LF2/Alisa
6
0
Fork 0
Code Issues 10 Pull requests Projects 1 Releases Packages Wiki Activity Actions

nix: basic system config

Browse source
This commit is contained in:
Johannes Jöns 2024-07-09 10:43:13 +02:00
parent 44e61805b0
commit e457c48757
4 changed files with 218 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

81
flake.lock
View file

@ -1,5 +1,61 @@
{
"nodes": {
"disko": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1720402389,
"narHash": "sha256-zJv6euDOrJWMHBhxfp/ay+Dvjwpe8YtMuEI5b09bxmo=",
"owner": "nix-community",
"repo": "disko",
"rev": "f1a00e7f55dc266ef286cc6fc8458fa2b5ca2414",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"nixlib": {
"locked": {
"lastModified": 1719708727,
"narHash": "sha256-XFNKtyirrGNdehpg7lMNm1skEcBApjqGhaHc/OI95HY=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "1bba8a624b3b9d4f68db94fb63aaeb46039ce9e6",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixos-generators": {
"inputs": {
"nixlib": "nixlib",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1720055043,
"narHash": "sha256-SKizewU4UeYrkZWPUjur8EoxscGoNb0pGcrNL4YzAIg=",
"owner": "nix-community",
"repo": "nixos-generators",
"rev": "168b220231a70e47cc1f0919048fa5914415fb18",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixos-generators",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1720031269,
@ -18,7 +74,30 @@
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs"
"disko": "disko",
"nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs",
"srvos": "srvos"
}
},
"srvos": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1720400448,
"narHash": "sha256-v7JVJ8H1PyH7/8EU72mz7wzxJ1OLE/h3NCqQyZ6ONjs=",
"owner": "nix-community",
"repo": "srvos",
"rev": "21a3259985e3cddc455f64ad66d4a825b39934ad",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "srvos",
"type": "github"
}
}
},

23
flake.nix
View file

@ -3,9 +3,32 @@
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixos-generators = {
url = "github:nix-community/nixos-generators";
inputs.nixpkgs.follows = "nixpkgs";
};
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
srvos = {
url = "github:nix-community/srvos";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = inputs@{ self, nixpkgs, ... }: {
nixosConfigurations = {
main = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
specialArgs = inputs;
modules = [
./nix/infra.nix
#inputs.srvos.nixosModules.server
inputs.nixos-generators.nixosModules.all-formats
];
};
};
legacyPackages = nixpkgs.lib.attrsets.genAttrs nixpkgs.lib.systems.flakeExposed (system: import ./nix {
inherit system inputs;
pkgs = nixpkgs.legacyPackages.${system};

1
nix/default.nix
View file

@ -4,4 +4,5 @@
native = pkgs.callPackage ./native.nix {};
backend = pkgs.callPackage ./backend.nix {};
web = pkgs.callPackage ./web.nix {};
docker = inputs.self.nixosConfigurations.main.config.formats.docker;
}

114
nix/infra.nix Normal file
View file

@ -0,0 +1,114 @@
{
config,
lib,
pkgs,
self,
...
}:
{
system.stateVersion = "24.11";
nixpkgs.hostPlatform = {
system = "x86_64-linux";
config = "x86_64-unknown-linux-gnu";
};
networking.hostName = "Main";
time.timeZone = "Europe/Berlin";
xdg = {
mime.enable = true;
autostart.enable = true;
};
i18n = {
defaultLocale = "en_NZ.UTF-8";
extraLocaleSettings = {
LC_ADDRESS = "de_DE.UTF-8";
LC_IDENTIFICATION = "de_DE.UTF-8";
LC_MEASUREMENT = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
LC_NAME = "de_DE.UTF-8";
LC_NUMERIC = "de_DE.UTF-8";
LC_PAPER = "de_DE.UTF-8";
LC_TELEPHONE = "de_DE.UTF-8";
LC_TIME = "de_DE.UTF-8";
LC_CTYPE = "de_DE.UTF-8";
LC_COLLATE = "de_DE.UTF-8";
LC_MESSAGES = "en_NZ.UTF-8";
};
};
environment.variables = {
LOG_ICONS = "true";
};
services.openssh = {
enable = true;
banner = "Hackers are in Your System!!!\n";
settings = {
PasswordAuthentication = false;
PermitRootLogin = "prohibit-password";
};
};
fonts.fontDir.enable = true;
networking.firewall.enable = lib.mkForce false;
nix = {
settings = {
substituters = lib.mkForce [
"https://cache.nixos.org"
"https://nix-community.cachix.org"
];
trusted-public-keys = lib.mkForce [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
trusted-users = [ "root" ];
sandbox = true;
require-sigs = true;
max-jobs = "auto";
auto-optimise-store = true;
allowed-users = [ "*" ];
experimental-features = [
"nix-command"
"flakes"
];
warn-dirty = true;
use-xdg-base-directories = true;
keep-going = true;
builders-use-substitutes = true;
};
distributedBuilds = true;
package = pkgs.lix;
registry = lib.mkForce ((lib.mapAttrs (_: flake: { inherit flake; })) ((lib.filterAttrs (_: lib.isType "flake")) self.inputs) // {
self.flake = self;
});
nixPath = lib.mkForce [ "/etc/nix/path" ];
};
nixpkgs = {
config ={
allowUnfree = true;
};
};
environment.etc = lib.mapAttrs' (name: value: { name = "nix/path/${name}"; value.source = value.flake; }) config.nix.registry;
services.postgresql.enable = true;
users.users.master = {
isNormalUser = true;
shell = pkgs.nushell;
hashedPassword = "$2b$05$q5oW9Q25AjVAic1KY1xrIOZ6cyuleRxbsuMlW998lzOk6Us8Rplnq";
extraGroups = [ "wheel" ];
uid = 1000;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB8oyMpS2hK3gQXyHIIVS6oilgMpemLmfhKKJ6RBMwUh johannes@joens.email"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP3pKtvhOOjG1pGJq7cVHS5uWy5IP8y1Ra/ENpmJcqOe root@zap"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFEcNAVRN66mfKmaCpxs++0094Eh4mqXkUwDPZPkIIBB johannes@joens.email"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFZDUoC+1lNR2JTY1Q+vhXpuLmKMdVl2OMFLVbQ3cGkw jopejoe1@kuraokami"
];
};
}