vinzenz/nixos-configuration
0
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

move more stuf out of flake.nix

Browse source
This commit is contained in:
Vinzenz Schroeter 2025-12-11 22:13:32 +01:00
parent 0bb0018450
commit 6bfa995c4d
10 changed files with 180 additions and 112 deletions
Download patch file Download diff file Expand all files Collapse all files

100
flake.nix
View file

@ -80,7 +80,7 @@
}; };
outputs = outputs =
{ inputs@{
self, self,
nixpkgs, nixpkgs,
home-manager, home-manager,
@ -124,6 +124,9 @@
forgejo-runner-1 = { forgejo-runner-1 = {
system = "aarch64-linux"; system = "aarch64-linux";
}; };
epimetheus = {
system = "aarch64-linux";
};
}; };
inherit (nixpkgs) lib; inherit (nixpkgs) lib;
forDevice = f: lib.mapAttrs (device: value: f (value // { inherit device; })) devices; forDevice = f: lib.mapAttrs (device: value: f (value // { inherit device; })) devices;
@ -200,101 +203,28 @@
home-manager-users ? { }, home-manager-users ? { },
}: }:
let let
specialArgs = { specialArgs = inputs // {
inherit device; inherit device home-manager-users;
my-nixos-modules = self.nixosModules;
}; };
in in
nixpkgs.lib.nixosSystem { nixpkgs.lib.nixosSystem {
inherit system specialArgs; inherit system specialArgs;
modules = [ modules = [
{ {
networking.hostName = device; imports = [
./nixosConfigurations/${device}
self.nixosModules.global-settings
]
++ (lib.optionals (home-manager-users != { }) [
self.nixosModules.global-settings-desktop
]);
nixpkgs = { nixpkgs = {
inherit system; inherit system;
hostPlatform = lib.mkDefault system; hostPlatform = lib.mkDefault system;
}; };
system = {
stateVersion = "22.11";
autoUpgrade.flake = "git+https://git.berlin.ccc.de/vinzenz/nixos-configuration.git";
};
nixpkgs.overlays = [
self.overlays.unstable-packages
];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
documentation = {
info.enable = false; # info pages and the info command
doc.enable = false; # documentation distributed in packages' /share/doc
};
} }
];
./nixosConfigurations/${device}
# keep-sorted start
lanzaboote.nixosModules.lanzaboote
self.nixosModules.allowed-unfree-list
self.nixosModules.autoupdate
self.nixosModules.default
self.nixosModules.extra-caches
self.nixosModules.globalinstalls
self.nixosModules.lix-is-nix
self.nixosModules.openssh
self.nixosModules.prometheus-node
self.nixosModules.systemd-boot
self.nixosModules.tailscale
zerforschen-plus.nixosModules.default
# keep-sorted end
]
++ (nixpkgs.lib.optionals (home-manager-users != { }) [
{
home-manager = {
extraSpecialArgs = specialArgs;
useGlobalPkgs = true;
useUserPackages = true;
};
time.timeZone = "Europe/Berlin";
home-manager.sharedModules = [
{ home.stateVersion = "22.11"; }
# keep-sorted start
self.homeModules.git
self.homeModules.gnome-extensions
self.homeModules.nano
self.homeModules.templates
self.homeModules.zsh-basics
self.homeModules.zsh-powerlevel10k
# keep-sorted end
];
home-manager.users = home-manager-users;
}
# keep-sorted start
home-manager.nixosModules.home-manager
self.nixosModules.en-de
self.nixosModules.firmware-updates
self.nixosModules.gnome
self.nixosModules.kdeconnect
self.nixosModules.modern-desktop
self.nixosModules.niri
self.nixosModules.nix-ld
self.nixosModules.pkgs-unstable
self.nixosModules.pkgs-vscode-extensions
self.nixosModules.quiet-boot
self.nixosModules.stylix
servicepoint-cli.nixosModules.default
servicepoint-simulator.nixosModules.default
servicepoint-tanks.nixosModules.default
stylix.nixosModules.stylix
# keep-sorted end
]);
} }
); );

8
nixosConfigurations/epimetheus/default.nix Normal file
View file

@ -0,0 +1,8 @@
{ self, ... }:
{
imports = [ self.nixosModules.pxvirt-guest ];
config = {
};
}

4
nixosConfigurations/forgejo-runner-1/default.nix
View file

@ -1,9 +1,9 @@
{ my-nixos-modules, ... }: { self, ... }:
{ {
imports = [ imports = [
./hardware.nix ./hardware.nix
./forgejo-runner.nix ./forgejo-runner.nix
my-nixos-modules.podman self.nixosModules.podman
]; ];
config = { config = {

12
nixosConfigurations/ronja-pc/default.nix
View file

@ -1,17 +1,17 @@
{ {
config, config,
pkgs, pkgs,
my-nixos-modules, self,
... ...
}: }:
{ {
imports = [ imports = [
./hardware.nix ./hardware.nix
my-nixos-modules.user-ronja self.nixosModules.user-ronja
my-nixos-modules.gnome self.nixosModules.gnome
my-nixos-modules.steam self.nixosModules.steam
my-nixos-modules.wine-gaming self.nixosModules.wine-gaming
my-nixos-modules.vinzenz-desktop-settings self.nixosModules.vinzenz-desktop-settings
]; ];
config = { config = {

18
nixosConfigurations/vinzenz-lpt2/default.nix
View file

@ -1,15 +1,15 @@
{ my-nixos-modules, ... }: { self, ... }:
{ {
imports = [ imports = [
./hardware.nix ./hardware.nix
my-nixos-modules.user-vinzenz self.nixosModules.user-vinzenz
my-nixos-modules.gnome self.nixosModules.gnome
my-nixos-modules.wine-gaming self.nixosModules.wine-gaming
my-nixos-modules.steam self.nixosModules.steam
my-nixos-modules.podman self.nixosModules.podman
my-nixos-modules.vinzenz-desktop-settings self.nixosModules.vinzenz-desktop-settings
my-nixos-modules.intel-graphics self.nixosModules.intel-graphics
my-nixos-modules.secure-boot self.nixosModules.secure-boot
]; ];
config = { config = {

18
nixosConfigurations/vinzenz-pc2/default.nix
View file

@ -1,18 +1,18 @@
{ pkgs, my-nixos-modules, ... }: { pkgs, self, ... }:
{ {
imports = [ imports = [
./hardware.nix ./hardware.nix
./vscode-server.nix ./vscode-server.nix
./hass.nix ./hass.nix
my-nixos-modules.user-vinzenz self.nixosModules.user-vinzenz
my-nixos-modules.gnome self.nixosModules.gnome
my-nixos-modules.wine-gaming self.nixosModules.wine-gaming
my-nixos-modules.steam self.nixosModules.steam
my-nixos-modules.podman self.nixosModules.podman
my-nixos-modules.vinzenz-desktop-settings self.nixosModules.vinzenz-desktop-settings
my-nixos-modules.amd-graphics self.nixosModules.amd-graphics
my-nixos-modules.secure-boot self.nixosModules.secure-boot
]; ];
config = { config = {

57
nixosModules/global-settings-desktop.nix Normal file
View file

@ -0,0 +1,57 @@
{
home-manager-users,
self,
home-manager,
servicepoint-cli,
servicepoint-simulator,
servicepoint-tanks,
stylix,
specialArgs,
...
}:
{
imports = [
{
home-manager = {
extraSpecialArgs = specialArgs;
useGlobalPkgs = true;
useUserPackages = true;
};
time.timeZone = "Europe/Berlin";
home-manager.sharedModules = [
{ home.stateVersion = "22.11"; }
# keep-sorted start
self.homeModules.git
self.homeModules.gnome-extensions
self.homeModules.nano
self.homeModules.templates
self.homeModules.zsh-basics
self.homeModules.zsh-powerlevel10k
# keep-sorted end
];
home-manager.users = home-manager-users;
}
# keep-sorted start
home-manager.nixosModules.home-manager
self.nixosModules.en-de
self.nixosModules.firmware-updates
self.nixosModules.gnome
self.nixosModules.kdeconnect
self.nixosModules.modern-desktop
self.nixosModules.niri
self.nixosModules.nix-ld
self.nixosModules.pkgs-unstable
self.nixosModules.pkgs-vscode-extensions
self.nixosModules.quiet-boot
self.nixosModules.stylix
servicepoint-cli.nixosModules.default
servicepoint-simulator.nixosModules.default
servicepoint-tanks.nixosModules.default
stylix.nixosModules.stylix
# keep-sorted end
];
}

47
nixosModules/global-settings.nix Normal file
View file

@ -0,0 +1,47 @@
{
device,
self,
lanzaboote,
zerforschen-plus,
...
}:
{
imports = [
# keep-sorted start
lanzaboote.nixosModules.lanzaboote
self.nixosModules.allowed-unfree-list
self.nixosModules.autoupdate
self.nixosModules.default
self.nixosModules.extra-caches
self.nixosModules.globalinstalls
self.nixosModules.lix-is-nix
self.nixosModules.openssh
self.nixosModules.prometheus-node
self.nixosModules.systemd-boot
self.nixosModules.tailscale
zerforschen-plus.nixosModules.default
# keep-sorted end
];
config = {
networking.hostName = device;
system = {
stateVersion = "22.11";
autoUpgrade.flake = "git+https://git.berlin.ccc.de/vinzenz/nixos-configuration.git";
};
nixpkgs.overlays = [
self.overlays.unstable-packages
];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
documentation = {
info.enable = false; # info pages and the info command
doc.enable = false; # documentation distributed in packages' /share/doc
};
};
}

2
nixosModules/openssh.nix
View file

@ -3,7 +3,7 @@
enable = true; enable = true;
openFirewall = true; openFirewall = true;
settings = { settings = {
PermitRootLogin = "without-password"; PermitRootLogin = "prohibit-password";
PasswordAuthentication = false; PasswordAuthentication = false;
KbdInteractiveAuthentication = false; KbdInteractiveAuthentication = false;
}; };

26
nixosModules/pxvirt-guest.nix Normal file
View file

@ -0,0 +1,26 @@
{ modulesPath, lib, ... }:
{
imports = [ (modulesPath + "/virtualisation/proxmox-lxc.nix") ];
config = {
# TODO is this needed?
# nix.settings.sandbox = false;
proxmoxLXC = {
manageNetwork = false;
privileged = false;
};
# Let Proxmox host handle fstrim
services.fstrim.enable = false;
# TODO is this needed
# Cache DNS lookups to improve performance
services.resolved.extraConfig = ''
Cache=true
CacheFromLocalhost=true
'';
boot.loader.systemd-boot.enable = lib.mkForce false;
};
}