waveringana/nixcfg
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

cute refactor

Browse source
This commit is contained in:
waveringana 2025-06-04 02:48:23 -04:00
parent 3e9d95c2a3
commit 7fb32811d4
12 changed files with 252 additions and 181 deletions
Download patch file Download diff file Expand all files Collapse all files

48
flake.nix
View file

@ -21,11 +21,25 @@
}; };
}; };
outputs = inputs@{ self, nixpkgs, lix-module, vscode-server, agenix, zen-browser, catppuccin, home-manager, ... }: { outputs =
{ self, ... }@inputs:
with inputs;
let
nixosModules = builtins.listToAttrs (
map (module: {
name = module;
value = import (./modules + "/${module}");
}) (builtins.attrNames (builtins.readDir ./modules))
);
in
{
nixosConfigurations = { nixosConfigurations = {
focalor = nixpkgs.lib.nixosSystem { focalor = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { inherit inputs; system = "x86_64-linux"; }; specialArgs = {
inherit inputs;
system = "x86_64-linux";
};
modules = [ modules = [
./hosts/focalor ./hosts/focalor
lix-module.nixosModules.default lix-module.nixosModules.default
@ -33,22 +47,20 @@
vscode-server.nixosModules.default vscode-server.nixosModules.default
agenix.nixosModules.default agenix.nixosModules.default
({ config, pkgs, ... }: {
services.vscode-server.enable = true;
services.vscode-server.nodejsPackage = pkgs.nodejs_20;
environment.systemPackages = [ agenix.packages.x86_64-linux.default ];
})
catppuccin.nixosModules.catppuccin catppuccin.nixosModules.catppuccin
home-manager.nixosModules.home-manager { home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;
home-manager.backupFileExtension = "HMBackup"; home-manager.backupFileExtension = "HMBackup";
home-manager.users.regent.imports = [ home-manager.users.regent.imports = [
./home/regent/home.nix ./home/regent/home.nix
catppuccin.homeModules.catppuccin catppuccin.homeModules.catppuccin
]; ];
home-manager.extraSpecialArgs = { inherit inputs; system = "x86_64-linux";}; home-manager.extraSpecialArgs = {
inherit inputs;
system = "x86_64-linux";
};
} }
]; ];
}; };
@ -56,19 +68,13 @@
valefar = nixpkgs.lib.nixosSystem { valefar = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
modules = [ modules = [
./hosts/valefar # imports configuration.nix automatically ./hosts/valefar
lix-module.nixosModules.default lix-module.nixosModules.default
# External modules
vscode-server.nixosModules.default vscode-server.nixosModules.default
agenix.nixosModules.default agenix.nixosModules.default
# Global external module config { imports = builtins.attrValues nixosModules; }
({ config, pkgs, ... }: {
services.vscode-server.enable = true;
services.vscode-server.nodejsPackage = pkgs.nodejs_20;
environment.systemPackages = [ agenix.packages.x86_64-linux.default ];
})
]; ];
}; };
@ -82,14 +88,16 @@
}; };
# Easy to add more hosts # Easy to add more hosts
/*server2 = nixpkgs.lib.nixosSystem { /*
server2 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
modules = [ modules = [
./hosts/server2 ./hosts/server2
agenix.nixosModules.default agenix.nixosModules.default
# different services for server2 # different services for server2
]; ];
};*/ };
*/
}; };
}; };
} }

4
hosts/buer/default.nix
View file

@ -13,13 +13,15 @@
../../modules/common/services.nix ../../modules/common/services.nix
# Services specific to this host # Services specific to this host
../../services/garage.nix
#../../services/forgejo.nix #../../services/forgejo.nix
# Common secrets # Common secrets
../../host-secrets.nix ../../host-secrets.nix
]; ];
system.stateVersion = "24.11";
modules.garage.enable = true;
# pin host platform & microcode # pin host platform & microcode
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault hardware.cpu.intel.updateMicrocode = lib.mkDefault

