Compare commits
4 commits
9230fecb98
...
73b74531a2
Author | SHA1 | Date | |
---|---|---|---|
73b74531a2 | |||
bb0abe5988 | |||
0fe2e334bb | |||
c524dcaa0f |
87 changed files with 847 additions and 601 deletions
|
@ -1,4 +1,5 @@
|
|||
{nixos-config, ...}: {
|
||||
{ nixos-config, ... }:
|
||||
{
|
||||
imports = [
|
||||
"${nixos-config}/modules"
|
||||
"${nixos-config}/services/tailscale.nix"
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{...}: {
|
||||
{ ... }:
|
||||
{
|
||||
documentation.nixos.includeAllModules = true;
|
||||
documentation.nixos.options.warningsAreErrors = false;
|
||||
home-manager.users.darkkirb.manual = {
|
||||
|
|
|
@ -1,8 +1,10 @@
|
|||
{config, ...}: {
|
||||
{ config, ... }:
|
||||
{
|
||||
time.timeZone = "Etc/GMT-1";
|
||||
isGraphical = true;
|
||||
imports = [
|
||||
./kde
|
||||
./documentation.nix
|
||||
./graphical/fonts.nix
|
||||
];
|
||||
}
|
||||
|
|
40
config/graphical/fonts.nix
Normal file
40
config/graphical/fonts.nix
Normal file
|
@ -0,0 +1,40 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
fonts = {
|
||||
fontDir.enable = true;
|
||||
fontconfig = {
|
||||
enable = true;
|
||||
defaultFonts = {
|
||||
emoji = [ "Noto Color Emoji" ];
|
||||
monospace = [
|
||||
"Fira Code"
|
||||
"Font Awesome 5 Free"
|
||||
];
|
||||
sansSerif = [
|
||||
"Noto Sans"
|
||||
"Font Awesome 5 Free"
|
||||
];
|
||||
serif = [
|
||||
"Noto Serif"
|
||||
"Font Awesome 5 Free"
|
||||
];
|
||||
};
|
||||
};
|
||||
packages = with pkgs; [
|
||||
fira-code
|
||||
fira-code-symbols
|
||||
font-awesome
|
||||
noto-fonts
|
||||
noto-fonts-cjk-sans
|
||||
noto-fonts-emoji
|
||||
noto-fonts-extra
|
||||
(nerdfonts.override {
|
||||
fonts = [
|
||||
"FiraCode"
|
||||
"DroidSansMono"
|
||||
"Noto"
|
||||
];
|
||||
})
|
||||
];
|
||||
};
|
||||
}
|
|
@ -1,6 +1,7 @@
|
|||
# Unlike other modules in this directory, this one is not enabled by default
|
||||
# The default graphical configuration would enable this, the verbose configuration would not.
|
||||
{config, ...}: {
|
||||
{ config, ... }:
|
||||
{
|
||||
boot = {
|
||||
plymouth.enable = true;
|
||||
consoleLogLevel = 0;
|
||||
|
|
|
@ -1,11 +1,12 @@
|
|||
{config, ...}: {
|
||||
{ config, ... }:
|
||||
{
|
||||
console.keyMap = "neo";
|
||||
i18n.extraLocaleSettings = {
|
||||
LC_ADDRESS="de_DE.UTF-8";
|
||||
LC_MONETARY="de_DE.UTF-8";
|
||||
LC_NAME="de_DE.UTF-8";
|
||||
LC_PAPER="de_DE.UTF-8";
|
||||
LC_TELEPHONE="de_DE.UTF-8";
|
||||
LC_TIME="de_DE.UTF-8";
|
||||
LC_ADDRESS = "de_DE.UTF-8";
|
||||
LC_MONETARY = "de_DE.UTF-8";
|
||||
LC_NAME = "de_DE.UTF-8";
|
||||
LC_PAPER = "de_DE.UTF-8";
|
||||
LC_TELEPHONE = "de_DE.UTF-8";
|
||||
LC_TIME = "de_DE.UTF-8";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{...}: {
|
||||
{ ... }:
|
||||
{
|
||||
services.xserver.enable = true;
|
||||
services.displayManager.sddm.enable = true;
|
||||
services.desktopManager.plasma6.enable = true;
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{plasma-manager, ...}: {
|
||||
{ plasma-manager, ... }:
|
||||
{
|
||||
programs.plasma.enable = true;
|
||||
programs.plasma.configFile.baloofilerc."Basic Settings"."Indexing-Enabled" = false;
|
||||
imports = [
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{...}: {
|
||||
{ ... }:
|
||||
{
|
||||
services.libinput.enable = true;
|
||||
services.xserver.xkb = {
|
||||
layout = "de";
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{...}: {
|
||||
{ ... }:
|
||||
{
|
||||
programs.plasma = {
|
||||
workspace.lookAndFeel = "org.kde.breezedark.desktop";
|
||||
hotkeys.commands."launch-konsole" = {
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
{...}: {
|
||||
{ ... }:
|
||||
{
|
||||
networking.networkmanager.enable = true;
|
||||
users.users.darkkirb.extraGroups = ["networkmanager"];
|
||||
users.users.darkkirb.extraGroups = [ "networkmanager" ];
|
||||
environment.persistence."/persistent".directories = [
|
||||
"/var/lib/NetworkManager"
|
||||
"/etc/NetworkManager"
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
{system, ...}: let
|
||||
{ system, ... }:
|
||||
let
|
||||
isx86 = system == "x86_64-linux";
|
||||
in {
|
||||
in
|
||||
{
|
||||
boot.loader.systemd-boot = {
|
||||
enable = true;
|
||||
memtest86.enable = isx86;
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{system, ...}: {
|
||||
{ system, ... }:
|
||||
{
|
||||
inherit system;
|
||||
config = import ./default.nix;
|
||||
autoStart = true;
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{nixos-config, ...}: {
|
||||
{ nixos-config, ... }:
|
||||
{
|
||||
imports = [
|
||||
nixos-config.nixosModules.containers
|
||||
];
|
||||
|
|
25
default.nix
25
default.nix
|
@ -1,14 +1,11 @@
|
|||
(
|
||||
import
|
||||
(
|
||||
let
|
||||
lock = builtins.fromJSON (builtins.readFile ./flake.lock);
|
||||
in
|
||||
fetchTarball {
|
||||
url = lock.nodes.flake-compat.locked.url or "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
|
||||
sha256 = lock.nodes.flake-compat.locked.narHash;
|
||||
}
|
||||
)
|
||||
{src = ./.;}
|
||||
)
|
||||
.defaultNix
|
||||
(import (
|
||||
let
|
||||
lock = builtins.fromJSON (builtins.readFile ./flake.lock);
|
||||
in
|
||||
fetchTarball {
|
||||
url =
|
||||
lock.nodes.flake-compat.locked.url
|
||||
or "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
|
||||
sha256 = lock.nodes.flake-compat.locked.narHash;
|
||||
}
|
||||
) { src = ./.; }).defaultNix
|
||||
|
|
263
flake.nix
263
flake.nix
|
@ -78,132 +78,161 @@
|
|||
};
|
||||
};
|
||||
|
||||
outputs = {
|
||||
self,
|
||||
nixpkgs,
|
||||
...
|
||||
} @ inputs': let
|
||||
inputs =
|
||||
inputs'
|
||||
// {
|
||||
outputs =
|
||||
{
|
||||
self,
|
||||
nixpkgs,
|
||||
...
|
||||
}@inputs':
|
||||
let
|
||||
inputs = inputs' // {
|
||||
nixos-config = self;
|
||||
inherit inputs;
|
||||
inTester = false;
|
||||
pureInputs = inputs';
|
||||
};
|
||||
pkgsFor = system: let
|
||||
inputs' =
|
||||
inputs
|
||||
// {
|
||||
pkgsFor =
|
||||
system:
|
||||
let
|
||||
inputs' = inputs // {
|
||||
inherit system;
|
||||
inputs = inputs';
|
||||
};
|
||||
in
|
||||
import nixpkgs {
|
||||
inherit system;
|
||||
inputs = inputs';
|
||||
};
|
||||
in
|
||||
import nixpkgs {
|
||||
inherit system;
|
||||
overlays =
|
||||
[
|
||||
(_: _:
|
||||
inputs'
|
||||
// {
|
||||
inputs = inputs';
|
||||
})
|
||||
]
|
||||
++ (
|
||||
if system == "riscv64-linux"
|
||||
then [
|
||||
inputs.riscv-overlay.overlays.default
|
||||
overlays =
|
||||
[
|
||||
(
|
||||
_: _:
|
||||
inputs'
|
||||
// {
|
||||
inputs = inputs';
|
||||
}
|
||||
)
|
||||
]
|
||||
else []
|
||||
++ (
|
||||
if system == "riscv64-linux" then
|
||||
[
|
||||
inputs.riscv-overlay.overlays.default
|
||||
]
|
||||
else
|
||||
[ ]
|
||||
);
|
||||
};
|
||||
in
|
||||
{
|
||||
checks.x86_64-linux = nixpkgs.lib.listToAttrs (
|
||||
map (testName: {
|
||||
name = testName;
|
||||
value = (pkgsFor "x86_64-linux").callPackage ./tests/${testName}.nix { };
|
||||
}) [ "containers-default" ]
|
||||
);
|
||||
nixosModules = {
|
||||
containers = import ./modules/containers/default.nix;
|
||||
default = import ./modules/default.nix;
|
||||
};
|
||||
nixosContainers =
|
||||
with nixpkgs.lib;
|
||||
let
|
||||
containerNames = [
|
||||
"default"
|
||||
];
|
||||
containerArches = [
|
||||
"x86_64-linux"
|
||||
"aarch64-linux"
|
||||
"riscv64-linux"
|
||||
];
|
||||
containers = listToAttrs (
|
||||
flatten (
|
||||
map (
|
||||
system:
|
||||
let
|
||||
pkgs = pkgsFor system;
|
||||
in
|
||||
map (container: {
|
||||
name = "container-${container}-${system}";
|
||||
value = pkgs.callPackage ./containers/${container}-configuration.nix { };
|
||||
}) containerNames
|
||||
) containerArches
|
||||
)
|
||||
);
|
||||
in
|
||||
containers;
|
||||
nixosConfigurations =
|
||||
with nixpkgs.lib;
|
||||
let
|
||||
mkSystem =
|
||||
args:
|
||||
let
|
||||
inputs' = inputs // {
|
||||
inherit (args) system;
|
||||
};
|
||||
in
|
||||
nixosSystem (
|
||||
args
|
||||
// {
|
||||
specialArgs = args.specialArgs or { } // inputs';
|
||||
}
|
||||
);
|
||||
systems' = {
|
||||
not522 = {
|
||||
config = ./machine/not522;
|
||||
system = "riscv64-linux";
|
||||
};
|
||||
not522-installer = {
|
||||
config = ./machine/not522/installer;
|
||||
system = "riscv64-linux";
|
||||
};
|
||||
pc-installer = {
|
||||
config = ./machine/pc-installer;
|
||||
system = "x86_64-linux";
|
||||
};
|
||||
rainbow-resort = {
|
||||
config = ./machine/rainbow-resort;
|
||||
system = "x86_64-linux";
|
||||
};
|
||||
thinkrac = {
|
||||
config = ./machine/thinkrac;
|
||||
system = "x86_64-linux";
|
||||
};
|
||||
};
|
||||
containers = mapAttrs (
|
||||
_: container:
|
||||
mkSystem {
|
||||
inherit (container) system;
|
||||
modules = [
|
||||
container.config
|
||||
];
|
||||
}
|
||||
) self.nixosContainers;
|
||||
systems = mapAttrs (
|
||||
_: system:
|
||||
mkSystem {
|
||||
inherit (system) system;
|
||||
modules = [
|
||||
system.config
|
||||
];
|
||||
}
|
||||
) systems';
|
||||
in
|
||||
containers // systems;
|
||||
hydraJobs = {
|
||||
inherit (self) checks devShells;
|
||||
nixosConfigurations = nixpkgs.lib.mapAttrs (
|
||||
_: v: v.config.system.build.toplevel
|
||||
) self.nixosConfigurations;
|
||||
};
|
||||
in {
|
||||
checks.x86_64-linux = nixpkgs.lib.listToAttrs (map (testName: {
|
||||
name = testName;
|
||||
value = (pkgsFor "x86_64-linux").callPackage ./tests/${testName}.nix {};
|
||||
}) ["containers-default"]);
|
||||
nixosModules = {
|
||||
containers = import ./modules/containers/default.nix;
|
||||
default = import ./modules/default.nix;
|
||||
};
|
||||
nixosContainers = with nixpkgs.lib; let
|
||||
containerNames = [
|
||||
"default"
|
||||
];
|
||||
containerArches = ["x86_64-linux" "aarch64-linux" "riscv64-linux"];
|
||||
containers = listToAttrs (flatten (map (system: let
|
||||
pkgs = pkgsFor system;
|
||||
in
|
||||
map (container: {
|
||||
name = "container-${container}-${system}";
|
||||
value = pkgs.callPackage ./containers/${container}-configuration.nix {};
|
||||
})
|
||||
containerNames)
|
||||
containerArches));
|
||||
in
|
||||
containers;
|
||||
nixosConfigurations = with nixpkgs.lib; let
|
||||
mkSystem = args: let
|
||||
inputs' = inputs // {inherit (args) system;};
|
||||
in
|
||||
nixosSystem (args
|
||||
// {
|
||||
specialArgs =
|
||||
args.specialArgs
|
||||
or {}
|
||||
// inputs';
|
||||
});
|
||||
systems' = {
|
||||
not522 = {
|
||||
config = ./machine/not522;
|
||||
system = "riscv64-linux";
|
||||
};
|
||||
not522-installer = {
|
||||
config = ./machine/not522/installer;
|
||||
system = "riscv64-linux";
|
||||
};
|
||||
pc-installer = {
|
||||
config = ./machine/pc-installer;
|
||||
system = "x86_64-linux";
|
||||
};
|
||||
rainbow-resort = {
|
||||
config = ./machine/rainbow-resort;
|
||||
system = "x86_64-linux";
|
||||
};
|
||||
thinkrac = {
|
||||
config = ./machine/thinkrac;
|
||||
system = "x86_64-linux";
|
||||
};
|
||||
};
|
||||
containers = mapAttrs (_: container:
|
||||
mkSystem {
|
||||
inherit (container) system;
|
||||
modules = [
|
||||
container.config
|
||||
devShells.x86_64-linux.default =
|
||||
with pkgsFor "x86_64-linux";
|
||||
mkShell {
|
||||
nativeBuildInputs = with pkgs; [
|
||||
age
|
||||
sops
|
||||
ssh-to-age
|
||||
nixfmt-rfc-style
|
||||
];
|
||||
})
|
||||
self.nixosContainers;
|
||||
systems = mapAttrs (_: system:
|
||||
mkSystem {
|
||||
inherit (system) system;
|
||||
modules = [
|
||||
system.config
|
||||
];
|
||||
})
|
||||
systems';
|
||||
in
|
||||
containers // systems;
|
||||
hydraJobs = {
|
||||
inherit (self) checks devShells;
|
||||
nixosConfigurations = nixpkgs.lib.mapAttrs (_: v: v.config.system.build.toplevel) self.nixosConfigurations;
|
||||
};
|
||||
formatter.x86_64-linux = (pkgsFor "x86_64-linux").nixfmt-rfc-style;
|
||||
};
|
||||
devShells.x86_64-linux.default = with pkgsFor "x86_64-linux";
|
||||
mkShell {
|
||||
nativeBuildInputs = with pkgs; [
|
||||
age
|
||||
sops
|
||||
ssh-to-age
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1 +1 @@
|
|||
{nixos-config}: (import nixos-config).hydraJobs
|
||||
{ nixos-config }: (import nixos-config).hydraJobs
|
||||
|
|
|
@ -3,13 +3,15 @@
|
|||
nixpkgs,
|
||||
lix,
|
||||
...
|
||||
}: let
|
||||
}:
|
||||
let
|
||||
pkgs_x86_64 = import nixpkgs {
|
||||
system = "x86_64-linux";
|
||||
crossSystem.system = "riscv64-linux";
|
||||
overlays = [lix.overlays.default];
|
||||
overlays = [ lix.overlays.default ];
|
||||
};
|
||||
in {
|
||||
in
|
||||
{
|
||||
nixpkgs.overlays = [
|
||||
(self: super: {
|
||||
inherit (pkgs_x86_64) lix nixos-option;
|
||||
|
|
|
@ -3,7 +3,8 @@
|
|||
nixos-hardware,
|
||||
nixpkgs,
|
||||
...
|
||||
}: {
|
||||
}:
|
||||
{
|
||||
networking.hostName = "not522";
|
||||
imports = [
|
||||
"${nixos-config}/config"
|
||||
|
@ -14,5 +15,5 @@
|
|||
];
|
||||
system.stateVersion = "24.11";
|
||||
nixpkgs.config.allowUnsupportedSystem = true;
|
||||
nix.settings.system-features = ["native-riscv"];
|
||||
nix.settings.system-features = [ "native-riscv" ];
|
||||
}
|
||||
|
|
|
@ -17,30 +17,33 @@
|
|||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
mountOptions = ["umask=0077"];
|
||||
mountOptions = [ "umask=0077" ];
|
||||
};
|
||||
};
|
||||
root = {
|
||||
end = "-8G";
|
||||
content = {
|
||||
type = "btrfs";
|
||||
extraArgs = ["-f"]; # Override existing partition
|
||||
extraArgs = [ "-f" ]; # Override existing partition
|
||||
# Subvolumes must set a mountpoint in order to be mounted,
|
||||
# unless their parent is mounted
|
||||
subvolumes = {
|
||||
# Subvolume name is different from mountpoint
|
||||
"/root" = {
|
||||
mountOptions = ["compress=zstd"];
|
||||
mountOptions = [ "compress=zstd" ];
|
||||
mountpoint = "/";
|
||||
};
|
||||
# Subvolume name is the same as the mountpoint
|
||||
"/persistent" = {
|
||||
mountOptions = ["compress=zstd"];
|
||||
mountOptions = [ "compress=zstd" ];
|
||||
mountpoint = "/persistent";
|
||||
};
|
||||
# Parent is not mounted so the mountpoint must be set
|
||||
"/nix" = {
|
||||
mountOptions = ["compress=zstd" "noatime"];
|
||||
mountOptions = [
|
||||
"compress=zstd"
|
||||
"noatime"
|
||||
];
|
||||
mountpoint = "/nix";
|
||||
};
|
||||
};
|
||||
|
|
|
@ -3,7 +3,8 @@
|
|||
nixos-hardware,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
}:
|
||||
{
|
||||
imports = [
|
||||
"${nixos-hardware}/starfive/visionfive/v2/default.nix"
|
||||
];
|
||||
|
|
|
@ -7,19 +7,19 @@
|
|||
lib,
|
||||
nixpkgs,
|
||||
...
