mirror of
https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git
synced 2026-05-21 05:51:12 +02:00
Compare commits
6 Commits
5c1ee958ea
...
hashed-ini
| Author | SHA1 | Date | |
|---|---|---|---|
|
18e795abdc | ||
|
|
30ec70fa5f | ||
|
|
1024b428ac | ||
|
|
1e6b692fbf | ||
|
|
beac6e91dd | ||
|
|
0fd41c214a |
@@ -84,6 +84,8 @@
|
|||||||
|
|
||||||
# users.mutableUsers = lib.mkDefault false;
|
# users.mutableUsers = lib.mkDefault false;
|
||||||
|
|
||||||
|
users.users.root.initialHashedPassword = "$y$j9T$ahP6GAdttD17OMBo7Yqeh.$Ad7qBcFvTL7HrJ9uTtrQzksN3220Nj9t/CrP6DwgK34"; # generated using mkpasswd, see huttiheita root on vaultwarden
|
||||||
|
|
||||||
users.groups."drift".name = "drift";
|
users.groups."drift".name = "drift";
|
||||||
|
|
||||||
# Trusted users on the nix builder machines
|
# Trusted users on the nix builder machines
|
||||||
|
|||||||
@@ -8,6 +8,5 @@
|
|||||||
# Let's not spam LetsEncrypt in `nixos-rebuild build-vm` mode:
|
# Let's not spam LetsEncrypt in `nixos-rebuild build-vm` mode:
|
||||||
virtualisation.vmVariant = {
|
virtualisation.vmVariant = {
|
||||||
security.acme.defaults.server = "https://127.0.0.1";
|
security.acme.defaults.server = "https://127.0.0.1";
|
||||||
users.users.root.initialPassword = "root";
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|||||||
40
flake.lock
generated
40
flake.lock
generated
@@ -232,11 +232,11 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1777808420,
|
"lastModified": 1778407980,
|
||||||
"narHash": "sha256-hh9XBz0K1ypZ+neezgIPCSsnWFKEq8VfV/1aUSPu3OA=",
|
"narHash": "sha256-r980BhsReZQe6FkmyNZkwCZpvzARo5jZgTl8HxjAssY=",
|
||||||
"owner": "oddlama",
|
"owner": "oddlama",
|
||||||
"repo": "nix-topology",
|
"repo": "nix-topology",
|
||||||
"rev": "28e9dc901ff38a8fa2d24bccd5f89511d6d8324e",
|
"rev": "ca0a602f650306d00d6f3e3c76d0f4c48a5c5adc",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@@ -248,11 +248,11 @@
|
|||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1778125667,
|
"lastModified": 1778544512,
|
||||||
"narHash": "sha256-swcxqlW+XrZFBqjcV3AV8AR64/eI234AZRFKs6q4DFo=",
|
"narHash": "sha256-VIsPgfIpZ/01XUO6WN+o1NZbP5iKPKPHdHPWqfm4XIg=",
|
||||||
"rev": "75636a69ad3115ff64d4cb3090e66c8275dda9c2",
|
"rev": "c417517f9d525181ee5619c683419d308ee29fe8",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://releases.nixos.org/nixos/25.11-small/nixos-25.11.10534.75636a69ad31/nixexprs.tar.xz"
|
"url": "https://releases.nixos.org/nixos/25.11-small/nixos-25.11.10745.c417517f9d52/nixexprs.tar.xz"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
@@ -276,11 +276,11 @@
|
|||||||
},
|
},
|
||||||
"nixpkgs-unstable": {
|
"nixpkgs-unstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1778157832,
|
"lastModified": 1778586796,
|
||||||
"narHash": "sha256-lSl05j1UzI5MioSJWUa7oUp5a88zzv3sXMwWC4d1N70=",
|
"narHash": "sha256-XmDljcG4x8slQDlsWOc77pCA1YVuYn8JGumkYlhfTxI=",
|
||||||
"rev": "ec299c6a33eee9baf5b4d72881ca2f15c06b4f01",
|
"rev": "b25e938b89759b5f9466fc53c4a970244f84dc39",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://releases.nixos.org/nixos/unstable-small/nixos-26.05pre993859.ec299c6a33ee/nixexprs.tar.xz"
