Daholli/nixos-config
1
0
Fork 0
Code Issues 3 Pull requests 1 Releases Packages Activity Actions

Compare commits

base: Daholli:02b0930313cc23dce4c403132a9948a8e508dad6
Branches Tags
Daholli:main
Daholli:rewrite
Daholli:main-merge
...
compare: Daholli:592faafe86ae4c780f4c3f1cef9ec5a858aa9bc0
Branches Tags
Daholli:main
Daholli:rewrite
Daholli:main-merge

3 commits
02b0930313 ... 592faafe86

Author SHA1 Message Date
Christoph Hollizeck
592faafe86
loptland: babysteps 2025-10-28 11:26:01 +01:00
Christoph Hollizeck
ef703ecbcf
yggdrasil: move out hardware config 2025-10-28 11:02:15 +01:00
Christoph Hollizeck
551c5e01d1
hydra: add hydrajobs to flake-parts 2025-10-28 10:39:44 +01:00
12 changed files with 335 additions and 95 deletions
Download patch file Download diff file Expand all files Collapse all files

42
flake.lock generated
View file

@ -110,11 +110,11 @@
"nixpkgs": "nixpkgs_2" "nixpkgs": "nixpkgs_2"
}, },
"locked": { "locked": {
"lastModified": 1761583935, "lastModified": 1761596764,
"narHash": "sha256-vJ0ylFdPPESUCBYZvEtVmVemSp4G0WH8CbVIkboHIJs=", "narHash": "sha256-KTL+8Fw1qAbqubZSHRMjO4HkILJWVdWTylqHXQ4VTBE=",
"owner": "cachix", "owner": "cachix",
"repo": "devenv", "repo": "devenv",
"rev": "b7e3b2aeb90ce37517fb8da09ceff8ab587a9fcf", "rev": "17560d064ba5e4fc946c0ea0ee7b31ec291e706f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -131,11 +131,11 @@
"rust-analyzer-src": "rust-analyzer-src" "rust-analyzer-src": "rust-analyzer-src"
}, },
"locked": { "locked": {
"lastModified": 1761547629, "lastModified": 1761633962,
"narHash": "sha256-4OH1CVm2PdjKRqEJ3RLfkQMDSBdn7VId6iyYCwKOK+U=", "narHash": "sha256-QTA706q3zDi9yN7bwsOnj2cQj8FVi9x147A/2lR495U=",
"owner": "nix-community", "owner": "nix-community",
"repo": "fenix", "repo": "fenix",
"rev": "d82a7c64ea441e397914577c9a18f2867e5b364b", "rev": "abecdc70faee6ef5abf8b250795042a0cbe7070f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -683,11 +683,11 @@
"xdph": "xdph" "xdph": "xdph"
}, },
"locked": { "locked": {
"lastModified": 1761572054, "lastModified": 1761601789,
"narHash": "sha256-NuDXgcyWa9EfQZXs+7mXKTimzlxEdLV0kJR6gGcFU/8=", "narHash": "sha256-F8HDu+xAZ2GhYRZPTMbFgXfA6VI7pN95juP3/llCKx8=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "Hyprland", "repo": "Hyprland",
"rev": "560c53d87dedf7df8185eb370cfbf3575826e85c", "rev": "309c3c78485781a28ad9f5bef48b09ecb3b81473",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1072,11 +1072,11 @@
"xwayland-satellite-unstable": "xwayland-satellite-unstable" "xwayland-satellite-unstable": "xwayland-satellite-unstable"
}, },
"locked": { "locked": {
"lastModified": 1761542689, "lastModified": 1761623016,
"narHash": "sha256-l4TQRcQyp6hoUVQL/R4UBHvYX9whHTntaz5NxHi0PH4=", "narHash": "sha256-C2+TErNmeHMCtodwVrMeA/uJg1GRdQbOntRI7DFullA=",
"owner": "sodiboo", "owner": "sodiboo",
"repo": "niri-flake", "repo": "niri-flake",
"rev": "75768e54ca2591bb0be17fa310992628e5efce2d", "rev": "f0bfe0aaaa51378ace7492850290f8d2db6cc7f3",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1447,11 +1447,11 @@
"rust-analyzer-src": { "rust-analyzer-src": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1761500479, "lastModified": 1761606039,
"narHash": "sha256-syeBTCCU96qPJHcVpwHeCwmPCiLTDHHgYQYhpZ0iwLo=", "narHash": "sha256-rNsxpCKWzVNJ5FR71mpZFSEPxuvZfAQzcVpgfwgajQU=",
"owner": "rust-lang", "owner": "rust-lang",
"repo": "rust-analyzer", "repo": "rust-analyzer",
"rev": "049767e6faa84b2d1a951d8f227e6ebd99d728a2", "rev": "7c810e9994eff5b2b7a78ab0a656948c1e8dbf18",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1661,11 +1661,11 @@
"xwayland-satellite-unstable": { "xwayland-satellite-unstable": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1761422250, "lastModified": 1761622056,
"narHash": "sha256-+pN8VAh8OVUSj8zPoI8QfC93JMIKPaAOABrbeeiO/Hk=", "narHash": "sha256-fBrUszJXmB4MY+wf3QsCnqWHcz7u7fLq0QMAWCltIQg=",
"owner": "Supreeeme", "owner": "Supreeeme",
"repo": "xwayland-satellite", "repo": "xwayland-satellite",
"rev": "2dd40ecfe882c1659e0e46c761974702c7ab5fde", "rev": "0728d59ff6463a502e001fb090f6eb92dbc04756",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -1726,11 +1726,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1761562676, "lastModified": 1761592723,
"narHash": "sha256-yREsDfqZ7JIC2hxQm94DQfNCyhm/KPdxWd3IVJ6zJ2s=", "narHash": "sha256-7MMLpYL/EF3wqHIt7Fl3uQJZH1Vvtvgnd24WFpnBzdQ=",
"owner": "zigtools", "owner": "zigtools",
"repo": "zls", "repo": "zls",
"rev": "67177e3d64b8ab0f358303ee6ed4bac4654e2fdb", "rev": "8b2754ad49006e70cdbd29c1d57ffb0a2889b836",
"type": "github" "type": "github"
}, },
"original": { "original": {

