daniel/dotfiles
1
0
Fork 0
Code Activity Actions

Compare commits

base: daniel:baf66055e551970cf92e1079b626dbd4cd0c6a7f
Branches Tags
daniel:master
...
compare: daniel:482524bf5b24984fcc4c57794578b2eb6e8b0dbf
Branches Tags
daniel:master

4 commits
baf66055e5 ... 482524bf5b

Author SHA1 Message Date
Daniel Kempkens
482524bf5b
Update deps
All checks were successful
Build / build-arm64-linux (push) Successful in 28m21s
Details
Build / build-amd64-linux (push) Successful in 55m3s
Details
2023-10-26 10:38:47 +02:00
Daniel Kempkens
e32a2fa43f
systems: fix remote build 2023-10-25 23:31:32 +02:00
Daniel Kempkens
7d8eaaae76
nvim: LSP hover border 2023-10-25 15:58:46 +02:00
Daniel Kempkens
65959c41b0
systems: switch to colmena for deployment 2023-10-25 15:58:11 +02:00
20 changed files with 225 additions and 303 deletions
Show stats Expand all files Collapse all files

7
.forgejo/workflows/build.yml
View file

@ -1,5 +1,4 @@
name: Build
on:
push:
branches: ['master']
@ -7,11 +6,9 @@ on:
- 'flake.lock'
- 'home/programs/nvim/plugins.nix'
- '.forgejo/workflows/build.yml'
jobs:
build-amd64-linux:
runs-on: ubuntu-latest-amd64
steps:
- uses: actions/checkout@v3
- name: Install Nix
@ -28,13 +25,10 @@ jobs:
token: ${{ secrets.ATTIC_TOKEN }}
- run: nix build '.#nixosConfigurations.tanker.pkgs.attic-server'
- run: nix build '.#nixosConfigurations.tanker.pkgs.attic-client'
- run: nix build '.#nixosConfigurations.tanker.pkgs.deploy-rs'
- run: nix build '.#nixosConfigurations.tanker.config.services.nginx.package'
- run: nix build '.#nixosConfigurations.tanker.config.home-manager.users.daniel.programs.neovim.finalPackage'
build-arm64-linux:
runs-on: ubuntu-latest-arm64
steps:
- uses: actions/checkout@v3
- name: Install Nix
@ -50,6 +44,5 @@ jobs:
cache: ${{ secrets.ATTIC_CACHE }}
token: ${{ secrets.ATTIC_TOKEN }}
- run: nix build '.#nixosConfigurations.argon.pkgs.attic-client'
- run: nix build '.#nixosConfigurations.argon.pkgs.deploy-rs'
- run: nix build '.#nixosConfigurations.argon.config.services.nginx.package'
- run: nix build '.#nixosConfigurations.argon.config.home-manager.users.daniel.programs.neovim.finalPackage'

106
flake.lock
View file

@ -37,11 +37,11 @@
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1692225040,
"narHash": "sha256-jbQNvkgWGioiC6S39dZVyn6us8p/DlEvm5hQKEYkzDU=",
"lastModified": 1698258239,
"narHash": "sha256-qnhoYYIJ0L/P7H/f56lQUEvpzNlXh4sxuHpRERV+B44=",
"owner": "zhaofengli",
"repo": "attic",
"rev": "b43d12082e34bceb26038bdad0438fd68804cfcd",
"rev": "e9918bc6be268da6fa97af6ced15193d8a0421c0",
"type": "github"
},
"original": {
@ -80,28 +80,6 @@
"type": "github"
}
},
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat_2",
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
"lastModified": 1695052866,
"narHash": "sha256-agn7F9Oww4oU6nPiw+YiYI9Xb4vOOE73w8PAoBRP4AA=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "e3f41832680801d0ee9e2ed33eb63af398b090e9",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": [
@ -109,11 +87,11 @@
]
},
"locked": {
"lastModified": 1698023869,
"narHash": "sha256-iIi9HhMFEhC0ca1GUoBPXhzFp5N4fm7QIBt21ScnX9A=",
"lastModified": 1698155728,
"narHash": "sha256-PUJ40o/0LyMEgSBEfLVyPA0K3gQnPYQDq9dW9nCOU9M=",
"owner": "nix-community",
"repo": "disko",
"rev": "a3283f0e5cba07dc1f6795a6ee71bf3a23b3fc53",
"rev": "8c5d52db5690c72406b0cb13a5ac8554a287c93a",
"type": "github"
},
"original": {
@ -139,22 +117,6 @@
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1668681692,
"narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "009399224d5e398d03b22badca40a37ac85412a1",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1673956053,
@ -282,11 +244,11 @@
]
},
"locked": {
"lastModified": 1697964592,
"narHash": "sha256-fua0LKNLkYYK2Dgdm9P+VPdqrVgDXUIx+EkQAQByhuc=",
"lastModified": 1698250431,
"narHash": "sha256-qs2gTeH4wpnWPO6Oi6sOhp2IhG0i0DzcnrJxIY3/CP8=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "219d268a69512ff520fe8da1739ac22d95d52355",
"rev": "09587fbbc6a669f7725613e044c2577dc5d43ab5",
"type": "github"
},
"original": {
@ -325,11 +287,11 @@
},
"locked": {
"dir": "contrib",
"lastModified": 1698042398,
"narHash": "sha256-y4YAeQaQKpAXzLRD4TLryW9qBgmL0YVXn9w4rWeZASk=",
"lastModified": 1698298145,
"narHash": "sha256-FM3a/jYBSNcK786g7DXnL6xmIqBqb83pz8fNZBBhEaY=",
"owner": "neovim",
"repo": "neovim",
"rev": "5e5f5174e3faa862a9bc353aa7da41487911140b",
"rev": "15983cf2c64c527fc13681925d0d00c070c30640",
"type": "github"
},
"original": {
@ -350,11 +312,11 @@
]
},
"locked": {
"lastModified": 1698047232,
"narHash": "sha256-l0gFPS83aCvr1dxGpS8sbuGeVb3mnQVr9/LRrdMIbTo=",
"lastModified": 1698309439,
"narHash": "sha256-ttiivgsdxx3cyxFoGA9stHfCXeQuO6tcSycbMzOAxy4=",
"ref": "refs/heads/master",
"rev": "779a566c0dbeaba7ffec8b76c0ac45beb01fa2d6",
"revCount": 545,
"rev": "21c504f977ace32a61b3f9d1d329577697035269",
"revCount": 549,
"type": "git",
"url": "https://git.kempkens.io/daniel/nix-overlay"
},
@ -401,11 +363,11 @@
},
"nixos-unstable": {
"locked": {
"lastModified": 1697935353,
"narHash": "sha256-dDwl5ziD24Gs0feke2seFXoQibHafb5XeNDWlUZxCbg=",
"lastModified": 1698256497,
"narHash": "sha256-NdQrWDU11jCpDxDNMwi/2QVA2t38j10seL2qAqVS/Y8=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "8dfad603247387df1df4826b8bea58efc5d012d8",
"rev": "0e18a0a0b4092f3f52bacfca3c0db8f7c66702d2",
"type": "github"
},
"original": {
@ -417,11 +379,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1697915759,
"narHash": "sha256-WyMj5jGcecD+KC8gEs+wFth1J1wjisZf8kVZH13f1Zo=",
"lastModified": 1698266953,
"narHash": "sha256-jf72t7pC8+8h8fUslUYbWTX5rKsRwOzRMX8jJsGqDXA=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "51d906d2341c9e866e48c2efcaac0f2d70bfd43e",
"rev": "75a52265bda7fd25e06e3a67dee3f0354e73243c",
"type": "github"
},
"original": {
@ -483,7 +445,7 @@
},
"pre-commit-hooks-nix": {
"inputs": {
"flake-compat": "flake-compat_3",
"flake-compat": "flake-compat_2",
"flake-utils": "flake-utils_3",
"gitignore": "gitignore",
"nixpkgs": [
@ -492,11 +454,11 @@
"nixpkgs-stable": "nixpkgs-stable_2"
},
"locked": {
"lastModified": 1697746376,
"narHash": "sha256-gu77VkgdfaHgNCVufeb6WP9oqFLjwK4jHcoPZmBVF3E=",
"lastModified": 1698227354,
"narHash": "sha256-Fi5H9jbaQLmLw9qBi/mkR33CoFjNbobo5xWdX4tKz1Q=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "8cc349bfd082da8782b989cad2158c9ad5bd70fd",
"rev": "bd38df3d508dfcdff52cd243d297f218ed2257bf",
"type": "github"
},
"original": {
@ -509,7 +471,6 @@
"inputs": {
"agenix": "agenix",
"attic": "attic",
"deploy-rs": "deploy-rs",
"disko": "disko",
"flake-parts": "flake-parts",
"flake-root": "flake-root",
@ -600,21 +561,6 @@
"repo": "treefmt-nix",
"type": "github"
}
},
"utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",

46
flake.nix
View file

@ -61,18 +61,13 @@
};
};
deploy-rs = {
url = "github:serokell/deploy-rs";
inputs.nixpkgs.follows = "nixpkgs";
};
mkalias = {
url = "github:reckenrode/mkalias";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = inputs@{ flake-parts, ... }:
outputs = inputs@{ self, flake-parts, ... }:
flake-parts.lib.mkFlake { inherit inputs; } {
flake =
let
@ -84,35 +79,35 @@
tanker = import ./system/flakes/tanker.nix {
nixpkgs = inputs.nixos-unstable;
inherit (inputs) disko deploy-rs home-manager agenix attic;
inherit (inputs) disko home-manager agenix attic;
inherit inputs;
};
mediaserver = import ./system/flakes/mediaserver.nix {
nixpkgs = inputs.nixos-unstable;
inherit (inputs) deploy-rs home-manager agenix;
inherit (inputs) home-manager agenix;
inherit inputs;
};
argon = import ./system/flakes/argon.nix {
nixpkgs = inputs.nixos-unstable;
inherit (inputs) nixos-hardware deploy-rs home-manager agenix;
inherit (inputs) nixos-hardware home-manager agenix;
inherit inputs;
};
weather-sdr = import ./system/flakes/weather-sdr.nix {
nixpkgs = inputs.nixos-unstable;
inherit (inputs) deploy-rs home-manager agenix;
inherit (inputs) home-manager agenix;
inherit inputs;
};
adsb-antenna = import ./system/flakes/adsb-antenna.nix {
nixpkgs = inputs.nixos-unstable;
inherit (inputs) nixos-hardware deploy-rs home-manager;
inherit (inputs) nixos-hardware home-manager;
inherit inputs;
};
in
@ -129,12 +124,26 @@
adsb-antenna = adsb-antenna.system;
};
deploy.nodes = {
tanker = tanker.deployment;
mediaserver = mediaserver.deployment;
argon = argon.deployment;
weather-sdr = weather-sdr.deployment;
adsb-antenna = adsb-antenna.deployment;
colmena =
let
nixosConf = self.nixosConfigurations;
in
{
meta = {
# Since I'm only deploying from Styx ...
nixpkgs = import inputs.nixpkgs {
system = "aarch64-darwin";
};
nodeNixpkgs = builtins.mapAttrs (_name: value: value.pkgs) nixosConf;
nodeSpecialArgs = builtins.mapAttrs (_name: value: value._module.specialArgs) nixosConf;
};
tanker = tanker.colmena;
mediaserver = mediaserver.colmena;
argon = argon.colmena;
weather-sdr = weather-sdr.colmena;
adsb-antenna = adsb-antenna.colmena;
};
};
@ -184,7 +193,8 @@
packages = [
inputs'.agenix.packages.agenix
inputs'.deploy-rs.packages.deploy-rs
pkgs.colmena
pkgs.nix-output-monitor
];
TREEFMT_CONFIG_FILE = config.treefmt.build.configFile;

