338 lines
12 KiB
Nix
338 lines
12 KiB
Nix
{
|
|
description = "Malte Tammena's system configuration";
|
|
|
|
inputs = {
|
|
nixpkgs.url = "nixpkgs/nixos-unstable";
|
|
nixpkgs-master.url = "github:NixOS/nixpkgs/master";
|
|
"nixpkgs-21.05".url = "github:NixOS/nixpkgs/nixos-21.05";
|
|
nixos-hardware.url = "github:NixOS/nixos-hardware";
|
|
nixpkgs-wayland.url = "github:nix-community/nixpkgs-wayland";
|
|
home-manager.url = "github:nix-community/home-manager";
|
|
emulator-2a.url = "github:MalteT/2a-emulator/develop";
|
|
mensa.url = "github:MalteT/mensa/main";
|
|
custom-udev-rules.url = "github:MalteT/custom-udev-rules";
|
|
fenix.url = "github:nix-community/fenix";
|
|
colmena.url = "github:zhaofengli/colmena";
|
|
sops-nix.url = "github:Mic92/sops-nix";
|
|
glados.url = "git+https://git.sr.ht/~megamanmalte/GLaDOS?ref=main";
|
|
gruvbox-material-gtk = {
|
|
url = "github:sainnhe/gruvbox-material-gtk";
|
|
flake = false;
|
|
};
|
|
rip = {
|
|
url = "github:nivekuil/rip";
|
|
flake = false;
|
|
};
|
|
sway = {
|
|
url = "github:swaywm/sway";
|
|
flake = false;
|
|
};
|
|
wlroots = {
|
|
url = "github:swaywm/wlroots";
|
|
flake = false;
|
|
};
|
|
mosh = {
|
|
url = "github:mobile-shell/mosh";
|
|
flake = false;
|
|
};
|
|
"2i-emulator" = {
|
|
url = "github:klemens/2i-emulator";
|
|
flake = false;
|
|
};
|
|
"cataclysm-dda" = {
|
|
url = "github:CleverRaven/Cataclysm-DDA";
|
|
flake = false;
|
|
};
|
|
"fend" = { url = "github:MalteT/fend/flake"; };
|
|
};
|
|
|
|
outputs = { self, nixpkgs, nixos-hardware, home-manager, ... }@inputs:
|
|
let
|
|
publicSshKey =
|
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDXnYMJtwgvSNpjysKzvRCjzyyQRB4yDtzynD7c5ALDZfRHvrgGQS11vk96ExClo66ll3vrFci5mBmGJf4/+yPBb3qiiovEHobjh5nIDHXYTg7tJDHivKIMQ3w8DmZwBKSLFlsH/UZe8NJVGrGRHGofWnTY/yw/FdbAkaKqvF/V+WGP7kR+dQ1pIqXXpP3phAu0WfO+E2838XxHAxLtm35GkE40GCX9dhXmjurxCeTSaJE6OYQ4/+z73fOZc1ebV/Ze6UZsGhOtzJPBIH19Ft0v9x86KoZabqgK3KDSHn9QKcM+Mm7o3tOthfQPlg1tCoxGueDJFI/0+AyjwBmQ1CUvNXpfmL4NE+6GRwRfZNsWoW0nPmC1B/c3rWk+JXYsxGQhvVeDk+1HXCFKghdPTSgpESua03A4UqLNadERYC9s2Q5TzSYQsV/8fpg4gCxlVRl/g1aUvbaCL09jmUkDJ4i36X+g8rvux5Q2CTpskLuhHeFVcC4/c1XXF+cJTwl1GjppEL0JFKgcjIwlyE8neR4PVlOq3UQqZdZEvzZigaLxtpwZMKNGhdIqS2/qqo/LlJ66/Y7TohimhsCRyHHqbf85Cha1z0Ct+9GtTdn9hpeC6Sb2Et+iN4gxdm+SWqPybZipeBL7b+ir5Ssxq1vIf/sbqKh7Kz699dwKSeRaAmJiew== openpgp:0xC43C0C72";
|
|
|
|
in rec {
|
|
|
|
colmena = {
|
|
meta = {
|
|
nixpkgs = import nixpkgs { system = "x86_64-linux"; };
|
|
machinesFile = ./build-machines;
|
|
};
|
|
|
|
helix-texta = { name, nodes, pkgs, ... }: {
|
|
imports = [ self.nixosModules.helix-texta ];
|
|
config.deployment = {
|
|
allowLocalDeployment = true;
|
|
targetHost = null;
|
|
};
|
|
};
|
|
|
|
achatina-fulica = { ... }: {
|
|
imports = [ self.nixosModules.achatina-fulica ];
|
|
config.deployment = {
|
|
targetHost = "cal.tammena.rocks";
|
|
targetUser = "root";
|
|
};
|
|
};
|
|
|
|
cornu-aspersum = { ... }: {
|
|
imports = [ self.nixosModules.cornu-aspersum ];
|
|
config.deployment = {
|
|
targetHost = "ccqcraft.de";
|
|
targetUser = "root";
|
|
};
|
|
};
|
|
|
|
elysia-clarki = { ... }: {
|
|
imports = [ self.nixosModules.elysia-clarki ];
|
|
config.deployment = {
|
|
targetHost = "elysia-clarki";
|
|
targetUser = "root";
|
|
};
|
|
};
|
|
};
|
|
|
|
nixosModules = {
|
|
helix-texta = { pkgs, config, ... }: {
|
|
imports = [
|
|
./hosts/helix-texta.nix
|
|
./modules/light-actkbd.nix
|
|
./modules/scanner.nix
|
|
self.nixosModules.thinkpad-p1-gen3
|
|
home-manager.nixosModules.home-manager
|
|
self.nixosModules.home-manager
|
|
self.nixosModules.x86_64-linux-basics
|
|
];
|
|
|
|
config = {
|
|
nix = {
|
|
# add binary caches
|
|
binaryCachePublicKeys = [
|
|
#"elysia-clarki:aGVlotez1OXr8OHYZxgw+LH93sJEVzrKIS0aoVfKtpc="
|
|
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
|
"nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
|
|
];
|
|
binaryCaches = nixpkgs.lib.mkForce [
|
|
#"http://cache.home.dyn.tammena.rocks"
|
|
"https://cache.nixos.org"
|
|
"https://nixpkgs-wayland.cachix.org"
|
|
];
|
|
};
|
|
|
|
environment.systemPackages =
|
|
[ inputs.colmena.packages.${config.nixpkgs.system}.colmena ];
|
|
|
|
# Overwrite basics
|
|
services.openssh.enable = false;
|
|
programs.mosh.enable = false;
|
|
|
|
# Overlays only relevant to my primary laptop
|
|
nixpkgs.overlays = [
|
|
inputs.nixpkgs-wayland.overlay
|
|
inputs.fenix.overlay
|
|
(import ./overlays/sane-backends.nix)
|
|
(import ./overlays/logisim.nix)
|
|
];
|
|
};
|
|
};
|
|
|
|
achatina-fulica = { pkgs, ... }: {
|
|
imports = [
|
|
self.nixosModules.x86_64-linux-basics
|
|
inputs.glados.nixosModules.glados
|
|
./hosts/achatina-fulica.nix
|
|
./hardware/netcup-minimal.nix
|
|
./modules/nginx-reverse-proxy.nix
|
|
./modules/radicale.nix
|
|
./modules/grafana.nix
|
|
];
|
|
};
|
|
|
|
cornu-aspersum = { pkgs, ... }: {
|
|
imports = [
|
|
self.nixosModules.x86_64-linux-basics
|
|
#inputs.glados.nixosModules.glados
|
|
./hosts/cornu-aspersum.nix
|
|
./hardware/netcup-rs-2000-g9.nix
|
|
./modules/nginx-reverse-proxy.nix
|
|
./modules/ccqcraft.nix
|
|
#./modules/radicale.nix
|
|
#./modules/grafana.nix
|
|
];
|
|
};
|
|
|
|
elysia-clarki = { pkgs, ... }: {
|
|
imports = [
|
|
self.nixosModules.x86_64-linux-basics
|
|
./hosts/elysia-clarki.nix
|
|
./hardware/intel-nuc.nix
|
|
./modules/local-build-service.nix
