improvements
This commit is contained in:
parent
91def25bca
commit
be09397818
GPG key ID:
AB79213B044674AE
6 changed files with 70 additions and 54 deletions
33
README.md
33
README.md
|
|
@ -1 +1,32 @@
|
||||||
# My NixOS Configuration
|
# Nix Configurations
|
||||||
|
|
||||||
|
Repository structure:
|
||||||
|
|
||||||
|
- **host/**
|
||||||
|
One subdirectory per NixOS host, each containing its host-specific configuration.
|
||||||
|
|
||||||
|
- **mod/**
|
||||||
|
NixOS modules.
|
||||||
|
- **mod/common/**: Modules enabled by default on all hosts.
|
||||||
|
- **mod/desktop/**: Modules enabled on desktop hosts (i.e. hosts with `hd.desktop.enable = true`).
|
||||||
|
|
||||||
|
- **home/**
|
||||||
|
Home Manager modules. Home Manager is integrated into the system configuration via the `home` option defined in `mod/desktop/default.nix`.
|
||||||
|
|
||||||
|
- **bin/**
|
||||||
|
Helper scripts for generating parts of the configuration.
|
||||||
|
|
||||||
|
- **dotfiles/**
|
||||||
|
Raw configuration files deployed using Home Manager.
|
||||||
|
|
||||||
|
- **devshells/**
|
||||||
|
Nix development shells.
|
||||||
|
|
||||||
|
- **pki/**
|
||||||
|
Certificates used by the configuration.
|
||||||
|
|
||||||
|
- **secrets/**
|
||||||
|
Age-encrypted secrets managed and deployed via agenix.
|
||||||
|
|
||||||
|
- **var/**
|
||||||
|
Shared constants and values used across the configuration.
|
||||||
|
|
|
||||||
59
flake.nix
59
flake.nix
|
|
@ -62,53 +62,27 @@
|
||||||
;
|
;
|
||||||
secrets = lib'.walk-dir ./secrets;
|
secrets = lib'.walk-dir ./secrets;
|
||||||
};
|
};
|
||||||
overlays = _: {
|
|
||||||
nixpkgs.overlays = [
|
mkDesktop =
|
||||||
vscode-extensions.overlays.default
|
host:
|
||||||
colmena.overlay
|
nixpkgs.lib.nixosSystem {
|
||||||
|
system = "x86_64-linux";
|
||||||
|
specialArgs = specialArgs // {
|
||||||
|
inherit host;
|
||||||
|
};
|
||||||
|
modules = [
|
||||||
|
(./host + "/${host}")
|
||||||
|
./home
|
||||||
|
./mod
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
nixosConfigurations = {
|
nixosConfigurations = {
|
||||||
"solo" = nixpkgs.lib.nixosSystem {
|
# if you add a host, make sure to add it to var/default.nix as well
|
||||||
system = "x86_64-linux";
|
"solo" = mkDesktop "solo";
|
||||||
specialArgs = specialArgs // {
|
"c2" = mkDesktop "c2";
|
||||||
host = "solo";
|
"fw" = mkDesktop "fw";
|
||||||
};
|
|
||||||
modules = [
|
|
||||||
./host/solo
|
|
||||||
./home
|
|
||||||
./mod
|
|
||||||
overlays
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
"c2" = nixpkgs.lib.nixosSystem {
|
|
||||||
system = "x86_64-linux";
|
|
||||||
specialArgs = specialArgs // {
|
|
||||||
host = "c2";
|
|
||||||
};
|
|
||||||
modules = [
|
|
||||||
./host/c2
|
|
||||||
./home
|
|
||||||
./mod
|
|
||||||
overlays
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
"fw" = nixpkgs.lib.nixosSystem {
|
|
||||||
system = "x86_64-linux";
|
|
||||||
specialArgs = specialArgs // {
|
|
||||||
host = "fw";
|
|
||||||
};
|
|
||||||
modules = [
|
|
||||||
./host/fw
|
|
||||||
./home
|
|
||||||
./mod
|
|
||||||
overlays
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
colmenaHive = colmena.lib.makeHive {
|
colmenaHive = colmena.lib.makeHive {
|
||||||
|
|
@ -126,7 +100,6 @@
|
||||||
imports = [
|
imports = [
|
||||||
./host/roam
|
./host/roam
|
||||||
./mod
|
./mod
|
||||||
overlays
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -59,6 +59,7 @@ with lib;
|
||||||
inputs.agenix.nixosModules.default
|
inputs.agenix.nixosModules.default
|
||||||
./locale.nix
|
./locale.nix
|
||||||
./nix.nix
|
./nix.nix
|
||||||
|
./overlays.nix
|
||||||
./security.nix
|
./security.nix
|
||||||
./shell.nix
|
./shell.nix
|
||||||
./users.nix
|
./users.nix
|
||||||
|
|
|
||||||
7
mod/common/overlays.nix
Normal file
7
mod/common/overlays.nix
Normal file
|
|
@ -0,0 +1,7 @@
|
||||||
|
{ inputs, ... }:
|
||||||
|
{
|
||||||
|
nixpkgs.overlays = with inputs; [
|
||||||
|
vscode-extensions.overlays.default
|
||||||
|
colmena.overlay
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
@ -13,7 +13,7 @@ let
|
||||||
is-server = this == "roam";
|
is-server = this == "roam";
|
||||||
|
|
||||||
devices = lib.attrNames var.syncthing.all;
|
devices = lib.attrNames var.syncthing.all;
|
||||||
desktop-devices = (lib.intersectLists var.desktops devices);
|
desktop-devices = (lib.intersectLists var.nixos-desktops devices);
|
||||||
|
|
||||||
folders = folders-all // (if config.hd.desktop.enable then folders-desktop else { });
|
folders = folders-all // (if config.hd.desktop.enable then folders-desktop else { });
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -8,19 +8,23 @@ let
|
||||||
var = outputs;
|
var = outputs;
|
||||||
};
|
};
|
||||||
load-var = x: import x inputs';
|
load-var = x: import x inputs';
|
||||||
|
|
||||||
# watch out for cycles
|
# watch out for cycles
|
||||||
outputs = rec {
|
outputs = rec {
|
||||||
"lan-dns" = load-var ./lan-dns.nix;
|
# We list the hosts here manually instead of getting them from the flake.
|
||||||
"ssh-keys" = load-var ./ssh-keys.nix;
|
# This way, var can be used standalone
|
||||||
"wg" = load-var ./wg.nix;
|
nixos-desktops = [
|
||||||
"syncthing" = load-var ./syncthing.nix;
|
|
||||||
desktops = [
|
|
||||||
"c2"
|
"c2"
|
||||||
"fw"
|
"fw"
|
||||||
"solo"
|
"solo"
|
||||||
];
|
];
|
||||||
servers = [ "roam" ];
|
nixos-servers = [ "roam" ];
|
||||||
clients = desktops ++ servers;
|
nixos-hosts = nixos-desktops ++ nixos-servers;
|
||||||
|
|
||||||
|
"lan-dns" = load-var ./lan-dns.nix;
|
||||||
|
"ssh-keys" = load-var ./ssh-keys.nix;
|
||||||
|
"wg" = load-var ./wg.nix;
|
||||||
|
"syncthing" = load-var ./syncthing.nix;
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
outputs
|
outputs
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue