Compare commits
No commits in common. "testing" and "main" have entirely different histories.
5 changed files with 55 additions and 69 deletions
|
|
@ -103,10 +103,5 @@
|
||||||
(mkHost "nextcloud" {
|
(mkHost "nextcloud" {
|
||||||
suite = "server/lxc";
|
suite = "server/lxc";
|
||||||
})
|
})
|
||||||
|
|
||||||
# VM for managing server flock.
|
|
||||||
(mkHost "ornithologist" {
|
|
||||||
suite = "server/vm";
|
|
||||||
})
|
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
||||||
106
helpers.nix
106
helpers.nix
|
|
@ -53,62 +53,60 @@ with inputs.nixpkgs.lib; {
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
in
|
in {
|
||||||
{
|
nixosConfigurations.${hostname} = nixosSystem {
|
||||||
nixosConfigurations.${hostname} = nixosSystem {
|
inherit system pkgs;
|
||||||
inherit system pkgs;
|
|
||||||
|
|
||||||
specialArgs = {
|
specialArgs = {
|
||||||
# Pass variables to config.
|
# Pass variables to config.
|
||||||
inherit inputs secrets hostname;
|
inherit inputs secrets hostname;
|
||||||
};
|
|
||||||
|
|
||||||
modules =
|
|
||||||
[
|
|
||||||
nixvim.nixosModules.nixvim # Neovim.
|
|
||||||
lanzaboote.nixosModules.lanzaboote # Secure boot.
|
|
||||||
sops-nix.nixosModules.sops # Secrets management.
|
|
||||||
|
|
||||||
./suites/${suite} # Collection of configuration options for different types of systems.
|
|
||||||
./hosts/${hostname} # Host-specific config.
|
|
||||||
|
|
||||||
# Home manager.
|
|
||||||
home-manager.nixosModules.home-manager
|
|
||||||
{
|
|
||||||
home-manager = {
|
|
||||||
useGlobalPkgs = true;
|
|
||||||
useUserPackages = true;
|
|
||||||
backupFileExtension = "backup";
|
|
||||||
users.fern = {
|
|
||||||
# Me!
|
|
||||||
home.username = "fern";
|
|
||||||
home.homeDirectory = "/home/fern";
|
|
||||||
|
|
||||||
# Home manager version.
|
|
||||||
home.stateVersion = "25.05";
|
|
||||||
|
|
||||||
# Let Home Manager install and manage itself.
|
|
||||||
programs.home-manager.enable = true;
|
|
||||||
|
|
||||||
# Import config.
|
|
||||||
imports = [./suites/${suite}/home.nix];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
||||||
]
|
|
||||||
++ hostModules # Host-specific modules.
|
|
||||||
++ optionals (docker == true) [./suites/server/docker] # Enable docker if required.
|
|
||||||
++ (filesystem.listFilesRecursive ./modules); # Custom modules.
|
|
||||||
};
|
};
|
||||||
}
|
|
||||||
// optionalAttrs (strings.hasPrefix "server" suite) {
|
modules =
|
||||||
deploy.nodes.${hostname} = {
|
[
|
||||||
hostname = "${hostname}.local";
|
nixvim.nixosModules.nixvim # Neovim.
|
||||||
profiles.system = {
|
lanzaboote.nixosModules.lanzaboote # Secure boot.
|
||||||
user = "root";
|
sops-nix.nixosModules.sops # Secrets management.
|
||||||
sshuser = "fern";
|
|
||||||
path = deployPkgs.deploy-rs.lib.activate.nixos self.nixosConfigurations.${hostname};
|
./suites/${suite} # Collection of configuration options for different types of systems.
|
||||||
};
|
./hosts/${hostname} # Host-specific config.
|
||||||
|
|
||||||
|
# Home manager.
|
||||||
|
home-manager.nixosModules.home-manager
|
||||||
|
{
|
||||||
|
home-manager = {
|
||||||
|
useGlobalPkgs = true;
|
||||||
|
useUserPackages = true;
|
||||||
|
backupFileExtension = "backup";
|
||||||
|
users.fern = {
|
||||||
|
# Me!
|
||||||
|
home.username = "fern";
|
||||||
|
home.homeDirectory = "/home/fern";
|
||||||
|
|
||||||
|
# Home manager version.
|
||||||
|
home.stateVersion = "25.05";
|
||||||
|
|
||||||
|
# Let Home Manager install and manage itself.
|
||||||
|
programs.home-manager.enable = true;
|
||||||
|
|
||||||
|
# Import config.
|
||||||
|
imports = [./suites/${suite}/home.nix];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
]
|
||||||
|
++ hostModules # Host-specific modules.
|
||||||
|
++ optionals (docker == true) [./suites/server/docker] # Enable docker if required.
|
||||||
|
++ (filesystem.listFilesRecursive ./modules); # Custom modules.
|
||||||
|
};
|
||||||
|
|
||||||
|
deploy.nodes.${hostname} = mkIf (strings.hasPrefix "server" suite) {
|
||||||
|
hostname = "${hostname}.local";
|
||||||
|
profiles.system = {
|
||||||
|
user = "root";
|
||||||
|
sshuser = "fern";
|
||||||
|
path = deployPkgs.deploy-rs.lib.activate.nixos self.nixosConfigurations.${hostname};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -39,9 +39,6 @@ with lib; {
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
# Allow emulating aarch64 to build for Raspberry Pi.
|
|
||||||
boot.binfmt.emulatedSystems = ["aarch64-linux"];
|
|
||||||
|
|
||||||
# Share Music dir.
|
# Share Music dir.
|
||||||
services.samba = {
|
services.samba = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
||||||
|
|
@ -1,7 +0,0 @@
|
||||||
{pkgs, ...}: {
|
|
||||||
# Allow emulating aarch64 to build for Raspberry Pi.
|
|
||||||
boot.binfmt.emulatedSystems = ["aarch64-linux"];
|
|
||||||
|
|
||||||
# Install some packages.
|
|
||||||
environment.systemPackages = with pkgs; [deploy-rs];
|
|
||||||
}
|
|
||||||
|
|
@ -26,6 +26,9 @@ with lib; {
|
||||||
"udev.log_priority=3"
|
"udev.log_priority=3"
|
||||||
"rd.systemd.show_status=auto"
|
"rd.systemd.show_status=auto"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
# Allow emulating aarch64 to build for Raspberry Pi.
|
||||||
|
binfmt.emulatedSystems = ["aarch64-linux"];
|
||||||
};
|
};
|
||||||
|
|
||||||
# Enable smart card support (for YubiKey).
|
# Enable smart card support (for YubiKey).
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue