Some cleanup, prep for stabilizing on 24.05 when it releases for server hosts

This commit is contained in:
Daniel Flanagan 2024-03-28 13:10:51 -05:00
parent c6fdb6838a
commit d571fabd4f
6 changed files with 114 additions and 40 deletions

View file

@ -332,6 +332,22 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-next": {
"locked": {
"lastModified": 1711646189,
"narHash": "sha256-+fnMLzJhiLAY/2ACsWPnLkstUpR0PKEVjlsCWH2aFGg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "5d44454602e6964b5e582edc81098aac06f8ecbe",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "staging-next",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1711124224, "lastModified": 1711124224,
@ -445,6 +461,7 @@
"home-manager": "home-manager", "home-manager": "home-manager",
"hyprland": "hyprland", "hyprland": "hyprland",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_3",
"nixpkgs-next": "nixpkgs-next",
"nixpkgs-stable": "nixpkgs-stable", "nixpkgs-stable": "nixpkgs-stable",
"nixpkgsForIosevka": "nixpkgsForIosevka", "nixpkgsForIosevka": "nixpkgsForIosevka",
"pre-commit-hooks": "pre-commit-hooks", "pre-commit-hooks": "pre-commit-hooks",
@ -499,7 +516,7 @@
"nixpkgs" "nixpkgs"
], ],
"nixpkgs-stable": [ "nixpkgs-stable": [
"nixpkgs" "nixpkgs-stable"
] ]
}, },
"locked": { "locked": {

View file

@ -4,6 +4,8 @@
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-23.11"; nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-23.11";
nixpkgs-next.url = "github:nixos/nixpkgs/staging-next";
# I have this as a separate input so I don't rebuild the font every time I # I have this as a separate input so I don't rebuild the font every time I
# want to upgrade nixpkgs # want to upgrade nixpkgs
nixpkgsForIosevka.url = "github:nixos/nixpkgs?rev=5863c27340ba4de8f83e7e3c023b9599c3cb3c80"; nixpkgsForIosevka.url = "github:nixos/nixpkgs?rev=5863c27340ba4de8f83e7e3c023b9599c3cb3c80";
@ -24,7 +26,7 @@
sops-nix.url = "github:Mic92/sops-nix"; sops-nix.url = "github:Mic92/sops-nix";
sops-nix.inputs.nixpkgs.follows = "nixpkgs"; sops-nix.inputs.nixpkgs.follows = "nixpkgs";
sops-nix.inputs.nixpkgs-stable.follows = "nixpkgs"; sops-nix.inputs.nixpkgs-stable.follows = "nixpkgs-stable";
hardware.url = "github:nixos/nixos-hardware"; hardware.url = "github:nixos/nixos-hardware";
# hardware.inputs.nixpkgs.follows = "nixpkgs"; # hardware.inputs.nixpkgs.follows = "nixpkgs";
@ -46,6 +48,7 @@
outputs = { outputs = {
self, self,
nixpkgs, nixpkgs,
nixpkgs-next,
nixpkgsForIosevka, nixpkgsForIosevka,
home-manager, home-manager,
hardware, hardware,
@ -118,15 +121,20 @@
# NixOS configuration entrypoint # NixOS configuration entrypoint
# Available through 'nixos-rebuild --flake .#your-hostname' # Available through 'nixos-rebuild --flake .#your-hostname'
nixosConfigurations = builtins.mapAttrs (name: { nixosConfigurations =
(builtins.mapAttrs (name: {
system, system,
modules, modules,
... ...
}: }:
# let
# commonModules =
# in
nixpkgs.lib.nixosSystem { nixpkgs.lib.nixosSystem {
inherit system; inherit system;
specialArgs = { specialArgs = {
inherit inputs outputs system api-lyte-dev hardware; # TODO: avoid special args and actually pass inputs to modules?
inherit inputs outputs hardware;
}; };
# extraSpecialArgs = { # extraSpecialArgs = {
# inherit inputs outputs system api-lyte-dev; # inherit inputs outputs system api-lyte-dev;
@ -136,7 +144,25 @@
self.nixosModules.common self.nixosModules.common
] ]
++ modules; ++ modules;
}) (import ./nixos); }) (import ./nixos))
// {
# TODO: stabilize "appliance"-type hosts on stable nixpkgs ASAP to avoid breakages
beefcake = nixpkgs-next.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs outputs api-lyte-dev hardware;
};
modules = [self.nixosModules.common ./nixos/beefcake.nix];
};
# rascal = {
# system = "x86_64-linux";
# modules = [./rascal.nix];
# };
# router = {
# system = "x86_64-linux";
# modules = [./router.nix];
# };
};
# Standalone home-manager configuration entrypoint # Standalone home-manager configuration entrypoint
# Available through 'home-manager --flake .#your-username@your-hostname' # Available through 'home-manager --flake .#your-username@your-hostname'

