steveej/infra
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

nix fmt

Browse source
This commit is contained in:
steveej 2024-02-08 20:53:22 +01:00
parent a9218a80e6
commit 7137e93805
49 changed files with 2034 additions and 2002 deletions
Download patch file Download diff file Expand all files Collapse all files

5
nix/os/devices/steveej-t14/configuration.nix
View file

@ -1,4 +1,4 @@
{ ... }: {
{...}: {
imports = [
../../snippets/home-manager-with-zsh.nix
../../snippets/nix-settings-holo-chain.nix
@ -19,8 +19,7 @@
./boot.nix
# samba seerver
({ lib, ... }: {
({lib, ...}: {
# networking.firewall.enable = lib.mkForce false;
services.samba-wsdd.enable = true; # make shares visible for windows 10 clients
networking.firewall.allowedTCPPorts = [

19
nix/os/devices/steveej-t14/default.nix
View file

@ -1,17 +1,16 @@
{ nodeName
, repoFlake
, repoFlakeWithSystem
, nodeFlake
, ...
}:
let
system = "x86_64-linux";
in
{
nodeName,
repoFlake,
repoFlakeWithSystem,
nodeFlake,
...
}: let
system = "x86_64-linux";
in {
meta.nodeSpecialArgs.${nodeName} = {
inherit repoFlake nodeName nodeFlake;
packages' = repoFlake.packages.${system};
repoFlakeInputs' = repoFlakeWithSystem system ({ inputs', ... }: inputs');
repoFlakeInputs' = repoFlakeWithSystem system ({inputs', ...}: inputs');
};
meta.nodeNixpkgs.${nodeName} = import nodeFlake.inputs.nixpkgs.outPath {

26
nix/os/devices/steveej-t14/hw.nix
View file

@ -1,7 +1,5 @@
{ lib, ... }:
let
in
{
{lib, ...}: let
in {
# TASK: new device
hardware.opinionatedDisk = {
enable = true;
@ -68,16 +66,16 @@ in
enable = false;
levels = [
# ["level auto" 0 60]
[ 0 0 60 ]
[ 1 60 65 ]
[ 1 65 75 ]
[ 2 75 78 ]
[ 3 78 80 ]
[ 4 80 82 ]
[ 5 82 84 ]
[ 6 84 86 ]
[ 7 86 88 ]
[ "level full-speed" 88 999 ]
[0 0 60]
[1 60 65]
[1 65 75]
[2 75 78]
[3 78 80]
[4 80 82]
[5 82 84]
[6 84 86]
[7 86 88]
["level full-speed" 88 999]
];
extraArgs = [

52
nix/os/devices/steveej-t14/pkg.nix
View file

@ -1,8 +1,9 @@
{ pkgs
, lib
, repoFlake
, nodeFlake
, ...
{
pkgs,
lib,
repoFlake,
nodeFlake,
...
}: {
system.stateVersion = "23.05";
home-manager.users.root = _: {
@ -20,7 +21,7 @@
})
];
home.sessionVariables = { };
home.sessionVariables = {};
home.packages = with pkgs; [
];
@ -37,28 +38,26 @@
#
# (regreet:505614): Gtk-WARNING **: 10:31:42.532: Theme parser warning: <data>:6:17-18: Empty declaration
# Failed to create /var/empty/.cache for shader cache (Operation not permitted)---disabling.
services.greetd =
let
# exec "${pkgs.greetd.gtkgreet}/bin/gtkgreet -l; swaymsg exit"
swayConfig = pkgs.writeText "greetd-sway-config" ''
# `-l` activates layer-shell mode. Notice that `swaymsg exit` will run after gtkgreet.
exec "dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY SWAYSOCK; ${pkgs.greetd.regreet}/bin/regreet; swaymsg exit"
bindsym Mod4+shift+e exec swaynag \
-t warning \
-m 'What do you want to do?' \
-b 'Poweroff' 'systemctl poweroff' \
-b 'Reboot' 'systemctl reboot'
'';
in
{
enable = false;
settings = {
vt = 1;
default_session = {
command = "${pkgs.sway}/bin/sway --config ${swayConfig}";
};
services.greetd = let
# exec "${pkgs.greetd.gtkgreet}/bin/gtkgreet -l; swaymsg exit"
swayConfig = pkgs.writeText "greetd-sway-config" ''
# `-l` activates layer-shell mode. Notice that `swaymsg exit` will run after gtkgreet.
exec "dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY SWAYSOCK; ${pkgs.greetd.regreet}/bin/regreet; swaymsg exit"
bindsym Mod4+shift+e exec swaynag \
-t warning \
-m 'What do you want to do?' \
-b 'Poweroff' 'systemctl poweroff' \
-b 'Reboot' 'systemctl reboot'
'';
in {
enable = false;
settings = {
vt = 1;
default_session = {
command = "${pkgs.sway}/bin/sway --config ${swayConfig}";
};
};
};
environment.etc."greetd/environments".text = ''
sway
@ -107,5 +106,4 @@
# # };
# # };
# };
}

32
nix/os/devices/steveej-t14/system.nix
View file

@ -1,11 +1,11 @@
{ pkgs
, lib
, config
, nodeName
, repoFlake
, ...
}:
let
{
pkgs,
lib,
config,
nodeName,
repoFlake,
...
}: let
localTcpPorts = [
22
@ -21,9 +21,7 @@ let
22000
21027
];
in
{
in {
nix.settings = {
substituters = [
];
@ -41,7 +39,7 @@ in
system = "x86_64-linux";
maxJobs = 32;
speedFactor = 100;
supportedFeatures = repoFlake.nixosConfigurations.steveej-t14.config.nix.settings.system-features ++ [ ];
supportedFeatures = repoFlake.nixosConfigurations.steveej-t14.config.nix.settings.system-features ++ [];
}
{
@ -52,7 +50,7 @@ in
system = "aarch64-linux";
maxJobs = 32;
speedFactor = 100;
supportedFeatures = repoFlake.nixosConfigurations.router0-dmz0.config.nix.settings.system-features ++ [ ];
supportedFeatures = repoFlake.nixosConfigurations.router0-dmz0.config.nix.settings.system-features ++ [];
}
];
@ -61,7 +59,7 @@ in
networking.extraHosts = ''
'';
networking.bridges."virbr1".interfaces = [ ];
networking.bridges."virbr1".interfaces = [];
networking.interfaces."virbr1".ipv4.addresses = [
{
address = "10.254.254.254";
@ -94,7 +92,7 @@ in
# virtualization
virtualisation = {
libvirtd = { enable = true; };
libvirtd = {enable = true;};
virtualbox.host = {
enable = false;
@ -112,9 +110,9 @@ in
# client min protocol = NT1
'';
security.pki.certificateFiles = [ "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" ];
security.pki.certificateFiles = ["${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"];
services.xserver.videoDrivers = lib.mkForce [ "amdgpu" ];
services.xserver.videoDrivers = lib.mkForce ["amdgpu"];
hardware.ledger.enable = true;

19
nix/os/devices/steveej-t14/user.nix
View file

@ -1,20 +1,19 @@
{ config
, pkgs
, lib
, ...
}:
let
keys = import ../../../variables/keys.nix;
inherit (pkgs.callPackage ../../lib/default.nix { }) mkUser;
in
{
config,
pkgs,
lib,
...
}: let
keys = import ../../../variables/keys.nix;
inherit (pkgs.callPackage ../../lib/default.nix {}) mkUser;
in {
users.users.steveej2 = mkUser {
uid = 1001;
openssh.authorizedKeys.keys = keys.users.steveej.openssh;
hashedPasswordFile = config.sops.secrets.sharedUsers-steveej.path;
};
nix.settings.trusted-users = [ "steveej" ];
nix.settings.trusted-users = ["steveej"];
security.pam.u2f.enable = true;
security.pam.services.steveej.u2fAuth = true;