2
home/config/nvim/nifoc/keymap.fnl
View file

@ -85,7 +85,7 @@
(keymap.set :i :<esc> "pumvisible() ? \"\\<C-y>\" : \"\\<esc>\""
{:expr true}))
(fn mod.lsp-attach [client bufnr]
(fn mod.lsp-attach [_client bufnr]
(keymap.set :n :<leader>t
#(telescope-builtin.lsp_document_symbols telescope-dropdown)
{:buffer bufnr :desc "LSP Document Symbols"})

3
home/config/nvim/nifoc/tabline.fnl
View file

@ -77,7 +77,7 @@
(if self.is_active "│ " " "))
:hl (fn [self]
(if self.is_active {:fg colors.purple :bg bg-active :bold true}
{:fg fg-inactive :bg bg-inactive :bold true}))})
{:fg fg-inactive :bg bg-inactive}))})
(set mod.os-indicator {:static {:uname (. (vim.loop.os_uname) :sysname)
:os {:Darwin "" :Linux ""}
:os-color {:Darwin colors.white
@ -99,4 +99,3 @@
2 (heirline-utils.make_tablist mod.tabpage)
3 mod.close-tabpage})
mod)

10
home/config/nvim/plugins/lsp.fnl
View file

@ -29,8 +29,12 @@
:desc "Automatic LSP setup"})
;; Servers
(vim.lsp.set_log_level :OFF)
(let [flags {:allow_incremental_sync true :debounce_text_changes 700}
default-config {: flags}
(let [handlers {:textDocument/hover (vim.lsp.with vim.lsp.handlers.hover
{:border :rounded})
:textDocument/signatureHelp (vim.lsp.with vim.lsp.handlers.signature_help
{:border :rounded})}
flags {:allow_incremental_sync true :debounce_text_changes 700}
default-config {: handlers : flags}
default-servers [:bashls
:cssls
:dockerls
@ -58,7 +62,7 @@
(if (= (vim.fn.executable :elixir-ls) 1)
(lsp.elixirls.setup (->> {:cmd [:elixir-ls]}
(vim.tbl_extend :force default-config)))
(lsp.lexical.setup {}))
(lsp.lexical.setup default-config))
(when (= (vim.fn.executable :nil) 1)
(lsp.nil_ls.setup (->> {:settings {:nil {:formatting {:command [:nixpkgs-fmt]}}}}
(vim.tbl_extend :force default-config))))

1
home/hosts/Styx.nix
View file

@ -62,7 +62,6 @@
lnav
mtr
nix-tree
nix-output-monitor
nurl
ouch
parallel

42
home/programs/nvim/plugins.nix
View file

@ -29,23 +29,23 @@ in
};
mini-nvim = buildVimPlugin {
pname = "mini.nvim";
version = "2023-10-23";
version = "2023-10-26";
src = fetchFromGitHub {
owner = "echasnovski";
repo = "mini.nvim";
rev = "66e3cdceaba8c0cd089d6f42cb95e04355718f7a";
sha256 = "0sbznyd54snvvrgcj3pls1xnjg1f0b52fxdp9hsdaxivfar3qizl";
rev = "81a5b181edc219de30e413885224225befef8aef";
sha256 = "02xaifd90piq65icjpki949r6zc3basnrarfhfcci4wc5nphxn55";
fetchSubmodules = false;
};
};
nvim-web-devicons = buildVimPlugin {
pname = "nvim-web-devicons";
version = "2023-10-21";
version = "2023-10-24";
src = fetchFromGitHub {
owner = "kyazdani42";
repo = "nvim-web-devicons";
rev = "f0267921c845c42685968401bc49aa65e18d3e09";
sha256 = "1qqcjaknnq7bm1rl73nzv9gfcfwx2jrxc8vh2l400m4hj0bgvp9k";
rev = "5de460ca7595806044eced31e3c36c159a493857";
sha256 = "1ncwiha8ldxzx1g1hfisrgsvnqv05p7c19glbjp5bwbm5ihfsv04";
fetchSubmodules = false;
};
};
@ -106,23 +106,23 @@ in
};
dracula-nvim = buildVimPlugin {
pname = "dracula.nvim";
version = "2023-07-29";
version = "2023-10-26";
src = fetchFromGitHub {
owner = "Mofiqul";
repo = "dracula.nvim";
rev = "9fe831e685a76e1a1898a694623b33247c4d036c";
sha256 = "03mrsy17fvdislkf50hfxp87kw2k53zfyygc21ln11792k2nmfc1";
rev = "7200e64c589f899d29f8963aad7543856d1c2545";
sha256 = "095jnw5wmphr7fp4n63sdjh787hlvhpz4baqcvcy7n90aiq3r3sq";
fetchSubmodules = false;
};
};
nvim-treesitter = buildVimPlugin {
pname = "nvim-treesitter";
version = "2023-10-23";
version = "2023-10-25";
src = fetchFromGitHub {
owner = "nvim-treesitter";
repo = "nvim-treesitter";
rev = "0b50cf159283855b72f4c6b22f5ba3c9cf813b37";
sha256 = "0w9hb0n5glhniqx923hvphxf8fy8p3hnwbqsa1fs9cm6bhn8gq5w";
rev = "107e61afb7129d637ea6c3c68b97a22194b0bf16";
sha256 = "165w1k40431x6mxr41vgkxkjp6lbds8ay6w28msdkwl0qnifl45k";
fetchSubmodules = false;
};
};
@ -263,23 +263,23 @@ in
};
nvim-lint = buildVimPlugin {
pname = "nvim-lint";
version = "2023-10-22";
version = "2023-10-24";
src = fetchFromGitHub {
owner = "mfussenegger";
repo = "nvim-lint";
rev = "a4b0511a9e757e78c8c9f9d3f201e0d8ff158b42";
sha256 = "0laj6z74r3nz497nkgpyx9kvc5111hiaia57h5jx4qvajml9ysl1";
rev = "962a76877a4479a535b935bd7ef35ad41ba308b2";
sha256 = "0kgw26b367y7aaz1i3ckxkhfk0f4i2s11lcyfvl9zczzjqaqks8v";
fetchSubmodules = false;
};
};
conform-nvim = buildVimPlugin {
pname = "conform.nvim";
version = "2023-10-22";
version = "2023-10-24";
src = fetchFromGitHub {
owner = "stevearc";
repo = "conform.nvim";
rev = "7f5ff6d253ae3543f186787bccafdc411d3f4b0a";
sha256 = "1iargrkz4k51bppp7qm2hlqy334x1qjg0d1ax8dr6qpkhi6al36v";
rev = "e4ecb6e8ed3163c86d7e647f1dc3d94de77ca687";
sha256 = "00jc9r5x070fn52735jpvp9r1hsq1gckv5z2gw79mvz95g35rhqg";
fetchSubmodules = false;
};
};
@ -307,12 +307,12 @@ in
};
indent-blankline-nvim = buildVimPlugin {
pname = "indent-blankline.nvim";
version = "2023-10-23";
version = "2023-10-24";
src = fetchFromGitHub {
owner = "lukas-reineke";
repo = "indent-blankline.nvim";
rev = "2546441840172cc41e70f67c52e205cc7aa3e6ed";
sha256 = "00p9dyqaa6h67pnkn5wh4iyvi8ydpnyqvbq5n6jk82c5c48h2s2s";
rev = "046e2cf04e08ece927bacbfb87c5b35c0b636546";
sha256 = "18vvqpbjbl3xqgkglc24y3hff4y0m5wzsngp5fwkfqlkqskiw6kf";
fetchSubmodules = false;
};
};

5
home/programs/scripts/nixpkgs-switch
View file

@ -35,10 +35,7 @@ if test "$other_hostname" = ""
end
else
git pull
nom build --eval-store auto --store "ssh-ng://builder-$other_hostname" ".#nixosConfigurations.$other_hostname.config.system.build.toplevel"
if test $status -eq 0
deploy --skip-checks ".#$other_hostname"
end
colmena apply --on $other_hostname
end
if test $status -eq 0

