felix/nixos
1
0
Fork 0
mirror of https://github.com/Stunkymonkey/nixos.git synced 2025-05-24 09:54:40 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

refactor: use flakes with deploy-rs & nixos-hardware

Browse source
This commit is contained in:
Felix Buehler 2022-06-03 17:47:16 +02:00
parent b1ef65594a
commit d17c2b69a0
81 changed files with 1179 additions and 317 deletions
Download patch file Download diff file Expand all files Collapse all files

5
.envrc Normal file
View file

@ -0,0 +1,5 @@
if ! has nix_direnv_version || ! nix_direnv_version 2.1.0; then
source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/2.1.0/direnvrc" "sha256-FAT2R9yYvVg516v3LiogjIc8YfsbWbMM/itqWsm5xTA="
fi
use flake

4
.gitignore vendored
View file

@ -1,2 +1,2 @@
configuration.nix result*
vars-*.nix .direnv

9
default.nix
View file

@ -1,9 +0,0 @@
{ config, lib, pkgs, ... }:
{
imports = [
./modules.nix
./network.nix
./users.nix
];
}

12
disks-home.nix
View file

@ -1,12 +0,0 @@
{ config, lib, pkgs, ... }:
#FIXME: komplett anpassen
let
uuids = import ./vars-uuids.nix;
in
{
fileSystems."/home" = {
device = "/dev/disk/by-uuid/${uuids.fs.home}";
fsType = "ext4";
};
}

11
disks-srv.nix
View file

@ -1,11 +0,0 @@
{ config, lib, pkgs, ... }:
let
uuids = import ./vars-uuids.nix;
in
{
# FS
fileSystems."/srv" = {
device = "/dev/disk/by-uuid/${uuids.fs.srv}";
fsType = "ext4";
};
}

32
disks.nix
View file

@ -1,32 +0,0 @@
{ config, lib, pkgs, ... }:
#FIXME: komplett anpassen
let
uuids = import ./vars-uuids.nix;
in
{
boot.initrd.luks.devices."luks-drive" = {
name = "luks-drive";
device = "/dev/disk/by-partuuid/${uuids.luks.root}";
preLVM = true;
allowDiscards = true;
};
# FS
fileSystems."/" = {
device = "/dev/disk/by-uuid/${uuids.fs.root}";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/${uuids.fs.boot}";
fsType = "vfat";
};
# Swap
swapDevices = [
{
device = "/dev/disk/by-uuid/${uuids.fs.swap}";
}
];
}

99
extra/default.nix
View file

@ -1,99 +0,0 @@
{ config, lib, pkgs, ... }:
let
unstable = import <nixos-unstable> { config = { allowUnfree = true; }; };
in
{
imports = [
./fonts.nix
./nautilus.nix
];
programs.gnome-disks.enable = true;
services.udisks2.enable = true;
xdg.mime.enable = true;
# make gnome settings persistent
programs.dconf.enable = true;
# gnome services
services.dbus.packages = [ pkgs.dconf ];
services.udev.packages = [ pkgs.gnome.gnome-settings-daemon ];
services.gnome.gnome-keyring.enable = true;
environment.systemPackages = with pkgs; [
adwaita-qt
arc-icon-theme
arc-kde-theme
arc-theme
evince
firefox-wayland
#geary
ghostwriter
(gimp-with-plugins.override {
plugins = with gimpPlugins; [
resynthesizer
];
})
glib
gnome.adwaita-icon-theme
gnome.dconf-editor
gnome.eog
gnome.file-roller
gnome.gnome-calendar
gnome.gnome-system-monitor
gnome.simple-scan
keepassxc
keychain
konsole
libnotify
libreoffice
lollypop
unstable.newsflash
numix-cursor-theme
numix-icon-theme
numix-icon-theme-circle
polkit_gnome
qgnomeplatform
rhythmbox
simple-scan
socat
sshuttle
tdesktop
thunderbird
virtmanager
vlc
(mpv-with-scripts.override {
scripts = with mpvScripts; [
convert
mpris
simple-mpv-webui
sponsorblock
thumbnail
];
})
wayvnc
xdg-utils
zathura
zeal
# TODO sort them in different files
pdfgrep
physlock
#symlinks
];
# Enable firmware update daemon
services.fwupd.enable = true;
programs.wireshark.enable = true;
programs.wireshark.package = pkgs.wireshark;
services.accounts-daemon.enable = true;
environment.interactiveShellInit = ''
if test `tty` = /dev/tty1; then
exec sway
fi
'';
}

