aciceri/nixfleet
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Compare commits

base: aciceri:b16d868f853bc17e1f29d395b5747eb396040d51
Branches Tags
aciceri:master
aciceri:update-flake-lock
aciceri:aaa
aciceri:wip
aciceri:test
..
compare: aciceri:62369c45e81cab187061301afdb4c40bd9ba75dd
Branches Tags
aciceri:master
aciceri:update-flake-lock
aciceri:aaa
aciceri:wip
aciceri:test

1 commit
b16d868f85 ... 62369c45e8

Author SHA1 Message Date
Seven of Nine
62369c45e8 flake.lock: Update
All checks were successful
/ test (push) Successful in 12m48s
Details 
Flake lock file updates:

• Updated input 'disko':
    'github:nix-community/disko/e55f9a8678adc02024a4877c2a403e3f6daf24fe' (2024-09-03)
  → 'github:nix-community/disko/51994df8ba24d5db5459ccf17b6494643301ad28' (2024-09-20)
• Updated input 'dream2nix':
    'github:nix-community/dream2nix/3fd4c14d3683baac8d1f94286ae14fe160888b51' (2024-08-01)
  → 'github:nix-community/dream2nix/b76c529f377100516c40c5b6e239a4525fdcabe0' (2024-09-16)
• Updated input 'flakeParts':
    'github:hercules-ci/flake-parts/567b938d64d4b4112ee253b9274472dc3a346eb6' (2024-09-01)
  → 'github:hercules-ci/flake-parts/bcef6817a8b2aa20a5a6dbb19b43e63c5bf8619a' (2024-09-12)
• Updated input 'homeManager':
    'github:nix-community/home-manager/be47a2bdf278c57c2d05e747a13ed31cef54a037' (2024-09-09)
  → 'github:nix-community/home-manager/14929f7089268481d86b83ed31ffd88713dcd415' (2024-09-21)
• Updated input 'lix':
    'git+https://git@git.lix.systems/lix-project/lix?ref=refs/heads/main&rev=c14486ae8d3bbc862c625d948a6b2f4dc0927d5b' (2024-09-09)
  → 'git+https://git@git.lix.systems/lix-project/lix?ref=refs/heads/main&rev=5f298f74c92402a8390b01c736463b17b36277e3' (2024-09-21)
• Updated input 'lix-module':
    'git+https://git.lix.systems/lix-project/nixos-module?ref=refs/heads/main&rev=353b25f0b6da5ede15206d416345a2ec4195b5c8' (2024-09-08)
  → 'git+https://git.lix.systems/lix-project/nixos-module?ref=refs/heads/main&rev=b0e6f359500d66670cc16f521e4f62d6a0a4864e' (2024-09-18)
• Updated input 'lix-module/flake-utils':
    'github:numtide/flake-utils/b1d9ab70662946ef0850d488da1c9019f3a9752a' (2024-03-11)
  → 'github:numtide/flake-utils/c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a' (2024-09-17)
• Updated input 'nixDarwin':
    'github:LnL7/nix-darwin/76559183801030451e200c90a1627c1d82bb4910' (2024-09-06)
  → 'github:LnL7/nix-darwin/c03f85fa42d68d1056ca1740f3113b04f3addff2' (2024-09-19)
• Updated input 'nixosHardware':
    'github:NixOS/nixos-hardware/166dee4f88a7e3ba1b7a243edb1aca822f00680e' (2024-09-09)
  → 'github:NixOS/nixos-hardware/b493dfd4a8cf9552932179e56ff3b5819a9b8381' (2024-09-21)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/268bb5090a3c6ac5e1615b38542a868b52ef8088' (2024-09-19)
  → 'github:NixOS/nixpkgs/29768748c8e6ce4e9b1fba2b5a978576ece5b3a4' (2024-09-21)
• Updated input 'treefmt-nix':
    'github:numtide/treefmt-nix/9fb342d14b69aefdf46187f6bb80a4a0d97007cd' (2024-09-02)
  → 'github:numtide/treefmt-nix/ee41a466c2255a3abe6bc50fc6be927cdee57a9f' (2024-09-19)
 2024-09-21 14:57:13 +00:00
4 changed files with 96 additions and 197 deletions
Show stats Expand all files Collapse all files

204
flake.lock generated
View file

@ -21,27 +21,6 @@
"type": "github"
}
},
"crane": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1721842668,
"narHash": "sha256-k3oiD2z2AAwBFLa4+xfU+7G5fisRXfkvrMTCJrjZzXo=",
"owner": "ipetkov",
"repo": "crane",
"rev": "529c1a0b1f29f0d78fa3086b8f6a134c71ef3aaf",
"type": "github"
},
"original": {
"owner": "ipetkov",
"repo": "crane",
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
@ -136,44 +115,7 @@
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1719994518,
"narHash": "sha256-pQMhCCHyQGRzdfAkdJ4cIWiw+JNuWsTX7f0ZYSyz0VY=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "9227223f6d922fee3c7b190b2cc238a99527bbb7",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_2"
},
@ -191,7 +133,7 @@
"type": "github"
}
},
"flake-parts_3": {
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"nixThePlanet",
@ -212,7 +154,7 @@
"type": "indirect"
}
},
"flake-parts_4": {
"flake-parts_3": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_3"
},
@ -343,31 +285,9 @@
"type": "github"
}
},
"gitignore_2": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"pre-commit-hooks-nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"hercules-ci-effects": {
"inputs": {
"flake-parts": "flake-parts_3",
"flake-parts": "flake-parts_2",
"nixpkgs": "nixpkgs_4"
},
"locked": {
@ -433,11 +353,11 @@
]
},
"locked": {
"lastModified": 1726985855,
"narHash": "sha256-NJPGK030Y3qETpWBhj9oobDQRbXdXOPxtu+YgGvZ84o=",
"lastModified": 1726902823,
"narHash": "sha256-Gkc7pwTVLKj4HSvRt8tXNvosl8RS9hrBAEhOjAE0Tt4=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "04213d1ce4221f5d9b40bcee30706ce9a91d148d",
"rev": "14929f7089268481d86b83ed31ffd88713dcd415",
"type": "github"
},
"original": {
@ -499,31 +419,6 @@
"type": "github"
}
},
"lanzaboote": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat_2",
"flake-parts": "flake-parts",
"nixpkgs": [
"nixpkgs"
],
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1725379389,
"narHash": "sha256-qS1H/5/20ewJIXmf8FN2A5KTOKKU9elWvCPwdBi1P/U=",
"owner": "nix-community",
"repo": "lanzaboote",
"rev": "e7bd94e0b5ff3c1e686f2101004ebf4fcea9d871",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "lanzaboote",
"type": "github"
}
},
"lix": {
"flake": false,
"locked": {
@ -568,11 +463,11 @@
"mobile-nixos": {
"flake": false,
"locked": {
"lastModified": 1726960027,
"narHash": "sha256-BJe+6Gpqu98Mhi1oAfrJK25SZvvQgfYqpmLaXvXgQ9g=",
"lastModified": 1725601293,
"narHash": "sha256-PLk1m0ZukClV+qrszd6WaNclpge8zGsSBTOAwYB9es4=",
"owner": "NixOS",
"repo": "mobile-nixos",
"rev": "a386813d9ec46fa32e51488f7d48c0e1bde77f8e",
"rev": "672f8299e484301994858d9220921309f631d616",
"type": "github"
},
"original": {
@ -637,11 +532,11 @@
]
},
