dotfiles/nixos-config
1
0
Fork 0
mirror of https://github.com/srid/nixos-config.git synced 2026-05-11 17:36:07 +08:00
Code Issues Projects Releases Packages Wiki Activity Actions

provision facade

Browse source
This commit is contained in:
Sridhar Ratnakumar 2021-09-11 12:30:24 -04:00
parent 381cb00f2a
commit 5f9a852d73
3 changed files with 55 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

38
flake.nix
View file

@ -21,6 +21,19 @@
outputs = inputs@{ self, home-manager, nixpkgs, ... }:
let
system = "x86_64-linux";
# Features common to all of my machines
commonModules = [
./features/self-ide.nix
./features/caches
./features/current-location.nix
./features/passwordstore.nix
./features/syncthing.nix
./features/protonvpn.nix
./features/server/harden.nix
];
graphicsCommonModules = [
./features/monitor-brightness.nix
];
# Make configuration for any computer I use in my home office.
mkHomeMachine = configurationNix: extraModules: nixpkgs.lib.nixosSystem {
inherit system;
@ -31,16 +44,6 @@
# System configuration
configurationNix
# Features common to all of my machines
./features/self-ide.nix
./features/caches
./features/current-location.nix
./features/passwordstore.nix
./features/syncthing.nix
./features/protonvpn.nix
./features/docker.nix
./features/monitor-brightness.nix
# home-manager configuration
home-manager.nixosModules.home-manager
{
@ -51,7 +54,7 @@
pkgs = import nixpkgs { inherit system; };
};
}
] ++ extraModules
] ++ commonModules ++ extraModules
);
};
in
@ -60,7 +63,7 @@
#
nixosConfigurations.p71 = mkHomeMachine
./hosts/p71.nix
[
(graphicsCommonModules ++ [
inputs.nixos-hardware.nixosModules.lenovo-thinkpad-p53
./features/desktopish
#./features/gnome.nix
@ -72,8 +75,7 @@
#./features/server-mode.nix
# ./features/postgrest.nix
./features/server/devserver.nix
./features/server/harden.nix
];
]);
nixosConfigurations.x1c7 = mkHomeMachine
./hosts/x1c7.nix
[
@ -82,13 +84,9 @@
./features/gnome.nix
./features/desktopish/guiapps.nix
];
nixosConfigurations.ryzen9 = mkHomeMachine
./hosts/ryzen9.nix
nixosConfigurations.facade = mkHomeMachine
./hosts/facade.nix
[
./features/server/harden.nix
./features/server/devserver.nix
./features/ema/emanote.nix
./features/lxd.nix
];
};

36
hosts/facade.nix Normal file
View file

@ -0,0 +1,36 @@
{ config, pkgs, lib, modulesPath, ... }:
{
imports = lib.optional (builtins.pathExists ./do-userdata.nix) ./do-userdata.nix ++ [
(modulesPath + "/virtualisation/digital-ocean-config.nix")
];
nixpkgs.config.allowUnfree = true;
nix = {
package = pkgs.nixUnstable;
extraOptions = ''
experimental-features = nix-command flakes
'';
trustedUsers = [ "root" "srid" ];
};
environment.systemPackages = with pkgs; [
cryptsetup
];
# Define a user account. Don't forget to set a password with passwd.
users.users.srid = {
isNormalUser = true;
extraGroups = [ "wheel" ];
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "21.11"; # Did you read the comment?
}

2
hosts/p71.nix
View file

@ -73,7 +73,7 @@
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" "audio" ];
};
users.users.srid.openssh.authorizedKeys.keys = import ./sshkeys.nix;
users.users.srid.openssh.authorizedKeys.keys = [ (builtins.readFile ../id_rsa.pub) ];
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];