747
flake.lock generated Normal file
View file

@ -0,0 +1,747 @@
{
"nodes": {
"HTTP": {
"flake": false,
"locked": {
"lastModified": 1451647621,
"narHash": "sha256-oHIyw3x0iKBexEo49YeUDV1k74ZtyYKGR2gNJXXRxts=",
"owner": "phadej",
"repo": "HTTP",
"rev": "9bc0996d412fef1787449d841277ef663ad9a915",
"type": "github"
},
"original": {
"owner": "phadej",
"repo": "HTTP",
"type": "github"
}
},
"cabal-32": {
"flake": false,
"locked": {
"lastModified": 1603716527,
"narHash": "sha256-sDbrmur9Zfp4mPKohCD8IDZfXJ0Tjxpmr2R+kg5PpSY=",
"owner": "haskell",
"repo": "cabal",
"rev": "94aaa8e4720081f9c75497e2735b90f6a819b08e",
"type": "github"
},
"original": {
"owner": "haskell",
"ref": "3.2",
"repo": "cabal",
"type": "github"
}
},
"cabal-34": {
"flake": false,
"locked": {
"lastModified": 1622475795,
"narHash": "sha256-chwTL304Cav+7p38d9mcb+egABWmxo2Aq+xgVBgEb/U=",
"owner": "haskell",
"repo": "cabal",
"rev": "b086c1995cdd616fc8d91f46a21e905cc50a1049",
"type": "github"
},
"original": {
"owner": "haskell",
"ref": "3.4",
"repo": "cabal",
"type": "github"
}
},
"cabal-36": {
"flake": false,
"locked": {
"lastModified": 1640163203,
"narHash": "sha256-TwDWP2CffT0j40W6zr0J1Qbu+oh3nsF1lUx9446qxZM=",
"owner": "haskell",
"repo": "cabal",
"rev": "ecf418050c1821f25e2e218f1be94c31e0465df1",
"type": "github"
},
"original": {
"owner": "haskell",
"ref": "3.6",
"repo": "cabal",
"type": "github"
}
},
"cardano-shell": {
"flake": false,
"locked": {
"lastModified": 1608537748,
"narHash": "sha256-PulY1GfiMgKVnBci3ex4ptk2UNYMXqGjJOxcPy2KYT4=",
"owner": "input-output-hk",
"repo": "cardano-shell",
"rev": "9392c75087cb9a3d453998f4230930dea3a95725",
"type": "github"
},
"original": {
"owner": "input-output-hk",
"repo": "cardano-shell",
"type": "github"
}
},
"cncli": {
"inputs": {
"iohk-nix": "iohk-nix",
"nixpkgs": "nixpkgs",
"rust-nix": "rust-nix",
"utils": "utils"
},
"locked": {
"lastModified": 1639248048,
"narHash": "sha256-UnXYXcbkvM1K7v5DeJ4XyNZy4ZU7hqOcENy65ICizg8=",
"owner": "AndrewWestberg",
"repo": "cncli",
"rev": "91e61b241d92d30e5ebba1acbe395a4be5186254",
"type": "github"
},
"original": {
"owner": "AndrewWestberg",
"repo": "cncli",
"type": "github"
}
},
"deploy": {
"inputs": {
"fenix": [
"fenix"
],
"flake-compat": "flake-compat",
"nixpkgs": [
"fenix",
"nixpkgs"
],
"utils": "utils_2"
},
"locked": {
"lastModified": 1645603310,
"narHash": "sha256-/CTQuJzFK8pO2d4S5uKhHwT+QiNfnbCKSx7O2tW0GXQ=",
"owner": "input-output-hk",
"repo": "deploy-rs",
"rev": "feb44f80c634c799a661bf27c5cb4a905640fe93",
"type": "github"
},
"original": {
"owner": "input-output-hk",
"repo": "deploy-rs",
"type": "github"
}
},
"fenix": {
"inputs": {
"nixpkgs": "nixpkgs_2",
"rust-analyzer-src": "rust-analyzer-src"
},
"locked": {
"lastModified": 1654151426,
"narHash": "sha256-8KHHvaduwvobK0rEvy4eM0uEQFu+NbE3BJ9qhgEkm/w=",
"owner": "nix-community",
"repo": "fenix",
"rev": "b2ba32f32e5238b4c6b49f81ff3d82e4dbe7f728",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "fenix",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1627913399,
"narHash": "sha256-hY8g6H2KFL8ownSiFeMOjwPC8P0ueXpCVEbxgda3pko=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "12c64ca55c1014cdc1b16ed5a804aa8576601ff2",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1653893745,
"narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1623875721,
"narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "f7e004a55b120c02ecb6219596820fcd32ca8772",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"ghc-8.6.5-iohk": {
"flake": false,
"locked": {
"lastModified": 1600920045,
"narHash": "sha256-DO6kxJz248djebZLpSzTGD6s8WRpNI9BTwUeOf5RwY8=",
"owner": "input-output-hk",
"repo": "ghc",
"rev": "95713a6ecce4551240da7c96b6176f980af75cae",
"type": "github"
},
"original": {
"owner": "input-output-hk",
"ref": "release/8.6.5-iohk",
"repo": "ghc",
"type": "github"
}
},
"hackage": {
"flake": false,
"locked": {
"lastModified": 1643073363,
"narHash": "sha256-66oSXQKEDIOSQ2uKAS9facCX/Zuh/jFgyFDtxEqN9sk=",
"owner": "input-output-hk",
"repo": "hackage.nix",
"rev": "4ef9bd3a32316ce236164c7ebff00ebeb33236e2",
"type": "github"
},
"original": {
"owner": "input-output-hk",
"repo": "hackage.nix",
"type": "github"
}
},
"haskellNix": {
"inputs": {
"HTTP": "HTTP",
"cabal-32": "cabal-32",
"cabal-34": "cabal-34",
"cabal-36": "cabal-36",
"cardano-shell": "cardano-shell",
"flake-utils": "flake-utils_2",
"ghc-8.6.5-iohk": "ghc-8.6.5-iohk",
"hackage": "hackage",
"hpc-coveralls": "hpc-coveralls",
"nix-tools": "nix-tools",
"nixpkgs": [
"haskellNix",
"nixpkgs-2111"
],
"nixpkgs-2003": "nixpkgs-2003",
"nixpkgs-2105": "nixpkgs-2105",
"nixpkgs-2111": "nixpkgs-2111",
"nixpkgs-unstable": "nixpkgs-unstable",
"old-ghc-nix": "old-ghc-nix",
"stackage": "stackage"
},
"locked": {
