jowj
/
adc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove no longer used nix configs.

Browse Source 
Deprecated the nix cluster.
master
josiah 9 months ago
parent f2bc058e20
commit 65fc8af6d8
19 changed files with 0 additions and 1184 deletions
Show Stats Download Patch File Download Diff File

40
nixos-configs/common/default.nix
Unescape View File

@ -1,40 +0,0 @@
# common/default.nix
# inputs to this NixOS module. We don't use any here
# so we can ignore them all.
{ ... }:
{
imports = [
# User account definitions
./users
];
# clean /tmp on boot.
boot.cleanTmpDir = true;
# Allow any admin to build packages, not just root.
## if you don't set this then your sshUser MUST BE ROOT, or you'll get untrusted sig errors.
nix.settings.trusted-users = [ "@wheel" ];
# Automatically optimize the Nix store to save space
# by hard-linking identical files together. These savings
# add up.
#nix.settings.autoOptimiseStore = true;
# Limit the systemd journal to 100 MB of disk or the
# last 7 days of logs, whichever happens first.
services.journald.extraConfig = ''
SystemMaxUse=100M
MaxFileSec=7day
'';
# Use systemd-resolved for DNS lookups, but disable
# its dnssec support because it is kinda broken in
# surprising ways.
# Who is surprised that dnssec is broken? no one.
# services.resolved = {
# enable = true;
# dnssec = "false";
# };
}

21
nixos-configs/common/users/default.nix
Unescape View File

@ -1,21 +0,0 @@
# common/users/default.nix
# Inputs to this NixOS module, in this case we are
# using `pkgs` so I can configure my favorite shell fish
# and `config` so we can make my SSH key also work with
# the root user.
{ config, pkgs, ... }:
{
# The block that specifies my user account.
users.users.josiah = {
isNormalUser = true;
shell = pkgs.bash;
# My SSH keys.
openssh.authorizedKeys.keys = [
# Replace this with your SSH key!
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPAZhFDzl1lbhWJ7MiTV3+Z1EY8M5b4cH/+ju4uo1d91 admin"
];
};
}

95
nixos-configs/deploy-rs/flake.lock
Unescape View File

@ -1,95 +0,0 @@
{
"nodes": {
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": "nixpkgs",
"utils": "utils"
},
"locked": {
"lastModified": 1674127017,
"narHash": "sha256-QO1xF7stu5ZMDLbHN30LFolMAwY6TVlzYvQoUs1RD68=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "8c9ea9605eed20528bf60fae35a2b613b901fd77",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1668681692,
"narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "009399224d5e398d03b22badca40a37ac85412a1",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1671417167,
"narHash": "sha256-JkHam6WQOwZN1t2C2sbp1TqMv3TVRjzrdoejqfefwrM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "bb31220cca6d044baa6dc2715b07497a2a7c4bc7",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1672580127,
"narHash": "sha256-3lW3xZslREhJogoOkjeZtlBtvFMyxHku7I/9IVehhT8=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "0874168639713f547c05947c76124f78441ea46c",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-22.05",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"deploy-rs": "deploy-rs",
"nixpkgs": "nixpkgs_2"
}
},
"utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

117
nixos-configs/deploy-rs/flake.nix
Unescape View File

@ -1,117 +0,0 @@
{
description = "Test deployment for my server cluster";
inputs = {
nixpkgs.url =
"github:nixos/nixpkgs/nixos-22.05"; # change this to your desired NixOS version
# For accessing `deploy-rs`'s utility Nix functions
deploy-rs.url = "github:serokell/deploy-rs";
};
outputs = { self, nixpkgs, deploy-rs }: {
nixosConfigurations.seraph = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
../hosts/seraph/configuration.nix
../common/default.nix
];
};
nixosConfigurations.demiurge = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
../hosts/demiurge/configuration.nix
../common/default.nix
];
};
nixosConfigurations.exgod = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
../hosts/exgod/configuration.nix
../common/default.nix
];
};
nixosConfigurations.hoyden = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
../hosts/hoyden/configuration.nix
../common/default.nix
];
};
deploy.nodes.hoyden = {
hostname = "hoyden";
user = "root";
sshUser = "josiah";
# magicRollback = false;
remoteBuild = false;
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.hoyden;
# This forces ssh to connect over IPv4.
sshOpts = [ "-4" ];
profiles.system = {
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.hoyden;
};
};
deploy.nodes.seraph = {
hostname = "seraph";
user = "root";
sshUser = "alice";
# magicRollback = false;
remoteBuild = false;
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.seraph;
# This forces ssh to connect over IPv4.
sshOpts = [ "-4" ];
profiles.system = {
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.seraph;
};
};
deploy.nodes.demiurge = {
hostname = "demiurge";
user = "root";
sshUser = "alice";
# magicRollback = false;
remoteBuild = false;
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.demiurge;
# This forces ssh to connect over IPv4.
sshOpts = [ "-4" ];
profiles.system = {
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.demiurge;
};
};
deploy.nodes.exgod = {
hostname = "exgod";
user = "root";
sshUser = "alice";
# magicRollback = false;
remoteBuild = false;
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.exgod;
# This forces ssh to connect over IPv4.
sshOpts = [ "-4" ];
profiles.system = {
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.exgod;
};
};
# This is highly advised, and will prevent many possible mistakes
checks =
builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy)
deploy-rs.lib;
};
}

119
nixos-configs/hosts/demiurge/configuration.nix
Unescape View File

@ -1,119 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }:
{
imports = [ # Include the results of the hardware scan.
./hardware-configuration.nix
];
users.users.alice = {
isNormalUser = true;
shell = pkgs.bash;
extraGroups = [ "wheel" ]; # Enable sudo for the user.
# My SSH keys.
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPAZhFDzl1lbhWJ7MiTV3+Z1EY8M5b4cH/+ju4uo1d91 admin"
];
packages = with pkgs; [ emacs vim ];
};
# Use my SSH keys for logging in as root.
users.users.root.openssh.authorizedKeys.keys =
config.users.users.alice.openssh.authorizedKeys.keys;
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "demiurge"; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable =
true; # Easiest to use and most distros use this by default.
# Set your time zone.
time.timeZone = "US/Central";
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkbOptions in tty.
# };
# Enable the X11 windowing system.
# services.xserver.enable = true;
nix.settings.require-sigs = false;
# Configure keymap in X11
services.xserver.layout = "us";
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# sound.enable = true;
# hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
# environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget
# ];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
services = {
tailscale.enable = true;
openssh.enable = true;
};
# Configure ssh auth for sudo/pam
security.sudo.enable = true;
security.pam.enableSSHAgentAuth = true;
security.pam.services.sudo.sshAgentAuth = true;
security.sudo.wheelNeedsPassword = false;
# Open ports in the firewall.
networking.firewall.allowedTCPPorts = [ 22 80 443 ];
networking.firewall.checkReversePath = "loose";
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
}

38
nixos-configs/hosts/demiurge/hardware-configuration.nix
Unescape View File

@ -1,38 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/cc6be357-aed0-49da-b745-f03e48fa21de";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/72ED-3EB7";
fsType = "vfat";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
# nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

119
nixos-configs/hosts/exgod/configuration.nix
Unescape View File

@ -1,119 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }:
{
imports = [ # Include the results of the hardware scan.
./hardware-configuration.nix
];
users.users.alice = {
isNormalUser = true;
shell = pkgs.bash;
extraGroups = [ "wheel" ]; # Enable sudo for the user.
# My SSH keys.
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPAZhFDzl1lbhWJ7MiTV3+Z1EY8M5b4cH/+ju4uo1d91 admin"
];
packages = with pkgs; [ emacs vim ];
};
# Use my SSH keys for logging in as root.
users.users.root.openssh.authorizedKeys.keys =
config.users.users.alice.openssh.authorizedKeys.keys;
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "exgod"; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable =
true; # Easiest to use and most distros use this by default.
# Set your time zone.
time.timeZone = "US/Central";
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkbOptions in tty.
# };
# Enable the X11 windowing system.
# services.xserver.enable = true;
nix.settings.require-sigs = true;
# Configure keymap in X11
services.xserver.layout = "us";
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# sound.enable = true;
# hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
# environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget
# ];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
services = {
tailscale.enable = true;
openssh.enable = true;
};
# Configure ssh auth for sudo/pam
security.sudo.enable = true;
security.pam.enableSSHAgentAuth = true;
security.pam.services.sudo.sshAgentAuth = true;
security.sudo.wheelNeedsPassword = false;
# Open ports in the firewall.
networking.firewall.allowedTCPPorts = [ 22 80 443 ];
networking.firewall.checkReversePath = "loose";
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
}

38
nixos-configs/hosts/exgod/hardware-configuration.nix
Unescape View File

@ -1,38 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules =
[ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/56e7b3a8-e2a6-4dbb-b4eb-9a58973e816d";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/687E-9796";
fsType = "vfat";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
}

276
nixos-configs/hosts/hoyden/configuration.nix
Unescape View File

@ -1,276 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }:
{
imports = [ # Include the results of the hardware scan.
./hardware-configuration.nix
];
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "hoyden"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Set your time zone.
time.timeZone = "US/Central";
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config
# replicates the default behaviour.
networking.useDHCP = false;
networking.interfaces.eno1.useDHCP = true;
networking.interfaces.wlp0s20f3.useDHCP = true;
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# };
fonts.fonts = with pkgs; [
# Serif fonts
roboto
ttf_bitstream_vera
liberation_ttf
dejavu_fonts
# Emoji
openmoji-color
];
fonts.fontconfig = { defaultFonts = { emoji = [ "OpenMoji Color" ]; }; };
# Enable the X11 windowing system.
services.xserver = {
enable = true;
autoRepeatDelay = 150;
# autoRepeatInterval = something; # this is configurable so i'm leaving it here, but not sure that i need it.
displayManager.sddm.enable = true;
desktopManager.plasma5.enable = true;
windowManager.awesome = {
enable = true;
luaModules = with pkgs.luaPackages; [
luarocks # is the package manager for Lua modules
luadbi-mysql # Database abstraction layer
];
};
};
services.flatpak.enable = true;
# try and handle some of the dumb long term storage optimiztaion issues with nixos:
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
sound.enable = true;
hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# enable docker, virtualbox, virtualization shit
virtualisation.docker.enable = true;
virtualisation.virtualbox.host.enable = false;
virtualisation.virtualbox.host.enableExtensionPack = false;
# Define a user account. Don't forget to set a password with passwd.
users.users.josiah = {
isNormalUser = true;
extraGroups =
[ "wheel" "audio" "sound" "video" "docker" "vboxusers" "adbusers" ];
# My SSH keys.
openssh.authorizedKeys.keys = [
# Replace this with your SSH key!
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPAZhFDzl1lbhWJ7MiTV3+Z1EY8M5b4cH/+ju4uo1d91 admin"
];
};
# Use my SSH keys for logging in as root.
users.users.root.openssh.authorizedKeys.keys =
config.users.users.josiah.openssh.authorizedKeys.keys;
nixpkgs.config.allowUnfree = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
nixpkgs.config = {
packageOverrides = pkgs: {
unstable = import attrs.unstableTarball { config = config.nixpkgs.config; };
};
permittedInsecurePackages = [
"python2.7-certifi-2021.10.8"
"python2.7-pyjwt-1.7.1"]; # required for poetry
};
environment.systemPackages = with pkgs; [
# build shit
morph # ultimately this seems not useful to me; weird errors.
nixops
unstable.deploy-rs
autoconf
yarn
automake
direnv
gnumake
wget
gcc-arm-embedded
xorg.libX11
vim
konsole
patchelf
docker
# jlj dev
# python-language-server
# python38Packages.python-language-server
# jlj utils
darktable
digikam
offlineimap
unzip
ansible
python38
python38Packages.pip
python38Packages.setuptools
pipenv
bitwarden
chromium
magic-wormhole
firefox
unstable.nyxt
emacs
emacsPackages.flyspell-correct
nixfmt
mu
ispell
obsidian
zeal
git
keychain
os-prober
lsof
wireguard-tools
tailscale
fortune
youtube-dl
gcc8
dfu-util
scrot
qbittorrent
obs-studio
texlive.combined.scheme-full
# jlj sound
pavucontrol
# jlj comms
unstable.element-desktop
slack
discord
konversation
unstable.signal-desktop
newsflash # same maker as feedreader, newer, less features, actively maintained.
zoom-us
spectral
jitsi-meet-electron
# jlj de
syncthingtray
unstable.synology-drive-client
barrier
pinentry
acpi
awesome
networkmanagerapplet
arc-icon-theme
rofi
i3lock
vlc
unstable.thunderbird
birdtray # tray icon for thunderbird
peruse
libsForQt5.ark
# tauon # this is a good music player but it doesn't come bundled proper in nixos; install via flatpak you bitch
# rsi stuff
rsibreak
workrave
espanso # text expander
xclip # c&p from cli / required for espanso
libnotify # required for espanso
arc-icon-theme
# kde specific stuff
kde-gtk-config
libsForQt5.kde-cli-tools
arc-kde-theme
# jlj games
lutris
steam
vulkan-tools
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
pinentryFlavor = "qt";
};
programs.adb.enable = true;
# List services that you want to enable:
services = {
syncthing = {
enable = true;
user = "josiah";
dataDir = "/home/josiah/dhd"; # Default folder for new synced folders
configDir =
"/home/josiah/.config/syncthing"; # Folder for Syncthing's settings and keys
};
tailscale.enable = true;
openssh.enable = true;
};
# Configure ssh auth for sudo/pam
security.sudo.enable = true;
security.pam.enableSSHAgentAuth = true;
security.pam.services.sudo.sshAgentAuth = true;
security.sudo.wheelNeedsPassword = false;
# this works properly
fileSystems."/home/josiah/network-share/syn-nas/usenet" = {
device = "192.168.1.221:/volume1/usenet";
fsType = "nfs";
};
fileSystems."/home/josiah/network-share/sainthood/homes" = {
device = "sainthood.home.jowj.net:/volume3/homes/";
options = [ "nfsvers=3" ];
fsType = "nfs";
};
networking.firewall.enable = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "21.11"; # Did you read the comment?
}

25
nixos-configs/hosts/hoyden/flake.nix
Unescape View File

@ -1,25 +0,0 @@
{
description = "Hoyden's Flake";
inputs = {
nixpkgs.url =
"github:nixos/nixpkgs/nixos-22.05"; # change this to your desired NixOS version
# For accessing `deploy-rs`'s utility Nix functions
deploy-rs.url = "github:serokell/deploy-rs";
unstableTarball = fetchTarball
"https://github.com/NixOS/nixpkgs/archive/nixos-unstable.tar.gz";
};
outputs = { self, nixpkgs, unstableTarball }@attrs: {
nixosConfigurations.hoyden = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = attrs;
modules = [ ./configuration.nix ];
};
};
}

34
nixos-configs/hosts/hoyden/hardware-configuration.nix
Unescape View File

@ -1,34 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/4dd471ee-c6af-40d4-b9af-b0f99466af02";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/D357-6F39";
fsType = "vfat";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/a5f80549-0f7b-484b-a951-18d12138af67"; }
];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
# high-resolution display
hardware.video.hidpi.enable = lib.mkDefault true;
}

120
nixos-configs/hosts/seraph/configuration.nix
Unescape View File

@ -1,120 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }:
{
imports = [ # Include the results of the hardware scan.
./hardware-configuration.nix
];
users.users.alice = {
isNormalUser = true;
shell = pkgs.bash;
extraGroups = [ "wheel" ]; # Enable sudo for the user.
# My SSH keys.
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPAZhFDzl1lbhWJ7MiTV3+Z1EY8M5b4cH/+ju4uo1d91 admin"
];
packages = with pkgs; [ emacs vim ];
};
# Use my SSH keys for logging in as root.
users.users.root.openssh.authorizedKeys.keys =
config.users.users.alice.openssh.authorizedKeys.keys;
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "seraph"; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable =
true; # Easiest to use and most distros use this by default.
# Set your time zone.
time.timeZone = "US/Central";
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkbOptions in tty.
# };
# Enable the X11 windowing system.
# services.xserver.enable = true;
nix.settings.require-sigs = false;
# Configure keymap in X11
services.xserver.layout = "us";
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# sound.enable = true;
# hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
# environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget
# ];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
services = {
tailscale.enable = true;
openssh.enable = true;
};
# Configure ssh auth for sudo/pam
security.sudo.enable = true;
security.pam.enableSSHAgentAuth = true;
security.pam.services.sudo.sshAgentAuth = true;
security.sudo.wheelNeedsPassword = false;
# Open ports in the firewall.
networking.firewall.allowedTCPPorts = [ 22 80 443 ];
networking.firewall.checkReversePath = "loose";
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
}

37
nixos-configs/hosts/seraph/hardware-configuration.nix
Unescape View File

@ -1,37 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules =
[ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/3662ca72-d69f-42fe-a049-0f1ed2b81334";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/97D6-2BED";
fsType = "vfat";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
}

1
nixos-configs/ops/home/.gcroots/network.nix
Unescape View File

@ -1 +0,0 @@
/nix/store/lwyi13rbiw9afcjps9fyiarjfkjkqq12-morph

1
nixos-configs/ops/home/cache-priv-key.pem
Unescape View File

@ -1 +0,0 @@
hoyden:mzRpcmjuqPqre3Si990zXvAeD9xwqRJMezGsxdXV2vTayggi7ycd8bhQlPQGg3u2YhjbaztvTo1bogdeAlI/bg==

1
nixos-configs/ops/home/cache-pub-key.pem
Unescape View File

@ -1 +0,0 @@
hoyden:2soIIu8nHfG4UJT0BoN7tmIY22s7b06NW6IHXgJSP24=

40
nixos-configs/ops/home/network.nix
Unescape View File

@ -1,40 +0,0 @@
# ops/home/network.nix
{
# Configuration for the network in general.
network = { description = "home.jowj.net cluster definition"; };
# This specifies the configuration for
# `seraph` as a NixOS module.
# "seraph" = { config, pkgs, lib, ... }: {
# deployment.targetUser = "alice";
# deployment.targetHost = "seraph";
# # Import seraph configuration.nix
# imports = [
# ../../hosts/seraph/configuration.nix
# ../../common ];
# };
"exgod" = { config, pkgs, lib, ... }: {
deployment.targetUser = "alice";
deployment.targetHost = "exgod";
# Import exgod configuration.nix
imports = [
../../hosts/exgod/configuration.nix
../../common ];
};
"hoyden" = { config, pkgs, lib, ... }: {
deployment.targetUser = "alice";
deployment.targetHost = "hoyden";
# Import seraph configuration.nix
imports = [
../../hosts/hoyden/configuration.nix
../../common ];
};
}

22
nixos-configs/ops/home/push.sh
Unescape View File

@ -1,22 +0,0 @@
#!/usr/bin/env nix-shell
# Specify the packages we are using in this
# script as well as the fact that we are running it
# in bash.
#! nix-shell -p morph -i bash
# Explode on any error.
set -e
# Build the system configurations for every
# machine in this network and register them as
# garbage collector roots so `nix-collect-garbage`
# doesn't sweep them away.
morph build --keep-result ~/Documents/projects/adc/nixos-configs/ops/home/network.nix
# Push the config to the hosts.
morph push ~/Documents/projects/adc/nixos-configs/ops/home/network.nix
# Activate the NixOS configuration on the
# network.
morph deploy ~/Documents/projects/adc/nixos-configs/ops/home/network.nix test

40
nixos-configs/ops/home/simple.nix
Unescape View File

@ -1,40 +0,0 @@
let
pkgs = import (import ../nixpkgs.nix) {};
in
{
network = {
inherit pkgs;
description = "simple hosts";
ordering = {
tags = [ "db" "web" ];
};
};
"web01" = { config, pkgs, ... }: {
deployment.tags = [ "web" ];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
services.nginx.enable = true;
fileSystems = {
"/" = { label = "nixos"; fsType = "ext4"; };
"/boot" = { label = "boot"; fsType = "vfat"; };
};
};
"db01" = { config, pkgs, ... }: {
deployment.tags = [ "db" ];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
services.postgresql.enable = true;
fileSystems = {
"/" = { label = "nixos"; fsType = "ext4"; };
"/boot" = { label = "boot"; fsType = "vfat"; };
};
};
}
Write Preview
Loading…
Cancel
Save