"locked": {
"lastModified": 1727003835,
"narHash": "sha256-Cfllbt/ADfO8oxbT984MhPHR6FJBaglsr1SxtDGbpec=",
"lastModified": 1726742753,
"narHash": "sha256-QclpWrIFIg/yvWRiOUaMp1WR+TGUE9tb7RE31xHlxWc=",
"owner": "LnL7",
"repo": "nix-darwin",
"rev": "bd7d1e3912d40f799c5c0f7e5820ec950f1e0b3d",
"rev": "c03f85fa42d68d1056ca1740f3113b04f3addff2",
"type": "github"
},
"original": {
@ -652,7 +547,7 @@
},
"nixThePlanet": {
"inputs": {
"flake-parts": "flake-parts_2",
"flake-parts": "flake-parts",
"hercules-ci-effects": "hercules-ci-effects",
"nixpkgs": [
"nixpkgs"
@ -817,22 +712,6 @@
"type": "github"
}
},
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1720386169,
"narHash": "sha256-NGKVY4PjzwAa4upkGtAMz1npHGoRzWotlSnVlqI40mo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "194846768975b7ad2c4988bdb82572c00222c0d7",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1720181791,
@ -882,11 +761,11 @@
},
"nixpkgs_5": {
"locked": {
"lastModified": 1727007089,
"narHash": "sha256-vsyRYF7MSJE5FHrQdcY3g+CORy6K/6NW+Cw00+VvNy0=",
"lastModified": 1726930246,
"narHash": "sha256-BG4Qyero2a5DsfC4CDT5Jx9l7h4/N0/7JD0agHoBSGk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9c711566cde5929768e311413eaa2399631624ce",
"rev": "29768748c8e6ce4e9b1fba2b5a978576ece5b3a4",
"type": "github"
},
"original": {
@ -995,33 +874,6 @@
"type": "gitlab"
}
},
"pre-commit-hooks-nix": {
"inputs": {
"flake-compat": [
"lanzaboote",
"flake-compat"
],
"gitignore": "gitignore_2",
"nixpkgs": [
"lanzaboote",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable_2"
},
"locked": {
"lastModified": 1721042469,
"narHash": "sha256-6FPUl7HVtvRHCCBQne7Ylp4p+dpP3P/OYuzjztZ4s70=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "f451c19376071a90d8c58ab1a953c6e9840527fd",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"purescript-overlay": {
"inputs": {
"nixpkgs": [
@ -1064,7 +916,7 @@
"rock5b": {
"inputs": {
"fan-control": "fan-control",
"flake-parts": "flake-parts_4",
"flake-parts": "flake-parts_3",
"kernel-src": "kernel-src",
"nixpkgs": "nixpkgs_6",
"nixpkgs-kernel": "nixpkgs-kernel",
@ -1096,7 +948,6 @@
"homeManager": "homeManager",
"homeManagerGitWorkspace": "homeManagerGitWorkspace",
"impermanence": "impermanence",
"lanzaboote": "lanzaboote",
"lix": "lix",
"lix-module": "lix-module",
"mobile-nixos": "mobile-nixos",
@ -1110,27 +961,6 @@
"vscode-server": "vscode-server"
}
},
"rust-overlay": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1722219664,
"narHash": "sha256-xMOJ+HW4yj6e69PvieohUJ3dBSdgCfvI0nnCEe6/yVc=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "a6fbda5d9a14fb5f7c69b8489d24afeb349c7bb4",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"scss-reset": {
"flake": false,
"locked": {