|
||||
}: let
|
||||
dependencies =
|
||||
[
|
||||
nixos-config.nixosConfigurations.not522.config.system.build.toplevel
|
||||
nixos-config.nixosConfigurations.not522.config.system.build.diskoScript
|
||||
nixos-config.nixosConfigurations.not522.config.system.build.diskoScript.drvPath
|
||||
nixos-config.nixosConfigurations.not522.pkgs.stdenv.drvPath
|
||||
(nixos-config.nixosConfigurations.not522.pkgs.closureInfo {rootPaths = [];}).drvPath
|
||||
]
|
||||
++ map (i: i.outPath) (builtins.filter builtins.isAttrs (builtins.attrValues pureInputs));
|
||||
}:
|
||||
let
|
||||
dependencies = [
|
||||
nixos-config.nixosConfigurations.not522.config.system.build.toplevel
|
||||
nixos-config.nixosConfigurations.not522.config.system.build.diskoScript
|
||||
nixos-config.nixosConfigurations.not522.config.system.build.diskoScript.drvPath
|
||||
nixos-config.nixosConfigurations.not522.pkgs.stdenv.drvPath
|
||||
(nixos-config.nixosConfigurations.not522.pkgs.closureInfo { rootPaths = [ ]; }).drvPath
|
||||
] ++ map (i: i.outPath) (builtins.filter builtins.isAttrs (builtins.attrValues pureInputs));
|
||||
|
||||
closureInfo = pkgs.closureInfo {rootPaths = dependencies;};
|
||||
in {
|
||||
closureInfo = pkgs.closureInfo { rootPaths = dependencies; };
|
||||
in
|
||||
{
|
||||
networking.hostName = "not522-installer";
|
||||
imports = [
|
||||
"${nixos-config}/config"
|
||||
|
|
|
@ -17,30 +17,33 @@
|
|||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
mountOptions = ["umask=0077"];
|
||||
mountOptions = [ "umask=0077" ];
|
||||
};
|
||||
};
|
||||
root = {
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "btrfs";
|
||||
extraArgs = ["-f"]; # Override existing partition
|
||||
extraArgs = [ "-f" ]; # Override existing partition
|
||||
# Subvolumes must set a mountpoint in order to be mounted,
|
||||
# unless their parent is mounted
|
||||
subvolumes = {
|
||||
# Subvolume name is different from mountpoint
|
||||
"/root" = {
|
||||
mountOptions = ["compress=zstd"];
|
||||
mountOptions = [ "compress=zstd" ];
|
||||
mountpoint = "/";
|
||||
};
|
||||
# Subvolume name is the same as the mountpoint
|
||||
"/persistent" = {
|
||||
mountOptions = ["compress=zstd"];
|
||||
mountOptions = [ "compress=zstd" ];
|
||||
mountpoint = "/persistent";
|
||||
};
|
||||
# Parent is not mounted so the mountpoint must be set
|
||||
"/nix" = {
|
||||
mountOptions = ["compress=zstd" "noatime"];
|
||||
mountOptions = [
|
||||
"compress=zstd"
|
||||
"noatime"
|
||||
];
|
||||
mountpoint = "/nix";
|
||||
};
|
||||
};
|
||||
|
|
|
@ -5,21 +5,23 @@
|
|||
pkgs,
|
||||
pureInputs,
|
||||
...
|
||||
}: let
|
||||
}:
|
||||
let
|
||||
getDeps = name: [
|
||||
nixos-config.nixosConfigurations.${name}.config.system.build.toplevel
|
||||
nixos-config.nixosConfigurations.${name}.config.system.build.diskoScript
|
||||
nixos-config.nixosConfigurations.${name}.config.system.build.diskoScript.drvPath
|
||||
nixos-config.nixosConfigurations.${name}.pkgs.stdenv.drvPath
|
||||
(nixos-config.nixosConfigurations.${name}.pkgs.closureInfo {rootPaths = [];}).drvPath
|
||||
(nixos-config.nixosConfigurations.${name}.pkgs.closureInfo { rootPaths = [ ]; }).drvPath
|
||||
];
|
||||
dependencies =
|
||||
(getDeps "rainbow-resort")
|
||||
++ (getDeps "thinkrac")
|
||||
++ map (i: i.outPath) (builtins.filter builtins.isAttrs (builtins.attrValues pureInputs));
|
||||
|
||||
closureInfo = pkgs.closureInfo {rootPaths = dependencies;};
|
||||
in {
|
||||
closureInfo = pkgs.closureInfo { rootPaths = dependencies; };
|
||||
in
|
||||
{
|
||||
networking.hostName = "pc-installer";
|
||||
imports = [
|
||||
"${nixos-config}/config"
|
||||
|
|
|
@ -18,30 +18,33 @@
|
|||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
mountOptions = ["umask=0077"];
|
||||
mountOptions = [ "umask=0077" ];
|
||||
};
|
||||
};
|
||||
root = {
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "btrfs";
|
||||
extraArgs = ["-f"]; # Override existing partition
|
||||
extraArgs = [ "-f" ]; # Override existing partition
|
||||
# Subvolumes must set a mountpoint in order to be mounted,
|
||||
# unless their parent is mounted
|
||||
subvolumes = {
|
||||
# Subvolume name is different from mountpoint
|
||||
"/root" = {
|
||||
mountOptions = ["compress=zstd"];
|
||||
mountOptions = [ "compress=zstd" ];
|
||||
mountpoint = "/";
|
||||
};
|
||||
# Subvolume name is the same as the mountpoint
|
||||
"/persistent" = {
|
||||
mountOptions = ["compress=zstd"];
|
||||
mountOptions = [ "compress=zstd" ];
|
||||
mountpoint = "/persistent";
|
||||
};
|
||||
# Parent is not mounted so the mountpoint must be set
|
||||
"/nix" = {
|
||||
mountOptions = ["compress=zstd" "noatime"];
|
||||
mountOptions = [
|
||||
"compress=zstd"
|
||||
"noatime"
|
||||
];
|
||||
mountpoint = "/nix";
|
||||
};
|
||||
};
|
||||
|
|
|
@ -2,7 +2,8 @@
|
|||
config,
|
||||
nixos-config,
|
||||
...
|
||||
}: {
|
||||
}:
|
||||
{
|
||||
imports = [
|
||||
"${nixos-config}/config/graphical.nix"
|
||||
];
|
||||
|
|
|
@ -2,7 +2,8 @@
|
|||
config,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
}:
|
||||
{
|
||||
# For legacy pc reason, this needs to be grub
|
||||
boot.loader.systemd-boot.enable = lib.mkForce false;
|
||||
boot.loader.grub = {
|
||||
|
|
|
@ -1,5 +1,13 @@
|
|||
{...}: {
|
||||
boot.initrd.availableKernelModules = ["nvme" "ahci" "xhci_pci" "usbhid" "uas" "sd_mod"];
|
||||
{ ... }:
|
||||
{
|
||||
boot.initrd.availableKernelModules = [
|
||||
"nvme"
|
||||
"ahci"
|
||||
"xhci_pci"
|
||||
"usbhid"
|
||||
"uas"
|
||||
"sd_mod"
|
||||
];
|
||||
hardware.cpu.amd.updateMicrocode = true;
|
||||
hardware.cpu.intel.updateMicrocode = true;
|
||||
}
|
||||
|
|
|
@ -3,7 +3,8 @@
|
|||
nixos-config,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
}:
|
||||
{
|
||||
networking.hostName = "rainbow-resort";
|
||||
imports = [
|
||||
"${nixos-config}/config"
|
||||
|
@ -21,5 +22,5 @@
|
|||
}
|
||||
];
|
||||
};
|
||||
home-manager.users.darkkirb.imports = [./home-manager.nix];
|
||||
home-manager.users.darkkirb.imports = [ ./home-manager.nix ];
|
||||
}
|
||||
|
|
|
@ -17,30 +17,33 @@
|
|||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
mountOptions = ["umask=0077"];
|
||||
mountOptions = [ "umask=0077" ];
|
||||
};
|
||||
};
|
||||
root = {
|
||||
end = "-64G";
|
||||
content = {
|
||||
type = "btrfs";
|
||||
extraArgs = ["-f"]; # Override existing partition
|
||||
extraArgs = [ "-f" ]; # Override existing partition
|
||||
# Subvolumes must set a mountpoint in order to be mounted,
|
||||
# unless their parent is mounted
|
||||
subvolumes = {
|
||||
# Subvolume name is different from mountpoint
|
||||
"/root" = {
|
||||
mountOptions = ["compress=zstd"];
|
||||
mountOptions = [ "compress=zstd" ];
|
||||
mountpoint = "/";
|
||||
};
|
||||
# Subvolume name is the same as the mountpoint
|
||||
"/persistent" = {
|
||||
mountOptions = ["compress=zstd"];
|
||||
mountOptions = [ "compress=zstd" ];
|
||||
mountpoint = "/persistent";
|
||||
};
|
||||
# Parent is not mounted so the mountpoint must be set
|
||||
"/nix" = {
|
||||
mountOptions = ["compress=zstd" "noatime"];
|
||||
mountOptions = [
|
||||
"compress=zstd"
|
||||
"noatime"
|
||||
];
|
||||
mountpoint = "/nix";
|
||||
};
|
||||
};
|
||||
|
|
|
@ -2,7 +2,8 @@
|
|||
modulesPath,
|
||||
nixos-hardware,
|
||||
...
|
||||
}: {
|
||||
}:
|
||||
{
|
||||
imports = [
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
nixos-hardware.nixosModules.common-cpu-amd
|
||||
|
@ -13,10 +14,23 @@
|
|||
nixos-hardware.nixosModules.common-pc-ssd
|
||||
];
|
||||
hardware.cpu.amd.updateMicrocode = true;
|
||||
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "sr_mod" "k10temp"];
|
||||
boot.initrd.kernelModules = ["amdgpu"];
|
||||
boot.kernelModules = ["kvm-amd" "i2c-dev" "i2c-piix4"];
|
||||
boot.extraModulePackages = [];
|
||||
boot.initrd.availableKernelModules = [
|
||||
"nvme"
|
||||
"xhci_pci"
|
||||
"ahci"
|
||||
"usb_storage"
|
||||
"usbhid"
|
||||
"sd_mod"
|
||||
"sr_mod"
|
||||
"k10temp"
|
||||
];
|
||||
boot.initrd.kernelModules = [ "amdgpu" ];
|
||||
boot.kernelModules = [
|
||||
"kvm-amd"
|
||||
"i2c-dev"
|
||||
"i2c-piix4"
|
||||
];
|
||||
boot.extraModulePackages = [ ];
|
||||
nix.settings.cores = 16;
|
||||
boot.binfmt.emulatedSystems = [
|
||||
"armv7l-linux"
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{lib, ...}: {
|
||||
{ lib, ... }:
|
||||
{
|
||||
xdg.configFile."kwinoutputconfig.json".text = lib.strings.toJSON [
|
||||
{
|
||||
data = [
|
||||
|
|
|
@ -3,7 +3,8 @@
|
|||
nixos-config,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
}:
|
||||
{
|
||||
networking.hostName = "thinkrac";
|
||||
imports = [
|
||||
"${nixos-config}/config"
|
||||
|
|
|
@ -17,30 +17,33 @@
|
|||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
mountOptions = ["umask=0077"];
|
||||
mountOptions = [ "umask=0077" ];
|
||||
};
|
||||
};
|
||||
root = {
|
||||
end = "-24G";
|
||||
content = {
|
||||
type = "btrfs";
|
||||
extraArgs = ["-f"]; # Override existing partition
|
||||
extraArgs = [ "-f" ]; # Override existing partition
|
||||
# Subvolumes must set a mountpoint in order to be mounted,
|
||||
# unless their parent is mounted
|
||||
subvolumes = {
|
||||
# Subvolume name is different from mountpoint
|
||||
"/root" = {
|
||||
mountOptions = ["compress=zstd"];
|
||||
mountOptions = [ "compress=zstd" ];
|
||||
mountpoint = "/";
|
||||
};
|
||||
# Subvolume name is the same as the mountpoint
|
||||
"/persistent" = {
|
||||
mountOptions = ["compress=zstd"];
|
||||
mountOptions = [ "compress=zstd" ];
|
||||
mountpoint = "/persistent";
|
||||
};
|
||||
# Parent is not mounted so the mountpoint must be set
|
||||
"/nix" = {
|
||||
mountOptions = ["compress=zstd" "noatime"];
|
||||
mountOptions = [
|
||||
"compress=zstd"
|
||||
"noatime"
|
||||
];
|
||||
mountpoint = "/nix";
|
||||
};
|
||||
};
|
||||
|
|
|
@ -2,7 +2,8 @@
|
|||
modulesPath,
|
||||
nixos-hardware,
|
||||
...
