Remove digga from b12f branch #257
321
flake.lock
321
flake.lock
|
@ -5,7 +5,7 @@
|
|||
"adblockStevenBlack": "adblockStevenBlack",
|
||||
"flake-utils": "flake-utils",
|
||||
"nixpkgs": [
|
||||
"nixos"
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
|
@ -41,10 +41,10 @@
|
|||
"agenix": {
|
||||
"inputs": {
|
||||
"darwin": [
|
||||
"darwin"
|
||||
"nix-darwin"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixos"
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
|
@ -61,32 +61,12 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"darwin": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixos"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1688307440,
|
||||
"narHash": "sha256-7PTjbN+/+b799YN7Tk2SS5Vh8A0L3gBo8hmB7Y0VXug=",
|
||||
"owner": "LnL7",
|
||||
"repo": "nix-darwin",
|
||||
"rev": "b06bab83bdf285ea0ae3c8e145a081eb95959047",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "LnL7",
|
||||
"repo": "nix-darwin",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"deno2nix": {
|
||||
"inputs": {
|
||||
"devshell": "devshell_3",
|
||||
"devshell": "devshell_2",
|
||||
"flake-compat": "flake-compat_2",
|
||||
"flake-utils": "flake-utils_5",
|
||||
"nixpkgs": "nixpkgs_2"
|
||||
"flake-utils": "flake-utils_3",
|
||||
"nixpkgs": "nixpkgs_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1686513235,
|
||||
|
@ -102,22 +82,22 @@
|
|||
"url": "https://git.pub.solar/b12f/deno2.nix.git"
|
||||
}
|
||||
},
|
||||
"deploy": {
|
||||
"deploy-rs": {
|
||||
"inputs": {
|
||||
"flake-compat": [
|
||||
"flake-compat"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixos"
|
||||
"nixpkgs"
|
||||
],
|
||||
"utils": "utils"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1686747123,
|
||||
"narHash": "sha256-XUQK9kwHpTeilHoad7L4LjMCCyY13Oq383CoFADecRE=",
|
||||
"lastModified": 1695052866,
|
||||
"narHash": "sha256-agn7F9Oww4oU6nPiw+YiYI9Xb4vOOE73w8PAoBRP4AA=",
|
||||
"owner": "serokell",
|
||||
"repo": "deploy-rs",
|
||||
"rev": "724463b5a94daa810abfc64a4f87faef4e00f984",
|
||||
"rev": "e3f41832680801d0ee9e2ed33eb63af398b090e9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -127,28 +107,6 @@
|
|||
}
|
||||
},
|
||||
"devshell": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils_2",
|
||||
"nixpkgs": [
|
||||
"digga",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1671489820,
|
||||
"narHash": "sha256-qoei5HDJ8psd1YUPD7DhbHdhLIT9L2nadscp4Qk37uk=",
|
||||
"owner": "numtide",
|
||||
"repo": "devshell",
|
||||
"rev": "5aa3a8039c68b4bf869327446590f4cdf90bb634",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "devshell",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"devshell_2": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"keycloak-theme-pub-solar",
|
||||
|
@ -170,7 +128,7 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"devshell_3": {
|
||||
"devshell_2": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"scan2paperless",
|
||||
|
@ -193,7 +151,7 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"devshell_4": {
|
||||
"devshell_3": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"scan2paperless",
|
||||
|
@ -215,46 +173,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"digga": {
|
||||
"inputs": {
|
||||
"darwin": [
|
||||
"darwin"
|
||||
],
|
||||
"deploy": [
|
||||
"deploy"
|
||||
],
|
||||
"devshell": "devshell",
|
||||
"flake-compat": [
|
||||
"flake-compat"
|
||||
],
|
||||
"flake-utils": "flake-utils_3",
|
||||
"flake-utils-plus": "flake-utils-plus",
|
||||
"home-manager": [
|
||||
"home"
|
||||
],
|
||||
"nixlib": [
|
||||
"nixos"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixos"
|
||||
],
|
||||
"nixpkgs-unstable": "nixpkgs-unstable"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1674947971,
|
||||
"narHash": "sha256-6gKqegJHs72jnfFP9g2sihl4fIZgtKgKuqU2rCkIdGY=",
|
||||
"owner": "pub-solar",
|
||||
"repo": "digga",
|
||||
"rev": "2da608bd8afb48afef82c6b1b6d852a36094a497",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "pub-solar",
|
||||
"ref": "fix/bootstrap-iso",
|
||||
"repo": "digga",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"fix-atomic-container-restarts": {
|
||||
"locked": {
|
||||
"lastModified": 1688325567,
|
||||
|
@ -319,6 +237,24 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-parts": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": "nixpkgs-lib"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1693611461,
|
||||
"narHash": "sha256-aPODl8vAgGQ0ZYFIRisxYG5MOGSkIczvu2Cd8Gb9+1Y=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "7f53fdb7bdc5bb237da7fefef12d099e4fd611ca",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils": {
|
||||
"locked": {
|
||||
"lastModified": 1659877975,
|
||||
|
@ -334,59 +270,7 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils-plus": {
|
||||
"inputs": {
|
||||
"flake-utils": [
|
||||
"digga",
|
||||
"flake-utils"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1654029967,
|
||||
"narHash": "sha256-my3GQ3mQIw/1f6GPV1IhUZrcYQSWh0YJAMPNBjhXJDw=",
|
||||
"owner": "gytis-ivaskevicius",
|
||||
"repo": "flake-utils-plus",
|
||||
"rev": "6271cf3842ff9c8a9af9e3508c547f86bc77d199",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "gytis-ivaskevicius",
|
||||
"ref": "refs/pull/120/head",
|
||||
"repo": "flake-utils-plus",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_2": {
|
||||
"locked": {
|
||||
"lastModified": 1642700792,
|
||||
"narHash": "sha256-XqHrk7hFb+zBvRg6Ghl+AZDq03ov6OshJLiSWOoX5es=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "846b2ae0fc4cc943637d3d1def4454213e203cba",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_3": {
|
||||
"locked": {
|
||||
"lastModified": 1667395993,
|
||||
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_4": {
|
||||
"inputs": {
|
||||
"systems": "systems_2"
|
||||
},
|
||||
|
@ -404,7 +288,7 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_5": {
|
||||
"flake-utils_3": {
|
||||
"inputs": {
|
||||
"systems": "systems_4"
|
||||
},
|
||||
|
@ -422,7 +306,7 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_6": {
|
||||
"flake-utils_4": {
|
||||
"inputs": {
|
||||
"systems": "systems_6"
|
||||
},
|
||||
|
@ -440,18 +324,18 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"home": {
|
||||
"home-manager": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixos"
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1687871164,
|
||||
"narHash": "sha256-bBFlPthuYX322xOlpJvkjUBz0C+MOBjZdDOOJJ+G2jU=",
|
||||
"lastModified": 1695108154,
|
||||
"narHash": "sha256-gSg7UTVtls2yO9lKtP0yb66XBHT1Fx5qZSZbGMpSn2c=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "07c347bb50994691d7b0095f45ebd8838cf6bc38",
|
||||
"rev": "07682fff75d41f18327a871088d20af2710d4744",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -463,10 +347,10 @@
|
|||
},
|
||||
"keycloak-theme-pub-solar": {
|
||||
"inputs": {
|
||||
"devshell": "devshell_2",
|
||||
"flake-utils": "flake-utils_4",
|
||||
"devshell": "devshell",
|
||||
"flake-utils": "flake-utils_2",
|
||||
"nixpkgs": [
|
||||
"nixos"
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
|
@ -484,22 +368,6 @@
|
|||
"url": "https://git.pub.solar/pub-solar/keycloak-theme"
|
||||
}
|
||||
},
|
||||
"latest": {
|
||||
"locked": {
|
||||
"lastModified": 1693663421,
|
||||
"narHash": "sha256-ImMIlWE/idjcZAfxKK8sQA7A1Gi/O58u5/CJA+mxvl8=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "e56990880811a451abd32515698c712788be5720",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"master": {