4
flake.nix
View file

@ -55,10 +55,6 @@
};
impermanence.url = "github:nix-community/impermanence";
vscode-server.url = "github:nix-community/nixos-vscode-server";
lanzaboote = {
url = "github:nix-community/lanzaboote";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs =

77
hosts/default.nix
View file

@ -11,6 +11,66 @@
nixOnDroidHosts.janeway = { };
hosts = {
# thinkpad = {
# extraModules = with inputs; [
# nixosHardware.nixosModules.lenovo-thinkpad-x1-7th-gen
# buildbot-nix.nixosModules.buildbot-master
# buildbot-nix.nixosModules.buildbot-worker
# ];
# extraHmModules = with inputs; [
# ccrEmacs.hmModules.default
# {
# # TODO: remove after https://github.com/nix-community/home-manager/pull/3811
# imports = let
# hmModules = "${inputs.homeManagerGitWorkspace}/modules";
# in [
# "${hmModules}/services/git-workspace.nix"
# ];
# }
# ];
# overlays = [inputs.nil.overlays.default];
# secrets = {
# "thinkpad-wireguard-private-key" = {};
# "cachix-personal-token".owner = "ccr";
# "autistici-password".owner = "ccr";
# "git-workspace-tokens".owner = "ccr";
# "chatgpt-token".owner = "ccr";
# };
# };
# rock5b = {
# system = "aarch64-linux";
# extraModules = with inputs; [
# disko.nixosModules.disko
# rock5b.nixosModules.default
# ];
# secrets = {
# "rock5b-wireguard-private-key" = {};
# "hercules-ci-join-token".owner = "hercules-ci-agent";
# "hercules-ci-binary-caches".owner = "hercules-ci-agent";
# "cachix-personal-token".owner = "ccr";
# "home-planimetry".owner = "hass";
# "cloudflare-dyndns-api-token" = {};
# # "nextcloud-admin-pass".owner = "nextcloud";
# # "aws-credentials" = {};
# };
# colmena.deployment.buildOnTarget = true;
# };
# pbp = {
# system = "aarch64-linux";
# extraModules = with inputs; [
# nixosHardware.nixosModules.pine64-pinebook-pro
# disko.nixosModules.disko
# ];
# extraHmModules = [
# inputs.ccrEmacs.hmModules.default
# ];
# secrets = {
# "pbp-wireguard-private-key" = {};
# "cachix-personal-token".owner = "ccr";
# "chatgpt-token".owner = "ccr";
# };
# };
deltaflyer = {
nixpkgs =
let
@ -46,6 +106,7 @@
inputs.lix-module.nixosModules.default
];
extraHmModules = [
# inputs.ccrEmacs.hmModules.default
"${inputs.homeManagerGitWorkspace}/modules/services/git-workspace.nix"
];
secrets = {
@ -67,7 +128,7 @@
inputs.disko.nixosModules.disko
inputs.nixThePlanet.nixosModules.macos-ventura
inputs.lix-module.nixosModules.default
inputs.lanzaboote.nixosModules.lanzaboote
# inputs.hercules-ci-agent.nixosModules.agent-service
];
extraHmModules = [
# inputs.ccrEmacs.hmModules.default
@ -78,9 +139,13 @@
"picard-wireguard-private-key" = { };
"chatgpt-token".owner = "ccr";
"cachix-personal-token".owner = "ccr";
"hercules-ci-join-token".owner = "hercules-ci-agent";
"hercules-ci-binary-caches".owner = "hercules-ci-agent";
"hercules-ci-secrets-json".owner = "hercules-ci-agent";
"git-workspace-tokens".owner = "ccr";
"autistici-password".owner = "ccr";
"restic-hetzner-password" = { };
"aws-credentials".owner = "hercules-ci-agent";
"forgejo-runners-token".owner = "nixuser";
"forgejo-nix-access-tokens".owner = "nixuser";
};
@ -95,16 +160,26 @@
extraModules = with inputs; [
disko.nixosModules.disko
impermanence.nixosModules.impermanence
# lix-module.nixosModules.default
# inputs.hercules-ci-agent.nixosModules.agent-service;
# rock5b.nixosModules.default
];
secrets = {
"sisko-wireguard-private-key" = { };
"hercules-ci-join-token".owner = "hercules-ci-agent";
"hercules-ci-binary-caches".owner = "hercules-ci-agent";
"hercules-ci-secrets-json".owner = "hercules-ci-agent";
"cachix-personal-token".owner = "ccr";
"home-planimetry".owner = "hass";
"home-assistant-token".owner = "prometheus";
"grafana-password".owner = "grafana";
"cloudflare-dyndns-api-token" = { };
"restic-hetzner-password" = { };
# "minio-credentials".owner = "minio";
# "aws-credentials".owner = "hercules-ci-agent";
"hass-ssh-key".owner = "hass";
# "matrix-registration-shared-secret".owner = "matrix-synapse";
# "matrix-sliding-sync-secret".owner = "matrix-synapse";
"autistici-password" = {
# FIXME terrible, should create a third ad-hoc group
owner = "grafana";

8
hosts/picard/default.nix
View file

@ -26,6 +26,7 @@
"waydroid"
"virt-manager"
"ssh-initrd"
"hercules-ci"
"printing"
"pam"
"wireguard-client"
@ -128,15 +129,12 @@
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.systemd-boot = {
enable = lib.mkForce false; # needed by lanzaboote
};
boot.lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
configurationLimit = 20;
};
boot.kernelPackages = pkgs.linuxKernel.packages.linux_6_10;
# boot.kernelPackages = pkgs.linuxKernel.packages.linux_6_8;
boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
networking.hostId = "5b02e763";