From 2337db0bda4e5fe6796ee57c0d2de3b5789fef1d Mon Sep 17 00:00:00 2001 From: Noah Masur <7386960+nmasur@users.noreply.github.com> Date: Sun, 16 Apr 2023 16:33:16 -0400 Subject: [PATCH] fix flake check errors also break out packages into individual systems --- flake.nix | 39 +++++++-------- generators/aws/default.nix | 7 +-- generators/staff/default.nix | 4 +- hosts/flame/default.nix | 66 ++++++++++++-------------- hosts/swan/default.nix | 1 + modules/nixos/services/jellyfin.nix | 4 ++ modules/nixos/services/vaultwarden.nix | 2 +- 7 files changed, 60 insertions(+), 63 deletions(-) diff --git a/flake.nix b/flake.nix index 8a08a86..cd9aff9 100644 --- a/flake.nix +++ b/flake.nix @@ -162,28 +162,27 @@ # Disk formatting, only used once diskoConfigurations = { root = import ./disks/root.nix; }; - # Other packages, such as system images or programs - packages = forAllSystems (system: { - - # Package servers into images with a generator - aws = { - "${system}" = - import ./generators/aws { inherit inputs globals system overlays; }; - }; - staff = { - "${system}" = import ./generators/staff { - inherit inputs globals system overlays; + packages = let + aws = system: + import ./generators/aws { inherit inputs globals overlays system; }; + staff = system: + import ./generators/staff { inherit inputs globals overlays system; }; + neovim = system: + let pkgs = import nixpkgs { inherit system overlays; }; + in import ./modules/common/neovim/package { + inherit pkgs; + colors = (import ./colorscheme/gruvbox-dark).dark; }; - }; + in { + x86_64-linux.aws = aws "x86_64-linux"; + x86_64-linux.staff = staff "x86_64-linux"; # Package Neovim config into standalone package - neovim = let pkgs = import nixpkgs { inherit system overlays; }; - in import ./modules/common/neovim/package { - inherit pkgs; - colors = (import ./colorscheme/gruvbox-dark).dark; - }; - - }); + x86_64-linux.neovim = neovim "x86_64-linux"; + x86_64-darwin.neovim = neovim "x86_64-darwin"; + aarch64-linux.neovim = neovim "aarch64-linux"; + aarch64-darwin.neovim = neovim "aarch64-darwin"; + }; # Programs that can be run by calling this flake apps = forAllSystems (system: @@ -208,8 +207,6 @@ buildInputs = with pkgs; [ git stylua nixfmt shfmt shellcheck ]; }; - test = pkgs.mkShell { buildInputs = with pkgs; [ age ]; }; - # Used for cloud and systems development and administration devops = pkgs.mkShell { buildInputs = with pkgs; [ diff --git a/generators/aws/default.nix b/generators/aws/default.nix index 1480cbd..25087c0 100644 --- a/generators/aws/default.nix +++ b/generators/aws/default.nix @@ -1,4 +1,4 @@ -{ inputs, globals, ... }: +{ inputs, system, globals, overlays, ... }: with inputs; @@ -8,6 +8,7 @@ nixos-generators.nixosGenerate { modules = [ home-manager.nixosModules.home-manager { + nixpkgs.overlays = overlays; user = globals.user; fullName = globals.fullName; dotfilesRepo = globals.dotfilesRepo; @@ -15,7 +16,7 @@ nixos-generators.nixosGenerate { gitEmail = globals.gitEmail; networking.hostName = "sheep"; gui.enable = false; - colorscheme = (import ../colorscheme/gruvbox); + theme.colors = (import ../../colorscheme/gruvbox).dark; passwordHash = null; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s"; @@ -24,7 +25,7 @@ nixos-generators.nixosGenerate { } ../../modules/common ../../modules/nixos - ../../modules/common/services/sshd.nix + ../../modules/nixos/services/sshd.nix ] ++ [ # Required to fix diskSize errors during build ({ ... }: { amazonImage.sizeMB = 16 * 1024; }) diff --git a/generators/staff/default.nix b/generators/staff/default.nix index 904905c..f26632c 100644 --- a/generators/staff/default.nix +++ b/generators/staff/default.nix @@ -34,9 +34,7 @@ nixos-generators.nixosGenerate { curl (import ../../modules/common/neovim/package { inherit pkgs; - # colors = import ../../colorscheme/gruvbox.dark.neovimConfig { - # inherit pkgs; - # }; + colors = (import ../../colorscheme/gruvbox).dark; }) ]; nix.extraOptions = '' diff --git a/hosts/flame/default.nix