Compare commits

...

2 commits

Author SHA1 Message Date
6d6e66a056
bump version 2024-01-13 11:06:58 +08:00
55473f78ad
chore: fix format 2024-01-13 10:47:37 +08:00
6 changed files with 82 additions and 69 deletions

View file

@ -84,11 +84,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1704498488, "lastModified": 1705104164,
"narHash": "sha256-yINKdShHrtjdiJhov+q0s3Y3B830ujRoSbHduUNyKag=", "narHash": "sha256-pllCu3Hcm1wP/B0SUxgUXvHeEd4w8s2aVrEQRdIL1yo=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "51e44a13acea71b36245e8bd8c7db53e0a3e61ee", "rev": "0912d26b30332ae6a90e1b321ff88e80492127dd",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -128,11 +128,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1704590722, "lastModified": 1705108826,
"narHash": "sha256-exh2bDwYYkdJgm5wLvpWht5bRuPigk8v4Z7l4RegX3Q=", "narHash": "sha256-1xOzPcS8Zr4rqgLoaRwAcKqdCdzrBDaNwT+tiBdXf18=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nix-vscode-extensions", "repo": "nix-vscode-extensions",
"rev": "7d0eace387cf4fd2812d0791684f4befa0865512", "rev": "92fd8c24719f08692c36b685de6884a20080edf0",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -166,11 +166,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1704632650, "lastModified": 1704786394,
"narHash": "sha256-83J/nd/NoLqo3vj0S0Ppqe8L+ijIFiGL6HNDfCCUD/Q=", "narHash": "sha256-aJM0ln9fMGWw1+tjyl5JZWZ3ahxAA2gw2ZpZY/hkEMs=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "c478b3d56969006e015e55aaece4931f3600c1b2", "rev": "b34a6075e9e298c4124e35c3ccaf2210c1f3a43b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -182,11 +182,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1704194953, "lastModified": 1704722960,
"narHash": "sha256-RtDKd8Mynhe5CFnVT8s0/0yqtWFMM9LmCzXv/YKxnq4=", "narHash": "sha256-mKGJ3sPsT6//s+Knglai5YflJUF2DGj7Ai6Ynopz0kI=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "bd645e8668ec6612439a9ee7e71f7eac4099d4f6", "rev": "317484b1ead87b9c1b8ac5261a8d2dd748a0492d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -230,11 +230,11 @@
}, },
"nur": { "nur": {
"locked": { "locked": {
"lastModified": 1704645857, "lastModified": 1705110884,
"narHash": "sha256-YRFry+uleoeDKs0kr039eVCN5XSCOuUbgbyKMJRXeFY=", "narHash": "sha256-8t8C+vYVoNsG7uv1cH/vkUHM84EkxGRoPuwk1TMXBZE=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "e72bc8a4fff841c6a131fe40471e4ae401f31096", "rev": "075357ead2dbaf5c64120371f6a1e57d1ee23a02",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -266,11 +266,11 @@
"nixpkgs-stable": "nixpkgs-stable_2" "nixpkgs-stable": "nixpkgs-stable_2"
}, },
"locked": { "locked": {
"lastModified": 1704596510, "lastModified": 1704908274,
"narHash": "sha256-tupdwwg1WeX2hNMOQrvtyafTaTVty0QC/gQp7yaYJic=", "narHash": "sha256-74W9Yyomv3COGRmKi8zvyA5tL2KLiVkBeaYmYLjXyOw=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "f5fbcc0f50e7fc60c4f806fa7a09abccf0826d8a", "rev": "c0b3a5af90fae3ba95645bbf85d2b64880addd76",
"type": "github" "type": "github"
}, },
"original": { "original": {

View file

@ -9,7 +9,7 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nix-vscode-extensions = { nix-vscode-extensions = {
url = "github:nix-community/nix-vscode-extensions"; url = "github:nix-community/nix-vscode-extensions";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils"; inputs.flake-utils.follows = "flake-utils";
@ -86,7 +86,7 @@
}; };
}; };
}; };
mkNixos = { system, modules, specialArgs ? {}}: nixpkgs.lib.nixosSystem { mkNixos = { system, modules, specialArgs ? { } }: nixpkgs.lib.nixosSystem {
inherit system; inherit system;
specialArgs = specialArgs // { inherit inputs system; }; specialArgs = specialArgs // { inherit inputs system; };
modules = [ modules = [
@ -102,57 +102,65 @@
homeConfigurations = builtins.listToAttrs [ (mkHomeConfiguration "xin" "calcite") ]; homeConfigurations = builtins.listToAttrs [ (mkHomeConfiguration "xin" "calcite") ];
colmenaHive = colmena.lib.makeHive { colmenaHive =
let
deploymentModule = {
deployment.targetUser = "xin";
};
sharedModules = [
self.nixosModules.default
deploymentModule
];
in
colmena.lib.makeHive {
meta = { meta = {
nixpkgs = import nixpkgs { nixpkgs = import nixpkgs {
system = "x86_64-linux"; system = "x86_64-linux";
}; };
machinesFile = ./nixbuild.net; machinesFile = ./nixbuild.net;
specialArgs = { specialArgs = {
inherit inputs; inherit inputs;
}; };
}; };
massicot = { name, nodes, pkgs, ... }: with inputs; { massicot = { name, nodes, pkgs, ... }: with inputs; {
deployment.targetHost = "49.13.13.122"; deployment.targetHost = "49.13.13.122";
deployment.buildOnTarget = true;
imports = [ imports = [
{ nixpkgs.system = "aarch64-linux"; } { nixpkgs.system = "aarch64-linux"; }
self.nixosModules.default machines/massicot
machines/massicot ] ++ sharedModules;
];
}; };
sgp-00 = { name, nodes, pkgs, ... }: with inputs; { sgp-00 = { name, nodes, pkgs, ... }: with inputs; {
imports = [ imports = [
self.nixosModules.default machines/dolomite
machines/dolomite ] ++ sharedModules;
]; nixpkgs.system = "x86_64-linux";
nixpkgs.system = "x86_64-linux"; networking.hostName = "sgp-00";
networking.hostName = "sgp-00"; system.stateVersion = "23.11";
system.stateVersion = "23.11"; deployment = {
deployment = { targetHost = "video.namely.icu";
targetHost = "video.namely.icu"; buildOnTarget = false;
buildOnTarget = false; tags = [ "proxy" ];
tags = [ "proxy" ]; };
};
}; };
tok-00 = { name, nodes, pkgs, ... }: with inputs; { tok-00 = { name, nodes, pkgs, ... }: with inputs; {
imports = [ imports = [
self.nixosModules.default machines/dolomite
machines/dolomite ] ++ sharedModules;
]; nixpkgs.system = "x86_64-linux";
nixpkgs.system = "x86_64-linux"; networking.hostName = "tok-00";
networking.hostName = "tok-00"; system.stateVersion = "23.11";
system.stateVersion = "23.11"; deployment = {
deployment = { targetHost = "video01.namely.icu";
targetHost = "video01.namely.icu"; buildOnTarget = false;
buildOnTarget = false; tags = [ "proxy" ];
tags = [ "proxy" ]; };
};
}; };
}; };
nixosConfigurations = { nixosConfigurations = {
calcite = mkNixos { calcite = mkNixos {
@ -191,7 +199,7 @@
{ {
devShells = { devShells = {
default = pkgs.mkShell { default = pkgs.mkShell {
packages = with pkgs; [ git colmena sops nix-output-monitor ]; packages = with pkgs; [ git colmena sops nix-output-monitor rnix-lsp ];
}; };
}; };
} }

View file

@ -66,12 +66,17 @@
}; };
}; };
services.fail2ban.enable = true; services.fail2ban.enable = true;
programs.mosh.enable = true;
security.sudo = { security.sudo = {
execWheelOnly = true; execWheelOnly = true;
wheelNeedsPassword = false; wheelNeedsPassword = false;
}; };
nix.settings = {
trusted-users = config.users.groups.wheel.members;
};
services.sing-box = let services.sing-box = let
singTls = { singTls = {
enabled = true; enabled = true;

View file

@ -87,8 +87,8 @@
KerberosAuthentication = "no"; KerberosAuthentication = "no";
}; };
}; };
services.fail2ban.enable = true; services.fail2ban.enable = true;
programs.mosh.enable = true;
systemd.services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ]; systemd.services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ];
} }

View file

@ -26,13 +26,13 @@ in
dynamic_padding = true; dynamic_padding = true;
}; };
import = [ import = [
"${config.xdg.configHome}/alacritty/catppuccin-macchiato.yml" "${config.xdg.configHome}/alacritty/catppuccin-macchiato.toml"
]; ];
}; };
}; };
xdg.configFile."alacritty/catppuccin-macchiato.yml".source = builtins.fetchurl { xdg.configFile."alacritty/catppuccin-macchiato.toml".source = builtins.fetchurl {
url = "https://raw.githubusercontent.com/catppuccin/alacritty/main/catppuccin-macchiato.yml"; url = "https://raw.githubusercontent.com/catppuccin/alacritty/main/catppuccin-macchiato.toml";
sha256 = "sha256-+m8FyPStdh1A1xMVBOkHpfcaFPcyVL99tIxHuDZ2zXI="; sha256 = "sha256:1iq187vg64h4rd15b8fv210liqkbzkh8sw04ykq0hgpx20w3qilv";
}; };
}; };
} }