From 23c8980f682b798df95eee4ffbaab87a8b5a76d8 Mon Sep 17 00:00:00 2001 From: materus Date: Wed, 7 Jun 2023 00:53:21 +0200 Subject: [PATCH] valkyrie: add new host + some changes --- configurations/host/default.nix | 37 ++++-- configurations/host/materusPC/default.nix | 1 + .../host/materusPC/hardware/filesystem.nix | 2 +- configurations/host/materusPC/scripts.nix | 21 +++ configurations/host/valkyrie/default.nix | 122 ++++++++++++++++++ configurations/host/valkyrie/extraHome.nix | 14 ++ .../host/valkyrie/hardware-configuration.nix | 46 +++++++ configurations/profile/os/nix.nix | 5 +- extraFiles/keys/ssh/materus.pub | 1 + flake.lock | 38 +++--- 10 files changed, 250 insertions(+), 37 deletions(-) create mode 100644 configurations/host/materusPC/scripts.nix create mode 100644 configurations/host/valkyrie/default.nix create mode 100644 configurations/host/valkyrie/extraHome.nix create mode 100644 configurations/host/valkyrie/hardware-configuration.nix create mode 100644 extraFiles/keys/ssh/materus.pub diff --git a/configurations/host/default.nix b/configurations/host/default.nix index 1fe8bac..689c403 100644 --- a/configurations/host/default.nix +++ b/configurations/host/default.nix @@ -1,17 +1,26 @@ - {inputs, materusFlake}: +{ inputs, materusFlake }: - let - profles = import ../profile; - in - { +let + profles = import ../profile; +in +{ materusPC = inputs.nixpkgs.lib.nixosSystem rec { - specialArgs = {inherit inputs; inherit materusFlake;}; - system = "x86_64-linux"; - modules = [ - ./materusPC - inputs.private.systemModule - profles.osProfile - ]; - }; + specialArgs = { inherit inputs; inherit materusFlake; }; + system = "x86_64-linux"; + modules = [ + ./materusPC + inputs.private.systemModule + profles.osProfile + ]; + }; + valkyrie = inputs.nixpkgs.lib.nixosSystem rec { + specialArgs = { inherit inputs; inherit materusFlake; }; + system = "x86_64-linux"; + modules = [ + ./valkyrie + inputs.private.systemModule + profles.osProfile + ]; + }; - } \ No newline at end of file +} diff --git a/configurations/host/materusPC/default.nix b/configurations/host/materusPC/default.nix index c3c5d2d..25c2fa4 100644 --- a/configurations/host/materusPC/default.nix +++ b/configurations/host/materusPC/default.nix @@ -5,6 +5,7 @@ ./hardware + ./scripts.nix ./tmp.nix ./network.nix ]; diff --git a/configurations/host/materusPC/hardware/filesystem.nix b/configurations/host/materusPC/hardware/filesystem.nix index b597aa8..0643f70 100644 --- a/configurations/host/materusPC/hardware/filesystem.nix +++ b/configurations/host/materusPC/hardware/filesystem.nix @@ -17,7 +17,7 @@ fileSystems."/etc/nixos" = { - device = "/materus/Nix/Nixerus"; + device = "/materus/config/Nixerus"; fsType = "none"; options = [ "bind" ]; }; diff --git a/configurations/host/materusPC/scripts.nix b/configurations/host/materusPC/scripts.nix new file mode 100644 index 0000000..215cf44 --- /dev/null +++ b/configurations/host/materusPC/scripts.nix @@ -0,0 +1,21 @@ +{ config, pkgs, lib, inputs, materusFlake, ... }: +let +valkyrie-sync = pkgs.writeShellScriptBin "valkyrie-sync" '' +${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" --exclude "flake.lock" /materus/config/Nixerus materus@valkyrie:/materus/config/ && \ +${pkgs.rsync}/bin/rsync -avzrh --delete --exclude ".git*" /materus/config/valkyrie materus@valkyrie:/materus/config/ +''; + +valkyrie-flakelock = pkgs.writeShellScriptBin "valkyrie-flakelock" '' +${pkgs.openssh}/bin/ssh materus@valkyrie "nix flake update /materus/config/Nixerus --override-input nixpkgs github:NixOS/nixpkgs/23.05 \ + --override-input home-manager github:nix-community/home-manager/release-23.05 \ + --override-input private /materus/config/valkyrie/flake" +''; + + +in +{ + environment.systemPackages = [ + valkyrie-sync + valkyrie-flakelock + ]; +} diff --git a/configurations/host/valkyrie/default.nix b/configurations/host/valkyrie/default.nix new file mode 100644 index 0000000..08e9e2a --- /dev/null +++ b/configurations/host/valkyrie/default.nix @@ -0,0 +1,122 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running `nixos-help`). + +{ config, pkgs, materusFlake, ... }: + +{ + imports = + [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + materus.profile.nix.enable = true; + + + + + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + # boot.loader.grub.efiSupport = true; + # boot.loader.grub.efiInstallAsRemovable = true; + # boot.loader.efi.efiSysMountPoint = "/boot/efi"; + # Define on which hard drive you want to install Grub. + boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only + + networking.hostName = "valkyrie"; # Define your hostname. + # Pick only one of the below networking options. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + networking.networkmanager.enable = false; # Easiest to use and most distros use this by default. + + # Set your time zone. + time.timeZone = "Europe/Warsaw"; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Select internationalisation properties. + i18n.defaultLocale = "pl_PL.UTF-8"; + console = { + font = "lat2-16"; + keyMap = "pl"; + useXkbConfig = false; # use xkbOptions in tty. + }; + + # Enable the X11 windowing system. + # services.xserver.enable = true; + + + + + # Configure keymap in X11 + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = "eurosign:e,caps:escape"; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.materus = { + isNormalUser = true; + extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + ]; + openssh.authorizedKeys.keyFiles = [ (materusFlake.path + /extraFiles/keys/ssh/materus.pub) ]; + }; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + wget + nano + git + ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + services.openssh.openFirewall = false; + services.openssh.settings.PermitRootLogin = "no"; + services.openssh.settings.PasswordAuthentication = true; + + + services.adguardhome.enable = true; + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + networking.firewall.enable = true; + + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It's perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.05"; # Did you read the comment? + +} + diff --git a/configurations/host/valkyrie/extraHome.nix b/configurations/host/valkyrie/extraHome.nix new file mode 100644 index 0000000..7908316 --- /dev/null +++ b/configurations/host/valkyrie/extraHome.nix @@ -0,0 +1,14 @@ +{ config, pkgs, materusPkgs, lib, ... }: +{ + home.stateVersion = "23.05"; + home.homeDirectory = "/home/materus"; + + materus.profile = { + fonts.enable = false; + nixpkgs.enable = true; + enableDesktop = false; + enableTerminal = true; + enableTerminalExtra = false; + enableNixDevel = false; + }; +} diff --git a/configurations/host/valkyrie/hardware-configuration.nix b/configurations/host/valkyrie/hardware-configuration.nix new file mode 100644 index 0000000..35968ab --- /dev/null +++ b/configurations/host/valkyrie/hardware-configuration.nix @@ -0,0 +1,46 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "virtio_pci" "floppy" "sr_mod" "virtio_blk" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + boot.tmp.useTmpfs = true; + + fileSystems."/" = + { + device = "/dev/disk/by-uuid/924b1a69-2256-444f-baf6-d2d9405e451d"; + fsType = "ext4"; + }; + + fileSystems."/etc/nixos" = + { + device = "/materus/config/Nixerus"; + fsType = "none"; + options = [ "bind" ]; + }; + + swapDevices = [ + { + device = "/swapfile"; + size = 4 * 1024; + } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = false; + networking.nameservers = [ "127.0.0.1" ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/configurations/profile/os/nix.nix b/configurations/profile/os/nix.nix index 107b2f3..7cb97db 100644 --- a/configurations/profile/os/nix.nix +++ b/configurations/profile/os/nix.nix @@ -5,13 +5,12 @@ in { options.materus.profile.nix.enable = materusPkgs.lib.mkBoolOpt false "Enable materus nix settings"; config.nix = lib.mkIf cfg.enable { - package = pkgs.nixVersions.unstable; + package = lib.mkDefault pkgs.nixVersions.unstable; settings = { experimental-features = [ "nix-command" "flakes" "repl-flake" "no-url-literals" ]; auto-optimise-store = true; - - + trusted-users = [ "root" "@wheel" ]; substituters = [ "https://nix-community.cachix.org" diff --git a/extraFiles/keys/ssh/materus.pub b/extraFiles/keys/ssh/materus.pub new file mode 100644 index 0000000..d77bdd3 --- /dev/null +++ b/extraFiles/keys/ssh/materus.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPEDY+H8Hc/RSLE064AAh8IojvqxPd8BE5gec2aOfYMh materus@podkos.pl diff --git a/flake.lock b/flake.lock index 9757d29..09486ef 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1685787331, - "narHash": "sha256-th38r/V0uUDeflZ8cfiXX5rv/ioZhicBW9M0y8r4KMU=", + "lastModified": 1686075314, + "narHash": "sha256-5Gl3AfspuIfWW00jsV9woCYH+znNHOru6W0zpX/P5L0=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "fbbf354bceb8d42d1e0eef8116b66e9947c84017", + "rev": "30c400a67df95ad5012119bff4c8a9386d21e5c4", "type": "github" }, "original": { @@ -46,11 +46,11 @@ ] }, "locked": { - "lastModified": 1685721552, - "narHash": "sha256-ifvq/zlO7lck8q+YkC5uom/h8/MVdMcQEldOL3cDQW0=", + "lastModified": 1685999310, + "narHash": "sha256-gaRMZhc7z4KeU/xS3IWv3kC+WhVcAXOLXXGKLe5zn1Y=", "owner": "nix-community", "repo": "home-manager", - "rev": "29519461834c08395b35f840811faf8c23e3b61c", + "rev": "28614ed7a1e3ace824c122237bdc0e5e0b62c5c3", "type": "github" }, "original": { @@ -62,11 +62,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1685655444, - "narHash": "sha256-6EujQNAeaUkWvpEZZcVF8qSfQrNVWFNNGbUJxv/A5a8=", + "lastModified": 1685931219, + "narHash": "sha256-8EWeOZ6LKQfgAjB/USffUSELPRjw88A+xTcXnOUvO5M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e635192892f5abbc2289eaac3a73cdb249abaefd", + "rev": "7409480d5c8584a1a83c422530419efe4afb0d19", "type": "github" }, "original": { @@ -78,27 +78,27 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1685650716, - "narHash": "sha256-sDd7QIcMbIb37nuqMrJElvuyE5eVgWuKGtIPP8IWwCc=", + "lastModified": 1685865905, + "narHash": "sha256-XJZ/o17eOd2sEsGif+/MQBnfa2DKmndWgJyc7CWajFc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f7c1500e2eefa58f3c80dd046cba256e10440201", + "rev": "e7603eba51f2c7820c0a182c6bbb351181caa8e7", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-22.11", + "ref": "nixos-23.05", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_2": { "locked": { - "lastModified": 1685655444, - "narHash": "sha256-6EujQNAeaUkWvpEZZcVF8qSfQrNVWFNNGbUJxv/A5a8=", + "lastModified": 1685931219, + "narHash": "sha256-8EWeOZ6LKQfgAjB/USffUSELPRjw88A+xTcXnOUvO5M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e635192892f5abbc2289eaac3a73cdb249abaefd", + "rev": "7409480d5c8584a1a83c422530419efe4afb0d19", "type": "github" }, "original": { @@ -110,11 +110,11 @@ }, "nur": { "locked": { - "lastModified": 1685783302, - "narHash": "sha256-RHvm5om03aOIZCG4qzShmaENPzeQJvqSV/RRrnrqbz8=", + "lastModified": 1686086857, + "narHash": "sha256-FR3kJathheBl3BJqmVGTwR+XG2Nad0QnkJNWZrucj5Q=", "owner": "nix-community", "repo": "NUR", - "rev": "626b603b70802f0bb780a8bdaf0eda31c3d8f616", + "rev": "63e7a76a62cc7d4321c0e5beaa100062710ec3a5", "type": "github" }, "original": {