mirror of
https://github.com/nmasur/dotfiles
synced 2024-11-22 19:15:37 +00:00
fix flake check errors
also break out packages into individual systems
This commit is contained in:
parent
1510c8c31f
commit
2337db0bda
39
flake.nix
39
flake.nix
@ -162,28 +162,27 @@
|
|||||||
# Disk formatting, only used once
|
# Disk formatting, only used once
|
||||||
diskoConfigurations = { root = import ./disks/root.nix; };
|
diskoConfigurations = { root = import ./disks/root.nix; };
|
||||||
|
|
||||||
# Other packages, such as system images or programs
|
packages = let
|
||||||
packages = forAllSystems (system: {
|
aws = system:
|
||||||
|
import ./generators/aws { inherit inputs globals overlays system; };
|
||||||
# Package servers into images with a generator
|
staff = system:
|
||||||
aws = {
|
import ./generators/staff { inherit inputs globals overlays system; };
|
||||||
"${system}" =
|
neovim = system:
|
||||||
import ./generators/aws { inherit inputs globals system overlays; };
|
let pkgs = import nixpkgs { inherit system overlays; };
|
||||||
};
|
in import ./modules/common/neovim/package {
|
||||||
staff = {
|
inherit pkgs;
|
||||||
"${system}" = import ./generators/staff {
|
colors = (import ./colorscheme/gruvbox-dark).dark;
|
||||||
inherit inputs globals system overlays;
|
|
||||||
};
|
};
|
||||||
};
|
in {
|
||||||
|
x86_64-linux.aws = aws "x86_64-linux";
|
||||||
|
x86_64-linux.staff = staff "x86_64-linux";
|
||||||
|
|
||||||
# Package Neovim config into standalone package
|
# Package Neovim config into standalone package
|
||||||
neovim = let pkgs = import nixpkgs { inherit system overlays; };
|
x86_64-linux.neovim = neovim "x86_64-linux";
|
||||||
in import ./modules/common/neovim/package {
|
x86_64-darwin.neovim = neovim "x86_64-darwin";
|
||||||
inherit pkgs;
|
aarch64-linux.neovim = neovim "aarch64-linux";
|
||||||
colors = (import ./colorscheme/gruvbox-dark).dark;
|
aarch64-darwin.neovim = neovim "aarch64-darwin";
|
||||||
};
|
};
|
||||||
|
|
||||||
});
|
|
||||||
|
|
||||||
# Programs that can be run by calling this flake
|
# Programs that can be run by calling this flake
|
||||||
apps = forAllSystems (system:
|
apps = forAllSystems (system:
|
||||||
@ -208,8 +207,6 @@
|
|||||||
buildInputs = with pkgs; [ git stylua nixfmt shfmt shellcheck ];
|
buildInputs = with pkgs; [ git stylua nixfmt shfmt shellcheck ];
|
||||||
};
|
};
|
||||||
|
|
||||||
test = pkgs.mkShell { buildInputs = with pkgs; [ age ]; };
|
|
||||||
|
|
||||||
# Used for cloud and systems development and administration
|
# Used for cloud and systems development and administration
|
||||||
devops = pkgs.mkShell {
|
devops = pkgs.mkShell {
|
||||||
buildInputs = with pkgs; [
|
buildInputs = with pkgs; [
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
{ inputs, globals, ... }:
|
{ inputs, system, globals, overlays, ... }:
|
||||||
|
|
||||||
with inputs;
|
with inputs;
|
||||||
|
|
||||||
@ -8,6 +8,7 @@ nixos-generators.nixosGenerate {
|
|||||||
modules = [
|
modules = [
|
||||||
home-manager.nixosModules.home-manager
|
home-manager.nixosModules.home-manager
|
||||||
{
|
{
|
||||||
|
nixpkgs.overlays = overlays;
|
||||||
user = globals.user;
|
user = globals.user;
|
||||||
fullName = globals.fullName;
|
fullName = globals.fullName;
|
||||||
dotfilesRepo = globals.dotfilesRepo;
|
dotfilesRepo = globals.dotfilesRepo;
|
||||||
@ -15,7 +16,7 @@ nixos-generators.nixosGenerate {
|
|||||||
gitEmail = globals.gitEmail;
|
gitEmail = globals.gitEmail;
|
||||||
networking.hostName = "sheep";
|
networking.hostName = "sheep";
|
||||||
gui.enable = false;
|
gui.enable = false;
|
||||||
colorscheme = (import ../colorscheme/gruvbox);
|
theme.colors = (import ../../colorscheme/gruvbox).dark;
|
||||||
passwordHash = null;
|
passwordHash = null;
|
||||||
publicKey =
|
publicKey =
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
|
||||||
@ -24,7 +25,7 @@ nixos-generators.nixosGenerate {
|
|||||||
}
|
}
|
||||||
../../modules/common
|
../../modules/common
|
||||||
../../modules/nixos
|
../../modules/nixos
|
||||||
../../modules/common/services/sshd.nix
|
../../modules/nixos/services/sshd.nix
|
||||||
] ++ [
|
] ++ [
|
||||||
# Required to fix diskSize errors during build
|
# Required to fix diskSize errors during build
|
||||||
({ ... }: { amazonImage.sizeMB = 16 * 1024; })
|
({ ... }: { amazonImage.sizeMB = 16 * 1024; })
|
||||||
|
@ -34,9 +34,7 @@ nixos-generators.nixosGenerate {
|
|||||||
curl
|
curl
|
||||||
(import ../../modules/common/neovim/package {
|
(import ../../modules/common/neovim/package {
|
||||||
inherit pkgs;
|
inherit pkgs;
|
||||||
# colors = import ../../colorscheme/gruvbox.dark.neovimConfig {
|
colors = (import ../../colorscheme/gruvbox).dark;
|
||||||
# inherit pkgs;
|
|
||||||
# };
|
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
nix.extraOptions = ''
|
nix.extraOptions = ''
|
||||||
|
@ -28,10 +28,6 @@ nixpkgs.lib.nixosSystem {
|
|||||||
|
|
||||||
# FQDNs for various services
|
# FQDNs for various services
|
||||||
networking.hostName = "flame";
|
networking.hostName = "flame";
|
||||||
bookServer = "books.masu.rs";
|
|
||||||
# streamServer = "stream.masu.rs";
|
|
||||||
nextcloudServer = "cloud.masu.rs";
|
|
||||||
transmissionServer = "download.masu.rs";
|
|
||||||
metricsServer = "metrics.masu.rs";
|
metricsServer = "metrics.masu.rs";
|
||||||
vaultwardenServer = "vault.masu.rs";
|
vaultwardenServer = "vault.masu.rs";
|
||||||
giteaServer = "git.masu.rs";
|
giteaServer = "git.masu.rs";
|
||||||
@ -47,40 +43,40 @@ nixpkgs.lib.nixosSystem {
|
|||||||
accessKeyId = "0026b0e73b2e2c80000000005";
|
accessKeyId = "0026b0e73b2e2c80000000005";
|
||||||
};
|
};
|
||||||
|
|
||||||
# Grant access to Jellyfin directories from Nextcloud
|
# # Grant access to Jellyfin directories from Nextcloud
|
||||||
users.users.nextcloud.extraGroups = [ "jellyfin" ];
|
# users.users.nextcloud.extraGroups = [ "jellyfin" ];
|
||||||
|
|
||||||
# Wireguard config for Transmission
|
# # Wireguard config for Transmission
|
||||||
wireguard.enable = true;
|
# wireguard.enable = true;
|
||||||
networking.wireguard.interfaces.wg0 = {
|
# networking.wireguard.interfaces.wg0 = {
|
||||||
|
#
|
||||||
|
# # The local IPs for this machine within the Wireguard network
|
||||||
|
# # Any inbound traffic bound for these IPs should be kept on localhost
|
||||||
|
# ips = [ "10.66.13.200/32" "fc00:bbbb:bbbb:bb01::3:dc7/128" ];
|
||||||
|
#
|
||||||
|
# peers = [{
|
||||||
|
#
|
||||||
|
# # Identity of Wireguard target peer (VPN)
|
||||||
|
# publicKey = "bOOP5lIjqCdDx5t+mP/kEcSbHS4cZqE0rMlBI178lyY=";
|
