diff --git a/.envrc b/.envrc new file mode 100644 index 0000000..4851bac --- /dev/null +++ b/.envrc @@ -0,0 +1,5 @@ +if ! has nix_direnv_version || ! nix_direnv_version 2.1.0; then + source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/2.1.0/direnvrc" "sha256-FAT2R9yYvVg516v3LiogjIc8YfsbWbMM/itqWsm5xTA=" +fi + +use flake diff --git a/.gitignore b/.gitignore index 3673b9b..cdd60a0 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -configuration.nix -vars-*.nix +result* +.direnv diff --git a/default.nix b/default.nix deleted file mode 100644 index 5aa728d..0000000 --- a/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - imports = [ - ./modules.nix - ./network.nix - ./users.nix - ]; -} diff --git a/disks-home.nix b/disks-home.nix deleted file mode 100644 index 6c20af5..0000000 --- a/disks-home.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, lib, pkgs, ... }: - -#FIXME: komplett anpassen -let - uuids = import ./vars-uuids.nix; -in -{ - fileSystems."/home" = { - device = "/dev/disk/by-uuid/${uuids.fs.home}"; - fsType = "ext4"; - }; -} diff --git a/disks-srv.nix b/disks-srv.nix deleted file mode 100644 index 186f631..0000000 --- a/disks-srv.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ config, lib, pkgs, ... }: -let - uuids = import ./vars-uuids.nix; -in -{ - # FS - fileSystems."/srv" = { - device = "/dev/disk/by-uuid/${uuids.fs.srv}"; - fsType = "ext4"; - }; -} diff --git a/disks.nix b/disks.nix deleted file mode 100644 index c1efd1b..0000000 --- a/disks.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ config, lib, pkgs, ... }: - -#FIXME: komplett anpassen -let - uuids = import ./vars-uuids.nix; -in -{ - boot.initrd.luks.devices."luks-drive" = { - name = "luks-drive"; - device = "/dev/disk/by-partuuid/${uuids.luks.root}"; - preLVM = true; - allowDiscards = true; - }; - - # FS - fileSystems."/" = { - device = "/dev/disk/by-uuid/${uuids.fs.root}"; - fsType = "ext4"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/${uuids.fs.boot}"; - fsType = "vfat"; - }; - - # Swap - swapDevices = [ - { - device = "/dev/disk/by-uuid/${uuids.fs.swap}"; - } - ]; -} diff --git a/extra/default.nix b/extra/default.nix deleted file mode 100644 index bc78160..0000000 --- a/extra/default.nix +++ /dev/null @@ -1,99 +0,0 @@ -{ config, lib, pkgs, ... }: -let - unstable = import { config = { allowUnfree = true; }; }; -in -{ - imports = [ - ./fonts.nix - ./nautilus.nix - ]; - - programs.gnome-disks.enable = true; - services.udisks2.enable = true; - - xdg.mime.enable = true; - - # make gnome settings persistent - programs.dconf.enable = true; - - # gnome services - services.dbus.packages = [ pkgs.dconf ]; - services.udev.packages = [ pkgs.gnome.gnome-settings-daemon ]; - services.gnome.gnome-keyring.enable = true; - - environment.systemPackages = with pkgs; [ - adwaita-qt - arc-icon-theme - arc-kde-theme - arc-theme - evince - firefox-wayland - #geary - ghostwriter - (gimp-with-plugins.override { - plugins = with gimpPlugins; [ - resynthesizer - ]; - }) - glib - gnome.adwaita-icon-theme - gnome.dconf-editor - gnome.eog - gnome.file-roller - gnome.gnome-calendar - gnome.gnome-system-monitor - gnome.simple-scan - keepassxc - keychain - konsole - libnotify - libreoffice - lollypop - unstable.newsflash - numix-cursor-theme - numix-icon-theme - numix-icon-theme-circle - polkit_gnome - qgnomeplatform - rhythmbox - simple-scan - socat - sshuttle - tdesktop - thunderbird - virtmanager - vlc - (mpv-with-scripts.override { - scripts = with mpvScripts; [ - convert - mpris - simple-mpv-webui - sponsorblock - thumbnail - ]; - }) - wayvnc - xdg-utils - zathura - zeal - - # TODO sort them in different files - pdfgrep - physlock - #symlinks - ]; - - # Enable firmware update daemon - services.fwupd.enable = true; - - programs.wireshark.enable = true; - programs.wireshark.package = pkgs.wireshark; - - services.accounts-daemon.enable = true; - - environment.interactiveShellInit = '' - if test `tty` = /dev/tty1; then - exec sway - fi - ''; -} diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..22c14c2 --- /dev/null +++ b/flake.lock @@ -0,0 +1,747 @@ +{ + "nodes": { + "HTTP": { + "flake": false, + "locked": { + "lastModified": 1451647621, + "narHash": "sha256-oHIyw3x0iKBexEo49YeUDV1k74ZtyYKGR2gNJXXRxts=", + "owner": "phadej", + "repo": "HTTP", + "rev": "9bc0996d412fef1787449d841277ef663ad9a915", + "type": "github" + }, + "original": { + "owner": "phadej", + "repo": "HTTP", + "type": "github" + } + }, + "cabal-32": { + "flake": false, + "locked": { + "lastModified": 1603716527, + "narHash": "sha256-sDbrmur9Zfp4mPKohCD8IDZfXJ0Tjxpmr2R+kg5PpSY=", + "owner": "haskell", + "repo": "cabal", + "rev": "94aaa8e4720081f9c75497e2735b90f6a819b08e", + "type": "github" + }, + "original": { + "owner": "haskell", + "ref": "3.2", + "repo": "cabal", + "type": "github" + } + }, + "cabal-34": { + "flake": false, + "locked": { + "lastModified": 1622475795, + "narHash": "sha256-chwTL304Cav+7p38d9mcb+egABWmxo2Aq+xgVBgEb/U=", + "owner": "haskell", + "repo": "cabal", + "rev": "b086c1995cdd616fc8d91f46a21e905cc50a1049", + "type": "github" + }, + "original": { + "owner": "haskell", + "ref": "3.4", + "repo": "cabal", + "type": "github" + } + }, + "cabal-36": { + "flake": false, + "locked": { + "lastModified": 1640163203, + "narHash": "sha256-TwDWP2CffT0j40W6zr0J1Qbu+oh3nsF1lUx9446qxZM=", + "owner": "haskell", + "repo": "cabal", + "rev": "ecf418050c1821f25e2e218f1be94c31e0465df1", + "type": "github" + }, + "original": { + "owner": "haskell", + "ref": "3.6", + "repo": "cabal", + "type": "github" + } + }, + "cardano-shell": { + "flake": false, + "locked": { + "lastModified": 1608537748, + "narHash": "sha256-PulY1GfiMgKVnBci3ex4ptk2UNYMXqGjJOxcPy2KYT4=", + "owner": "input-output-hk", + "repo": "cardano-shell", + "rev": "9392c75087cb9a3d453998f4230930dea3a95725", + "type": "github" + }, + "original": { + "owner": "input-output-hk", + "repo": "cardano-shell", + "type": "github" + } + }, + "cncli": { + "inputs": { + "iohk-nix": "iohk-nix", + "nixpkgs": "nixpkgs", + "rust-nix": "rust-nix", + "utils": "utils" + }, + "locked": { + "lastModified": 1639248048, + "narHash": "sha256-UnXYXcbkvM1K7v5DeJ4XyNZy4ZU7hqOcENy65ICizg8=", + "owner": "AndrewWestberg", + "repo": "cncli", + "rev": "91e61b241d92d30e5ebba1acbe395a4be5186254", + "type": "github" + }, + "original": { + "owner": "AndrewWestberg", + "repo": "cncli", + "type": "github" + } + }, + "deploy": { + "inputs": { + "fenix": [ + "fenix" + ], + "flake-compat": "flake-compat", + "nixpkgs": [ + "fenix", + "nixpkgs" + ], + "utils": "utils_2" + }, + "locked": { + "lastModified": 1645603310, + "narHash": "sha256-/CTQuJzFK8pO2d4S5uKhHwT+QiNfnbCKSx7O2tW0GXQ=", + "owner": "input-output-hk", + "repo": "deploy-rs", + "rev": "feb44f80c634c799a661bf27c5cb4a905640fe93", + "type": "github" + }, + "original": { + "owner": "input-output-hk", + "repo": "deploy-rs", + "type": "github" + } + }, + "fenix": { + "inputs": { + "nixpkgs": "nixpkgs_2", + "rust-analyzer-src": "rust-analyzer-src" + }, + "locked": { + "lastModified": 1654151426, + "narHash": "sha256-8KHHvaduwvobK0rEvy4eM0uEQFu+NbE3BJ9qhgEkm/w=", + "owner": "nix-community", + "repo": "fenix", + "rev": "b2ba32f32e5238b4c6b49f81ff3d82e4dbe7f728", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1627913399, + "narHash": "sha256-hY8g6H2KFL8ownSiFeMOjwPC8P0ueXpCVEbxgda3pko=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "12c64ca55c1014cdc1b16ed5a804aa8576601ff2", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-utils": { + "locked": { + "lastModified": 1653893745, + "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { + "locked": { + "lastModified": 1623875721, + "narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "f7e004a55b120c02ecb6219596820fcd32ca8772", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "ghc-8.6.5-iohk": { + "flake": false, + "locked": { + "lastModified": 1600920045, + "narHash": "sha256-DO6kxJz248djebZLpSzTGD6s8WRpNI9BTwUeOf5RwY8=", + "owner": "input-output-hk", + "repo": "ghc", + "rev": "95713a6ecce4551240da7c96b6176f980af75cae", + "type": "github" + }, + "original": { + "owner": "input-output-hk", + "ref": "release/8.6.5-iohk", + "repo": "ghc", + "type": "github" + } + }, + "hackage": { + "flake": false, + "locked": { + "lastModified": 1643073363, + "narHash": "sha256-66oSXQKEDIOSQ2uKAS9facCX/Zuh/jFgyFDtxEqN9sk=", + "owner": "input-output-hk", + "repo": "hackage.nix", + "rev": "4ef9bd3a32316ce236164c7ebff00ebeb33236e2", + "type": "github" + }, + "original": { + "owner": "input-output-hk", + "repo": "hackage.nix", + "type": "github" + } + }, + "haskellNix": { + "inputs": { + "HTTP": "HTTP", + "cabal-32": "cabal-32", + "cabal-34": "cabal-34", + "cabal-36": "cabal-36", + "cardano-shell": "cardano-shell", + "flake-utils": "flake-utils_2", + "ghc-8.6.5-iohk": "ghc-8.6.5-iohk", + "hackage": "hackage", + "hpc-coveralls": "hpc-coveralls", + "nix-tools": "nix-tools", + "nixpkgs": [ + "haskellNix", + "nixpkgs-2111" + ], + "nixpkgs-2003": "nixpkgs-2003", + "nixpkgs-2105": "nixpkgs-2105", + "nixpkgs-2111": "nixpkgs-2111", + "nixpkgs-unstable": "nixpkgs-unstable", + "old-ghc-nix": "old-ghc-nix", + "stackage": "stackage" + }, + "locked": { + "lastModified": 1643073543, + "narHash": "sha256-g2l/KDWzMRTFRugNVcx3CPZeyA5BNcH9/zDiqFpprB4=", + "owner": "input-output-hk", + "repo": "haskell.nix", + "rev": "14f740c7c8f535581c30b1697018e389680e24cb", + "type": "github" + }, + "original": { + "owner": "input-output-hk", + "repo": "haskell.nix", + "rev": "14f740c7c8f535581c30b1697018e389680e24cb", + "type": "github" + } + }, + "hpc-coveralls": { + "flake": false, + "locked": { + "lastModified": 