forked from pub-solar/os
Merge branch 'main' into teutat3s-init-fae
This commit is contained in:
commit
f33597926e
|
@ -29,7 +29,9 @@ expected. There are unstable versions (0._x_._x_) to help users keep track
|
||||||
of changes and progress, and a [`develop`](https://github.com/divnix/devos/tree/develop) branch for the brave 😜
|
of changes and progress, and a [`develop`](https://github.com/divnix/devos/tree/develop) branch for the brave 😜
|
||||||
|
|
||||||
## In the Wild
|
## In the Wild
|
||||||
* The original [authors][please]
|
* @Pacman99: [Personal](https://gitlab.com/coffeetables/lower), [Server](https://gitlab.com/coffeetables/myrdd)
|
||||||
|
* [@danielphan2003](https://github.com/danielphan2003/flk) and make sure to also check out [devos-ext-lib][devos-ext-lib]
|
||||||
|
* [PubSolarOS](https://git.sr.ht/~b12f/pub-solar-os)
|
||||||
|
|
||||||
## Shoulders
|
## Shoulders
|
||||||
This work does not reinvent the wheel. It stands on the [shoulders of the
|
This work does not reinvent the wheel. It stands on the [shoulders of the
|
||||||
|
@ -89,3 +91,4 @@ DevOS is licensed under the [MIT License][mit].
|
||||||
[nvfetcher]: https://github.com/berberman/nvfetcher
|
[nvfetcher]: https://github.com/berberman/nvfetcher
|
||||||
[please]: https://github.com/nrdxp/devos/tree/nrd
|
[please]: https://github.com/nrdxp/devos/tree/nrd
|
||||||
[matrix]: https://matrix.to/#/#devos:nixos.org
|
[matrix]: https://matrix.to/#/#devos:nixos.org
|
||||||
|
[devos-ext-lib]: https://github.com/divnix/devos-ext-lib
|
||||||
|
|
|
@ -37,9 +37,10 @@ User profiles can be collected in a similar fashion as system ones into a `suite
|
||||||
argument that gets passed to your home-manager users.
|
argument that gets passed to your home-manager users.
|
||||||
|
|
||||||
### Example
|
### Example
|
||||||
|
`flake.nix`
|
||||||
```nix
|
```nix
|
||||||
{
|
{
|
||||||
home-manager.users.nixos = { suites, ... }: {
|
home.users.nixos = { suites, ... }: {
|
||||||
imports = suites.base;
|
imports = suites.base;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -90,7 +90,7 @@ In any profile that uses a NixOS module that requires a secret you can enable a
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
Then you can just pass the path `/run/secrets/mysecret` to the module.
|
Then you can just pass the path `/run/agenix/mysecret` to the module.
|
||||||
|
|
||||||
You can make use of the many options provided by the age module to customize where and how
|
You can make use of the many options provided by the age module to customize where and how
|
||||||
secrets get decrypted. You can learn about them by looking at the
|
secrets get decrypted. You can learn about them by looking at the
|
||||||
|
|
130
flake.lock
130
flake.lock
|
@ -145,7 +145,6 @@
|
||||||
"deploy"
|
"deploy"
|
||||||
],
|
],
|
||||||
"devshell": "devshell",
|
"devshell": "devshell",
|
||||||
"flake-utils": "flake-utils_3",
|
|
||||||
"flake-utils-plus": "flake-utils-plus",
|
"flake-utils-plus": "flake-utils-plus",
|
||||||
"home-manager": [
|
"home-manager": [
|
||||||
"home"
|
"home"
|
||||||
|
@ -160,11 +159,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1640815524,
|
"lastModified": 1643510242,
|
||||||
"narHash": "sha256-ZzyS803XuCl99XE4581m0Suni+q1Hz+Mpw6A9bs7VKM=",
|
"narHash": "sha256-9C9DyJhQ5bevk0CEEjGct+U9EqUgHg8T70nxz47zjMI=",
|
||||||
"owner": "divnix",
|
"owner": "divnix",
|
||||||
"repo": "digga",
|
"repo": "digga",
|
||||||
"rev": "5c9417495d8ab8813377d7b990680258b9eb4cff",
|
"rev": "33bfb05b8a148d8ad6a842de74e22209bf9fe5d7",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -241,29 +240,29 @@
|
||||||
},
|
},
|
||||||
"flake-utils-plus": {
|