|
||||
"locked": {
|
||||
"lastModified": 1693817516,
|
||||
|
@ -534,19 +402,39 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixos": {
|
||||
"nix-darwin": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1693636127,
|
||||
"narHash": "sha256-ZlS/lFGzK7BJXX2YVGnP3yZi3T9OLOEtBCyMJsb91U8=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "9075cba53e86dc318d159aee55dc9a7c9a4829c1",
|
||||
"lastModified": 1695686713,
|
||||
"narHash": "sha256-rJATx5B/nwlBpt7CJUf85LV27qWPbul5UVV8fu6ABPg=",
|
||||
"owner": "lnl7",
|
||||
"repo": "nix-darwin",
|
||||
"rev": "e236a1e598a9a59265897948ac9874c364b9555f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-23.05",
|
||||
"repo": "nixpkgs",
|
||||
"owner": "lnl7",
|
||||
"ref": "master",
|
||||
"repo": "nix-darwin",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixos-flake": {
|
||||
"locked": {
|
||||
"lastModified": 1692742948,
|
||||
"narHash": "sha256-19LQQFGshuQNrrXZYVt+mWY0O3NbhEXeMy3MZwzYZGo=",
|
||||
"owner": "srid",
|
||||
"repo": "nixos-flake",
|
||||
"rev": "2c25190ceacdaaae7e8afbecfa87096bb499a431",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "srid",
|
||||
"repo": "nixos-flake",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
|
@ -581,23 +469,41 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-unstable": {
|
||||
"nixpkgs-lib": {
|
||||
"locked": {
|
||||
"lastModified": 1672791794,
|
||||
"narHash": "sha256-mqGPpGmwap0Wfsf3o2b6qHJW1w2kk/I6cGCGIU+3t6o=",
|
||||
"owner": "nixos",
|
||||
"dir": "lib",
|
||||
"lastModified": 1693471703,
|
||||
"narHash": "sha256-0l03ZBL8P1P6z8MaSDS/MvuU8E75rVxe5eE1N6gxeTo=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "9813adc7f7c0edd738c6bdd8431439688bb0cb3d",
|
||||
"rev": "3e52e76b70d5508f3cec70b882a29199f4d1ee85",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"dir": "lib",
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1696039360,
|
||||
"narHash": "sha256-g7nIUV4uq1TOVeVIDEZLb005suTWCUjSY0zYOlSBsyE=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "32dcb45f66c0487e92db8303a798ebc548cadedc",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-23.05",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_3": {
|
||||
"locked": {
|
||||
"lastModified": 1686412476,
|
||||
"narHash": "sha256-inl9SVk6o5h75XKC79qrDCAobTD1Jxh6kVYTZKHzewA=",
|
||||
|
@ -613,7 +519,7 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_3": {
|
||||
"nixpkgs_4": {
|
||||
"locked": {
|
||||
"lastModified": 1693158576,
|
||||
"narHash": "sha256-aRTTXkYvhXosGx535iAFUaoFboUrZSYb1Ooih/auGp0=",
|
||||
|
@ -633,28 +539,29 @@
|
|||
"inputs": {
|
||||
"adblock-unbound": "adblock-unbound",
|
||||
"agenix": "agenix",
|
||||
"darwin": "darwin",
|
||||
"deploy": "deploy",
|
||||
"digga": "digga",
|
||||
"deploy-rs": "deploy-rs",
|
||||
"fix-atomic-container-restarts": "fix-atomic-container-restarts",
|
||||
"fix-yubikey-agent": "fix-yubikey-agent",
|
||||
"flake-compat": "flake-compat",
|
||||
"home": "home",
|
||||
"flake-parts": "flake-parts",
|
||||
"home-manager": "home-manager",
|
||||
"keycloak-theme-pub-solar": "keycloak-theme-pub-solar",
|
||||
"latest": "latest",
|
||||
"master": "master",
|
||||
"musnix": "musnix",
|
||||
"nixos": "nixos",
|
||||
"nix-darwin": "nix-darwin",
|
||||
"nixos-flake": "nixos-flake",
|
||||
"nixos-hardware": "nixos-hardware",
|
||||
"scan2paperless": "scan2paperless"
|
||||
"nixpkgs": "nixpkgs_2",
|
||||
"scan2paperless": "scan2paperless",
|
||||
"unstable": "unstable"
|
||||
}
|
||||
},
|
||||
"scan2paperless": {
|
||||
"inputs": {
|
||||
"deno2nix": "deno2nix",
|
||||
"devshell": "devshell_4",
|
||||
"flake-utils": "flake-utils_6",
|
||||
"nixpkgs": "nixpkgs_3"
|
||||
"devshell": "devshell_3",
|
||||
"flake-utils": "flake-utils_4",
|
||||
"nixpkgs": "nixpkgs_4"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1693298356,
|
||||
|
@ -760,6 +667,22 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"unstable": {
|
||||
"locked": {
|
||||
"lastModified": 1696019113,
|
||||
"narHash": "sha256-X3+DKYWJm93DRSdC5M6K5hLqzSya9BjibtBsuARoPco=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "f5892ddac112a1e9b3612c39af1b72987ee5783a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"utils": {
|
||||
"locked": {
|
||||
"lastModified": 1667395993,
|
||||
|
|
291
flake.nix
291
flake.nix
|
@ -1,42 +1,36 @@
|
|||
{
|
||||
description = "A highly structured configuration database.";
|
||||
description = "b12f hosts";
|
||||
|
||||
nixConfig.extra-experimental-features = "nix-command flakes";
|
||||
|
||||
inputs = {
|
||||
# Track channels with commits tested and built by hydra
|
||||
nixos.url = "github:nixos/nixpkgs/nixos-23.05";
|
||||
latest.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
|
||||
unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||
|
||||
flake-compat.url = "github:edolstra/flake-compat";
|
||||
flake-compat.flake = false;
|
||||
|
||||
digga.url = "github:pub-solar/digga/fix/bootstrap-iso";
|
||||
digga.inputs.nixpkgs.follows = "nixos";
|
||||
digga.inputs.nixlib.follows = "nixos";
|
||||
digga.inputs.home-manager.follows = "home";
|
||||
digga.inputs.deploy.follows = "deploy";
|
||||
digga.inputs.darwin.follows = "darwin";
|
||||
digga.inputs.flake-compat.follows = "flake-compat";
|
||||
nix-darwin.url = "github:lnl7/nix-darwin/master";
|
||||
nix-darwin.inputs.nixpkgs.follows = "nixpkgs";
|
||||
home-manager.url = "github:nix-community/home-manager/release-23.05";
|
||||
home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
home.url = "github:nix-community/home-manager/release-23.05";
|
||||
home.inputs.nixpkgs.follows = "nixos";
|
||||
flake-parts.url = "github:hercules-ci/flake-parts";
|
||||
nixos-flake.url = "github:srid/nixos-flake";
|
||||
|
||||
darwin.url = "github:LnL7/nix-darwin";
|
||||
darwin.inputs.nixpkgs.follows = "nixos";
|
||||
|
||||
deploy.url = "github:serokell/deploy-rs";
|
||||
deploy.inputs.nixpkgs.follows = "nixos";
|
||||
deploy.inputs.flake-compat.follows = "flake-compat";
|
||||
deploy-rs.url = "github:serokell/deploy-rs";
|
||||
deploy-rs.inputs.nixpkgs.follows = "nixpkgs";
|
||||
deploy-rs.inputs.flake-compat.follows = "flake-compat";
|
||||
|
||||
agenix.url = "github:ryantm/agenix";
|
||||
agenix.inputs.nixpkgs.follows = "nixos";
|
||||
agenix.inputs.darwin.follows = "darwin";
|
||||
agenix.inputs.nixpkgs.follows = "nixpkgs";
|
||||
agenix.inputs.darwin.follows = "nix-darwin";
|
||||
|
||||
nixos-hardware.url = "github:nixos/nixos-hardware";
|
||||
|
||||
keycloak-theme-pub-solar.url = "git+https://git.pub.solar/pub-solar/keycloak-theme?ref=main";
|
||||
keycloak-theme-pub-solar.inputs.nixpkgs.follows = "nixos";
|
||||
keycloak-theme-pub-solar.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
master.url = "github:nixos/nixpkgs/master";
|
||||
fix-yubikey-agent.url = "github:pub-solar/nixpkgs/fix/use-latest-unstable-yubikey-agent";
|
||||
|
@ -45,177 +39,114 @@
|
|||
musnix.url = "github:musnix/musnix";
|
||||
|
||||
adblock-unbound.url = "github:MayNiklas/nixos-adblock-unbound";
|
||||
adblock-unbound.inputs.nixpkgs.follows = "nixos";
|
||||
adblock-unbound.inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
outputs = {
|
||||
self,
|
||||
digga,
|
||||
nixos,
|
||||
home,
|
||||
nixos-hardware,
|
||||
agenix,
|
||||
deploy,
|
||||
scan2paperless,
|
||||
musnix,
|
||||
...
