mirror of
https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git
synced 2026-02-20 17:07:51 +01:00
Compare commits
2 Commits
dagali-hei
...
8b16f8f6d4
| Author | SHA1 | Date | |
|---|---|---|---|
|
8b16f8f6d4 | ||
|
|
ff926f83b5 |
@@ -13,6 +13,9 @@
|
||||
# Debug and find files
|
||||
file
|
||||
|
||||
# Process json data
|
||||
jq
|
||||
|
||||
# Check computer specs
|
||||
lshw
|
||||
|
||||
@@ -54,6 +57,8 @@
|
||||
programs.nano.enable = true;
|
||||
# Same reasoning as nano
|
||||
programs.vim.enable = true;
|
||||
# Same reasoning as vim
|
||||
programs.neovim.enable = true;
|
||||
|
||||
# Some people like this shell for some reason
|
||||
programs.zsh.enable = true;
|
||||
|
||||
8
flake.lock
generated
8
flake.lock
generated
@@ -8,11 +8,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1769362210,
|
||||
"narHash": "sha256-QCQD7Ofin5UYL0i5Sv34gfJ0p5pv1hwZspE/Ufe84L8=",
|
||||
"lastModified": 1769395643,
|
||||
"narHash": "sha256-41eMQ9nbkHNYuZnGAlyGNc8K717pfnGKiADuiSOW29E=",
|
||||
"ref": "main",
|
||||
"rev": "1d01e1b2cb8fb2adee96c0b4f065c43c45eae290",
|
||||
"revCount": 229,
|
||||
"rev": "a0a89c22a24f55b6b6738c95e361e1551895be29",
|
||||
"revCount": 230,
|
||||
"type": "git",
|
||||
"url": "https://git.pvv.ntnu.no/Projects/dibbler.git"
|
||||
},
|
||||
|
||||
74
flake.nix
74
flake.nix
@@ -69,8 +69,7 @@
|
||||
in {
|
||||
inputs = lib.mapAttrs (_: src: src.outPath) inputs;
|
||||
|
||||
pkgs = forAllSystems (system:
|
||||
import nixpkgs {
|
||||
pkgs = forAllSystems (system: import nixpkgs {
|
||||
inherit system;
|
||||
config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg)
|
||||
[
|
||||
@@ -80,26 +79,44 @@
|
||||
});
|
||||
|
||||
nixosConfigurations = let
|
||||
unstablePkgs = nixpkgs-unstable.legacyPackages.x86_64-linux;
|
||||
|
||||
nixosConfig =
|
||||
nixpkgs:
|
||||
name:
|
||||
configurationPath:
|
||||
extraArgs@{
|
||||
system ? "x86_64-linux",
|
||||
localSystem ? "x86_64-linux", # buildPlatform
|
||||
crossSystem ? "x86_64-linux", # hostPlatform
|
||||
specialArgs ? { },
|
||||
modules ? [ ],
|
||||
overlays ? [ ],
|
||||
enableDefaults ? true,
|
||||
...
|
||||
}:
|
||||
let
|
||||
commonPkgsConfig = {
|
||||
inherit localSystem crossSystem;
|
||||
config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg)
|
||||
[
|
||||
"nvidia-x11"
|
||||
"nvidia-settings"
|
||||
];
|
||||
overlays = (lib.optionals enableDefaults [
|
||||
# Global overlays go here
|
||||
inputs.roowho2.overlays.default
|
||||
]) ++ overlays;
|
||||
};
|
||||
|
||||
pkgs = import nixpkgs commonPkgsConfig;
|
||||
unstablePkgs = import nixpkgs-unstable commonPkgsConfig;
|
||||
in
|
||||
lib.nixosSystem (lib.recursiveUpdate
|
||||
{
|
||||
inherit system;
|
||||
system = crossSystem;
|
||||
|
||||
inherit pkgs;
|
||||
|
||||
specialArgs = {
|
||||
inherit unstablePkgs inputs;
|
||||
inherit inputs unstablePkgs;
|
||||
values = import ./values.nix;
|
||||
fp = path: ./${path};
|
||||
} // specialArgs;
|
||||
@@ -113,22 +130,10 @@
|
||||
sops-nix.nixosModules.sops
|
||||
inputs.roowho2.nixosModules.default
|
||||
]) ++ modules;
|
||||
|
||||
pkgs = import nixpkgs {
|
||||
inherit system;
|
||||
config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg)
|
||||
[
|
||||
"nvidia-x11"
|
||||
"nvidia-settings"
|
||||
];
|
||||
overlays = (lib.optionals enableDefaults [
|
||||
# Global overlays go here
|
||||
inputs.roowho2.overlays.default
|
||||
]) ++ overlays;
|
||||
};
|
||||
}
|
||||
(builtins.removeAttrs extraArgs [
|
||||
"system"
|
||||
"localSystem"
|
||||
"crossSystem"
|
||||
"modules"
|
||||
"overlays"
|
||||
"specialArgs"
|
||||
@@ -163,7 +168,6 @@
|
||||
bekkalokk = stableNixosConfig "bekkalokk" {
|
||||
overlays = [
|
||||
(final: prev: {
|
||||
heimdal = unstablePkgs.heimdal;
|
||||
mediawiki-extensions = final.callPackage ./packages/mediawiki-extensions { };
|
||||
simplesamlphp = final.callPackage ./packages/simplesamlphp { };
|
||||
bluemap = final.callPackage ./packages/bluemap.nix { };
|
||||
@@ -221,17 +225,36 @@
|
||||
inputs.gergle.overlays.default