|
"url": "https://releases.nixos.org/nixos/unstable-small/nixos-26.05pre996582.b25e938b8975/nixexprs.tar.xz"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
@@ -315,11 +315,11 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1778506874,
|
"lastModified": 1778960428,
|
||||||
"narHash": "sha256-s6ihgpgvaCDQsQQNfqNEDvh/oVHmrOhX1dDRsrA3qyI=",
|
"narHash": "sha256-YAs3LbFGlBLJW3xHeoQfTq2GBBXTvuSKl2WXDtloczU=",
|
||||||
"ref": "main",
|
"ref": "main",
|
||||||
"rev": "07d132575a9aeb4939c70d40e1b7e493c40427fa",
|
"rev": "927748790b1f7159adfe32a3ad9ec01d22e9c5a2",
|
||||||
"revCount": 580,
|
"revCount": 583,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://git.pvv.ntnu.no/Projects/nettsiden.git"
|
"url": "https://git.pvv.ntnu.no/Projects/nettsiden.git"
|
||||||
},
|
},
|
||||||
@@ -380,17 +380,17 @@
|
|||||||
"rust-overlay": "rust-overlay_3"
|
"rust-overlay": "rust-overlay_3"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1778462170,
|
"lastModified": 1778600367,
|
||||||
"narHash": "sha256-3ZxbuHDo8d6FOxU1G8IwRm0SIi3DLpj7hpTEcyXB2N8=",
|
"narHash": "sha256-YB0b2xUf4D8792D5Ay//7C3AjHyv+9yoy8K1mTe+wvE=",
|
||||||
"ref": "main",
|
"ref": "main",
|
||||||
"rev": "9b37c6b3c8193ab4cc778a26a78bcd14519cff2c",
|
"rev": "8e5f2849ff7c9616100fe928261512a7ad647939",
|
||||||
"revCount": 87,
|
"revCount": 91,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://git.pvv.ntnu.no/Projects/roowho2.git"
|
"url": "https://git.pvv.ntnu.no/Projects/roowho2.git"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"ref": "main",
|
"ref": "main",
|
||||||
"rev": "9b37c6b3c8193ab4cc778a26a78bcd14519cff2c",
|
"rev": "8e5f2849ff7c9616100fe928261512a7ad647939",
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://git.pvv.ntnu.no/Projects/roowho2.git"
|
"url": "https://git.pvv.ntnu.no/Projects/roowho2.git"
|
||||||
}
|
}
|
||||||
|
|||||||
484
flake.nix
484
flake.nix
@@ -32,7 +32,7 @@
|
|||||||
minecraft-heatmap.url = "git+https://git.pvv.ntnu.no/Projects/minecraft-heatmap.git?ref=main";
|
minecraft-heatmap.url = "git+https://git.pvv.ntnu.no/Projects/minecraft-heatmap.git?ref=main";
|
||||||
minecraft-heatmap.inputs.nixpkgs.follows = "nixpkgs";
|
minecraft-heatmap.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
|
||||||
roowho2.url = "git+https://git.pvv.ntnu.no/Projects/roowho2.git?ref=main&rev=9b37c6b3c8193ab4cc778a26a78bcd14519cff2c";
|
roowho2.url = "git+https://git.pvv.ntnu.no/Projects/roowho2.git?ref=main&rev=8e5f2849ff7c9616100fe928261512a7ad647939";
|
||||||
roowho2.inputs.nixpkgs.follows = "nixpkgs";
|
roowho2.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
|
||||||
greg-ng.url = "git+https://git.pvv.ntnu.no/Grzegorz/greg-ng.git?ref=main";
|
greg-ng.url = "git+https://git.pvv.ntnu.no/Grzegorz/greg-ng.git?ref=main";
|
||||||
@@ -49,8 +49,14 @@
|
|||||||
qotd.inputs.nixpkgs.follows = "nixpkgs";
|
qotd.inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = { self, nixpkgs, nixpkgs-unstable, sops-nix, disko, ... }@inputs:
|
outputs = {
|
||||||
let
|
self,
|
||||||
|
nixpkgs,
|
||||||
|
nixpkgs-unstable,
|
||||||
|
sops-nix,
|
||||||
|
disko,
|
||||||
|
...
