From 06c1be9e09eb4bb0a95e102d9ce81947bdbdf483 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kier=C3=A1n=20Meinhardt?= Date: Wed, 29 Dec 2021 10:24:47 +0100 Subject: [PATCH] wip: flakes --- configs/cloud.nix | 8 -- configs/default.nix | 14 +- configs/distrobump.nix | 10 -- configs/engiadina.nix | 30 ----- configs/hledger.nix | 2 +- configs/networkmanager.nix | 2 +- configs/power-action.nix | 2 - configs/retiolum.nix | 2 +- configs/traadfri.nix | 2 +- configs/wallpaper.nix | 2 - deploy.nix | 88 +++++-------- flake.lock | 150 ++++++++++++++++++++++ flake.nix | 79 ++++++++++++ modules/dropbox.nix | 29 ----- overlays/overlays.nix | 6 - packages/scripts/default.nix | 2 +- packages/scripts/pls.nix | 4 +- systems/kabsa/configuration.nix | 6 +- systems/kabsa/hardware-configuration.nix | 4 +- systems/manakish/configuration.nix | 4 - systems/zaatar/configuration.nix | 32 ++--- systems/zaatar/hardware-configuration.nix | 4 +- 22 files changed, 290 insertions(+), 192 deletions(-) delete mode 100644 configs/distrobump.nix delete mode 100644 configs/engiadina.nix create mode 100644 flake.lock create mode 100644 flake.nix delete mode 100644 modules/dropbox.nix delete mode 100644 overlays/overlays.nix diff --git a/configs/cloud.nix b/configs/cloud.nix index e7b958a..12f134c 100644 --- a/configs/cloud.nix +++ b/configs/cloud.nix @@ -1,12 +1,4 @@ { config, lib, pkgs, ... }: { - imports = [ - - ]; - - niveum = { - dropbox.enable = false; - }; - system.activationScripts.home-symlinks = '' ln -sfn ${config.users.users.me.home}/cloud/syncthing/common/mahlzeit ${config.users.users.me.home}/mahlzeit ln -sfn ${config.users.users.me.home}/cloud/Seafile/Wiki ${config.users.users.me.home}/notes diff --git a/configs/default.nix b/configs/default.nix index c9da785..96ede6e 100644 --- a/configs/default.nix +++ b/configs/default.nix @@ -1,18 +1,16 @@ -{ pkgs, lib, config, options, ... }: +{ inputs, pkgs, lib, config, options, ... }: let inherit (lib.strings) makeBinPath; inherit (import ) localAddresses kieran; in { imports = [ - - + ../modules/system-dependent.nix { boot.supportedFilesystems = [ "ntfs" ]; } { nix.nixPath = [ "/var/src" - "nixpkgs-overlays=${toString ../overlays}" ]; } { @@ -20,18 +18,14 @@ in { config = { allowUnfree = true; packageOverrides = pkgs: { - writeDashBin = pkgs.writers.writeDashBin; - writeDash = pkgs.writers.writeDash; gfs-fonts = pkgs.callPackage {}; iolanguage = pkgs.callPackage { }; ix = pkgs.callPackage { }; }; }; overlays = [ - (import ) - (import ) (self: super: { - scripts = import { pkgs = super; lib = super.lib; }; + scripts = import { pkgs = super; inherit lib; }; }) ]; }; @@ -203,13 +197,11 @@ in { ./ccc.nix # ./kleiter.nix ./khal.nix - ./engiadina.nix ./chromium.nix ./cloud.nix ./copyq.nix ./compton.nix ./direnv.nix - ./distrobump.nix ./docker.nix ./dunst.nix ./flix.nix diff --git a/configs/distrobump.nix b/configs/distrobump.nix deleted file mode 100644 index 2cab5de..0000000 --- a/configs/distrobump.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ lib, config, pkgs, ... }: { - imports = [ - (import { - inherit lib config; - pkgs = pkgs // { writeDash = pkgs.writers.writeDash; }; - }) - ]; - - makefu.distrobump.enable = false; -} diff --git a/configs/engiadina.nix b/configs/engiadina.nix deleted file mode 100644 index 793d50b..0000000 --- a/configs/engiadina.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ config, pkgs, ... }: -let - inherit (import ) tmpfilesConfig; - cdnRoot = "/var/lib/engiadina"; -in -{ - imports = [ ]; - - krebs.permown.