|
||||
}: {
|
||||
}:
|
||||
{
|
||||
imports = [
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
nixos-hardware.nixosModules.lenovo-thinkpad-t470s
|
||||
|
@ -11,10 +12,15 @@
|
|||
nixos-hardware.nixosModules.common-pc-laptop-ssd
|
||||
];
|
||||
hardware.cpu.intel.updateMicrocode = true;
|
||||
boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usb_storage" "sd_mod"];
|
||||
boot.initrd.kernelModules = [];
|
||||
boot.kernelModules = ["kvm-intel"];
|
||||
boot.extraModulePackages = [];
|
||||
boot.initrd.availableKernelModules = [
|
||||
"xhci_pci"
|
||||
"nvme"
|
||||
"usb_storage"
|
||||
"sd_mod"
|
||||
];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
nix.settings.cores = 4;
|
||||
# use the lowest frequency possible, to save power
|
||||
powerManagement.cpuFreqGovernor = "powersave";
|
||||
|
|
|
@ -6,27 +6,28 @@
|
|||
inputs,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
with lib;
|
||||
let
|
||||
badNames = [
|
||||
"system"
|
||||
"override"
|
||||
"overrideDerivation"
|
||||
];
|
||||
filterBad = filterAttrs (n: _: lib.all (m: n != m) badNames);
|
||||
in {
|
||||
in
|
||||
{
|
||||
options.autoContainers = mkOption {
|
||||
default = [];
|
||||
default = [ ];
|
||||
type = types.listOf types.str;
|
||||
};
|
||||
config = {
|
||||
containers = listToAttrs (map (container: {
|
||||
containers = listToAttrs (
|
||||
map (container: {
|
||||
name = container;
|
||||
value =
|
||||
filterBad (pkgs.callPackage ../../containers/${container}-configuration.nix {})
|
||||
// {
|
||||
specialArgs = inputs;
|
||||
};
|
||||
})
|
||||
config.autoContainers);
|
||||
value = filterBad (pkgs.callPackage ../../containers/${container}-configuration.nix { }) // {
|
||||
specialArgs = inputs;
|
||||
};
|
||||
}) config.autoContainers
|
||||
);
|
||||
};
|
||||
}
|
||||
|
|
|
@ -2,7 +2,8 @@
|
|||
nixos-config,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
}:
|
||||
{
|
||||
imports = [
|
||||
nixos-config.nixosModules.default
|
||||
./hostName.nix
|
||||
|
|
|
@ -3,7 +3,8 @@
|
|||
lib,
|
||||
...
|
||||
}:
|
||||
with lib; {
|
||||
with lib;
|
||||
{
|
||||
options.networking = {
|
||||
rootHostName = mkOption {
|
||||
description = "Hostname of the running host";
|
||||
|
@ -26,9 +27,10 @@ with lib; {
|
|||
config = {
|
||||
networking = rec {
|
||||
fullHostName =
|
||||
if config.networking.rootHostName == ""
|
||||
then config.networking.hostName
|
||||
else "${config.networking.rootHostName}-${config.networking.hostName}";
|
||||
if config.networking.rootHostName == "" then
|
||||
config.networking.hostName
|
||||
else
|
||||
"${config.networking.rootHostName}-${config.networking.hostName}";
|
||||
nodeID = lib.substring 0 8 (builtins.hashString "sha256" fullHostName);
|
||||
};
|
||||
};
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{nixpkgs, ...}: {
|
||||
{ nixpkgs, ... }:
|
||||
{
|
||||
imports = [
|
||||
(nixpkgs.outPath + "/nixos/modules/profiles/minimal.nix")
|
||||
(nixpkgs.outPath + "/nixos/modules/profiles/headless.nix")
|
||||
|
|
|
@ -5,7 +5,8 @@
|
|||
nur,
|
||||
...
|
||||
}:
|
||||
with lib; {
|
||||
with lib;
|
||||
{
|
||||
imports = [
|
||||
./riscv.nix
|
||||
./containers/autoconfig.nix
|
||||
|
|
|
@ -6,7 +6,8 @@
|
|||
inTester,
|
||||
...
|
||||
}:
|
||||
with lib; {
|
||||
with lib;
|
||||
{
|
||||
imports = [
|
||||
"${impermanence}/nixos.nix"
|
||||
./user-impermanence.nix
|
||||
|
@ -70,26 +71,23 @@ with lib; {
|
|||
}
|
||||
{
|
||||
assertion =
|
||||
if hasAttr "/" config.fileSystems
|
||||
then config.fileSystems."/".fsType == "btrfs"
|
||||
else false;
|
||||
if hasAttr "/" config.fileSystems then config.fileSystems."/".fsType == "btrfs" else false;
|
||||
message = "rootfs must be btrfs";
|
||||
}
|
||||
{
|
||||
assertion =
|
||||
if hasAttr "/" config.fileSystems
|
||||
then any (t: t == "subvol=root" || t == "subvol=/root") config.fileSystems."/".options
|
||||
else false;
|
||||
if hasAttr "/" config.fileSystems then
|
||||
any (t: t == "subvol=root" || t == "subvol=/root") config.fileSystems."/".options
|
||||
else
|
||||
false;
|
||||
message = "rootfs must mount subvolume root";
|
||||
}
|
||||
];
|
||||
fileSystems."/persistent" = {
|
||||
device =
|
||||
if hasAttr "/" config.fileSystems
|
||||
then mkDefault config.fileSystems."/".device
|
||||
else "/dev/null";
|
||||
if hasAttr "/" config.fileSystems then mkDefault config.fileSystems."/".device else "/dev/null";
|
||||
fsType = "btrfs";
|
||||
options = ["subvol=persistent"];
|
||||
options = [ "subvol=persistent" ];
|
||||
neededForBoot = true;
|
||||
};
|
||||
environment.persistence."/persistent" = {
|
||||
|
|
|
@ -5,107 +5,121 @@
|
|||
inTester,
|
||||
...
|
||||
}:
|
||||
with lib; {
|
||||
with lib;
|
||||
{
|
||||
options = {
|
||||
environment.impermanence.users = mkOption {
|
||||
description = "Which users to clean up the home directory for";
|
||||
default = [];
|
||||
default = [ ];
|
||||
type = types.listOf types.str;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf (config.environment.impermanence.enable && config.environment.impermanence.users != []) {
|
||||
programs.fuse.userAllowOther = true;
|
||||
home-manager.users = listToAttrs (map (name: {
|
||||
inherit name;
|
||||
value = {config, ...}: {
|
||||
home.file."${config.home.homeDirectory}/.cache/.keep" = {
|
||||
enable = false;
|
||||
};
|
||||
home.persistence.default = {
|
||||
persistentStoragePath = "/persistent/home/${name}";
|
||||
allowOther = true;
|
||||
directories = [
|
||||
"Downloads"
|
||||
"Music"
|
||||
"Pictures"
|
||||
"Documents"
|
||||
"Videos"
|
||||
config =
|
||||
mkIf (config.environment.impermanence.enable && config.environment.impermanence.users != [ ])
|
||||
{
|
||||
programs.fuse.userAllowOther = true;
|
||||
home-manager.users = listToAttrs (
|
||||
map (name: {
|
||||
inherit name;
|
||||
value =
|
||||
{ config, ... }:
|
||||
{
|
||||
directory = ".cache";
|
||||
method = "symlink";
|
||||
}
|
||||
"Data"
|
||||
];
|
||||
};
|
||||
};
|
||||
})
|
||||
config.environment.impermanence.users);
|
||||
systemd.tmpfiles.rules = mkMerge (map (name: [
|
||||
"d /persistent/home/${name} 700 ${name} ${config.users.users.${name}.group} - -"
|
||||
"d /persistent/home/${name}/.cache 700 ${name} ${config.users.users.${name}.group} 7d -"
|
||||
])
|
||||
config.environment.impermanence.users);
|
||||
systemd.services = listToAttrs (flatten (map (name: let
|
||||
cfg = config.users.users.${name};
|
||||
in [
|
||||
{
|
||||
name = "cleanup-home-${name}";
|
||||
description = "Clean home directory for ${name}";
|
||||
value = {
|
||||
before = [
|
||||
"user@${toString cfg.uid}.service"
|
||||
"home-manager-${name}.service"
|
||||
];
|
||||
partOf = [
|
||||
"user@${toString cfg.uid}.service"
|
||||
];
|
||||
serviceConfig.Type = "oneshot";
|
||||
script = ''
|
||||
if [[ -e ${cfg.home} ]]; then
|
||||
timestamp=$(date --date="@$(stat -c %X ${cfg.home})" "+%Y-%m-%d_%H:%M:%S")
|
||||
mkdir -p /persistent/old-homedirs/${name}
|
||||
mv ${cfg.home} /persistent/old-homedirs/${name}/$timestamp
|
||||
fi
|
||||
home.file."${config.home.homeDirectory}/.cache/.keep" = {
|
||||
enable = false;
|
||||
};
|
||||
home.persistence.default = {
|
||||
persistentStoragePath = "/persistent/home/${name}";
|
||||
allowOther = true;
|
||||
directories = [
|
||||
"Downloads"
|
||||
"Music"
|
||||
"Pictures"
|
||||
"Documents"
|
||||
"Videos"
|
||||
{
|
||||
directory = ".cache";
|
||||
method = "symlink";
|
||||
}
|
||||
"Data"
|
||||
];
|
||||
};
|
||||
};
|
||||
}) config.environment.impermanence.users
|
||||
);
|
||||
systemd.tmpfiles.rules = mkMerge (
|
||||
map (name: [
|
||||
"d /persistent/home/${name} 700 ${name} ${config.users.users.${name}.group} - -"
|
||||
"d /persistent/home/${name}/.cache 700 ${name} ${config.users.users.${name}.group} 7d -"
|
||||
]) config.environment.impermanence.users
|
||||
);
|
||||
systemd.services = listToAttrs (
|
||||
flatten (
|
||||
map (
|
||||
name:
|
||||
let
|
||||
cfg = config.users.users.${name};
|
||||
in
|
||||
[
|
||||
{
|
||||
name = "cleanup-home-${name}";
|
||||
description = "Clean home directory for ${name}";
|
||||
value = {
|
||||
before = [
|
||||