|
|
./modules/nginx-reverse-proxy.nix
|
|
./modules/binary-cache.nix
|
|
./modules/ccqcraft-backups.nix
|
|
];
|
|
|
|
config = {
|
|
# Override kernel version for zfs
|
|
boot.kernelPackages = pkgs.linuxPackages_5_10;
|
|
};
|
|
};
|
|
};
|
|
|
|
nixosModules.thinkpad-p1-gen3 = { pkgs, config, lib, ... }: {
|
|
imports = [
|
|
nixos-hardware.nixosModules.common-cpu-intel
|
|
nixos-hardware.nixosModules.common-gpu-nvidia
|
|
nixos-hardware.nixosModules.common-pc-laptop
|
|
nixos-hardware.nixosModules.common-pc-laptop-ssd
|
|
nixos-hardware.nixosModules.common-pc-laptop-acpi_call
|
|
./hardware/thinkpad-p1-gen3.nix
|
|
];
|
|
};
|
|
|
|
homeManagerConfigurations.malte =
|
|
home-manager.lib.homeManagerConfiguration {
|
|
system = "x86_64-linux";
|
|
username = "malte";
|
|
configuration = ./malte/home.nix;
|
|
homeDirectory = "/home/malte";
|
|
};
|
|
|
|
nixosModules.home-manager = { pkgs, ... }: {
|
|
home-manager.verbose = true;
|
|
home-manager.useGlobalPkgs = true;
|
|
home-manager.useUserPackages = true;
|
|
home-manager.users.malte.imports = [ ./malte/home.nix ];
|
|
};
|
|
|
|
# Necessary for flakes to work
|
|
nixosModules.nixUnstable = { pkgs, ... }: {
|
|
nix.registry.nixpkgs.flake = nixpkgs;
|
|
nix.package = pkgs.nixUnstable;
|
|
nix.extraOptions = ''
|
|
experimental-features = nix-command flakes
|
|
'';
|
|
nixpkgs.overlays = [ (self: super: { nix = super.nixUnstable; }) ];
|
|
};
|
|
|
|
# Some basics that every machine should have
|
|
nixosModules.x86_64-linux-basics = { pkgs, ... }: {
|
|
imports = [
|
|
inputs.custom-udev-rules.nixosModule
|
|
inputs.sops-nix.nixosModules.sops
|
|
self.nixosModules.nixUnstable
|
|
./modules/neovim.nix
|
|
];
|
|
# Basic system things
|
|
system.configurationRevision = pkgs.lib.mkIf (self ? rev) self.rev;
|
|
nixpkgs.config = {
|
|
allowUnfree = true;
|
|
joypixels.acceptLicense = true;
|
|
};
|
|
hardware.enableAllFirmware = true;
|
|
hardware.enableRedistributableFirmware = true;
|
|
# Make sure that I can log in
|
|
users.users.root = { openssh.authorizedKeys.keys = [ publicSshKey ]; };
|
|
# Basic packages
|
|
environment.systemPackages = with pkgs; [ git sops htop ];
|
|
# Enable mosh for some SSH superpower
|
|
programs.mosh.enable = pkgs.lib.mkDefault true;
|
|
services.openssh.enable = pkgs.lib.mkDefault true;
|
|
# My timezone
|
|
time.timeZone = "Europe/Berlin";
|
|
# Default locale on all systems
|
|
i18n.defaultLocale = "en_US.UTF-8";
|
|
# Some boot defaults
|
|
boot.kernelPackages = pkgs.lib.mkDefault pkgs.linuxPackages_latest;
|
|
boot.loader.timeout = pkgs.lib.mkDefault 1;
|
|
boot.loader.systemd-boot.configurationLimit = 50;
|
|
