Jafner/Jafner.net
1
0
Fork 0
Code Issues 16 Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Jafner.net/dotfiles/flake.nix
Joey Hafner 1dc87e868f
Fix: IDEK
2025-02-06 01:38:06 -08:00

299 lines
9.5 KiB
Nix
Raw Blame History

{
description = "Joey's Flake";
inputs = {
# Package repositories:
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
home-manager = {
url = "github:nix-community/home-manager/release-24.11";
inputs.nixpkgs.follows = "nixpkgs";
};
# Applications:
hyprland = {
url = "github:hyprwm/Hyprland";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
nixgl.url = "github:nix-community/nixGL";
nix-flatpak.url = "github:gmodena/nix-flatpak";
stylix = {
url = "github:danth/stylix/release-24.11";
inputs.nixpkgs.follows = "nixpkgs";
};
zen-browser.url = "github:0xc000022070/zen-browser-flake";
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
deploy-rs.url = "github:serokell/deploy-rs";
ghostty.url = "github:ghostty-org/ghostty";
};
outputs = inputs@{
nixpkgs,
nixpkgs-unstable,
home-manager,
nixgl,
ghostty,
deploy-rs,
self,
...
}:
let
flake = {
gitServer.http = "https://gitea.jafner.tools";
gitServer.ssh = "ssh://git@gitea.jafner.tools:2225";
owner = "Jafner";
repoName = "Jafner.net";
branch = "main";
repoPath = "Git/Jafner.net";
path = "dotfiles/flake.nix";
};
usr.joey = {
realname = "Joey Hafner";
email = "joey@jafner.net";
encryptKey = "$HOME/.keys/joey@jafner.net.encrypt.gpg";
ageKey = "$HOME/.keys/joey.author.key";
};
usr.admin = {
realname = "admin";
email = "noreply@jafner.net";
};
jafnerKeys = let file = (import inputs.nixpkgs { system = "x86_64-linux"; }).fetchurl {
url = "https://github.com/Jafner.keys";
sha256 = "1i3Vs6mPPl965g3sRmbXGzx6zQBs5geBCgNx2zfpjF4=";
}; in inputs.nixpkgs.lib.splitString "\n" (builtins.readFile file);
in {
nixosConfigurations = {
desktop = let
sys = {
username = "joey";
hostname = "desktop";
sshKey = "/home/joey/.ssh/joey.desktop@jafner.net";
signingKey = "B0BBF464024BCEAE";
shellPackage = "zsh";
kernelPackage = "linux_zen"; # Read more: https://nixos.wiki/wiki/Linux_kernel; Other options: https://mynixos.com/nixpkgs/packages/linuxKernel.packages;
wallpaper = ./assets/romb-3840x2160.png;
arch = "x86_64-linux";
flakeDir = "Git/Jafner.net/dotfiles";
authorizedKeys = jafnerKeys;
dockerData = "/home/joey/docker/data";
ssh = {
path = "/home/joey/.ssh";
privateKey = "joey.desktop@jafner.net";
publicKey = "joey.desktop@jafner.net.pub";
};
};
system = "x86_64-linux";
pkgs = import inputs.nixpkgs {
inherit system;
overlays = [ nixgl.overlay ];
config = { allowUnfreePredicate = (_: true); };
};
pkgs-unstable = import nixpkgs-unstable {
inherit system;
overlays = [ nixgl.overlay ];
config = { allowUnfreePredicate = (_: true); };
};
in nixpkgs.lib.nixosSystem {
modules = [
./systems/desktop/configuration.nix
inputs.nix-flatpak.nixosModules.nix-flatpak
inputs.home-manager.nixosModules.home-manager
inputs.sops-nix.nixosModules.sops
{
home-manager.sharedModules = [
inputs.nix-flatpak.homeManagerModules.nix-flatpak
inputs.stylix.homeManagerModules.stylix
];
home-manager.extraSpecialArgs = { inherit pkgs pkgs-unstable inputs; inherit sys usr flake; };
}
];
inherit system;
specialArgs = { inherit pkgs pkgs-unstable inputs sys usr flake; };
};
# build with:
# nix build .#nixosConfigurations.iso.config.system.build.isoImage
iso = let
sys = {
username = "admin";
authorizedKeys = jafnerKeys;
};
system = "x86_64-linux";
pkgs = import inputs.nixpkgs {
inherit system;
config = { allowUnfreePredicate = (_: true); };
};
in nixpkgs.lib.nixosSystem {
modules = [