"user@${toString cfg.uid}.service"
|
||||
"home-manager-${name}.service"
|
||||
];
|
||||
partOf = [
|
||||
"user@${toString cfg.uid}.service"
|
||||
];
|
||||
serviceConfig.Type = "oneshot";
|
||||
script = ''
|
||||
if [[ -e ${cfg.home} ]]; then
|
||||
timestamp=$(date --date="@$(stat -c %X ${cfg.home})" "+%Y-%m-%d_%H:%M:%S")
|
||||
mkdir -p /persistent/old-homedirs/${name}
|
||||
mv ${cfg.home} /persistent/old-homedirs/${name}/$timestamp
|
||||
fi
|
||||
|
||||
delete_subvolume_recursively() {
|
||||
IFS=$'\n'
|
||||
for i in $(${pkgs.btrfs-progs}/bin/btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
|
||||
delete_subvolume_recursively "/persistent/old-homedirs/${name}/$i"
|
||||
done
|
||||
${pkgs.btrfs-progs}/bin/btrfs subvolume delete "$1" || rm -rf "$1"
|
||||
}
|
||||
delete_subvolume_recursively() {
|
||||
IFS=$'\n'
|
||||
for i in $(${pkgs.btrfs-progs}/bin/btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
|
||||
delete_subvolume_recursively "/persistent/old-homedirs/${name}/$i"
|
||||
done
|
||||
${pkgs.btrfs-progs}/bin/btrfs subvolume delete "$1" || rm -rf "$1"
|
||||
}
|
||||
|
||||
for i in $(find /persistent/old-homedirs/${name} -maxdepth 1 -atime +30); do
|
||||
delete_subvolume_recursively "$i"
|
||||
done
|
||||
for i in $(find /persistent/old-homedirs/${name} -maxdepth 1 -atime +30); do
|
||||
delete_subvolume_recursively "$i"
|
||||
done
|
||||
|
||||
${pkgs.btrfs-progs}/bin/btrfs subvolume create ${cfg.home}
|
||||
chown -R ${name}:${cfg.group} ${cfg.home}
|
||||
${pkgs.btrfs-progs}/bin/btrfs subvolume create ${cfg.home}
|
||||
chown -R ${name}:${cfg.group} ${cfg.home}
|
||||
|
||||
mkdir -p /persistent/home/${name}
|
||||
chown -R ${name}:${cfg.group} /persistent/home/${name}
|
||||
'';
|
||||
};
|
||||
}
|
||||
{
|
||||
name = "home-manager-${name}";
|
||||
value = {
|
||||
wantedBy = mkForce [
|
||||
"user@${toString cfg.uid}.service"
|
||||
];
|
||||
after = [
|
||||
"cleanup-home-${name}.service"
|
||||
];
|
||||
before = [
|
||||
"user@${toString cfg.uid}.service"
|
||||
];
|
||||
partOf = [
|
||||
"user@${toString cfg.uid}.service"
|
||||
];
|
||||
};
|
||||
}
|
||||
])
|
||||
config.environment.impermanence.users));
|
||||
};
|
||||
mkdir -p /persistent/home/${name}
|
||||
chown -R ${name}:${cfg.group} /persistent/home/${name}
|
||||
'';
|
||||
};
|
||||
}
|
||||
{
|
||||
name = "home-manager-${name}";
|
||||
value = {
|
||||
wantedBy = mkForce [
|
||||
"user@${toString cfg.uid}.service"
|
||||
];
|
||||
after = [
|
||||
"cleanup-home-${name}.service"
|
||||
];
|
||||
before = [
|
||||
"user@${toString cfg.uid}.service"
|
||||
];
|
||||
partOf = [
|
||||
"user@${toString cfg.uid}.service"
|
||||
];
|
||||
};
|
||||
}
|
||||
]
|
||||
) config.environment.impermanence.users
|
||||
)
|
||||
);
|
||||
};
|
||||
}
|
||||
|
|
|
@ -3,13 +3,15 @@
|
|||
config,
|
||||
...
|
||||
}:
|
||||
with lib; {
|
||||
with lib;
|
||||
{
|
||||
options.hydra.buildServer.enable = mkEnableOption "Make this device a build server";
|
||||
imports = [
|
||||
{
|
||||
config.hydra.buildServer.enable = let
|
||||
buildServers = import ./build-server-list.nix;
|
||||
in
|
||||
config.hydra.buildServer.enable =
|
||||
let
|
||||
buildServers = import ./build-server-list.nix;
|
||||
in
|
||||
mkDefault (any (t: t == config.networking.hostName) buildServers);
|
||||
}
|
||||
];
|
||||
|
@ -21,6 +23,6 @@ with lib; {
|
|||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINN5Q/L2FyB3DIgdJRYnTGHW3naw5VQ9coOdwHYmv0aZ darkkirb@thinkrac"
|
||||
];
|
||||
};
|
||||
nix.settings.trusted-users = ["remote-build"];
|
||||
nix.settings.trusted-users = [ "remote-build" ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -3,60 +3,62 @@
|
|||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
}:
|
||||
let
|
||||
cfg = config.nix.auto-update;
|
||||
in
|
||||
with lib; {
|
||||
options.nix.auto-update = {
|
||||
enable = mkEnableOption "enable automatic updates";
|
||||
reboot = mkEnableOption "Reboot if kernel change";
|
||||
hydraServer = mkOption {
|
||||
type = types.str;
|
||||
description = "Location of hydra server";
|
||||
default = "https://hydra.chir.rs";
|
||||
};
|
||||
project = mkOption {
|
||||
type = types.str;
|
||||
description = "Project name to use";
|
||||
default = "nixos-config";
|
||||
};
|
||||
jobset = mkOption {
|
||||
type = types.str;
|
||||
description = "Jobset name to use";
|
||||
default = "pr618";
|
||||
};
|
||||
job = mkOption {
|
||||
type = types.str;
|
||||
description = "Job name to use";
|
||||
default = "nixosConfigurations.${config.networking.hostName}";
|
||||
defaultText = literalExpression ''"nixosConfigurations.''${config.networking.hostName}"'';
|
||||
};
|
||||
specialisation = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
description = "specialisation to switch into";
|
||||
default = null;
|
||||
};
|
||||
with lib;
|
||||
{
|
||||
options.nix.auto-update = {
|
||||
enable = mkEnableOption "enable automatic updates";
|
||||
reboot = mkEnableOption "Reboot if kernel change";
|
||||
hydraServer = mkOption {
|
||||
type = types.str;
|
||||
description = "Location of hydra server";
|
||||
default = "https://hydra.chir.rs";
|
||||
};
|
||||
project = mkOption {
|
||||
type = types.str;
|
||||
description = "Project name to use";
|
||||
default = "nixos-config";
|
||||
};
|
||||
jobset = mkOption {
|
||||
type = types.str;
|
||||
description = "Jobset name to use";
|
||||
default = "pr618";
|
||||
};
|
||||
job = mkOption {
|
||||
type = types.str;
|
||||
description = "Job name to use";
|
||||
default = "nixosConfigurations.${config.networking.hostName}";
|
||||
defaultText = literalExpression ''"nixosConfigurations.''${config.networking.hostName}"'';
|
||||
};
|
||||
specialisation = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
description = "specialisation to switch into";
|
||||
default = null;
|
||||
};
|
||||
};
|
||||
|
||||
config.nix.auto-update.enable = mkDefault config.nix.enable;
|
||||
config.nix.auto-update.reboot = mkDefault true;
|
||||
config.systemd.services.nixos-upgrade = mkIf config.nix.enable {
|
||||
description = "NixOS Upgrade";
|
||||
restartIfChanged = false;
|
||||
unitConfig.X-StopOnRemoval = false;
|
||||
config.nix.auto-update.enable = mkDefault config.nix.enable;
|
||||
config.nix.auto-update.reboot = mkDefault true;
|
||||
config.systemd.services.nixos-upgrade = mkIf config.nix.enable {
|
||||
description = "NixOS Upgrade";
|
||||
restartIfChanged = false;
|
||||
unitConfig.X-StopOnRemoval = false;
|
||||
|
||||
wants = ["network-online.target"];
|
||||
after = ["network-online.target"];
|
||||
wants = [ "network-online.target" ];
|
||||
after = [ "network-online.target" ];
|
||||
|
||||
serviceConfig.Type = "oneshot";
|
||||
serviceConfig.Type = "oneshot";
|
||||
|
||||
script = let
|
||||
output =
|
||||
if cfg.specialisation == null
|
||||
then "$output"
|
||||
else "$output/specialisation/${cfg.specialisation}";
|
||||
script =
|
||||
let
|
||||
output =
|
||||
if cfg.specialisation == null then "$output" else "$output/specialisation/${cfg.specialisation}";
|
||||
switchToConfiguration = "${output}/bin/switch-to-configuration";
|
||||
in ''
|
||||
in
|
||||
''
|
||||
#!${pkgs.bash}/bin/bash
|
||||
set -euxo pipefail
|
||||
build=$(${pkgs.curl}/bin/curl -H "accept: application/json" -G ${cfg.hydraServer}/api/latestbuilds -d "nr=10" -d "project=${cfg.project}" -d "jobset=${cfg.jobset}" -d "job=${cfg.job}" | ${pkgs.jq}/bin/jq -r '[.[]|select(.buildstatus==0)][0].id')
|
||||
|
@ -65,49 +67,50 @@ in
|
|||
output=$(${pkgs.nix}/bin/nix-store -r $drvname)
|
||||
${pkgs.nix}/bin/nix-env -p /nix/var/nix/profiles/system --set ${output}
|
||||
${
|
||||
if cfg.reboot
|
||||
then ''
|
||||
${switchToConfiguration} boot
|
||||
booted="$(${pkgs.coreutils}/bin/readlink /run/booted-system/{initrd,kernel,kernel-modules})"
|
||||
built="$(${pkgs.coreutils}/bin/readlink ${output}/{initrd,kernel,kernel-modules})"
|
||||
if [ "$booted" = "$built" ]; then
|
||||
if cfg.reboot then
|
||||
''
|
||||
${switchToConfiguration} boot
|
||||
booted="$(${pkgs.coreutils}/bin/readlink /run/booted-system/{initrd,kernel,kernel-modules})"
|
||||