View file

@ -268,7 +268,10 @@
# } # }
# See https://wiki.hyprland.org/Configuring/Window-Rules/ for more # See https://wiki.hyprland.org/Configuring/Window-Rules/ for more
# windowrulev2 = float,class:^.*(kitty|firefox|org.wezfurlong.wezterm).*$ windowrulev2 = idleinhibit,class:^.*([Ss]lippi).*$
windowrulev2 = float,class:^.*([Kk]itty|[Ff]irefox|[Ww]ezterm|[Dd]iscord|[Ss]potify|[Ss]lack).*$
windowrulev2 = opacity 1.0 0.9,floating:1
windowrulev2 = opacity 0.0 override 0.0 override,class:^(xwaylandvideobridge)$ windowrulev2 = opacity 0.0 override 0.0 override,class:^(xwaylandvideobridge)$
windowrulev2 = noanim,class:^(xwaylandvideobridge)$ windowrulev2 = noanim,class:^(xwaylandvideobridge)$
windowrulev2 = noinitialfocus,class:^(xwaylandvideobridge)$ windowrulev2 = noinitialfocus,class:^(xwaylandvideobridge)$

View file

@ -18,10 +18,10 @@ in {
inputs.disko.nixosModules.disko inputs.disko.nixosModules.disko
inputs.home-manager.nixosModules.home-manager inputs.home-manager.nixosModules.home-manager
] ]
++ (with outputs.nixosModules; [ ++ [
avahi ./avahi.nix
daniel ./daniel.nix
]); ];
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;

View file

@ -125,6 +125,7 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
}; };
} }
{ {
# nix binary cache
services.nix-serve = { services.nix-serve = {
enable = true; enable = true;
secretKeyFile = "/var/cache-priv-key.pem"; secretKeyFile = "/var/cache-priv-key.pem";
@ -138,6 +139,26 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
80 80
443 443
]; ];
# regularly build this flake so we have stuff in the cache
systemd.timers."build-lytedev-flake" = {
wantedBy = ["timers.target"];
timerConfig = {
OnBootSec = "30m"; # 30 minutes after booting
OnUnitActiveSec = "1d"; # every day afterwards
Unit = "build-lytedev-flake.service";
};
};
systemd.services."build-lytedev-flake" = {
script = ''
nixos-rebuild build --flake git+https://git.lyte.dev/lytedev/nix.git
'';
serviceConfig = {
Type = "oneshot";
User = "daniel"; # might have to run as me for git ssh access to the repo
};
};
} }
{ {
services.headscale = { services.headscale = {

View file

@ -3,38 +3,45 @@
system = "x86_64-linux"; system = "x86_64-linux";
modules = [./base.nix]; modules = [./base.nix];
}; };
beefcake = {
system = "x86_64-linux"; # workstation
modules = [./beefcake.nix];
};
dragon = { dragon = {
system = "x86_64-linux"; system = "x86_64-linux";
modules = [./dragon.nix]; modules = [./dragon.nix];
}; };
# primary laptop
foxtrot = { foxtrot = {
system = "x86_64-linux"; system = "x86_64-linux";
modules = [./foxtrot.nix]; modules = [./foxtrot.nix];
}; };
musicbox = {
system = "x86_64-linux"; # entertainment convertible laptop
modules = [./musicbox.nix];
};
rascal = {
system = "x86_64-linux";
modules = [./rascal.nix];
};
router = {
system = "x86_64-linux";
modules = [./router.nix];
};
thablet = { thablet = {
system = "x86_64-linux"; system = "x86_64-linux";
modules = [./thablet.nix]; modules = [./thablet.nix];
}; };
# thinkpad backup laptop
thinker = { thinker = {
system = "x86_64-linux"; system = "x86_64-linux";
modules = [./thinker.nix]; modules = [./thinker.nix];
}; };
# TODO: stabilize these machines on nixpkgs-stable
# owned offsite backup
rascal = {
system = "x86_64-linux";
modules = [./rascal.nix];
};
# TODO: deploy this to the actual router
# home gateway
router = {
system = "x86_64-linux";
modules = [./router.nix];
};
# htpifour = { # htpifour = {
# system = "aarch64-linux"; # system = "aarch64-linux";
# modules = [./htpifour.nix]; # modules = [./htpifour.nix];