1607498076, + "narHash": "sha256-8uqsEtivphgZWYeUo5RDUhp6bO9j2vaaProQxHBltQk=", + "owner": "sevanspowell", + "repo": "hpc-coveralls", + "rev": "14df0f7d229f4cd2e79f8eabb1a740097fdfa430", + "type": "github" + }, + "original": { + "owner": "sevanspowell", + "repo": "hpc-coveralls", + "type": "github" + } + }, + "iohk-nix": { + "flake": false, + "locked": { + "lastModified": 1615911315, + "narHash": "sha256-3GiYZendBOpHfgDkfBI/GJfhJ3hOdd/fDq8VWSMdtng=", + "owner": "input-output-hk", + "repo": "iohk-nix", + "rev": "bc4216c5b0e14dbde5541763f4952f99c3c712fa", + "type": "github" + }, + "original": { + "owner": "input-output-hk", + "repo": "iohk-nix", + "type": "github" + } + }, + "lowdown-src": { + "flake": false, + "locked": { + "lastModified": 1633514407, + "narHash": "sha256-Dw32tiMjdK9t3ETl5fzGrutQTzh2rufgZV4A/BbxuD4=", + "owner": "kristapsdz", + "repo": "lowdown", + "rev": "d2c2b44ff6c27b936ec27358a2653caaef8f73b8", + "type": "github" + }, + "original": { + "owner": "kristapsdz", + "repo": "lowdown", + "type": "github" + } + }, + "nix": { + "inputs": { + "lowdown-src": "lowdown-src", + "nixpkgs": "nixpkgs_3", + "nixpkgs-regression": "nixpkgs-regression" + }, + "locked": { + "lastModified": 1650397666, + "narHash": "sha256-gWYNlEyleqkPfxtGXeq6ggjzJwcXJVdieJxA1Obly9s=", + "owner": "NixOS", + "repo": "nix", + "rev": "69c6fb12eea414382f0b945c0d6c574c43c7c9a3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "2.8.0", + "repo": "nix", + "type": "github" + } + }, + "nix-tools": { + "flake": false, + "locked": { + "lastModified": 1636018067, + "narHash": "sha256-ng306fkuwr6V/malWtt3979iAC4yMVDDH2ViwYB6sQE=", + "owner": "input-output-hk", + "repo": "nix-tools", + "rev": "ed5bd7215292deba55d6ab7a4e8c21f8b1564dda", + "type": "github" + }, + "original": { + "owner": "input-output-hk", + "repo": "nix-tools", + "type": "github" + } + }, + "nixos-hardware": { + "locked": { + "lastModified": 1654057797, + "narHash": "sha256-mXo7C4v7Jj2feBzcReu1Eu/3Rnw5b023E9kOyFsHZQw=", + "owner": "NixOS", + "repo": "nixos-hardware", + "rev": "0cab18a48de7914ef8cad35dca0bb36868f3e1af", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixos-hardware", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1615797423, + "narHash": "sha256-5NGDZXPQzuoxf/42NiyC9YwwhwzfMfIRrz3aT0XHzSc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "266dc8c3d052f549826ba246d06787a219533b8f", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-2003": { + "locked": { + "lastModified": 1620055814, + "narHash": "sha256-8LEHoYSJiL901bTMVatq+rf8y7QtWuZhwwpKE2fyaRY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "1db42b7fe3878f3f5f7a4f2dc210772fd080e205", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-20.03-darwin", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-2105": { + "locked": { + "lastModified": 1640283157, + "narHash": "sha256-6Ddfop+rKE+Gl9Tjp9YIrkfoYPzb8F80ergdjcq3/MY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "dde1557825c5644c869c5efc7448dc03722a8f09", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-21.05-darwin", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-2111": { + "locked": { + "lastModified": 1640283207, + "narHash": "sha256-SCwl7ZnCfMDsuSYvwIroiAlk7n33bW8HFfY8NvKhcPA=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "64c7e3388bbd9206e437713351e814366e0c3284", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-21.11-darwin", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-21_11": { + "locked": { + "lastModified": 1653819578, + "narHash": "sha256-a1vaUl6VZz1NsWxMw0i5lRyHIOVUIuMZdQzV+4s+rY8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "baa82d4b626288c7439eeea073a18aabbe435991", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "release-21.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-22_05": { + "locked": { + "lastModified": 1653822412, + "narHash": "sha256-xZwMDQ8MdNiTwE8dcKAX1h3qCmLtuudNGxmFUX3xIes=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "db78278ff296cf21eca7e8c08ee99707387a54fa", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "release-22.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-regression": { + "locked": { + "lastModified": 1643052045, + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "indirect" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1641285291, + "narHash": "sha256-KYaOBNGar3XWTxTsYPr9P6u74KAqNq0wobEC236U+0c=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "0432195a4b8d68faaa7d3d4b355260a3120aeeae", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable_2": { + "locked": { + "lastModified": 