|
||||||
|
} @ inputs: let
|
||||||
inherit (nixpkgs) lib;
|
inherit (nixpkgs) lib;
|
||||||
systems = [
|
systems = [
|
||||||
"x86_64-linux"
|
"x86_64-linux"
|
||||||
@@ -71,178 +77,196 @@
|
|||||||
in {
|
in {
|
||||||
inputs = lib.mapAttrs (_: src: src.outPath) inputs;
|
inputs = lib.mapAttrs (_: src: src.outPath) inputs;
|
||||||
|
|
||||||
pkgs = forAllSystems (system: import nixpkgs {
|
pkgs = forAllSystems (system:
|
||||||
inherit system;
|
import nixpkgs {
|
||||||
config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg)
|
inherit system;
|
||||||
[
|
config.allowUnfreePredicate = pkg:
|
||||||
"nvidia-x11"
|
builtins.elem (lib.getName pkg)
|
||||||
"nvidia-settings"
|
[
|
||||||
];
|
"nvidia-x11"
|
||||||
});
|
"nvidia-settings"
|
||||||
|
];
|
||||||
|
});
|
||||||
|
|
||||||
nixosConfigurations = let
|
nixosConfigurations = let
|
||||||
nixosConfig =
|
nixosConfig = nixpkgs: name: configurationPath: extraArgs @ {
|
||||||
nixpkgs:
|
localSystem ? "x86_64-linux", # buildPlatform
|
||||||
name:
|
crossSystem ? "x86_64-linux", # hostPlatform
|
||||||
configurationPath:
|
specialArgs ? {},
|
||||||
extraArgs@{
|
modules ? [],
|
||||||
localSystem ? "x86_64-linux", # buildPlatform
|
overlays ? [],
|
||||||
crossSystem ? "x86_64-linux", # hostPlatform
|
enableDefaults ? true,
|
||||||
specialArgs ? { },
|
...
|
||||||
modules ? [ ],
|
}: let
|
||||||
overlays ? [ ],
|
commonPkgsConfig =
|
||||||
enableDefaults ? true,
|
{
|
||||||
...
|
config.allowUnfreePredicate = pkg:
|
||||||
}:
|
builtins.elem (lib.getName pkg)
|
||||||
let
|
|
||||||
commonPkgsConfig = {
|
|
||||||
config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg)
|
|
||||||
[
|
[
|
||||||
"nvidia-x11"
|
"nvidia-x11"
|
||||||
"nvidia-settings"
|
"nvidia-settings"
|
||||||
];
|
];
|
||||||
overlays = (lib.optionals enableDefaults [
|
overlays =
|
||||||
# Global overlays go here
|
(lib.optionals enableDefaults [
|
||||||
inputs.roowho2.overlays.default
|
# Global overlays go here
|
||||||
]) ++ overlays;
|
inputs.roowho2.overlays.default
|
||||||
} // (if localSystem != crossSystem then {
|
])
|
||||||
inherit localSystem crossSystem;
|
++ overlays;
|
||||||
} else {
|
}
|
||||||
system = crossSystem;
|
// (
|
||||||
});
|
if localSystem != crossSystem
|
||||||
pkgs = import nixpkgs commonPkgsConfig;
|
then {
|
||||||
unstablePkgs = import nixpkgs-unstable commonPkgsConfig;
|
inherit localSystem crossSystem;
|
||||||
in
|
|
||||||
lib.nixosSystem (lib.recursiveUpdate
|
|
||||||
{
|
|
||||||
system = crossSystem;
|
|
||||||
|
|
||||||
inherit pkgs;
|
|
||||||
|
|
||||||
specialArgs = {
|
|
||||||
inherit inputs unstablePkgs;
|
|
||||||
values = import ./values.nix;
|
|
||||||
fp = path: ./${path};
|
|
||||||
} // specialArgs;
|
|
||||||
|
|
||||||
modules = [
|
|
||||||
{
|
|
||||||
networking.hostName = lib.mkDefault name;
|
|
||||||
}
|
}
|
||||||
configurationPath
|
else {
|
||||||
] ++ (lib.optionals enableDefaults [
|
system = crossSystem;
|
||||||
sops-nix.nixosModules.sops
|
}
|
||||||
inputs.roowho2.nixosModules.default
|
);
|
||||||
self.nixosModules.rsync-pull-targets
|
pkgs = import nixpkgs commonPkgsConfig;
|
||||||
]) ++ modules;
|
unstablePkgs = import nixpkgs-unstable commonPkgsConfig;
|
||||||
}
|
in
|
||||||
(builtins.removeAttrs extraArgs [
|
lib.nixosSystem (
|
||||||
"localSystem"
|
lib.recursiveUpdate
|
||||||
"crossSystem"
|
{
|
||||||
"modules"
|
system = crossSystem;
|
||||||
"overlays"
|
|
||||||
"specialArgs"
|
inherit pkgs;
|
||||||
"enableDefaults"
|
|
||||||
])
|
specialArgs =
|
||||||
);
|
{
|
||||||
|
inherit inputs unstablePkgs;
|
||||||
|
values = import ./values.nix;
|
||||||
|
fp = path: ./${path};
|
||||||
|
}
|
||||||
|
// specialArgs;
|
||||||
|
|
||||||
|
modules =
|
||||||
|
[
|
||||||
|
{
|
