nolan/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: nolan:0c93d3010df42b85defbffce4c647a32ab924d46
Branches Tags
nolan:main
..
compare: nolan:46dc54cccaab720b34823bd82bf8804d976d2928
Branches Tags
nolan:main

No commits in common. "0c93d3010df42b85defbffce4c647a32ab924d46" and "46dc54cccaab720b34823bd82bf8804d976d2928" have entirely different histories.
0c93d3010d ... 46dc54ccca

10 changed files with 169 additions and 297 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.envrc
View file

@ -1,2 +1 @@
use flake
export BASH_DEFAULT_TIMEOUT_MS=100000000 export BASH_DEFAULT_TIMEOUT_MS=100000000

2
.gitignore vendored
View file

@ -1,4 +1,2 @@
*.iso *.iso
result result
/.pre-commit-config.yaml
.direnv

90
flake.lock generated
View file

@ -60,22 +60,6 @@
} }
}, },
"flake-compat": { "flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1747046372, "lastModified": 1747046372,
@ -92,34 +76,12 @@
} }
}, },
"git-hooks": { "git-hooks": {
"inputs": {
"flake-compat": "flake-compat",
"gitignore": "gitignore",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1750779888,
"narHash": "sha256-wibppH3g/E2lxU43ZQHC5yA/7kIKLGxVEnsnVK1BtRg=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "16ec914f6fb6f599ce988427d9d94efddf25fe6d",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"git-hooks_2": {
"inputs": { "inputs": {
"flake-compat": [ "flake-compat": [
"simple-nixos-mailserver", "simple-nixos-mailserver",
"flake-compat" "flake-compat"
], ],
"gitignore": "gitignore_2", "gitignore": "gitignore",
"nixpkgs": [ "nixpkgs": [
"simple-nixos-mailserver", "simple-nixos-mailserver",
"nixpkgs" "nixpkgs"
@ -140,27 +102,6 @@
} }
}, },
"gitignore": { "gitignore": {
"inputs": {
"nixpkgs": [
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"gitignore_2": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"simple-nixos-mailserver", "simple-nixos-mailserver",
@ -210,11 +151,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1752780124, "lastModified": 1752544374,
"narHash": "sha256-5dn97vIYxn6VozKePOQSDxVCsrl38nDdMJXx86KIJH0=", "narHash": "sha256-ReX0NG6nIAEtQQjLqeu1vUU2jjZuMlpymNtb4VQYeus=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "c718918222bdb104397762dea67e6b397a7927fe", "rev": "2e00ed310c218127e02ffcf28ddd4e0f669fde3e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -226,11 +167,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1752666637, "lastModified": 1752048960,
"narHash": "sha256-P8J72psdc/rWliIvp8jUpoQ6qRDlVzgSDDlgkaXQ0Fw=", "narHash": "sha256-gATnkOe37eeVwKKYCsL+OnS2gU4MmLuZFzzWCtaKLI8=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "d1bfa8f6ccfb5c383e1eba609c1eb67ca24ed153", "rev": "7ced9122cff2163c6a0212b8d1ec8c33a1660806",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -274,11 +215,11 @@
}, },
"nixpkgsUnstable": { "nixpkgsUnstable": {
"locked": { "locked": {
"lastModified": 1752687322, "lastModified": 1752480373,
"narHash": "sha256-RKwfXA4OZROjBTQAl9WOZQFm7L8Bo93FQwSJpAiSRvo=", "narHash": "sha256-JHQbm+OcGp32wAsXTE/FLYGNpb+4GLi5oTvCxwSoBOA=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "6e987485eb2c77e5dcc5af4e3c70843711ef9251", "rev": "62e0f05ede1da0d54515d4ea8ce9c733f12d9f08",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -290,11 +231,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1752620740, "lastModified": 1752436162,
"narHash": "sha256-f3pO+9lg66mV7IMmmIqG4PL3223TYMlnlw+pnpelbss=", "narHash": "sha256-Kt1UIPi7kZqkSc5HVj6UY5YLHHEzPBkgpNUByuyxtlw=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "32a4e87942101f1c9f9865e04dc3ddb175f5f32e", "rev": "dfcd5b901dbab46c9c6e80b265648481aafb01f8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -323,7 +264,6 @@
"root": { "root": {
"inputs": { "inputs": {
"agenix": "agenix", "agenix": "agenix",
"git-hooks": "git-hooks",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_2",
@ -334,8 +274,8 @@
"simple-nixos-mailserver": { "simple-nixos-mailserver": {
"inputs": { "inputs": {
"blobs": "blobs", "blobs": "blobs",
"flake-compat": "flake-compat_2", "flake-compat": "flake-compat",
"git-hooks": "git-hooks_2", "git-hooks": "git-hooks",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_3",
"nixpkgs-25_05": "nixpkgs-25_05" "nixpkgs-25_05": "nixpkgs-25_05"
}, },

