mirror of
https://github.com/ivabus/nixos
synced 2024-11-21 16:05:07 +03:00
Call nixfmt for the first time
Signed-off-by: Ivan Bushchik <ivabus@ivabus.dev>
This commit is contained in:
parent
6c7e4a2946
commit
9de8497113
35 changed files with 239 additions and 299 deletions
|
@ -10,4 +10,4 @@
|
|||
./stateless.nix
|
||||
./user.nix
|
||||
];
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,11 +1,8 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
cfg = config.my.git;
|
||||
let cfg = config.my.git;
|
||||
in {
|
||||
options = {
|
||||
my.git.enable = lib.mkEnableOption "Enable git configuration";
|
||||
};
|
||||
options = { my.git.enable = lib.mkEnableOption "Enable git configuration"; };
|
||||
|
||||
config = lib.mkIf (cfg.enable) {
|
||||
home-manager.useGlobalPkgs = true;
|
||||
|
@ -22,4 +19,4 @@ in {
|
|||
home.stateVersion = "23.05";
|
||||
};
|
||||
};
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
cfg = config.my.laptop;
|
||||
let cfg = config.my.laptop;
|
||||
in {
|
||||
options = {
|
||||
my.laptop.enable = lib.mkEnableOption "Laptop-specific configuration";
|
||||
|
@ -9,9 +8,7 @@ in {
|
|||
|
||||
config = lib.mkIf (cfg.enable) {
|
||||
networking.wireless.iwd.enable = true;
|
||||
environment.systemPackages = with pkgs; [
|
||||
lm_sensors
|
||||
];
|
||||
environment.systemPackages = with pkgs; [ lm_sensors ];
|
||||
|
||||
hardware.bluetooth.enable = true;
|
||||
services.blueman.enable = true;
|
||||
|
|
|
@ -4,10 +4,10 @@
|
|||
time.timeZone = "Europe/Moscow";
|
||||
|
||||
i18n.defaultLocale = "ru_RU.UTF-8";
|
||||
|
||||
|
||||
console = {
|
||||
font = "${pkgs.terminus_font}/share/consolefonts/ter-u24b.psf.gz";
|
||||
keyMap = "us";
|
||||
packages = with pkgs; [ terminus_font ];
|
||||
};
|
||||
}
|
||||
}
|
||||
|
|
|
@ -16,10 +16,8 @@
|
|||
};
|
||||
|
||||
# Used by systemd-resolved, not directly by resolv.conf.
|
||||
networking.nameservers = [
|
||||
"8.8.8.8#dns.google"
|
||||
"1.0.0.1#cloudflare-dns.com"
|
||||
];
|
||||
networking.nameservers =
|
||||
[ "8.8.8.8#dns.google" "1.0.0.1#cloudflare-dns.com" ];
|
||||
|
||||
networking.enableIPv6 = true;
|
||||
|
||||
|
@ -37,7 +35,8 @@
|
|||
};
|
||||
|
||||
services.chrony.enable = true;
|
||||
networking.timeServers = [ "ntp1.vniiftri.ru" "0.ru.pool.ntp.org" "0.pool.ntp.org" ];
|
||||
networking.timeServers =
|
||||
[ "ntp1.vniiftri.ru" "0.ru.pool.ntp.org" "0.pool.ntp.org" ];
|
||||
|
||||
# Useful tools
|
||||
boot.kernelModules = [ "af_packet" ];
|
||||
|
|
|
@ -4,14 +4,14 @@
|
|||
services.openssh = {
|
||||
enable = true;
|
||||
settings.PasswordAuthentication = false;
|
||||
|
||||
|
||||
# Cute banner, r-right?
|
||||
banner = ''
|
||||
|
||||
Authorized access only!
|
||||
Authorized access only!
|
||||
|
||||
If you are not authorized to access or use this system, disconnect now!
|
||||
If you are not authorized to access or use this system, disconnect now!
|
||||
|
||||
'';
|
||||
};
|
||||
}
|
||||
}
|
||||
|
|
|
@ -5,4 +5,4 @@
|
|||
"vm.panic_on_oom" = true;
|
||||
"kernel.panic" = 3;
|
||||
};
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
let
|
||||
my = import ../.;
|
||||
let my = import ../.;
|
||||
in rec {
|
||||
users.mutableUsers = false;
|
||||
|
||||
|
@ -33,15 +32,13 @@ in rec {
|
|||
hashedPassword = my.secrets.hashed-password;
|
||||
};
|
||||
|
||||
|
||||
users.users.root = {
|
||||
hashedPassword = null;
|
||||
openssh.authorizedKeys.keys = users.users.ivabus.openssh.authorizedKeys.keys;
|
||||
openssh.authorizedKeys.keys =
|
||||
users.users.ivabus.openssh.authorizedKeys.keys;
|
||||
};
|
||||
|
||||
programs.zsh = {
|
||||
enable = true;
|
||||
};
|
||||
programs.zsh = { enable = true; };
|
||||
|
||||
programs.gnupg.agent.enable = true;
|
||||
programs.ssh.startAgent = true;
|
||||
|
|
|
@ -3,10 +3,5 @@ rec {
|
|||
roles = import ./roles;
|
||||
secrets = import ./secrets.nix;
|
||||
|
||||
modules = { pkgs, ... }: {
|
||||
imports = [
|
||||
common
|
||||
roles
|
||||
];
|
||||
};
|
||||
modules = { pkgs, ... }: { imports = [ common roles ]; };
|
||||
}
|
||||
|
|
77
flake.nix
77
flake.nix
|
@ -11,57 +11,50 @@
|
|||
apple-silicon-support.url = "github:tpwrules/nixos-apple-silicon";
|
||||
};
|
||||
|
||||
outputs =
|
||||
{ self, nixpkgs, home-manager, apple-silicon-support, ... }@inputs: {
|
||||
# Stella = Unchartevice 6540 (Ryzen 3 3250U, 16GB RAM)
|
||||
nixosConfigurations."stella" = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = [ home-manager.nixosModules.home-manager ./machines/stella ];
|
||||
};
|
||||
|
||||
outputs = { self, nixpkgs, home-manager, apple-silicon-support, ... }@inputs: {
|
||||
# Stella = Unchartevice 6540 (Ryzen 3 3250U, 16GB RAM)
|
||||
nixosConfigurations."stella" = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
home-manager.nixosModules.home-manager
|
||||
./machines/stella
|
||||
];
|
||||
};
|
||||
# Vetus = iMac 27" 2017, i5, 64 GB RAM
|
||||
nixosConfigurations."vetus" = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = [ home-manager.nixosModules.home-manager ./machines/vetus ];
|
||||
};
|
||||
|
||||
# Vetus = iMac 27" 2017, i5, 64 GB RAM
|
||||
nixosConfigurations."vetus" = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
home-manager.nixosModules.home-manager
|
||||
./machines/vetus
|
||||
];
|
||||
};
|
||||
# Celerrime = MacBook Air M2
|
||||
nixosConfigurations."celerrime" = nixpkgs.lib.nixosSystem {
|
||||
system = "aarch64-linux";
|
||||
modules = [
|
||||
home-manager.nixosModules.home-manager
|
||||
apple-silicon-support.nixosModules.apple-silicon-support
|
||||
./machines/celerrime
|
||||
];
|
||||
};
|
||||
|
||||
# Celerrime = MacBook Air M2
|
||||
nixosConfigurations."celerrime" = nixpkgs.lib.nixosSystem {
|
||||
system = "aarch64-linux";
|
||||
modules = [
|
||||
home-manager.nixosModules.home-manager
|
||||
apple-silicon-support.nixosModules.apple-silicon-support
|
||||
./machines/celerrime
|
||||
];
|
||||
};
|
||||
|
||||
# Raspberry Pi 4B 2GB RAM
|
||||
nixosConfigurations."rubusidaeus" = nixpkgs.lib.nixosSystem {
|
||||
# Raspberry Pi 4B 2GB RAM
|
||||
nixosConfigurations."rubusidaeus" = nixpkgs.lib.nixosSystem {
|
||||
system = "aarch64-linux";
|
||||
modules = [
|
||||
"${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
|
||||
home-manager.nixosModules.home-manager
|
||||
./machines/rubusidaeus
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
/* These machines will be configured later. */
|
||||
/*
|
||||
# Effundam = MacBook Air M1 (server usage). Will not be added to flake.nix until thunderbolt and apfs proper support
|
||||
nixosConfigurations."effundam" = nixpkgs.lib.nixosSystem {
|
||||
system = "aarch64-linux";
|
||||
modules = [
|
||||
home-manager.nixosModules.home-manager
|
||||
apple-silicon-support.nixosModules.apple-silicon-support
|
||||
./machines/effundam
|
||||
];
|
||||
# These machines will be configured later.
|
||||
/* # Effundam = MacBook Air M1 (server usage). Will not be added to flake.nix until thunderbolt and apfs proper support
|
||||
nixosConfigurations."effundam" = nixpkgs.lib.nixosSystem {
|
||||
system = "aarch64-linux";
|
||||
modules = [
|
||||
home-manager.nixosModules.home-manager
|
||||
apple-silicon-support.nixosModules.apple-silicon-support
|
||||
./machines/effundam
|
||||
];
|
||||
};
|
||||
*/
|
||||
};
|
||||
*/
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,10 +1,11 @@
|
|||
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
overlay = final: super: {
|
||||
makeModulesClosure = x:
|
||||
super.makeModulesClosure (x // { allowMissing = true; }); # Ignores missing kernel modules (can't build image without this fix)
|
||||
super.makeModulesClosure (x // {
|
||||
allowMissing = true;
|
||||
}); # Ignores missing kernel modules (can't build image without this fix)
|
||||
};
|
||||
in {
|
||||
|
||||
|
|
|
@ -1,12 +1,8 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
let
|
||||
my = import ../..;
|
||||
let my = import ../..;
|
||||
in {
|
||||
imports = [
|
||||
./hardware.nix
|
||||
my.modules
|
||||
];
|
||||
imports = [ ./hardware.nix my.modules ];
|
||||
|
||||
networking.hostName = "celerrime";
|
||||
|
||||
|
@ -28,9 +24,7 @@ in {
|
|||
virtualisation.enable = false;
|
||||
yggdrasil-client.enable = true;
|
||||
|
||||
server = {
|
||||
ivabus-dev.enable = true;
|
||||
};
|
||||
server = { ivabus-dev.enable = true; };
|
||||
};
|
||||
|
||||
networking.useDHCP = true;
|
||||
|
@ -40,9 +34,8 @@ in {
|
|||
hardware.asahi.addEdgeKernelConfig = true;
|
||||
hardware.asahi.useExperimentalGPUDriver = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
(retroarch.override { cores = with libretro; [ np2kai ];})
|
||||
];
|
||||
environment.systemPackages = with pkgs;
|
||||
[ (retroarch.override { cores = with libretro; [ np2kai ]; }) ];
|
||||
|
||||
system.stateVersion = "23.05";
|
||||
}
|
||||
|
|
|
@ -1,32 +1,30 @@
|
|||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "usb_storage" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/aed0b311-8954-4164-afc3-9e7c6a2d8c2a";
|
||||
fsType = "ext4";
|
||||
};
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-uuid/aed0b311-8954-4164-afc3-9e7c6a2d8c2a";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/8551d309-afe6-4a25-b571-b2cb1eff7c09";
|
||||
boot.initrd.luks.devices."cryptroot".device =
|
||||
"/dev/disk/by-uuid/8551d309-afe6-4a25-b571-b2cb1eff7c09";
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/771E-1309";
|
||||
fsType = "vfat";
|
||||
};
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/771E-1309";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ {
|
||||
device = "/dev/disk/by-partuuid/dace6477-697e-4bba-aede-eb0e9f7a28ff";
|
||||
randomEncryption.enable = true;
|
||||
} ];
|
||||
swapDevices = [{
|
||||
device = "/dev/disk/by-partuuid/dace6477-697e-4bba-aede-eb0e9f7a28ff";
|
||||
randomEncryption.enable = true;
|
||||
}];
|
||||
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
|
||||
|
|
|
@ -1,8 +1,6 @@
|
|||
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
my = import ../..;
|
||||
let my = import ../..;
|
||||
in {
|
||||
imports = [
|
||||
./hardware.nix # Use nixos-generate-config --show-hardware-config > /etc/nixos/machines/MACHINE/hardware.nix
|
||||
|
|
|
@ -1,13 +1,8 @@
|
|||
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
my = import ../..;
|
||||
let my = import ../..;
|
||||
in {
|
||||
imports = [
|
||||
my.modules
|
||||
../../hardware/rpi4.nix
|
||||
];
|
||||
imports = [ my.modules ../../hardware/rpi4.nix ];
|
||||
|
||||
networking.hostName = "rubusidaeus";
|
||||
|
||||
|
|
|
@ -1,13 +1,8 @@
|
|||
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
my = import ../..;
|
||||
let my = import ../..;
|
||||
in {
|
||||
imports = [
|
||||
./hardware.nix
|
||||
my.modules
|
||||
];
|
||||
imports = [ ./hardware.nix my.modules ];
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
@ -28,8 +23,8 @@ in {
|
|||
yggdrasil-client.enable = true;
|
||||
};
|
||||
|
||||
services.xserver.videoDrivers=["amdgpu"];
|
||||
boot.initrd.kernelModules=["amdgpu"];
|
||||
services.xserver.videoDrivers = [ "amdgpu" ];
|
||||
boot.initrd.kernelModules = [ "amdgpu" ];
|
||||
|
||||
powerManagement = {
|
||||
enable = true;
|
||||
|
|
|
@ -1,36 +1,36 @@
|
|||
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" ];
|
||||
boot.initrd.availableKernelModules =
|
||||
[ "xhci_pci" "ahci" "usb_storage" "sd_mod" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-amd" "nct6775" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
environment.etc = {
|
||||
"sysconfig/lm_sensors".text = ''
|
||||
HWMON_MODULES="lm75"
|
||||
'';
|
||||
"sysconfig/lm_sensors".text = ''
|
||||
HWMON_MODULES="lm75"
|
||||
'';
|
||||
};
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/e9d47776-8f25-490b-9ea3-ee80ab9d6110";
|
||||
fsType = "btrfs";
|
||||
};
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-uuid/e9d47776-8f25-490b-9ea3-ee80ab9d6110";
|
||||
fsType = "btrfs";
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/c2e3757b-b29c-4797-9535-084eb71351e9";
|
||||
boot.initrd.luks.devices."cryptroot".device =
|
||||
"/dev/disk/by-uuid/c2e3757b-b29c-4797-9535-084eb71351e9";
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/4F73-6FFF";
|
||||
fsType = "vfat";
|
||||
};
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/4F73-6FFF";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
hardware.cpu.amd.updateMicrocode =
|
||||
lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
||||
|
|
|
@ -1,13 +1,8 @@
|
|||
|
||||
{ config, pkgs, ... }:
|
||||
|
||||
let
|
||||
my = import ../..;
|
||||
let my = import ../..;
|
||||
in {
|
||||
imports = [
|
||||
./hardware.nix
|
||||
my.modules
|
||||
];
|
||||
imports = [ ./hardware.nix my.modules ];
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
@ -28,9 +23,9 @@ in {
|
|||
|
||||
networking.useDHCP = true;
|
||||
|
||||
services.xserver.videoDrivers=["amdgpu"];
|
||||
boot.initrd.kernelModules=["amdgpu"];
|
||||
|
||||
services.xserver.videoDrivers = [ "amdgpu" ];
|
||||
boot.initrd.kernelModules = [ "amdgpu" ];
|
||||
|
||||
system.stateVersion = "23.05";
|
||||
}
|
||||
|
||||
|
|
|
@ -1,29 +1,31 @@
|
|||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/hardware/network/broadcom-43xx.nix")
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
imports = [
|
||||
(modulesPath + "/hardware/network/broadcom-43xx.nix")
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
|
||||
boot.initrd.availableKernelModules =
|
||||
[ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/nvme0n1p2";
|
||||
fsType = "btrfs";
|
||||
};
|
||||
fileSystems."/" = {
|
||||
device = "/dev/nvme0n1p2";
|
||||
fsType = "btrfs";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/B167-E1D3";
|
||||
fsType = "vfat";
|
||||
};
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/B167-E1D3";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
hardware.cpu.intel.updateMicrocode =
|
||||
lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs ? import <nixpkgs> {}, bundlerEnv, ... }:
|
||||
{ pkgs ? import <nixpkgs> { }, bundlerEnv, ... }:
|
||||
let
|
||||
version = "130812885aee9f2e0a5f6a4b534a3b6b68431554";
|
||||
repo = builtins.fetchGit {
|
||||
|
|
|
@ -14,4 +14,4 @@
|
|||
./server/nginx.nix
|
||||
./server/ivabus-dev.nix
|
||||
];
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,14 +1,10 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
cfg = config.my.roles.design;
|
||||
let cfg = config.my.roles.design;
|
||||
in {
|
||||
options.my.roles.design.enable = lib.mkEnableOption "Enable design-specific programs";
|
||||
options.my.roles.design.enable =
|
||||
lib.mkEnableOption "Enable design-specific programs";
|
||||
config = lib.mkIf (cfg.enable) {
|
||||
environment.systemPackages = with pkgs; [
|
||||
inkscape
|
||||
gimp
|
||||
imagemagick
|
||||
];
|
||||
environment.systemPackages = with pkgs; [ inkscape gimp imagemagick ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,10 +1,11 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
cfg = config.my.roles.devel;
|
||||
let cfg = config.my.roles.devel;
|
||||
in {
|
||||
options.my.roles.devel.enable = lib.mkEnableOption "Enable tools for development programs";
|
||||
config = lib.mkIf (cfg.enable) ( lib.mkMerge [{
|
||||
options.my.roles.devel.enable =
|
||||
lib.mkEnableOption "Enable tools for development programs";
|
||||
config = lib.mkIf (cfg.enable) (lib.mkMerge [
|
||||
{
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
environment.systemPackages = with pkgs; [
|
||||
rustc
|
||||
|
@ -25,21 +26,27 @@ in {
|
|||
];
|
||||
}
|
||||
# Architecture-specific packages and configuration
|
||||
(lib.mkIf (!pkgs.stdenv.isAarch64) {boot.binfmt.emulatedSystems = [ "aarch64-linux" ];})
|
||||
(lib.mkIf (!pkgs.stdenv.isAarch32) {boot.binfmt.emulatedSystems = [ "armv6l-linux" ];})
|
||||
(lib.mkIf (!pkgs.stdenv.isx86_64) {boot.binfmt.emulatedSystems = [ "x86_64-linux" "i686-linux" ];})
|
||||
(lib.mkIf (!pkgs.stdenv.isAarch64) {
|
||||
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
||||
})
|
||||
(lib.mkIf (!pkgs.stdenv.isAarch32) {
|
||||
boot.binfmt.emulatedSystems = [ "armv6l-linux" ];
|
||||
})
|
||||
(lib.mkIf (!pkgs.stdenv.isx86_64) {
|
||||
boot.binfmt.emulatedSystems = [ "x86_64-linux" "i686-linux" ];
|
||||
})
|
||||
# Remove CLion from builds while I'm semi-online
|
||||
# Install CLion only if we are on x86_64
|
||||
/*(lib.mkIf (pkgs.stdenv.isx86_64) {
|
||||
environment.systemPackages = with pkgs; [
|
||||
jetbrains.clion
|
||||
];
|
||||
})*/
|
||||
/* (lib.mkIf (pkgs.stdenv.isx86_64) {
|
||||
environment.systemPackages = with pkgs; [
|
||||
jetbrains.clion
|
||||
];
|
||||
})
|
||||
*/
|
||||
# Install vscode only if we are on x86_64 or aarch64 or aarch32
|
||||
(lib.mkIf (pkgs.stdenv.isx86_64 || pkgs.stdenv.isAarch64 || pkgs.stdenv.isAarch32) {