|
||||
} @ inputs:
|
||||
digga.lib.mkFlake
|
||||
{
|
||||
inherit self inputs;
|
||||
|
||||
channelsConfig = {
|
||||
allowUnfree = true;
|
||||
};
|
||||
|
||||
supportedSystems = ["x86_64-linux" "aarch64-linux" "aarch64-darwin"];
|
||||
|
||||
channels = {
|
||||
nixos = {
|
||||
imports = [(digga.lib.importOverlays ./overlays)];
|
||||
overlays = [
|
||||
(self: super: {
|
||||
deploy-rs = {
|
||||
inherit (inputs.nixos.legacyPackages.x86_64-linux) deploy-rs;
|
||||
lib = inputs.deploy.lib.x86_64-linux;
|
||||
};
|
||||
})
|
||||
];
|
||||
};
|
||||
latest = {};
|
||||
};
|
||||
|
||||
lib = import ./lib {lib = digga.lib // nixos.lib;};
|
||||
|
||||
sharedOverlays = [
|
||||
(final: prev: {
|
||||
__dontExport = true;
|
||||
lib = prev.lib.extend (lfinal: lprev: {
|
||||
our = self.lib;
|
||||
});
|
||||
})
|
||||
agenix.overlays.default
|
||||
|
||||
(import ./pkgs)
|
||||
outputs = inputs@{ self, ... }:
|
||||
inputs.flake-parts.lib.mkFlake { inherit inputs; } {
|
||||
systems = [
|
||||
"x86_64-linux"
|
||||
"aarch64-linux"
|
||||
"x86_64-darwin"
|
||||
"aarch64-darwin"
|
||||
];
|
||||
|
||||
nixos = {
|
||||
hostDefaults = {
|
||||
system = "x86_64-linux";
|
||||
channelName = "nixos";
|
||||
imports = [(digga.lib.importExportableModules ./modules)];
|
||||
modules = [
|
||||
{lib.our = self.lib;}
|
||||
# FIXME: upstream module causes a huge number of unnecessary
|
||||
# dependencies to be pulled in for all systems -- many of them are
|
||||
# graphical. should only be imported as needed.
|
||||
# digga.nixosModules.bootstrapIso
|
||||
digga.nixosModules.nixConfig
|
||||
home.nixosModules.home-manager
|
||||
agenix.nixosModules.age
|
||||
musnix.nixosModules.musnix
|
||||
imports = [
|
||||
inputs.nixos-flake.flakeModule
|
||||
./modules
|
||||
./hosts
|
||||
./users
|
||||
];
|
||||
|
||||
perSystem = args@{ system, pkgs, config, ... }: {
|
||||
_module.args = {
|
||||
inherit inputs;
|
||||
pkgs = import inputs.nixpkgs {
|
||||
inherit system;
|
||||
overlays = [
|
||||
inputs.agenix.overlays.default
|
||||
];
|
||||
};
|
||||
unstable = import inputs.unstable { inherit system; };
|
||||
master = import inputs.master { inherit system; };
|
||||
fix-yubikey-agent = import inputs.fix-yubikey-agent { inherit system; };
|
||||
};
|
||||
|
||||
devShells.default = pkgs.mkShell {
|
||||
buildInputs = [
|
||||
pkgs.nixpkgs-fmt
|
||||
pkgs.agenix
|
||||
pkgs.ssh-to-age
|
||||
];
|
||||
};
|
||||
|
||||
imports = [(digga.lib.importHosts ./hosts)];
|
||||
hosts = {
|
||||
# Set host-specific properties here
|
||||
bootstrap = {
|
||||
modules = [
|
||||
digga.nixosModules.bootstrapIso
|
||||
];
|
||||
};
|
||||
PubSolarOS = {
|
||||
tests = [
|
||||
#(import ./tests/first-test.nix {
|
||||
# pkgs = nixos.legacyPackages.x86_64-linux;
|
||||
# lib = nixos.lib;
|
||||
#})
|
||||
];
|
||||
};
|
||||
|
||||
pie = {
|
||||
system = "aarch64-linux";
|
||||
modules = [nixos-hardware.nixosModules.raspberry-pi-4];
|
||||
};
|
||||
|
||||
maoam = {
|
||||
system = "aarch64-linux";
|
||||
};
|
||||
};
|
||||
importables = rec {
|
||||
profiles =
|
||||
digga.lib.rakeLeaves ./profiles
|
||||
// {
|
||||
users = digga.lib.rakeLeaves ./users;
|
||||
};
|
||||
|
||||
suites = with profiles; rec {
|
||||
base = [users.pub-solar users.root];
|
||||
iso = base ++ [base-user graphical pub-solar-iso];
|
||||
pubsolaros = [full-install base-user users.root];
|
||||
anonymous = [pubsolaros users.pub-solar];
|
||||
|
||||
b12f = pubsolaros ++ [users.b12f social gaming mobile];
|
||||
biolimo = b12f ++ [graphical];
|
||||
chocolatebar = b12f ++ [graphical virtualisation];
|
||||
|
||||
yule = pubsolaros ++ [users.yule];
|
||||
droppie = yule ++ [];
|
||||
pie = yule ++ [];
|
||||
maoam = b12f ++ [];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
home = {
|
||||
imports = [(digga.lib.importExportableModules ./users/modules)];
|
||||
modules = [];
|
||||
importables = rec {
|
||||
profiles = digga.lib.rakeLeaves ./users/profiles;
|
||||
suites = with profiles; rec {
|
||||
base = [direnv git];
|
||||
};
|
||||
};
|
||||
users = let
|
||||
default = {suites, ...}: {
|
||||
imports = suites.base;
|
||||
home.stateVersion = "21.03";
|
||||
};
|
||||
in {
|
||||
pub-solar = default;
|
||||
b12f = default;
|
||||
yule = default;
|
||||
};
|
||||
};
|
||||
flake = {
|
||||
nixosModules = rec {
|
||||
base.imports = [
|
||||
self.nixosModules.home-manager
|
||||
inputs.agenix.nixosModules.default
|
||||
inputs.musnix.nixosModules.musnix
|
||||
|
||||
devshell = ./shell;
|
||||
({
|
||||
flake,
|
||||
pkgs,
|
||||
lib,
|
||||
unstable,
|
||||
master,
|
||||
fix-yubikey-agent,
|
||||
...
|
||||
}: {
|
||||
nixpkgs.overlays = (import ./overlays) ++ [
|
||||
(prev: next: {
|
||||
scan2paperless = inputs.scan2paperless.legacyPackages.${prev.system}.scan2paperless;
|
||||
nixd = inputs.unstable.legacyPackages.${prev.system}.nixd;
|
||||
yubikey-agent = inputs.fix-yubikey-agent.legacyPackages.${prev.system}.yubikey-agent;
|
||||
|
||||
homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations;
|
||||
factorio-headless = inputs.master.legacyPackages.${prev.system}.factorio-headless;
|
||||
paperless-ngx = inputs.master.legacyPackages.${prev.system}.paperless-ngx;
|
||||
waybar = inputs.master.legacyPackages.${prev.system}.waybar;
|
||||
element-desktop = inputs.master.legacyPackages.${prev.system}.element-desktop;
|
||||
|
||||
deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations {
|
||||
droppie = {
|
||||
hostname = "backup.b12f.io";
|
||||
sshUser = "yule";
|
||||
adlist = inputs.adblock-unbound.packages.${prev.system};
|
||||
})
|
||||
];
|
||||
|
||||
nix.nixPath = [
|
||||
"nixpkgs=${inputs.nixpkgs}"
|
||||
"nixos-config=${./lib/compat/nixos}"
|
||||
"home-manager=${inputs.home-manager}"
|
||||
];
|
||||
})
|
||||
|
||||
self.nixosModules.arduino
|
||||
self.nixosModules.audio
|
||||
self.nixosModules.ci-runner
|
||||
self.nixosModules.core
|
||||
self.nixosModules.crypto
|
||||
self.nixosModules.devops
|
||||
self.nixosModules.docker
|
||||
self.nixosModules.docker-ci-runner
|
||||
self.nixosModules.email
|
||||
self.nixosModules.gaming
|
||||
self.nixosModules.graphical
|
||||
self.nixosModules.mobile
|
||||
self.nixosModules.nix
|
||||
self.nixosModules.nextcloud
|
||||
self.nixosModules.office
|
||||
self.nixosModules.paperless
|
||||
self.nixosModules.paranoia
|
||||
self.nixosModules.printing
|
||||
self.nixosModules.social
|
||||
self.nixosModules.sway
|
||||
self.nixosModules.terminal-life
|
||||
self.nixosModules.uhk
|
||||
self.nixosModules.user
|
||||
self.nixosModules.virtualisation
|
||||
|
||||
self.nixosModules.root
|
||||
];
|
||||
};
|
||||
|
||||
pie = {
|
||||
sshUser = "yule";
|
||||
};
|
||||
|
||||
maoam = {
|
||||
sshUser = "b12f";
|
||||
};
|
||||
#example = {
|
||||
# hostname = "example.com:22";
|
||||
# sshUser = "bartender";
|
||||
# fastConnect = true;
|
||||
# profilesOrder = ["system" "direnv"];
|
||||
# profiles.direnv = {
|
||||
# user = "bartender";
|
||||
# path = self.pkgs.x86_64-linux.nixos.deploy-rs.lib.x86_64-linux.activate.home-manager self.homeConfigurationsPortable.x86_64-linux.bartender;
|
||||
# };
|
||||
#};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,21 +0,0 @@
|
|||
{suites, ...}: {
|
||||
### root password is empty by default ###
|
||||
### default password: pub-solar, optional: add your SSH keys
|
||||
imports =
|
||||
suites.iso;
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
networking.networkmanager.enable = true;
|
||||
|
||||
fileSystems."/" = {device = "/dev/disk/by-label/nixos";};
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "22.05"; # Did you read the comment?