||||||
|
networking.hostName = lib.mkDefault name;
|
||||||
|
}
|
||||||
|
configurationPath
|
||||||
|
]
|
||||||
|
++ (lib.optionals enableDefaults [
|
||||||
|
sops-nix.nixosModules.sops
|
||||||
|
inputs.roowho2.nixosModules.default
|
||||||
|
self.nixosModules.rsync-pull-targets
|
||||||
|
])
|
||||||
|
++ modules;
|
||||||
|
}
|
||||||
|
(builtins.removeAttrs extraArgs [
|
||||||
|
"localSystem"
|
||||||
|
"crossSystem"
|
||||||
|
"modules"
|
||||||
|
"overlays"
|
||||||
|
"specialArgs"
|
||||||
|
"enableDefaults"
|
||||||
|
])
|
||||||
|
);
|
||||||
|
|
||||||
stableNixosConfig = name: extraArgs:
|
stableNixosConfig = name: extraArgs:
|
||||||
nixosConfig nixpkgs name ./hosts/${name}/configuration.nix extraArgs;
|
nixosConfig nixpkgs name ./hosts/${name}/configuration.nix extraArgs;
|
||||||
in {
|
in
|
||||||
bicep = stableNixosConfig "bicep" {
|
{
|
||||||
modules = [
|
bicep = stableNixosConfig "bicep" {
|
||||||
inputs.matrix-next.nixosModules.default
|
modules = [
|
||||||
inputs.pvv-calendar-bot.nixosModules.default
|
inputs.matrix-next.nixosModules.default
|
||||||
inputs.minecraft-heatmap.nixosModules.default
|
inputs.pvv-calendar-bot.nixosModules.default
|
||||||
self.nixosModules.gickup
|
inputs.minecraft-heatmap.nixosModules.default
|
||||||
self.nixosModules.matrix-ooye
|
self.nixosModules.gickup
|
||||||
];
|
self.nixosModules.matrix-ooye
|
||||||
overlays = [
|
];
|
||||||
inputs.pvv-calendar-bot.overlays.default
|
overlays = [
|
||||||
inputs.minecraft-heatmap.overlays.default
|
inputs.pvv-calendar-bot.overlays.default
|
||||||
(final: prev: {
|
inputs.minecraft-heatmap.overlays.default
|
||||||
inherit (self.packages.${prev.stdenv.hostPlatform.system}) out-of-your-element;
|
(final: prev: {
|
||||||
})
|
inherit (self.packages.${prev.stdenv.hostPlatform.system}) out-of-your-element;
|
||||||
];
|
})
|
||||||
};
|
];
|
||||||
bekkalokk = stableNixosConfig "bekkalokk" {
|
};
|
||||||
overlays = [
|
bekkalokk = stableNixosConfig "bekkalokk" {
|
||||||
(final: prev: {
|
overlays = [
|
||||||
mediawiki-extensions = final.callPackage ./packages/mediawiki-extensions { };
|
(final: prev: {
|
||||||
simplesamlphp = final.callPackage ./packages/simplesamlphp { };
|
mediawiki-extensions = final.callPackage ./packages/mediawiki-extensions {};
|
||||||
bluemap = final.callPackage ./packages/bluemap.nix { };
|
simplesamlphp = final.callPackage ./packages/simplesamlphp {};
|
||||||
})
|
bluemap = final.callPackage ./packages/bluemap.nix {};
|
||||||
inputs.pvv-nettsiden.overlays.default
|
})
|
||||||
inputs.qotd.overlays.default
|
inputs.pvv-nettsiden.overlays.default
|
||||||
];
|
inputs.qotd.overlays.default
|
||||||
modules = [
|
];
|
||||||
inputs.pvv-nettsiden.nixosModules.default
|
modules = [
|
||||||
self.nixosModules.bluemap
|
inputs.pvv-nettsiden.nixosModules.default
|
||||||
inputs.qotd.nixosModules.default
|
self.nixosModules.bluemap
|
||||||
];
|
inputs.qotd.nixosModules.default
|
||||||
};
|
];
|
||||||
ildkule = stableNixosConfig "ildkule" { };
|
};
|
||||||
#ildkule-unstable = unstableNixosConfig "ildkule" { };
|
ildkule = stableNixosConfig "ildkule" {
|
||||||
skrot = stableNixosConfig "skrot" {
|
modules = [
|
||||||
modules = [
|
inputs.disko.nixosModules.disko
|
||||||
inputs.disko.nixosModules.disko
|
];
|
||||||
inputs.dibbler.nixosModules.default
|
};
|
||||||
];
|
#ildkule-unstable = unstableNixosConfig "ildkule" { };
|
||||||
overlays = [inputs.dibbler.overlays.default];
|
skrot = stableNixosConfig "skrot" {
|
||||||
};
|
modules = [
|
||||||
shark = stableNixosConfig "shark" { };
|
inputs.disko.nixosModules.disko
|
||||||
wenche = stableNixosConfig "wenche" { };
|
inputs.dibbler.nixosModules.default
|
||||||
temmie = stableNixosConfig "temmie" { };
|
];
|
||||||
