nki/nix-home
1
0
Fork 0
Code Issues Pull requests 2 Packages Projects Releases Wiki Activity

Merge everything into a single nix flake

Browse source
This commit is contained in:
Natsu Kagami 2021-10-31 15:06:44 -04:00
parent 74d81a4e63
commit b1d686f476
Signed by: nki
GPG key ID: 7306B3D3C3AD6E51
5 changed files with 120 additions and 179 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

94
flake.lock
View file

@ -21,9 +21,45 @@
"type": "github"
}
},
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": "nixpkgs",
"utils": "utils"
},
"locked": {
"lastModified": 1632822684,
"narHash": "sha256-lt7eayYmgsD5OQwpb1XYfHpxttn43bWo7G7hIJs+zJw=",
"owner": "Serokell",
"repo": "deploy-rs",
"rev": "9a02de4373e0ec272d08a417b269a28ac8b961b4",
"type": "github"
},
"original": {
"owner": "Serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1627913399,
"narHash": "sha256-hY8g6H2KFL8ownSiFeMOjwPC8P0ueXpCVEbxgda3pko=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "12c64ca55c1014cdc1b16ed5a804aa8576601ff2",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"home-manager-21_05": {
"inputs": {
"nixpkgs": "nixpkgs"
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1634544068,
@ -42,7 +78,7 @@
},
"home-manager-unstable": {
"inputs": {
"nixpkgs": "nixpkgs_2"
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1635473360,
@ -60,7 +96,7 @@
},
"naersk": {
"inputs": {
"nixpkgs": "nixpkgs_3"
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1635444951,
@ -78,16 +114,18 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1635471979,
"narHash": "sha256-qlpiKdJ5gF7hU1TuNoz4xTsroUSrdErwovu3rD5cy2c=",
"lastModified": 1632086102,
"narHash": "sha256-wVTcf0UclFS+zHtfPToB13jIO7n0U9N50MuRbPjQViE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3f33a306a55bd7ecedf586a627063a211ffdc6f0",
"rev": "e0ce3c683ae677cf5aab597d645520cddd13392b",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
@ -121,6 +159,20 @@
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1635471979,
"narHash": "sha256-qlpiKdJ5gF7hU1TuNoz4xTsroUSrdErwovu3rD5cy2c=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3f33a306a55bd7ecedf586a627063a211ffdc6f0",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1635527206,
"narHash": "sha256-vuktnugcLNX5HFpj8nVSKgojRDYQlxtKtcYWtOveegE=",
@ -134,7 +186,7 @@
"type": "indirect"
}
},
"nixpkgs_4": {
"nixpkgs_5": {
"locked": {
"lastModified": 1622516815,
"narHash": "sha256-ZjBd81a6J3TwtlBr3rHsZspYUwT9OdhDk+a/SgSEf7I=",
@ -150,7 +202,7 @@
"type": "github"
}
},
"nixpkgs_5": {
"nixpkgs_6": {
"locked": {
"lastModified": 1625223284,
"narHash": "sha256-jjLcDSU1rRiJb+n3uez23XAa7kbnPcGZTa6jIKh1GMQ=",
@ -189,7 +241,7 @@
"nixpkgs": [
"nixpkgs-unstable"
],
"utils": "utils"
"utils": "utils_2"
},
"locked": {
"lastModified": 1634449716,
@ -208,10 +260,11 @@
"root": {
"inputs": {
"darwin": "darwin",
"deploy-rs": "deploy-rs",
"home-manager-21_05": "home-manager-21_05",
"home-manager-unstable": "home-manager-unstable",
"naersk": "naersk",
"nixpkgs": "nixpkgs_4",
"nixpkgs": "nixpkgs_5",
"nixpkgs-unstable": "nixpkgs-unstable",
"nur": "nur",
"rnix-lsp": "rnix-lsp",
@ -220,7 +273,7 @@
},
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs_5"
"nixpkgs": "nixpkgs_6"
},
"locked": {
"lastModified": 1633273832,
@ -237,6 +290,21 @@
}
},
"utils": {
"locked": {
"lastModified": 1631561581,
"narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"utils_2": {
"locked": {
"lastModified": 1629481132,
"narHash": "sha256-JHgasjPR0/J1J3DRm4KxM4zTyAj4IOJY8vIl75v/kPI=",

25
flake.nix
View file

@ -9,6 +9,7 @@
home-manager-unstable.url = "github:nix-community/home-manager";
home-manager-21_05.url = "github:nix-community/home-manager/release-21.05";
sops-nix.url = "github:Mic92/sops-nix";
deploy-rs.url = "github:Serokell/deploy-rs";
nur.url = "github:nix-community/NUR";
# ---
@ -19,7 +20,7 @@
rnix-lsp.inputs.nixpkgs.follows = "nixpkgs-unstable";
};
outputs = { self, darwin, nixpkgs, nixpkgs-unstable, home-manager-unstable, home-manager-21_05, sops-nix, nur, ... }@inputs:
outputs = { self, darwin, nixpkgs, nixpkgs-unstable, home-manager-unstable, home-manager-21_05, deploy-rs, sops-nix, nur, ... }@inputs:
let
overlayForSystem = import ./overlay.nix inputs;
in
@ -55,5 +56,27 @@
(overlayForSystem "x86_64-linux")
];
};
# DigitalOcean node
nixosConfigurations."nki-personal-do" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
./modules/my-tinc
sops-nix.nixosModules.sops
./nki-personal-do/configuration.nix
];
};
deploy.nodes."nki-personal-do" = {
hostname = "nki-personal-do";
sshUser = "root";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations."nki-personal-do";
};
};
# This is highly advised, and will prevent many possible mistakes
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
};
}