|
||||
}
|
|
@ -1,47 +0,0 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in {
|
||||
imports = [
|
||||
./configuration.nix
|
||||
];
|
||||
|
||||
config = {
|
||||
pub-solar.paranoia.enable = true;
|
||||
pub-solar.core.hibernation.resumeDevice = "/dev/dm-0";
|
||||
pub-solar.core.hibernation.resumeOffset = 15296512;
|
||||
|
||||
hardware.cpu.intel.updateMicrocode = true;
|
||||
|
||||
networking.networkmanager.wifi.backend = mkForce "wpa_supplicant";
|
||||
|
||||
services.printing.drivers = [
|
||||
pkgs.cups-brother-hl3140cw
|
||||
];
|
||||
|
||||
home-manager = with pkgs;
|
||||
pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
|
||||
xdg.configFile = mkIf psCfg.sway.enable {
|
||||
"sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf;
|
||||
"sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf;
|
||||
"sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
|
||||
"sway/config.d/10-custom-keybindings.conf".source = ./.config/sway/config.d/custom-keybindings.conf;
|
||||
};
|
||||
|
||||
home.packages = [
|
||||
inkscape
|
||||
];
|
||||
};
|
||||
|
||||
# For OpenProject development with https
|
||||
security.pki.certificates = [
|
||||
(builtins.readFile ./step-roots.pem)
|
||||
];
|
||||
};
|
||||
}
|
|
@ -1,20 +1,51 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
}:
|
||||
with lib; let
|
||||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in {
|
||||
pub-solar.graphical.enable = true;
|
||||
pub-solar.sway.enable = true;
|
||||
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
pub-solar.paranoia.enable = true;
|
||||
pub-solar.core.hibernation.resumeDevice = "/dev/dm-0";
|
||||
pub-solar.core.hibernation.resumeOffset = 15296512;
|
||||
|
||||
hardware.cpu.intel.updateMicrocode = true;
|
||||
|
||||
networking.networkmanager.wifi.backend = mkForce "wpa_supplicant";
|
||||
|
||||
services.printing.drivers = [
|
||||
pkgs.cups-brother-hl3140cw
|
||||
];
|
||||
|
||||
home-manager = with pkgs;
|
||||
pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
|
||||
xdg.configFile = mkIf psCfg.sway.enable {
|
||||
"sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf;
|
||||
"sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf;
|
||||
"sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
|
||||
"sway/config.d/10-custom-keybindings.conf".source = ./.config/sway/config.d/custom-keybindings.conf;
|
||||
};
|
||||
|
||||
home.packages = [
|
||||
inkscape
|
||||
];
|
||||
};
|
||||
|
||||
# For OpenProject development with https
|
||||
security.pki.certificates = [
|
||||
(builtins.readFile ./step-roots.pem)
|
||||
];
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
{suites, ...}: {
|
||||
imports =
|
||||
[
|
||||
./biolimo.nix
|
||||
]
|
||||
++ suites.biolimo;
|
||||
{...}: {
|
||||
imports = [
|
||||
./configuration.nix
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,54 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
profiles,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
# Gets hostname of host to be bundled inside iso
|
||||
# Copied from https://github.com/divnix/digga/blob/30ffa0b02272dc56c94fd3c7d8a5a0f07ca197bf/modules/bootstrap-iso.nix#L3-L11
|
||||
getFqdn = config: let
|
||||
net = config.networking;
|
||||
fqdn =
|
||||
if (net ? domain) && (net.domain != null)
|
||||
then "${net.hostName}.${net.domain}"
|
||||
else net.hostName;
|
||||
in
|
||||
fqdn;
|
||||
in {
|
||||
# build with: `nix build ".#nixosConfigurations.bootstrap.config.system.build.isoImage"`
|
||||
imports = [
|
||||
# profiles.networking
|
||||
profiles.users.root # make sure to configure ssh keys
|
||||
profiles.users.pub-solar
|
||||
profiles.base-user
|
||||
profiles.graphical
|
||||
profiles.pub-solar-iso
|
||||
];
|
||||
|
||||
config = {
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
|
||||
# will be overridden by the bootstrapIso instrumentation
|
||||
fileSystems."/" = {device = "/dev/disk/by-label/nixos";};
|
||||
|
||||
system.nixos.label = "PubSolarOS-" + config.system.nixos.version;
|
||||
|
||||
# mkForce because a similar transformation gets double applied otherwise
|
||||
# https://github.com/divnix/digga/blob/30ffa0b02272dc56c94fd3c7d8a5a0f07ca197bf/modules/bootstrap-iso.nix#L17
|
||||
# https://github.com/NixOS/nixpkgs/blob/aecd4d8349b94f9bd5718c74a5b789f233f67326/nixos/modules/installer/cd-dvd/installation-cd-base.nix#L21-L22
|
||||
isoImage = {
|
||||
isoBaseName = mkForce (getFqdn config);
|
||||
isoName = mkForce "${config.system.nixos.label}-${config.isoImage.isoBaseName}-${pkgs.stdenv.hostPlatform.system}.iso";
|
||||
};
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "21.05"; # Did you read the comment?
|
||||
};
|
||||
}
|
|
@ -1,109 +0,0 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
self,
|
||||
inputs,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in {
|
||||
imports = [
|
||||
./configuration.nix
|
||||
./virtualisation
|
||||
./factorio
|
||||
];
|
||||
|
||||
config = {
|
||||
hardware.cpu.amd.updateMicrocode = true;
|
||||
|
||||
hardware.opengl.extraPackages = with pkgs; [
|
||||
rocm-opencl-icd
|
||||
rocm-opencl-runtime
|
||||
];
|
||||
|
||||
pub-solar.core.hibernation.resumeDevice = "/dev/dm-0";
|
||||
pub-solar.core.hibernation.resumeOffset = 115075072;
|
||||
|
||||
pub-solar.paperless.sync.masterNode = true;
|
||||
|
||||
age.secrets."drone-runner-exec-config" = {
|
||||
file = "${self}/secrets/drone-runner-exec-config";
|
||||
mode = "400";
|
||||
owner = psCfg.user.name;
|
||||
};
|
||||
|
||||
pub-solar.docker-ci-runner = {
|
||||
enable = true;
|
||||
runnerVarsFile = config.age.secrets.drone-runner-exec-config.path;
|
||||
};
|
||||
|
||||
pub-solar.paperless.scannerDefaultDevice = "hp3900:libusb:005:004";
|
||||
|
||||
services.openssh.openFirewall = true;
|
||||
networking.firewall.allowedTCPPorts =
|
||||
[443]
|
||||
++ (
|
||||
if psCfg.sway.vnc.enable
|
||||
then [5901]
|
||||
else []
|
||||
);
|
||||
networking.firewall.allowedUDPPorts = [43050];
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
wayvnc
|
||||
drone-docker-runner
|
||||
stdenv.cc.cc.lib
|
||||
pkgs.hplip
|
||||
];
|
||||
|
||||
age.secrets."vnc-key.pem" = {
|
||||
file = "${self}/secrets/vnc-key-chocolatebar.pem";
|
||||
mode = "400";
|
||||
owner = psCfg.user.name;
|
||||
};
|
||||
age.secrets."vnc-cert.pem" = {
|
||||
file = "${self}/secrets/vnc-cert-chocolatebar.pem";
|
||||
mode = "400";
|
||||
owner = psCfg.user.name;
|
||||
};
|
||||
pub-solar.sway.vnc.enable = true;
|
||||
|
||||
services.printing.drivers = [
|
||||
pkgs.cups-brother-hl3140cw
|
||||
];
|
||||
|
||||
services.udev.extraRules = ''
|
||||
SUBSYSTEMS=="usb", ATTRS{idVendor}=="04f9", ATTRS{idProduct}=="209e", ATTRS{serial}=="000W0H924252", MODE="0664", GROUP="lp", SYMLINK+="usb/lp0"
|
||||
'';
|
||||
|
||||
home-manager.users."${psCfg.user.name}" = {
|
||||
xdg.configFile = mkIf psCfg.sway.enable {
|
||||
"sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf;
|
||||
"sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
|
||||
"sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf;