3
home/programs/ssh/Styx.nix
View file

@ -8,7 +8,6 @@ let
signers-directory = "${ssh-directory}/allowed_signers";
shared-private = import ./shared/private.nix;
shared-builder = import ./shared/builder.nix;
shared-work = import ./shared/work.nix { inherit secret; };
ssh-keys = import ../../../system/shared/ssh-keys.nix;
@ -29,7 +28,7 @@ in
# VerifyHostKeyDNS yes
'';
matchBlocks = shared-private.matchBlocks // shared-builder.matchBlocks // shared-work.matchBlocks;
matchBlocks = shared-private.matchBlocks // shared-work.matchBlocks;
includes = [
"~/.ssh/config_work"

43
home/programs/ssh/shared/builder.nix
View file

@ -1,43 +0,0 @@
{
matchBlocks = {
"builder-tanker" = {
hostname = "tanker.ts.kempkens.network";
port = 22;
user = "root";
identityFile = "~/.ssh/Hetzner.pub";
identitiesOnly = true;
};
"builder-mediaserver" = {
hostname = "mediaserver.ts.kempkens.network";
port = 22;
user = "root";
identityFile = "~/.ssh/LAN.pub";
identitiesOnly = true;
};
"builder-argon" = {
hostname = "argon.ts.kempkens.network";
port = 22;
user = "root";
identityFile = "~/.ssh/LAN.pub";
identitiesOnly = true;
};
"builder-adsb-antenna" = {
hostname = "adsb-antenna.laniot";
port = 22;
user = "root";
identityFile = "~/.ssh/LAN.pub";
identitiesOnly = true;
};
"builder-weather-sdr" = {
hostname = "weather-sdr.laniot";
port = 22;
user = "root";
identityFile = "~/.ssh/LAN.pub";
identitiesOnly = true;
};
};
}

19
system/flakes/adsb-antenna.nix
View file

@ -1,16 +1,14 @@
{ nixpkgs, nixos-hardware, deploy-rs, home-manager, inputs, ... }:
{ nixpkgs, nixos-hardware, home-manager, inputs, ... }:
let
default-system = "aarch64-linux";
overlay-attic = inputs.attic.overlays.default;
overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; };
overlay-nifoc = inputs.nifoc-overlay.overlay;
nixpkgsConfig = {
overlays = [
overlay-attic
overlay-deploy-rs
overlay-nifoc
];
@ -48,15 +46,14 @@ rec {
];
};
colmena = {
deployment = {
hostname = "adsb-antenna";
sshUser = "root";
remoteBuild = true;
autoRollback = false;
magicRollback = false;
profiles.system = {
path = deploy-rs.lib.${default-system}.activate.nixos system;
targetHost = "adsb-antenna";
targetPort = 22;
targetUser = "root";
};
nixpkgs.system = default-system;
imports = system._module.args.modules;
};
}

20
system/flakes/argon.nix
View file

@ -1,16 +1,14 @@
{ nixpkgs, nixos-hardware, deploy-rs, home-manager, agenix, inputs, ... }:
{ nixpkgs, nixos-hardware, home-manager, agenix, inputs, ... }:
let
default-system = "aarch64-linux";
overlay-attic = inputs.attic.overlays.default;
overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; };
overlay-nifoc = inputs.nifoc-overlay.overlay;
nixpkgsConfig = {
overlays = [
overlay-attic
overlay-deploy-rs
overlay-nifoc
];
@ -50,15 +48,15 @@ rec {
];
};
colmena = {
deployment = {
hostname = "argon";
sshUser = "root";
remoteBuild = true;
autoRollback = false;
magicRollback = false;
profiles.system = {
path = deploy-rs.lib.${default-system}.activate.nixos system;
targetHost = "argon";
targetPort = 22;
targetUser = "root";
buildOnTarget = true;
};
nixpkgs.system = default-system;
imports = system._module.args.modules;
};
}

20
system/flakes/mediaserver.nix
View file

@ -1,16 +1,14 @@
{ nixpkgs, deploy-rs, home-manager, agenix, inputs, ... }:
{ nixpkgs, home-manager, agenix, inputs, ... }:
let
default-system = "x86_64-linux";
overlay-attic = inputs.attic.overlays.default;
overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; };
overlay-nifoc = inputs.nifoc-overlay.overlay;
nixpkgsConfig = {
overlays = [
overlay-attic
overlay-deploy-rs
overlay-nifoc
];
@ -48,15 +46,15 @@ rec {
];
};
colmena = {
deployment = {
hostname = "mediaserver";
sshUser = "root";
remoteBuild = true;
autoRollback = false;
magicRollback = false;
profiles.system = {
path = deploy-rs.lib.${default-system}.activate.nixos system;
targetHost = "mediaserver";
targetPort = 22;
targetUser = "root";
buildOnTarget = true;
};
nixpkgs.system = default-system;
imports = system._module.args.modules;
};
}