"lastModified": 1643073543,
"narHash": "sha256-g2l/KDWzMRTFRugNVcx3CPZeyA5BNcH9/zDiqFpprB4=",
"owner": "input-output-hk",
"repo": "haskell.nix",
"rev": "14f740c7c8f535581c30b1697018e389680e24cb",
"type": "github"
},
"original": {
"owner": "input-output-hk",
"repo": "haskell.nix",
"rev": "14f740c7c8f535581c30b1697018e389680e24cb",
"type": "github"
}
},
"hpc-coveralls": {
"flake": false,
"locked": {
"lastModified": 1607498076,
"narHash": "sha256-8uqsEtivphgZWYeUo5RDUhp6bO9j2vaaProQxHBltQk=",
"owner": "sevanspowell",
"repo": "hpc-coveralls",
"rev": "14df0f7d229f4cd2e79f8eabb1a740097fdfa430",
"type": "github"
},
"original": {
"owner": "sevanspowell",
"repo": "hpc-coveralls",
"type": "github"
}
},
"iohk-nix": {
"flake": false,
"locked": {
"lastModified": 1615911315,
"narHash": "sha256-3GiYZendBOpHfgDkfBI/GJfhJ3hOdd/fDq8VWSMdtng=",
"owner": "input-output-hk",
"repo": "iohk-nix",
"rev": "bc4216c5b0e14dbde5541763f4952f99c3c712fa",
"type": "github"
},
"original": {
"owner": "input-output-hk",
"repo": "iohk-nix",
"type": "github"
}
},
"lowdown-src": {
"flake": false,
"locked": {
"lastModified": 1633514407,
"narHash": "sha256-Dw32tiMjdK9t3ETl5fzGrutQTzh2rufgZV4A/BbxuD4=",
"owner": "kristapsdz",
"repo": "lowdown",
"rev": "d2c2b44ff6c27b936ec27358a2653caaef8f73b8",
"type": "github"
},
"original": {
"owner": "kristapsdz",
"repo": "lowdown",
"type": "github"
}
},
"nix": {
"inputs": {
"lowdown-src": "lowdown-src",
"nixpkgs": "nixpkgs_3",
"nixpkgs-regression": "nixpkgs-regression"
},
"locked": {
"lastModified": 1650397666,
"narHash": "sha256-gWYNlEyleqkPfxtGXeq6ggjzJwcXJVdieJxA1Obly9s=",
"owner": "NixOS",
"repo": "nix",
"rev": "69c6fb12eea414382f0b945c0d6c574c43c7c9a3",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "2.8.0",
"repo": "nix",
"type": "github"
}
},
"nix-tools": {
"flake": false,
"locked": {
"lastModified": 1636018067,
"narHash": "sha256-ng306fkuwr6V/malWtt3979iAC4yMVDDH2ViwYB6sQE=",
"owner": "input-output-hk",
"repo": "nix-tools",
"rev": "ed5bd7215292deba55d6ab7a4e8c21f8b1564dda",
"type": "github"
},
"original": {
"owner": "input-output-hk",
"repo": "nix-tools",
"type": "github"
}
},
"nixos-hardware": {
"locked": {
"lastModified": 1654057797,
"narHash": "sha256-mXo7C4v7Jj2feBzcReu1Eu/3Rnw5b023E9kOyFsHZQw=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "0cab18a48de7914ef8cad35dca0bb36868f3e1af",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixos-hardware",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1615797423,
"narHash": "sha256-5NGDZXPQzuoxf/42NiyC9YwwhwzfMfIRrz3aT0XHzSc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "266dc8c3d052f549826ba246d06787a219533b8f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-2003": {
"locked": {
"lastModified": 1620055814,
"narHash": "sha256-8LEHoYSJiL901bTMVatq+rf8y7QtWuZhwwpKE2fyaRY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "1db42b7fe3878f3f5f7a4f2dc210772fd080e205",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-20.03-darwin",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-2105": {
"locked": {
"lastModified": 1640283157,
"narHash": "sha256-6Ddfop+rKE+Gl9Tjp9YIrkfoYPzb8F80ergdjcq3/MY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "dde1557825c5644c869c5efc7448dc03722a8f09",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-21.05-darwin",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-2111": {
"locked": {
"lastModified": 1640283207,
"narHash": "sha256-SCwl7ZnCfMDsuSYvwIroiAlk7n33bW8HFfY8NvKhcPA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "64c7e3388bbd9206e437713351e814366e0c3284",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-21.11-darwin",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-21_11": {
"locked": {
"lastModified": 1653819578,
"narHash": "sha256-a1vaUl6VZz1NsWxMw0i5lRyHIOVUIuMZdQzV+4s+rY8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "baa82d4b626288c7439eeea073a18aabbe435991",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-21.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-22_05": {
"locked": {
"lastModified": 1653822412,
"narHash": "sha256-xZwMDQ8MdNiTwE8dcKAX1h3qCmLtuudNGxmFUX3xIes=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "db78278ff296cf21eca7e8c08ee99707387a54fa",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-22.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-regression": {
"locked": {
"lastModified": 1643052045,
"narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
},
"original": {
"id": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "indirect"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1641285291,
"narHash": "sha256-KYaOBNGar3XWTxTsYPr9P6u74KAqNq0wobEC236U+0c=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0432195a4b8d68faaa7d3d4b355260a3120aeeae",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable_2": {
"locked": {
"lastModified": 1653931853,
"narHash": "sha256-O3wncIouj9x7gBPntzHeK/Hkmm9M1SGlYq7JI7saTAE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f1c167688a6f81f4a51ab542e5f476c8c595e457",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-unstable",
"type": "indirect"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1653931853,
"narHash": "sha256-O3wncIouj9x7gBPntzHeK/Hkmm9M1SGlYq7JI7saTAE=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "f1c167688a6f81f4a51ab542e5f476c8c595e457",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1645296114,
"narHash": "sha256-y53N7TyIkXsjMpOG7RhvqJFGDacLs9HlyHeSTBioqYU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "530a53dcbc9437363471167a5e4762c5fcfa34a1",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-21.05-small",
"type": "indirect"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1654005557,
"narHash": "sha256-J6elwUzPoco+r5qWPHhvS2EHVWomUtNcxzkfdAQOwEU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "08950a6e29cf7bddee466592eb790a417550f7f9",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-22.05",
"type": "indirect"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1623423544,
"narHash": "sha256-3b6CdnlUBXb2M5F7vLQ/DVRmpu31YDo1wthdybF46Dc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5707a8efadbd9a2bfe5aa663555c62ba2933cc81",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"old-ghc-nix": {
"flake": false,
"locked": {
"lastModified": 1631092763,
"narHash": "sha256-sIKgO+z7tj4lw3u6oBZxqIhDrzSkvpHtv0Kki+lh9Fg=",
"owner": "angerman",
"repo": "old-ghc-nix",
"rev": "af48a7a7353e418119b6dfe3cd1463a657f342b8",
"type": "github"
},
"original": {
"owner": "angerman",
"ref": "master",
"repo": "old-ghc-nix",
"type": "github"
}
},
"root": {
"inputs": {
"cncli": "cncli",
"deploy": "deploy",
"fenix": "fenix",
"flake-utils": "flake-utils",
"haskellNix": "haskellNix",
"nix": "nix",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_4",
"nixpkgs-unstable": "nixpkgs-unstable_2",
"sops-nix": "sops-nix",
"styx": "styx"
}
},
"rust-analyzer-src": {
"flake": false,
"locked": {
"lastModified": 1654111402,
"narHash": "sha256-bPLg3p6gJ23uSC4IaYtIWj/fG6uUNHPM3xG9k2vtcZE=",
"owner": "rust-lang",
"repo": "rust-analyzer",
"rev": "6f7c5589abfc93fbdfc071cc2716d1ea7b527e2e",
"type": "github"
},
"original": {
"owner": "rust-lang",
"ref": "nightly",
"repo": "rust-analyzer",
"type": "github"
}
},
"rust-nix": {
"inputs": {
"nixpkgs": [
"cncli",
"nixpkgs"
]
},
"locked": {
"lastModified": 1614256663,
"narHash": "sha256-cFew8eXUJfmlaLh4f3Z+TxAAo2Syh2xWB/3Xa/Ebd70=",
"owner": "input-output-hk",
"repo": "rust.nix",
"rev": "e2d4e8e5225739c4607614f98f60d2667c794558",
"type": "github"
},
"original": {
"owner": "input-output-hk",
"ref": "work",
"repo": "rust.nix",
"type": "github"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-21_11": "nixpkgs-21_11",
"nixpkgs-22_05": "nixpkgs-22_05"
},
"locked": {
"lastModified": 1653827546,
"narHash": "sha256-va51HFf7UwktvriIbe9pjRPMr7p8IaxrwcDlZe7twzI=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "36b5901782e7fbfc191cace910f67f8b8743f678",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"type": "github"
}
},
"stackage": {
"flake": false,
"locked": {
"lastModified": 1643073493,
"narHash": "sha256-5cPd1+i/skvJY9vJO1BhVRPcJObqkxDSywBEppDmb1U=",
"owner": "input-output-hk",
"repo": "stackage.nix",
"rev": "48e1188855ca38f3b7e2a8dba5352767a2f0a8f7",
"type": "github"
},
"original": {
"owner": "input-output-hk",
"repo": "stackage.nix",
"type": "github"
}
},
"styx": {
"inputs": {
"nixpkgs": "nixpkgs_5",
"utils": "utils_3"
},
"locked": {
"lastModified": 1642573301,
"narHash": "sha256-djXJRQc5RUKqoCSaHPCDbV4eenmSWjFtwPTbSLKDGUI=",
"owner": "disassembler",
"repo": "styx",
"rev": "eb640d08e62658e9252d334f5e2d3f3432ca36ad",
"type": "github"
},
"original": {
"owner": "disassembler",
"repo": "styx",
"type": "github"
}
},
"utils": {
"locked": {
"lastModified": 1613500319,
"narHash": "sha256-ybAq6pImFCSnwyhhmnnvV567JM4GuhCEG/PHBkSS86U=",
"owner": "kreisys",
"repo": "flake-utils",
"rev": "28e72370213c9bc2cf094ab07b8ac95f3c6bb60f",
"type": "github"
},
"original": {
"owner": "kreisys",
"repo": "flake-utils",
"type": "github"
}
},
"utils_2": {
"locked": {
"lastModified": 1637014545,
"narHash": "sha256-26IZAc5yzlD9FlDT54io1oqG/bBoyka+FJk5guaX4x4=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "bba5dcc8e0b20ab664967ad83d24d64cb64ec4f4",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"utils_3": {
"locked": {
"lastModified": 1623875721,
"narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "f7e004a55b120c02ecb6219596820fcd32ca8772",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

22
flake.nix Normal file
View file

@ -0,0 +1,22 @@
{
description = "NixOS configuration";
inputs = {
flake-utils.url = "github:numtide/flake-utils";
nix.url = "github:NixOS/nix/2.8.0";
nixpkgs.url = "nixpkgs/nixos-22.05";
nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
haskellNix.url = "github:input-output-hk/haskell.nix/14f740c7c8f535581c30b1697018e389680e24cb";
cncli.url = "github:AndrewWestberg/cncli";
nixos-hardware.url = "github:NixOS/nixos-hardware";
deploy.url = "github:input-output-hk/deploy-rs";
deploy.inputs.nixpkgs.follows = "fenix/nixpkgs";
deploy.inputs.fenix.follows = "fenix";
sops-nix.url = "github:Mic92/sops-nix";
fenix.url = "github:nix-community/fenix";
sops-nix.inputs.nixpkgs.follows = "nixpkgs";
styx.url = "github:disassembler/styx";
};
outputs = { ... } @ args: import ./outputs.nix args;
}

0
helpers.sh → legacy/helpers.sh
View file

18
install-thinkman.sh → legacy/install-desktop.nix
View file

@ -19,7 +19,6 @@ ask_if_sure
mp_umount / mp_umount /
################################################################################################ ################################################################################################
echo "Starting Root SSD"
lvm_remove_lv /dev/vg_root/lv_root lvm_remove_lv /dev/vg_root/lv_root
lvm_remove_lv /dev/vg_root/lv_home lvm_remove_lv /dev/vg_root/lv_home
@ -39,6 +38,8 @@ sgdisk \
--largest-new=3 -c 3:"Crypt" -t 3:8309 \ --largest-new=3 -c 3:"Crypt" -t 3:8309 \
-p -p
sleep 3
cryptsetup luksFormat "${DRIVE_ROOT}${PARTSEP}3" cryptsetup luksFormat "${DRIVE_ROOT}${PARTSEP}3"
cryptsetup luksOpen --allow-discards "${DRIVE_ROOT}${PARTSEP}3" "$(basename "${DRIVE_ROOT_LUKS}")" cryptsetup luksOpen --allow-discards "${DRIVE_ROOT}${PARTSEP}3" "$(basename "${DRIVE_ROOT_LUKS}")"
@ -68,19 +69,4 @@ ssh-keygen -t rsa -N "" -f "${CHROOT_BASE}/etc/secrets/initrd/ssh_host_rsa_k
mkdir -p "${CHROOT_BASE}/etc/nixos/" mkdir -p "${CHROOT_BASE}/etc/nixos/"
rsync -avH "${NIXOS_FILES}/" "${CHROOT_BASE}/etc/nixos/" rsync -avH "${NIXOS_FILES}/" "${CHROOT_BASE}/etc/nixos/"
cat >> "${CHROOT_BASE}/etc/nixos/vars-uuids.nix" <<END
{
fs = {
root = "$(blkid -o value -s UUID "/dev/vg_root/lv_root")";
boot = "$(blkid -o value -s UUID "${DRIVE_ROOT}${PARTSEP}2")";
home = "$(blkid -o value -s UUID "/dev/vg_root/lv_home")";
swap = "$(blkid -o value -s UUID "/dev/vg_root/lv_swap")";
};
luks = {
root = "$(blkid -o value -s PARTUUID "${DRIVE_ROOT}${PARTSEP}3")";
};
}
END
install_os "${CHROOT_BASE}" install_os "${CHROOT_BASE}"

19
install-serverle.sh → legacy/install-server.sh
View file

@ -39,6 +39,8 @@ sgdisk \
--largest-new=3 -c 3:"Crypt" -t 3:8309 \ --largest-new=3 -c 3:"Crypt" -t 3:8309 \
-p -p
sleep 3
cryptsetup luksFormat "${DRIVE_ROOT}${PARTSEP}3" cryptsetup luksFormat "${DRIVE_ROOT}${PARTSEP}3"
cryptsetup luksOpen --allow-discards "${DRIVE_ROOT}${PARTSEP}3" "$(basename "${DRIVE_ROOT_LUKS}")" cryptsetup luksOpen --allow-discards "${DRIVE_ROOT}${PARTSEP}3" "$(basename "${DRIVE_ROOT_LUKS}")"
@ -48,7 +50,7 @@ vgcreate vg_root "${DRIVE_ROOT_LUKS}"
lvcreate -L 50GiB -n lv_root vg_root lvcreate -L 50GiB -n lv_root vg_root
mkfs.ext4 -L "${HOST}-root" /dev/vg_root/lv_root mkfs.ext4 -L "${HOST}-root" /dev/vg_root/lv_root
lvcreate -L 250GiB -n lv_srv vg_root lvcreate -L 100GiB -n lv_srv vg_root
mkfs.ext4 -L "${HOST}-srv" /dev/vg_root/lv_srv mkfs.ext4 -L "${HOST}-srv" /dev/vg_root/lv_srv
lvcreate -L 4GiB -n lv_swap vg_root lvcreate -L 4GiB -n lv_swap vg_root
@ -70,19 +72,4 @@ rsync -avH "${NIXOS_FILES}/" "${CHROOT_BASE}/etc/nixos/"
mkdir -p "${CHROOT_BASE}/etc/secrets/initrd" mkdir -p "${CHROOT_BASE}/etc/secrets/initrd"
rsync -avH "/etc/secrets/" "${CHROOT_BASE}/etc/secrets/" rsync -avH "/etc/secrets/" "${CHROOT_BASE}/etc/secrets/"
cat >> "${CHROOT_BASE}/etc/nixos/vars-uuids.nix" <<END
{
fs = {
root = "$(blkid -o value -s UUID "/dev/vg_root/lv_root")";
boot = "$(blkid -o value -s UUID "${DRIVE_ROOT}${PARTSEP}2")";
srv = "$(blkid -o value -s UUID "/dev/vg_root/lv_srv")";
swap = "$(blkid -o value -s UUID "/dev/vg_root/lv_swap")";
};
luks = {
root = "$(blkid -o value -s PARTUUID "${DRIVE_ROOT}${PARTSEP}3")";
};
}
END
install_os "${CHROOT_BASE}" install_os "${CHROOT_BASE}"

