kylekrein/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Guix (not working)

Browse source
This commit is contained in:
Aleksandr Lebedev 2025-11-14 14:44:58 +01:00
parent d6ec2c7f4d
commit e99fb387cb
5 changed files with 119 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

47
modules/nixos/services/guix/default.nix Normal file
View file

@ -0,0 +1,47 @@
{
lib,
pkgs,
inputs,
namespace,
system,
target,
format,
virtual,
systems,
config,
...
}:
with lib;
with lib.${namespace}; let
cfg = config.${namespace}.services.guix;
impermanence = config.${namespace}.impermanence;
persist = impermanence.persistentStorage;
in {
options.${namespace}.services.guix = with types; {
enable = mkBoolOpt false "Enable guix";
};
config = mkIf cfg.enable {
services.guix = {
enable = true;
gc.enable = true;
publish = {
enable = true;
port = 17333;
extraArgs = [
"--advertise"
"--compression=zstd:6"
];
};
};
systemd.tmpfiles.rules = [
"d /var/guix 2775 root guixbuild - -"
"d /var/guix/daemon-socket 2770 root guixbuild - -"
];
environment.persistence."${persist}/guix".directories = lib.optionals impermanence.enable [
"/var/guix"
];
};
}

2
modules/nixos/users/kylekrein/default.nix
View file

@ -18,7 +18,7 @@ with lib.${namespace}; let
extraGroups = ["networkmanager" "touchscreen"];
trustedSshKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFDdxZ5OyGcfD1JwEa4RWw86HWZ2dKFR0syrRckl7EvG kylekrein@kylekrein-homepc"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILt+CDDU4gDo12IO2dc50fceIWkn26/NuTq4j25hiGre kylekrein@kylekrein-framework12"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF1HsOkUz+E0taJqwpWx/wCfHzHvhL3ia+LxdDj2Gn4T kylekrein@anaconda"
];
cfg = config.${namespace}.users.${username};

5
systems/x86_64-linux/stargate/disko.nix
View file

@ -37,6 +37,11 @@
in {
disko.devices = {
disk = {
#main.content.partitions.luks.content.content.subvolumes."/gnu" = {
# mountpoint = "/gnu";
# mountOptions = ["subvol=guix" "compress=zstd" "noatime"];
# };
hdd1 = addHdd "/dev/sda" "crypt-hdd1";
hdd2 = addHdd "/dev/sdb" "crypt-hdd2";
hdd3 = addHdd "/dev/sdc" "crypt-hdd3";

59
systems/x86_64-linux/stargate/guix-substitute.nix Normal file
View file

@ -0,0 +1,59 @@
{
pkgs,
lib,
config,
...
}:
with lib.custom; let
enable = false;
in {
custom.services.guix = {inherit enable;};
systemd.timers."guix-build" = {
inherit enable;
wantedBy = ["timers.target"];
timerConfig = {
OnBootSec = "120m";
OnUnitActiveSec = "120m";
Unit = "guix-build.service";
};
};
systemd.services."guix-build" = {
inherit enable;
script = let
gitRepo = "/root/dotfiles";
git = "${pkgs.git}/bin/git";
echo = "${pkgs.coreutils}/bin/echo";
repoUrl = "https://git.kylekrein.com/kylekrein/dotfiles.git";
guix = "${pkgs.guix}/bin/guix time-machine -C ${gitRepo}/guix-config/channels-lock.scm --";
in ''
if [ ! -d "${gitRepo}" ]; then
${echo} "dotfiles repo not found, cloning..."
${git} clone "${repoUrl}" "${gitRepo}"
else
${echo} "Updating repo..."
cd "${gitRepo}"
${git} fetch --all
${git} reset --hard origin/master
fi
cd "${gitRepo}"
${echo} "Building packages..."
${guix} build -L "${gitRepo}" ${gitRepo}/guix-config/packages/*
${echo} "Building system config..."
${guix} system build -L "${gitRepo}" ${gitRepo}/guix-config/system/anaconda.scm
${echo} "Building home config..."
${guix} home build -L "${gitRepo}" ${gitRepo}/guix-config/home/workstation.scm
${echo} "All builds complete!"
'';
serviceConfig = {
Type = "oneshot";
User = "root";
WorkingDirectory = "/root";
};
};
}

7
systems/x86_64-linux/stargate/services/nginx.nix
View file

@ -195,6 +195,13 @@ in {
proxyWebsockets = true;
};
};
"guix.kylekrein.com" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString config.services.guix.publish.port}";
};
};
"paperless.kylekrein.com" = {
enableACME = true;
forceSSL = true;