steveej/infra
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: steveej:c4abade9e84b4fde5426ea700d3630263c802c80
Branches Tags
steveej:master
steveej:WIP-router0-nfmnk-tunnels
steveej:wip
steveej:wip-bpir3
steveej:pr_htz0
steveej:evolution_decsync
steveej:t14_relabel
steveej:t14_new_drive
steveej:srv0_drivechange
steveej:staging-steveej
steveej:pa600-unused
steveej:pr/odroidh2p-0
...
compare: steveej:229b3cb0d39fd8dfe88f3ca4bb8d46f889f1d929
Branches Tags
steveej:master
steveej:WIP-router0-nfmnk-tunnels
steveej:wip
steveej:wip-bpir3
steveej:pr_htz0
steveej:evolution_decsync
steveej:t14_relabel
steveej:t14_new_drive
steveej:srv0_drivechange
steveej:staging-steveej
steveej:pa600-unused
steveej:pr/odroidh2p-0

5 commits
c4abade9e8 ... 229b3cb0d3

Author SHA1 Message Date
Stefan Junker
229b3cb0d3 steveej-x13s: bump kernel 2024-11-23 14:47:29 +01:00
Stefan Junker
2a1043932d router0-dmz0: bump to 24.11 2024-11-23 14:47:29 +01:00
Stefan Junker
b228938d63 vscode: keep only nixfmt-rfc-style 2024-11-23 14:47:29 +01:00
Stefan Junker
720892ea59 flake: copy all of self in get-flake args 2024-11-23 14:47:29 +01:00
Stefan Junker
61492aefc6 feat(vscode): inline nix4vscode call 2024-11-23 14:47:26 +01:00
10 changed files with 76 additions and 94 deletions
Download patch file Download diff file Expand all files Collapse all files

51
flake.nix
View file

@ -161,7 +161,7 @@
inherit nodeName; inherit nodeName;
repoFlake = self; repoFlake = self;
repoFlakeWithSystem = withSystem; repoFlakeWithSystem = withSystem;
nodeFlake = self.inputs.get-flake ./nix/os/devices/${nodeName}; nodeFlake = self.inputs.get-flake (self + "/nix/os/devices/${nodeName}");
} }
) )
[ [
@ -190,7 +190,7 @@
flake.nixosConfigurations = flake.nixosConfigurations =
let let
colmenaHive = (inputs.colmena.lib.makeHive self.outputs.colmena).nodes; colmenaHive = (inputs.colmena.lib.makeHive self.outputs.colmena).nodes;
router0-dmz0 = (inputs.get-flake ./nix/os/devices/router0-dmz0).nixosConfigurations; router0-dmz0 = (inputs.get-flake (self + "/nix/os/devices/router0-dmz0")).nixosConfigurations;
in in
colmenaHive colmenaHive
// { // {
@ -200,7 +200,7 @@
# nixos-rebuild switch --flake .\#router0-dmz0_cross --build-host localhost --target-host root@192.168.10.1 # nixos-rebuild switch --flake .\#router0-dmz0_cross --build-host localhost --target-host root@192.168.10.1
router0-dmz0_cross = router0-dmz0.cross; router0-dmz0_cross = router0-dmz0.cross;
steveej-x13s_cross = (inputs.get-flake ./nix/os/devices/steveej-x13s).nixosConfigurations.cross; steveej-x13s_cross = (inputs.get-flake (self + "./nix/os/devices/steveej-x13s")).nixosConfigurations.cross;
steveej-x13s-rmvbl_cross = steveej-x13s-rmvbl_cross =
(inputs.get-flake ./nix/os/devices/steveej-x13s-rmvbl).nixosConfigurations.cross; (inputs.get-flake ./nix/os/devices/steveej-x13s-rmvbl).nixosConfigurations.cross;
}; };
@ -234,47 +234,10 @@
inherit (inputs'.colmena.packages) colmena; inherit (inputs'.colmena.packages) colmena;
prs = pkgs.callPackage ( prs = pkgs.prs.overrideAttrs(_: {
{ src = inputs.prs;
dbus, version = inputs.prs.shortRev;
glib, });
gpgme,
gtk3,
libxcb,
libxkbcommon,
installShellFiles,
pkg-config,
python3,
}:
craneLib.buildPackage {
pname = "prs";
version = inputs.prs.shortRev;
src = inputs.prs;
nativeBuildInputs = [
gpgme
installShellFiles
pkg-config
python3
];
buildInputs = [
dbus
glib
gpgme
gtk3
libxcb
libxkbcommon
];
cargoExtraArgs = "--features backend-gpgme";
postInstall = ''
for shell in bash fish zsh; do
installShellCompletion --cmd prs --$shell <($out/bin/prs internal completions $shell --stdout)
done
'';
}
) { };
nomad = inputs'.nixpkgs-unstable.legacyPackages.nomad_1_6; nomad = inputs'.nixpkgs-unstable.legacyPackages.nomad_1_6;

