noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2025-07-05 18:30:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

apply new nix fmt specification

Browse Source
This commit is contained in:
Noah Masur
2024-04-13 09:03:44 -04:00
parent e8e0c97e59
commit 07137fdd91
23 changed files with 280 additions and 203 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
hosts/arrow/default.nix
View File

@ -1,20 +1,26 @@
{ inputs, globals, overlays, ... }:
{
inputs,
globals,
overlays,
...
}:
inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { };
modules = import ./modules.nix { inherit inputs globals overlays; } ++ [{
# This is the root filesystem containing NixOS
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
modules = import ./modules.nix { inherit inputs globals overlays; } ++ [
{
# This is the root filesystem containing NixOS
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
# This is the boot filesystem for Grub
fileSystems."/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "vfat";
};
}];
# This is the boot filesystem for Grub
fileSystems."/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "vfat";
};
}
];
}

22
hosts/arrow/modules.nix
View File

@ -1,4 +1,8 @@
{ inputs, globals, overlays }:
{
inputs,
globals,
overlays,
}:
[
globals
@ -21,18 +25,18 @@
services.transmission.enable = true;
# nix-index seems to each up too much memory for Vultr
home-manager.users.${globals.user}.programs.nix-index.enable =
inputs.nixpkgs.lib.mkForce false;
home-manager.users.${globals.user}.programs.nix-index.enable = inputs.nixpkgs.lib.mkForce false;
virtualisation.vmVariant = {
virtualisation.forwardPorts = [{
from = "host";
host.port = 2222;
guest.port = 22;
}];
virtualisation.forwardPorts = [
{
from = "host";
host.port = 2222;
guest.port = 22;
}
];
};
}
../../modules/common
../../modules/nixos
]

59
hosts/aws/default.nix
View File

@ -1,28 +1,41 @@
{ inputs, system, globals, overlays, ... }:
{
inputs,
system,
globals,
overlays,
...
}:
inputs.nixos-generators.nixosGenerate {
inherit system;
format = "amazon";
modules = [
globals
inputs.home-manager.nixosModules.home-manager
{
nixpkgs.overlays = overlays;
networking.hostName = "sheep";
gui.enable = false;
theme.colors = (import ../../colorscheme/gruvbox).dark;
passwordHash = null;
publicKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s personal"
];
# AWS settings require this
permitRootLogin = "prohibit-password";
}
../../modules/common
../../modules/nixos
../../modules/nixos/services/sshd.nix
] ++ [
# Required to fix diskSize errors during build
({ ... }: { amazonImage.sizeMB = 16 * 1024; })
];
modules =
[
globals
inputs.home-manager.nixosModules.home-manager
{
nixpkgs.overlays = overlays;
networking.hostName = "sheep";
gui.enable = false;
theme.colors = (import ../../colorscheme/gruvbox).dark;
passwordHash = null;
publicKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s personal"
];
# AWS settings require this
permitRootLogin = "prohibit-password";
}
../../modules/common
../../modules/nixos
../../modules/nixos/services/sshd.nix
]
++ [
# Required to fix diskSize errors during build
(
{ ... }:
{
amazonImage.sizeMB = 16 * 1024;
}
)
];
}

21
hosts/flame/default.nix
View File

@ -7,7 +7,12 @@
# https://blog.korfuri.fr/posts/2022/08/nixos-on-an-oracle-free-tier-ampere-machine/
# These days, probably use nixos-anywhere instead.
{ inputs, globals, overlays, ... }:
{
inputs,
globals,
overlays,
...
}:
inputs.nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
@ -26,7 +31,11 @@ inputs.nixpkgs.lib.nixosSystem {
# Not sure what's necessary but too afraid to remove anything
imports = [ (inputs.nixpkgs + "/nixos/modules/profiles/qemu-guest.nix") ];
boot.initrd.availableKernelModules = [ "xhci_pci" "virtio_pci" "usbhid" ];
boot.initrd.availableKernelModules = [
"xhci_pci"
"virtio_pci"
"usbhid"
];
# File systems must be declared in order to boot
@ -49,7 +58,9 @@ inputs.nixpkgs.lib.nixosSystem {
gui.enable = false;
# Still require colors for programs like Neovim, K9S
theme = { colors = (import ../../colorscheme/gruvbox).dark; };
theme = {
colors = (import ../../colorscheme/gruvbox).dark;
};
# Programs and services
atuin.enable = true;
@ -72,8 +83,7 @@ inputs.nixpkgs.lib.nixosSystem {
enable = true;
id = "bd250ee1-ed2e-42d2-b627-039f1eb5a4d2";
credentialsFile = ../../private/cloudflared-flame.age;
ca =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK/6oyVqjFGX3Uvrc3VS8J9sphxzAnRzKC85xgkHfYgR3TK6qBGXzHrknEj21xeZrr3G2y1UsGzphWJd9ZfIcdA= open-ssh-ca@cloudflareaccess.org";
ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK/6oyVqjFGX3Uvrc3VS8J9sphxzAnRzKC85xgkHfYgR3TK6qBGXzHrknEj21xeZrr3G2y1UsGzphWJd9ZfIcdA= open-ssh-ca@cloudflareaccess.org";
};
# Nextcloud backup config
@ -116,7 +126,6 @@ inputs.nixpkgs.lib.nixosSystem {
# # VPN port forwarding
# services.transmission.settings.peer-port = 57599;
}
];
}

10
hosts/hydra/default.nix
View File

@ -3,7 +3,12 @@
# See [readme](../README.md) to explain how this file works.
{ inputs, globals, overlays, ... }:
{
inputs,
globals,
overlays,
...
}:
inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
@ -32,8 +37,7 @@ inputs.nixpkgs.lib.nixosSystem {
startMenuLaunchers = true;
nativeSystemd = true;
wslConf.network.generateResolvConf = true; # Turn off if it breaks VPN
interop.includePath =
false; # Including Windows PATH will slow down Neovim command mode
interop.includePath = false; # Including Windows PATH will slow down Neovim command mode
};
neovim.enable = true;

20
hosts/lookingglass/default.nix
View File

@ -1,7 +1,12 @@
# The Looking Glass
# System configuration for my work Macbook
{ inputs, globals, overlays, ... }:
{
inputs,
globals,
overlays,
...
}:
inputs.darwin.lib.darwinSystem {
system = "aarch64-darwin";
@ -9,11 +14,14 @@ inputs.darwin.lib.darwinSystem {
modules = [
../../modules/common
../../modules/darwin
(globals // rec {
user = "Noah.Masur";
gitName = "Noah-Masur_1701";
gitEmail = "${user}@take2games.com";
})
(
globals
// rec {
user = "Noah.Masur";
gitName = "Noah-Masur_1701";
gitEmail = "${user}@take2games.com";
}
)
inputs.home-manager.darwinModules.home-manager
{
nixpkgs.overlays = [ inputs.firefox-darwin.overlay ] ++ overlays;

78
hosts/staff/default.nix
View File

@ -1,43 +1,53 @@
# The Staff
# ISO configuration for my USB drive
{ inputs, system, overlays, ... }:
{
inputs,
system,
overlays,
...
}:
inputs.nixos-generators.nixosGenerate {
inherit system;
format = "install-iso";
modules = [{
nixpkgs.overlays = overlays;
networking.hostName = "staff";
users.extraUsers.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s"
];
services.openssh = {
enable = true;
ports = [ 22 ];
allowSFTP = true;
settings = {
GatewayPorts = "no";
X11Forwarding = false;
PasswordAuthentication = false;
PermitRootLogin = "yes";
};
};
environment.systemPackages =
let pkgs = import inputs.nixpkgs { inherit system overlays; };
in with pkgs; [
git
vim
wget
curl
(import ../../modules/common/neovim/package {
inherit pkgs;
colors = (import ../../colorscheme/gruvbox).dark;
})
modules = [
{
nixpkgs.overlays = overlays;
networking.hostName = "staff";
users.extraUsers.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s"
];
nix.extraOptions = ''
experimental-features = nix-command flakes
warn-dirty = false
'';
}];
services.openssh = {
enable = true;
ports = [ 22 ];
allowSFTP = true;
settings = {
GatewayPorts = "no";
X11Forwarding = false;
PasswordAuthentication = false;
PermitRootLogin = "yes";
};
};
environment.systemPackages =
let
pkgs = import inputs.nixpkgs { inherit system overlays; };
in
with pkgs;
[
git
vim
wget
curl
(import ../../modules/common/neovim/package {
inherit pkgs;
colors = (import ../../colorscheme/gruvbox).dark;
})
];
nix.extraOptions = ''
experimental-features = nix-command flakes
warn-dirty = false
'';
}
];
}