20
system/flakes/tanker.nix
View file

@ -1,16 +1,14 @@
{ nixpkgs, disko, deploy-rs, home-manager, agenix, attic, inputs, ... }:
{ nixpkgs, disko, home-manager, agenix, attic, inputs, ... }:
let
default-system = "x86_64-linux";
# overlay-master = _: _: { pkgs-master = import inputs.nixpkgs-master { system = default-system; }; };
overlay-deploy-rs = _: _: { inherit (deploy-rs.packages.${default-system}) deploy-rs; };
overlay-nifoc = inputs.nifoc-overlay.overlay;
nixpkgsConfig = {
overlays = [
# overlay-master
overlay-deploy-rs
overlay-nifoc
];
@ -52,15 +50,15 @@ rec {
];
};
colmena = {
deployment = {
hostname = "tanker";
sshUser = "root";
remoteBuild = true;
autoRollback = false;
magicRollback = false;
profiles.system = {
path = deploy-rs.lib.${default-system}.activate.nixos system;
targetHost = "tanker";
targetPort = 22;
targetUser = "root";
buildOnTarget = true;
};
nixpkgs.system = default-system;
imports = system._module.args.modules;
};
}

19
system/flakes/weather-sdr.nix
View file

@ -1,16 +1,14 @@
{ nixpkgs, deploy-rs, home-manager, agenix, inputs, ... }:
{ nixpkgs, home-manager, agenix, inputs, ... }:
let
default-system = "aarch64-linux";
overlay-attic = inputs.attic.overlays.default;
overlay-deploy-rs = _: _: { inherit (inputs.deploy-rs.packages.${default-system}) deploy-rs; };
overlay-nifoc = inputs.nifoc-overlay.overlay;
nixpkgsConfig = {
overlays = [
overlay-attic
overlay-deploy-rs
overlay-nifoc
];
@ -48,15 +46,14 @@ rec {
];
};
colmena = {
deployment = {
hostname = "weather-sdr";
sshUser = "root";
remoteBuild = true;
autoRollback = false;
magicRollback = false;
profiles.system = {
path = deploy-rs.lib.${default-system}.activate.nixos system;
targetHost = "weather-sdr";
targetPort = 22;
targetUser = "root";
};
nixpkgs.system = default-system;
imports = system._module.args.modules;
};
}

42
system/hosts/Styx.nix
View file

@ -1,3 +1,6 @@
let
homeDir = "/Users/daniel";
in
{
imports = [
../../agenix/hosts/Styx/config.nix
@ -40,33 +43,21 @@
buildMachines = [
{
hostName = "builder-tanker";
hostName = "mediaserver.ts.kempkens.network";
protocol = "ssh-ng";
systems = [ "x86_64-linux" "aarch64-linux" ];
maxJobs = 4;
}
{
hostName = "builder-mediaserver";
systems = [ "x86_64-linux" "aarch64-linux" ];
maxJobs = 1;
}
{
hostName = "builder-argon";
systems = [ "aarch64-linux" ];
sshUser = "nix-remote-builder";
sshKey = "${homeDir}/.ssh/id_nix_remote_builder";
maxJobs = 2;
}
{
hostName = "builder-adsb-antenna";
hostName = "argon.ts.kempkens.network";
protocol = "ssh-ng";
systems = [ "aarch64-linux" ];
maxJobs = 1;
}
{
hostName = "builder-weather-sdr";
systems = [ "aarch64-linux" ];
maxJobs = 1;
sshUser = "nix-remote-builder";
sshKey = "${homeDir}/.ssh/id_nix_remote_builder";
maxJobs = 2;
}
];
@ -81,15 +72,18 @@
users = {
users.daniel = {
home = "/Users/daniel";
home = homeDir;
};
};
environment = {
darwinConfig = "$HOME/.config/nixpkgs/system/hosts/Styx.nix";
darwinConfig = "${homeDir}/.config/nixpkgs/system/hosts/Styx.nix";
};
services = {
nix-daemon.enable = true;
nix-daemon = {
enable = true;
logFile = "/var/log/nix-daemon.log";
};
};
}