${cdnRoot} = { - owner = config.users.users.me.name; - group = "users"; - umask = "0002"; - }; - - services.nginx = { - enable = true; - virtualHosts.default = { - root = cdnRoot; - listen = [{ - addr = "0.0.0.0"; - port = 3333; - }]; - }; - }; - - environment.shellAliases = { - engiadina-watch = "${pkgs.findutils}/bin/find extra-src src | ${pkgs.entr}/bin/entr -s 'build-component && ${pkgs.rsync}/bin/rsync -avu dist/*.js ${cdnRoot}/'"; - engiadina-edit = "$EDITOR ${cdnRoot}/index.html"; - }; -} diff --git a/configs/hledger.nix b/configs/hledger.nix index cebce5f..78b5409 100644 --- a/configs/hledger.nix +++ b/configs/hledger.nix @@ -1,5 +1,5 @@ { config, pkgs, ... }: { - imports = [ ]; + imports = [ ../modules/hledger.nix ]; niveum.hledger = { enable = true; diff --git a/configs/networkmanager.nix b/configs/networkmanager.nix index 0145096..868dd92 100644 --- a/configs/networkmanager.nix +++ b/configs/networkmanager.nix @@ -39,7 +39,7 @@ let }; in { - imports = [ ]; + imports = [ ../modules/networkmanager-declarative.nix ]; networking.networkmanager = { enable = true; diff --git a/configs/power-action.nix b/configs/power-action.nix index f03bfaa..8c740f8 100644 --- a/configs/power-action.nix +++ b/configs/power-action.nix @@ -3,8 +3,6 @@ let suspend = pkgs.writers.writeDash "suspend" "${pkgs.systemd}/bin/systemctl suspend"; in { - imports = [ ]; - krebs.power-action = { enable = true; plans.suspend = { diff --git a/configs/retiolum.nix b/configs/retiolum.nix index 9f3f5b2..bccc062 100644 --- a/configs/retiolum.nix +++ b/configs/retiolum.nix @@ -1,6 +1,6 @@ { config, pkgs, ... }: { imports = [ - + ../modules/retiolum.nix ]; networking.hosts = { "42:0:ca48:f98f:63d7:31ce:922b:245d" = [ "go" ]; }; diff --git a/configs/traadfri.nix b/configs/traadfri.nix index e531896..622b0df 100644 --- a/configs/traadfri.nix +++ b/configs/traadfri.nix @@ -4,7 +4,7 @@ let living-room-id = 131090; in { - imports = [ ]; + imports = [ ../modules/traadfri.nix ]; environment.systemPackages = [ (pkgs.writers.writeDashBin "traadfri-party" '' diff --git a/configs/wallpaper.nix b/configs/wallpaper.nix index 47d2678..3ebf509 100644 --- a/configs/wallpaper.nix +++ b/configs/wallpaper.nix @@ -1,7 +1,5 @@ { pkgs, lib, ... }: { - imports = [ ]; - krebs.fetchWallpaper = { enable = true; url = "http://prism.r/realwallpaper-krebs-stars-berlin.png"; diff --git a/deploy.nix b/deploy.nix index e4dcbab..275a0ac 100644 --- a/deploy.nix +++ b/deploy.nix @@ -1,68 +1,38 @@ let inherit (import ./lib/default.nix) sshPort; - gitFromJson = path: - let object = importJson path; - in { - inherit (object) url; - ref = object.rev; - }; - krops = builtins.fetchGit (gitFromJson .versions/krops.json); + krops = builtins.fetchGit { url = "https://cgit.krebsco.de/krops/"; }; lib = import "${krops}/lib"; pkgs = import "${krops}/pkgs" { }; - importJson = (import { }).lib.importJSON; - regularSystem = { path, name, address }: { - source = lib.evalSource [{ - niveum.file = toString ./.; - system.file = toString path; - nixos-config.symlink = "system/configuration.nix"; + source = name: lib.evalSource [{ + niveum.file = toString ./.; + system-secrets.pass = { + dir = toString ~/.password-store; + name = "systems/${name}"; + }; + secrets.pass = { + dir = toString ~/.password-store; + name = "shared"; + }; + }]; - nixpkgs.git = gitFromJson .versions/nixpkgs.json // { shallow = true; }; - nixpkgs-unstable.git = gitFromJson .versions/nixpkgs-unstable.json // { shallow = true; }; - home-manager.git = gitFromJson .versions/home-manager.json; - stockholm.git = gitFromJson .versions/stockholm.json; - nix-writers.git = gitFromJson .versions/nix-writers.json; - retiolum.git = gitFromJson .versions/retiolum.json; - nixpkgs-mozilla.git = gitFromJson .versions/nixpkgs-mozilla.json; - system-secrets.pass = { - dir = toString ~/.password-store; - name = "systems/${name}"; - }; - secrets.pass = { - dir = toString ~/.password-store; - name = "shared"; - }; - }]; - target = "root@${address}:${toString sshPort}"; + command = targetPath: '' + nix-shell -p git --run ' + nixos-rebuild switch -v --show-trace --flake ${targetPath}/niveum || \ + nixos-rebuild switch -v --flake ${targetPath}/niveum + ' + ''; + + createHost = name: target: pkgs.krops.writeCommand "deploy-${name}" { + source = source name; + inherit command target; }; - inherit (pkgs.krops) writeDeploy; -in { - zaatar = writeDeploy "deploy-zaatar" (regularSystem { - path = systems/zaatar; - name = "zaatar"; - address = "zaatar.r"; - }); - kabsa = writeDeploy "deploy-kabsa" (regularSystem { - path = systems/kabsa; - name = "kabsa"; - address = "kabsa.r"; - }); - toum = writeDeploy "deploy-toum" (regularSystem { - path = systems/toum; - name = "toum"; - address = "toum.r"; - }) // { - buildTarget = "${builtins.getEnv "USER"}@localhost/${builtins.getEnv "HOME"}/.cache/krops"; - }; - makanek = writeDeploy "deploy-makanek" (regularSystem { - path = systems/makanek; - name = "makanek"; - address = "makanek.r"; - }); - manakish = writeDeploy "deploy-manakish" (regularSystem { - path = systems/manakish; - name = "manakish"; - address = "manakish.r"; - }); +in rec { + zaatar = createHost "zaatar" "root@zaatar.r:${toString sshPort}"; + kabsa = createHost "kabsa" "root@kabsa.r:${toString sshPort}"; + makanek = createHost "kabsa" "root@makanek.r:${toString sshPort}"; + manakish = createHost "kabsa" "root@manakish.r:${toString sshPort}"; + all = pkgs.writeScript "deploy-all" + (lib.concatStringsSep "\n" [ zaatar kabsa makanek manakish ]); } diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..8794c8a --- /dev/null +++ b/flake.lock @@ -0,0 +1,150 @@ +{ + "nodes": { + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1639871969, + "narHash": "sha256-6feWUnMygRzA9tzkrfAzpA5/NBYg75bkFxnqb1DtD7E=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "697cc8c68ed6a606296efbbe9614c32537078756", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-21.11", + "repo": "home-manager", + "type": "github" + } + }, + "krops": { + "flake": false, + "locked": { + "lastModified": 1637419569, + "narHash": "sha256-0hxKZQIoByRDoPsfQq5qzFJioyWRX/fbpvMO2EYQ9lc=", + "ref": "master", + "rev": "13ae434b140035e7e2664bd5a8ef4c475413b2e0", + "revCount": 115, + "type": "git", + "url": "https://cgit.krebsco.de/krops" + }, + "original": { + "type": "git", + "url": "https://cgit.krebsco.de/krops" + } + }, + "nix-writers": { + "flake": false, + "locked": { + "lastModified": 1554228333, + "narHash": "sha256-hG/PlcCvCQhNcU55NpHfATkyH9k6cZmO7uvBoJjasXU=", + "ref": "master", + "rev": "c528cf970e292790b414b4c1c8c8e9d7e73b2a71", + "revCount": 32, + "type": "git", + "url": "https://cgit.krebsco.de/nix-writers" + }, + "original": { + "type": "git", + "url": "https://cgit.krebsco.de/nix-writers" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1640759603, + "narHash": "sha256-k4d7oC6GvDV1OKxG325JUDpKtZcDUPEiddnJMOQQ/x8=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "e101dc111ac1e5a21efca7822417acc1cb92013a", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "release-21.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-mozilla": { + "flake": false, + "locked": { + "lastModified": 1638887313, + "narHash": "sha256-FMYV6rVtvSIfthgC1sK1xugh3y7muoQcvduMdriz4ag=", + "owner": "mozilla", + "repo": "nixpkgs-mozilla", + "rev": "7c1e8b1dd6ed0043fb4ee0b12b815256b0b9de6f", + "type": "github" + }, + "original": { + "owner": "mozilla", + "repo": "nixpkgs-mozilla", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1640725200, + "narHash": "sha256-yR8clhRTt1OBFojyBaNnNgD+om51nhuJ1OLqWqdY2Ow=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "eaeea6e9337b93d2acb7c2aa27e3f4617408375a", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixpkgs", + "type": "github" + } + }, + "retiolum": { + "flake": false, + "locked": { + "lastModified": 