fix flake check errors

also break out packages into individual systems
This commit is contained in:
Noah Masur 2023-04-16 16:33:16 -04:00
parent 1510c8c31f
commit 2337db0bda
7 changed files with 60 additions and 63 deletions

View File

@ -162,28 +162,27 @@
# Disk formatting, only used once # Disk formatting, only used once
diskoConfigurations = { root = import ./disks/root.nix; }; diskoConfigurations = { root = import ./disks/root.nix; };
# Other packages, such as system images or programs packages = let
packages = forAllSystems (system: { aws = system:
import ./generators/aws { inherit inputs globals overlays system; };
# Package servers into images with a generator staff = system:
aws = { import ./generators/staff { inherit inputs globals overlays system; };
"${system}" = neovim = system:
import ./generators/aws { inherit inputs globals system overlays; }; let pkgs = import nixpkgs { inherit system overlays; };
}; in import ./modules/common/neovim/package {
staff = { inherit pkgs;
"${system}" = import ./generators/staff { colors = (import ./colorscheme/gruvbox-dark).dark;
inherit inputs globals system overlays;
}; };
}; in {
x86_64-linux.aws = aws "x86_64-linux";
x86_64-linux.staff = staff "x86_64-linux";
# Package Neovim config into standalone package # Package Neovim config into standalone package
neovim = let pkgs = import nixpkgs { inherit system overlays; }; x86_64-linux.neovim = neovim "x86_64-linux";
in import ./modules/common/neovim/package { x86_64-darwin.neovim = neovim "x86_64-darwin";
inherit pkgs; aarch64-linux.neovim = neovim "aarch64-linux";
colors = (import ./colorscheme/gruvbox-dark).dark; aarch64-darwin.neovim = neovim "aarch64-darwin";
}; };
});
# Programs that can be run by calling this flake # Programs that can be run by calling this flake
apps = forAllSystems (system: apps = forAllSystems (system:
@ -208,8 +207,6 @@
buildInputs = with pkgs; [ git stylua nixfmt shfmt shellcheck ]; buildInputs = with pkgs; [ git stylua nixfmt shfmt shellcheck ];
}; };
test = pkgs.mkShell { buildInputs = with pkgs; [ age ]; };
# Used for cloud and systems development and administration # Used for cloud and systems development and administration
devops = pkgs.mkShell { devops = pkgs.mkShell {
buildInputs = with pkgs; [ buildInputs = with pkgs; [

View File

@ -1,4 +1,4 @@
{ inputs, globals, ... }: { inputs, system, globals, overlays, ... }:
with inputs; with inputs;
@ -8,6 +8,7 @@ nixos-generators.nixosGenerate {
modules = [ modules = [
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
nixpkgs.overlays = overlays;
user = globals.user; user = globals.user;
fullName = globals.fullName; fullName = globals.fullName;
dotfilesRepo = globals.dotfilesRepo; dotfilesRepo = globals.dotfilesRepo;
@ -15,7 +16,7 @@ nixos-generators.nixosGenerate {
gitEmail = globals.gitEmail; gitEmail = globals.gitEmail;
networking.hostName = "sheep"; networking.hostName = "sheep";
gui.enable = false; gui.enable = false;
colorscheme = (import ../colorscheme/gruvbox); theme.colors = (import ../../colorscheme/gruvbox).dark;
passwordHash = null; passwordHash = null;
publicKey = publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s"; "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
@ -24,7 +25,7 @@ nixos-generators.nixosGenerate {
} }
../../modules/common ../../modules/common
../../modules/nixos ../../modules/nixos
../../modules/common/services/sshd.nix ../../modules/nixos/services/sshd.nix
] ++ [ ] ++ [
# Required to fix diskSize errors during build # Required to fix diskSize errors during build
({ ... }: { amazonImage.sizeMB = 16 * 1024; }) ({ ... }: { amazonImage.sizeMB = 16 * 1024; })

View File

@ -34,9 +34,7 @@ nixos-generators.nixosGenerate {
curl curl
(import ../../modules/common/neovim/package { (import ../../modules/common/neovim/package {
inherit pkgs; inherit pkgs;
# colors = import ../../colorscheme/gruvbox.dark.neovimConfig { colors = (import ../../colorscheme/gruvbox).dark;
# inherit pkgs;
# };
}) })
]; ];
nix.extraOptions = '' nix.extraOptions = ''

