vinzenz/nixos-configuration
0
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

move more stuf out of flake.nix

Browse source
This commit is contained in:
Vinzenz Schroeter 2025-12-11 22:13:32 +01:00
parent 0bb0018450
commit 6bfa995c4d
10 changed files with 180 additions and 112 deletions
Download patch file Download diff file Expand all files Collapse all files

100
flake.nix
View file

@ -80,7 +80,7 @@
};
outputs =
{
inputs@{
self,
nixpkgs,
home-manager,
@ -124,6 +124,9 @@
forgejo-runner-1 = {
system = "aarch64-linux";
};
epimetheus = {
system = "aarch64-linux";
};
};
inherit (nixpkgs) lib;
forDevice = f: lib.mapAttrs (device: value: f (value // { inherit device; })) devices;
@ -200,101 +203,28 @@
home-manager-users ? { },
}:
let
specialArgs = {
inherit device;
my-nixos-modules = self.nixosModules;
specialArgs = inputs // {
inherit device home-manager-users;
};
in
nixpkgs.lib.nixosSystem {
inherit system specialArgs;
modules = [
{
networking.hostName = device;
imports = [
./nixosConfigurations/${device}
self.nixosModules.global-settings
]
++ (lib.optionals (home-manager-users != { }) [
self.nixosModules.global-settings-desktop
]);
nixpkgs = {
inherit system;
hostPlatform = lib.mkDefault system;
};
system = {
stateVersion = "22.11";
autoUpgrade.flake = "git+https://git.berlin.ccc.de/vinzenz/nixos-configuration.git";
};
nixpkgs.overlays = [
self.overlays.unstable-packages
];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
documentation = {
info.enable = false; # info pages and the info command
doc.enable = false; # documentation distributed in packages' /share/doc
};
}
./nixosConfigurations/${device}
# keep-sorted start
lanzaboote.nixosModules.lanzaboote
self.nixosModules.allowed-unfree-list
self.nixosModules.autoupdate
self.nixosModules.default
self.nixosModules.extra-caches
self.nixosModules.globalinstalls
self.nixosModules.lix-is-nix
self.nixosModules.openssh
self.nixosModules.prometheus-node
self.nixosModules.systemd-boot
self.nixosModules.tailscale
zerforschen-plus.nixosModules.default
# keep-sorted end
]
++ (nixpkgs.lib.optionals (home-manager-users != { }) [
{
home-manager = {
extraSpecialArgs = specialArgs;
useGlobalPkgs = true;
useUserPackages = true;
};
time.timeZone = "Europe/Berlin";
home-manager.sharedModules = [
{ home.stateVersion = "22.11"; }
# keep-sorted start
self.homeModules.git
self.homeModules.gnome-extensions
self.homeModules.nano
self.homeModules.templates
self.homeModules.zsh-basics
self.homeModules.zsh-powerlevel10k
# keep-sorted end
];
home-manager.users = home-manager-users;
}
# keep-sorted start
home-manager.nixosModules.home-manager
self.nixosModules.en-de
self.nixosModules.firmware-updates
self.nixosModules.gnome
self.nixosModules.kdeconnect
self.nixosModules.modern-desktop
self.nixosModules.niri
self.nixosModules.nix-ld
self.nixosModules.pkgs-unstable
self.nixosModules.pkgs-vscode-extensions
self.nixosModules.quiet-boot
self.nixosModules.stylix
servicepoint-cli.nixosModules.default
servicepoint-simulator.nixosModules.default
servicepoint-tanks.nixosModules.default
stylix.nixosModules.stylix
# keep-sorted end
]);
];
}
);

8
nixosConfigurations/epimetheus/default.nix Normal file
View file

@ -0,0 +1,8 @@
{ self, ... }:
{
imports = [ self.nixosModules.pxvirt-guest ];
config = {
};
}

4
nixosConfigurations/forgejo-runner-1/default.nix
View file

@ -1,9 +1,9 @@
{ my-nixos-modules, ... }:
{ self, ... }:
{
imports = [
./hardware.nix
./forgejo-runner.nix
my-nixos-modules.podman
self.nixosModules.podman
];
config = {

12
nixosConfigurations/ronja-pc/default.nix
View file

@ -1,17 +1,17 @@
{
config,
pkgs,
my-nixos-modules,
self,
...
}:
{
imports = [
./hardware.nix
my-nixos-modules.user-ronja
my-nixos-modules.gnome
my-nixos-modules.steam
my-nixos-modules.wine-gaming
my-nixos-modules.vinzenz-desktop-settings
self.nixosModules.user-ronja
self.nixosModules.gnome
self.nixosModules.steam
self.nixosModules.wine-gaming
self.nixosModules.vinzenz-desktop-settings
];
config = {

18
nixosConfigurations/vinzenz-lpt2/default.nix
View file

@ -1,15 +1,15 @@
{ my-nixos-modules, ... }:
{ self, ... }:
{
imports = [
./hardware.nix
my-nixos-modules.user-vinzenz
my-nixos-modules.gnome
my-nixos-modules.wine-gaming
my-nixos-modules.steam
my-nixos-modules.podman
my-nixos-modules.vinzenz-desktop-settings
my-nixos-modules.intel-graphics
my-nixos-modules.secure-boot
self.nixosModules.user-vinzenz
self.nixosModules.gnome
self.nixosModules.wine-gaming
self.nixosModules.steam
self.nixosModules.podman
self.nixosModules.vinzenz-desktop-settings
self.nixosModules.intel-graphics
self.nixosModules.secure-boot
];
config = {

18
nixosConfigurations/vinzenz-pc2/default.nix
View file

@ -1,18 +1,18 @@
{ pkgs, my-nixos-modules, ... }:
{ pkgs, self, ... }:
{
imports = [
./hardware.nix
./vscode-server.nix
./hass.nix
my-nixos-modules.user-vinzenz
my-nixos-modules.gnome
my-nixos-modules.wine-gaming
my-nixos-modules.steam
my-nixos-modules.podman
my-nixos-modules.vinzenz-desktop-settings
my-nixos-modules.amd-graphics
my-nixos-modules.secure-boot
self.nixosModules.user-vinzenz
self.nixosModules.gnome
self.nixosModules.wine-gaming
self.nixosModules.steam
self.nixosModules.podman
self.nixosModules.vinzenz-desktop-settings
self.nixosModules.amd-graphics
self.nixosModules.secure-boot
];
config = {

57
nixosModules/global-settings-desktop.nix Normal file
View file

@ -0,0 +1,57 @@
{
home-manager-users,
self,
home-manager,
servicepoint-cli,
servicepoint-simulator,
servicepoint-tanks,
stylix,
specialArgs,
...
}:
{
imports = [
{
home-manager = {
extraSpecialArgs = specialArgs;
useGlobalPkgs = true;
useUserPackages = true;
};
time.timeZone = "Europe/Berlin";
home-manager.sharedModules = [
{ home.stateVersion = "22.11"; }
# keep-sorted start
self.homeModules.git
self.homeModules.gnome-extensions
self.homeModules.nano
self.homeModules.templates
self.homeModules.zsh-basics
self.homeModules.zsh-powerlevel10k
# keep-sorted end
];
home-manager.users = home-manager-users;
}
# keep-sorted start
home-manager.nixosModules.home-manager
self.nixosModules.en-de
self.nixosModules.firmware-updates
self.nixosModules.gnome
self.nixosModules.kdeconnect
self.nixosModules.modern-desktop
self.nixosModules.niri
self.nixosModules.nix-ld
self.nixosModules.pkgs-unstable
self.nixosModules.pkgs-vscode-extensions
self.nixosModules.quiet-boot
self.nixosModules.stylix
servicepoint-cli.nixosModules.default
servicepoint-simulator.nixosModules.default
servicepoint-tanks.nixosModules.default
stylix.nixosModules.stylix
# keep-sorted end
];
}

47
nixosModules/global-settings.nix Normal file
View file

@ -0,0 +1,47 @@
{
device,
self,
lanzaboote,
zerforschen-plus,
...
}:
{
imports = [
# keep-sorted start
lanzaboote.nixosModules.lanzaboote
self.nixosModules.allowed-unfree-list
self.nixosModules.autoupdate
self.nixosModules.default
self.nixosModules.extra-caches
self.nixosModules.globalinstalls
self.nixosModules.lix-is-nix
self.nixosModules.openssh
self.nixosModules.prometheus-node
self.nixosModules.systemd-boot
self.nixosModules.tailscale
zerforschen-plus.nixosModules.default
# keep-sorted end
];
config = {
networking.hostName = device;
system = {
stateVersion = "22.11";
autoUpgrade.flake = "git+https://git.berlin.ccc.de/vinzenz/nixos-configuration.git";
};
nixpkgs.overlays = [
self.overlays.unstable-packages
];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
documentation = {
info.enable = false; # info pages and the info command
doc.enable = false; # documentation distributed in packages' /share/doc
};
};
}

2
nixosModules/openssh.nix
View file

@ -3,7 +3,7 @@
enable = true;
openFirewall = true;
settings = {
PermitRootLogin = "without-password";
PermitRootLogin = "prohibit-password";
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};

26
nixosModules/pxvirt-guest.nix Normal file
View file

@ -0,0 +1,26 @@
{ modulesPath, lib, ... }:
{
imports = [ (modulesPath + "/virtualisation/proxmox-lxc.nix") ];
config = {
# TODO is this needed?
# nix.settings.sandbox = false;
proxmoxLXC = {
manageNetwork = false;
privileged = false;
};
# Let Proxmox host handle fstrim
services.fstrim.enable = false;
# TODO is this needed
# Cache DNS lookups to improve performance
services.resolved.extraConfig = ''
Cache=true
CacheFromLocalhost=true
'';
boot.loader.systemd-boot.enable = lib.mkForce false;
};
}