|
||||
};
|
||||
|
||||
home.sessionVariables = {
|
||||
NIX_CC = "${pkgs.stdenv.cc}";
|
||||
};
|
||||
|
||||
home.packages = with pkgs; [
|
||||
lmms
|
||||
audacity
|
||||
];
|
||||
};
|
||||
|
||||
musnix = {
|
||||
enable = true;
|
||||
kernel.realtime = true;
|
||||
};
|
||||
|
||||
# For OpenProject development with https
|
||||
security.pki.certificates = [
|
||||
(builtins.readFile ./step-roots.pem)
|
||||
];
|
||||
};
|
||||
}
|
|
@ -1,20 +1,112 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
flake,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
}:
|
||||
with lib; let
|
||||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in {
|
||||
pub-solar.graphical.enable = true;
|
||||
pub-solar.sway.enable = true;
|
||||
pub-solar.virtualisation.enable = true;
|
||||
|
||||
hardware.cpu.amd.updateMicrocode = true;
|
||||
|
||||
hardware.opengl.extraPackages = with pkgs; [
|
||||
rocm-opencl-icd
|
||||
rocm-opencl-runtime
|
||||
];
|
||||
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
pub-solar.paranoia.enable = true;
|
||||
pub-solar.core.hibernation.resumeDevice = "/dev/dm-0";
|
||||
pub-solar.core.hibernation.resumeOffset = 115075072;
|
||||
|
||||
pub-solar.paperless.sync.masterNode = true;
|
||||
|
||||
age.secrets."drone-runner-exec-config" = {
|
||||
file = "${flake.self}/secrets/drone-runner-exec-config";
|
||||
mode = "400";
|
||||
owner = psCfg.user.name;
|
||||
};
|
||||
|
||||
pub-solar.docker-ci-runner = {
|
||||
enable = true;
|
||||
runnerVarsFile = config.age.secrets.drone-runner-exec-config.path;
|
||||
};
|
||||
|
||||
pub-solar.paperless.scannerDefaultDevice = "hp3900:libusb:005:004";
|
||||
|
||||
services.openssh.openFirewall = true;
|
||||
networking.firewall.allowedTCPPorts =
|
||||
[443]
|
||||
++ (
|
||||
if psCfg.sway.vnc.enable
|
||||
then [5901]
|
||||
else []
|
||||
);
|
||||
networking.firewall.allowedUDPPorts = [43050];
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
wayvnc
|
||||
drone-docker-runner
|
||||
stdenv.cc.cc.lib
|
||||
pkgs.hplip
|
||||
];
|
||||
|
||||
age.secrets."vnc-key.pem" = {
|
||||
file = "${flake.self}/secrets/vnc-key-chocolatebar.pem";
|
||||
mode = "400";
|
||||
owner = psCfg.user.name;
|
||||
};
|
||||
age.secrets."vnc-cert.pem" = {
|
||||
file = "${flake.self}/secrets/vnc-cert-chocolatebar.pem";
|
||||
mode = "400";
|
||||
owner = psCfg.user.name;
|
||||
};
|
||||
pub-solar.sway.vnc.enable = true;
|
||||
|
||||
services.printing.drivers = [
|
||||
pkgs.cups-brother-hl3140cw
|
||||
];
|
||||
|
||||
services.udev.extraRules = ''
|
||||
SUBSYSTEMS=="usb", ATTRS{idVendor}=="04f9", ATTRS{idProduct}=="209e", ATTRS{serial}=="000W0H924252", MODE="0664", GROUP="lp", SYMLINK+="usb/lp0"
|
||||
'';
|
||||
|
||||
home-manager.users."${psCfg.user.name}" = {
|
||||
xdg.configFile = mkIf psCfg.sway.enable {
|
||||
"sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf;
|
||||
"sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
|
||||
"sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf;
|
||||
};
|
||||
|
||||
home.sessionVariables = {
|
||||
NIX_CC = "${pkgs.stdenv.cc}";
|
||||
};
|
||||
|
||||
home.packages = with pkgs; [
|
||||
lmms
|
||||
audacity
|
||||
];
|
||||
};
|
||||
|
||||
musnix = {
|
||||
enable = true;
|
||||
kernel.realtime = true;
|
||||
};
|
||||
|
||||
# For OpenProject development with https
|
||||
security.pki.certificates = [
|
||||
(builtins.readFile ./step-roots.pem)
|
||||
];
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
|
|
|
@ -1,7 +1,9 @@
|
|||
{suites, ...}: {
|
||||
imports =
|
||||
[
|
||||
./chocolatebar.nix
|
||||
]
|
||||
++ suites.chocolatebar;
|
||||
{...}: {
|
||||
imports = [
|
||||
./configuration.nix
|
||||
./hardware-configuration.nix
|
||||
|
||||
./virtualisation
|
||||
# ./factorio
|
||||
];
|
||||
}
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
self,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
|
|
43
hosts/default.nix
Normal file
43
hosts/default.nix
Normal file
|
@ -0,0 +1,43 @@
|
|||
{ withSystem, self, inputs, ...}:
|
||||
{
|
||||
flake = {
|
||||
nixosConfigurations = {
|
||||
biolimo = self.nixos-flake.lib.mkLinuxSystem {
|
||||
nixpkgs.hostPlatform = "x86_64-linux";
|
||||
imports = [
|
||||
self.nixosModules.base
|
||||
./biolimo
|
||||
self.nixosModules.b12f
|
||||
];
|
||||
};
|
||||
|
||||
chocolatebar = self.nixos-flake.lib.mkLinuxSystem {
|
||||
nixpkgs.hostPlatform = "x86_64-linux";
|
||||
imports = [
|
||||
self.nixosModules.base
|
||||
./chocolatebar
|
||||
self.nixosModules.b12f
|
||||
];
|
||||
};
|
||||
|
||||
pie = self.nixos-flake.lib.mkLinuxSystem {
|
||||
nixpkgs.hostPlatform = "aarch64-linux";
|
||||
imports = [
|
||||
self.nixosModules.base
|
||||
inputs.nixos-hardware.nixosModules.raspberry-pi-4
|
||||
./pie
|
||||
self.nixosModules.yule
|
||||
];
|
||||
};
|
||||
|
||||
maoam = self.nixos-flake.lib.mkLinuxSystem {
|
||||
nixpkgs.hostPlatform = "aarch64-linux";
|
||||
imports = [
|
||||
self.nixosModules.base
|
||||
./maoam
|
||||
self.nixosModules.yule
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,17 +1,14 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
flake,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
}:
|
||||
with lib; let
|
||||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in {
|
||||
boot.loader.systemd-boot.enable = lib.mkForce false;
|
||||
boot.loader.grub = {
|
||||
enable = true;
|
||||
|
@ -20,6 +17,47 @@
|
|||
};
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
hardware.cpu.intel.updateMicrocode = true;
|
||||
|
||||
pub-solar.core.disk-encryption-active = false;
|
||||
pub-solar.core.lite = true;
|
||||
|
||||
security.sudo.extraRules = [
|
||||
{
|
||||
users = ["${psCfg.user.name}"];
|
||||
commands = [
|
||||
{
|
||||
command = "ALL";
|
||||
options = ["NOPASSWD"];
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
|
||||
services.ddclient = {
|
||||
enable = false;
|
||||
ipv6 = true;
|
||||
domains = ["backup.b12f.io"];
|
||||
server = "ddns.hosting.de";
|
||||
username = "b12f";
|
||||
use = "web, web=https://ipcheck-ds.wieistmeineip.de/callback/, web-skip='ip\":\"'";
|
||||
passwordFile = "/run/agenix/dyndns-droppie.key";
|
||||
};
|
||||
|
||||
age.secrets."dyndns-droppie.key" = {
|
||||
file = "${flake.self}/secrets/dyndns-droppie.key";
|
||||
mode = "400";
|
||||
owner = "root";
|
||||
};
|
||||
|
||||
# ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBZQSephFJU0NMbVbhwvVJ2/m6jcPYo1IsWCsoarqKin root@droppie
|
||||
age.secrets."droppie-ssh-root.key" = {
|
||||
file = "${flake.self}/secrets/droppie-ssh-root.key";
|
||||
path = "/home/${psCfg.user.name}/.ssh/id_ed25519";
|
||||
mode = "400";
|
||||
owner = psCfg.user.name;
|
||||
};
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
|
|
|
@ -1,7 +1,9 @@
|
|||
{suites, ...}: {
|
||||
imports =
|
||||
[
|
||||
./droppie.nix
|
||||
]
|
||||
++ suites.droppie;
|
||||
{...}: {
|
||||
imports = [
|
||||
./configuration.nix
|
||||
./hardware-configuration.nix
|
||||
|
||||
./nextcloud-web-tunnel.nix
|
||||
./restic-backup.nix