56
nixos/configurations.nix Normal file
View file

@ -0,0 +1,56 @@
{ self
, nixpkgs
, nixpkgs-unstable
, sops-nix
, inputs
, nixos-hardware
, nix
, ...
}:
let
nixosSystem = nixpkgs.lib.makeOverridable nixpkgs.lib.nixosSystem;
customModules = import ./modules/default.nix;
overlay-unstable = final: prev: {
unstable = import nixpkgs-unstable {
inherit (final) system;
config.allowUnfree = true;
};
};
baseModules = [
# make flake inputs accessiable in NixOS
{
_module.args.self = self;
_module.args.inputs = inputs;
}
{
imports = [
({ pkgs, ... }: {
nixpkgs.overlays = [ overlay-unstable ];
nix.nixPath = [
"nixpkgs=${pkgs.path}"
];
documentation.info.enable = false;
})
sops-nix.nixosModules.sops
];
}
];
defaultModules = baseModules ++ customModules;
in
{
# add your model from this list: https://github.com/NixOS/nixos-hardware/blob/master/flake.nix
thinkman = nixosSystem {
system = "x86_64-linux";
modules = defaultModules ++ [
nixos-hardware.nixosModules.lenovo-thinkpad-t14
./thinkman/configuration.nix
];
};
serverle = nixosSystem {
system = "aarch64-linux";
modules = defaultModules ++ [
nixos-hardware.nixosModules.raspberry-pi-4
./serverle/configuration.nix
];
};
}

20
nixos/deploy.nix Normal file
View file

@ -0,0 +1,20 @@
{ self
, deploy
, ...
}:
let
mkNode = server: ip: fast: {
hostname = "${ip}:22";
fastConnection = fast;
profiles.system.path =
deploy.lib.x86_64-linux.activate.nixos
self.nixosConfigurations."${server}";
};
in
{
user = "root";
sshUser = "felix";
nodes = {
serverle = mkNode "serverle" "192.167.178.60" true;
};
}

0
extra/3d-design.nix → nixos/modules/3d-design.nix
View file

0
extra/3d-printer.nix → nixos/modules/3d-printer.nix
View file

0
extra/android.nix → nixos/modules/android.nix
View file

0
extra/avahi.nix → nixos/modules/avahi.nix
View file

0
extra/bluetooth-audio.nix → nixos/modules/bluetooth-audio.nix
View file

0
extra/clean.nix → nixos/modules/clean.nix
View file

0
extra/compression.nix → nixos/modules/compression.nix
View file

0
core.nix → nixos/modules/core.nix
View file

6
nixos/modules/default.nix Normal file
View file

@ -0,0 +1,6 @@
[
./core.nix
./modules.nix
./network.nix
./users.nix
]

3
extra/desktop-development.nix → nixos/modules/desktop-development.nix
View file

@ -1,7 +1,4 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let
unstable = import <nixos-unstable> { config = { allowUnfree = true; }; };
in
{ {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
arduino arduino

3
extra/development.nix → nixos/modules/development.nix
View file

@ -1,7 +1,4 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let
unstable = import <nixos-unstable> { config = { allowUnfree = true; }; };
in
{ {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
# rust # rust