|
||||
environment.systemPackages = with pkgs; [
|
||||
vscode
|
||||
];
|
||||
})
|
||||
(lib.mkIf
|
||||
(pkgs.stdenv.isx86_64 || pkgs.stdenv.isAarch64 || pkgs.stdenv.isAarch32) {
|
||||
environment.systemPackages = with pkgs; [ vscode ];
|
||||
})
|
||||
]);
|
||||
}
|
||||
|
|
|
@ -1,28 +1,29 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
cfg = config.my.roles.gaming;
|
||||
let cfg = config.my.roles.gaming;
|
||||
in {
|
||||
options.my.roles.gaming.enable = lib.mkEnableOption "Enable wine & steam";
|
||||
config = lib.mkIf (cfg.enable) ( lib.mkMerge [{
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
hardware.opengl.driSupport32Bit = true;
|
||||
services.pipewire.alsa.support32Bit = true;
|
||||
environment.systemPackages = with pkgs; [
|
||||
wineWowPackages.stable
|
||||
wine
|
||||
(wine.override { wineBuild = "wine64"; })
|
||||
wineWowPackages.staging
|
||||
winetricks
|
||||
wineWowPackages.waylandFull
|
||||
(retroarch.override { cores = with libretro; [ np2kai ];})
|
||||
];
|
||||
}
|
||||
# Enable steam only on x86_64 (since I have hosts with ARM, but I don't think I will enable my.roles.gaming on ARM system soon)
|
||||
(lib.mkIf(pkgs.stdenv.isx86_64) {
|
||||
programs.steam.enable = true; # Firewall ports used by Steam in-home streaming.
|
||||
networking.firewall.allowedTCPPorts = [ 27036 27037 ];
|
||||
networking.firewall.allowedUDPPorts = [ 27031 27036 ];
|
||||
config = lib.mkIf (cfg.enable) (lib.mkMerge [
|
||||
{
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
hardware.opengl.driSupport32Bit = true;
|
||||
services.pipewire.alsa.support32Bit = true;
|
||||
environment.systemPackages = with pkgs; [
|
||||
wineWowPackages.stable
|
||||
wine
|
||||
(wine.override { wineBuild = "wine64"; })
|
||||
wineWowPackages.staging
|
||||
winetricks
|
||||
wineWowPackages.waylandFull
|
||||
(retroarch.override { cores = with libretro; [ np2kai ]; })
|
||||
];
|
||||
}
|
||||
# Enable steam only on x86_64 (since I have hosts with ARM, but I don't think I will enable my.roles.gaming on ARM system soon)
|
||||
(lib.mkIf (pkgs.stdenv.isx86_64) {
|
||||
programs.steam.enable =
|
||||
true; # Firewall ports used by Steam in-home streaming.
|
||||
networking.firewall.allowedTCPPorts = [ 27036 27037 ];
|
||||
networking.firewall.allowedUDPPorts = [ 27031 27036 ];
|
||||
})
|
||||
]);
|
||||
}
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
cfg = config.my.roles.graphical;
|
||||
let cfg = config.my.roles.graphical;
|
||||
in {
|
||||
options.my.roles.graphical.enable = lib.mkEnableOption "Enable GUI";
|
||||
config = lib.mkIf (cfg.enable) {
|
||||
|
@ -85,7 +84,8 @@ in {
|
|||
roboto-mono
|
||||
kochi-substitute
|
||||
];
|
||||
environment.sessionVariables.NIXOS_OZONE_WL = "1"; # Enable wayland for electron
|
||||
environment.sessionVariables.NIXOS_OZONE_WL =
|
||||
"1"; # Enable wayland for electron
|
||||
home-manager.users.ivabus = {
|
||||
gtk = {
|
||||
enable = true;
|
||||
|
|
|
@ -1,14 +1,14 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
cfg = config.my.roles.latex;
|
||||
let cfg = config.my.roles.latex;
|
||||
in {
|
||||
options.my.roles.latex.enable = lib.mkEnableOption "Enable latex stuff";
|
||||
config = lib.mkIf (cfg.enable){
|
||||
environment.systemPackages = with pkgs; [
|
||||
# Maybe I don't need to use -full variant of texlive
|