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,60 +0,0 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
self,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in {
|
||||
imports = [
|
||||
./configuration.nix
|
||||
./nextcloud-web-tunnel.nix
|
||||
./restic-backup.nix
|
||||
];
|
||||
|
||||
config = {
|
||||
hardware.cpu.intel.updateMicrocode = true;
|
||||
|
||||
pub-solar.core.disk-encryption-active = false;
|
||||
pub-solar.core.lite = true;
|
||||
|
||||
security.sudo.extraRules = [
|
||||
{
|
||||
users = ["${psCfg.user.name}"];
|
||||
commands = [
|
||||
{
|
||||
command = "ALL";
|
||||
options = ["NOPASSWD"];
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
|
||||
services.ddclient = {
|
||||
enable = false;
|
||||
ipv6 = true;
|
||||
domains = ["backup.b12f.io"];
|
||||
server = "ddns.hosting.de";
|
||||
username = "b12f";
|
||||
use = "web, web=https://ipcheck-ds.wieistmeineip.de/callback/, web-skip='ip\":\"'";
|
||||
passwordFile = "/run/agenix/dyndns-droppie.key";
|
||||
};
|
||||
|
||||
age.secrets."dyndns-droppie.key" = {
|
||||
file = "${self}/secrets/dyndns-droppie.key";
|
||||
mode = "400";
|
||||
owner = "root";
|
||||
};
|
||||
|
||||
# ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBZQSephFJU0NMbVbhwvVJ2/m6jcPYo1IsWCsoarqKin root@droppie
|
||||
age.secrets."droppie-ssh-root.key" = {
|
||||
file = "${self}/secrets/droppie-ssh-root.key";
|
||||
path = "/home/${psCfg.user.name}/.ssh/id_ed25519";
|
||||
mode = "400";
|
||||
owner = psCfg.user.name;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -2,7 +2,6 @@
|
|||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
self,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
|
|
|
@ -5,13 +5,12 @@
|
|||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
inputs,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
}:
|
||||
with lib; let
|
||||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in {
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.efiSupport = true;
|
||||
boot.loader.grub.efiInstallAsRemovable = true;
|
||||
|
@ -27,6 +26,33 @@
|
|||
|
||||
boot.kernelPackages = pkgs.linuxPackages_6_1;
|
||||
|
||||
pub-solar.core.disk-encryption-active = false;
|
||||
pub-solar.core.lite = true;
|
||||
|
||||
networking.defaultGateway = {
|
||||
address = "192.168.178.1";
|
||||
interface = "enabcm6e4ei0";
|
||||
};
|
||||
|
||||
networking.interfaces.enabcm6e4ei0.ipv4.addresses = [
|
||||
{
|
||||
address = "192.168.178.2";
|
||||
prefixLength = 24;
|
||||
}
|
||||
];
|
||||
|
||||
security.sudo.extraRules = [
|
||||
{
|
||||
users = ["${psCfg.user.name}"];
|
||||
commands = [
|
||||
{
|
||||
command = "ALL";
|
||||
options = ["NOPASSWD"];
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
|
|
|
@ -1,7 +1,10 @@
|
|||
{suites, ...}: {
|
||||
imports =
|
||||
[
|
||||
./pie.nix
|
||||
]
|
||||
++ suites.pie;
|
||||
{...}: {
|
||||
imports = [
|
||||
./configuration.nix
|
||||
./hardware-configuration.nix
|
||||
|
||||
./unbound.nix
|
||||
./dhcpd.nix
|
||||
./wake-droppie.nix
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,47 +0,0 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
self,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
psCfg = config.pub-solar;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in {
|
||||
imports = [
|
||||
./configuration.nix
|
||||
./unbound.nix
|
||||
./dhcpd.nix
|
||||
./wake-droppie.nix
|
||||
];
|
||||
|
||||
config = {
|
||||
pub-solar.core.disk-encryption-active = false;
|
||||
pub-solar.core.lite = true;
|
||||
|
||||
networking.defaultGateway = {
|
||||
address = "192.168.178.1";
|
||||
interface = "enabcm6e4ei0";
|
||||
};
|
||||
|
||||
networking.interfaces.enabcm6e4ei0.ipv4.addresses = [
|
||||
{
|
||||
address = "192.168.178.2";
|
||||
prefixLength = 24;
|
||||
}
|
||||
];
|
||||
|
||||
security.sudo.extraRules = [
|
||||
{
|
||||
users = ["${psCfg.user.name}"];
|
||||
commands = [
|
||||
{
|
||||
command = "ALL";
|
||||
options = ["NOPASSWD"];
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
};
|
||||
}
|
|
@ -1,7 +1,4 @@
|
|||
{ pkgs, inputs, ... }:
|
||||
let
|
||||
adlist = inputs.adblock-unbound.packages.${pkgs.system};
|
||||
in {
|
||||
{ pkgs, lib, ... }: {
|
||||
networking.firewall.allowedUDPPorts = [ 53 ];
|
||||
networking.firewall.allowedTCPPorts = [ 53 ];
|
||||
|
||||
|
@ -10,7 +7,7 @@ in {
|
|||
settings = {
|
||||
server = {
|
||||
include = [
|
||||
"\"${adlist.unbound-adblockStevenBlack}\""
|
||||
"\"${pkgs.adlist.unbound-adblockStevenBlack}\""
|
||||
];
|
||||
interface = [ "0.0.0.0" ];
|
||||
access-control = [ "192.168.178.0/24 allow" ];
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
}:
|
||||
with lib; let
|
||||
psCfg = config.pub-solar;
|
||||
cfg = config.pub-solar.devops;
|
||||
cfg = config.pub-solar.arduino;
|
||||
in {
|
||||
options.pub-solar.arduino = {
|
||||
enable = mkEnableOption "Life with home automation";
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
self,
|
||||
flake,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
|
@ -37,7 +37,7 @@ in {
|
|||
};
|
||||
|
||||
age.secrets."drone-runner-exec-config" = {
|
||||
file = "${self}/secrets/drone-runner-exec-config";
|
||||
file = "${flake.self}/secrets/drone-runner-exec-config";
|
||||
mode = "700";
|
||||
owner = psCfg.user.name;
|
||||
};
|
||||
|
|
|
@ -12,7 +12,6 @@ in {
|
|||
./fonts.nix
|
||||
./i18n.nix
|
||||
./networking.nix
|
||||
./nix.nix
|
||||
./packages.nix
|
||||
./services.nix
|
||||
];
|
||||
|
|
31
modules/default.nix
Normal file
31
modules/default.nix
Normal file
|
@ -0,0 +1,31 @@
|
|||
{
|
||||
# Configuration common to all Linux systems
|
||||
flake = {
|
||||
nixosModules = {
|
||||
arduino = import ./arduino;
|
||||
audio = import ./audio;
|
||||
ci-runner = import ./ci-runner;
|
||||
core = import ./core;
|
||||
crypto = import ./crypto;
|
||||
devops = import ./devops;
|
||||
docker = import ./docker;
|
||||
docker-ci-runner = import ./docker-ci-runner;
|
||||
email = import ./email;
|
||||
gaming = import ./gaming;
|
||||
graphical = import ./graphical;
|
||||
mobile = import ./mobile;
|
||||
nix = import ./nix;
|
||||
nextcloud = import ./nextcloud;
|
||||
office = import ./office;
|
||||
paperless = import ./paperless;
|
||||
paranoia = import ./paranoia;
|
||||
printing = import ./printing;
|
||||
social = import ./social;
|
||||
sway = import ./sway;
|
||||
terminal-life = import ./terminal-life;
|
||||
uhk = import ./uhk;
|
||||
user = import ./user;
|
||||
virtualisation = import ./virtualisation;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -2,7 +2,6 @@
|
|||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
self,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
|
|
|
@ -1,11 +0,0 @@
|
|||
{
|
||||
channel,
|
||||
inputs,
|
||||
...
|
||||
}: {
|
||||
nix.nixPath = [
|
||||
"nixpkgs=${channel.input}"
|
||||
"nixos-config=${../lib/compat/nixos}"
|
||||
"home-manager=${inputs.home}"
|
||||
];
|
||||
}
|
|
@ -2,7 +2,7 @@
|
|||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
inputs,
|
||||
flake,
|
||||
...