gluttony = stableNixosConfig "gluttony" { };
|
overlays = [inputs.dibbler.overlays.default];
|
||||||
|
};
|
||||||
|
shark = stableNixosConfig "shark" {};
|
||||||
|
wenche = stableNixosConfig "wenche" {};
|
||||||
|
temmie = stableNixosConfig "temmie" {};
|
||||||
|
gluttony = stableNixosConfig "gluttony" {};
|
||||||
|
|
||||||
kommode = stableNixosConfig "kommode" {
|
kommode = stableNixosConfig "kommode" {
|
||||||
overlays = [
|
overlays = [
|
||||||
inputs.nix-gitea-themes.overlays.default
|
inputs.nix-gitea-themes.overlays.default
|
||||||
];
|
];
|
||||||
modules = [
|
modules = [
|
||||||
inputs.nix-gitea-themes.nixosModules.default
|
inputs.nix-gitea-themes.nixosModules.default
|
||||||
inputs.disko.nixosModules.disko
|
inputs.disko.nixosModules.disko
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
ustetind = stableNixosConfig "ustetind" {
|
ustetind = stableNixosConfig "ustetind" {
|
||||||
modules = [
|
modules = [
|
||||||
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
brzeczyszczykiewicz = stableNixosConfig "brzeczyszczykiewicz" {
|
brzeczyszczykiewicz = stableNixosConfig "brzeczyszczykiewicz" {
|
||||||
modules = [
|
modules = [
|
||||||
inputs.grzegorz-clients.nixosModules.grzegorz-webui
|
inputs.grzegorz-clients.nixosModules.grzegorz-webui
|
||||||
inputs.gergle.nixosModules.default
|
inputs.gergle.nixosModules.default
|
||||||
inputs.greg-ng.nixosModules.default
|
inputs.greg-ng.nixosModules.default
|
||||||
];
|
];
|
||||||
overlays = [
|
overlays = [
|
||||||
inputs.greg-ng.overlays.default
|
inputs.greg-ng.overlays.default
|
||||||
inputs.gergle.overlays.default
|
inputs.gergle.overlays.default
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
georg = stableNixosConfig "georg" {
|
georg = stableNixosConfig "georg" {
|
||||||
modules = [
|
modules = [
|
||||||
inputs.grzegorz-clients.nixosModules.grzegorz-webui
|
inputs.grzegorz-clients.nixosModules.grzegorz-webui
|
||||||
inputs.gergle.nixosModules.default
|
inputs.gergle.nixosModules.default
|
||||||
inputs.greg-ng.nixosModules.default
|
inputs.greg-ng.nixosModules.default
|
||||||
];
|
];
|
||||||
overlays = [
|
overlays = [
|
||||||
inputs.greg-ng.overlays.default
|
inputs.greg-ng.overlays.default
|
||||||
inputs.gergle.overlays.default
|
inputs.gergle.overlays.default
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
//
|
// (let
|
||||||
(let
|
machineNames = map (i: "lupine-${toString i}") (lib.range 1 5);
|
||||||
machineNames = map (i: "lupine-${toString i}") (lib.range 1 5);
|
stableLupineNixosConfig = name: extraArgs:
|
||||||
stableLupineNixosConfig = name: extraArgs:
|
|
||||||
nixosConfig nixpkgs name ./hosts/lupine/configuration.nix extraArgs;
|
nixosConfig nixpkgs name ./hosts/lupine/configuration.nix extraArgs;
|
||||||
in lib.genAttrs machineNames (name: stableLupineNixosConfig name {
|
in
|
||||||
modules = [{ networking.hostName = name; }];
|
lib.genAttrs machineNames (name:
|
||||||
specialArgs.lupineName = name;
|
stableLupineNixosConfig name {
|
||||||
}));
|
modules = [{networking.hostName = name;}];
|
||||||
|
specialArgs.lupineName = name;
|
||||||
|
}));
|
||||||
|
|
||||||
nixosModules = {
|
nixosModules = {
|
||||||
bluemap = ./modules/bluemap.nix;
|
bluemap = ./modules/bluemap.nix;
|
||||||
@@ -264,7 +288,8 @@
|
|||||||
})
|
})
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
in pkgs.callPackage ./shell.nix { };
|
in
|
||||||
|
pkgs.callPackage ./shell.nix {};
|
||||||
cuda = let
|
cuda = let
|
||||||
cuda-pkgs = import nixpkgs-unstable {
|
cuda-pkgs = import nixpkgs-unstable {
|
||||||
inherit system;
|
inherit system;
|
||||||
@@ -273,81 +298,88 @@
|
|||||||
cudaSupport = true;
|
cudaSupport = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
in cuda-pkgs.callPackage ./shells/cuda.nix { };
|
in