1653931853, + "narHash": "sha256-O3wncIouj9x7gBPntzHeK/Hkmm9M1SGlYq7JI7saTAE=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "f1c167688a6f81f4a51ab542e5f476c8c595e457", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-unstable", + "type": "indirect" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1653931853, + "narHash": "sha256-O3wncIouj9x7gBPntzHeK/Hkmm9M1SGlYq7JI7saTAE=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "f1c167688a6f81f4a51ab542e5f476c8c595e457", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1645296114, + "narHash": "sha256-y53N7TyIkXsjMpOG7RhvqJFGDacLs9HlyHeSTBioqYU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "530a53dcbc9437363471167a5e4762c5fcfa34a1", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-21.05-small", + "type": "indirect" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1654005557, + "narHash": "sha256-J6elwUzPoco+r5qWPHhvS2EHVWomUtNcxzkfdAQOwEU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "08950a6e29cf7bddee466592eb790a417550f7f9", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-22.05", + "type": "indirect" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1623423544, + "narHash": "sha256-3b6CdnlUBXb2M5F7vLQ/DVRmpu31YDo1wthdybF46Dc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "5707a8efadbd9a2bfe5aa663555c62ba2933cc81", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "old-ghc-nix": { + "flake": false, + "locked": { + "lastModified": 1631092763, + "narHash": "sha256-sIKgO+z7tj4lw3u6oBZxqIhDrzSkvpHtv0Kki+lh9Fg=", + "owner": "angerman", + "repo": "old-ghc-nix", + "rev": "af48a7a7353e418119b6dfe3cd1463a657f342b8", + "type": "github" + }, + "original": { + "owner": "angerman", + "ref": "master", + "repo": "old-ghc-nix", + "type": "github" + } + }, + "root": { + "inputs": { + "cncli": "cncli", + "deploy": "deploy", + "fenix": "fenix", + "flake-utils": "flake-utils", + "haskellNix": "haskellNix", + "nix": "nix", + "nixos-hardware": "nixos-hardware", + "nixpkgs": "nixpkgs_4", + "nixpkgs-unstable": "nixpkgs-unstable_2", + "sops-nix": "sops-nix", + "styx": "styx" + } + }, + "rust-analyzer-src": { + "flake": false, + "locked": { + "lastModified": 1654111402, + "narHash": "sha256-bPLg3p6gJ23uSC4IaYtIWj/fG6uUNHPM3xG9k2vtcZE=", + "owner": "rust-lang", + "repo": "rust-analyzer", + "rev": "6f7c5589abfc93fbdfc071cc2716d1ea7b527e2e", + "type": "github" + }, + "original": { + "owner": "rust-lang", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, + "rust-nix": { + "inputs": { + "nixpkgs": [ + "cncli", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1614256663, + "narHash": "sha256-cFew8eXUJfmlaLh4f3Z+TxAAo2Syh2xWB/3Xa/Ebd70=", + "owner": "input-output-hk", + "repo": "rust.nix", + "rev": "e2d4e8e5225739c4607614f98f60d2667c794558", + "type": "github" + }, + "original": { + "owner": "input-output-hk", + "ref": "work", + "repo": "rust.nix", + "type": "github" + } + }, + "sops-nix": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-21_11": "nixpkgs-21_11", + "nixpkgs-22_05": "nixpkgs-22_05" + }, + "locked": { + "lastModified": 1653827546, + "narHash": "sha256-va51HFf7UwktvriIbe9pjRPMr7p8IaxrwcDlZe7twzI=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "36b5901782e7fbfc191cace910f67f8b8743f678", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, + "stackage": { + "flake": false, + "locked": { + "lastModified": 1643073493, + "narHash": "sha256-5cPd1+i/skvJY9vJO1BhVRPcJObqkxDSywBEppDmb1U=", + "owner": "input-output-hk", + "repo": "stackage.nix", + "rev": "48e1188855ca38f3b7e2a8dba5352767a2f0a8f7", + "type": "github" + }, + "original": { + "owner": "input-output-hk", + "repo": "stackage.nix", + "type": "github" + } + }, + "styx": { + "inputs": { + "nixpkgs": "nixpkgs_5", + "utils": "utils_3" + }, + "locked": { + "lastModified": 1642573301, + "narHash": "sha256-djXJRQc5RUKqoCSaHPCDbV4eenmSWjFtwPTbSLKDGUI=", + "owner": "disassembler", + "repo": "styx", + "rev": "eb640d08e62658e9252d334f5e2d3f3432ca36ad", + "type": "github" + }, + "original": { + "owner": "disassembler", + "repo": "styx", + "type": "github" + } + }, + "utils": { + "locked": { + "lastModified": 1613500319, + "narHash": "sha256-ybAq6pImFCSnwyhhmnnvV567JM4GuhCEG/PHBkSS86U=", + "owner": "kreisys", + "repo": "flake-utils", + "rev": "28e72370213c9bc2cf094ab07b8ac95f3c6bb60f", + "type": "github" + }, + "original": { + "owner": "kreisys", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_2": { + "locked": { + "lastModified": 1637014545, + "narHash": "sha256-26IZAc5yzlD9FlDT54io1oqG/bBoyka+FJk5guaX4x4=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "bba5dcc8e0b20ab664967ad83d24d64cb64ec4f4", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_3": { + "locked": { + "lastModified": 1623875721, + "narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "f7e004a55b120c02ecb6219596820fcd32ca8772", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..31d62ce --- /dev/null +++ b/flake.nix @@ -0,0 +1,22 @@ +{ + description = "NixOS configuration"; + inputs = { + flake-utils.url = "github:numtide/flake-utils"; + + nix.url = "github:NixOS/nix/2.8.0"; + nixpkgs.url = "nixpkgs/nixos-22.05"; + nixpkgs-unstable.url = "nixpkgs/nixos-unstable"; + + haskellNix.url = "github:input-output-hk/haskell.nix/14f740c7c8f535581c30b1697018e389680e24cb"; + cncli.url = "github:AndrewWestberg/cncli"; + nixos-hardware.url = "github:NixOS/nixos-hardware"; + deploy.url = "github:input-output-hk/deploy-rs"; + deploy.inputs.nixpkgs.follows = "fenix/nixpkgs"; + deploy.inputs.fenix.follows = "fenix"; + sops-nix.url = "github:Mic92/sops-nix"; + fenix.url = "github:nix-community/fenix"; + sops-nix.inputs.nixpkgs.follows = "nixpkgs"; + styx.url = "github:disassembler/styx"; + }; + outputs = { ... } @ args: import ./outputs.nix args; +} diff --git a/helpers.sh b/legacy/helpers.sh similarity index 100% rename from helpers.sh rename to legacy/helpers.sh diff --git a/install-thinkman.sh b/legacy/install-desktop.nix similarity index 82% rename from install-thinkman.sh rename to legacy/install-desktop.nix index 81edbb6..d4954ad 100644 --- a/install-thinkman.sh +++ b/legacy/install-desktop.nix @@ -19,7 +19,6 @@ ask_if_sure mp_umount / ################################################################################################ -echo "Starting Root SSD" lvm_remove_lv /dev/vg_root/lv_root lvm_remove_lv /dev/vg_root/lv_home @@ -39,6 +38,8 @@ sgdisk \ --largest-new=3 -c 3:"Crypt" -t 3:8309 \ -p +sleep 3 + cryptsetup luksFormat "${DRIVE_ROOT}${PARTSEP}3" cryptsetup luksOpen --allow-discards "${DRIVE_ROOT}${PARTSEP}3" "$(basename "${DRIVE_ROOT_LUKS}")" @@ -68,19 +69,4 @@ ssh-keygen -t rsa -N "" -f "${CHROOT_BASE}/etc/secrets/initrd/ssh_host_rsa_k mkdir -p "${CHROOT_BASE}/etc/nixos/" rsync -avH "${NIXOS_FILES}/" "${CHROOT_BASE}/etc/nixos/" -cat >> "${CHROOT_BASE}/etc/nixos/vars-uuids.nix" <> "${CHROOT_BASE}/etc/nixos/vars-uuids.nix" < { config = { allowUnfree = true; }; }; -in { environment.systemPackages = with pkgs; [ arduino diff --git a/extra/development.nix b/nixos/modules/development.nix similarity index 89% rename from extra/development.nix rename to nixos/modules/development.nix index 7e6271b..22ba3e7 100644 --- a/extra/development.nix +++ b/nixos/modules/development.nix @@ -1,7 +1,4 @@ { config, pkgs, ... }: -let - unstable = import { config = { allowUnfree = true; }; }; -in { environment.systemPackages = with pkgs; [ # rust diff --git a/extra/docker.nix b/nixos/modules/docker.nix similarity index 100% rename from extra/docker.nix rename to nixos/modules/docker.nix diff --git a/extra/filesystem.nix b/nixos/modules/filesystem.nix similarity index 100% rename from extra/filesystem.nix rename to nixos/modules/filesystem.nix diff --git a/extra/fonts.nix b/nixos/modules/fonts.nix similarity index 100% rename from extra/fonts.nix rename to nixos/modules/fonts.nix diff --git a/extra/gaming.nix b/nixos/modules/gaming.nix similarity index 100% rename from extra/gaming.nix rename to nixos/modules/gaming.nix diff --git a/extra/hardware-base.nix b/nixos/modules/hardware-base.nix similarity index 100% rename from extra/hardware-base.nix rename to nixos/modules/hardware-base.nix diff --git a/extra/intel-video.nix b/nixos/modules/intel-video.nix similarity index 100% rename from extra/intel-video.nix rename to nixos/modules/intel-video.nix diff --git a/extra/intel.nix b/nixos/modules/intel.nix similarity index 100% rename from extra/intel.nix rename to nixos/modules/intel.nix diff --git a/extra/kvm.nix b/nixos/modules/kvm.nix similarity index 100% rename from extra/kvm.nix rename to nixos/modules/kvm.nix diff --git a/extra/location.nix b/nixos/modules/location.nix similarity index 100% rename from extra/location.nix rename to nixos/modules/location.nix diff --git a/extra/media.nix b/nixos/modules/media.nix similarity index 100% rename from extra/media.nix rename to nixos/modules/media.nix diff --git a/extra/meeting.nix b/nixos/modules/meeting.nix similarity index 100% rename from extra/meeting.nix rename to nixos/modules/meeting.nix diff --git a/modules.nix b/nixos/modules/modules.nix similarity index 100% rename from modules.nix rename to nixos/modules/modules.nix diff --git a/extra/nautilus.nix b/nixos/modules/nautilus.nix similarity index 100% rename from extra/nautilus.nix rename to nixos/modules/nautilus.nix diff --git a/network.nix b/nixos/modules/network.nix similarity index 100% rename from network.nix rename to nixos/modules/network.nix diff --git a/extra/networkdecrypt.nix b/nixos/modules/networkdecrypt.nix similarity index 100% rename from extra/networkdecrypt.nix rename to nixos/modules/networkdecrypt.nix diff --git a/extra/nix.nix b/nixos/modules/nix.nix similarity index 100% rename from extra/nix.nix rename to nixos/modules/nix.nix diff --git a/extra/power.nix b/nixos/modules/power.nix similarity index 100% rename from extra/power.nix rename to nixos/modules/power.nix diff --git a/extra/presentation.nix b/nixos/modules/presentation.nix similarity index 100% rename from extra/presentation.nix rename to nixos/modules/presentation.nix diff --git a/extra/printer.nix b/nixos/modules/printer.nix similarity index 100% rename from extra/printer.nix rename to nixos/modules/printer.nix diff --git a/extra/screen-sharing.nix b/nixos/modules/screen-sharing.nix similarity index 100% rename from extra/screen-sharing.nix rename to nixos/modules/screen-sharing.nix diff --git a/extra/security.nix b/nixos/modules/security.nix similarity index 100% rename from extra/security.nix rename to nixos/modules/security.nix diff --git a/extra/sound.nix b/nixos/modules/sound.nix similarity index 100% rename from extra/sound.nix rename to nixos/modules/sound.nix diff --git a/extra/ssh.nix b/nixos/modules/ssh.nix similarity index 100% rename from extra/ssh.nix rename to nixos/modules/ssh.nix diff --git a/sway.nix b/nixos/modules/sway.nix similarity index 100% rename from sway.nix rename to nixos/modules/sway.nix diff --git a/extra/sync.nix b/nixos/modules/sync.nix similarity index 100% rename from extra/sync.nix rename to nixos/modules/sync.nix diff --git a/extra/systemd-user.nix b/nixos/modules/systemd-user.nix similarity index 100% rename from extra/systemd-user.nix rename to nixos/modules/systemd-user.nix diff --git a/extra/systemduefi.nix b/nixos/modules/systemduefi.nix similarity index 100% rename from extra/systemduefi.nix rename to nixos/modules/systemduefi.nix diff --git a/extra/tex.nix b/nixos/modules/tex.nix similarity index 100% rename from extra/tex.nix rename to nixos/modules/tex.nix diff --git a/extra/theme.nix b/nixos/modules/theme.nix similarity index 100% rename from extra/theme.nix rename to nixos/modules/theme.nix diff --git a/extra/thunderbolt.nix b/nixos/modules/thunderbolt.nix similarity index 100% rename from extra/thunderbolt.nix rename to nixos/modules/thunderbolt.nix diff --git a/users.nix b/nixos/modules/users.nix similarity index 100% rename from users.nix rename to nixos/modules/users.nix diff --git a/extra/webapps/bazarr.nix b/nixos/modules/webapps/bazarr.nix similarity index 100% rename from extra/webapps/bazarr.nix rename to nixos/modules/webapps/bazarr.nix diff --git a/modules/webapps/default.nix b/nixos/modules/webapps/config.nix similarity index 100% rename from modules/webapps/default.nix rename to nixos/modules/webapps/config.nix diff --git a/extra/webapps/homer.nix b/nixos/modules/webapps/homer.nix similarity index 100% rename from extra/webapps/homer.nix rename to nixos/modules/webapps/homer.nix diff --git a/extra/webapps/jellyfin.nix b/nixos/modules/webapps/jellyfin.nix similarity index 100% rename from extra/webapps/jellyfin.nix rename to nixos/modules/webapps/jellyfin.nix diff --git a/extra/webapps/navidrome.nix b/nixos/modules/webapps/navidrome.nix similarity index 100% rename from extra/webapps/navidrome.nix rename to nixos/modules/webapps/navidrome.nix diff --git a/extra/webapps/prowlarr.nix b/nixos/modules/webapps/prowlarr.nix similarity index 100% rename from extra/webapps/prowlarr.nix rename to nixos/modules/webapps/prowlarr.nix diff --git a/extra/webapps/radarr.nix b/nixos/modules/webapps/radarr.nix similarity index 100% rename from extra/webapps/radarr.nix rename to nixos/modules/webapps/radarr.nix diff --git a/extra/webapps/sonarr.nix b/nixos/modules/webapps/sonarr.nix similarity index 100% rename from extra/webapps/sonarr.nix rename to nixos/modules/webapps/sonarr.nix diff --git a/extra/webcam.nix b/nixos/modules/webcam.nix similarity index 100% rename from extra/webcam.nix rename to nixos/modules/webcam.nix diff --git a/backup.nix b/nixos/serverle/backup.nix similarity index 100% rename from backup.nix rename to nixos/serverle/backup.nix diff --git a/nixos/serverle/configuration.nix b/nixos/serverle/configuration.nix new file mode 100644 index 0000000..195ba40 --- /dev/null +++ b/nixos/serverle/configuration.nix @@ -0,0 +1,43 @@ +{ config, ... }: +{ + imports = [ + ./hardware-configuration.nix + ./disks.nix + ./backup.nix + ../modules/3d-printer.nix + ../modules/avahi.nix + ../modules/compression.nix + ../modules/development.nix + ../modules/docker.nix + ./dyndns.nix + ../modules/networkdecrypt.nix + ../modules/nix.nix + ../modules/ssh.nix + ../modules/webapps/config.nix + ../modules/webapps/bazarr.nix + ../modules/webapps/homer.nix + ../modules/webapps/jellyfin.nix + ../modules/webapps/navidrome.nix + ../modules/webapps/prowlarr.nix + ../modules/webapps/radarr.nix + ../modules/webapps/sonarr.nix + ]; + networking.hostName = "serverle"; + + #environment.noXlibs = true; + + networking.firewall.allowedTCPPorts = [ + 8080 # aria + ]; + + # Nix + nix.gc = { + automatic = true; + options = "--delete-older-than 30d"; + }; + + system = { + stateVersion = "21.11"; + autoUpgrade.enable = true; + }; +} diff --git a/nixos/serverle/disks.nix b/nixos/serverle/disks.nix new file mode 100644 index 0000000..85a7f05 --- /dev/null +++ b/nixos/serverle/disks.nix @@ -0,0 +1,30 @@ +{ config, lib, pkgs, ... }: + +{ + boot.initrd.luks.devices."luks-drive" = { + name = "luks-drive"; + device = "/dev/sda"; + preLVM = true; + allowDiscards = true; + }; + + fileSystems."/" = { + device = "/dev/disk/by-label/serverle-root"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-label/serverle-bo"; + fsType = "vfat"; + }; + + fileSystems."/srv" = { + device = "/dev/disk/by-label/serverle-srv"; + fsType = "ext4"; + }; + + swapDevices = [{ + device = "/dev/disk/by-label/serverle-swap"; + }]; +} + diff --git a/extra/dyndns.nix b/nixos/serverle/dyndns.nix similarity index 87% rename from extra/dyndns.nix rename to nixos/serverle/dyndns.nix index a0151a1..432a1a8 100644 --- a/extra/dyndns.nix +++ b/nixos/serverle/dyndns.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: let - cfg = import ../vars-dyndns.nix; + cfg = import ./vars-dyndns.nix; in { services.ddclient = { diff --git a/hardware/raspberrypi4.nix b/nixos/serverle/hardware-configuration.nix similarity index 100% rename from hardware/raspberrypi4.nix rename to nixos/serverle/hardware-configuration.nix diff --git a/nixos/serverle/vars-backup.nix b/nixos/serverle/vars-backup.nix new file mode 100644 index 0000000..64a39e7 --- /dev/null +++ b/nixos/serverle/vars-backup.nix @@ -0,0 +1,7 @@ +{ + borg = { + user = "u181505-sub1"; + host = "u181505-sub1.your-storagebox.de"; + dir = "serverle/"; + }; +} diff --git a/nixos/serverle/vars-dyndns.nix b/nixos/serverle/vars-dyndns.nix new file mode 100644 index 0000000..f74abea --- /dev/null +++ b/nixos/serverle/vars-dyndns.nix @@ -0,0 +1,7 @@ +{ + dyndns = { + server = "dyndns.inwx.com"; + username = "Stunkymonkey-dyndns"; + domains = [ "serverle.stunkymonkey.de" ]; + }; +} diff --git a/nixos/thinkman/backup.nix b/nixos/thinkman/backup.nix new file mode 100644 index 0000000..96cbf74 --- /dev/null +++ b/nixos/thinkman/backup.nix @@ -0,0 +1,75 @@ +{ config, lib, pkgs, ... }: +let + cfg = import ./vars-backup.nix; + borgbackupMonitor = { config, pkgs, lib, ... }: with lib; { + key = "borgbackupMonitor"; + _file = "borgbackupMonitor"; + config.systemd.services = { + "notify-problems@" = { + enable = true; + serviceConfig.User = "felix"; + environment.SERVICE = "%i"; + script = '' + export $(cat /proc/$(${pkgs.procps}/bin/pgrep -x "sway" -u "$USER")/environ |grep -z '^DBUS_SESSION_BUS_ADDRESS=') + ${pkgs.libnotify}/bin/notify-send -u critical "$SERVICE FAILED!" "Run journalctl -u $SERVICE for details" + ''; + }; + } // flip mapAttrs' config.services.borgbackup.jobs (name: value: + nameValuePair "borgbackup-job-${name}" { + unitConfig.OnFailure = "notify-problems@%i.service"; + } + ); + }; + +in +{ + # notification + imports = [ + borgbackupMonitor + ]; + + services.borgbackup.jobs.hetzner = { + paths = [ + "/" + ]; + exclude = [ + "/nix" + "/sys" + "/run" + "/proc" + "/root/.cache/" + "**/.Trash" + "/tmp/*" + "/var/lock/*" + "/var/run/*" + "/var/tmp/*" + "/home/*/tmp" + "/home/*/todo" + "/home/*/.cache" + "/home/*/.gvfs" + "/home/*/.thumbnails" + "/home/*/.local/share/Trash" + "/srv/data/tmp" + "/srv/data/todo" + ]; + extraCreateArgs = "--exclude-caches --keep-exclude-tags --stats"; + encryption = { + mode = "repokey-blake2"; + passCommand = "cat /root/.borg_password"; + }; + environment.BORG_RSH = "ssh -o 'StrictHostKeyChecking=no' -i /root/.ssh/backup_ed25519 -p 23"; + repo = "${cfg.borg.user}@${cfg.borg.host}:${cfg.borg.dir}"; + compression = "auto,zstd"; + doInit = false; + startAt = "daily"; + persistentTimer = true; + prune.keep = { + last = 1; + within = "3d"; + daily = 7; + weekly = 4; + monthly = 6; + yearly = 2; + }; + }; +} diff --git a/nixos/thinkman/configuration.nix b/nixos/thinkman/configuration.nix new file mode 100644 index 0000000..861abd1 --- /dev/null +++ b/nixos/thinkman/configuration.nix @@ -0,0 +1,62 @@ +{ config, pkgs, lib, ... }: +{ + imports = [ + ./disks.nix + ./hardware-configuration.nix + ../modules/sway.nix + ./backup.nix + ../modules/3d-design.nix + ../modules/android.nix + ../modules/avahi.nix + ../modules/bluetooth-audio.nix + ../modules/clean.nix + ../modules/compression.nix + ../modules/desktop-development.nix + ../modules/development.nix + ../modules/docker.nix + ../modules/filesystem.nix + ../modules/gaming.nix + ../modules/hardware-base.nix + ../modules/intel-video.nix + ../modules/intel.nix + ../modules/kvm.nix + ../modules/location.nix + ../modules/media.nix + ../modules/meeting.nix + ../modules/nix.nix + ../modules/power.nix + ../modules/presentation.nix + ../modules/printer.nix + ../modules/screen-sharing.nix + ../modules/sound.nix + ../modules/sync.nix + ../modules/systemd-user.nix + ../modules/systemduefi.nix + ../modules/tex.nix + ../modules/theme.nix + ../modules/thunderbolt.nix + ../modules/webcam.nix + ]; + + networking.hostName = "thinkman"; + + # Use latest kernel + boot.kernelPackages = pkgs.linuxPackages_latest; + + # Nix + nix = { + autoOptimiseStore = true; + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + daemonCPUSchedPolicy = "idle"; + daemonIOSchedPriority = 7; + }; + + system = { + stateVersion = "22.05"; + autoUpgrade.enable = true; + }; +} diff --git a/nixos/thinkman/disks.nix b/nixos/thinkman/disks.nix new file mode 100644 index 0000000..caf84ae --- /dev/null +++ b/nixos/thinkman/disks.nix @@ -0,0 +1,30 @@ +{ config, lib, pkgs, ... }: + +{ + boot.initrd.luks.devices."luks-drive" = { + name = "luks-drive"; + device = "/dev/nvme0"; + preLVM = true; + allowDiscards = true; + }; + + fileSystems."/" = { + device = "/dev/disk/by-label/thinkman-root"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-label/thinkman-bo"; + fsType = "vfat"; + }; + + fileSystems."/home" = { + device = "/dev/disk/by-label/thinkman-home"; + fsType = "ext4"; + }; + + swapDevices = [{ + device = "/dev/disk/by-label/thinkman-swap"; + }]; +} + diff --git a/hardware/t14.nix b/nixos/thinkman/hardware-configuration.nix similarity index 100% rename from hardware/t14.nix rename to nixos/thinkman/hardware-configuration.nix diff --git a/nixos/thinkman/vars-backup.nix b/nixos/thinkman/vars-backup.nix new file mode 100644 index 0000000..1eca17c --- /dev/null +++ b/nixos/thinkman/vars-backup.nix @@ -0,0 +1,7 @@ +{ + borg = { + user = "u181505-sub1"; + host = "u181505-sub1.your-storagebox.de"; + dir = "thinkman/"; + }; +} diff --git a/outputs.nix b/outputs.nix new file mode 100644 index 0000000..efb0e30 --- /dev/null +++ b/outputs.nix @@ -0,0 +1,28 @@ +{ self +, flake-utils +, nixpkgs +, nixpkgs-unstable +, sops-nix +, deploy +, ... +} @ inputs: +(flake-utils.lib.eachDefaultSystem (system: + let + pkgs = nixpkgs.legacyPackages."${system}"; + in + { + devShell = pkgs.callPackage ./shell.nix { + inherit (sops-nix.packages."${pkgs.system}") sops-import-keys-hook ssh-to-pgp sops-init-gpg-key; + inherit (deploy.packages."${pkgs.system}") deploy-rs; + }; + })) // { + nixosConfigurations = import ./nixos/configurations.nix (inputs // { + inherit inputs; + }); + deploy = import ./nixos/deploy.nix (inputs // { + inherit inputs; + }); + + hydraJobs = nixpkgs.lib.mapAttrs' (name: config: nixpkgs.lib.nameValuePair "nixos-${name}" config.config.system.build.toplevel) self.nixosConfigurations; + checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy.lib; +} diff --git a/serverle.nix b/serverle.nix deleted file mode 100644 index 0a67e4f..0000000 --- a/serverle.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ config, ... }: -{ - imports = [ - ./backup.nix - ./default.nix - ./core.nix - ./disks.nix - ./disks-srv.nix - ./users.nix - ./extra/3d-printer.nix - ./extra/avahi.nix - ./extra/compression.nix - ./extra/development.nix - ./extra/docker.nix - ./extra/dyndns.nix - ./extra/networkdecrypt.nix - ./extra/nix.nix - ./extra/ssh.nix - ./modules/webapps - ./extra/webapps/bazarr.nix - ./extra/webapps/homer.nix - ./extra/webapps/jellyfin.nix - ./extra/webapps/navidrome.nix - ./extra/webapps/prowlarr.nix - ./extra/webapps/radarr.nix - ./extra/webapps/sonarr.nix - ./hardware/raspberrypi4.nix - ]; - networking.hostName = "serverle"; - - #environment.noXlibs = true; - - networking.firewall.allowedTCPPorts = [ - 8080 # aria - ]; - - # Nix - nix.gc = { - automatic = true; - options = "--delete-older-than 30d"; - }; - - system = { - stateVersion = "21.11"; - autoUpgrade.enable = true; - }; -} diff --git a/shell.nix b/shell.nix new file mode 100644 index 0000000..a016020 --- /dev/null +++ b/shell.nix @@ -0,0 +1,26 @@ +{ mkShell +, sops-import-keys-hook +, ssh-to-pgp +, sops-init-gpg-key +, sops +, deploy-rs +, nixpkgs-fmt +, knot-dns +, lefthook +, python3 +}: + +mkShell { + sopsPGPKeyDirs = [ "./nixos/secrets/keys" ]; + nativeBuildInputs = [ + python3.pkgs.invoke + ssh-to-pgp + sops-import-keys-hook + sops-init-gpg-key + sops + deploy-rs + nixpkgs-fmt + lefthook + knot-dns + ]; +} diff --git a/thinkman.nix b/thinkman.nix deleted file mode 100644 index a39c8c9..0000000 --- a/thinkman.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ config, pkgs, lib, ... }: -{ - imports = [ - ./backup.nix - ./core.nix - ./default.nix - ./disks.nix - ./disks-home.nix - ./sway.nix - ./extra/3d-design.nix - ./extra/android.nix - ./extra/avahi.nix - ./extra/bluetooth-audio.nix - ./extra/clean.nix - ./extra/compression.nix - ./extra/default.nix - ./extra/desktop-development.nix - ./extra/development.nix - ./extra/docker.nix - ./extra/filesystem.nix - ./extra/gaming.nix - ./extra/hardware-base.nix - ./extra/intel-video.nix - ./extra/intel.nix - ./extra/kvm.nix - ./extra/location.nix - ./extra/media.nix - ./extra/meeting.nix - ./extra/nix.nix - ./extra/power.nix - ./extra/presentation.nix - ./extra/printer.nix - ./extra/screen-sharing.nix - ./extra/sound.nix - ./extra/sync.nix - ./extra/systemd-user.nix - ./extra/systemduefi.nix - ./extra/tex.nix - ./extra/theme.nix - ./extra/thunderbolt.nix - ./extra/webcam.nix - ./hardware/t14.nix - ]; - - networking.hostName = "thinkman"; - - # Use latest kernel - boot.kernelPackages = pkgs.linuxPackages_latest; - - # Nix - nix = { - autoOptimiseStore = true; - gc = { - automatic = true; - dates = "weekly"; - options = "--delete-older-than 30d"; - }; - daemonCPUSchedPolicy = "idle"; - daemonIOSchedPriority = 7; - }; - - system = { - stateVersion = "22.05"; - autoUpgrade.enable = true; - }; -}