# This is set explicitly in all configurations, let's just do it here
|
|
networking.useDHCP = false;
|
|
# Add some useful overlays
|
|
nixpkgs.overlays = [
|
|
(self: super: {
|
|
# Add a meta package containing packages from master
|
|
bleeding = inputs.nixpkgs-master.legacyPackages.x86_64-linux;
|
|
"nixpkgs-21.05" =
|
|
inputs."nixpkgs-21.05".legacyPackages.x86_64-linux;
|
|
# Add FiraCode as a package, but use NerdFonts
|
|
firaCodeNerd = super.nerdfonts.override { fonts = [ "FiraCode" ]; };
|
|
# TODO: Remove once khal is fixed
|
|
khal = super.bleeding.khal;
|
|
# Add the emulator
|
|
"2a-emulator" =
|
|
inputs.emulator-2a.packages.x86_64-linux."2a-emulator";
|
|
# Add my mensa tool
|
|
mensa = inputs.mensa.packages.x86_64-linux.mensa;
|
|
fend = inputs.fend.packages.x86_64-linux.fend;
|
|
})
|
|
# Some program adjustments
|
|
(import ./overlays/cataclysm-dda.nix)
|
|
];
|
|
};
|
|
|
|
# My thinkpad P1
|
|
nixosConfigurations.helix-texta = nixpkgs.lib.nixosSystem {
|
|
system = "x86_64-linux";
|
|
modules = [ self.nixosModules.helix-texta ];
|
|
};
|
|
|
|
# Currently hosted by NetCup
|
|
nixosConfigurations.achatina-fulica = nixpkgs.lib.nixosSystem {
|
|
system = "x86_64-linux";
|
|
modules = [ self.nixosModules.achatina-fulica ];
|
|
};
|
|
|
|
# Currently hosted by NetCup (mostly Minecraft server)
|
|
nixosConfigurations.cornu-aspersum = nixpkgs.lib.nixosSystem {
|
|
system = "x86_64-linux";
|
|
modules = [ self.nixosModules.cornu-aspersum ];
|
|
};
|
|
|
|
# Server @home
|
|
nixosConfigurations.elysia-clarki = nixpkgs.lib.nixosSystem {
|
|
system = "x86_64-linux";
|
|
modules = [
|
|
self.nixosModules.x86_64-linux-basics
|
|
./hosts/elysia-clarki.nix
|
|
./hardware/intel-nuc.nix
|
|
./modules/local-build-service.nix
|
|
./modules/nginx-reverse-proxy.nix
|
|
./modules/binary-cache.nix
|
|
./modules/ccqcraft-backups.nix
|
|
|
|
({ pkgs, ... }: {
|
|
# Override kernel version for zfs
|
|
boot.kernelPackages = pkgs.linuxPackages_5_10;
|
|
})
|
|
];
|
|
};
|
|
|
|
devShell.x86_64-linux =
|
|
let pkgs = import nixpkgs { system = "x86_64-linux"; };
|
|
in pkgs.mkShell {
|
|
packages = [
|
|
(with pkgs;
|
|
writeScriptBin "rebuild" ''
|
|
#!${stdenv.shell}
|
|
if [ -z $1 ]; then
|
|
echo "Need 'switch|boot|...'"
|
|
exit 1
|
|
fi
|
|
|
|
today=`${coreutils}/bin/date +%Y-%m-%d`
|
|
branch=`${git}/bin/git branch --show-current`
|
|
rev=`${git}/bin/git log -1 --format=%h`
|
|
dirty=`${git}/bin/git diff --quiet || echo '~'`
|
|
|
|
NIXOS_LABEL_VERSION=$today-$branch-$rev$dirty
|
|
|
|
sudo ${nixos-rebuild}/bin/nixos-rebuild $1 --flake .
|
|
'')
|
|
inputs.colmena.packages.x86_64-linux.colmena
|
|
];
|
|
};
|
|
|
|
};
|
|
}
|