3
modules/desktop/niri.nix
View file

@ -28,7 +28,8 @@
... ...
}: }:
{ {
config = lib.mkIf osConfig.programs.niri.enable {
config = lib.mkIf (osConfig.networking.hostName == "yggdrasil") {
programs.niri.settings = { programs.niri.settings = {
input = { input = {
keyboard = { keyboard = {

10
modules/flake-parts/host-machines.nix
View file

@ -34,4 +34,14 @@ in
} }
)) ))
]; ];
flake.hydraJobs =
let
self = inputs.self;
in
{
# hosts = lib.mapAttrs (_: cfg: cfg.config.system.build.toplevel) self.outputs.nixosConfigurations;
packages = self.packages;
shells = lib.filterAttrs (name: shell: name == "x86_64-linux") self.devShells;
};
} }

73
modules/hosts/loptland/default.nix Normal file
View file

@ -0,0 +1,73 @@
{
config,
...
}:
let
in
{
flake.modules.nixos."hosts/loptland" =
{
inputs,
lib,
pkgs,
modulesPath,
...
}:
let
sopsFile = ../../../secrets/secrets-loptland.yaml;
in
{
nixpkgs.config.allowUnfree = true;
services.qemuGuest.enable = true;
imports =
with config.flake.modules.nixos;
[
(modulesPath + "/profiles/qemu-guest.nix")
inputs.catppuccin.nixosModules.catppuccin
# System modules
base
server
dev
# apps
# Users
cholli
]
++ [
{
home-manager.users.cholli = {
imports = with config.flake.modules.homeManager; [
inputs.catppuccin.homeModules.catppuccin
# components
base
dev
# Activate all user based config
cholli
];
};
}
];
sops = {
secrets = {
"forgejo/db/password" = {
inherit sopsFile;
};
"forgejo/mail/password" = {
inherit sopsFile;
};
"forgejo/mail/passwordHash" = {
inherit sopsFile;
};
};
};
};
}

55
modules/hosts/loptland/hardware.nix Normal file
View file

@ -0,0 +1,55 @@
{
config,
...
}:
let
in
{
flake.modules.nixos."hosts/loptland" =
{
inputs,
lib,
pkgs,
...
}:
{
boot = {
kernelPackages = pkgs.linuxPackages_latest;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
boot.initrd.availableKernelModules = [
"ata_piix"
"uhci_hcd"
"virtio_pci"
"sr_mod"
"virtio_blk"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/26b098dd-0a15-49c5-9998-75f43d17eb26";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/30AB-7309";
fsType = "vfat";
options = [
"fmask=0077"
"dmask=0077"
];
};
swapDevices = [ { device = "/dev/disk/by-uuid/b9bcb425-cb1c-40a1-89bb-d7fe6b421834"; } ];
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
};
}

76
modules/hosts/loptland/nginx.nix Normal file
View file

@ -0,0 +1,76 @@
{
flake.modules.nixos."hosts/loptland" =
{
config,
lib,
pkgs,
...
}:
let
domainName = "christophhollizeck.dev";
forgejoPort = 3000;
hydraPort = 2000;
in
{
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
"git.${domainName}" = {
forceSSL = true;
useACMEHost = domainName;
locations."/" = {
extraConfig = ''
client_max_body_size 200M;
'';
proxyPass = "http://localhost:${toString forgejoPort}/";
};
};
"hydra.${domainName}" = lib.mkIf config.services.hydra.enable {
forceSSL = true;
useACMEHost = domainName;
locations."/" = {
proxyPass = "http://localhost:${toString hydraPort}/";
};
};
"ha.${domainName}" = {
forceSSL = true;
useACMEHost = domainName;
locations."/" = {
# tailscale ip
extraConfig = ''
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
'';
proxyPass = "http://100.86.23.74:8123";
};
};
"nixcache.${domainName}" = lib.mkIf config.services.nix-serve.enable {
forceSSL = true;
useACMEHost = domainName;
locations."/" = {
proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}";
};
};
"_" = {
forceSSL = true;
useACMEHost = domainName;
locations."/" = {
proxyPass = "https://${domainName}";
};
};
};
};
};
}

11
modules/hosts/nixberry/default.nix Normal file
View file

@ -0,0 +1,11 @@
{
config,
...
}:
let
in
{
flake.modules.nixos."hosts/nixberry" = {
};
}

11
modules/hosts/wsl/default.nix Normal file
View file

@ -0,0 +1,11 @@
{
config,
...
}:
let
in
{
flake.modules.nixos."hosts/wsl" = {
};
}

69
modules/hosts/yggdrasil/default.nix
View file

@ -24,18 +24,7 @@ in
diebahn diebahn
path-of-building path-of-building
bottles
# to be removed
kdePackages.bluez-qt
zed-editor
seahorse
font-manager
vesktop
rofi-unwrapped
]; ];
# to be removed
virtualisation.waydroid.enable = true;
services.teamviewer.enable = true; services.teamviewer.enable = true;
environment.pathsToLink = [ "/libexec" ]; environment.pathsToLink = [ "/libexec" ];
@ -111,63 +100,5 @@ in
]; ];
}; };
boot = {
kernelPackages = pkgs.linuxPackages_latest;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
initrd.availableKernelModules = [
"nvme"
"ahci"
"xhci_pci"
"usbhid"
"usb_storage"
"sd_mod"
];
kernelModules = [ "kvm-amd" ];
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/b1a956f4-91d5-456e-a92b-be505bb719bd";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/B4D4-8BA0";
fsType = "vfat";
options = [
"fmask=0077"
"dmask=0077"
];
};
"/storage" = {
device = "/dev/disk/by-uuid/c3c1dec1-7716-4c37-a3f2-bb60f9af84fd";
fsType = "ext4";
};
"/var/lib/bluetooth" = {
device = "/persist/var/lib/bluetooth";
options = [
"bind"
"noauto"
"x-systemd.automount"
];
noCheck = true;
};
};
swapDevices = [
{ device = "/dev/disk/by-uuid/4bec00ec-e9eb-4034-836a-ecf15e0bb40e"; }
];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.enableRedistributableFirmware = true;
hardware.cpu.amd.updateMicrocode = true;
}; };
} }

71
modules/hosts/yggdrasil/hardware.nix Normal file
View file

@ -0,0 +1,71 @@
{
config,
...
}:
let
in
{
flake.modules.nixos."hosts/yggdrasil" =
{ lib, pkgs, ... }:
{
boot = {
kernelPackages = pkgs.linuxPackages_latest;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
initrd.availableKernelModules = [
"nvme"
"ahci"
"xhci_pci"
"usbhid"
"usb_storage"
"sd_mod"
];
kernelModules = [ "kvm-amd" ];
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/b1a956f4-91d5-456e-a92b-be505bb719bd";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/B4D4-8BA0";
fsType = "vfat";
options = [
"fmask=0077"
"dmask=0077"
];
};
"/storage" = {
device = "/dev/disk/by-uuid/c3c1dec1-7716-4c37-a3f2-bb60f9af84fd";
fsType = "ext4";
};
"/var/lib/bluetooth" = {
device = "/persist/var/lib/bluetooth";
options = [
"bind"
"noauto"
"x-systemd.automount"
];
noCheck = true;
};
};
swapDevices = [
{ device = "/dev/disk/by-uuid/4bec00ec-e9eb-4034-836a-ecf15e0bb40e"; }
];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.enableRedistributableFirmware = true;
hardware.cpu.amd.updateMicrocode = true;
};
}

8
modules/server/acme.nix
View file

@ -1,4 +1,4 @@
{ topLevel: {
flake.modules.nixos.server = flake.modules.nixos.server =
{ {
config, config,
@ -41,10 +41,10 @@
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;
defaults = { defaults = {
inherit (config.flake.meta.users.cholli) email; inherit (topLevel.config.flake.meta.users.cholli) email;
group = lib.optional config.services.nginx.enable "nginx"; group = lib.mkIf config.services.nginx.enable "nginx";
reloadServices = lib.optional config.services.nginx.enable "nginx.service"; reloadServices = lib.mkIf config.services.nginx.enable "nginx.service";
dnsProvider = "netcup"; dnsProvider = "netcup";
environmentFile = config.sops.templates."netcup.env".path; environmentFile = config.sops.templates."netcup.env".path;

1
modules/users/cholli/default.nix
View file

@ -14,6 +14,7 @@
authorizedKeys = [ authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHFrDiO5+vMfD5MimkzN32iw3MnSMLZ0mHvOrHVVmLD0" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHFrDiO5+vMfD5MimkzN32iw3MnSMLZ0mHvOrHVVmLD0"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII4Pr7p0jizrvIl0UhcvrmL5SHRQQQWIcHLAnRFyUZS6"
]; ];
}; };