aciceri/nixfleet
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Codroipo

Browse source
This commit is contained in:
Andrea Ciceri 2022-12-28 17:26:53 +01:00
parent c49c7d0196
commit 021ee17f1b
No known key found for this signature in database
GPG key ID: A1FC89532D1C5654
18 changed files with 175 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
doom.d/config.el
View file

@ -138,4 +138,5 @@
(after! eglot
(add-to-list 'eglot-server-programs '(nix-mode . ("nil")))
(add-hook! 'nix-mode-hook #'eglot-ensure)
)

2
doom.d/init.el
View file

@ -96,7 +96,7 @@
;;gist ; interacting with github gists
lookup ; navigate your code and its documentation
lsp ; M-x vscode
magit ; a git porcelain for Emacs
(magit +forge) ; a git porcelain for Emacs
make ; run make tasks from Emacs
pass ; password manager for nerds
;;pdf ; pdf enhancements

78
flake.lock generated
View file

@ -226,6 +226,22 @@
"type": "github"
}
},
"fan-control": {
"flake": false,
"locked": {
"lastModified": 1669548492,
"narHash": "sha256-qqPmOEF+r10VGz3izAnHZW6aJk1mOXy9BrpR9FvWSt0=",
"owner": "pymumu",
"repo": "fan-control-rock5b",
"rev": "8419990c6c0f47a3ed0b55255d7e3591cc5fdab9",
"type": "github"
},
"original": {
"owner": "pymumu",
"repo": "fan-control-rock5b",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
@ -363,6 +379,22 @@
"type": "github"
}
},
"kernel-src": {
"flake": false,
"locked": {
"lastModified": 1670395302,
"narHash": "sha256-IZdeXSvGips2OPTwXljGPTeR2Kpx70NGQGF0Cd9xa+0=",
"owner": "radxa",
"repo": "kernel",
"rev": "ca15bbe36e6c087c96a603db7cc491a01d9a6467",
"type": "github"
},
"original": {
"owner": "radxa",
"repo": "kernel",
"type": "github"
}
},
"naersk": {
"inputs": {
"nixpkgs": [
@ -466,16 +498,15 @@
},
"nixpkgsUnstable": {
"locked": {
"lastModified": 1670597555,
"narHash": "sha256-/k939P2S2246G6K5fyvC0U2IWvULhb4ZJg9K7ZxsX+k=",
"lastModified": 1672239721,
"narHash": "sha256-yGFJrTbRR/338y+UOvjRXi1pfidSdWb016UHOFFcfns=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "2dea0f4c2d6e4603f54b2c56c22367e77869490c",
"rev": "4d5535c90c817917015bf26794d29802e254cb32",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
@ -527,6 +558,22 @@
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1656239181,
"narHash": "sha256-wW1xRFBn376yGloXZ4QzBE4hjipMawpV18Lshd9QSPw=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "f2537a505d45c31fe5d9c27ea9829b6f4c4e6ac5",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nixpkgs",
"rev": "f2537a505d45c31fe5d9c27ea9829b6f4c4e6ac5",
"type": "github"
}
},
"nose": {
"flake": false,
"locked": {
@ -661,6 +708,26 @@
"type": "github"
}
},
"rock5b": {
"inputs": {
"fan-control": "fan-control",
"kernel-src": "kernel-src",
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1672220053,
"narHash": "sha256-7LcL2J+5BIShEEjc7/gOKvDxvm+zKPHS2LQcDTQtQOA=",
"owner": "aciceri",
"repo": "rock5b-nixos",
"rev": "8b2f9583fa761f2013a9b20c15c8a621c1fd4a76",
"type": "github"
},
"original": {
"owner": "aciceri",
"repo": "rock5b-nixos",
"type": "github"
}
},
"root": {
"inputs": {
"agenix": "agenix",
@ -670,7 +737,8 @@
"nixosHardware": "nixosHardware",
"nixpkgsStable": "nixpkgsStable",
"nixpkgsUnstable": "nixpkgsUnstable",
"preCommitHooks": "preCommitHooks"
"preCommitHooks": "preCommitHooks",
"rock5b": "rock5b"
}
},
"rotate-text": {