1640724425, + "narHash": "sha256-eGzvF96ZnrKqvQ7wnpa9OYsfBxUMV0Jdh3QGdZhbSek=", + "owner": "krebs", + "repo": "retiolum", + "rev": "5a32ea07d6ca5668ea06f14dffe94fb46d42c674", + "type": "github" + }, + "original": { + "owner": "krebs", + "repo": "retiolum", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "krops": "krops", + "nix-writers": "nix-writers", + "nixpkgs": "nixpkgs", + "nixpkgs-mozilla": "nixpkgs-mozilla", + "nixpkgs-unstable": "nixpkgs-unstable", + "retiolum": "retiolum", + "stockholm": "stockholm" + } + }, + "stockholm": { + "flake": false, + "locked": { + "lastModified": 1640726454, + "narHash": "sha256-twePnoB0NRhSM4zJOrUI/Zxzwx/u52ey6zA4YYGEvOc=", + "ref": "master", + "rev": "2a47990f16935d909930c9dd1ed6f8f2982df638", + "revCount": 10218, + "type": "git", + "url": "https://cgit.lassul.us/stockholm" + }, + "original": { + "type": "git", + "url": "https://cgit.lassul.us/stockholm" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..22557bd --- /dev/null +++ b/flake.nix @@ -0,0 +1,79 @@ +# imported from https://github.com/pinpox/nixos/blob/bdc0d47111d57cd19512c83538a01f9f9a3fc847/flake.nix +# ref https://www.youtube.com/watch?v=mJbQ--iBc1U +{ + description = "niveum systems"; + + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/release-21.11"; + nixpkgs-unstable.url = "github:nixos/nixpkgs"; + home-manager = { + url = "github:nix-community/home-manager/release-21.11"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + # flake-utils.url = "github:numtide/flake-utils"; + # flake-compat = { + # url = "github:edolstra/flake-compat"; + # flake = false; + # }; + stockholm = { + url = "git+https://cgit.lassul.us/stockholm"; + flake = false; + }; + nix-writers = { + url = "git+https://cgit.krebsco.de/nix-writers"; + flake = false; + }; + krops = { + url = "git+https://cgit.krebsco.de/krops"; + flake = false; + }; + retiolum = { + url = "github:krebs/retiolum"; + flake = false; + }; + nixpkgs-mozilla = { + url = "github:mozilla/nixpkgs-mozilla"; + flake = false; + }; + }; + + outputs = { self, nixpkgs, nix-writers, home-manager, stockholm, ... }@inputs: + let + nixosSystem = nixpkgs.lib.makeOverridable nixpkgs.lib.nixosSystem; + + defaultModules = [ + { _module.args.inputs = inputs; } + { + imports = [ + home-manager.nixosModules.home-manager + "${stockholm}/krebs/3modules/power-action.nix" + "${stockholm}/krebs/3modules/fetchWallpaper.nix" + ({ pkgs, ... }: { + nix.nixPath = [ "nixpkgs=${pkgs.path}" ]; + nixpkgs.overlays = [ + (import "${nix-writers}/pkgs") + (import "${stockholm}/krebs/5pkgs") + ]; + }) + ({ pkgs, ... }: { # https://github.com/Mic92/dotfiles/blob/50826e8f247909557975f4f193ecbb4162b07310/nixos/modules/upgrade-diff.nix + system.activationScripts.diff = '' + ${pkgs.nix}/bin/nix store diff-closures /run/current-system "$systemConfig" + ''; + }) + ]; + + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + } + ]; + in { + nixosConfigurations = { + kabsa = nixosSystem { + system = "x86_64-linux"; + modules = defaultModules ++ [ + systems/kabsa/configuration.nix + ]; + }; + }; + }; +} diff --git a/modules/dropbox.nix b/modules/dropbox.nix deleted file mode 100644 index 7f7bf4f..0000000 --- a/modules/dropbox.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ pkgs, lib, config, ... }: -with lib; -let cfg = config.niveum.dropbox; -in { - options.niveum.dropbox = { enable = mkEnableOption "Dropbox"; }; - - config = mkIf cfg.enable { - environment.systemPackages = [ pkgs.dropbox-cli ]; - - networking.firewall = { - allowedTCPPorts = [ 17500 ]; - allowedUDPPorts = [ 17500 ]; - }; - - systemd.user.services.dropbox = { - description = "Dropbox synchronisation service"; - wantedBy = [ "graphical-session.target" ]; - serviceConfig = { - ExecStart = "${pkgs.dropbox.out}/bin/dropbox"; - ExecReload = "${pkgs.coreutils.out}/bin/kill -HUP $MAINPID"; - KillMode = "control-group"; # upstream recommends process - Restart = "on-failure"; - PrivateTmp = true; - ProtectSystem = "full"; - Nice = 10; - }; - }; - }; -} diff --git a/overlays/overlays.nix b/overlays/overlays.nix deleted file mode 100644 index ac6acf2..0000000 --- a/overlays/overlays.nix +++ /dev/null @@ -1,6 +0,0 @@ -self: super: -with super.lib; -let - eval = import ; - paths = (eval {modules = [(import )];}).config.nixpkgs.overlays; -in foldl' (flip extends) (_: super) paths self diff --git a/packages/scripts/default.nix b/packages/scripts/default.nix index 79ce3d6..a23d586 100644 --- a/packages/scripts/default.nix +++ b/packages/scripts/default.nix @@ -168,7 +168,7 @@ in rec { | ${pkgs.man}/bin/man --local-file --pager="${pkgs.bat}/bin/bat -p" - ''; - playlist = import ./pls.nix { inherit pkgs; }; + playlist = import ./pls.nix { inherit pkgs lib; }; mpv-tv = import ./mpv-tv.nix { inherit pkgs lib; }; diff --git a/packages/scripts/pls.nix b/packages/scripts/pls.nix index 32b4c13..d84022c 100755 --- a/packages/scripts/pls.nix +++ b/packages/scripts/pls.nix @@ -1,7 +1,5 @@ -{ pkgs }: +{ lib, pkgs }: let - inherit (pkgs) lib; - playlistAPI = "https://radio.lassul.us"; sendIRC = pkgs.writers.writeDash "send-irc" '' diff --git a/systems/kabsa/configuration.nix b/systems/kabsa/configuration.nix index 42dc0cf..d3e8977 100644 --- a/systems/kabsa/configuration.nix +++ b/systems/kabsa/configuration.nix @@ -5,9 +5,9 @@ let in { imports = [ - - - + ../../configs/default.nix + ../../configs/battery.nix + ../../configs/networkmanager.nix ./hardware-configuration.nix # ]; diff --git a/systems/kabsa/hardware-configuration.nix b/systems/kabsa/hardware-configuration.nix index 81b9f36..520e60d 100644 --- a/systems/kabsa/hardware-configuration.nix +++ b/systems/kabsa/hardware-configuration.nix @@ -1,5 +1,5 @@ -{ config, lib, pkgs, ... }: { - imports = [ ]; +{ config, lib, pkgs, modulesPath, ... }: { + imports = [ "${modulesPath}/installer/scan/not-detected.nix" ]; boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "xhci_pci" "usb_storage" "sd_mod" "sdhci_pci" ]; boot.initrd.kernelModules = [ ]; diff --git a/systems/manakish/configuration.nix b/systems/manakish/configuration.nix index a519e91..ce2e62a 100644 --- a/systems/manakish/configuration.nix +++ b/systems/manakish/configuration.nix @@ -1,7 +1,3 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - { config, pkgs, ... }: let inherit (import ) retiolumAddresses; diff --git a/systems/zaatar/configuration.nix b/systems/zaatar/configuration.nix index 35dcb65..f5fc374 100644 --- a/systems/zaatar/configuration.nix +++ b/systems/zaatar/configuration.nix @@ -5,21 +5,21 @@ in { imports = [ ./hardware-configuration.nix - - - - - - - - - - - - - - - + "${self.inputs.home-manager}/nixos" + ../configs/wpa_supplicant.nix + ../configs/keyboard.nix + ../modules/retiolum.nix + ../configs/spacetime.nix + ../configs/nix.nix + ../configs/tuna.nix + ../configs/sshd.nix + ../configs/version.nix + ../configs/gaslight.nix + ../configs/printing.nix + ../configs/traadfri.nix + ../configs/bvg.nix + ../configs/moodle-dl/meinhark.nix + ../configs/monitoring/push.nix { nixpkgs.config.allowUnfree = true; } @@ -40,7 +40,7 @@ in { environment.systemPackages = let - worldradio = pkgs.callPackage {}; + worldradio = pkgs.callPackage ../packages/worldradio.nix {}; in [ (pkgs.writers.writeDashBin "mpv" '' ${pkgs.mpv}/bin/mpv --no-video "$@" diff --git a/systems/zaatar/hardware-configuration.nix b/systems/zaatar/hardware-configuration.nix index c4dda88..88cfe84 100644 --- a/systems/zaatar/hardware-configuration.nix +++ b/systems/zaatar/hardware-configuration.nix @@ -1,5 +1,5 @@ -{ config, lib, pkgs, ... }: { - imports = [ ]; +{ modulesPath, config, lib, pkgs, ... }: { + imports = [ "${modulesPath}/installer/scan/not-detected.nix" ]; boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "usb_storage" "sd_mod" "sdhci_acpi" "rtsx_usb_sdmmc" ];