0
extra/docker.nix → nixos/modules/docker.nix
View file

0
extra/filesystem.nix → nixos/modules/filesystem.nix
View file

0
extra/fonts.nix → nixos/modules/fonts.nix
View file

0
extra/gaming.nix → nixos/modules/gaming.nix
View file

0
extra/hardware-base.nix → nixos/modules/hardware-base.nix
View file

0
extra/intel-video.nix → nixos/modules/intel-video.nix
View file

0
extra/intel.nix → nixos/modules/intel.nix
View file

0
extra/kvm.nix → nixos/modules/kvm.nix
View file

0
extra/location.nix → nixos/modules/location.nix
View file

0
extra/media.nix → nixos/modules/media.nix
View file

0
extra/meeting.nix → nixos/modules/meeting.nix
View file

0
modules.nix → nixos/modules/modules.nix
View file

0
extra/nautilus.nix → nixos/modules/nautilus.nix
View file

0
network.nix → nixos/modules/network.nix
View file

0
extra/networkdecrypt.nix → nixos/modules/networkdecrypt.nix
View file

0
extra/nix.nix → nixos/modules/nix.nix
View file

0
extra/power.nix → nixos/modules/power.nix
View file

0
extra/presentation.nix → nixos/modules/presentation.nix
View file

0
extra/printer.nix → nixos/modules/printer.nix
View file

0
extra/screen-sharing.nix → nixos/modules/screen-sharing.nix
View file

0
extra/security.nix → nixos/modules/security.nix
View file

0
extra/sound.nix → nixos/modules/sound.nix
View file

0
extra/ssh.nix → nixos/modules/ssh.nix
View file

0
sway.nix → nixos/modules/sway.nix
View file

0
extra/sync.nix → nixos/modules/sync.nix
View file

0
extra/systemd-user.nix → nixos/modules/systemd-user.nix
View file

0
extra/systemduefi.nix → nixos/modules/systemduefi.nix
View file

0
extra/tex.nix → nixos/modules/tex.nix
View file

0
extra/theme.nix → nixos/modules/theme.nix
View file

0
extra/thunderbolt.nix → nixos/modules/thunderbolt.nix
View file

0
users.nix → nixos/modules/users.nix
View file

0
extra/webapps/bazarr.nix → nixos/modules/webapps/bazarr.nix
View file

0
modules/webapps/default.nix → nixos/modules/webapps/config.nix
View file

0
extra/webapps/homer.nix → nixos/modules/webapps/homer.nix
View file

0
extra/webapps/jellyfin.nix → nixos/modules/webapps/jellyfin.nix
View file

0
extra/webapps/navidrome.nix → nixos/modules/webapps/navidrome.nix
View file

0
extra/webapps/prowlarr.nix → nixos/modules/webapps/prowlarr.nix
View file

0
extra/webapps/radarr.nix → nixos/modules/webapps/radarr.nix
View file

0
extra/webapps/sonarr.nix → nixos/modules/webapps/sonarr.nix
View file

0
extra/webcam.nix → nixos/modules/webcam.nix
View file

0
backup.nix → nixos/serverle/backup.nix
View file

43
nixos/serverle/configuration.nix Normal file
View file

@ -0,0 +1,43 @@
{ config, ... }:
{
imports = [
./hardware-configuration.nix
./disks.nix
./backup.nix
../modules/3d-printer.nix
../modules/avahi.nix
../modules/compression.nix
../modules/development.nix
../modules/docker.nix
./dyndns.nix
../modules/networkdecrypt.nix
../modules/nix.nix
../modules/ssh.nix
../modules/webapps/config.nix
../modules/webapps/bazarr.nix
../modules/webapps/homer.nix
../modules/webapps/jellyfin.nix
../modules/webapps/navidrome.nix
../modules/webapps/prowlarr.nix
../modules/webapps/radarr.nix
../modules/webapps/sonarr.nix
];
networking.hostName = "serverle";
#environment.noXlibs = true;
networking.firewall.allowedTCPPorts = [
8080 # aria
];
# Nix
nix.gc = {
automatic = true;
options = "--delete-older-than 30d";
};
system = {
stateVersion = "21.11";
autoUpgrade.enable = true;
};
}

30
nixos/serverle/disks.nix Normal file
View file

@ -0,0 +1,30 @@
{ config, lib, pkgs, ... }:
{
boot.initrd.luks.devices."luks-drive" = {
name = "luks-drive";
device = "/dev/sda";
preLVM = true;
allowDiscards = true;
};
fileSystems."/" = {
device = "/dev/disk/by-label/serverle-root";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-label/serverle-bo";
fsType = "vfat";
};
fileSystems."/srv" = {
device = "/dev/disk/by-label/serverle-srv";
fsType = "ext4";
};
swapDevices = [{
device = "/dev/disk/by-label/serverle-swap";
}];
}

2
extra/dyndns.nix → nixos/serverle/dyndns.nix
View file

@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
cfg = import ../vars-dyndns.nix; cfg = import ./vars-dyndns.nix;
in in
{ {
services.ddclient = { services.ddclient = {

0
hardware/raspberrypi4.nix → nixos/serverle/hardware-configuration.nix
View file

7
nixos/serverle/vars-backup.nix Normal file
View file

@ -0,0 +1,7 @@
{
borg = {
user = "u181505-sub1";
host = "u181505-sub1.your-storagebox.de";
dir = "serverle/";
};
}

7
nixos/serverle/vars-dyndns.nix Normal file
View file

@ -0,0 +1,7 @@
{
dyndns = {
server = "dyndns.inwx.com";
username = "Stunkymonkey-dyndns";
domains = [ "serverle.stunkymonkey.de" ];
};
}

75
nixos/thinkman/backup.nix Normal file
View file

@ -0,0 +1,75 @@
{ config, lib, pkgs, ... }:
let
cfg = import ./vars-backup.nix;
borgbackupMonitor = { config, pkgs, lib, ... }: with lib; {
key = "borgbackupMonitor";
_file = "borgbackupMonitor";
config.systemd.services = {
"notify-problems@" = {
enable = true;
serviceConfig.User = "felix";
environment.SERVICE = "%i";
script = ''
export $(cat /proc/$(${pkgs.procps}/bin/pgrep -x "sway" -u "$USER")/environ |grep -z '^DBUS_SESSION_BUS_ADDRESS=')
${pkgs.libnotify}/bin/notify-send -u critical "$SERVICE FAILED!" "Run journalctl -u $SERVICE for details"
'';
};
} // flip mapAttrs' config.services.borgbackup.jobs (name: value:
nameValuePair "borgbackup-job-${name}" {
unitConfig.OnFailure = "notify-problems@%i.service";
}
);
};
in
{
# notification
imports = [
borgbackupMonitor
];
services.borgbackup.jobs.hetzner = {
paths = [
"/"
];
exclude = [
"/nix"
"/sys"
"/run"
"/proc"
"/root/.cache/"
"**/.Trash"
"/tmp/*"
"/var/lock/*"
"/var/run/*"
"/var/tmp/*"
"/home/*/tmp"
"/home/*/todo"
"/home/*/.cache"
"/home/*/.gvfs"
"/home/*/.thumbnails"
"/home/*/.local/share/Trash"
"/srv/data/tmp"
"/srv/data/todo"
];
extraCreateArgs = "--exclude-caches --keep-exclude-tags --stats";
encryption = {
mode = "repokey-blake2";
passCommand = "cat /root/.borg_password";
};
environment.BORG_RSH = "ssh -o 'StrictHostKeyChecking=no' -i /root/.ssh/backup_ed25519 -p 23";
repo = "${cfg.borg.user}@${cfg.borg.host}:${cfg.borg.dir}";
compression = "auto,zstd";
doInit = false;
startAt = "daily";
persistentTimer = true;
prune.keep = {
last = 1;
within = "3d";
daily = 7;
weekly = 4;
monthly = 6;
yearly = 2;
};
};
}

62
nixos/thinkman/configuration.nix Normal file
View file

@ -0,0 +1,62 @@
{ config, pkgs, lib, ... }:
{
imports = [
./disks.nix
./hardware-configuration.nix
../modules/sway.nix
./backup.nix
../modules/3d-design.nix
../modules/android.nix
../modules/avahi.nix
../modules/bluetooth-audio.nix
../modules/clean.nix
../modules/compression.nix
../modules/desktop-development.nix
../modules/development.nix
../modules/docker.nix
../modules/filesystem.nix
../modules/gaming.nix
../modules/hardware-base.nix
../modules/intel-video.nix
../modules/intel.nix
../modules/kvm.nix
../modules/location.nix
../modules/media.nix
../modules/meeting.nix
../modules/nix.nix
../modules/power.nix
../modules/presentation.nix
../modules/printer.nix
../modules/screen-sharing.nix
../modules/sound.nix
../modules/sync.nix
../modules/systemd-user.nix
../modules/systemduefi.nix
../modules/tex.nix
../modules/theme.nix
../modules/thunderbolt.nix
../modules/webcam.nix
];
networking.hostName = "thinkman";
# Use latest kernel
boot.kernelPackages = pkgs.linuxPackages_latest;
# Nix
nix = {
autoOptimiseStore = true;
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
daemonCPUSchedPolicy = "idle";
daemonIOSchedPriority = 7;
};
system = {
stateVersion = "22.05";
autoUpgrade.enable = true;
};
}