15
flake.nix
View file

@ -2,7 +2,7 @@
description = "A complete, declarative, and reproducible configuration of my entire Nix fleet";
inputs = {
nixpkgsUnstable.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgsUnstable.url = "github:NixOS/nixpkgs";
nixpkgsStable.url = "github:NixOS/nixpkgs/nixos-22.05";
nixosHardware.url = "github:NixOS/nixos-hardware";
homeManager = {
@ -13,8 +13,8 @@
agenix.url = "github:ryantm/agenix";
doomEmacs.url = "github:nix-community/nix-doom-emacs";
comma.url = "github:nix-community/comma";
rock5b.url = "github:aciceri/rock5b-nixos";
};
outputs = {self, ...} @ inputs: let
utils = import ./utils inputs;
inherit
@ -41,4 +41,15 @@
inherit formatter;
};
nixConfig = {
extra-substituters = [
"https://aciceri-fleet.cachix.org"
"https://rock5b-nixos.cachix.org"
];
extra-trusted-public-keys = [
"aciceri-fleet.cachix.org-1:e1AodrwmzRWy0eQi3lUY71M41fp9Sq+UpuKKv705xsI="
"rock5b-nixos.cachix.org-1:bXHDewFS0d8pT90A+/YZan/3SjcyuPZ/QRgRSuhSPnA="
];
};
}

4
hmModules/emacs/default.nix
View file

@ -4,8 +4,8 @@
lib,
...
}: let
rev = "72a94f91fd0570556ce770dc3a39e658f7588f7e"; # Current master, Emacs 29, seems a good commit
sha256 = "e5kKIEZJB9BGbBvGtiPK3gNygFoGxkG02nRLCwnGtmk=";
rev = "2ddc480f4417775d6bf8ebcfc27b8cd7fa761a7d"; # Emacs 29, seems a good commit
sha256 = "sha256-SmtafhTYOI27/eraeaXwC1F09K+WNpjOy5WFu1h4QQg=";
emacsMaster =
(pkgs.emacs.override {
nativeComp = true;

1
hmModules/git/default.nix
View file

@ -12,6 +12,7 @@ in {
ui.color = true;
pull.rebase = false;
rebase.autostash = true;
github.user = "aciceri";
};
userName = config.name;

1
hmModules/shell/default.nix
View file

@ -84,6 +84,5 @@
dig.dnsutils
zsh-completions
nix-zsh-completions
gnuapl
];
}

6
hmModules/sway/default.nix
View file

@ -29,7 +29,6 @@
};
};
# TODO check if it works (just wait?)
services.swayidle.enable = true;
wayland = {
@ -55,9 +54,14 @@
terminal = "footclient";
bars = [
{
mode = "hide";
position = "top";
command = "${pkgs.waybar}/bin/waybar";
}
];
gaps = {
smartBorders = "on";
};
assigns = {
"1" = [{title = ".*Mozilla Firefox$";} {title = ".*qutebrowser$";}];
"2" = [{title = "^((?!qutebrowser-editor).)*Emacs$";}];

1
hmModules/sway/waybar.nix
View file

@ -4,6 +4,7 @@
style = builtins.readFile ./style.css;
settings = {
mainBar = {
ipc = true;
layer = "top";
position = "top";
height = 30;

6
hosts/hs/default.nix
View file

@ -313,16 +313,18 @@
139 # samba
443 # https
445 # samba
4662
4712 # amule
4711 # amule web gui
8384 # syncthing
53 # dns
];
allowedUDPPorts = [
137 # samba
137
138 # samba
51820 # wireguard
53 # dns
4665
4672 # amule
];
};

13
hosts/rock5b/default.nix Normal file
View file

@ -0,0 +1,13 @@
{fleetModules, ...}: {
imports =
[
./hardware-configuration.nix
]
++ fleetModules [
"common"
"ssh"
"ccr"
];
ccr.enable = true;
}

15
hosts/rock5b/hardware-configuration.nix Normal file
View file

@ -0,0 +1,15 @@
{lib, ...}: {
fileSystems = {
"/" = {
device = "/dev/disk/by-label/NIXOS_ROOTFS";
fsType = "ext4";
};
};
swapDevices = [];
boot.loader = {
grub.enable = false;
generic-extlinux-compatible.enable = true;
};
}

2
hosts/thinkpad/default.nix
View file

@ -28,6 +28,7 @@
"transmission"
"udisks2"
"xdg"
"nix-development"
];
ccr = {
@ -77,6 +78,7 @@
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.kernelPackages = pkgs.linuxPackages_zen;
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