4
nix/devShells.nix
View file

@ -91,12 +91,12 @@
KANIDM_URL = KANIDM_URL =
self.nixosConfigurations.sj-srv1.config.containers.webserver.config.services.kanidm.serverSettings.origin; self.nixosConfigurations.sj-srv1.config.containers.webserver.config.services.kanidm.serverSettings.origin;
shellHook = shellHook = builtins.concatStringsSep "\n" [
(self.inputs.nixago.lib.${pkgs.system}.make { (self.inputs.nixago.lib.${pkgs.system}.make {
data = self'.formatter.settings; data = self'.formatter.settings;
output = "treefmt.toml"; output = "treefmt.toml";
format = "toml"; format = "toml";
}).shellHook }).shellHook
+ ''''; ];
}; };
} }

4
nix/home-manager/programs/openvscode-server.nix
View file

@ -6,9 +6,7 @@ in
home.packages = [ home.packages = [
pkgs.nil pkgs.nil
pkgs.nixd pkgs.nixd
pkgs.nixpkgs-fmt pkgs.nixfmt-rfc-style
pkgs.alejandra
pkgs.nixfmt
# TODO: automate linking this # TODO: automate linking this
# 1. get the commit with: `codium --version` # 1. get the commit with: `codium --version`

27
nix/home-manager/programs/vscode/default.nix
View file

@ -59,7 +59,7 @@ in
) )
++ ( ++ (
let let
nix4vscodeConfig = pkgs.writeText "nix4vscode.toml" '' nix4vscodeToml = pkgs.writeText "nix4vscode.toml" ''
vscode_version = "${config.programs.vscode.package.version}" vscode_version = "${config.programs.vscode.package.version}"
[[extensions]] [[extensions]]
@ -70,18 +70,31 @@ in
publisher_name = "ibecker" publisher_name = "ibecker"
extension_name = "treefmt-vscode" extension_name = "treefmt-vscode"
''; '';
nix4vscode = nix4vscodeNix =
pkgs.runCommand "nix4vscode.nix" pkgs.runCommand "nix4vscode.nix"
{ {
# nix4vscode needs internet access
__noChroot = true; __noChroot = true;
nativeBuildInputs = [ repoFlake.inputs.nix4vscode.packages.${pkgs.stdenv.system}.default ]; requiredSystemFeatures = [ "recursive-nix" ];
buildInputs = [
pkgs.nix
pkgs.cacert
repoFlake.inputs.nix4vscode.packages.${pkgs.stdenv.system}.default
# pkgs.strace
];
# outputHashAlgo = "sha256";
# outputHashMode = "recursive";
# outputHash = lib.fakeSha256;
} }
'' ''
export RUST_BACKTRACE=full # set -x
# export RUST_BACKTRACE=full
# export RUST_LOG=trace
export HOME=$(mktemp -d) export HOME=$(mktemp -d)
nix4vscode ${nix4vscodeConfig} > $out # strace -ffZyyY
nix4vscode ${nix4vscodeToml} > $out
''; '';
nix4vscodeExtensions = builtins.removeAttrs (pkgs.callPackage nix4vscode { }) [ nix4vscodeExtensions = builtins.removeAttrs (pkgs.callPackage nix4vscodeNix { }) [
"override" "override"
"overrideDerivation" "overrideDerivation"
]; ];
@ -95,8 +108,8 @@ in
}; };
home.packages = [ home.packages = [
pkgs.nixpkgs-fmt
pkgs.nil pkgs.nil
pkgs.nixfmt-rfc-style
]; ];
} }
# TODO: automate # TODO: automate

5
nix/os/devices/router0-dmz0/configuration.nix
View file

@ -384,6 +384,10 @@ in
systemd.network = { systemd.network = {
wait-online.anyInterface = true; wait-online.anyInterface = true;
config.networkConfig = {
IPv4Forwarding = true;
IPv6Forwarding = true;
};
netdevs = netdevs =
let let
router0-ifog_wg0Endpoint = "${repoFlake.colmena.router0-ifog.deployment.targetHost}:${builtins.toString repoFlake.nixosConfigurations.router0-ifog.config.systemd.network.netdevs.wg0.wireguardConfig.ListenPort}"; router0-ifog_wg0Endpoint = "${repoFlake.colmena.router0-ifog.deployment.targetHost}:${builtins.toString repoFlake.nixosConfigurations.router0-ifog.config.systemd.network.netdevs.wg0.wireguardConfig.ListenPort}";
@ -537,7 +541,6 @@ in
DHCP = true; DHCP = true;
DNSOverTLS = true; DNSOverTLS = true;
DNSSEC = true; DNSSEC = true;
IPForward = true;
# accept Router Advertisements for Stateless IPv6 Autoconfiguraton (SLAAC) # accept Router Advertisements for Stateless IPv6 Autoconfiguraton (SLAAC)
IPv6AcceptRA = true; IPv6AcceptRA = true;

50
nix/os/devices/router0-dmz0/flake.lock generated
View file

@ -28,11 +28,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1728109432, "lastModified": 1732221404,
"narHash": "sha256-wmbErh8FG7dRKOtMMpHUqDtFjeqt9Zjx4zssSeTalwU=", "narHash": "sha256-fWTyjgGt+BHmkeJ5IxOR4zGF4/uc+ceWmhBjOBSVkgQ=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "48ebb577855fb2398653f033b3b2208a9249203d", "rev": "97c0c4d7072f19b598ed332e9f7f8ad562c6885b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -63,16 +63,16 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1726989464, "lastModified": 1731880681,
"narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", "narHash": "sha256-FmYTkIyPBUxSWgA7DPIVTsCCMvSSbs56yOtHpLNSnKg=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", "rev": "aecd341dfead1c3ef7a3c15468ecd71e8343b7c6",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "release-24.05", "ref": "release-24.11",
"repo": "home-manager", "repo": "home-manager",
"type": "github" "type": "github"
} }
@ -80,11 +80,11 @@
"hostapd": { "hostapd": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1727905939, "lastModified": 1732101105,
"narHash": "sha256-LZHwXN8lBcDpKQVB3GcYI0SVzj6WXd2E0GDqhQh503w=", "narHash": "sha256-u/n1vkmRBpcq669kXpCdgfF5I+gL7DkV/0wWhyc2sSA=",
"ref": "refs/heads/main", "ref": "refs/heads/main",
"rev": "d84323d05ef30cdcf343884ac34420caf72145bd", "rev": "25d29d65aa6df173eb9f6b44d4dc0536df66b4ba",
"revCount": 19910, "revCount": 20028,
"type": "git", "type": "git",
"url": "git://w1.fi/hostap.git?branch=main" "url": "git://w1.fi/hostap.git?branch=main"
}, },
@ -121,43 +121,43 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1723893138, "lastModified": 1732269090,
"narHash": "sha256-TCGUFSBIaItvaFa+ydPII+Ayrn3OHfV1220RLgtWh5s=", "narHash": "sha256-tISFHFFb96UbgFZ3a36q2lfaKcXzxAyVt50GykfSqUM=",
"owner": "steveej-forks", "owner": "steveej-forks",
"repo": "nakato_nixos-sbc", "repo": "nakato_nixos-sbc",
"rev": "5fb94671a47229e269383e736cb1764c94803ebb", "rev": "e67d80bf50a725ff3b0003d92f9280a33dbf8967",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "steveej-forks", "owner": "steveej-forks",
"ref": "kernel-6.10_and_cross-compile_mtkbump", "ref": "wifi-workaround",
"repo": "nakato_nixos-sbc", "repo": "nakato_nixos-sbc",
"type": "github" "type": "github"
} }
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1728067476, "lastModified": 1731755305,
"narHash": "sha256-/uJcVXuBt+VFCPQIX+4YnYrHaubJSx4HoNsJVNRgANM=", "narHash": "sha256-v5P3dk5JdiT+4x69ZaB18B8+Rcu3TIOrcdG4uEX7WZ8=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "6e6b3dd395c3b1eb9be9f2d096383a8d05add030", "rev": "057f63b6dc1a2c67301286152eb5af20747a9cb4",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"ref": "nixos-24.05", "ref": "nixos-24.11",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1728018373, "lastModified": 1732014248,
"narHash": "sha256-NOiTvBbRLIOe5F6RbHaAh6++BNjsb149fGZd1T4+KBg=", "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "bc947f541ae55e999ffdb4013441347d83b00feb", "rev": "23e89b7da85c3640bbc2173fe04f4bd114342367",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -206,11 +206,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1728127082, "lastModified": 1732050592,
"narHash": "sha256-MDU/aVPcR5Fk+x1B+SAsyYG47k5cvFvGTrqZIev2Jck=", "narHash": "sha256-WuGCnlt1xhHJfsHpPXdV3gH9Khe4gJ1+abWCHFcddvM=",
"owner": "numtide", "owner": "numtide",
"repo": "srvos", "repo": "srvos",
"rev": "7aaa72eb804248436ea20c084a7891a383e23b02", "rev": "be4533b50ac69cd871ab73d4101c47b397b8c143",
"type": "github" "type": "github"
}, },
"original": { "original": {

10
nix/os/devices/router0-dmz0/flake.nix
View file

@ -1,11 +1,11 @@
{ {
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
get-flake.url = "github:ursi/get-flake"; get-flake.url = "github:ursi/get-flake";
home-manager.url = "github:nix-community/home-manager/release-24.05"; home-manager.url = "github:nix-community/home-manager/release-24.11";
home-manager.inputs.nixpkgs.follows = "nixpkgs"; home-manager.inputs.nixpkgs.follows = "nixpkgs";
disko.url = "github:nix-community/disko"; disko.url = "github:nix-community/disko";
@ -17,7 +17,7 @@
# "github:nakato/nixos-sbc" # "github:nakato/nixos-sbc"
# "github:steveej-forks/nakato_nixos-sbc/kernel-6.9_and_cross-compile" # "github:steveej-forks/nakato_nixos-sbc/kernel-6.9_and_cross-compile"
# "github:steveej-forks/nakato_nixos-sbc/kernel-6.10_and_cross-compile" # "github:steveej-forks/nakato_nixos-sbc/kernel-6.10_and_cross-compile"
"github:steveej-forks/nakato_nixos-sbc/kernel-6.10_and_cross-compile_mtkbump" "github:steveej-forks/nakato_nixos-sbc/wifi-workaround"
# "git+file:///home/steveej/src/others/nakato_nixos-sbc/" # "git+file:///home/steveej/src/others/nakato_nixos-sbc/"
; ;
nixos-sbc.inputs.nixpkgs.follows = "nixpkgs"; nixos-sbc.inputs.nixpkgs.follows = "nixpkgs";
@ -37,6 +37,8 @@
# url = "file+https://raw.githubusercontent.com/openwrt/openwrt/847984c773d819d5579d5abae4b80a4983103ed9/package/network/services/hostapd/patches/710-vlan_no_bridge.patch"; # url = "file+https://raw.githubusercontent.com/openwrt/openwrt/847984c773d819d5579d5abae4b80a4983103ed9/package/network/services/hostapd/patches/710-vlan_no_bridge.patch";
# flake = false; # flake = false;
# }; # };
# repoFlake.url = "path:../../../..";
}; };
outputs = outputs =
@ -63,6 +65,8 @@
inherit nodeName; inherit nodeName;
repoFlake = get-flake ../../../..; repoFlake = get-flake ../../../..;
# repoFlake = get-flake ./.;
# repoFlake = self.inputs.repoFlake;
nodeFlake = self; nodeFlake = self;
}).meta.nodeSpecialArgs.${nodeName}; }).meta.nodeSpecialArgs.${nodeName};

2
nix/os/devices/steveej-x13s/configuration.nix
View file

@ -127,7 +127,7 @@
"kvm" "kvm"
"nixos-test" "nixos-test"
]; ];
maxJobs = 4; maxJobs = 8;
} }
{ {

16
nix/os/devices/steveej-x13s/flake.lock generated
View file

@ -165,16 +165,16 @@
"linux-jhovold": { "linux-jhovold": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1730883079, "lastModified": 1731424601,
"narHash": "sha256-+ZU70M+mqo9SZNLkVtCM0+TdXEh7X39Kxmk6z58GMaM=", "narHash": "sha256-+ErrKhGSyiBJGwO1XrfxzsLoGWoJmVD2ldi5Ag5uJqE=",
"owner": "jhovold", "owner": "jhovold",
"repo": "linux", "repo": "linux",
"rev": "9e9890798b6b4e81db66c572ee6acd291cf8cb77", "rev": "15326bf5cbf6526eefb10cb5bc112a6a95990ec2",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "jhovold", "owner": "jhovold",
"ref": "wip/sc8280xp-6.12-rc6", "ref": "wip/sc8280xp-6.12-rc7",
"repo": "linux", "repo": "linux",
"type": "github" "type": "github"
} }
@ -247,11 +247,11 @@
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs"
}, },
"locked": { "locked": {
"lastModified": 1731101150, "lastModified": 1731793780,
"narHash": "sha256-M9xa6UX6eidLFEfwHWkHkFJ+OgjuFqCIvuqsDSReyy4=", "narHash": "sha256-gOpR24dG7PUktUmlF2nDg0nqvlli7ZC179ngYMpGlfw=",
"ref": "bump", "ref": "bump",
"rev": "b74e8bfe82f059a5854cfc40f7206191edff365d", "rev": "b957608c2a0b7808f17588be2f38d8ddb6321b2f",
"revCount": 117, "revCount": 118,
"type": "git", "type": "git",
"url": "https://forgejo.www.stefanjunker.de/steveej/nixos-x13s.git" "url": "https://forgejo.www.stefanjunker.de/steveej/nixos-x13s.git"
}, },

1
nix/os/snippets/nix-settings.nix
View file

@ -19,6 +19,7 @@ in
"nix-command" "nix-command"
"flakes" "flakes"
"ca-derivations" "ca-derivations"
"recursive-nix"
]; ];
nix.settings.system-features = [ nix.settings.system-features = [