#"${nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-graphical-calamares-plasma6.nix"
"${nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix"
"${nixpkgs}/nixos/modules/installer/cd-dvd/channel.nix"
{
system.stateVersion = "24.11";
environment.systemPackages = with pkgs; [
git
];
users.users."${sys.username}" = {
isNormalUser = true;
extraGroups = [ "networkmanager" "wheel" ];
description = "${sys.username}";
openssh.authorizedKeys.keys = sys.authorizedKeys;
};
services.openssh = {
enable = true;
settings.PasswordAuthentication = false;
settings.KbdInteractiveAuthentication = false;
};
security.sudo = {
enable = true;
extraRules = [{
commands = [
{
command = "ALL";
options = [ "NOPASSWD" ];
}
];
groups = [ "wheel" ];
}];
};
nix.settings.experimental-features = [ "nix-command" "flakes" ];
}
];
inherit system pkgs;
specialArgs = { inherit sys; };
};
# build with:
# nix build .#nixosConfigurations.cloudimage.config.system.build.digitalOceanImage
cloudimage = let
sys = {
username = "admin";
authorizedKeys = jafnerKeys;
};
system = "x86_64-linux";
pkgs = import inputs.nixpkgs {
inherit system;
config = { allowUnfreePredicate = (_: true); };
};
in nixpkgs.lib.nixosSystem {
modules = [
"${nixpkgs}/nixos/modules/virtualisation/digital-ocean-image.nix"
{
system.stateVersion = "24.11";
environment.systemPackages = with pkgs; [
git
];
users.users."${sys.username}" = {
isNormalUser = true;
extraGroups = [ "networkmanager" "wheel" ];
description = "${sys.username}";
openssh.authorizedKeys.keys = sys.authorizedKeys;
};
services.openssh = {
enable = true;
settings.PasswordAuthentication = false;
settings.KbdInteractiveAuthentication = false;
};
security.sudo = {
enable = true;
extraRules = [{
commands = [
{
command = "ALL";
options = [ "NOPASSWD" ];
}
];
groups = [ "wheel" ];
}];
};
nix.settings.experimental-features = [ "nix-command" "flakes" ];
}
];
inherit system pkgs;
specialArgs = { inherit sys; };
};
artificer = let
sys = {
username = "admin";
authorizedKeys = jafnerKeys;
};
system = "x86_64-linux";
pkgs = import inputs.nixpkgs {
inherit system;
config = { allowUnfreePredicate = (_: true); };
};
in nixpkgs.lib.nixosSystem {
modules = [
./systems/artificer/configuration.nix
"${nixpkgs}/nixos/modules/virtualisation/digital-ocean-image.nix"
];
inherit system pkgs;
specialArgs = { inherit sys; };
};
fighter = let
sys = {
username = "admin";
hostname = "fighter";
authorizedKeys = jafnerKeys;
shellPackage = "bash";
networking = {
ifname = "enp3s0";
mac = "00:02:C9:56:BF:9A";
ip = "192.168.1.23";
};
ssh = {
privateKey = ".ssh/admin@fighter";
};
dataDirs = {
appdata = "/appdata";
library = {
digitalModels = "/mnt/3DPrinting";
av = "/mnt/av";
books = "/mnt/books";
movies = "/mnt/movies";
music = "/mnt/music";
shows = "/mnt/shows";
torrenting = "/mnt/torrenting";
};
};
};
system = "x86_64-linux";
pkgs = import inputs.nixpkgs {
inherit system;
config = { allowUnfreePredicate = (_: true); };
};
in nixpkgs.lib.nixosSystem {
modules = [
./systems/fighter/configuration.nix
inputs.home-manager.nixosModules.home-manager
inputs.sops-nix.nixosModules.sops
];
inherit system pkgs;
specialArgs = { inherit sys flake; };
};
};
deploy = {
nodes = {
artificer = {
hostname = "143.198.68.202";
profilesOrder = [ "system" ];
profiles.system = {
user = "root";
sshUser = "admin";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.artificer;
};
};
};
fastConnection = true;
interactiveSudo = false;
autoRollback = true;
magicRollback = true;
remoteBuild = true;
confirmTimeout = 60;
};
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
};
}
Reference in New Issue View Git Blame Copy Permalink