30
nixos/thinkman/disks.nix Normal file
View file

@ -0,0 +1,30 @@
{ config, lib, pkgs, ... }:
{
boot.initrd.luks.devices."luks-drive" = {
name = "luks-drive";
device = "/dev/nvme0";
preLVM = true;
allowDiscards = true;
};
fileSystems."/" = {
device = "/dev/disk/by-label/thinkman-root";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-label/thinkman-bo";
fsType = "vfat";
};
fileSystems."/home" = {
device = "/dev/disk/by-label/thinkman-home";
fsType = "ext4";
};
swapDevices = [{
device = "/dev/disk/by-label/thinkman-swap";
}];
}

0
hardware/t14.nix → nixos/thinkman/hardware-configuration.nix
View file

7
nixos/thinkman/vars-backup.nix Normal file
View file

@ -0,0 +1,7 @@
{
borg = {
user = "u181505-sub1";
host = "u181505-sub1.your-storagebox.de";
dir = "thinkman/";
};
}

28
outputs.nix Normal file
View file

@ -0,0 +1,28 @@
{ self
, flake-utils
, nixpkgs
, nixpkgs-unstable
, sops-nix
, deploy
, ...
} @ inputs:
(flake-utils.lib.eachDefaultSystem (system:
let
pkgs = nixpkgs.legacyPackages."${system}";
in
{
devShell = pkgs.callPackage ./shell.nix {
inherit (sops-nix.packages."${pkgs.system}") sops-import-keys-hook ssh-to-pgp sops-init-gpg-key;
inherit (deploy.packages."${pkgs.system}") deploy-rs;
};
})) // {
nixosConfigurations = import ./nixos/configurations.nix (inputs // {
inherit inputs;
});
deploy = import ./nixos/deploy.nix (inputs // {
inherit inputs;
});
hydraJobs = nixpkgs.lib.mapAttrs' (name: config: nixpkgs.lib.nameValuePair "nixos-${name}" config.config.system.build.toplevel) self.nixosConfigurations;
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy.lib;
}

47
serverle.nix
View file

@ -1,47 +0,0 @@
{ config, ... }:
{
imports = [
./backup.nix
./default.nix
./core.nix
./disks.nix
./disks-srv.nix
./users.nix
./extra/3d-printer.nix
./extra/avahi.nix
./extra/compression.nix
./extra/development.nix
./extra/docker.nix
./extra/dyndns.nix
./extra/networkdecrypt.nix
./extra/nix.nix
./extra/ssh.nix
./modules/webapps
./extra/webapps/bazarr.nix
./extra/webapps/homer.nix
./extra/webapps/jellyfin.nix
./extra/webapps/navidrome.nix
./extra/webapps/prowlarr.nix
./extra/webapps/radarr.nix
./extra/webapps/sonarr.nix
./hardware/raspberrypi4.nix
];
networking.hostName = "serverle";
#environment.noXlibs = true;
networking.firewall.allowedTCPPorts = [
8080 # aria
];
# Nix
nix.gc = {
automatic = true;
options = "--delete-older-than 30d";
};
system = {
stateVersion = "21.11";
autoUpgrade.enable = true;
};
}

26
shell.nix Normal file
View file

@ -0,0 +1,26 @@
{ mkShell
, sops-import-keys-hook
, ssh-to-pgp
, sops-init-gpg-key
, sops
, deploy-rs
, nixpkgs-fmt
, knot-dns
, lefthook
, python3
}:
mkShell {
sopsPGPKeyDirs = [ "./nixos/secrets/keys" ];
nativeBuildInputs = [
python3.pkgs.invoke
ssh-to-pgp
sops-import-keys-hook
sops-init-gpg-key
sops
deploy-rs
nixpkgs-fmt
lefthook
knot-dns
];
}

66
thinkman.nix
View file

@ -1,66 +0,0 @@
{ config, pkgs, lib, ... }:
{
imports = [
./backup.nix
./core.nix
./default.nix
./disks.nix
./disks-home.nix
./sway.nix
./extra/3d-design.nix
./extra/android.nix
./extra/avahi.nix
./extra/bluetooth-audio.nix
./extra/clean.nix
./extra/compression.nix
./extra/default.nix
./extra/desktop-development.nix
./extra/development.nix
./extra/docker.nix
./extra/filesystem.nix
./extra/gaming.nix
./extra/hardware-base.nix
./extra/intel-video.nix
./extra/intel.nix
./extra/kvm.nix
./extra/location.nix
./extra/media.nix
./extra/meeting.nix
./extra/nix.nix
./extra/power.nix
./extra/presentation.nix
./extra/printer.nix
./extra/screen-sharing.nix
./extra/sound.nix
./extra/sync.nix
./extra/systemd-user.nix
./extra/systemduefi.nix
./extra/tex.nix
./extra/theme.nix
./extra/thunderbolt.nix
./extra/webcam.nix
./hardware/t14.nix
];
networking.hostName = "thinkman";
# Use latest kernel
boot.kernelPackages = pkgs.linuxPackages_latest;
# Nix
nix = {
autoOptimiseStore = true;
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
daemonCPUSchedPolicy = "idle";
daemonIOSchedPriority = 7;
};
system = {
stateVersion = "22.05";
autoUpgrade.enable = true;
};
}