|
||||
}: {
|
||||
nix = {
|
||||
|
@ -10,6 +10,7 @@
|
|||
package = pkgs.nix;
|
||||
gc.automatic = true;
|
||||
optimise.automatic = true;
|
||||
|
||||
settings = {
|
||||
# Improve nix store disk usage
|
||||
auto-optimise-store = true;
|
||||
|
@ -20,6 +21,7 @@
|
|||
# Allow only group wheel to connect to the nix daemon
|
||||
allowed-users = ["@wheel"];
|
||||
};
|
||||
|
||||
# Generally useful nix option defaults
|
||||
extraOptions = lib.mkForce ''
|
||||
experimental-features = flakes nix-command
|
||||
|
@ -28,5 +30,11 @@
|
|||
keep-derivations = true
|
||||
fallback = true
|
||||
'';
|
||||
|
||||
nixPath = [
|
||||
"nixpkgs=${flake.inputs.nixpkgs}"
|
||||
"nixos-config=${../../lib/compat/nixos}"
|
||||
"home-manager=${flake.inputs.home-manager}"
|
||||
];
|
||||
};
|
||||
}
|
|
@ -2,8 +2,6 @@
|
|||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
masterModulesPath,
|
||||
inputs,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
|
@ -11,14 +9,6 @@ with lib; let
|
|||
cfg = config.pub-solar.paperless;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in {
|
||||
imports = [
|
||||
"${masterModulesPath}/services/misc/paperless.nix"
|
||||
];
|
||||
|
||||
disabledModules = [
|
||||
"services/misc/paperless.nix"
|
||||
];
|
||||
|
||||
options.pub-solar.paperless = {
|
||||
enable = mkEnableOption "All you need to go paperless";
|
||||
ocrLanguage = mkOption {
|
||||
|
@ -95,7 +85,7 @@ in {
|
|||
|
||||
home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
|
||||
home.packages = with pkgs; [
|
||||
inputs.scan2paperless.legacyPackages.x86_64-linux.scan2paperless
|
||||
scan2paperless
|
||||
sane-backends
|
||||
python310Packages.img2pdf
|
||||
];
|
||||
|
|
|
@ -32,7 +32,7 @@ in {
|
|||
|
||||
# Don't set this if you need sftp
|
||||
services.openssh.allowSFTP = false;
|
||||
services.openssh.openFirewall = false; # Lock yourself out
|
||||
# services.openssh.openFirewall = false; # Lock yourself out
|
||||
|
||||
# Limit the use of sudo to the group wheel
|
||||
security.sudo.execWheelOnly = true;
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
self,
|
||||
...
|
||||
}: let
|
||||
psCfg = config.pub-solar;
|
||||
|
@ -106,8 +105,6 @@ in {
|
|||
irssi = "irssi --config=$XDG_CONFIG_HOME/irssi/config --home=$XDG_DATA_HOME/irssi";
|
||||
drone = "DRONE_TOKEN=$(secret-tool lookup drone token) drone";
|
||||
no = "manix \"\" | grep '^# ' | sed 's/^# \(.*\) (.*/\1/;s/ (.*//;s/^# //' | fzf --preview=\"manix '{}'\" | xargs manix";
|
||||
# fix nixos-option
|
||||
nixos-option = "nixos-option -I nixpkgs=${self}/lib/compat";
|
||||
myip = "dig +short myip.opendns.com @208.67.222.222 2>&1";
|
||||
nnn = "nnn -d -e -H -r";
|
||||
};
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
self,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
|
@ -24,17 +23,6 @@ in {
|
|||
config = mkIf cfg.enable {
|
||||
programs.command-not-found.enable = false;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
screen
|
||||
];
|
||||
|
||||
# Starship is a fast and featureful shell prompt
|
||||
# starship.toml has sane defaults that can be changed there
|
||||
programs.starship = {
|
||||
enable = true;
|
||||
settings = import ./starship.toml.nix;
|
||||
};
|
||||
|
||||
home-manager = with pkgs;
|
||||
pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
|
||||
home.packages = [
|
||||
|
@ -55,25 +43,34 @@ in {
|
|||
];
|
||||
}))
|
||||
powerline
|
||||
screen
|
||||
silver-searcher
|
||||
watson
|
||||
];
|
||||
|
||||
# Starship is a fast and featureful shell prompt
|
||||
# starship.toml has sane defaults that can be changed there
|
||||
programs.starship = {
|
||||
enable = true;
|
||||
settings = import ./starship.toml.nix;
|
||||
};
|
||||
|
||||
programs.bash = import ./bash {
|
||||
inherit config;
|
||||
inherit pkgs;
|
||||
inherit self;
|
||||
inherit lib;
|
||||
};
|
||||
|
||||
programs.fzf = import ./fzf {
|
||||
inherit config;
|
||||
inherit pkgs;
|
||||
};
|
||||
|
||||
programs.neovim = import ./nvim {
|
||||
inherit config;
|
||||
inherit pkgs;
|
||||
inherit lib;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Before Width: | Height: | Size: 513 KiB After Width: | Height: | Size: 513 KiB |
|
@ -1,12 +1,16 @@
|
|||
{
|
||||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
cfg = config.pub-solar;
|
||||
in {
|
||||
}: let
|
||||
psCfg = config.pub-solar;
|
||||
in
|
||||
with lib; {
|
||||
imports = [
|
||||
./home.nix
|
||||
];
|
||||
|
||||
options.pub-solar = {
|
||||
user = {
|
||||
name = mkOption {
|
||||
|
@ -46,4 +50,37 @@ in {
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
users = {
|
||||
mutableUsers = false;
|
||||
|
||||
users = with pkgs;
|
||||
pkgs.lib.setAttrByPath [psCfg.user.name] {
|
||||
# Indicates whether this is an account for a “real” user.
|
||||
# This automatically sets group to users, createHome to true,
|
||||
# home to /home/username, useDefaultShell to true, and isSystemUser to false.
|
||||
isNormalUser = true;
|
||||
description = psCfg.user.description;
|
||||
extraGroups = [
|
||||
"input"
|
||||
"lp"
|
||||
"networkmanager"
|
||||
"scanner"
|
||||
"video"
|
||||
"dialout"
|
||||
"wheel"
|
||||
];
|
||||
shell = pkgs.bash;
|
||||
initialHashedPassword =
|
||||
if psCfg.user.password != null
|
||||
then psCfg.user.password
|
||||
else "";
|
||||
openssh.authorizedKeys.keys =
|
||||
if psCfg.user.publicKeys != null
|
||||
then psCfg.user.publicKeys
|
||||
else [];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -20,6 +20,7 @@ in {
|
|||
# paths it should manage.
|
||||
home.username = psCfg.user.name;
|
||||
home.homeDirectory = "/home/${psCfg.user.name}";
|
||||
home.stateVersion = "22.11";
|
||||
|
||||
home.packages = with pkgs; [];
|
||||
|
8
overlays/default.nix
Normal file
8
overlays/default.nix
Normal file
|
@ -0,0 +1,8 @@
|
|||
[
|
||||
(import ../pkgs)
|
||||
(import ./blesh.nix)
|
||||
(import ./manix.nix)
|
||||
(import ./rnix-lsp.nix)
|
||||
(import ./neovim-plugins.nix)
|
||||
(import ./signal-desktop.nix)
|
||||
]
|
|
@ -1,11 +0,0 @@
|
|||
{
|
||||
self,
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit (lib) fileContents;
|
||||
in {
|
||||
pub-solar.audio.enable = true;
|
||||
}
|
|
@ -1,43 +0,0 @@
|
|||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: let
|
||||
psCfg = config.pub-solar;
|
||||
in {
|
||||
imports = [
|
||||
./home.nix
|
||||
];
|
||||
|
||||
users = {
|
||||
mutableUsers = false;
|
||||
|
||||
users = with pkgs;
|
||||
pkgs.lib.setAttrByPath [psCfg.user.name] {
|
||||
# Indicates whether this is an account for a “real” user.
|
||||
# This automatically sets group to users, createHome to true,
|
||||
# home to /home/username, useDefaultShell to true, and isSystemUser to false.
|
||||
isNormalUser = true;
|
||||
description = psCfg.user.description;
|
||||
extraGroups = [
|
||||
"input"
|
||||
"lp"
|
||||
"networkmanager"
|
||||
"scanner"
|
||||
"video"
|
||||
"dialout"
|
||||
"wheel"
|
||||
];
|
||||
shell = pkgs.bash;
|
||||
initialHashedPassword =
|
||||
if psCfg.user.password != null
|
||||
then psCfg.user.password
|
||||
else "";
|
||||
openssh.authorizedKeys.keys =
|
||||
if psCfg.user.publicKeys != null
|
||||
then psCfg.user.publicKeys
|
||||
else [];
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,109 +0,0 @@
|
|||
{
|
||||
self,
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
inputs,
|
||||
...
|
||||
}: let
|
||||
inherit (lib) fileContents;
|
||||
in {
|
||||
# Sets nrdxp.cachix.org binary cache which just speeds up some builds
|
||||
imports = [../cachix];
|
||||
|
||||
config = {
|
||||
pub-solar.terminal-life.enable = true;
|
||||
pub-solar.audio.enable = true;
|
||||
pub-solar.crypto.enable = true;
|
||||
pub-solar.devops.enable = true;
|
||||
|
||||
# This is just a representation of the nix default
|
||||
nix.systemFeatures = ["nixos-test" "benchmark" "big-parallel" "kvm"];
|
||||
|
||||
environment = {
|
||||
systemPackages = with pkgs; [
|
||||
# Core unix utility packages
|
||||
coreutils-full
|
||||
progress
|
||||
dnsutils
|
||||
inetutils
|
||||
mtr
|
||||
pciutils
|
||||
usbutils
|
||||
gitFull
|
||||
git-lfs
|
||||
git-bug
|
||||
wget
|
||||
openssl
|
||||
openssh
|
||||
curl
|
||||
htop
|
||||
lsof
|
||||
psmisc
|
||||
xdg-utils
|
||||
sysfsutils
|
||||
renameutils
|
||||
nfs-utils
|
||||
moreutils
|
||||
mailutils
|
||||
keyutils
|
||||
input-utils
|
||||
elfutils
|
||||
binutils
|
||||
dateutils
|
||||
diffutils
|
||||
findutils
|
||||
exfat
|
||||
file
|
||||
|
||||
# zippit
|
||||
zip
|
||||
unzip
|
||||
|
||||
# Modern modern utilities
|
||||
p7zip
|
||||
croc
|
||||
jq
|
||||
|
||||
# Nix specific utilities
|
||||
niv
|
||||
manix
|
||||
nix-index
|
||||
nix-tree
|
||||
nixpkgs-review
|
||||
# Build broken, python2.7-PyJWT-2.0.1.drv' failed
|
||||
#nixops
|
||||
psos
|
||||
nvd
|
||||
|
||||
# Fun
|
||||
neofetch
|
||||
];
|
||||
};
|
||||
|
||||
fonts = {
|
||||
fonts = with pkgs; [powerline-fonts dejavu_fonts];
|
||||
|
||||
fontconfig.defaultFonts = {
|
||||
monospace = ["DejaVu Sans Mono for Powerline"];
|
||||
|
||||
sansSerif = ["DejaVu Sans"];
|
||||
};
|
||||
};
|
||||
|
||||
# For rage encryption, all hosts need a ssh key pair
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
openFirewall = lib.mkDefault true;
|
||||
passwordAuthentication = false;
|
||||
};
|
||||
|
||||
# Service that makes Out of Memory Killer more effective
|
||||
services.earlyoom.enable = true;
|
||||
|
||||
# Use latest LTS linux kernel by default
|
||||
boot.kernelPackages = pkgs.linuxPackages_5_15;
|
||||
|
||||
boot.supportedFilesystems = ["ntfs"];
|
||||
};
|
||||
}
|
|
@ -1,17 +0,0 @@
|
|||
{
|
||||
self,
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit (lib) fileContents;
|
||||
in {
|
||||
config = {
|
||||
pub-solar.audio.bluetooth.enable = true;
|
||||
pub-solar.docker.enable = true;
|
||||
pub-solar.nextcloud.enable = true;
|
||||
pub-solar.office.enable = true;
|
||||
# pub-solar.printing.enable = true; # this is enabled automatically if office is enabled
|
||||
};
|
||||
}
|
|
@ -1,11 +0,0 @@
|
|||
{
|
||||
self,
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit (lib) fileContents;
|
||||
in {
|
||||
pub-solar.gaming.enable = true;
|
||||
}
|
|
@ -1,12 +0,0 @@
|
|||
{
|
||||
self,
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit (lib) fileContents;
|
||||
in {
|
||||
pub-solar.graphical.enable = true;
|
||||
pub-solar.sway.enable = true;
|
||||
}
|
|
@ -1,13 +0,0 @@
|
|||
{
|
||||
self,
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit (lib) fileContents;
|
||||
in {
|
||||
pub-solar.graphical.enable = false;
|
||||
pub-solar.x-os.localProxyService.enable = false;
|
||||
pub-solar.sway.enable = false;
|
||||
}
|
|
@ -1,11 +0,0 @@
|
|||
{
|
||||
self,
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit (lib) fileContents;
|
||||
in {
|
||||
pub-solar.mobile.enable = true;
|
||||
}
|
|
@ -1,15 +0,0 @@
|
|||
{
|
||||
self,
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit (lib) fileContents;
|
||||
in {
|
||||
config = {
|
||||
pub-solar.graphical.wayland.software-renderer.enable = true;
|
||||
pub-solar.sway.terminal = "foot";
|
||||
pub-solar.core.iso-options.enable = true;
|
||||
};
|
||||
}
|
|
@ -1,11 +0,0 @@
|
|||
{
|
||||
self,
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit (lib) fileContents;
|
||||
in {
|
||||
pub-solar.social.enable = true;
|
||||
}
|
|
@ -1,11 +0,0 @@
|
|||
{
|
||||
self,
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit (lib) fileContents;
|
||||
in {
|
||||
pub-solar.virtualisation.enable = true;
|
||||
}
|
|
@ -2,7 +2,7 @@
|
|||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
self,
|
||||
flake,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
|
@ -10,13 +10,13 @@ with lib; let
|
|||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
in {
|
||||
age.secrets."cat-test.ovpn" = {
|
||||
file = "${self}/secrets/cat-test.ovpn";
|
||||
file = "${flake.self}/secrets/cat-test.ovpn";
|
||||
mode = "700";
|
||||
owner = psCfg.user.name;
|
||||
};
|
||||
|
||||
age.secrets.".fwknoprc" = {
|
||||
file = "${self}/secrets/.fwknoprc";
|
||||
file = "${flake.self}/secrets/.fwknoprc";
|
||||
mode = "600";
|
||||
};
|
||||
|
||||
|
|
|
@ -1,9 +1,8 @@
|
|||
{
|
||||
self,
|
||||
config,
|
||||
hmUsers,
|
||||
pkgs,
|
||||
lib,
|
||||
flake,
|
||||
...
|
||||
}: let
|
||||
psCfg = config.pub-solar;
|
||||
|
@ -14,12 +13,10 @@ in {
|
|||
];
|
||||
|
||||
config = {
|
||||
home-manager.users = {inherit (hmUsers) b12f;};
|
||||
|
||||
services.yubikey-agent.enable = true;
|
||||
|
||||
age.secrets.b12f-env-secrets = {
|
||||
file = "${self}/secrets/b12f-env-secrets";
|
||||
file = "${flake.self}/secrets/b12f-env-secrets";
|
||||
mode = "400";
|
||||
owner = psCfg.user.name;
|
||||
};
|
||||
|
@ -57,8 +54,12 @@ in {
|
|||
arduino.enable = true;
|
||||
email.enable = true;
|
||||
uhk.enable = true;
|
||||
social.enable = false;
|
||||
gaming.enable = false;
|
||||
mobile.enable = false;
|
||||
audio.spotify.enable = true;
|
||||
audio.spotify.username = "spotify@benjaminbaedorf.eu";
|
||||
audio.mopidy.enable = false;
|
||||
};
|
||||
|
||||
# Needed for the udev rules for solaar
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
self,
|
||||
flake,
|
||||
...
|
||||
}:
|
||||
with lib; let
|
||||
|
@ -14,8 +14,6 @@ in {
|
|||
./concepts-and-training.nix
|
||||
];
|
||||
|
||||
pub-solar.audio.mopidy.enable = false;
|
||||
|
||||
home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
|
||||
home.packages = with pkgs; [
|
||||
present-md
|
||||
|
@ -119,7 +117,7 @@ in {
|
|||
};
|
||||
|
||||
age.secrets."mopidy.conf" = {
|
||||
file = "${self}/secrets/mopidy.conf";
|
||||
file = "${flake.self}/secrets/mopidy.conf";
|
||||
mode = "700";
|
||||
owner = "b12f";
|
||||
};
|
||||
|
|
9
users/default.nix
Normal file
9
users/default.nix
Normal file
|
@ -0,0 +1,9 @@
|
|||
{
|
||||
flake = {
|
||||
nixosModules = rec {
|
||||
root = import ./root;
|
||||
b12f = import ./b12f;
|
||||
yule = import ./yule;
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,6 +1,4 @@
|
|||
{hmUsers, ...}: {
|
||||
home-manager.users = {inherit (hmUsers) pub-solar;};
|
||||
|
||||
{config, ...}: {
|
||||
pub-solar = {
|
||||
# These are your personal settings
|
||||
# The only required settings are `name` and `password`,
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
{
|
||||
config,
|
||||
hmUsers,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
|
@ -8,8 +7,6 @@
|
|||
psCfg = config.pub-solar;
|
||||
in {
|
||||
config = {
|
||||
home-manager.users = {inherit (hmUsers) yule;};
|
||||
|
||||
pub-solar = {
|
||||
# These are your personal settings
|
||||
# The only required settings are `name` and `password`,
|
||||
|
|
Loading…
Reference in a new issue