166
flake.nix
View file

@ -9,10 +9,6 @@
}; };
agenix.url = "github:ryantm/agenix"; agenix.url = "github:ryantm/agenix";
simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-25.05"; simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-25.05";
git-hooks = {
url = "github:cachix/git-hooks.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
}; };
outputs = outputs =
@ -23,107 +19,103 @@
nixos-hardware, nixos-hardware,
agenix, agenix,
simple-nixos-mailserver, simple-nixos-mailserver,
git-hooks,
... ...
}: }:
let let
system = "x86_64-linux"; system = "x86_64-linux";
overlayUnstable = _final: _prev: { overlayUnstable = final: prev: {
unstable = import nixpkgsUnstable { unstable = import nixpkgsUnstable {
inherit system; inherit system;
config.allowUnfree = true; config.allowUnfree = true;
config.android_sdk.accept_license = true; config.android_sdk.accept_license = true;
}; };
}; };
# Common modules shared across all hosts
commonModules = [
agenix.nixosModules.default
{
environment.systemPackages = [ agenix.packages.${system}.default ];
}
{
nixpkgs.overlays = [ overlayUnstable ];
}
];
# Common home-manager modules
homeManagerModules = [
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
}
];
# Helper function to create a host configuration
mkHost =
{
hostPath,
extraModules ? [ ],
includeHomeManager ? true,
specialArgs ? { },
}:
nixpkgs.lib.nixosSystem {
inherit system specialArgs;
modules =
commonModules
++ (if includeHomeManager then homeManagerModules else [ ])
++ extraModules
++ [ hostPath ];
};
in in
rec { {
nixosConfigurations = { nixosConfigurations = {
nixbox = mkHost { nixbox = nixpkgs.lib.nixosSystem {
hostPath = ./hosts/nixbox; inherit system;
modules = [
agenix.nixosModules.default
{
environment.systemPackages = [ agenix.packages.${system}.default ];
}
(
{ config, pkgs, ... }:
{
nixpkgs.overlays = [ overlayUnstable ];
}
)
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
}
./hosts/nixbox
];
}; };
flynode = nixpkgs.lib.nixosSystem {
flynode = mkHost { inherit system;
hostPath = ./hosts/flynode; modules = [
extraModules = [ nixos-hardware.nixosModules.lenovo-thinkpad-z13-gen1 ]; agenix.nixosModules.default
{
environment.systemPackages = [ agenix.packages.${system}.default ];
}
(
{ config, pkgs, ... }:
{
nixpkgs.overlays = [ overlayUnstable ];
}
)
nixos-hardware.nixosModules.lenovo-thinkpad-z13-gen1
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
}
./hosts/flynode
];
}; };
thewordnerd = nixpkgs.lib.nixosSystem {
thewordnerd = mkHost { inherit system;
hostPath = ./hosts/hub;
extraModules = [ simple-nixos-mailserver.nixosModule ];
specialArgs = { inherit inputs; }; specialArgs = { inherit inputs; };
modules = [
agenix.nixosModules.default
{
environment.systemPackages = [ agenix.packages.${system}.default ];
}
(
{ config, pkgs, ... }:
{
nixpkgs.overlays = [ overlayUnstable ];
}
)
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
}
simple-nixos-mailserver.nixosModule
./hosts/hub
];
}; };
garden = nixpkgs.lib.nixosSystem {
garden = mkHost { inherit system;
hostPath = ./hosts/garden;
includeHomeManager = false;
specialArgs = { inherit inputs; }; specialArgs = { inherit inputs; };
modules = [
agenix.nixosModules.default
{
environment.systemPackages = [ agenix.packages.${system}.default ];
}
(
{ config, pkgs, ... }:
{
nixpkgs.overlays = [ overlayUnstable ];
}
)
./hosts/garden
];
}; };
}; };
checks.${system} = {
pre-commit-check = git-hooks.lib.${system}.run {
src = ./.;
hooks = {
# Check formatting of flake.nix
nixfmt-rfc-style = {
enable = true;
files = "^flake\\.nix$";
};
# Check for dead code in flake.nix
deadnix = {
enable = true;
files = "^flake\\.nix$";
};
# Flake-specific checks
flake-checker.enable = true;
};
};
};
devShells.${system}.default =
let
pkgs = nixpkgs.legacyPackages.${system};
in
pkgs.mkShell {
inherit (checks.${system}.pre-commit-check) shellHook;
buildInputs = checks.${system}.pre-commit-check.enabledPackages;
};
}; };
} }