6
hosts/focalor/default.nix
View file

@ -20,13 +20,12 @@
# Nvidia # Nvidia
../../modules/common/nvidia.nix ../../modules/common/nvidia.nix
# Services specific to this host
#../../services/xyz.nix
# Common secrets # Common secrets
#../../host-secrets.nix #../../host-secrets.nix
]; ];
system.stateVersion = "24.11";
# pin host platform & microcode # pin host platform & microcode
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault hardware.cpu.intel.updateMicrocode = lib.mkDefault
@ -62,6 +61,7 @@
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
#lm_sensors #lm_sensors
code-server code-server
agenix.packages.x86_64-linux.default
]; ];
environment.sessionVariables.WLR_RENDERER = "vulkan"; environment.sessionVariables.WLR_RENDERER = "vulkan";

14
hosts/valefar/default.nix
View file

@ -14,14 +14,16 @@
../../modules/common/services.nix ../../modules/common/services.nix
../../modules/common/efi.nix ../../modules/common/efi.nix
# Services specific to this host
../../services/garage.nix
../../services/forgejo.nix
# Common secrets # Common secrets
../../host-secrets.nix ../../host-secrets.nix
]; ];
# Enable modules
modules.garage.enable = true;
modules.forgejo.enable = true;
system.stateVersion = "24.11";
# pin host platform & microcode # pin host platform & microcode
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault hardware.cpu.intel.updateMicrocode = lib.mkDefault
@ -83,9 +85,13 @@
services.zfs.autoScrub.enable = true; services.zfs.autoScrub.enable = true;
services.zfs.trim.enable = true; services.zfs.trim.enable = true;
services.vscode-server.enable = true;
services.vscode-server.nodejsPackage = pkgs.nodejs_20;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
lm_sensors lm_sensors
code-server code-server
agenix.packages.x86_64-linux.default
]; ];
virtualisation.docker = { virtualisation.docker = {

14
modules/caddy/caddy.nix Normal file
View file

@ -0,0 +1,14 @@
{lib, pkgs, config, ...}:
{
services.caddy = {
enable = true;
virtualHosts = {
"s3.nekomimi.pet".extraConfig = ''
reverse_proxy http://127.0.0.1:3903
''
};
};
}

2
modules/common/system.nix
View file

@ -11,7 +11,5 @@
time.timeZone = "America/New_York"; time.timeZone = "America/New_York";
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
system.stateVersion = "24.11";
} }

49
modules/forgejo/default.nix Normal file
View file

@ -0,0 +1,49 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.modules.forgejo;
sshPort = 2222;
httpPort = 5000;
in
{
options = {
modules = {
forgejo = {
enable = mkEnableOption "Deploy forgejo";
};
};
};
config = mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [
sshPort
httpPort
];
services.forgejo = {
enable = true;
database = {
type = "sqlite3";
path = "/var/lib/forgejo/forgejo.db";
};
lfs.enable = true;
settings = {
server = {
domain = "git.nekomimi.pet";
ROOT_URL = "https://git.nekomimi.pet";
LANDING_PAGE = "explore";
HTTP_PORT = 5000;
SSH_LISTEN_PORT = 2222;
SSH_PORT = 2222;
START_SSH_SERVER = true;
};
# service.DISABLE_REGISTRATION = true;
actions = {
ENABLED = true;
DEFAULT_ACTIONS_URL = "github";
};
};
};
};
}

50
modules/garage/default.nix Normal file
View file

@ -0,0 +1,50 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.modules.garage;
in
{
options = {
modules = {
garage = {
enable = mkEnableOption "Deploy garage";
};
};
};
config = mkIf cfg.enable {
services.garage = {
enable = true;
package = pkgs.garage;
settings = {
metadata_dir = "/garage/metadata";
data_dir = "/garage/data";
db_engine = "lmdb";
replication_mode = "2";
rpc_bind_addr = "[::]:3901";
rpc_public_addr = "${config.networking.hostName}:3901";
rpc_secret_file = config.age.secrets."garage-rpc-secret".path;
s3_api = {
s3_region = config.networking.hostName;
api_bind_addr = "[::]:3900";
root_domain = ".s3.nekomimi.pet";
};
s3_web = {
bind_addr = "[::]:3902";
root_domain = ".web.nekomimi.pet";
index = "index.html";
};
admin = {
api_bind_addr = "[::]:3903";
admin_token_file = config.age.secrets."garage-admin-token".path;
metrics_token_file = config.age.secrets."garage-metrics-token".path;
};
bootstrap_peers = [
"d548d0c9ae9aec9e26fe0bd2ca3efe75f654fa350bad5cb02bc9aebc9850ba8f@[2a04:52c0:135:48d1::2]:3901" # buer
"5504cb25910dcef4a4312006691d651c099cde7c3a88df9ca79aa350571e6e65@[2601:5c2:8400:26c0:4ecc:6aff:fef7:98ca]:3901" #valefar
];
};
};
};
}

47
modules/github-runners/default.nix Normal file
View file

@ -0,0 +1,47 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.modules.github-runners;
extraPackages =
let gtar = pkgs.runCommandNoCC "gtar" { } ''
mkdir -p $out/bin
ln -s ${lib.getExe pkgs.gnutar} $out/bin/gtar
'';
in
with pkgs; [
nix
nixci
cachix
coreutils
which
jq
gtar
docker
curl
];
in
{
options = {
modules = {
github-runners = {
enable = mkEnableOption "Deploy github runners";
};
};
};
config = mkIf cfg.enable {
services.github-runners = {
simplelink = {
enable = true;
name = "simplelink";
url = "https://github.com/waveringana/simplelink";
token = config.age.secrets."build-token".path;
user = "regent";
group = "docker";
extraPackages = extraPackages;
};
};
};
}

32
services/forgejo.nix
View file

@ -1,32 +0,0 @@
{lib, pkgs, config, ...}:
let
cfg = config.services.forgejo;
srv = cfg.settings.server;
in
{
services.forgejo = {
enable = true;
database = {
type = "sqlite3";
path = "/var/lib/forgejo/forgejo.db";
};
lfs.enable = true;
settings = {
server = {
domain = "git.nekomimi.pet";
ROOT_URL = "https://git.nekomimi.pet";
LANDING_PAGE = "explore";
HTTP_PORT = 5000;
SSH_LISTEN_PORT = 2222;
SSH_PORT = 2222;
START_SSH_SERVER = true;
};
# service.DISABLE_REGISTRATION = true;
actions = {
ENABLED = true;
DEFAULT_ACTIONS_URL = "github";
};
};
};
}

36
services/garage.nix
View file

@ -1,36 +0,0 @@
{ config, lib, pkgs, ... }:
{
services.garage = {
enable = true;
package = pkgs.garage;
settings = {
metadata_dir = "/garage/metadata";
data_dir = "/garage/data";
db_engine = "lmdb";
replication_mode = "2";
rpc_bind_addr = "[::]:3901";
rpc_public_addr = "${config.networking.hostName}:3901";
rpc_secret_file = config.age.secrets."garage-rpc-secret".path;
s3_api = {
s3_region = config.networking.hostName;
api_bind_addr = "[::]:3900";
root_domain = ".s3.nekomimi.pet";
};
s3_web = {
bind_addr = "[::]:3902";
root_domain = ".web.nekomimi.pet";
index = "index.html";
};
admin = {
api_bind_addr = "[::]:3903";
admin_token_file = config.age.secrets."garage-admin-token".path;
metrics_token_file = config.age.secrets."garage-metrics-token".path;
};
bootstrap_peers = [
"d548d0c9ae9aec9e26fe0bd2ca3efe75f654fa350bad5cb02bc9aebc9850ba8f@[2a04:52c0:135:48d1::2]:3901" # buer
"5504cb25910dcef4a4312006691d651c099cde7c3a88df9ca79aa350571e6e65@[2601:5c2:8400:26c0:4ecc:6aff:fef7:98ca]:3901" #valefar
];
};
};
}

35
services/github-runners.nix
View file

@ -1,35 +0,0 @@
{ lib, pkgs, ... }:
let extraPackages =
let gtar = pkgs.runCommandNoCC "gtar" { } ''
mkdir -p $out/bin
ln -s ${lib.getExe pkgs.gnutar} $out/bin/gtar
'';
in
with pkgs; [
nix
nixci
cachix
coreutils
which
jq
gtar
docker
curl
];
in
{
services.github-runners = {
simplelink = {
enable = true;
name = "simplelink";
url = "https://github.com/waveringana/simplelink";
token = config.age.secrets."build-token".path;
user = "regent";
group = "docker";
extraPackages = extraPackages;
};
};
}