_BAT="low";
CPU_MIN_PERF_ON_AC = 0;
CPU_MAX_PERF_ON_AC = 100;
CPU_MIN_PERF_ON_BAT = 0;
CPU_MAX_PERF_ON_BAT = 25;
RADEON_DPM_STATE_ON_AC = "performance";
RADEON_DPM_STATE_ON_BAT = "battery";
RADEON_POWER_PROFILE_ON_AC = "high";
RADEON_POWER_PROFILE_ON_BAT = "low";
#Optional helps save long term battery health
START_CHARGE_THRESH_BAT0 = 80; # bellow it starts to charge
STOP_CHARGE_THRESH_BAT0 = 95; # above it stops charging
};
#Optional helps save long term battery health
START_CHARGE_THRESH_BAT0 = 80; # bellow it starts to charge
STOP_CHARGE_THRESH_BAT0 = 95; # above it stops charging
};
};
hardware.opengl.enable = true;
hardware.opengl.extraPackages = [
pkgs.mesa.drivers
pkgs.libGL
];
hardware.opengl.setLdLibraryPath = true;
hardware.opengl.enable = true;
hardware.opengl.extraPackages = [
pkgs.mesa.drivers
pkgs.libGL
];
hardware.opengl.setLdLibraryPath = true;
boot.kernelPackages = pkgs.linuxPackages_latest;
system.stateVersion = "22.11";
}
boot.kernelPackages = pkgs.linuxPackages_latest;
system.stateVersion = "22.11";
}

29
nixos/t14/hardware-configuration.nix
View file

@ -1,29 +1,32 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
config,
lib,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "ehci_pci" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ "amdgpu" ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["nvme" "ehci_pci" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
boot.initrd.kernelModules = ["amdgpu"];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/f56e8356-3915-4ff8-957c-de7f9a72b326";
fileSystems."/" = {
device = "/dev/disk/by-uuid/f56e8356-3915-4ff8-957c-de7f9a72b326";
fsType = "btrfs";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/346A-5AF5";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/346A-5AF5";
fsType = "vfat";
};
swapDevices = [ ];
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

25
nixos/t14/nano.nix
View file

@ -1,16 +1,15 @@
{ ... }:
{
_: {
services.udev.extraRules = ''
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="1b7c", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="2b7c", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="3b7c", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="4b7c", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="1807", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="1808", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="0000", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="0001", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="0004", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="1011", MODE="0660", GROUP="plugdev"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="1015", MODE="0660", GROUP="plugdev"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="1b7c", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="2b7c", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="3b7c", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="4b7c", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="1807", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="1808", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="0000", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="0001", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="0004", MODE="0660", TAG+="uaccess", TAG+="udev-acl"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="1011", MODE="0660", GROUP="plugdev"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="1015", MODE="0660", GROUP="plugdev"
'';
}

6
treefmt.nix Normal file
View file

@ -0,0 +1,6 @@
_: {
projectRootFile = "flake.nix";
programs.alejandra.enable = true;
programs.deadnix.enable = true;
programs.statix.enable = true;
}