kylekrein/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

mkDeploy

Browse source
This commit is contained in:
Aleksandr Lebedev 2025-08-11 14:23:54 +02:00
parent a2c4f7385b
commit 764d5dd68c
9 changed files with 4996 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

36
flake.nix
View file

@ -90,8 +90,21 @@
}; };
}; };
outputs = inputs: outputs = inputs: let
inputs.snowfall-lib.mkFlake { lib = inputs.snowfall-lib.mkLib {
inherit inputs;
src = ./.;
snowfall = {
namespace = "custom";
meta = {
name = "KyleKrein's awesome Nix Flake";
title = "KyleKrein's awesome Nix Flake";
};
};
};
in
lib.mkFlake {
inherit inputs; inherit inputs;
src = ./.; src = ./.;
@ -128,13 +141,10 @@
]; ];
templates = import ./templates {}; templates = import ./templates {};
deploy = lib.mkDeploy {
deploy.nodes.server = { inherit (inputs) self;
hostname = "kylekrein.com"; overrides = {
interactiveSudo = true; kylekrein-server.hostname = "kylekrein.com";
profiles.system = {
user = "root";
path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos inputs.self.nixosConfigurations.kylekrein-server;
}; };
}; };
@ -143,13 +153,5 @@
}; };
#schemas = inputs.flake-schemas.schemas; #schemas = inputs.flake-schemas.schemas;
snowfall = {
namespace = "custom";
meta = {
name = "KyleKrein's awesome Nix Flake";
title = "KyleKrein's awesome Nix Flake";
};
};
}; };
} }

61
lib/deploy/default.nix Normal file
View file

@ -0,0 +1,61 @@
{
lib,
inputs,
}: let
inherit (inputs) deploy-rs;
in rec {
## Create deployment configuration for use with deploy-rs.
##
## ```nix
## mkDeploy {
## inherit self;
## overrides = {
## my-host.system.sudo = "doas -u";
## };
## }
## ```
##
#@ { self: Flake, overrides: Attrs ? {} } -> Attrs
mkDeploy = {
self,
overrides ? {},
}: let
hosts = self.nixosConfigurations or {};
names = builtins.attrNames hosts;
nodes =
lib.foldl (
result: name: let
host = hosts.${name};
user = host.config.user.name or null;
inherit (host.pkgs) system;
in
result
// {
${name} =
(overrides.${name} or {})
// {
hostname = overrides.${name}.hostname or "${name}";
profiles =
(overrides.${name}.profiles or {})
// {
system =
(overrides.${name}.profiles.system or {})
// {
user = "root";
path = deploy-rs.lib.${system}.activate.nixos host;
}
// lib.optionalAttrs (user != null) {
sshUser = user;
}
// lib.optionalAttrs (host.config.system.security.doas.enable or false) {
sudo = "doas -u";
};
};
};
}
) {}
names;
in {
inherit nodes;
};
}

1
lib/users/default.nix
View file

@ -34,6 +34,7 @@ with lib; rec {
sops.secrets."users/${username}" = mkIf enable { sops.secrets."users/${username}" = mkIf enable {
neededForUsers = true; neededForUsers = true;
}; };
users.users.root.openssh.authorizedKeys.keys = mkIf enable trustedSshKeys;
systemd.tmpfiles.rules = optionals (impermanence.enable) ["d ${persist}/home/${username} 0700 ${username} users -"]; # /persist/home/<user> created, owned by that user systemd.tmpfiles.rules = optionals (impermanence.enable) ["d ${persist}/home/${username} 0700 ${username} users -"]; # /persist/home/<user> created, owned by that user
nix.settings.trusted-users = optionals admin [ nix.settings.trusted-users = optionals admin [

47
modules/nixos/presets/disko/ext4/default.nix Normal file
View file

@ -0,0 +1,47 @@
{
lib,
pkgs,
inputs,
namespace,
system,
target,
format,
virtual,
systems,
config,
...
}:
with lib;
with lib.${namespace}; let
cfg = config.${namespace}.presets.disko.ext4;
in {
options.${namespace}.presets.disko.ext4 = with types; {
enable = mkBoolOpt false "Enable preset";
device = mkOpt' str "/dev/nvme0n1";
mountpoint = mkOpt' path "/";
};
config = mkIf cfg.enable {
disko.devices = {
disk = {
"${cfg.device}" = {
inherit device;
type = "disk";
content = {
type = "gpt";
partitions = {
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
inherit (cfg) mountpoint;
};
};
};
};
};
};
};
};
}

85
modules/nixos/presets/disko/ext4Swap/default.nix Normal file
View file

@ -0,0 +1,85 @@
{
lib,
pkgs,
inputs,
namespace,
system,
target,
format,
virtual,
systems,
config,
...
}:
with lib;
with lib.${namespace}; let
cfg = config.${namespace}.presets.disko.ext4Swap;
in {
options.${namespace}.presets.disko.ext4Swap = with types; {
enable = mkBoolOpt false "Enable preset";
device = mkOpt' str "/dev/nvme0n1";
swapSize = mkOpt' int 32;
mountpoint = mkOpt' path "/";
};
config = mkIf cfg.enable {
disko.devices = {
disk.${cfg.device} = {
type = "disk";
inherit device;
content = {
type = "gpt"; # Initialize the disk with a GPT partition table
partitions = {
ESP = {
# Setup the EFI System Partition
type = "EF00"; # Set the partition type
size = "1000M"; # Make the partition a gig
content = {
type = "filesystem";
format = "vfat"; # Format it as a FAT32 filesystem
mountpoint = "/boot"; # Mount it to /boot
};
};
primary = {
# Setup the LVM partition
size = "100%"; # Fill up the rest of the drive with it
content = {
type = "lvm_pv"; # pvcreate
vg = "vg1";
};
};
};
};
};
lvm_vg = {
# vgcreate
vg1 = {
# /dev/vg1
type = "lvm_vg";
lvs = {
# lvcreate
swap = {
# Logical Volume = "swap", /dev/vg1/swap
size = "${builtins.toString cfg.swapSize}G";
content = {
type = "swap";
};
};
root = {
# Logical Volume = "root", /dev/vg1/root
size = "100%FREE"; # Use the remaining space in the Volume Group
content = {
type = "filesystem";
format = "ext4";
inherit (cfg) mountpoint;
mountOptions = [
"defaults"
];
};
};
};
};
};
};
};
}

37
modules/nixos/users/andrej/default.nix Normal file
View file

@ -0,0 +1,37 @@
{
lib,
pkgs,
inputs,
namespace,
system,
target,
format,
virtual,
systems,
config,
...
}:
with lib;
with lib.${namespace}; let
username = "andrej";
admin = false;
extraGroups = ["networkmanager"];
trustedSshKeys = [];
cfg = config.${namespace}.users.${username};
in {
options.${namespace}.users.${username} = with types; {
enable = mkBoolOpt false "Enable ${username} user";
config = mkOpt types.attrs {} "Additional home manager config for ${username}";
};
config = mkUser {
inherit config;
inherit (cfg) enable;
homeConfig = cfg.config;
inherit username;
inherit admin;
inherit extraGroups;
inherit trustedSshKeys;
};
}

2
nixos/homes/kylekrein/emacs.nix
View file

@ -5,7 +5,7 @@
inputs, inputs,
... ...
}: let }: let
emacs = inputs.emacs-kylekrein.packages.${hwconfig.system}.with-lsps-native; emacs = inputs.emacs-kylekrein.packages.${hwconfig.system}.with-lsps;
in { in {
programs.emacs = { programs.emacs = {
enable = true; enable = true;

134
systems/x86_64-linux/andrej-pc/default.nix Normal file
View file

@ -0,0 +1,134 @@
{
lib,
pkgs,
inputs,
namespace,
system,
target,
format,
virtual,
systems,
config,
...
}:
with lib;
with lib.custom; {
facter.reportPath = ./facter.json;
custom = {
presets.default = enabled;
presets.wayland = enabled;
presets.gaming = enabled;
hardware = {
nvidia = enabled;
bluetooth = enabled;
printing = enabled;
};
users = {
kylekrein = {
enable = true;
};
andrej = {
enable = true;
};
};
presets.disko = {
ext4Swap = {
enable = true;
device = "/dev/sda";
swapSize = 16;
};
ext4 = {
enable = true;
device = "/dev/sdb";
mountpoint = "/run/extraDrive";
};
};
};
services.flatpak = enabled;
services.xserver = {
enable = true;
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
};
networking.firewall.allowedTCPPorts = [22 25565];
networking.firewall.allowedUDPPorts = [22 25565];
services.scx.enable = true; # by default uses scx_rustland scheduler
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_cachyos;
security.polkit.enable = true;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
};
programs.kdeconnect.enable = true;
programs.kdeconnect.package = lib.mkDefault pkgs.kdePackages.kdeconnect-kde;
programs.nh = {
enable = true;
clean.enable = true;
clean.extraArgs = "--keep-since 4d --keep 3";
flake = "/etc/nixos-config";
};
environment.systemPackages = with pkgs; [
libreoffice
fzf
killall
eza
fd
gparted
exfatprogs
lazygit
fastfetch
telegram-desktop
vlc
wl-clipboard
git
git-credential-manager
egl-wayland
btop
obs-studio
blender
vscodium-fhs
discord
solaar
element-desktop
wasistlos
prismlauncher
mcpelauncher-ui-qt
jdk
teams-for-linux
];
hardware.nvidia.open = lib.mkForce false;
#hardware.nvidia.package = lib.mkForce config.boot.kernelPackages.nvidiaPackages.latest;
systemd.network.wait-online.enable = lib.mkForce false;
services.udisks2.enable = true;
services.zerotierone = {
enable = true;
joinNetworks = [
"a09acf0233dccb4a"
"1d71939404962783"
"41d49af6c260338d"
];
};
# ======================== DO NOT CHANGE THIS ========================
system.stateVersion = "24.11";
# ======================== DO NOT CHANGE THIS ========================
}

4611
systems/x86_64-linux/andrej-pc/facter.json Executable file
View file

File diff suppressed because it is too large Load diff