View File

@ -28,10 +28,6 @@ nixpkgs.lib.nixosSystem {
# FQDNs for various services # FQDNs for various services
networking.hostName = "flame"; networking.hostName = "flame";
bookServer = "books.masu.rs";
# streamServer = "stream.masu.rs";
nextcloudServer = "cloud.masu.rs";
transmissionServer = "download.masu.rs";
metricsServer = "metrics.masu.rs"; metricsServer = "metrics.masu.rs";
vaultwardenServer = "vault.masu.rs"; vaultwardenServer = "vault.masu.rs";
giteaServer = "git.masu.rs"; giteaServer = "git.masu.rs";
@ -47,40 +43,40 @@ nixpkgs.lib.nixosSystem {
accessKeyId = "0026b0e73b2e2c80000000005"; accessKeyId = "0026b0e73b2e2c80000000005";
}; };
# Grant access to Jellyfin directories from Nextcloud # # Grant access to Jellyfin directories from Nextcloud
users.users.nextcloud.extraGroups = [ "jellyfin" ]; # users.users.nextcloud.extraGroups = [ "jellyfin" ];
# Wireguard config for Transmission # # Wireguard config for Transmission
wireguard.enable = true; # wireguard.enable = true;
networking.wireguard.interfaces.wg0 = { # networking.wireguard.interfaces.wg0 = {
#
# # The local IPs for this machine within the Wireguard network
# # Any inbound traffic bound for these IPs should be kept on localhost
# ips = [ "10.66.13.200/32" "fc00:bbbb:bbbb:bb01::3:dc7/128" ];
#
# peers = [{
#
# # Identity of Wireguard target peer (VPN)
# publicKey = "bOOP5lIjqCdDx5t+mP/kEcSbHS4cZqE0rMlBI178lyY=";
#
# # The public internet address of the target peer
# endpoint = "86.106.143.132:51820";
#
# # Which outgoing IP ranges should be sent through Wireguard
# allowedIPs = [ "0.0.0.0/0" "::0/0" ];
#
# # Send heartbeat signal within the network
# persistentKeepalive = 25;
#
# }];
#
# };
# The local IPs for this machine within the Wireguard network # # VPN port forwarding
# Any inbound traffic bound for these IPs should be kept on localhost # services.transmission.settings.peer-port = 57599;
ips = [ "10.66.13.200/32" "fc00:bbbb:bbbb:bb01::3:dc7/128" ];
peers = [{ # # Grant access to Transmission directories from Jellyfin
# users.users.jellyfin.extraGroups = [ "transmission" ];
# Identity of Wireguard target peer (VPN)
publicKey = "bOOP5lIjqCdDx5t+mP/kEcSbHS4cZqE0rMlBI178lyY=";
# The public internet address of the target peer
endpoint = "86.106.143.132:51820";
# Which outgoing IP ranges should be sent through Wireguard
allowedIPs = [ "0.0.0.0/0" "::0/0" ];
# Send heartbeat signal within the network
persistentKeepalive = 25;
}];
};
# VPN port forwarding
services.transmission.settings.peer-port = 57599;
# Grant access to Transmission directories from Jellyfin
users.users.jellyfin.extraGroups = [ "transmission" ];
# Proxy traffic with Cloudflare # Proxy traffic with Cloudflare
cloudflare.enable = true; cloudflare.enable = true;

View File

@ -43,6 +43,7 @@ nixpkgs.lib.nixosSystem {
nextcloudServer = "cloud.masu.rs"; nextcloudServer = "cloud.masu.rs";
bookServer = "books.masu.rs"; bookServer = "books.masu.rs";
arrServer = "download.masu.rs"; arrServer = "download.masu.rs";
transmissionServer = "download.masu.rs";
samba.enable = true; samba.enable = true;
backup.s3 = { backup.s3 = {

View File

@ -11,6 +11,10 @@
config = lib.mkIf (config.streamServer != null) { config = lib.mkIf (config.streamServer != null) {
services.jellyfin.enable = true; services.jellyfin.enable = true;
users.users.jellyfin = {
isSystemUser = true;
group = "jellyfin";
};
caddy.routes = [{ caddy.routes = [{
match = [{ host = [ config.streamServer ]; }]; match = [{ host = [ config.streamServer ]; }];

View File

@ -38,7 +38,7 @@ in {
}; };
secrets.vaultwarden = { secrets.vaultwarden = {
source = ../../private/vaultwarden.age; source = ../../../private/vaultwarden.age;
dest = "${config.secretsDirectory}/vaultwarden"; dest = "${config.secretsDirectory}/vaultwarden";
owner = "vaultwarden"; owner = "vaultwarden";
group = "vaultwarden"; group = "vaultwarden";