xin/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

chore: fix format

Browse source
This commit is contained in:
xinyangli 2024-01-13 10:47:37 +08:00
parent 5da958c996
commit 55473f78ad
No known key found for this signature in database
4 changed files with 60 additions and 47 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

98
flake.nix
View file

@ -9,7 +9,7 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nix-vscode-extensions = { nix-vscode-extensions = {
url = "github:nix-community/nix-vscode-extensions"; url = "github:nix-community/nix-vscode-extensions";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils"; inputs.flake-utils.follows = "flake-utils";
@ -20,7 +20,7 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils"; inputs.flake-utils.follows = "flake-utils";
}; };
nur = { nur = {
url = "github:nix-community/NUR"; url = "github:nix-community/NUR";
}; };
@ -86,7 +86,7 @@
}; };
}; };
}; };
mkNixos = { system, modules, specialArgs ? {}}: nixpkgs.lib.nixosSystem { mkNixos = { system, modules, specialArgs ? { } }: nixpkgs.lib.nixosSystem {
inherit system; inherit system;
specialArgs = specialArgs // { inherit inputs system; }; specialArgs = specialArgs // { inherit inputs system; };
modules = [ modules = [
@ -102,57 +102,65 @@
homeConfigurations = builtins.listToAttrs [ (mkHomeConfiguration "xin" "calcite") ]; homeConfigurations = builtins.listToAttrs [ (mkHomeConfiguration "xin" "calcite") ];
colmenaHive = colmena.lib.makeHive { colmenaHive =
let
deploymentModule = {
deployment.targetUser = "xin";
};
sharedModules = [
self.nixosModules.default
deploymentModule
];
in
colmena.lib.makeHive {
meta = { meta = {
nixpkgs = import nixpkgs { nixpkgs = import nixpkgs {
system = "x86_64-linux"; system = "x86_64-linux";
}; };
machinesFile = ./nixbuild.net; machinesFile = ./nixbuild.net;
specialArgs = { specialArgs = {
inherit inputs; inherit inputs;
}; };
}; };
massicot = { name, nodes, pkgs, ... }: with inputs; { massicot = { name, nodes, pkgs, ... }: with inputs; {
deployment.targetHost = "49.13.13.122"; deployment.targetHost = "49.13.13.122";
deployment.buildOnTarget = true;
imports = [ imports = [
{ nixpkgs.system = "aarch64-linux"; } { nixpkgs.system = "aarch64-linux"; }
self.nixosModules.default machines/massicot
machines/massicot ] ++ sharedModules;
];
}; };
sgp-00 = { name, nodes, pkgs, ... }: with inputs; { sgp-00 = { name, nodes, pkgs, ... }: with inputs; {
imports = [ imports = [
self.nixosModules.default machines/dolomite
machines/dolomite ] ++ sharedModules;
]; nixpkgs.system = "x86_64-linux";
nixpkgs.system = "x86_64-linux"; networking.hostName = "sgp-00";
networking.hostName = "sgp-00"; system.stateVersion = "23.11";
system.stateVersion = "23.11"; deployment = {
deployment = { targetHost = "video.namely.icu";
targetHost = "video.namely.icu"; buildOnTarget = false;
buildOnTarget = false; tags = [ "proxy" ];
tags = [ "proxy" ]; };
};
}; };
tok-00 = { name, nodes, pkgs, ... }: with inputs; { tok-00 = { name, nodes, pkgs, ... }: with inputs; {
imports = [ imports = [
self.nixosModules.default machines/dolomite
machines/dolomite ] ++ sharedModules;
]; nixpkgs.system = "x86_64-linux";
nixpkgs.system = "x86_64-linux"; networking.hostName = "tok-00";
networking.hostName = "tok-00"; system.stateVersion = "23.11";
system.stateVersion = "23.11"; deployment = {
deployment = { targetHost = "video01.namely.icu";
targetHost = "video01.namely.icu"; buildOnTarget = false;
buildOnTarget = false; tags = [ "proxy" ];
tags = [ "proxy" ]; };
};
}; };
}; };
nixosConfigurations = { nixosConfigurations = {
calcite = mkNixos { calcite = mkNixos {
@ -162,7 +170,7 @@
machines/calcite/configuration.nix machines/calcite/configuration.nix
(mkHome "xin" "calcite") (mkHome "xin" "calcite")
]; ];
}; };
raspite = mkNixos { raspite = mkNixos {
system = "aarch64-linux"; system = "aarch64-linux";
modules = [ modules = [
@ -186,12 +194,12 @@
} }
]; ];
}).config.system.build.sdImage; }).config.system.build.sdImage;
} // flake-utils.lib.eachDefaultSystem (system: } // flake-utils.lib.eachDefaultSystem (system:
let pkgs = nixpkgs.legacyPackages.${system}; in let pkgs = nixpkgs.legacyPackages.${system}; in
{ {
devShells = { devShells = {
default = pkgs.mkShell { default = pkgs.mkShell {
packages = with pkgs; [ git colmena sops nix-output-monitor ]; packages = with pkgs; [ git colmena sops nix-output-monitor rnix-lsp ];
}; };
}; };
} }

5
machines/dolomite/default.nix
View file

@ -66,12 +66,17 @@
}; };
}; };
services.fail2ban.enable = true; services.fail2ban.enable = true;
programs.mosh.enable = true;
security.sudo = { security.sudo = {
execWheelOnly = true; execWheelOnly = true;
wheelNeedsPassword = false; wheelNeedsPassword = false;
}; };
nix.settings = {
trusted-users = config.users.groups.wheel.members;
};
services.sing-box = let services.sing-box = let
singTls = { singTls = {
enabled = true; enabled = true;

2
machines/massicot/default.nix
View file

@ -87,8 +87,8 @@
KerberosAuthentication = "no"; KerberosAuthentication = "no";
}; };
}; };
services.fail2ban.enable = true; services.fail2ban.enable = true;
programs.mosh.enable = true;
systemd.services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ]; systemd.services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ];
} }

2
modules/home-manager/vscode.nix
View file

@ -5,7 +5,7 @@ let
cfg = config.custom-hm.vscode; cfg = config.custom-hm.vscode;
in in
{ {
options.custom-hm.vscode = { options.custom-hm.vscode = {
enable = mkEnableOption "Vscode config"; enable = mkEnableOption "Vscode config";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {