Guix (not working)
This commit is contained in:
parent
d6ec2c7f4d
commit
e99fb387cb
5 changed files with 119 additions and 1 deletions
47
modules/nixos/services/guix/default.nix
Normal file
47
modules/nixos/services/guix/default.nix
Normal file
|
|
@ -0,0 +1,47 @@
|
||||||
|
{
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
namespace,
|
||||||
|
system,
|
||||||
|
target,
|
||||||
|
format,
|
||||||
|
virtual,
|
||||||
|
systems,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
with lib;
|
||||||
|
with lib.${namespace}; let
|
||||||
|
cfg = config.${namespace}.services.guix;
|
||||||
|
impermanence = config.${namespace}.impermanence;
|
||||||
|
persist = impermanence.persistentStorage;
|
||||||
|
in {
|
||||||
|
options.${namespace}.services.guix = with types; {
|
||||||
|
enable = mkBoolOpt false "Enable guix";
|
||||||
|
};
|
||||||
|
|
||||||
|
config = mkIf cfg.enable {
|
||||||
|
services.guix = {
|
||||||
|
enable = true;
|
||||||
|
gc.enable = true;
|
||||||
|
publish = {
|
||||||
|
enable = true;
|
||||||
|
port = 17333;
|
||||||
|
extraArgs = [
|
||||||
|
"--advertise"
|
||||||
|
"--compression=zstd:6"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.tmpfiles.rules = [
|
||||||
|
"d /var/guix 2775 root guixbuild - -"
|
||||||
|
"d /var/guix/daemon-socket 2770 root guixbuild - -"
|
||||||
|
];
|
||||||
|
|
||||||
|
environment.persistence."${persist}/guix".directories = lib.optionals impermanence.enable [
|
||||||
|
"/var/guix"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
@ -18,7 +18,7 @@ with lib.${namespace}; let
|
||||||
extraGroups = ["networkmanager" "touchscreen"];
|
extraGroups = ["networkmanager" "touchscreen"];
|
||||||
trustedSshKeys = [
|
trustedSshKeys = [
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFDdxZ5OyGcfD1JwEa4RWw86HWZ2dKFR0syrRckl7EvG kylekrein@kylekrein-homepc"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFDdxZ5OyGcfD1JwEa4RWw86HWZ2dKFR0syrRckl7EvG kylekrein@kylekrein-homepc"
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILt+CDDU4gDo12IO2dc50fceIWkn26/NuTq4j25hiGre kylekrein@kylekrein-framework12"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF1HsOkUz+E0taJqwpWx/wCfHzHvhL3ia+LxdDj2Gn4T kylekrein@anaconda"
|
||||||
];
|
];
|
||||||
|
|
||||||
cfg = config.${namespace}.users.${username};
|
cfg = config.${namespace}.users.${username};
|
||||||
|
|
|
||||||
|
|
@ -37,6 +37,11 @@
|
||||||
in {
|
in {
|
||||||
disko.devices = {
|
disko.devices = {
|
||||||
disk = {
|
disk = {
|
||||||
|
#main.content.partitions.luks.content.content.subvolumes."/gnu" = {
|
||||||
|
# mountpoint = "/gnu";
|
||||||
|
# mountOptions = ["subvol=guix" "compress=zstd" "noatime"];
|
||||||
|
# };
|
||||||
|
|
||||||
hdd1 = addHdd "/dev/sda" "crypt-hdd1";
|
hdd1 = addHdd "/dev/sda" "crypt-hdd1";
|
||||||
hdd2 = addHdd "/dev/sdb" "crypt-hdd2";
|
hdd2 = addHdd "/dev/sdb" "crypt-hdd2";
|
||||||
hdd3 = addHdd "/dev/sdc" "crypt-hdd3";
|
hdd3 = addHdd "/dev/sdc" "crypt-hdd3";
|
||||||
|
|
|
||||||
59
systems/x86_64-linux/stargate/guix-substitute.nix
Normal file
59
systems/x86_64-linux/stargate/guix-substitute.nix
Normal file
|
|
@ -0,0 +1,59 @@
|
||||||
|
{
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
with lib.custom; let
|
||||||
|
enable = false;
|
||||||
|
in {
|
||||||
|
custom.services.guix = {inherit enable;};
|
||||||
|
systemd.timers."guix-build" = {
|
||||||
|
inherit enable;
|
||||||
|
wantedBy = ["timers.target"];
|
||||||
|
timerConfig = {
|
||||||
|
OnBootSec = "120m";
|
||||||
|
OnUnitActiveSec = "120m";
|
||||||
|
Unit = "guix-build.service";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services."guix-build" = {
|
||||||
|
inherit enable;
|
||||||
|
script = let
|
||||||
|
gitRepo = "/root/dotfiles";
|
||||||
|
git = "${pkgs.git}/bin/git";
|
||||||
|
echo = "${pkgs.coreutils}/bin/echo";
|
||||||
|
repoUrl = "https://git.kylekrein.com/kylekrein/dotfiles.git";
|
||||||
|
guix = "${pkgs.guix}/bin/guix time-machine -C ${gitRepo}/guix-config/channels-lock.scm --";
|
||||||
|
in ''
|
||||||
|
if [ ! -d "${gitRepo}" ]; then
|
||||||
|
${echo} "dotfiles repo not found, cloning..."
|
||||||
|
${git} clone "${repoUrl}" "${gitRepo}"
|
||||||
|
else
|
||||||
|
${echo} "Updating repo..."
|
||||||
|
cd "${gitRepo}"
|
||||||
|
${git} fetch --all
|
||||||
|
${git} reset --hard origin/master
|
||||||
|
fi
|
||||||
|
|
||||||
|
cd "${gitRepo}"
|
||||||
|
|
||||||
|
${echo} "Building packages..."
|
||||||
|
${guix} build -L "${gitRepo}" ${gitRepo}/guix-config/packages/*
|
||||||
|
|
||||||
|
${echo} "Building system config..."
|
||||||
|
${guix} system build -L "${gitRepo}" ${gitRepo}/guix-config/system/anaconda.scm
|
||||||
|
|
||||||
|
${echo} "Building home config..."
|
||||||
|
${guix} home build -L "${gitRepo}" ${gitRepo}/guix-config/home/workstation.scm
|
||||||
|
|
||||||
|
${echo} "All builds complete!"
|
||||||
|
'';
|
||||||
|
serviceConfig = {
|
||||||
|
Type = "oneshot";
|
||||||
|
User = "root";
|
||||||
|
WorkingDirectory = "/root";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
@ -195,6 +195,13 @@ in {
|
||||||
proxyWebsockets = true;
|
proxyWebsockets = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
"guix.kylekrein.com" = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://localhost:${toString config.services.guix.publish.port}";
|
||||||
|
};
|
||||||
|
};
|
||||||
"paperless.kylekrein.com" = {
|
"paperless.kylekrein.com" = {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue