chaos/nixfiles
1
0
Fork 0
Code Issues 2 Releases Activity

add raspberry pi, add home.dev.small, add cross to lappy

Browse source
This commit is contained in:
ChaotiCryptidz 2022-01-03 16:50:22 +00:00
parent 72fe1445c1
commit eacffaed39
20 changed files with 97 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
flake.lock
View file

@ -41,11 +41,11 @@
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1640943848,
"narHash": "sha256-AXmbspe5EXTr2WsGdtBhFgKtGvzMmPBgqOanFvQq974=",
"lastModified": 1641121012,
"narHash": "sha256-svaOMxNMQgFHjcxdmLojOxTxfqSENtnO+S3kb+npIwY=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "89bdef7994a20b5285454bf42c7d2b53b98d5754",
"rev": "8e7a10602d1eb1d242c9d3f9b822203d5751a8c6",
"type": "github"
},
"original": {
@ -72,11 +72,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1641016545,
"narHash": "sha256-JMNwvnBzG0RjGG3eH27Y5/GlJ9ryeCdGJfqGbqxnmZY=",
"lastModified": 1641194805,
"narHash": "sha256-LyPsFnE/yjzeQbqFVampztn6mKkWTD5Q2TRyrReqcZE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "6f05cfdb1e78d36c0337516df674560e4b51c79b",
"rev": "c38ca58c0b4b5d9423609c58636988a9f81325d6",
"type": "github"
},
"original": {
@ -86,11 +86,11 @@
},
"nixpkgs_3": {
"locked": {
"lastModified": 1640871638,
"narHash": "sha256-ty6sGnJUQEkCd43At5U3DRQZD7rPARz5VginSW6hZ3k=",
"lastModified": 1640959792,
"narHash": "sha256-zYSR//06FU2TDOpKKj0Hkff6unsxk3NwwNFuB1loU6E=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "5b091d4fbe3b7b7493c3b46fe0842e4b30ea24b3",
"rev": "59bfda72480496f32787cec8c557182738b1bd3f",
"type": "github"
},
"original": {

0
home/dev/archives.nix → home/dev/all/archives.nix
View file

0
home/dev/debugging.nix → home/dev/all/debugging.nix
View file

0
home/dev/editors.nix → home/dev/all/editors.nix
View file

0
home/dev/extra.nix → home/dev/all/extra.nix
View file

0
home/dev/git.nix → home/dev/all/git.nix
View file

0
home/dev/info.nix → home/dev/all/info.nix
View file

0
home/dev/network.nix → home/dev/all/network.nix
View file

0
home/dev/vcs.nix → home/dev/all/vcs.nix
View file

12
home/dev/small/small.nix Normal file
View file

@ -0,0 +1,12 @@
{tree, ...}: {
# basically everything apart from home.dev.debugging
imports = with tree; [
home.dev.all.archives
home.dev.all.editors
home.dev.all.extra
home.dev.all.git
home.dev.all.info
home.dev.all.network
home.dev.all.vcs
];
}

7
hosts/default.nix
View file

@ -28,4 +28,11 @@ in {
system = "x86_64-linux";
modules = defaultModules ++ [ ./hetzner-vm/hetzner-vm.nix ];
};
# nix --no-sandbox build .#nixosConfigurations.raspberry.config.system.build.sdImage
raspberry = nixpkgs.lib.nixosSystem {
specialArgs = defaultSpecialArgs;
system = "aarch64-linux";
modules = defaultModules ++ [ ./raspberry/raspberry.nix ];
};
}

14
hosts/hetzner-vm/hetzner-vm.nix
View file

@ -18,17 +18,11 @@
(modulesPath + "/profiles/qemu-guest.nix")
];
home-manager.users.root = { imports = with tree; [ home.base ]; };
home-manager.users.root = {
imports = with tree; [ home.base home.dev.small ];
};
home-manager.users.chaoticryptidz = {
imports = with tree; [
home.base
home.dev.archives
home.dev.editors
home.dev.git
home.dev.info
home.dev.network
home.dev.vcs
];
imports = with tree; [ home.base home.dev.small ];
};
networking.hostName = "hetzner-vm";

11
hosts/lappy/lappy.nix
View file

@ -5,7 +5,7 @@
users.root
users.chaoticryptidz
profiles.hardening
#profiles.hardening
profiles.tailscale
profiles.gui
profiles.laptop
@ -28,7 +28,7 @@
#home.bluetooth
home.gui
#home.gaming
home.dev
home.dev.all
home.network_manager
home.sway
#home.reversing
@ -41,6 +41,13 @@
];
};
boot.binfmt = {
emulatedSystems = [ "aarch64-linux" ];
registrations.aarch64-linux = {
interpreter = lib.mkForce "${pkgs.qemu}/bin/qemu-aarch64";
};
};
services.getty.extraArgs =
[ "--skip-login" "--login-options" "chaoticryptidz" ];

