nettika/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add Astral host

Browse source
This commit is contained in:
Nettika 2025-10-03 10:32:05 -07:00
parent c2399507d3
commit b3be9bbad9
9 changed files with 198 additions and 138 deletions
Download patch file Download diff file Expand all files Collapse all files

23
flake.lock generated
View file

@ -84,11 +84,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1748437600, "lastModified": 1756217674,
"narHash": "sha256-hYKMs3ilp09anGO7xzfGs3JqEgUqFMnZ8GMAqI6/k04=", "narHash": "sha256-TH1SfSP523QI7kcPiNtMAEuwZR3Jdz0MCDXPs7TS8uo=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "7282cb574e0607e65224d33be8241eae7cfe0979", "rev": "4e7667a90c167f7a81d906e5a75cba4ad8bee620",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -98,22 +98,6 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-vicuna": {
"locked": {
"lastModified": 1751274312,
"narHash": "sha256-/bVBlRpECLVzjV19t5KMdMFWSwKLtb5RyXdjz3LJT+g=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "50ab793786d9de88ee30ec4e4c24fb4236fc2674",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-24.11",
"repo": "nixpkgs",
"type": "github"
}
},
"phps": { "phps": {
"inputs": { "inputs": {
"flake-compat": "flake-compat", "flake-compat": "flake-compat",
@ -140,7 +124,6 @@
"inputs": { "inputs": {
"agenix": "agenix", "agenix": "agenix",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nixpkgs-vicuna": "nixpkgs-vicuna",
"phps": "phps" "phps": "phps"
} }
}, },

31
flake.nix
View file

@ -1,9 +1,8 @@
{ {
description = "Marauder NixOS Configuration"; description = "NixOS Configurations";
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
nixpkgs-vicuna.url = "github:nixos/nixpkgs/nixos-24.11";
phps = { phps = {
url = "github:fossar/nix-phps"; url = "github:fossar/nix-phps";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
@ -14,30 +13,8 @@
}; };
}; };
outputs = { self, nixpkgs, nixpkgs-vicuna, phps, agenix }: { outputs = inputs: {
nixosModules.common = ./modules/common.nix; nixosModules = import ./modules;
nixosConfigurations = { nixosConfigurations = import ./hosts inputs;
marauder = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
./hosts/marauder
self.nixosModules.common
agenix.nixosModules.default
{
environment.systemPackages =
[ agenix.packages.x86_64-linux.default ];
}
];
specialArgs = { inherit phps; };
};
apogee = nixpkgs-vicuna.lib.nixosSystem {
system = "x86_64-linux";
modules = [
./hosts/apogee
self.nixosModules.common
agenix.nixosModules.default
];
};
};
}; };
} }

71
hosts/astral/default.nix Normal file
View file

@ -0,0 +1,71 @@
{ nixosModules, modulesPath, lib, config, pkgs, ... }: {
imports = with nixosModules; [
"${modulesPath}/virtualisation/amazon-image.nix"
nettika
];
boot.loader.grub.device = lib.mkForce "/dev/nvme0n1";
nix = {
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
settings.trusted-users = [ "@wheel" ];
};
networking = {
hostName = "astral";
domain = "recipes.leaf.ninja";
firewall.allowedTCPPorts = [ 80 443 ];
networkmanager.enable = true;
};
users.defaultUserShell = pkgs.fish;
security.sudo.wheelNeedsPassword = false;
environment.variables.EDITOR = "nano";
services.caddy = {
enable = true;
virtualHosts = {
"${config.networking.domain}".extraConfig = ''
reverse_proxy localhost:8008
header Strict-Transport-Security "max-age=63072000; includeSubDomains;"
'';
};
};
programs.fish.enable = true;
programs.git = {
enable = true;
lfs.enable = true;
config = {
init.defaultBranch = "master";
user = {
email = "git@nettika.cat";
name = "Nettika";
};
credential.helper = "store";
};
};
programs.nano = {
enable = true;
nanorc = ''
set autoindent
set linenumbers
'';
};
documentation.man.generateCaches = false;
promptEmoji = "";
time.timeZone = "America/Los_Angeles";
system.stateVersion = "23.05";
}

16
hosts/default.nix Normal file
View file

@ -0,0 +1,16 @@
{ self, nixpkgs, phps, agenix, ... }:
let inherit (nixpkgs.lib) nixosSystem;
in {
marauder = nixosSystem {
system = "x86_64-linux";
modules = [ ./marauder ];
specialArgs = {
inherit (self) nixosModules;
inherit phps agenix;
};
};
astral = nixosSystem {
system = "x86_64-linux";
modules = [ ./astral ];
};
}