||||||
|
#
|
||||||
|
# # The public internet address of the target peer
|
||||||
|
# endpoint = "86.106.143.132:51820";
|
||||||
|
#
|
||||||
|
# # Which outgoing IP ranges should be sent through Wireguard
|
||||||
|
# allowedIPs = [ "0.0.0.0/0" "::0/0" ];
|
||||||
|
#
|
||||||
|
# # Send heartbeat signal within the network
|
||||||
|
# persistentKeepalive = 25;
|
||||||
|
#
|
||||||
|
# }];
|
||||||
|
#
|
||||||
|
# };
|
||||||
|
|
||||||
# The local IPs for this machine within the Wireguard network
|
# # VPN port forwarding
|
||||||
# Any inbound traffic bound for these IPs should be kept on localhost
|
# services.transmission.settings.peer-port = 57599;
|
||||||
ips = [ "10.66.13.200/32" "fc00:bbbb:bbbb:bb01::3:dc7/128" ];
|
|
||||||
|
|
||||||
peers = [{
|
# # Grant access to Transmission directories from Jellyfin
|
||||||
|
# users.users.jellyfin.extraGroups = [ "transmission" ];
|
||||||
# Identity of Wireguard target peer (VPN)
|
|
||||||
publicKey = "bOOP5lIjqCdDx5t+mP/kEcSbHS4cZqE0rMlBI178lyY=";
|
|
||||||
|
|
||||||
# The public internet address of the target peer
|
|
||||||
endpoint = "86.106.143.132:51820";
|
|
||||||
|
|
||||||
# Which outgoing IP ranges should be sent through Wireguard
|
|
||||||
allowedIPs = [ "0.0.0.0/0" "::0/0" ];
|
|
||||||
|
|
||||||
# Send heartbeat signal within the network
|
|
||||||
persistentKeepalive = 25;
|
|
||||||
|
|
||||||
}];
|
|
||||||
|
|
||||||
};
|
|
||||||
|
|
||||||
# VPN port forwarding
|
|
||||||
services.transmission.settings.peer-port = 57599;
|
|
||||||
|
|
||||||
# Grant access to Transmission directories from Jellyfin
|
|
||||||
users.users.jellyfin.extraGroups = [ "transmission" ];
|
|
||||||
|
|
||||||
# Proxy traffic with Cloudflare
|
# Proxy traffic with Cloudflare
|
||||||
cloudflare.enable = true;
|
cloudflare.enable = true;
|
||||||
|
@ -43,6 +43,7 @@ nixpkgs.lib.nixosSystem {
|
|||||||
nextcloudServer = "cloud.masu.rs";
|
nextcloudServer = "cloud.masu.rs";
|
||||||
bookServer = "books.masu.rs";
|
bookServer = "books.masu.rs";
|
||||||
arrServer = "download.masu.rs";
|
arrServer = "download.masu.rs";
|
||||||
|
transmissionServer = "download.masu.rs";
|
||||||
samba.enable = true;
|
samba.enable = true;
|
||||||
|
|
||||||
backup.s3 = {
|
backup.s3 = {
|
||||||
|
@ -11,6 +11,10 @@
|
|||||||
config = lib.mkIf (config.streamServer != null) {
|
config = lib.mkIf (config.streamServer != null) {
|
||||||
|
|
||||||
services.jellyfin.enable = true;
|
services.jellyfin.enable = true;
|
||||||
|
users.users.jellyfin = {
|
||||||
|
isSystemUser = true;
|
||||||
|
group = "jellyfin";
|
||||||
|
};
|
||||||
|
|
||||||
caddy.routes = [{
|
caddy.routes = [{
|
||||||
match = [{ host = [ config.streamServer ]; }];
|
match = [{ host = [ config.streamServer ]; }];
|
||||||
|
@ -38,7 +38,7 @@ in {
|
|||||||
};
|
};
|
||||||
|
|
||||||
secrets.vaultwarden = {
|
secrets.vaultwarden = {
|
||||||
source = ../../private/vaultwarden.age;
|
source = ../../../private/vaultwarden.age;
|
||||||
dest = "${config.secretsDirectory}/vaultwarden";
|
dest = "${config.secretsDirectory}/vaultwarden";
|
||||||
owner = "vaultwarden";
|
owner = "vaultwarden";
|
||||||
group = "vaultwarden";
|
group = "vaultwarden";
|
||||||
|
Loading…
Reference in New Issue
Block a user