diff --git a/Makefile b/Makefile index e286cd2..1cce182 100644 --- a/Makefile +++ b/Makefile @@ -10,6 +10,9 @@ all: switch: _switch_${HOST} +apply: + colmena apply + _switch_: @echo "ERROR: couldn't find hostname" @false diff --git a/flake.lock b/flake.lock index 44be1ae..3d2c7c0 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,58 @@ { "nodes": { + "colmena": { + "inputs": { + "flake-compat": "flake-compat", + "flake-utils": "flake-utils", + "nix-github-actions": "nix-github-actions", + "nixpkgs": "nixpkgs", + "stable": "stable" + }, + "locked": { + "lastModified": 1746816769, + "narHash": "sha256-ymQzXrfHVT8/RJiGbfrNjEeuzXQan46lUJdxEhgivdM=", + "owner": "zhaofengli", + "repo": "colmena", + "rev": "df694ee23be7ed7b2d8b42c245a640f0724eb06c", + "type": "github" + }, + "original": { + "owner": "zhaofengli", + "repo": "colmena", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1650374568, + "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "b4a34015c698c7793d592d66adbab377907a2be8", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-utils": { + "locked": { + "lastModified": 1659877975, + "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -7,11 +60,11 @@ ] }, "locked": { - "lastModified": 1747021744, - "narHash": "sha256-IDsM/9/tHQBlhG3tXI2fTM84AUN1uRa7JDPT1LMlGes=", + "lastModified": 1747155932, + "narHash": "sha256-NnPzzXEqfYjfrimLzK0JOBItfdEJdP/i6SNTuunCGgw=", "owner": "nix-community", "repo": "home-manager", - "rev": "fb061f555f821fe4fb49f8f6f2a0cc3d5728bd52", + "rev": "8d832ddfda9facf538f3dda9b6985fb0234f151c", "type": "github" }, "original": { @@ -20,13 +73,34 @@ "type": "github" } }, + "nix-github-actions": { + "inputs": { + "nixpkgs": [ + "colmena", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1729742964, + "narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=", + "owner": "nix-community", + "repo": "nix-github-actions", + "rev": "e04df33f62cdcf93d73e9a04142464753a16db67", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-github-actions", + "type": "github" + } + }, "nixos-hardware": { "locked": { - "lastModified": 1746814339, - "narHash": "sha256-hf2lICJzwACWuzHCmZn5NI6LUAOgGdR1yh8ip+duyhk=", + "lastModified": 1747129300, + "narHash": "sha256-L3clA5YGeYCF47ghsI7Tcex+DnaaN/BbQ4dR2wzoiKg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "3c5e12673265dfb0de3d9121420c0c2153bf21e0", + "rev": "e81fd167b33121269149c57806599045fd33eeed", "type": "github" }, "original": { @@ -52,11 +126,44 @@ "type": "github" } }, + "nixpkgs_2": { + "locked": { + "lastModified": 1746904237, + "narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "root": { "inputs": { + "colmena": "colmena", "home-manager": "home-manager", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs" + "nixpkgs": "nixpkgs_2" + } + }, + "stable": { + "locked": { + "lastModified": 1746557022, + "narHash": "sha256-QkNoyEf6TbaTW5UZYX0OkwIJ/ZMeKSSoOMnSDPQuol0=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "1d3aeb5a193b9ff13f63f4d9cc169fb88129f860", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" } } }, diff --git a/flake.nix b/flake.nix index 6c43d0b..508729b 100644 --- a/flake.nix +++ b/flake.nix @@ -2,6 +2,7 @@ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; + colmena.url = "github:zhaofengli/colmena"; home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; @@ -13,26 +14,52 @@ self, nixpkgs, nixos-hardware, + colmena, home-manager, }@inputs: let lib = nixpkgs.lib; lib' = import ./lib.nix { inherit lib; }; mod = lib'.walk-dir ./mod; - specialArgs = { inherit inputs mod lib'; }; + specialArgs = { inherit inputs lib' mod; }; in { nixosConfigurations = { "solo" = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; inherit specialArgs; - modules = [ ./host/solo ]; + modules = [ + ./host/solo + mod.shared.pc + ]; }; "c2" = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; inherit specialArgs; - modules = [ ./host/c2 ]; + modules = [ + ./host/c2 + mod.shared.pc + ]; + }; + }; + + colmenaHive = colmena.lib.makeHive { + meta = { + nixpkgs = import nixpkgs { + system = "x86_64-linux"; + }; + inherit specialArgs; + }; + "roam" = { + deployment = { + targetHost = "185.163.117.158"; + buildOnTarget = true; + }; + imports = [ + ./host/roam + mod.shared.all + ]; }; }; diff --git a/host/c2/default.nix b/host/c2/default.nix index faad6d7..3bcebf1 100644 --- a/host/c2/default.nix +++ b/host/c2/default.nix @@ -1,18 +1,13 @@ -{ mod, inputs, ... }: +{ inputs, ... }: { networking.hostName = "c2"; - imports = - with mod; - [ - collections.pc - ./hardware-configuration.nix - ] - ++ (with inputs.nixos-hardware.nixosModules; [ - common-cpu-intel - common-pc-laptop - common-pc-laptop-ssd - ]); + imports = with inputs.nixos-hardware.nixosModules; [ + ./hardware-configuration.nix + common-cpu-intel + common-pc-laptop + common-pc-laptop-ssd + ]; boot.loader.efi.efiSysMountPoint = "/boot/efi"; diff --git a/host/roam/default.nix b/host/roam/default.nix new file mode 100644 index 0000000..f7e8153 --- /dev/null +++ b/host/roam/default.nix @@ -0,0 +1,18 @@ +{ + config, + lib, + pkgs, + ... +}: +{ + networking.hostName = "roam"; + + imports = [ + ./hardware-configuration.nix + ]; + + services.openssh.enable = true; + + # ====== DON'T CHANGE ====== + system.stateVersion = "24.11"; +} diff --git a/host/roam/hardware-configuration.nix b/host/roam/hardware-configuration.nix new file mode 100644 index 0000000..8e4ebad --- /dev/null +++ b/host/roam/hardware-configuration.nix @@ -0,0 +1,77 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "virtio_pci" + "sr_mod" + "virtio_blk" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/0d5c4e16-b584-4fa2-989a-17e5264886b0"; + fsType = "btrfs"; + options = [ + "subvol=root" + "compress=zstd:1" + "noatime" + ]; + }; + + fileSystems."/home" = { + device = "/dev/disk/by-uuid/0d5c4e16-b584-4fa2-989a-17e5264886b0"; + fsType = "btrfs"; + options = [ + "subvol=home" + "compress=zstd:1" + "noatime" + ]; + }; + + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/0d5c4e16-b584-4fa2-989a-17e5264886b0"; + fsType = "btrfs"; + options = [ + "subvol=nix" + "compress=zstd:1" + "noatime" + ]; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/332B-8C27"; + fsType = "vfat"; + options = [ + "fmask=0022" + "dmask=0022" + ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.ens3.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/host/solo/default.nix b/host/solo/default.nix index 1788bc9..e29bf18 100644 --- a/host/solo/default.nix +++ b/host/solo/default.nix @@ -2,18 +2,16 @@ { networking.hostName = "solo"; - services.xserver.enable = true; - imports = with mod; [ - collections.pc software.keyboard - software.games nvidia-gpu ./hardware-configuration.nix ]; - powerManagement.enable = true; - powerManagement.cpuFreqGovernor = "performance"; + powerManagement = { + enable = true; + cpuFreqGovernor = "performance"; + }; # ====== DON'T CHANGE ====== system.stateVersion = "25.05"; diff --git a/lib.nix b/lib.nix index 22da83d..25b012d 100644 --- a/lib.nix +++ b/lib.nix @@ -9,7 +9,7 @@ rec { name = lib.removeSuffix ".nix" name; value = if value == "regular" then - import (path + "/${name}") + builtins.toPath (path + "/${name}") else if value == "directory" then walk-dir (path + "/${name}") else diff --git a/mod/collections/pc.nix b/mod/collections/pc.nix deleted file mode 100644 index d626739..0000000 --- a/mod/collections/pc.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ mod, ... }: -{ - imports = with mod; [ - audio - boot - fonts - gpg - locale - network - nix-configuration - security - services - software.development - software.editors - software.programs - software.shell - software.window-manager - users - ]; -} diff --git a/mod/home-manager.nix b/mod/home-manager.nix new file mode 100644 index 0000000..2e6102e --- /dev/null +++ b/mod/home-manager.nix @@ -0,0 +1,25 @@ +{ + inputs, + lib, + options, + config, + ... +}: +{ + imports = [ + inputs.home-manager.nixosModules.home-manager + ]; + + config = { + home.home.stateVersion = config.system.stateVersion; + home-manager.users."hd" = lib.mkAliasDefinitions options.home; + }; + + options = { + home = lib.mkOption { + type = lib.types.attrs; + default = { }; + }; + }; + +} diff --git a/mod/nix-configuration.nix b/mod/nix-configuration.nix index bfb8a50..0638c98 100644 --- a/mod/nix-configuration.nix +++ b/mod/nix-configuration.nix @@ -13,42 +13,10 @@ ]; trusted-users = [ "root" - "@wheel" ]; auto-optimise-store = true; }; - programs.nix-ld.enable = true; - nixpkgs.config.allowUnfree = false; - nixpkgs.config.allowUnfreePredicate = - pkg: - builtins.elem (lib.getName pkg) [ - "nvidia-x11" - "nvidia-settings" - "vscode" - "obsidian" - "steam" - "steam-unwrapped" - "gateway" # jetbrains - "spotify" - "rust-rover" - ]; - - home.home.stateVersion = config.system.stateVersion; # is this safe? - }; - - imports = [ - inputs.home-manager.nixosModules.home-manager - ]; - - # I don't think this will ever be multi user, - # no need to seperate home-manager. `home` is used - # in users.nix, I should prbably refactor... - options = { - home = lib.mkOption { - type = lib.types.attrs; - default = { }; - }; }; } diff --git a/mod/shared/all.nix b/mod/shared/all.nix new file mode 100644 index 0000000..8571a8b --- /dev/null +++ b/mod/shared/all.nix @@ -0,0 +1,10 @@ +{ mod, ... }: +{ + imports = with mod; [ + boot + locale + nix-configuration + shell + users + ]; +} diff --git a/mod/shared/pc.nix b/mod/shared/pc.nix new file mode 100644 index 0000000..119ece8 --- /dev/null +++ b/mod/shared/pc.nix @@ -0,0 +1,36 @@ +{ mod, lib, ... }: +{ + imports = with mod; [ + shared.all + + audio + fonts + gpg + home-manager + network + nix-configuration + security + services + software.development + software.editors + software.programs + software.window-manager + ]; + + nixpkgs.config.allowUnfreePredicate = + pkg: + builtins.elem (lib.getName pkg) [ + "nvidia-x11" + "nvidia-settings" + "vscode" + "obsidian" + "steam" + "steam-unwrapped" + "gateway" # jetbrains + "spotify" + "rust-rover" + ]; + + programs.nix-ld.enable = true; + +} diff --git a/mod/software/shell.nix b/mod/shell.nix similarity index 89% rename from mod/software/shell.nix rename to mod/shell.nix index 00ff1bd..5d5ab8e 100644 --- a/mod/software/shell.nix +++ b/mod/shell.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ pkgs, inputs, ... }: { environment.shells = with pkgs; [ bashInteractive @@ -18,6 +18,7 @@ unzip wget wl-clipboard + inputs.colmena.packages."x86_64-linux".colmena # todo use overlay ]; programs = { diff --git a/mod/software/games.nix b/mod/software/games.nix deleted file mode 100644 index 8651eac..0000000 --- a/mod/software/games.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ pkgs, ... }: -{ - environment.systemPackages = with pkgs; [ - runelite - ]; - programs.steam.enable = true; -} diff --git a/mod/users.nix b/mod/users.nix index 976a281..cdc84f5 100644 --- a/mod/users.nix +++ b/mod/users.nix @@ -5,19 +5,26 @@ ... }: { - users.users."hd" = { - description = "Henri"; - isNormalUser = true; - createHome = true; - home = "/home/hd"; - extraGroups = [ - "networkmanager" - "wheel" - ]; - shell = pkgs.fish; - packages = [ ]; + users = { + mutableUsers = false; + users."hd" = { + description = "Henri"; + isNormalUser = true; + createHome = true; + home = "/home/hd"; + extraGroups = [ "wheel" ]; + shell = pkgs.fish; + packages = [ ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEG+dd4m98aKEWfFa/7VZUlJNX0axvIlHVihT8w7RLyY hd@solo" + ]; + hashedPassword = "$y$j9T$L7VT26HQSBsX.nq5hKrZw0$6k43wNsKIO.SI.fqE1opaDuNobmFQrGXE1nzFB5wYg3"; + }; + users.root = { + hashedPassword = "!"; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEG+dd4m98aKEWfFa/7VZUlJNX0axvIlHVihT8w7RLyY hd@solo" + ]; + }; }; - home-manager.users."hd" = lib.mkAliasDefinitions options.home; - - users.users.root.hashedPassword = "!"; }