built="$(${pkgs.coreutils}/bin/readlink ${output}/{initrd,kernel,kernel-modules})"
|
||||
if [ "$booted" = "$built" ]; then
|
||||
${switchToConfiguration} switch
|
||||
else
|
||||
${pkgs.systemd}/bin/shutdown -r +1
|
||||
fi
|
||||
exit
|
||||
''
|
||||
else
|
||||
''
|
||||
${switchToConfiguration} switch
|
||||
else
|
||||
${pkgs.systemd}/bin/shutdown -r +1
|
||||
fi
|
||||
exit
|
||||
''
|
||||
else ''
|
||||
${switchToConfiguration} switch
|
||||
''
|
||||
''
|
||||
}
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config.systemd.timers.nixos-upgrade = {
|
||||
enable = cfg.enable;
|
||||
description = "Automatically update nixos";
|
||||
requires = ["nixos-upgrade.service"];
|
||||
wants = ["network-online.target"];
|
||||
after = ["network-online.target"];
|
||||
wantedBy = ["multi-user.target"];
|
||||
timerConfig = {
|
||||
OnUnitActiveSec = "30min";
|
||||
RandomizedDelaySec = "1h";
|
||||
};
|
||||
config.systemd.timers.nixos-upgrade = {
|
||||
enable = cfg.enable;
|
||||
description = "Automatically update nixos";
|
||||
requires = [ "nixos-upgrade.service" ];
|
||||
wants = [ "network-online.target" ];
|
||||
after = [ "network-online.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
timerConfig = {
|
||||
OnUnitActiveSec = "30min";
|
||||
RandomizedDelaySec = "1h";
|
||||
};
|
||||
config.assertions = [
|
||||
{
|
||||
assertion = cfg.enable -> config.nix.enable;
|
||||
message = "Auto updating will only work when nix itself is enabled.";
|
||||
}
|
||||
{
|
||||
assertion = (cfg.specialisation != null) -> config.isSpecialisation;
|
||||
message = "Automatic update switching to specialisation is only allowed in specialisations";
|
||||
}
|
||||
{
|
||||
assertion = config.isSpecialisation -> (cfg.specialisation != null);
|
||||
message = "Specifying the specialization name is required for autoupdate to work!";
|
||||
}
|
||||
];
|
||||
}
|
||||
};
|
||||
config.assertions = [
|
||||
{
|
||||
assertion = cfg.enable -> config.nix.enable;
|
||||
message = "Auto updating will only work when nix itself is enabled.";
|
||||
}
|
||||
{
|
||||
assertion = (cfg.specialisation != null) -> config.isSpecialisation;
|
||||
message = "Automatic update switching to specialisation is only allowed in specialisations";
|
||||
}
|
||||
{
|
||||
assertion = config.isSpecialisation -> (cfg.specialisation != null);
|
||||
message = "Specifying the specialization name is required for autoupdate to work!";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
|
|
@ -3,7 +3,8 @@
|
|||
lib,
|
||||
...
|
||||
}:
|
||||
with lib; {
|
||||
with lib;
|
||||
{
|
||||
config = mkIf (!config.isInstaller) {
|
||||
nix.distributedBuilds = true;
|
||||
nix.buildMachines = mkMerge [
|
||||
|
@ -17,7 +18,15 @@ with lib; {
|
|||
];
|
||||
maxJobs = 4;
|
||||
speedFactor = 1;
|
||||
supportedFeatures = ["nixos-test" "benchmark" "ca-derivations" "gccarch-armv8-a" "gccarch-armv8.1-a" "gccarch-armv8.2-a" "big-parallel"];
|
||||
supportedFeatures = [
|
||||
"nixos-test"
|
||||
"benchmark"
|
||||
"ca-derivations"
|
||||
"gccarch-armv8-a"
|
||||
"gccarch-armv8.1-a"
|
||||
"gccarch-armv8.2-a"
|
||||
"big-parallel"
|
||||
];
|
||||
}
|
||||
]
|
||||
[
|
||||
|
|
|
@ -3,7 +3,8 @@
|
|||
lib,
|
||||
...
|
||||
}:
|
||||
with lib; {
|
||||
with lib;
|
||||
{
|
||||
imports = [
|
||||
./link-inputs.nix
|
||||
./lix.nix
|
||||
|
@ -12,9 +13,9 @@ with lib; {
|
|||
];
|
||||
nix.settings = {
|
||||
substituters = mkMerge [
|
||||
["https://attic.chir.rs/chir-rs/"]
|
||||
(mkIf (!config.isInstaller) ["https://hydra.int.chir.rs"])
|
||||
(mkIf config.isInstaller ["https://hydra.chir.rs"])
|
||||
[ "https://attic.chir.rs/chir-rs/" ]
|
||||
(mkIf (!config.isInstaller) [ "https://hydra.int.chir.rs" ])
|
||||
(mkIf config.isInstaller [ "https://hydra.chir.rs" ])
|
||||
];
|
||||
trusted-public-keys = [
|
||||
"nixcache:8KKuGz95Pk4UJ5W/Ni+pN+v+LDTkMMFV4yrGmAYgkDg="
|
||||
|
|
|
@ -2,22 +2,20 @@
|
|||
lib,
|
||||
inputs,
|
||||
...
|
||||
}: let
|
||||
}:
|
||||
let
|
||||
# Taken from https://github.com/gytis-ivaskevicius/flake-utils-plus/blob/master/lib/options.nix
|
||||
inherit (lib) filterAttrs mapAttrs';
|
||||
flakes = filterAttrs (name: value: (value ? outputs)) inputs;
|
||||
nixRegistry =
|
||||
builtins.mapAttrs
|
||||
(name: v: {flake = v;})
|
||||
flakes;
|
||||
in {
|
||||
nixRegistry = builtins.mapAttrs (name: v: { flake = v; }) flakes;
|
||||
in
|
||||
{
|
||||
nix.registry = nixRegistry;
|
||||
environment.etc =
|
||||
mapAttrs'
|
||||
(name: value: {
|
||||
name = "nix/inputs/${name}";
|
||||
value = {source = value.outPath;};
|
||||
})
|
||||
flakes;
|
||||
nix.nixPath = ["/etc/nix/inputs"];
|
||||
environment.etc = mapAttrs' (name: value: {
|
||||
name = "nix/inputs/${name}";
|
||||
value = {
|
||||
source = value.outPath;
|
||||
};
|
||||
}) flakes;
|
||||
nix.nixPath = [ "/etc/nix/inputs" ];
|
||||
}
|
||||
|
|
|
@ -5,11 +5,9 @@
|
|||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
imports =
|
||||
if inTester
|
||||
then []
|
||||
else [lix-module.nixosModules.default];
|
||||
}:
|
||||
{
|
||||
imports = if inTester then [ ] else [ lix-module.nixosModules.default ];
|
||||
|
||||
environment.systemPackages = lib.mkIf config.nix.enable [
|
||||
pkgs.git
|
||||
|
|
|
@ -3,10 +3,11 @@
|
|||
riscv-overlay,
|
||||
...
|
||||
}:
|
||||
if system == "riscv64-linux"
|
||||
then {
|
||||
nixpkgs.overlays = [
|
||||
riscv-overlay.overlays.default
|
||||
];
|
||||
}
|
||||
else {}
|
||||
if system == "riscv64-linux" then
|
||||
{
|
||||
nixpkgs.overlays = [
|
||||
riscv-overlay.overlays.default
|
||||
];
|
||||
}
|
||||
else
|
||||
{ }
|
||||
|
|
|
@ -2,7 +2,8 @@
|
|||
sops-nix,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
}:
|
||||
{
|
||||
imports = [
|
||||
"${sops-nix}/modules/sops"
|
||||
];
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
{pkgs, ...}: {
|
||||
home.packages = with pkgs; [audacious];
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
home.packages = with pkgs; [ audacious ];
|
||||
home.persistence.default.directories = [
|
||||
".config/audacious"
|
||||
];
|
||||
|
|
|
@ -1,13 +1,15 @@
|
|||
{config, pkgs, ...}: {
|
||||
{ config, pkgs, ... }:
|
||||
{
|
||||
imports = [
|
||||
./steam
|
||||
];
|
||||
home-manager.users.darkkirb.imports =
|
||||
if config.isGraphical
|
||||
then [
|
||||
./home-manager.nix
|
||||
]
|
||||
else [];
|
||||
if config.isGraphical then
|
||||
[
|
||||
./home-manager.nix
|
||||
]
|
||||
else
|
||||
[ ];
|
||||
|
||||
environment.plasma6.excludePackages = with pkgs.kdePackages; [
|
||||
pkgs.elisa
|
||||
|
|
|
@ -4,7 +4,8 @@
|
|||
lib,
|
||||
nur,
|
||||
...
|
||||
}: let
|
||||
}:
|
||||
let
|
||||
extensions = {
|
||||
"ublock-origin" = [
|
||||
"alarms"
|
||||
|
@ -102,7 +103,8 @@
|
|||
nurpkgs = pkgs;
|
||||
inherit pkgs;
|
||||
};
|
||||
in {
|
||||
in
|
||||
{
|
||||
programs.firefox = {
|
||||
enable = true;
|
||||
nativeMessagingHosts = with pkgs; [
|
||||
|
@ -139,18 +141,16 @@ in {
|
|||
'';
|
||||
};
|
||||
};
|
||||
assertions =
|
||||
lib.mapAttrsToList (k: v: let
|
||||
unaccepted =
|
||||
lib.subtractLists
|
||||
v
|
||||
nur'.repos.rycee.firefox-addons.${k}.meta.mozPermissions;
|
||||
in {
|
||||
assertion = unaccepted == [];
|
||||
message = ''
|
||||
Extension ${k} has unaccepted permissions: ${builtins.toJSON unaccepted}'';
|
||||
})
|
||||
extensions;
|
||||
assertions = lib.mapAttrsToList (
|
||||
k: v:
|
||||
let
|
||||
unaccepted = lib.subtractLists v nur'.repos.rycee.firefox-addons.${k}.meta.mozPermissions;
|
||||
in
|
||||
{
|
||||
assertion = unaccepted == [ ];
|
||||
message = ''Extension ${k} has unaccepted permissions: ${builtins.toJSON unaccepted}'';
|
||||
}
|
||||
) extensions;
|
||||
home.persistence.default.directories = [
|
||||
".mozilla"
|
||||
];
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
{pkgs, ...}: {
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
imports = [
|
||||
./ff14
|
||||
];
|
||||
home.packages = with pkgs; [factorio];
|
||||
home.packages = with pkgs; [ factorio ];
|
||||
}
|
||||
|
|
|
@ -1,6 +1,13 @@
|
|||
{ config, pkgs, lib, systemConfig, ... }: {
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
systemConfig,
|
||||
...