"flake-utils-plus": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": "flake-utils_4"
|
"flake-utils": "flake-utils_3"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1638994888,
|
"lastModified": 1639385028,
|
||||||
"narHash": "sha256-iz/ynGNZlvqKCOnFrEKqGA+BVKGQMG+g2JT+e3OOLN8=",
|
"narHash": "sha256-oqorKz3mwf7UuDJwlbCEYCB2LfcWLL0DkeCWhRIL820=",
|
||||||
"owner": "divnix",
|
"owner": "gytis-ivaskevicius",
|
||||||
"repo": "flake-utils-plus",
|
"repo": "flake-utils-plus",
|
||||||
"rev": "b4f9f517574cb7bd6ee3f19c72c19634c9f536e1",
|
"rev": "be1be083af014720c14f3b574f57b6173b4915d0",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "divnix",
|
"owner": "gytis-ivaskevicius",
|
||||||
"repo": "flake-utils-plus",
|
"repo": "flake-utils-plus",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"flake-utils_2": {
|
"flake-utils_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1638122382,
|
"lastModified": 1642700792,
|
||||||
"narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=",
|
"narHash": "sha256-XqHrk7hFb+zBvRg6Ghl+AZDq03ov6OshJLiSWOoX5es=",
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-utils",
|
||||||
"rev": "74f7e4319258e287b0f9cb95426c9853b282730b",
|
"rev": "846b2ae0fc4cc943637d3d1def4454213e203cba",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -289,38 +288,8 @@
|
||||||
},
|
},
|
||||||
"flake-utils_4": {
|
"flake-utils_4": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1638122382,
|
"lastModified": 1631561581,
|
||||||
"narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=",
|
"narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=",
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"rev": "74f7e4319258e287b0f9cb95426c9853b282730b",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"flake-utils_5": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1638122382,
|
|
||||||
"narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=",
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"rev": "74f7e4319258e287b0f9cb95426c9853b282730b",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "numtide",
|
|
||||||
"repo": "flake-utils",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"flake-utils_6": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1638122382,
|
|
||||||
"narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=",
|
|
||||||
"owner": "numtide",
|
"owner": "numtide",
|
||||||
"repo": "flake-utils",
|
"repo": "flake-utils",
|
||||||
"rev": "74f7e4319258e287b0f9cb95426c9853b282730b",
|
"rev": "74f7e4319258e287b0f9cb95426c9853b282730b",
|
||||||
|
@ -339,11 +308,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1639871969,
|
"lastModified": 1642653493,
|
||||||
"narHash": "sha256-6feWUnMygRzA9tzkrfAzpA5/NBYg75bkFxnqb1DtD7E=",
|
"narHash": "sha256-22mGPjiHUo2Jmze4IjXCJLjeK2mbvvCztHmUyUMr4yw=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "697cc8c68ed6a606296efbbe9614c32537078756",
|
"rev": "28b9ae40c45c5e7711c353fee1b7af734e293979",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -371,11 +340,11 @@
|
||||||
},
|
},
|
||||||
"latest_2": {
|
"latest_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1641887635,
|
"lastModified": 1643347846,
|
||||||
"narHash": "sha256-kDGpufwzVaiGe5e1sBUBPo9f1YN+nYHJlYqCaVpZTQQ=",
|
"narHash": "sha256-O0tyXF//ppRpe9yT1Uu5n34yI2MWDyY6ZiJ4Qn5zIkE=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "b2737d4980a17cc2b7d600d7d0b32fd7333aca88",
|
"rev": "5bb20f9dc70e9ee16e21cc404b6508654931ce41",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -426,11 +395,11 @@
|
||||||
},
|
},
|
||||||
"nixlib": {
|
"nixlib": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1640478849,
|
"lastModified": 1641688481,
|
||||||