|
||||
];
|
||||
};
|
||||
skrott = stableNixosConfig "skrott" {
|
||||
system = "aarch64-linux";
|
||||
}
|
||||
//
|
||||
(let
|
||||
skrottConfig = {
|
||||
modules = [
|
||||
(nixpkgs + "/nixos/modules/installer/sd-card/sd-image-aarch64.nix")
|
||||
inputs.dibbler.nixosModules.default
|
||||
];
|
||||
overlays = [
|
||||
inputs.dibbler.overlays.default
|
||||
(final: prev: {
|
||||
atool = prev.emptyDirectory;
|
||||
micro = prev.vim;
|
||||
})
|
||||
];
|
||||
};
|
||||
}
|
||||
in {
|
||||
skrott = stableNixosConfig "skrott" (skrottConfig // {
|
||||
localSystem = "x86_64-linux";
|
||||
crossSystem = "aarch64-linux";
|
||||
});
|
||||
skrott-x86_64 = stableNixosConfig "skrott" (skrottConfig // {
|
||||
localSystem = "x86_64-linux";
|
||||
crossSystem = "x86_64-linux";
|
||||
});
|
||||
skrott-native = stableNixosConfig "skrott" (skrottConfig // {
|
||||
localSystem = "aarch64-linux";
|
||||
crossSystem = "aarch64-linux";
|
||||
});
|
||||
})
|
||||
//
|
||||
(let
|
||||
machineNames = map (i: "lupine-${toString i}") (lib.range 1 5);
|
||||
@@ -295,6 +318,7 @@
|
||||
# Skrott is exception
|
||||
{
|
||||
skrott = self.nixosConfigurations.skrott.config.system.build.sdImage;
|
||||
skrott-native = self.nixosConfigurations.skrott-native.config.system.build.sdImage;
|
||||
}
|
||||
//
|
||||
# Nix-topology
|
||||
|
||||
@@ -1,10 +1,13 @@
|
||||
{ config, pkgs, lib, fp, values, ... }: {
|
||||
{ config, pkgs, lib, modulesPath, fp, values, ... }: {
|
||||
imports = [
|
||||
# ./hardware-configuration.nix
|
||||
(modulesPath + "/profiles/perlless.nix")
|
||||
|
||||
(fp /base)
|
||||
];
|
||||
|
||||
# Disable import of a bunch of tools we don't need from nixpkgs.
|
||||
disabledModules = [ "profiles/base.nix" ];
|
||||
|
||||
sops.defaultSopsFile = fp /secrets/skrott/skrott.yaml;
|
||||
|
||||
boot = {
|
||||
@@ -16,6 +19,8 @@
|
||||
};
|
||||
|
||||
# Now turn off a bunch of stuff lol
|
||||
# TODO: can we reduce further?
|
||||
# See also https://nixcademy.com/posts/minimizing-nixos-images/
|
||||
system.autoUpgrade.enable = lib.mkForce false;
|
||||
services.irqbalance.enable = lib.mkForce false;
|
||||
services.logrotate.enable = lib.mkForce false;
|
||||
@@ -25,10 +30,11 @@
|
||||
services.udisks2.enable = lib.mkForce false;
|
||||
services.thermald.enable = lib.mkForce false;
|
||||
services.promtail.enable = lib.mkForce false;
|
||||
boot.supportedFilesystems.zfs = lib.mkForce false;
|
||||
|
||||
documentation.enable = lib.mkForce false;
|
||||
|
||||
# TODO: can we reduce further?
|
||||
programs.neovim.enable = lib.mkForce false;
|
||||
programs.git.package = pkgs.gitMinimal;
|
||||
|
||||
sops.secrets = {
|
||||
"dibbler/postgresql/password" = {
|
||||
|
||||
@@ -9,14 +9,6 @@
|
||||
"nix-builder-users"
|
||||
];
|
||||
|
||||
packages = with pkgs; [
|
||||
neovim
|
||||
htop
|
||||
ripgrep
|
||||
vim
|
||||
foot.terminfo
|
||||
];
|
||||
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFa5y7KyLn2tjxed1czMbyM5scnEpo9v/GfnhL/28ckM legolas"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICf7SlyHR6KgP7+IeFr/Iuiu2lL5vaSlzqPonaO8XU0J gunalx@aragon"
|
||||
|
||||
@@ -5,11 +5,7 @@
|
||||
extraGroups = [ "wheel" "drift" "nix-builder-users" ];
|
||||
|
||||
packages = with pkgs; [
|
||||
htop
|
||||
neovim
|
||||
ripgrep
|
||||
fd
|
||||
tmux
|
||||
];
|
||||
|
||||
shell = pkgs.zsh;
|
||||
|
||||
@@ -12,9 +12,6 @@
|
||||
packages = with pkgs; [
|
||||
bottom
|
||||
eza
|
||||
neovim
|
||||
ripgrep
|
||||
tmux
|
||||
];
|
||||
|
||||
openssh.authorizedKeys.keys = [
|
||||
|
||||
@@ -14,14 +14,9 @@
|
||||
bat
|
||||
edir
|
||||
fd
|
||||
htop
|
||||
jq
|
||||
micro
|
||||
ncdu
|
||||
ripgrep
|
||||
sd
|
||||
tmux
|
||||
wget
|
||||
xe
|
||||
yq
|
||||
];
|
||||
|
||||
@@ -11,9 +11,6 @@
|
||||
packages = with pkgs; [
|
||||
btop
|
||||
eza
|
||||
neovim
|
||||
ripgrep
|
||||
tmux
|
||||
];
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDVA3HqEx3je6L1AC+bP8sTxu3ZTKvTCR0npCyOVAYK5 vbm@arch-xeon"
|
||||
|
||||
Reference in New Issue
Block a user