20
system/hosts/argon.nix
View file

@ -58,6 +58,11 @@ in
"nifoc.cachix.org-1:ymuftq7RgN/lf/iWXFK8gpwDSAGFaGBeliWe9u6q8II="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
trusted-users = [
"root"
"nix-remote-builder"
];
};
gc = {
@ -176,7 +181,12 @@ in
};
services.hardware.argonone.enable = true;
programs.fish.enable = true;
programs = {
fish.enable = true;
zsh.enable = true;
htop.enable = true;
};
users.users = {
root = {
@ -192,5 +202,13 @@ in
shell = pkgs.fish;
openssh.authorizedKeys.keys = [ ssh-keys.LAN ];
};
nix-remote-builder = {
isNormalUser = true;
home = "/home/nix-remote-builder";
description = "Nix Remote Builder";
shell = pkgs.zsh;
openssh.authorizedKeys.keys = [ ssh-keys.NixRemoteBuilder ];
};
};
}

20
system/hosts/mediaserver.nix
View file

@ -71,6 +71,11 @@ in
"nifoc.cachix.org-1:ymuftq7RgN/lf/iWXFK8gpwDSAGFaGBeliWe9u6q8II="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
trusted-users = [
"root"
"nix-remote-builder"
];
};
gc = {
@ -144,8 +149,11 @@ in
fonts.fontconfig.enable = false;
sound.enable = false;
programs.fish.enable = true;
programs.htop.enable = true;
programs = {
fish.enable = true;
zsh.enable = true;
htop.enable = true;
};
users.users = {
root = {
@ -161,5 +169,13 @@ in
shell = pkgs.fish;
openssh.authorizedKeys.keys = [ ssh-keys.LAN ssh-keys.ShellFish ];
};
nix-remote-builder = {
isNormalUser = true;
home = "/home/nix-remote-builder";
description = "Nix Remote Builder";
shell = pkgs.zsh;
openssh.authorizedKeys.keys = [ ssh-keys.NixRemoteBuilder ];
};
};
}

2
system/shared/ssh-keys.nix
View file

@ -10,4 +10,6 @@
ShellFish = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGU56Ebq41/DAKmfSHRO3xv2XBFFq+rMWH1L70L1qgcX";
BackupTanker = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCncIcbsNkfRODGjADNIJVI7PMrLRGD/fYfsjyelqv9XI1eVzZdVt5rXJeEDf2B0kzciGE+tcvrQ4iwpavucsIgTp68lFETb2QaiWTvGNNdi9Ejgeoe7LhuVGP3XcvJTODLGU5qviIXljfBZVuDZdK2jfA68RBlYUipXWD/rjhnQLOcr5gUQJ6OtPgSDukjyyrDIzmyXZpw4g80v+KweTXf5e2kL5wea4AhSVWBewVLPAVYsOoxh3lisVee/RX/rlMpyNxrEMJOtUQgke1xekFq6wPyPDKLn4HdotqJWlUa1/oCyDQGHVqECL1wWHDEXoJFyKGWsJ8QoctvwFePkwCpDcQaLqd38d8STZOTC2Sa2CBOMFlZUgAS6l+lPFv4wTAmML/yGyqJPug6oEaCFD+m0kcBcLTIT0r6Bc5B9iB34Vw5TrcLVjfTlKity0ioPtNcHTo1gsqCES/gA86Ci2dVanrWTjyT/36UmdzTd02nNgmzTWqZZf7Mc0OPmAMHTrE=";
NixRemoteBuilder = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBIz/JmDKOeO4odKnQWkqPneSp4e55yrHpEiBBX5sfz8";
}