73
hosts/flynode/hardware-configuration.nix
View file

@ -1,62 +1,47 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ { config, lib, pkgs, modulesPath, ... }:
config,
lib,
pkgs,
modulesPath,
...
}:
{ {
imports = [ imports =
(modulesPath + "/installer/scan/not-detected.nix") [ (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ];
"nvme"
"xhci_pci"
"thunderbolt"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ]; boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" =
device = "zpool/root"; { device = "zpool/root";
fsType = "zfs"; fsType = "zfs";
}; };
fileSystems."/home" = { fileSystems."/home" =
device = "zpool/home"; { device = "zpool/home";
fsType = "zfs"; fsType = "zfs";
}; };
fileSystems."/var" = { fileSystems."/var" =
device = "zpool/var"; { device = "zpool/var";
fsType = "zfs"; fsType = "zfs";
}; };
fileSystems."/nix" = { fileSystems."/nix" =
device = "zpool/nix"; { device = "zpool/nix";
fsType = "zfs"; fsType = "zfs";
}; };
fileSystems."/boot" = { fileSystems."/boot" =
device = "/dev/disk/by-uuid/001D-B2B7"; { device = "/dev/disk/by-uuid/001D-B2B7";
fsType = "vfat"; fsType = "vfat";
options = [ options = [ "fmask=0022" "dmask=0022" ];
"fmask=0022" };
"dmask=0022"
swapDevices =
[ { device = "/dev/disk/by-uuid/c9a2faf8-4e35-4946-a70f-c84d0fa359df"; }
]; ];
};
swapDevices = [
{ device = "/dev/disk/by-uuid/c9a2faf8-4e35-4946-a70f-c84d0fa359df"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

19
hosts/garden/hardware-configuration.nix
View file

@ -6,20 +6,9 @@
efiInstallAsRemovable = true; efiInstallAsRemovable = true;
device = "nodev"; device = "nodev";
}; };
fileSystems."/boot" = { fileSystems."/boot" = { device = "/dev/disk/by-uuid/FAAB-A09E"; fsType = "vfat"; };
device = "/dev/disk/by-uuid/FAAB-A09E"; boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
fsType = "vfat";
};
boot.initrd.availableKernelModules = [
"ata_piix"
"uhci_hcd"
"xen_blkfront"
"vmw_pvscsi"
];
boot.initrd.kernelModules = [ "nvme" ]; boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = { fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
device = "/dev/sda1";
fsType = "ext4";
};
} }