|
||||||
|
cuda-pkgs.callPackage ./shells/cuda.nix {};
|
||||||
});
|
});
|
||||||
|
|
||||||
packages = {
|
packages = {
|
||||||
"x86_64-linux" = let
|
"x86_64-linux" = let
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
pkgs = nixpkgs.legacyPackages.${system};
|
pkgs = nixpkgs.legacyPackages.${system};
|
||||||
in rec {
|
in
|
||||||
default = important-machines;
|
rec {
|
||||||
important-machines = pkgs.linkFarm "important-machines"
|
default = important-machines;
|
||||||
(lib.getAttrs importantMachines self.packages.${system});
|
important-machines =
|
||||||
all-machines = pkgs.linkFarm "all-machines"
|
pkgs.linkFarm "important-machines"
|
||||||
(lib.getAttrs allMachines self.packages.${system});
|
(lib.getAttrs importantMachines self.packages.${system});
|
||||||
|
all-machines =
|
||||||
|
pkgs.linkFarm "all-machines"
|
||||||
|
(lib.getAttrs allMachines self.packages.${system});
|
||||||
|
|
||||||
simplesamlphp = pkgs.callPackage ./packages/simplesamlphp { };
|
simplesamlphp = pkgs.callPackage ./packages/simplesamlphp {};
|
||||||
|
|
||||||
bluemap = pkgs.callPackage ./packages/bluemap.nix { };
|
bluemap = pkgs.callPackage ./packages/bluemap.nix {};
|
||||||
|
|
||||||
out-of-your-element = pkgs.callPackage ./packages/ooye/package.nix { };
|
out-of-your-element = pkgs.callPackage ./packages/ooye/package.nix {};
|
||||||
}
|
}
|
||||||
//
|
//
|
||||||
# Mediawiki extensions
|
# Mediawiki extensions
|
||||||
(lib.pipe null [
|
(lib.pipe null [
|
||||||
(_: pkgs.callPackage ./packages/mediawiki-extensions { })
|
(_: pkgs.callPackage ./packages/mediawiki-extensions {})
|
||||||
(lib.flip builtins.removeAttrs ["override" "overrideDerivation"])
|
(lib.flip builtins.removeAttrs ["override" "overrideDerivation"])
|
||||||
(lib.mapAttrs' (name: lib.nameValuePair "mediawiki-${name}"))
|
(lib.mapAttrs' (name: lib.nameValuePair "mediawiki-${name}"))
|
||||||
])
|
])
|
||||||
//
|
//
|
||||||
# Machines
|
# Machines
|
||||||
lib.genAttrs allMachines
|
lib.genAttrs allMachines
|
||||||
(machine: self.nixosConfigurations.${machine}.config.system.build.toplevel)
|
(machine: self.nixosConfigurations.${machine}.config.system.build.toplevel)
|
||||||
//
|
//
|
||||||
# Nix-topology
|
# Nix-topology
|
||||||
(let
|
(let
|
||||||
topology' = import inputs.nix-topology {
|
topology' = import inputs.nix-topology {
|
||||||
pkgs = import nixpkgs {
|
pkgs = import nixpkgs {
|
||||||
inherit system;
|
inherit system;
|
||||||
overlays = [
|
overlays = [
|
||||||
inputs.nix-topology.overlays.default
|
inputs.nix-topology.overlays.default
|
||||||
(final: prev: {
|
(final: prev: {
|
||||||
inherit (nixpkgs-unstable.legacyPackages.${system}) super-tiny-icons;
|
inherit (nixpkgs-unstable.legacyPackages.${system}) super-tiny-icons;
|
||||||
})
|
})
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
specialArgs = {
|
||||||
|
values = import ./values.nix;
|
||||||
|
};
|
||||||
|
|
||||||
|
modules = [
|
||||||
|
./topology
|
||||||
|
{
|
||||||
|
nixosConfigurations = lib.mapAttrs (_name: nixosCfg:
|
||||||
|
nixosCfg.extendModules {
|
||||||
|
modules = [
|
||||||
|
inputs.nix-topology.nixosModules.default
|
||||||
|
./topology/service-extractors/greg-ng.nix
|
||||||
|
./topology/service-extractors/postgresql.nix
|
||||||
|
./topology/service-extractors/mysql.nix
|
||||||
|
./topology/service-extractors/gitea-runners.nix
|
||||||
|
];
|
||||||
|
})
|
||||||
|
self.nixosConfigurations;
|
||||||
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
in {
|
||||||
specialArgs = {
|
topology = topology'.config.output;
|
||||||
values = import ./values.nix;
|
topology-png =
|
||||||
};
|
pkgs.runCommand "pvv-config-topology-png" {
|
||||||
|
nativeBuildInputs = [pkgs.writableTmpDirAsHomeHook];
|
||||||
modules = [
|
} ''