32
hosts/raspberry/raspberry.nix Normal file
View file

@ -0,0 +1,32 @@
{ tree, modulesPath, config, pkgs, lib, ... }:
{
imports = with tree; [
users.root
users.chaoticryptidz
profiles.tailscale
profiles.sshd
(modulesPath + "/installer/sd-card/sd-image-aarch64.nix")
];
home-manager.users.root = { imports = with tree; [ home.base home.dev ]; };
home-manager.users.chaoticryptidz = { imports = with tree; [ home.base home.dev ]; };
boot.kernelPackages = pkgs.linuxPackages_latest;
networking.hostName = "raspberry";
time.timeZone = "Europe/London";
networking.useDHCP = true;
networking.wireless = {
enable = true;
environmentFile = "/secrets/wifi-env";
networks.BT-JGA898.psk = "@PSK_HOME@";
};
sdImage.compressImage = lib.mkForce false;
system.stateVersion = "21.11";
}

4
hosts/rescue/rescue.nix
View file

@ -12,12 +12,12 @@
(modulesPath + "/installer/cd-dvd/installation-cd-base.nix")
];
home-manager.users.root = { imports = with tree; [ home.base ]; };
home-manager.users.root = { imports = with tree; [ home.base home.dev.all ]; };
home-manager.users.chaoticryptidz = {
imports = with tree; [
home.base
home.gui
home.dev
home.dev.all
home.network_manager
home.sway
home.apps.vivaldi

13
outputs.nix
View file

@ -30,7 +30,7 @@ in {
nixosConfigurations = import ./hosts ({ inherit tree; } // inputs);
deploy.nodes.lappy = {
hostname = "lappy.tailscale-internal.owo.monster";
hostname = "lappy.tailscale-internal.genderfucked.monster";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos
@ -38,7 +38,7 @@ in {
};
};
deploy.nodes.hetzner-vm = {
hostname = "hetzner-vm.tailscale-internal.owo.monster";
hostname = "hetzner-vm.tailscale-internal.genderfucked.monster";
username = "root";
profiles.system = {
user = "root";
@ -46,4 +46,13 @@ in {
self.nixosConfigurations.hetzner-vm;
};
};
deploy.nodes.raspberry = {
hostname = "raspberry.tailscale-internal.genderfucked.monster";
username = "root";
profiles.system = {
user = "root";
path = deploy-rs.lib.aarch64-linux.activate.nixos
self.nixosConfigurations.raspberry;
};
};
}

6
profiles/base/deployrs.nix Normal file
View file

@ -0,0 +1,6 @@
{ ... }: {
nix.binaryCaches = [ "https://cachix.org/api/v1/cache/serokell" ];
nix.binaryCachePublicKeys =
[ "serokell.cachix.org-1:5DscEJD6c1dD1Mc/phTIbs13+iW22AVbx0HqiSb+Lq8=" ];
}

6
profiles/base/hardware.nix
View file

@ -1,7 +1,7 @@
{ ... }: {
{ lib, pkgs, ... }: {
hardware.enableRedistributableFirmware = true;
hardware.enableAllFirmware = true;
hardware.cpu.intel.updateMicrocode = true;
hardware.cpu.amd.updateMicrocode = true;
hardware.cpu.intel.updateMicrocode = lib.mkIf ("${pkgs.system}" == "x86_64-linux") true;
hardware.cpu.amd.updateMicrocode = lib.mkIf ("${pkgs.system}" == "x86_64-linux") true;
hardware.wirelessRegulatoryDatabase = true;
}

1
profiles/dnscrypt/dnscrypt.nix
View file

@ -21,6 +21,7 @@
};
server_names = [
"cloudflare"
"acsacsar-ams-ipv4"
"acsacsar-ams-ipv6"
"dnscrypt.eu-dk"

2
profiles/hardening/hardening.nix
View file

@ -2,7 +2,7 @@
# modified from https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/hardened.nix
# but with some stuff not turned on
boot.kernelPackages = pkgs.linuxPackages_hardened;
boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_hardened;
environment.memoryAllocator.provider = "scudo";
environment.variables.SCUDO_OPTIONS = "ZeroContents=1";