2
hosts/hub/apps/nextcloud.nix
View file

@ -58,7 +58,7 @@
# The nextcloud-setup service blocks container startup when it needs to perform upgrades, # The nextcloud-setup service blocks container startup when it needs to perform upgrades,
# creating a circular dependency: the network can't be configured until the container is ready, # creating a circular dependency: the network can't be configured until the container is ready,
# but the container can't be ready without network access for the upgrade. # but the container can't be ready without network access for the upgrade.
# #
# To upgrade Nextcloud when changing major versions: # To upgrade Nextcloud when changing major versions:
# 1. Uncomment the lines below to disable nextcloud-setup # 1. Uncomment the lines below to disable nextcloud-setup
# 2. Run: nixos-rebuild switch # 2. Run: nixos-rebuild switch

65
hosts/hub/hardware-configuration.nix
View file

@ -1,56 +1,43 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ { config, lib, pkgs, modulesPath, ... }:
config,
lib,
pkgs,
modulesPath,
...
}:
{ {
imports = [ imports =
(modulesPath + "/installer/scan/not-detected.nix") [ (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" ];
"xhci_pci"
"ahci"
"nvme"
];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" =
device = "zpool/root"; { device = "zpool/root";
fsType = "zfs"; fsType = "zfs";
}; };
fileSystems."/nix" = { fileSystems."/nix" =
device = "zpool/nix"; { device = "zpool/nix";
fsType = "zfs"; fsType = "zfs";
}; };
fileSystems."/var" = { fileSystems."/var" =
device = "zpool/var"; { device = "zpool/var";
fsType = "zfs"; fsType = "zfs";
}; };
fileSystems."/home" = { fileSystems."/home" =
device = "zpool/home"; { device = "zpool/home";
fsType = "zfs"; fsType = "zfs";
}; };
fileSystems."/boot" = { fileSystems."/boot" =
device = "/dev/disk/by-uuid/8ADD-D5B1"; { device = "/dev/disk/by-uuid/8ADD-D5B1";
fsType = "vfat"; fsType = "vfat";
options = [ options = [ "fmask=0022" "dmask=0022" ];
"fmask=0022" };
"dmask=0022"
];
};
swapDevices = [ ]; swapDevices = [ ];

46
hosts/nixbox/hardware-configuration.nix
View file

@ -1,46 +1,28 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ { config, lib, pkgs, modulesPath, ... }:
config,
lib,
pkgs,
modulesPath,
...
}:
{ {
imports = [ imports =
(modulesPath + "/installer/scan/not-detected.nix") [ (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
"xhci_pci"
"thunderbolt"
"ahci"
"nvme"
"usbhid"
"usb_storage"
"sd_mod"
"sdhci_pci"
];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" =
device = "/dev/disk/by-uuid/a0df6959-f878-48d0-aabe-5f46915c1921"; { device = "/dev/disk/by-uuid/a0df6959-f878-48d0-aabe-5f46915c1921";
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/boot" = { fileSystems."/boot" =
device = "/dev/disk/by-uuid/7EEE-698D"; { device = "/dev/disk/by-uuid/7EEE-698D";
fsType = "vfat"; fsType = "vfat";
options = [ options = [ "fmask=0077" "dmask=0077" ];
"fmask=0077" };
"dmask=0077"
];
};
swapDevices = [ ]; swapDevices = [ ];

2
roles/flatpak.nix
View file

@ -4,4 +4,4 @@
environment.profileRelativeSessionVariables.PATH = [ environment.profileRelativeSessionVariables.PATH = [
"$HOME/.local/share/flatpak/exports/bin" "$HOME/.local/share/flatpak/exports/bin"
]; ];
} }