b/hosts/flame/default.nix index 4eff655..7a46ad1 100644 --- a/hosts/flame/default.nix +++ b/hosts/flame/default.nix @@ -28,10 +28,6 @@ nixpkgs.lib.nixosSystem { # FQDNs for various services networking.hostName = "flame"; - bookServer = "books.masu.rs"; - # streamServer = "stream.masu.rs"; - nextcloudServer = "cloud.masu.rs"; - transmissionServer = "download.masu.rs"; metricsServer = "metrics.masu.rs"; vaultwardenServer = "vault.masu.rs"; giteaServer = "git.masu.rs"; @@ -47,40 +43,40 @@ nixpkgs.lib.nixosSystem { accessKeyId = "0026b0e73b2e2c80000000005"; }; - # Grant access to Jellyfin directories from Nextcloud - users.users.nextcloud.extraGroups = [ "jellyfin" ]; + # # Grant access to Jellyfin directories from Nextcloud + # users.users.nextcloud.extraGroups = [ "jellyfin" ]; - # Wireguard config for Transmission - wireguard.enable = true; - networking.wireguard.interfaces.wg0 = { + # # Wireguard config for Transmission + # wireguard.enable = true; + # networking.wireguard.interfaces.wg0 = { + # + # # The local IPs for this machine within the Wireguard network + # # Any inbound traffic bound for these IPs should be kept on localhost + # ips = [ "10.66.13.200/32" "fc00:bbbb:bbbb:bb01::3:dc7/128" ]; + # + # peers = [{ + # + # # Identity of Wireguard target peer (VPN) + # publicKey = "bOOP5lIjqCdDx5t+mP/kEcSbHS4cZqE0rMlBI178lyY="; + # + # # The public internet address of the target peer + # endpoint = "86.106.143.132:51820"; + # + # # Which outgoing IP ranges should be sent through Wireguard + # allowedIPs = [ "0.0.0.0/0" "::0/0" ]; + # + # # Send heartbeat signal within the network + # persistentKeepalive = 25; + # + # }]; + # + # }; - # The local IPs for this machine within the Wireguard network - # Any inbound traffic bound for these IPs should be kept on localhost - ips = [ "10.66.13.200/32" "fc00:bbbb:bbbb:bb01::3:dc7/128" ]; + # # VPN port forwarding + # services.transmission.settings.peer-port = 57599; - peers = [{ - - # Identity of Wireguard target peer (VPN) - publicKey = "bOOP5lIjqCdDx5t+mP/kEcSbHS4cZqE0rMlBI178lyY="; - - # The public internet address of the target peer - endpoint = "86.106.143.132:51820"; - - # Which outgoing IP ranges should be sent through Wireguard - allowedIPs = [ "0.0.0.0/0" "::0/0" ]; - - # Send heartbeat signal within the network - persistentKeepalive = 25; - - }]; - - }; - - # VPN port forwarding - services.transmission.settings.peer-port = 57599; - - # Grant access to Transmission directories from Jellyfin - users.users.jellyfin.extraGroups = [ "transmission" ]; + # # Grant access to Transmission directories from Jellyfin + # users.users.jellyfin.extraGroups = [ "transmission" ]; # Proxy traffic with Cloudflare cloudflare.enable = true; diff --git a/hosts/swan/default.nix b/hosts/swan/default.nix index bef02b9..7077c25 100644 --- a/hosts/swan/default.nix +++ b/hosts/swan/default.nix @@ -43,6 +43,7 @@ nixpkgs.lib.nixosSystem { nextcloudServer = "cloud.masu.rs"; bookServer = "books.masu.rs"; arrServer = "download.masu.rs"; + transmissionServer = "download.masu.rs"; samba.enable = true; backup.s3 = { diff --git a/modules/nixos/services/jellyfin.nix b/modules/nixos/services/jellyfin.nix index 9ea1121..a76af9e 100644 --- a/modules/nixos/services/jellyfin.nix +++ b/modules/nixos/services/jellyfin.nix @@ -11,6 +11,10 @@ config = lib.mkIf (config.streamServer != null) { services.jellyfin.enable = true; + users.users.jellyfin = { + isSystemUser = true; + group = "jellyfin"; + }; caddy.routes = [{ match = [{ host = [ config.streamServer ]; }]; diff --git a/modules/nixos/services/vaultwarden.nix b/modules/nixos/services/vaultwarden.nix index c4cbf89..fe96684 100644 --- a/modules/nixos/services/vaultwarden.nix +++ b/modules/nixos/services/vaultwarden.nix @@ -38,7 +38,7 @@ in { }; secrets.vaultwarden = { - source = ../../private/vaultwarden.age; + source = ../../../private/vaultwarden.age; dest = "${config.secretsDirectory}/vaultwarden"; owner = "vaultwarden"; group = "vaultwarden";