|
||||||
./topology
|
mkdir -p "$out"
|
||||||
{
|
for file in '${topology'.config.output}'/*.svg; do
|
||||||
nixosConfigurations = lib.mapAttrs (_name: nixosCfg: nixosCfg.extendModules {
|
${lib.getExe pkgs.imagemagick} -density 300 -background none "$file" "$out"/"$(basename "''${file%.svg}.png")"
|
||||||
modules = [
|
done
|
||||||
inputs.nix-topology.nixosModules.default
|
'';
|
||||||
./topology/service-extractors/greg-ng.nix
|
});
|
||||||
./topology/service-extractors/postgresql.nix
|
|
||||||
./topology/service-extractors/mysql.nix
|
|
||||||
./topology/service-extractors/gitea-runners.nix
|
|
||||||
];
|
|
||||||
}) self.nixosConfigurations;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
in {
|
|
||||||
topology = topology'.config.output;
|
|
||||||
topology-png = pkgs.runCommand "pvv-config-topology-png" {
|
|
||||||
nativeBuildInputs = [ pkgs.writableTmpDirAsHomeHook ];
|
|
||||||
} ''
|
|
||||||
mkdir -p "$out"
|
|
||||||
for file in '${topology'.config.output}'/*.svg; do
|
|
||||||
${lib.getExe pkgs.imagemagick} -density 300 -background none "$file" "$out"/"$(basename "''${file%.svg}.png")"
|
|
||||||
done
|
|
||||||
'';
|
|
||||||
});
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,17 +1,23 @@
|
|||||||
{ config, fp, pkgs, lib, values, ... }:
|
|
||||||
{
|
{
|
||||||
|
config,
|
||||||
|
fp,
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
values,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
imports = [
|
imports = [
|
||||||
# Include the results of the hardware scan.
|
./hardware-configuration.nix
|
||||||
./hardware-configuration.nix
|
./disks.nix
|
||||||
(fp /base)
|
(fp /base)
|
||||||
|
|
||||||
./services/monitoring
|
./services/monitoring
|
||||||
./services/nginx
|
./services/nginx
|
||||||
./services/journald-remote.nix
|
./services/journald-remote.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.loader.systemd-boot.enable = false;
|
boot.loader.grub.enable = true;
|
||||||
boot.loader.grub.device = "/dev/vda";
|
boot.loader.systemd-boot.enable = lib.mkForce false;
|
||||||
boot.tmp.cleanOnBoot = true;
|
boot.tmp.cleanOnBoot = true;
|
||||||
zramSwap.enable = true;
|
zramSwap.enable = true;
|
||||||
|
|
||||||
@@ -27,13 +33,22 @@
|
|||||||
nameservers = values.defaultNetworkConfig.dns;
|
nameservers = values.defaultNetworkConfig.dns;
|
||||||
defaultGateway.address = hostConf.ipv4_internal_gw;
|
defaultGateway.address = hostConf.ipv4_internal_gw;
|
||||||
|
|
||||||
interfaces."ens4" = {
|
interfaces."ens3" = {
|
||||||
ipv4.addresses = [
|
ipv4.addresses = [
|
||||||
{ address = hostConf.ipv4; prefixLength = 32; }
|
{
|
||||||
{ address = hostConf.ipv4_internal; prefixLength = 24; }
|
address = hostConf.ipv4;
|
||||||
|
prefixLength = 32;
|
||||||
|
}
|
||||||
|
{
|
||||||
|
address = hostConf.ipv4_internal;
|
||||||
|
prefixLength = 24;
|
||||||
|
}
|
||||||
];
|
];
|
||||||
ipv6.addresses = [
|
ipv6.addresses = [
|
||||||
{ address = hostConf.ipv6; prefixLength = 64; }
|
{
|
||||||
|
address = hostConf.ipv6;
|
||||||
|
prefixLength = 64;
|
||||||
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|||||||
27
hosts/ildkule/disks.nix
Normal file
27
hosts/ildkule/disks.nix
Normal file
@@ -0,0 +1,27 @@
|
|||||||
|
{
|
||||||
|
disko.devices = {
|
||||||
|
disk = {
|
||||||
|
sda = {
|
||||||
|
device = "/dev/sda";
|
||||||
|
type = "disk";
|
||||||
|
content = {
|
||||||
|
type = "gpt";
|
||||||
|
partitions = {
|
||||||
|
bios = {
|
||||||
|
size = "1M";
|
||||||
|
type = "EF02";
|
||||||
|
};
|
||||||
|
root = {
|
||||||
|
size = "100%";
|
||||||
|
content = {
|
||||||
|
type = "filesystem";
|
||||||
|
format = "ext4";
|
||||||
|
mountpoint = "/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
@@ -1,16 +1,24 @@
|
|||||||
{ modulesPath, lib, ... }:
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
{
|
# and may be overwritten by future invocations. Please make changes
|
||||||
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
|
# to /etc/nixos/configuration.nix instead.
|
||||||
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
|
{ config, lib, pkgs, modulesPath, ... }:
|
||||||
boot.initrd.kernelModules = [ "nvme" ];
|
|
||||||
fileSystems."/" = {
|
|
||||||
device = "/dev/disk/by-uuid/e35eb4ce-aac3-4f91-8383-6e7cd8bbf942";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
fileSystems."/data" = {
|
|
||||||
device = "/dev/disk/by-uuid/0a4c1234-02d3-4b53-aeca-d95c4c8d534b";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
|
|
||||||
|
{
|
||||||
|
imports =
|
||||||
|
[ (modulesPath + "/profiles/qemu-guest.nix")
|
||||||
|
];
|
||||||
|
|
||||||
|
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" ];
|
||||||
|
boot.initrd.kernelModules = [ ];
|
||||||
|
boot.kernelModules = [ "kvm-intel" ];
|
||||||
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||||
|
# still possible to use this option, but it's recommended to use it in conjunction
|
||||||
|
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||||
networking.useDHCP = lib.mkDefault true;
|
networking.useDHCP = lib.mkDefault true;
|
||||||
|
# networking.interfaces.ens3.useDHCP = lib.mkDefault true;
|
||||||
|
|
||||||
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
}
|
}
|
||||||
|
|||||||
14
values.nix
14
values.nix
@@ -37,10 +37,10 @@ in rec {
|
|||||||
ipv6 = pvv-ipv6 168;
|
ipv6 = pvv-ipv6 168;
|
||||||
};
|
};
|
||||||
ildkule = {
|
ildkule = {
|
||||||
ipv4 = "129.241.153.213";
|
ipv4 = "129.241.100.145";
|
||||||
ipv4_internal = "192.168.12.209";
|
ipv4_internal = "192.168.1.17";
|
||||||
ipv4_internal_gw = "192.168.12.1";
|
ipv4_internal_gw = "192.168.1.1";
|
||||||
ipv6 = "2001:700:300:6026:f816:3eff:fe58:f1e8";
|
ipv6 = "2001:700:305:8a0f:f816:3eff:fef5:e400";
|
||||||
};
|
};
|
||||||
bicep = {
|
bicep = {
|
||||||
ipv4 = pvv-ipv4 209;
|
ipv4 = pvv-ipv4 209;
|
||||||
@@ -118,9 +118,9 @@ in rec {
|
|||||||
};
|
};
|
||||||
|
|
||||||
defaultNetworkConfig = {
|
defaultNetworkConfig = {
|
||||||
dns = [ "129.241.0.200" "129.241.0.201" "2001:700:300:1900::200" "2001:700:300:1900::201" ];
|
dns = ["129.241.0.200" "129.241.0.201" "2001:700:300:1900::200" "2001:700:300:1900::201"];
|
||||||
domains = [ "pvv.ntnu.no" "pvv.org" ];
|
domains = ["pvv.ntnu.no" "pvv.org"];
|
||||||
gateway = [ hosts.gateway hosts.gateway6 ];
|
gateway = [hosts.gateway hosts.gateway6];
|
||||||
|
|
||||||
networkConfig.IPv6AcceptRA = "no";
|
networkConfig.IPv6AcceptRA = "no";
|
||||||
DHCP = "no";
|
DHCP = "no";
|
||||||
|
|||||||
Reference in New Issue
Block a user