20
nki-personal-do/configuration.nix
View file

@ -2,7 +2,7 @@
imports = [
./hardware-configuration.nix
./networking.nix # generated at runtime by nixos-infect
];
boot.cleanTmpDir = true;
@ -10,7 +10,7 @@
networking.firewall.allowPing = true;
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDLr1Q+PJuDYJtBAVMSU0U2kZi4V0Z7dE+dpRxa4aEDupSlcPCwSEtcpNME1up7z0yxjcIHHkBYq0RobIaLqwEmntnZzz37jg/iiHwyZsN93jZljId1X0uykcMem4ljiqgmRg3Fs8RKj2+N1ovpIZVDOWINLJJDVJntNvwW/anSCtx27FATVdroHoiyXCwVknG6p3bHU5Nd3idRMn45kZ7Qf1J50XUhtu3ehIWI2/5nYIbi8WDnzY5vcRZEHROyTk2pv/m9rRkCTaGnUdZsv3wfxeeT3223k0mUfRfCsiPtNDGwXn66HcG2cmhrBIeDoZQe4XNkzspaaJ2+SGQfO8Zf natsukagami@gmail.com"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDLr1Q+PJuDYJtBAVMSU0U2kZi4V0Z7dE+dpRxa4aEDupSlcPCwSEtcpNME1up7z0yxjcIHHkBYq0RobIaLqwEmntnZzz37jg/iiHwyZsN93jZljId1X0uykcMem4ljiqgmRg3Fs8RKj2+N1ovpIZVDOWINLJJDVJntNvwW/anSCtx27FATVdroHoiyXCwVknG6p3bHU5Nd3idRMn45kZ7Qf1J50XUhtu3ehIWI2/5nYIbi8WDnzY5vcRZEHROyTk2pv/m9rRkCTaGnUdZsv3wfxeeT3223k0mUfRfCsiPtNDGwXn66HcG2cmhrBIeDoZQe4XNkzspaaJ2+SGQfO8Zf natsukagami@gmail.com"
];
environment.systemPackages = with pkgs; [
@ -18,8 +18,18 @@
services.do-agent.enable = true;
system.autoUpgrade.enable = true;
system.autoUpgrade.allowReboot = true;
system.autoUpgrade = {
enable = true;
allowReboot = true;
flake = "github:natsukagami/nix-home#nki-personal-do";
};
nix = {
package = pkgs.nixUnstable;
extraOptions = ''
experimental-features = nix-command flakes
'';
};
# Secret management
sops.defaultSopsFile = ./secrets/secrets.yaml;
@ -28,6 +38,6 @@
# tinc
services.my-tinc.enable = true;
services.my-tinc.hostName = "cloud";
sops.secrets.tinc-private-key = {};
sops.secrets.tinc-private-key = { };
services.my-tinc.rsaPrivateKey = config.sops.secrets.tinc-private-key.path;
}

130
nki-personal-do/flake.lock
View file

@ -1,130 +0,0 @@
{
"nodes": {
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": "nixpkgs",
"utils": "utils"
},
"locked": {
"lastModified": 1632822684,
"narHash": "sha256-lt7eayYmgsD5OQwpb1XYfHpxttn43bWo7G7hIJs+zJw=",
"owner": "Serokell",
"repo": "deploy-rs",
"rev": "9a02de4373e0ec272d08a417b269a28ac8b961b4",
"type": "github"
},
"original": {
"owner": "Serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1627913399,
"narHash": "sha256-hY8g6H2KFL8ownSiFeMOjwPC8P0ueXpCVEbxgda3pko=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "12c64ca55c1014cdc1b16ed5a804aa8576601ff2",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1632086102,
"narHash": "sha256-wVTcf0UclFS+zHtfPToB13jIO7n0U9N50MuRbPjQViE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e0ce3c683ae677cf5aab597d645520cddd13392b",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1622516815,
"narHash": "sha256-ZjBd81a6J3TwtlBr3rHsZspYUwT9OdhDk+a/SgSEf7I=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "7e9b0dff974c89e070da1ad85713ff3c20b0ca97",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "21.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1625223284,
"narHash": "sha256-jjLcDSU1rRiJb+n3uez23XAa7kbnPcGZTa6jIKh1GMQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "357d2c8f6087685fe35cb1889a005a4dd4cce7b8",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"deploy-rs": "deploy-rs",
"nixpkgs": "nixpkgs_2",
"sops-nix": "sops-nix"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1633273832,
"narHash": "sha256-oOjpMVYpkIUpiML61PeqTk+sg4juRvF7P6jroI/YvTw=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "2e86e1698d53e5bd71d9de5f8b7e8f2f5458633c",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"type": "github"
}
},
"utils": {
"locked": {
"lastModified": 1631561581,
"narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

30
nki-personal-do/flake.nix
View file

@ -1,30 +0,0 @@
{
description = "My DigitalOcean nodes flake";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/21.05";
deploy-rs.url = "github:Serokell/deploy-rs";
sops-nix.url = "github:Mic92/sops-nix";
};
outputs = { self, nixpkgs, deploy-rs, sops-nix } : {
# DigitalOcean node
nixosConfigurations."nki-personal" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
../modules/my-tinc
sops-nix.nixosModules.sops
./configuration.nix
];
};
deploy.nodes."nki-personal" = {
hostname = "nki-personal";
sshUser = "root";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations."nki-personal";
};
};
# This is highly advised, and will prevent many possible mistakes
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
};
}