aciceri/nixfleet
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

va a ciapa i ratt

Browse source
This commit is contained in:
Andrea Ciceri 2023-06-16 10:07:37 +02:00
parent fac91af11a
commit 8346c9f02c
No known key found for this signature in database
43 changed files with 909 additions and 446 deletions
Download patch file Download diff file Expand all files Collapse all files

20
hosts/default.nix
View file

@ -20,6 +20,11 @@
type = lib.types.str;
default = "x86_64-linux";
};
colmena = lib.mkOption {
description = "Set colmena.<host>";
type = lib.types.attrs;
default = {};
};
secrets = lib.mkOption {
description = "List of secrets names in the `secrets` folder";
type = lib.types.attrsOf (lib.types.submodule ({name, ...}: {
@ -79,6 +84,7 @@
config.overlays = with inputs; [
agenix.overlays.default
comma.overlays.default
helix.overlays.default
nur.overlay
];
}));
@ -169,6 +175,7 @@
secrets = {
"thinkpad-wireguard-private-key" = {};
"cachix-personal-token".owner = "ccr";
"autistici-password".owner = "ccr";
};
};
rock5b = {
@ -180,6 +187,7 @@
secrets = {
"rock5b-wireguard-private-key" = {};
};
colmena.deployment.buildOnTarget = true;
};
pbp = {
system = "aarch64-linux";
@ -239,10 +247,12 @@
nodeSpecialArgs = builtins.mapAttrs (name: value: value._module.specialArgs) self.nixosConfigurations;
};
}
// builtins.mapAttrs (name: config: {
imports = config._module.args.modules;
deployment.targetHost = "${name}.fleet";
})
self.nixosConfigurations;
// builtins.mapAttrs (name: host:
lib.recursiveUpdate {
imports = self.nixosConfigurations.${name}._module.args.modules;
deployment.targetHost = "${name}.fleet";
}
host.colmena)
config.fleet.hosts;
};
}

4
hosts/mothership/default.nix
View file

@ -19,6 +19,7 @@
"nix-serve"
"cgit"
"docker"
"binfmt"
];
ccr = {
@ -32,6 +33,7 @@
"shell"
"xdg"
"git-workspace"
"firefox" # used with waypipe
];
packages = with pkgs; [
comma
@ -59,7 +61,7 @@
nixpkgs.config.joypixels.acceptLicense = true;
environment.systemPackages = with pkgs; [waypipe firefox];
environment.systemPackages = with pkgs; [waypipe];
home-manager.users.ccr.gtk = {
enable = true;

5
hosts/mothership/disko.nix
View file

@ -12,7 +12,6 @@
format = "gpt";
partitions = [
{
type = "partition";
name = "ESP";
start = "0";
end = "960MiB";
@ -25,7 +24,6 @@
};
}
{
type = "partition";
name = "zfs";
start = "1GiB";
end = "100%";
@ -45,7 +43,6 @@
format = "gpt";
partitions = [
{
type = "partition";
name = "zfs";
start = "1GiB";
end = "100%";
@ -69,7 +66,7 @@
options.acltype = "posix";
datasets = {
root = {
zfs_type = "filesystem";
type = "zfs_fs";
options = {
mountpoint = "legacy";
autotrim = "on";

4
hosts/pbp/disko.nix
View file

@ -9,7 +9,6 @@ _: {
partitions = [
{
name = "root";
type = "partition";
start = "1MiB";
end = "-4G";
part-type = "primary";
@ -22,7 +21,6 @@ _: {
}
{
name = "swap";
type = "partition";
start = "-4G";
end = "100%";
part-type = "primary";
@ -42,7 +40,6 @@ _: {
format = "gpt";
partitions = [
{
type = "partition";
name = "ESP";
start = "1MiB";
end = "1024MiB";
@ -55,7 +52,6 @@ _: {
}
{
name = "home";
type = "partition";
start = "1024MiB";
end = "100%";
part-type = "primary";

