c2vi/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

...

Browse Source
This commit is contained in:
Sebastian Moser
2023-11-20 13:49:26 +01:00
parent a18ee1e23c
commit 472e5082e7
5 changed files with 191 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
common/building.nix Normal file
View File

@@ -0,0 +1,37 @@
{ ... }:
{
nix.buildMachines = [
{
hostName = "hpm";
maxJobs = 8;
speedFactor = 5;
systems = [
"x86_64-linux"
];
}
{
hostName = "acern";
maxJobs = 20;
speedFactor = 10;
systems = [
"x86_64-linux"
];
}
/*
{
hostName = "main";
maxJobs = 4;
systems = [
"x86_64-linux"
];
}
*/
];
nix.settings = {
trusted-public-keys = [
"sebastian@c2vi.dev:0tIXGRJMLaI9H1ZPdU4gh+BikUuBVHtk+e1B5HggdZo="
];
#builders = "@/etc/nix/machines";
trusted-users = [ "me" ];
};
}

1
hosts/hpm.nix
View File

@@ -4,6 +4,7 @@
../common/all.nix ../common/all.nix
../common/nixos.nix ../common/nixos.nix
../common/nixos-graphical.nix ../common/nixos-graphical.nix
../common/building.nix
../users/me/default.nix ../users/me/default.nix
]; ];

46
hosts/luna.nix Normal file
View File

@@ -0,0 +1,46 @@
{ lib, pkgs, ... }:
{
# This causes an overlay which causes a lot of rebuilding
environment.noXlibs = lib.mkForce false;
# "${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix" creates a
# disk with this label on first boot. Therefore, we need to keep it. It is the
# only information from the installer image that we need to keep persistent
fileSystems."/" =
{ device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4";
};
boot = {
kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
loader = {
generic-extlinux-compatible.enable = lib.mkDefault true;
grub.enable = lib.mkDefault false;
};
};
nix.settings = {
experimental-features = lib.mkDefault "nix-command flakes";
trusted-users = [ "root" "@wheel" ];
};
# end of base.nix
environment.systemPackages = with pkgs; [ vim git ];
services.openssh.enable = true;
networking.hostName = "luna";
users = {
users.me = {
password = "hello";
isNormalUser = true;
extraGroups = [ "wheel" ];
};
};
networking = {
interfaces."wlan0".useDHCP = true;
wireless = {
interfaces = [ "wlan0" ];
enable = true;
networks = {
seb-phone.psk = "hellogello";
};
};
};
}

75
hosts/main.nix
View File

@@ -1,5 +1,5 @@
{ pkgs, lib, workDir, self, secretsDir, ... }: { pkgs, lib, workDir, self, secretsDir, config, ... }:
{ {
# https://bugzilla.kernel.org/show_bug.cgi?id=110941 # https://bugzilla.kernel.org/show_bug.cgi?id=110941
@@ -15,6 +15,7 @@
../common/all.nix ../common/all.nix
../common/nixos.nix ../common/nixos.nix
../common/nixos-graphical.nix ../common/nixos-graphical.nix
../common/building.nix
../users/me/default.nix ../users/me/default.nix
../users/root/default.nix ../users/root/default.nix
@@ -34,34 +35,8 @@
}; };
}; };
nix.settings = {
trusted-public-keys = [
"sebastian@c2vi.dev:0tIXGRJMLaI9H1ZPdU4gh+BikUuBVHtk+e1B5HggdZo="
];
#builders = "@/etc/nix/machines";
trusted-users = [ "me" ];
};
nix = { nix = {
distributedBuilds = false; # false, because i can't build on hpm currently ... not signed by trusted user error distributedBuilds = false; # false, because i can't build on hpm currently ... not signed by trusted user error
buildMachines = [
{
hostName = "hpm";
maxJobs = 8;
speedFactor = 5;
systems = [
"x86_64-linux"
];
}
/*
{
hostName = "main";
maxJobs = 4;
systems = [
"x86_64-linux"
];
}
*/
];
}; };
networking.hostName = "main"; networking.hostName = "main";
@@ -69,9 +44,15 @@
networking.extraHosts = '' networking.extraHosts = ''
192.168.1.6 hpm 192.168.1.6 hpm
192.168.1.2 rpi 192.168.1.2 rpi
127.0.0.1 youtube.com
127.0.0.1 www.youtube.com
''; '';
# to build rpi images
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
# some bind mounts # some bind mounts
fileSystems."${workDir}/priv-share/things" = { fileSystems."${workDir}/priv-share/things" = {
device = "${workDir}/things"; device = "${workDir}/things";
@@ -86,6 +67,46 @@
options = [ "bind" ]; options = [ "bind" ];
}; };
# my youtube blocking service
systemd.services.stark =
let
stark = pkgs.writeShellApplication {
name = "stark";
runtimeInputs = with pkgs; [ curl w3m ];
text = ''
if [ -f "/etc/host-youtube-block" ];
then
timeout=$(cat /etc/host-youtube-block)
if [[ "$timeout" == "1" ]]
then
rm /etc/host-youtube-block
else
timeout=$((timeout - 1))
echo -en $timeout > /etc/host-youtube-block
fi
else
rm /etc/hosts
ln -nsf ${config.environment.etc.hosts.source.outPath} /etc/hosts
fi
'';
};
in
{
enable = true;
description = "block Youtube";
unitConfig = {
Type = "simple";
};
serviceConfig = {
Restart = "always";
RestartSec = "60s";
ExecStart = "${stark}/bin/stark";
};
wantedBy = [ "multi-user.target" ];
};
# syncthing for main # syncthing for main
services.syncthing = { services.syncthing = {

59
hosts/privision-main.nix Normal file
View File

@@ -0,0 +1,59 @@
{ inputs, self, nixpkgs, specialArgs, ... }:
{
outputs.apps = {
main = inputs.nix-provision.mkProvision self.outputs.nixosConfigurations.main;
};
outputs.nixosConfigurations.main = nixpkgs.lib.nixosSystem {
inherit specialArgs;
system = "x86_64-linux";
modules = [
./hosts/main.nix
./hardware/my-hp-laptop.nix
{
provision = {
type = "disk";
# other types: phone, wsl, libirt-vm, installer,
lvm.physicalVolumes.lvm0 = {
logicalVolumes = [
{
label = "root";
type = "btrfs";
}
{
label = "swap";
type = "swap";
}
{
label = "work";
type = "btrfs";
}
];
};
hardware.boot = {
};
hardware.drive = {
type = "gpt";
partitions = [
{
label = "boot";
type = "fat32";
}
{
type = "luks";
secret = "luks-secret";
containing = {
type = "lvm-pv";
partOf = "lvm0";
};
}
];
};
};
}
];
};
}