"narHash": "sha256-S4lNc3fb9UpYgVtTa/mZZXphq7+xGy74YGIlOWB1ceE=",
|
"narHash": "sha256-6L+EU12xLDHby7y8elgFtRKVBxix+7qV8DhVgXqrKZo=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixpkgs.lib",
|
"repo": "nixpkgs.lib",
|
||||||
"rev": "c85a293f7d094a799dcf1197c31925bc44e94d6b",
|
"rev": "f697717b3d3a074ffc16c8c8227504f0db292886",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -441,11 +410,11 @@
|
||||||
},
|
},
|
||||||
"nixos": {
|
"nixos": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1642068274,
|
"lastModified": 1643463207,
|
||||||
"narHash": "sha256-uncr2I2z6Y2ghTdm0VDzTPjPtBsaGpsb17HgL/fGDdg=",
|
"narHash": "sha256-W0azAxucUq84BvWqDPt3gX8kyc8wYvGUynZV9COfByQ=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "00d17d8ddc4c12bae0cd750eb2bb51ee813a5301",
|
"rev": "03098169624f487eef37186b3214c40e6b6e919d",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -458,7 +427,10 @@
|
||||||
"nixos-generators": {
|
"nixos-generators": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixlib": "nixlib",
|
"nixlib": "nixlib",
|
||||||
"nixpkgs": "nixpkgs_4"
|
"nixpkgs": [
|
||||||
|
"digga",
|
||||||
|
"blank"
|
||||||
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1637655461,
|
"lastModified": 1637655461,
|
||||||
|
@ -491,11 +463,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1640861606,
|
"lastModified": 1643428210,
|
||||||
"narHash": "sha256-AQ+84X0wbu8TqijaVcfAgldnV8AIFkbzXlyILuqub8o=",
|
"narHash": "sha256-ympCeHuXeGitpnegE0raAtWLNg3vZbjj5QbbMvvBGCQ=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "c1792db42df222b0ec570bd774488f48aa0c91b1",
|
"rev": "e1b353e890801a759efe9a4c42f6984e47721f0d",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -507,11 +479,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1640897803,
|
"lastModified": 1643513770,
|
||||||
"narHash": "sha256-FfBWDDz0/pgb+qtf6RGIkrsA1SW8lv77eUpm5xijTQQ=",
|
"narHash": "sha256-Q64SabfQLuhHQfhpIHS/fLCEO2NUFnI+EKsB5GnfWh8=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "0e57783d3a9ff01d3ace41d9f75d84b865285746",
|
"rev": "66ab3568d67b90275c0720aae8b911bad82c24fe",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -520,34 +492,18 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs_3": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1638986258,
|
|
||||||
"narHash": "sha256-OceRdctKZRSgqQxVRvvNB0MaEnFMzQqjUffecoDE9eI=",
|
|
||||||
"owner": "nixos",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"rev": "581d2d6c9cd5c289002203581d8aa0861963a933",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "nixos",
|
|
||||||
"ref": "nixos-unstable",
|
|
||||||
"repo": "nixpkgs",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"nixpkgs_4": {
|
"nixpkgs_4": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1640418986,
|
"lastModified": 1636976544,
|
||||||
"narHash": "sha256-a8GGtxn2iL3WAkY5H+4E0s3Q7XJt6bTOvos9qqxT5OQ=",
|
"narHash": "sha256-9ZmdyoRz4Qu8bP5BKR1T10YbzcB9nvCeQjOEw2cRKR0=",
|
||||||
"owner": "NixOS",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "5c37ad87222cfc1ec36d6cd1364514a9efc2f7f2",
|
"rev": "931ab058daa7e4cd539533963f95e2bb0dbd41e6",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "NixOS",
|
"owner": "nixos",
|
||||||
"ref": "nixpkgs-unstable",
|
"ref": "nixos-unstable",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
@ -584,7 +540,7 @@
|
||||||
"nvfetcher": {
|
"nvfetcher": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-compat": "flake-compat_2",
|
"flake-compat": "flake-compat_2",
|
||||||
"flake-utils": "flake-utils_6",
|
"flake-utils": "flake-utils_4",
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
"nixos"
|
"nixos"
|
||||||
]
|
]
|
||||||
|
|
|
@ -37,6 +37,7 @@ in
|
||||||
no = "manix \"\" | grep '^# ' | sed 's/^# \(.*\) (.*/\1/;s/ (.*//;s/^# //' | fzf --preview=\"manix '{}'\" | xargs manix";
|
no = "manix \"\" | grep '^# ' | sed 's/^# \(.*\) (.*/\1/;s/ (.*//;s/^# //' | fzf --preview=\"manix '{}'\" | xargs manix";
|
||||||
# fix nixos-option
|
# fix nixos-option
|
||||||
nixos-option = "nixos-option -I nixpkgs=${self}/lib/compat";
|
nixos-option = "nixos-option -I nixpkgs=${self}/lib/compat";
|
||||||
|
myip = "dig +short myip.opendns.com @208.67.222.222 2>&1";
|
||||||
};
|
};
|
||||||
zplug = {
|
zplug = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -24,9 +24,6 @@ channels: final: prev: {
|
||||||
looking-glass-client
|
looking-glass-client
|
||||||
;
|
;
|
||||||
|
|
||||||
# nix is set to 2.3 in 21.11
|
|
||||||
nix-direnv = prev.nix-direnv.override { nix_2_4 = true; };
|
|
||||||
|
|
||||||
haskellPackages = prev.haskellPackages.override
|
haskellPackages = prev.haskellPackages.override
|
||||||
(old: {
|
(old: {
|
||||||
overrides = prev.lib.composeExtensions (old.overrides or (_: _: { })) (hfinal: hprev:
|
overrides = prev.lib.composeExtensions (old.overrides or (_: _: { })) (hfinal: hprev:
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
let inherit (lib) fileContents;
|
let inherit (lib) fileContents;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
# Sets nrdxp.cachix.org binary cache which just speeds up some builds
|
||||||
imports = [ ../cachix ];
|
imports = [ ../cachix ];
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
|
@ -10,6 +11,7 @@ in
|
||||||
pub-solar.crypto.enable = true;
|
pub-solar.crypto.enable = true;
|
||||||
pub-solar.devops.enable = true;
|
pub-solar.devops.enable = true;
|
||||||
|
|
||||||
|
# This is just a representation of the nix default
|
||||||
nix.systemFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
nix.systemFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
||||||
|
|
||||||
environment = {
|
environment = {
|
||||||
|
@ -85,20 +87,21 @@ in
|
||||||
};
|
};
|
||||||
|
|
||||||
nix = {
|
nix = {
|
||||||
|
# use nix-dram, a patched nix command, see: https://github.com/dramforever/nix-dram
|
||||||
package = pkgs.nix-dram;
|
package = pkgs.nix-dram;
|
||||||
|
|
||||||
|
# Improve nix store disk usage
|
||||||
autoOptimiseStore = true;
|
autoOptimiseStore = true;
|
||||||
|
|
||||||
gc.automatic = true;
|
gc.automatic = true;
|
||||||
|
|
||||||
optimise.automatic = true;
|
optimise.automatic = true;
|
||||||
|
|
||||||
|
# Prevents impurities in builds
|
||||||
useSandbox = true;
|
useSandbox = true;
|
||||||
|
|
||||||
allowedUsers = [ "@wheel" ];
|
# give root and @wheel special privileges with nix
|
||||||
|
|
||||||
trustedUsers = [ "root" "@wheel" ];
|
trustedUsers = [ "root" "@wheel" ];
|
||||||
|
|
||||||
|
# Generally useful nix option defaults
|
||||||
extraOptions = ''
|
extraOptions = ''
|
||||||
min-free = 536870912
|
min-free = 536870912
|
||||||
keep-outputs = true
|
keep-outputs = true
|
||||||
|
@ -111,12 +114,7 @@ in
|
||||||
|
|
||||||
system.autoUpgrade.enable = true;
|
system.autoUpgrade.enable = true;
|
||||||
|
|
||||||
# For rage encryption, all hosts need a ssh key pair
|
# Service that makes Out of Memory Killer more effective
|
||||||
services.openssh = {
|
|
||||||
enable = true;
|
|
||||||
openFirewall = lib.mkDefault false;
|
|
||||||
};
|
|
||||||
|
|
||||||
services.earlyoom.enable = true;
|
services.earlyoom.enable = true;
|
||||||
|
|
||||||
boot.supportedFilesystems = [ "ntfs" ];
|
boot.supportedFilesystems = [ "ntfs" ];
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
git clone https://github.com/divnix/devos.git "${2:-devos}"
|
nix flake new -t "github:divnix/devos/main" "${2:-devos}"
|
||||||
|
|
Loading…
Reference in a new issue