64
hosts/marauder/default.nix
View file

@ -1,4 +1,4 @@
{ pkgs, phps, ... }: { pkgs, nixosModules, phps, agenix, ... }:
let let
fortune = pkgs.writeShellScript "cgi" '' fortune = pkgs.writeShellScript "cgi" ''
echo "Content-type: text/html" echo "Content-type: text/html"
@ -9,27 +9,50 @@ let
${pkgs.ffmpeg}/bin/ffmpeg -v error -stats -hide_banner -i "$1" -c copy -f null - ${pkgs.ffmpeg}/bin/ffmpeg -v error -stats -hide_banner -i "$1" -c copy -f null -
''; '';
in { in {
imports = [ ./backup.nix ]; imports = [
./backup.nix
nixosModules.nettika
nixosModules.promptmoji
agenix.nixosModules.default
];
nixpkgs.config.allowUnfree = true; nix = {
gc = {
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.gc = {
automatic = true; automatic = true;
dates = "weekly"; dates = "weekly";
options = "--delete-older-than 30d"; options = "--delete-older-than 30d";
}; };
settings = {
trusted-users = [ "@wheel" ];
experimental-features = [ "nix-command" "flakes" ];
};
};
environment.variables.VISUAL = "code --wait"; nixpkgs.config.allowUnfree = true;
environment.variables.EDITOR = "nano";
documentation.man.generateCaches = false;
environment.variables = {
VISUAL = "code --wait";
PKG_CONFIG_PATH = "${pkgs.openssl.dev}/lib/pkgconfig";
};
age.identityPaths = [ "/home/nettika/.ssh/id_ed25519" ]; age.identityPaths = [ "/home/nettika/.ssh/id_ed25519" ];
networking = { networking = {
hostName = "marauder"; hostName = "marauder";
firewall.enable = false; firewall.enable = false;
networkmanager.enable = true;
}; };
security.sudo.wheelNeedsPassword = false;
users.defaultUserShell = pkgs.fish;
programs.fish.enable = true;
fileSystems = { fileSystems = {
"/" = { "/" = {
device = "/dev/disk/by-uuid/648c6539-892c-40d7-8b07-23fe760df02a"; device = "/dev/disk/by-uuid/648c6539-892c-40d7-8b07-23fe760df02a";
@ -95,6 +118,7 @@ in {
krita krita
openscad-unstable openscad-unstable
bambu-studio bambu-studio
orca-slicer
# Multimedia # Multimedia
vlc vlc
@ -134,8 +158,32 @@ in {
mullvad-vpn mullvad-vpn
qbittorrent qbittorrent
system-config-printer system-config-printer
openssl
pkg-config
agenix.packages.x86_64-linux.default
]; ];
programs.git = {
enable = true;
lfs.enable = true;
config = {
init.defaultBranch = "master";
user = {
email = "git@nettika.cat";
name = "Nettika";
};
credential.helper = "store";
};
};
programs.nano = {
enable = true;
nanorc = ''
set autoindent
set linenumbers
'';
};
programs.steam = { programs.steam = {
enable = true; enable = true;
remotePlay.openFirewall = true; remotePlay.openFirewall = true;

82
modules/common.nix
View file

@ -1,82 +0,0 @@
{ pkgs, lib, config, ... }: {
options = {
promptSymbol = lib.mkOption {
type = lib.types.str;
description = "Prompt prefix symbol.";
};
};
config = {
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
users.defaultUserShell = pkgs.fish;
users.users.nettika = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHopty1QG8P+OfGxQ9CV0BI1IRB/q6yITzMZaZ6Zspid nettika@marauder"
];
};
nix.settings.trusted-users = [ "@wheel" ];
security.sudo.wheelNeedsPassword = false;
networking.networkmanager.enable = true;
environment.variables.EDITOR = "nano";
programs.git = {
enable = true;
lfs.enable = true;
config = {
init.defaultBranch = "master";
user = {
email = "git@nettika.cat";
name = "Nettika";
};
credential.helper = "store";
};
};
programs.nano = {
enable = true;
nanorc = ''
set autoindent
set linenumbers
'';
};
programs.fish = {
enable = true;
promptInit = ''
function fish_prompt
echo -n '${config.promptSymbol} '
if fish_is_root_user
set_color red
else
set_color brgreen
end
echo -n (prompt_pwd)
set_color normal
echo -n ' > '
end
function fish_right_prompt
set_color bryellow
echo -n (${pkgs.git}/bin/git branch --show-current 2>/dev/null)
end
'';
shellInit = ''
set -g fish_greeting
set -g fish_prompt_pwd_full_dirs 999
'';
};
documentation.man.generateCaches = false;
};
}

4
modules/default.nix Normal file
View file

@ -0,0 +1,4 @@
{
nettika = ./nettika.nix;
promptmoji = ./promptmoji.nix;
}

9
modules/nettika.nix Normal file
View file

@ -0,0 +1,9 @@
{
users.users.nettika = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHopty1QG8P+OfGxQ9CV0BI1IRB/q6yITzMZaZ6Zspid nettika@marauder"
];
};
}

34
modules/promptmoji.nix Normal file
View file

@ -0,0 +1,34 @@
{ lib, config, pkgs, ... }: {
options = {
promptSymbol = lib.mkOption {
type = lib.types.str;
description = "Prompt prefix symbol.";
};
};
config = {
programs.fish = lib.mkIf config.programs.fish.enable {
promptInit = ''
function fish_prompt
echo -n '${config.promptSymbol} '
if fish_is_root_user
set_color red
else
set_color brgreen
end
echo -n (prompt_pwd)
set_color normal
echo -n ' > '
end
function fish_right_prompt
set_color bryellow
echo -n (${pkgs.git}/bin/git branch --show-current 2>/dev/null)
end
'';
shellInit = ''
set -g fish_greeting
set -g fish_prompt_pwd_full_dirs 999
'';
};
};
}