30
hosts/swan/default.nix
View File

@ -3,7 +3,12 @@
# See [readme](../README.md) to explain how this file works.
{ inputs, globals, overlays, ... }:
{
inputs,
globals,
overlays,
...
}:
inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
@ -23,8 +28,13 @@ inputs.nixpkgs.lib.nixosSystem {
networking.hostName = "swan";
# Not sure what's necessary but too afraid to remove anything
boot.initrd.availableKernelModules =
[ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" ];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"usb_storage"
"sd_mod"
];
# Required for transcoding
boot.initrd.kernelModules = [ "amdgpu" ];
@ -60,8 +70,11 @@ inputs.nixpkgs.lib.nixosSystem {
# Automatically load the ZFS pool on boot
extraPools = [ "tank" ];
# Only try to decrypt datasets with keyfiles
requestEncryptionCredentials =
[ "tank/archive" "tank/generic" "tank/nextcloud" ];
requestEncryptionCredentials = [
"tank/archive"
"tank/generic"
"tank/nextcloud"
];
# If password is requested and fails, continue to boot eventually
passwordTimeout = 300;
};
@ -72,7 +85,9 @@ inputs.nixpkgs.lib.nixosSystem {
gui.enable = false;
# Still require colors for programs like Neovim, K9S
theme = { colors = (import ../../colorscheme/gruvbox).dark; };
theme = {
colors = (import ../../colorscheme/gruvbox).dark;
};
# Programs and services
atuin.enable = true;
@ -97,8 +112,7 @@ inputs.nixpkgs.lib.nixosSystem {
enable = true;
id = "646754ac-2149-4a58-b51a-e1d0a1f3ade2";
credentialsFile = ../../private/cloudflared-swan.age;
ca =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCHF/UMtJqPFrf6f6GRY0ZFnkCW7b6sYgUTjTtNfRj1RdmNic1NoJZql7y6BrqQinZvy7nsr1UFDNWoHn6ah3tg= open-ssh-ca@cloudflareaccess.org";
ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCHF/UMtJqPFrf6f6GRY0ZFnkCW7b6sYgUTjTtNfRj1RdmNic1NoJZql7y6BrqQinZvy7nsr1UFDNWoHn6ah3tg= open-ssh-ca@cloudflareaccess.org";
};
# Send regular backups and litestream for DBs to an S3-like bucket

24
hosts/tempest/default.nix
View File

@ -3,7 +3,12 @@
# See [readme](../README.md) to explain how this file works.
{ inputs, globals, overlays, ... }:
{
inputs,
globals,
overlays,
...
}:
inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
@ -20,8 +25,14 @@ inputs.nixpkgs.lib.nixosSystem {
networking.hostName = "tempest";
# Not sure what's necessary but too afraid to remove anything
boot.initrd.availableKernelModules =
[ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"ahci"
"usb_storage"
"usbhid"
"sd_mod"
];
# Graphics and VMs
boot.initrd.kernelModules = [ "amdgpu" ];
@ -114,23 +125,20 @@ inputs.nixpkgs.lib.nixosSystem {
ryujinx.enable = true;
};
services.vmagent.enable = true; # Enables Prometheus metrics
services.openssh.enable =
true; # Required for Cloudflare tunnel and identity file
services.openssh.enable = true; # Required for Cloudflare tunnel and identity file
# Allows private remote access over the internet
cloudflareTunnel = {
enable = true;
id = "ac133a82-31fb-480c-942a-cdbcd4c58173";
credentialsFile = ../../private/cloudflared-tempest.age;
ca =
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPY6C0HmdFCaxYtJxFr3qV4/1X4Q8KrYQ1hlme3u1hJXK+xW+lc9Y9glWHrhiTKilB7carYTB80US0O47gI5yU4= open-ssh-ca@cloudflareaccess.org";
ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPY6C0HmdFCaxYtJxFr3qV4/1X4Q8KrYQ1hlme3u1hJXK+xW+lc9Y9glWHrhiTKilB7carYTB80US0O47gI5yU4= open-ssh-ca@cloudflareaccess.org";
};
# Allows requests to force machine to wake up
# This network interface might change, needs to be set specifically for each machine.
# Or set usePredictableInterfaceNames = false
networking.interfaces.enp5s0.wakeOnLan.enable = true;
}
];
}