114
hosts/rock5b/default.nix
View file

@ -6,12 +6,16 @@
config,
...
}: {
imports = fleetModules [
"common"
"ssh"
"ccr"
"wireguard-client"
];
imports =
fleetModules [
"common"
"ssh"
"ccr"
"wireguard-client"
]
++ [
./disko.nix
];
ccr.enable = true;
@ -26,64 +30,62 @@
generic-extlinux-compatible.enable = true;
};
disko = import ./disko.nix {};
fileSystems."/mnt/film" = {
device = "//ccr.ydns.eu/film";
fsType = "cifs";
options = let
credentials = pkgs.writeText "credentials" ''
username=guest
password=
'';
in ["credentials=${credentials},x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"];
};
fileSystems."/mnt/archivio" = {
device = "//ccr.ydns.eu/archivio";
fsType = "cifs";
options = let
credentials = pkgs.writeText "credentials" ''
username=guest
password=
'';
in ["credentials=${credentials},x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"];
};
# fileSystems."/mnt/film" = {
# device = "//ccr.ydns.eu/film";
# fsType = "cifs";
# options = let
# credentials = pkgs.writeText "credentials" ''
# username=guest
# password=
# '';
# in ["credentials=${credentials},x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"];
# };
# fileSystems."/mnt/archivio" = {
# device = "//ccr.ydns.eu/archivio";
# fsType = "cifs";
# options = let
# credentials = pkgs.writeText "credentials" ''
# username=guest
# password=
# '';
# in ["credentials=${credentials},x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"];
# };
environment.systemPackages = with pkgs; [
kodi-rock5b
# kodi-rock5b
cifs-utils
];
users.extraUsers.kodi = {
isNormalUser = true;
uid = 1002;
extraGroups = ["video" "input"];
};
# users.extraUsers.kodi = {
# isNormalUser = true;
# uid = 1002;
# extraGroups = ["video" "input"];
# };
networking.firewall.allowedTCPPorts = [
8080 # kodi control
80
];
# networking.firewall.allowedTCPPorts = [
# 8080 # kodi control
# 80
# ];
programs.bash.loginShellInit = ''
[[ "$(tty)" == '/dev/tty1' ]] && \
[[ "$(whoami)" == 'kodi' ]] && \
${pkgs.kodi-rock5b}/bin/kodi-standalone
# programs.bash.loginShellInit = ''
# [[ "$(tty)" == '/dev/tty1' ]] && \
# [[ "$(whoami)" == 'kodi' ]] && \
# ${pkgs.kodi-rock5b}/bin/kodi-standalone
'';
# '';
# Waiting for https://github.com/NixOS/nixpkgs/issues/140304
services.getty = let
script = pkgs.writeText "login-program.sh" ''
if [[ "$(tty)" == '/dev/tty1' ]]; then
${pkgs.shadow}/bin/login -f kodi;
else
${pkgs.shadow}/bin/login;
fi
'';
in {
loginProgram = "${pkgs.bash}/bin/sh";
loginOptions = toString script;
extraArgs = ["--skip-login"];
};
# services.getty = let
# script = pkgs.writeText "login-program.sh" ''
# if [[ "$(tty)" == '/dev/tty1' ]]; then
# ${pkgs.shadow}/bin/login -f kodi;
# else
# ${pkgs.shadow}/bin/login;
# fi
# '';
# in {
# loginProgram = "${pkgs.bash}/bin/sh";
# loginOptions = toString script;
# extraArgs = ["--skip-login"];
# };
}

68
hosts/rock5b/disko.nix
View file

@ -1,5 +1,10 @@
{emmc ? "/dev/mmcblk0", ...}: {
devices = {
let
emmc = "/dev/mmcblk0";
hd1 = "/dev/disk/by-id/ata-WDC_WD10EADS-22M2B0_WD-WCAV52709550";
hd2 = "/dev/disk/by-id/ata-WDC_WD10EADX-22TDHB0_WD-WCAV5V359530";
# old_hd = "/dev/disk/by-id/ata-WDC_WD5000AAKX-08U6AA0_WD-WCC2E5TR40FU";
in {
disko.devices = {
disk = {
emmc = {
type = "disk";
@ -9,14 +14,12 @@
format = "gpt";
partitions = [
{
type = "partition";
start = "32.8kB";
end = "12.6MB";
name = "uboot";
bootable = true;
}
{
type = "partition";
name = "NIXOS_ROOTFS";
start = "13.6MB";
end = "100%";
@ -30,6 +33,63 @@
];
};
};
# hd1 = {
# type = "disk";
# device = hd1;
# content = {
# type = "table";
# format = "gpt";
# partitions = [
# {
# name = "primary";
# start = "0";
# end = "100%";
# content = {
# type = "lvm_pv";
# vg = "pool";
# };
# }
# ];
# };
# };
# hd2 = {
# type = "disk";
# device = hd2;
# content = {
# type = "table";
# format = "gpt";
# partitions = [
# {
# name = "primary";
# start = "0";
# end = "100%";
# content = {
# type = "lvm_pv";
# vg = "pool";
# };
# }
# ];
# };
# };
# };
# lvm_vg = {
# pool = {
# type = "lvm_vg";
# lvs = {
# root = {
# size = "100M";
# lvm_type = "mirror";
# content = {
# type = "filesystem";
# format = "ext4";
# mountpoint = "/mnt/raid";
# mountOptions = [
# "defaults"
# ];
# };
# };
# };
# };
};
};
}

7
hosts/thinkpad/default.nix
View file

@ -15,7 +15,6 @@
"adb"
"audio"
"battery"
# "binfmt"
"bluetooth"
"ccr"
"common"
@ -43,7 +42,8 @@
"digikam"
"discord"
"element"
"email"
# "thunderbird"
"aerc"
"emacs"
"firefox"
"git"
@ -67,6 +67,7 @@
"steam-run"
"lutris"
"wine"
"remmina"
];
packages = with pkgs; [
comma
@ -90,7 +91,7 @@
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = with config.boot.kernelPackages; [v4l2loopback];
boot.kernelPackages = pkgs.linuxPackages_zen;
# boot.kernelPackages = pkgs.linuxPackages_zen;
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

20
hosts/thinkpad/zfs.nix
View file

@ -35,14 +35,14 @@
users.users.root.initialHashedPassword = "$6$EqXfyFLxUZfpmJ8F$UH3pLcHwgLpOZwiSDhdq/iR/p.uyZZYlk6G4Q0S8BtYr3Qt2xKU56Fwv3Mgco.J0i3cx1Nm8XMfvythSuv8gh/";
# TODO: remove this when it will be no more necessary
boot.zfs.enableUnstable = true;
nixpkgs.overlays = [
(self: super: {
linuxPackages_zen = super.linuxPackages_zen.extend (lpSelf: lpSuper: {
zfsUnstable = lpSuper.zfsUnstable.overrideAttrs (_: {
meta.broken = false;
});
});
})
];
# boot.zfs.enableUnstable = true;
# nixpkgs.overlays = [
# (self: super: {
# linuxPackages_zen = super.linuxPackages_zen.extend (lpSelf: lpSuper: {
# zfsUnstable = lpSuper.zfsUnstable.overrideAttrs (_: {
# meta.broken = false;
# });
# });
# })
# ];
}