j00lz/nixos-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Initial commit

Browse source
This commit is contained in:
Julius 2021-11-13 09:13:41 +01:00
commit 90e5cafe53
Signed by: j00lz
GPG key ID: AF241B0AA237BBA2
6 changed files with 220 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
common/default.nix Normal file
View file

@ -0,0 +1,40 @@
{ ... }:
{
imports = [ ./users ];
security.sudo.wheelNeedsPassword = false;
services.journald.extraConfig = ''
SystemMaxUse=100M
MaxFileSec=7day
'';
# Clean /tmp on boot.
boot.cleanTmpDir = true;
# Set your time zone.
time.timeZone = "Europe/Amsterdam";
# Optimize nix store by hardlinking identitical files.
nix = {
package = pkgs.nixUnstable;
autoOptimiseStore = true;
binaryCaches = [
"https://cachix.cachix.org"
"https://nix-community.cachix.org"
"https://nixpkgs-review-bot.cachix.org"
];
binaryCachePublicKeys = [
"cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"nixpkgs-review-bot.cachix.org-1:eppgiDjPk7Hkzzz7XlUesk3rcEHqNDozGOrcLc8IqwE="
];
trustedUsers = [ "root" "jdejeu" ];
extraOptions = ''
experimental-features = nix-command flakes
'';
};
nixpkgs.config.allowUnfree = true;
}

10
common/generic-lxc.nix Normal file
View file

@ -0,0 +1,10 @@
{ ... }: {
services.sshd.enable = true;
systemd.suppressedSystemUnits = [
"dev-mqueue.mount"
"sys-kernel-debug.mount"
"sys-fs-fuse-connections.mount"
];
}

27
common/users/default.nix Normal file
View file

@ -0,0 +1,27 @@
{ config, pkgs, ... }:
{
environment.systemPackages = with pkgs; [ fzf git htop rsync ripgrep zoxide ];
programs.neovim.enable = true;
programs.neovim.viAlias = true;
users.extraUsers.jdejeu = {
isNormalUser = true;
home = "/home/jdejeu";
description = "Julius";
extraGroups = [ "wheel" ];
shell = pkgs.fish;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAJBY9eQlR/JRnjVC2wKWQ+o02wDlGUlSgN/4e3i6ans"
];
};
# Configure the root account
users.extraUsers.root = {
# Allow my SSH keys for logging in as root.
openssh.authorizedKeys.keys =
config.users.users.jdejeu.openssh.authorizedKeys.keys;
# Also use zsh for root
shell = pkgs.zsh;
};
}

95
flake.lock Normal file
View file

@ -0,0 +1,95 @@
{
"nodes": {
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": "nixpkgs",
"utils": "utils"
},
"locked": {
"lastModified": 1632822684,
"narHash": "sha256-lt7eayYmgsD5OQwpb1XYfHpxttn43bWo7G7hIJs+zJw=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "9a02de4373e0ec272d08a417b269a28ac8b961b4",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1627913399,
"narHash": "sha256-hY8g6H2KFL8ownSiFeMOjwPC8P0ueXpCVEbxgda3pko=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "12c64ca55c1014cdc1b16ed5a804aa8576601ff2",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1632086102,
"narHash": "sha256-wVTcf0UclFS+zHtfPToB13jIO7n0U9N50MuRbPjQViE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e0ce3c683ae677cf5aab597d645520cddd13392b",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1636787152,
"narHash": "sha256-plWieAm8r965NfqORxcrq79eK5edUrHqXXgPZdLPE3M=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "6147e5d3177d63171970d27fc28698a9624c62bc",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "master",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"deploy-rs": "deploy-rs",
"nixpkgs": "nixpkgs_2"
}
},
"utils": {
"locked": {
"lastModified": 1631561581,
"narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

31
flake.nix Normal file
View file

@ -0,0 +1,31 @@
{
description = "Memes";
inputs.deploy-rs.url = "github:serokell/deploy-rs";
inputs.nixpkgs.url = "github:NixOS/nixpkgs/master";
outputs = { self, nixpkgs, deploy-rs }: {
nixosConfigurations.base = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
./hosts/base/configuration.nix
];
};
deploy.nodes.base = {
hostname = "10.42.20.1";
fastConnection = true;
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos
self.nixosConfigurations.base;
};
};
checks =
builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy)
deploy-rs.lib;
};
}

17
hosts/base/configuration.nix Normal file
View file

@ -0,0 +1,17 @@
{ config, pkgs, ... }: {
imports = [
# Import common config
../../common/generic-lxc.nix
../../common
];
networking.hostName = "base";
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "21.05"; # Did you read the comment?
}