|
||||
}:
|
||||
{
|
||||
config = lib.mkIf (systemConfig.networking.hostName == "rainbow-resort") {
|
||||
home.packages = with pkgs; [xivlauncher];
|
||||
home.packages = with pkgs; [ xivlauncher ];
|
||||
systemd.user.tmpfiles.rules = [
|
||||
"L ${config.home.homeDirectory}/.xlcore - - - - ${config.home.homeDirectory}/Games/FF14/xlcore"
|
||||
];
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{pkgs, nixos-config, ...}: {
|
||||
{ pkgs, nixos-config, ... }:
|
||||
{
|
||||
imports = [
|
||||
./firefox
|
||||
./password-manager.nix
|
||||
|
|
|
@ -1,8 +1,9 @@
|
|||
{config, pkgs, ...}: {
|
||||
{ config, pkgs, ... }:
|
||||
{
|
||||
home.packages = with pkgs; [
|
||||
telegram-desktop
|
||||
];
|
||||
home.persistence.default.directories = [".local/share/TelegramDesktop"];
|
||||
home.persistence.default.directories = [ ".local/share/TelegramDesktop" ];
|
||||
systemd.user.tmpfiles.rules = [
|
||||
"d ${config.xdg.cacheHome}/TelegramDesktop/cache - - - - -"
|
||||
"d ${config.xdg.cacheHome}/TelegramDesktop/media_cache - - - - -"
|
||||
|
|
|
@ -1,8 +1,9 @@
|
|||
{ pkgs, lib, ... }: {
|
||||
{ pkgs, lib, ... }:
|
||||
{
|
||||
home.packages = with pkgs; [
|
||||
keepassxc
|
||||
];
|
||||
xdg.configFile."keepassxc.ini".text = lib.generators.toINI {} {
|
||||
xdg.configFile."keepassxc.ini".text = lib.generators.toINI { } {
|
||||
General.ConfigVersion = 2;
|
||||
Browser = {
|
||||
CustomProxyLocation = "";
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{lib, config, ...}: {
|
||||
{ lib, config, ... }:
|
||||
{
|
||||
programs.steam = lib.mkIf config.isGraphical {
|
||||
enable = !config.isInstaller;
|
||||
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
|
||||
|
@ -7,5 +8,5 @@
|
|||
};
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
home-manager.users.darkkirb.imports = if config.isGraphical then [./home-manager.nix] else [];
|
||||
home-manager.users.darkkirb.imports = if config.isGraphical then [ ./home-manager.nix ] else [ ];
|
||||
}
|
||||
|
|
|
@ -1,6 +1,9 @@
|
|||
{...}: {
|
||||
home.persistence.default.directories = [{
|
||||
directory = ".local/share/Steam";
|
||||
method = "symlink";
|
||||
}];
|
||||
{ ... }:
|
||||
{
|
||||
home.persistence.default.directories = [
|
||||
{
|
||||
directory = ".local/share/Steam";
|
||||
method = "symlink";
|
||||
}
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
{config, systemConfig, ...}: {
|
||||
{ config, systemConfig, ... }:
|
||||
{
|
||||
services.syncthing = {
|
||||
enable = true;
|
||||
tray.enable = true;
|
||||
};
|
||||
home.persistence.default.directories = [".local/state/syncthing"];
|
||||
home.persistence.default.directories = [ ".local/state/syncthing" ];
|
||||
}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
{config, ...}: {
|
||||
{ config, ... }:
|
||||
{
|
||||
imports = [
|
||||
./nvim
|
||||
];
|
||||
home-manager.users.darkkirb.imports = if config.isGraphical then [./vscode] else [];
|
||||
home-manager.users.darkkirb.imports = if config.isGraphical then [ ./vscode ] else [ ];
|
||||
}
|
||||
|
|
|
@ -3,16 +3,12 @@
|
|||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
boolToStr = b:
|
||||
if b
|
||||
then "true"
|
||||
else "false";
|
||||
boolToStr' = b:
|
||||
if b
|
||||
then "1"
|
||||
else "0";
|
||||
in {
|
||||
}:
|
||||
let
|
||||
boolToStr = b: if b then "true" else "false";
|
||||
boolToStr' = b: if b then "1" else "0";
|
||||
in
|
||||
{
|
||||
xdg.configFile."nvim/lua/globals.lua".text = ''
|
||||
local fn = vim.fn
|
||||
local api = vim.api
|
||||
|
|
|
@ -2,13 +2,14 @@
|
|||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
}:
|
||||
{
|
||||
imports = [
|
||||
./globals.nix
|
||||
./plugins/lazy-nvim.nix
|
||||
];
|
||||
programs.neovim = {
|
||||
plugins = with pkgs.vimPlugins; [lazy-nvim];
|
||||
plugins = with pkgs.vimPlugins; [ lazy-nvim ];
|
||||
enable = true;
|
||||
viAlias = true;
|
||||
vimAlias = true;
|
||||
|
|
|
@ -2,11 +2,13 @@
|
|||
pkgs,
|
||||
config,
|
||||
...
|
||||
}: {
|
||||
}:
|
||||
{
|
||||
programs.neovim = {
|
||||
plugins = with pkgs.vimPlugins;
|
||||
plugins =
|
||||
with pkgs.vimPlugins;
|
||||
[
|
||||
(nvim-treesitter.withPlugins (p: []))
|
||||
(nvim-treesitter.withPlugins (p: [ ]))
|
||||
(pkgs.vimUtils.buildVimPlugin {
|
||||
name = "vim-highlighturl";
|
||||
src = pkgs.fetchFromGitHub {
|
||||
|
@ -39,7 +41,10 @@
|
|||
indent-blankline-nvim
|
||||
lazy-nvim
|
||||
(LeaderF.overrideAttrs (super: {
|
||||
buildInputs = [pkgs.python3 pkgs.python3Packages.setuptools];
|
||||
buildInputs = [
|
||||
pkgs.python3
|
||||
pkgs.python3Packages.setuptools
|
||||
];
|
||||
}))
|
||||
lspkind-nvim
|
||||
lualine-nvim
|
||||
|
@ -84,12 +89,13 @@
|
|||
zen-mode-nvim
|
||||
]
|
||||
++ (
|
||||
if pkgs.targetPlatform.system != "riscv64-linux"
|
||||
then [
|
||||
diffview-nvim
|
||||
vim-grammarous
|
||||
]
|
||||
else []
|
||||
if pkgs.targetPlatform.system != "riscv64-linux" then
|
||||
[
|
||||
diffview-nvim
|
||||
vim-grammarous
|
||||
]
|
||||
else
|
||||
[ ]
|
||||
);
|
||||
};
|
||||
xdg.configFile."nvim/lua/config/lazy-nvim.lua".text = ''
|
||||
|
@ -280,12 +286,14 @@
|
|||
-- Better git commit experience
|
||||
{ "rhysd/committia.vim", lazy = true },
|
||||
${
|
||||
if pkgs.targetPlatform.system != "riscv64-linux"
|
||||
then '' {
|
||||
"sindrets/diffview.nvim"
|
||||
},''
|
||||
else ""
|
||||
}
|
||||
if pkgs.targetPlatform.system != "riscv64-linux" then
|
||||
''
|
||||
{
|
||||
"sindrets/diffview.nvim"
|
||||
},''
|
||||
else
|
||||
""
|
||||
}
|
||||
{
|
||||
"kevinhwang91/nvim-bqf",
|
||||
ft = "qf",
|
||||
|
@ -310,13 +318,15 @@
|
|||
end,
|
||||
},
|
||||
${
|
||||
if pkgs.targetPlatform.system != "riscv64-linux"
|
||||
then '' {
|
||||
"rhysd/vim-grammarous",
|
||||
ft = { "markdown" },
|
||||
},''
|
||||
else ""
|
||||
}
|
||||
if pkgs.targetPlatform.system != "riscv64-linux" then
|
||||
''
|
||||
{
|
||||
"rhysd/vim-grammarous",
|
||||
ft = { "markdown" },
|
||||
},''
|
||||
else
|
||||
""
|
||||
}
|
||||
{ "chrisbra/unicode.vim", event = "VeryLazy" },
|
||||
-- Additional powerful text object for vim, this plugin should be studied
|
||||
-- carefully to use its full power
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{vscode-server, ...}: {
|
||||
{ vscode-server, pkgs, ... }:
|
||||
{
|
||||
imports = [
|
||||
"${vscode-server}/modules/vscode-server/home.nix"
|
||||
];
|
||||
|
@ -7,6 +8,25 @@
|
|||
enableExtensionUpdateCheck = false;
|
||||
enableUpdateCheck = false;
|
||||
mutableExtensionsDir = false;
|
||||
extensions = with pkgs.vscode-extensions; [
|
||||
jnoortheen.nix-ide
|
||||
mkhl.direnv
|
||||
pkief.material-icon-theme
|
||||
signageos.signageos-vscode-sops
|
||||
];
|
||||
userSettings = {
|
||||
"editor.formatOnPaste" = true;
|
||||
"editor.formatOnSave" = true;
|
||||
"editor.formatOnType" = true;
|
||||
"nix.enableLanguageServer" = true;
|
||||
"nix.formatterPath" = "${pkgs.nixfmt-rfc-style}/bin/nixfmt";
|
||||
"nix.serverPath" = "${pkgs.nil}/bin/nil";
|
||||
"nix.serverSettings" = {
|
||||
nil.formatting.command = [ "${pkgs.nixfmt-rfc-style}/bin/nixfmt" ];
|
||||
};
|
||||
"sops.binPath" = "${pkgs.sops}/bin/sops";
|
||||
"workbench.iconTheme" = "material-icon-theme";
|
||||
};
|
||||
};
|
||||
services.vscode-server.enable = true;
|
||||
}
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{pkgs, ...}: {
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
programs.eza.enable = true;
|
||||
programs.bat.enable = true;
|
||||
programs.fzf.enable = true;
|
||||
|
@ -6,5 +7,8 @@
|
|||
cat = "bat";
|
||||
less = "bat";
|
||||
};
|
||||
home.packages = with pkgs; [ripgrep fd];
|
||||
home.packages = with pkgs; [
|
||||
ripgrep
|
||||
fd
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{pkgs, ...}: {
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
programs.fish.enable = true;
|
||||
home-manager.users.root.imports = [
|
||||
./home-manager.nix
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{pkgs, ...}: {
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
imports = [
|
||||
./tide.nix
|
||||
./z.nix
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{pkgs, ...}: {
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
programs.fish.plugins = with pkgs.fishPlugins; [
|
||||
{
|
||||
name = "tide";
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{pkgs, ...}: {
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
programs.fish.plugins = with pkgs.fishPlugins; [
|
||||
{
|
||||
name = "z";
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{...}: {
|
||||
{ ... }:
|
||||
{
|
||||
home-manager.users.root.imports = [
|
||||
./home-manager.nix
|
||||
];
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{pkgs, ...}: {
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
programs.tmux = {
|
||||
enable = true;
|
||||
baseIndex = 1;
|
||||
|
|
|
@ -3,12 +3,15 @@
|
|||
systemConfig,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
}:
|
||||
let
|
||||
identityFile =
|
||||
if config.home.username == "root"
|
||||
then systemConfig.sops.secrets.".ssh/builder_id_ed25519".path
|
||||
else config.sops.secrets.".ssh/builder_id_ed25519".path;
|
||||
in {
|
||||
if config.home.username == "root" then
|
||||
systemConfig.sops.secrets.".ssh/builder_id_ed25519".path
|
||||
else
|
||||
config.sops.secrets.".ssh/builder_id_ed25519".path;
|
||||
in
|
||||
{
|
||||
programs.ssh = {
|
||||
enable = true;
|
||||
matchBlocks = {
|
||||
|
|
|
@ -3,19 +3,29 @@
|
|||
config,
|
||||
systemConfig,
|
||||
...