15
hosts/thinkpad/zfs.nix
View file

@ -5,7 +5,6 @@
}: {
boot.supportedFilesystems = ["zfs"];
networking.hostId = "adf0b5e7";
boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
boot.loader.efi.efiSysMountPoint = "/boot/efi";
boot.loader.efi.canTouchEfiVariables = false;
boot.loader.generationsDir.copyKernels = true;
@ -27,11 +26,23 @@
cp -r /boot/efi/EFI $ESP_MIRROR
for i in /boot/efis/*; do
cp -r $ESP_MIRROR/EFI $i
done
done wv
rm -rf $ESP_MIRROR
'';
boot.loader.grub.devices = [
"/dev/disk/by-id/nvme-INTEL_SSDPEKKF010T8L_PHHP938405741P0D"
];
users.users.root.initialHashedPassword = "$6$EqXfyFLxUZfpmJ8F$UH3pLcHwgLpOZwiSDhdq/iR/p.uyZZYlk6G4Q0S8BtYr3Qt2xKU56Fwv3Mgco.J0i3cx1Nm8XMfvythSuv8gh/";
# TODO: remove this when it will be no more necessary
boot.zfs.enableUnstable = true;
nixpkgs.overlays = [
(self: super: {
linuxPackages_zen = super.linuxPackages_zen.extend (lpSelf: lpSuper: {
zfsUnstable = lpSuper.zfsUnstable.overrideAttrs (_: {
meta.broken = false;
});
});
})
];
}

6
modules/nix-development/default.nix Normal file
View file

@ -0,0 +1,6 @@
{
nix.settings = {
keep-outputs = true;
keep-derivations = true;
};
}

1
secrets/default.nix
View file

@ -5,4 +5,5 @@ let
in {
"secrets/mlabs-cachix.age".publicKeys = [keys.agenix];
"secrets/autistici-password.age".publicKeys = [keys.agenix];
"secrets/magit-forge-github-token.age".publicKeys = [keys.agenix];
}

18
secrets/magit-forge-github-token.age Normal file
View file

@ -0,0 +1,18 @@
age-encryption.org/v1
-> ssh-rsa QHr3/A
minytBGD5mhGlZVBUiHlTCKgR/IQBa5CLqr49w39AM8fjjJtj19UryLyoA1Jouef
GKRU+uR16Lj9MjdqJhcGi7Ox7/L+Si/eh5M5y08G0M8bod6VTyezbjWjbKTeoY68
72Iz20s254jP75jhlyekL/rTQJR9aeQiDsVXBr02wu8ICC+eESfTiq8Srwwaq3Gr
H/rfHO2/vqrA+NYSI9I+1fCYp+8YLSIAMmDI4jjrC/d3RQhDkiqhn2uvslV5UiqH
yBcfIEz7CSNdJp5KfF/Qw2BgepkMibYj+iKZ9zfYZJQyQy8FCEXfx+BwwjdEPadk
0lOmatm1UmR8BAl0LCof7VxwsEbTeQHuz/FX/kfadlxNSUYF0bkVBNWHsLG1YP6Y
JBzFiBA5Wy8qEUHIeKmVP70moVohURiTliV8mN1dL490ns+kgpBPjQm+ThJGXyCE
ibx6j8AmGxMXoykBIFYxi3HvSJm5CKhUahBCHLlTdcUoGqDMz6ZS0Ys6ojW6iMEu
VfI1ZeHScnFKmR7Y237i5ZRYl4wUD7tjBSHl+7T1UsHUyg6Vymop6tiR+TYp0Jwp
j+1V4irQ5PVbULWW5IYEDzyeggiUUarWXJQiIhZvR+w5IQGK0OpigWqlzZz/OJ9N
8VyiKhr1/Q7Lbxvt3aF/gudZG9HeDVAnXTLSxF/HfWs
-> k04\pIXA-grease !~)DrR 8gGWs" %
bWx1d5LHHOqqMjp9oLbsWfuSmojeftp2Cm9gfvf78lbLFfamqVRJDZiqwCOBF8Zx
haDVCJPzlTbXJ7dJ3A
--- Oj+guFcy4YP1C3mhTRK7WIogGKH1PH06Ppc+MqT6dV0
cp·±ÑÊ ÍƒlI†ÁFÀ<>êamT§äõèöµ 5¬¹õÿl½É“! ©`Ykg4p¹Ø5f¹p£RÕ0|<7C>]

6
utils/default.nix
View file

@ -6,6 +6,7 @@
nixosHardware,
nixpkgsUnstable,
preCommitHooks,
rock5b,
self,
...
}: let
@ -75,6 +76,11 @@
name = "beebox";
system = supportedSystems.x86_64-linux;
};
rock5b = mkConfiguration {
name = "rock5b";
system = supportedSystems.aarch64-linux;
modules = [rock5b.nixosModules.kernel rock5b.nixosModules.fan-control];
};
};
mkVmApp = system: configuration: let