||||
# TODO: I should find distribution I actually need
|
||||
texlive.combined.scheme-full
|
||||
];
|
||||
config = lib.mkIf (cfg.enable) {
|
||||
environment.systemPackages = with pkgs;
|
||||
[
|
||||
# Maybe I don't need to use -full variant of texlive
|
||||
# TODO: I should find distribution I actually need
|
||||
texlive.combined.scheme-full
|
||||
];
|
||||
};
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,13 +1,10 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
cfg = config.my.roles.media-client;
|
||||
let cfg = config.my.roles.media-client;
|
||||
in {
|
||||
options.my.roles.media-client.enable = lib.mkEnableOption "Enable media players, downloaders, etc.";
|
||||
config = lib.mkIf (cfg.enable){
|
||||
environment.systemPackages = with pkgs; [
|
||||
vlc
|
||||
yt-dlp ffmpeg
|
||||
];
|
||||
options.my.roles.media-client.enable =
|
||||
lib.mkEnableOption "Enable media players, downloaders, etc.";
|
||||
config = lib.mkIf (cfg.enable) {
|
||||
environment.systemPackages = with pkgs; [ vlc yt-dlp ffmpeg ];
|
||||
};
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,13 +1,12 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
cfg = config.my.roles.ntp-server;
|
||||
let cfg = config.my.roles.ntp-server;
|
||||
in {
|
||||
options.my.roles.ntp-server.enable = lib.mkEnableOption "Enable NTP server";
|
||||
config = lib.mkIf (cfg.enable) {
|
||||
services.chrony.extraConfig = ''
|
||||
allow 192.168.0.0/16
|
||||
'';
|
||||
services.chrony.extraConfig = ''
|
||||
allow 192.168.0.0/16
|
||||
'';
|
||||
networking.firewall.allowedUDPPorts = [ 123 ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,15 +1,14 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
cfg = config.my.roles.server.ivabus-dev;
|
||||
in
|
||||
{
|
||||
options.my.roles.server.ivabus-dev.enable = lib.mkEnableOption "Serve ivabus.dev";
|
||||
let cfg = config.my.roles.server.ivabus-dev;
|
||||
in {
|
||||
options.my.roles.server.ivabus-dev.enable =
|
||||
lib.mkEnableOption "Serve ivabus.dev";
|
||||
config = lib.mkIf (cfg.enable) {
|
||||
my.roles.server.nginx.enable = true;
|
||||
services.nginx = {
|
||||
virtualHosts."ivabus.dev" = {
|
||||
# i don't want to call package like this
|
||||
root = pkgs.callPackage ../../pkgs/ivabus-dev.nix {};
|
||||
root = pkgs.callPackage ../../pkgs/ivabus-dev.nix { };
|
||||
|
||||
extraConfig = ''
|
||||
error_page 404 /404.html;
|
||||
|
|
|
@ -1,10 +1,9 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
cfg = config.my.roles.server.nginx;
|
||||
in
|
||||
{
|
||||
let cfg = config.my.roles.server.nginx;
|
||||
in {
|
||||
# Don't call from machine setup, services will enable it automatically
|
||||
options.my.roles.server.nginx.enable = lib.mkEnableOption "Initial nginx setup";
|
||||
options.my.roles.server.nginx.enable =
|
||||
lib.mkEnableOption "Initial nginx setup";
|
||||
config = lib.mkIf (cfg.enable) {
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
|
@ -14,4 +13,4 @@ in
|
|||
recommendedTlsSettings = true;
|
||||
};
|
||||
};
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,13 +1,12 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
cfg = config.my.roles.torrent;
|
||||
let cfg = config.my.roles.torrent;
|
||||
in {
|
||||
options.my.roles.torrent.enable = lib.mkEnableOption "Enable torrent support.";
|
||||
options.my.roles.torrent.enable =
|
||||
lib.mkEnableOption "Enable torrent support.";
|
||||
# TODO: do something about systems without GUI (i don't use any at the moment)
|
||||
config = lib.mkIf (cfg.enable) {
|
||||
environment.systemPackages = with pkgs; [
|
||||
(transmission.override {enableGTK3 = true;})
|
||||
];
|
||||
environment.systemPackages = with pkgs;
|
||||
[ (transmission.override { enableGTK3 = true; }) ];
|
||||
};
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,15 +1,12 @@
|
|||
{ pkgs, config, lib, ... }:
|
||||
|
||||
let
|
||||
cfg = config.my.roles.virtualisation;
|
||||
let cfg = config.my.roles.virtualisation;
|
||||
in {
|
||||
options.my.roles.virtualisation.enable = lib.mkEnableOption "Enable tools for virtualisation";
|
||||
options.my.roles.virtualisation.enable =
|
||||
lib.mkEnableOption "Enable tools for virtualisation";
|
||||
config = lib.mkIf (cfg.enable) {
|
||||
# TODO: Think if I ever need virtualisation
|
||||
virtualisation.libvirtd.enable = true;
|
||||
environment.systemPackages = with pkgs; [
|
||||
qemu_full
|
||||
qemu-utils
|
||||
];
|
||||
environment.systemPackages = with pkgs; [ qemu_full qemu-utils ];
|
||||
};
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
{ config, lib, ... }:
|
||||
|
||||
let
|
||||
cfg = config.my.roles.yggdrasil-client;
|
||||
let cfg = config.my.roles.yggdrasil-client;
|
||||
in {
|
||||
options.my.roles.yggdrasil-client.enable = lib.mkEnableOption "Enable yggdrasil";
|
||||
options.my.roles.yggdrasil-client.enable =
|
||||
lib.mkEnableOption "Enable yggdrasil";
|
||||
config = lib.mkIf (cfg.enable) {
|
||||
services.yggdrasil = {
|
||||
enable = true;
|
||||
|
@ -16,4 +16,4 @@ in {
|
|||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
}
|
||||
|
|
14
secrets.nix
14
secrets.nix
|
@ -1,9 +1,9 @@
|
|||
|
||||
let
|
||||
canaryHash = builtins.hashFile "sha256" ./secrets/canary;
|
||||
expectedHash = "bc6f38a927602241c5e0996b61ebd3a90d5356ca76dc968ec14df3cd45c6612c";
|
||||
in
|
||||
if canaryHash != expectedHash then abort "Secrets are not readable. Have you run `git-crypt unlock`?"
|
||||
else {
|
||||
hashed-password = builtins.readFile ./secrets/hashed-password;
|
||||
}
|
||||
expectedHash =
|
||||
"bc6f38a927602241c5e0996b61ebd3a90d5356ca76dc968ec14df3cd45c6612c";
|
||||
in if canaryHash != expectedHash then
|
||||
abort "Secrets are not readable. Have you run `git-crypt unlock`?"
|
||||
else {
|
||||
hashed-password = builtins.readFile ./secrets/hashed-password;
|
||||
}
|
||||
|
|
|
@ -1,18 +1,9 @@
|
|||
{ crossSystem ? "aarch64-unknown-linux-musl" }:
|
||||
|
||||
let pkgs = import <nixpkgs> {
|
||||
crossSystem = {
|
||||
config = crossSystem;
|
||||
};
|
||||
};
|
||||
in
|
||||
pkgs.pkgsStatic.callPackage (
|
||||
{mkShell, pkg-config, zlib, file}:
|
||||
mkShell {
|
||||
nativeBuildInputs = [ pkg-config file ];
|
||||
buildInputs = [ zlib ];
|
||||
env = {
|
||||
CROSS_COMPILE = crossSystem;
|
||||
};
|
||||
}
|
||||
) {}
|
||||
let pkgs = import <nixpkgs> { crossSystem = { config = crossSystem; }; };
|
||||
in pkgs.pkgsStatic.callPackage ({ mkShell, pkg-config, zlib, file }:
|
||||
mkShell {
|
||||
nativeBuildInputs = [ pkg-config file ];
|
||||
buildInputs = [ zlib ];
|
||||
env = { CROSS_COMPILE = crossSystem; };
|
||||
}) { }
|
||||
|
|
Loading…
Reference in a new issue