|
||||
}: {
|
||||
}:
|
||||
{
|
||||
imports = [
|
||||
./builders.nix
|
||||
];
|
||||
programs.ssh = {
|
||||
controlMaster = "auto";
|
||||
controlPersist = "10m";
|
||||
matchBlocks."*" = lib.hm.dag.entryAfter ["build-nas" "build-rainbow-resort" "build-aarch64" "build-riscv"] {
|
||||
identityFile =
|
||||
if config.home.username == "root"
|
||||
then systemConfig.sops.secrets.".ssh/id_ed25519_sk".path
|
||||
else config.sops.secrets.".ssh/id_ed25519_sk".path;
|
||||
};
|
||||
matchBlocks."*" =
|
||||
lib.hm.dag.entryAfter
|
||||
[
|
||||
"build-nas"
|
||||
"build-rainbow-resort"
|
||||
"build-aarch64"
|
||||
"build-riscv"
|
||||
]
|
||||
{
|
||||
identityFile =
|
||||
if config.home.username == "root" then
|
||||
systemConfig.sops.secrets.".ssh/id_ed25519_sk".path
|
||||
else
|
||||
config.sops.secrets.".ssh/id_ed25519_sk".path;
|
||||
};
|
||||
enable = true;
|
||||
};
|
||||
sops.secrets = lib.mkIf (config.home.username != "root") {
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{...}: {
|
||||
{ ... }:
|
||||
{
|
||||
imports = [
|
||||
./kdeconnect.nix
|
||||
];
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{pkgs, ...}: {
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
services.kdeconnect = {
|
||||
enable = true;
|
||||
indicator = true;
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{...}: {
|
||||
{ ... }:
|
||||
{
|
||||
services.openssh.enable = true;
|
||||
services.openssh.settings = {
|
||||
PermitRootLogin = "yes";
|
||||
|
@ -9,5 +10,5 @@
|
|||
"instance-20221213-1915.int.chir.rs".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE+GanuiV1I08OP8+nNy24+zagQN08rtJnCoU/ixiQNn";
|
||||
"not522.tailbab65.ts.net".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILpOcmvVODaja3wDdnocb/k6MK7vsh5uH8gpeHR9+/rY";
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [22];
|
||||
networking.firewall.allowedTCPPorts = [ 22 ];
|
||||
}
|
||||
|
|
|
@ -3,7 +3,8 @@
|
|||
lib,
|
||||
...
|
||||
}:
|
||||
with lib; {
|
||||
with lib;
|
||||
{
|
||||
config = mkIf (!config.isInstaller) {
|
||||
services.tailscale = {
|
||||
enable = true;
|
||||
|
|
|
@ -6,18 +6,22 @@
|
|||
}:
|
||||
testers.runNixOSTest {
|
||||
name = "container-default-test";
|
||||
nodes.default = {
|
||||
config,
|
||||
pkgs,
|
||||
nixos-config,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
nixos-config.nixosModules.default
|
||||
];
|
||||
autoContainers = ["default"];
|
||||
nodes.default =
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
nixos-config,
|
||||
...
|
||||
}:
|
||||
{
|
||||
imports = [
|
||||
nixos-config.nixosModules.default
|
||||
];
|
||||
autoContainers = [ "default" ];
|
||||
};
|
||||
node.specialArgs = inputs // {
|
||||
inTester = true;
|
||||
};
|
||||
node.specialArgs = inputs // {inTester = true;};
|
||||
testScript = ''
|
||||
machine.wait_for_unit("container@default.service")
|
||||
'';
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
{...}: {
|
||||
{ ... }:
|
||||
{
|
||||
home.stateVersion = "24.11";
|
||||
}
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{config, ...}: {
|
||||
{ config, ... }:
|
||||
{
|
||||
users.users.darkkirb = {
|
||||
createHome = true;
|
||||
isNormalUser = true;
|
||||
|
@ -6,7 +7,7 @@
|
|||
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDXQlfvRUm/z6eP1EjsajIbMibkq9n+ymlbBi7NFiOuaAAAABHNzaDo= ssh:"
|
||||
];
|
||||
hashedPasswordFile = config.sops.secrets."users/users/darkkirb/hashedPassword".path;
|
||||
extraGroups = ["wheel"];
|
||||
extraGroups = [ "wheel" ];
|
||||
};
|
||||
sops.secrets."users/users/darkkirb/hashedPassword" = {
|
||||
neededForUsers = true;
|
||||
|
@ -16,7 +17,8 @@
|
|||
owner = "darkkirb";
|
||||
sopsFile = ./system.yaml;
|
||||
};
|
||||
home-manager.users.darkkirb.sops.age.keyFile = config.sops.secrets."users/users/darkkirb/age-key".path;
|
||||
home-manager.users.darkkirb.sops.age.keyFile =
|
||||
config.sops.secrets."users/users/darkkirb/age-key".path;
|
||||
home-manager.users.darkkirb.home.persistence.default.directories = [
|
||||
"sources"
|
||||
{
|
||||
|
@ -24,6 +26,6 @@
|
|||
method = "symlink";
|
||||
}
|
||||
];
|
||||
home-manager.users.darkkirb.imports = [./home-manager];
|
||||
environment.impermanence.users = ["darkkirb"];
|
||||
home-manager.users.darkkirb.imports = [ ./home-manager ];
|
||||
environment.impermanence.users = [ "darkkirb" ];
|
||||
}
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{...}: {
|
||||
{ ... }:
|
||||
{
|
||||
imports = [
|
||||
./git.nix
|
||||
];
|
||||
|
|
|
@ -1,10 +1,8 @@
|
|||
{pkgs, systemConfig, ...}: {
|
||||
{ pkgs, systemConfig, ... }:
|
||||
{
|
||||
programs.git = {
|
||||
enable = true;
|
||||
package =
|
||||
if systemConfig.isGraphical
|
||||
then pkgs.gitAndTools.gitFull
|
||||
else pkgs.git;
|
||||
package = if systemConfig.isGraphical then pkgs.gitAndTools.gitFull else pkgs.git;
|
||||
lfs.enable = true;
|
||||
userEmail = "lotte@chir.rs";
|
||||
userName = "Charlotte 🦝 Delenk";
|
||||
|
@ -17,4 +15,3 @@
|
|||
delta.enable = true;
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{...}: {
|
||||
{ ... }:
|
||||
{
|
||||
imports = [
|
||||
./home-manager.nix
|
||||
./root
|
||||
|
|
|
@ -5,17 +5,16 @@
|
|||
config,
|
||||
sops-nix,
|
||||
...
|
||||
}: {
|
||||
}:
|
||||
{
|
||||
home-manager = {
|
||||
useUserPackages = true;
|
||||
useGlobalPkgs = true;
|
||||
backupFileExtension = "backup";
|
||||
extraSpecialArgs =
|
||||
inputs
|
||||
// {
|
||||
inherit inputs inputs';
|
||||
systemConfig = config;
|
||||
};
|
||||
extraSpecialArgs = inputs // {
|
||||
inherit inputs inputs';
|
||||
systemConfig = config;
|
||||
};
|
||||
sharedModules = [
|
||||
./common
|
||||
"${impermanence}/home-manager.nix"
|
||||
|
|
|
@ -3,7 +3,8 @@
|
|||
config,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
}:
|
||||
{
|
||||
users.users.root = {
|
||||
createHome = true;
|
||||
openssh.authorizedKeys.keys = [
|
||||
|
@ -23,6 +24,6 @@
|
|||
mode = "600";
|
||||
sopsFile = "${nixos-config}/programs/ssh/shared-keys.yaml";
|
||||
};
|
||||
home-manager.users.root.sops.secrets = lib.mkForce {};
|
||||
environment.impermanence.users = ["root"];
|
||||
home-manager.users.root.sops.secrets = lib.mkForce { };
|
||||
environment.impermanence.users = [ "root" ];
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue