mynix/system
1
1
Fork 0
Code Issues 2 Pull requests Activity

Compare commits

base: mynix:a4d425a8c9c273519eb69c6cd719b5a41221e03e
Branches Tags
mynix:main
mynix:calendar
..
compare: mynix:8559edc5140b26589956a453b11efb18130c1b0e
Branches Tags
mynix:main
mynix:calendar

No commits in common. "a4d425a8c9c273519eb69c6cd719b5a41221e03e" and "8559edc5140b26589956a453b11efb18130c1b0e" have entirely different histories.
a4d425a8c9 ... 8559edc514

7 changed files with 85 additions and 138 deletions
Show stats Expand all files Collapse all files

22
Makefile
View file

@ -1,15 +1,17 @@
NIX_RUN := nix run .\# NIX_RUN := nix run .\#
NIX_LOCK := nix flake lock NIX_LOCK := nix flake lock
DEPS_EDITOR := \ DEPS_MY := \
nixeovim nixeovim
DEPS_SYSTEM := \ DEPS_NIXOS := \
nixpkgs \ nixpkgs \
nixpkgs-unstable \ nixpkgs-unstable \
hardware \ hardware \
home-manager \ home-manager \
agenix \ agenix
DEPS_MISC := \
wired \ wired \
nil nil
@ -54,13 +56,17 @@ rollback:
################################################################################ ################################################################################
.PHONY: deps-my .PHONY: deps-my
deps-editor: deps-my:
$(NIX_LOCK) $(foreach dep,$(DEPS_EDITOR),--update-input $(dep)) $(NIX_LOCK) $(foreach dep,$(DEPS_MY),--update-input $(dep))
.PHONY: deps-nixos .PHONY: deps-nixos
deps-system: deps-nixos:
$(NIX_LOCK) $(foreach dep,$(DEPS_SYSTEM),--update-input $(dep)) $(NIX_LOCK) $(foreach dep,$(DEPS_NIXOS),--update-input $(dep))
.PHONY: deps-misc
deps-misc:
$(NIX_LOCK) $(foreach dep,$(DEPS_MISC),--update-input $(dep))
.PHONY: deps .PHONY: deps
deps: deps-editor deps-system ; deps: deps-my deps-nixos deps-misc ;

175
flake.lock
View file

@ -10,11 +10,11 @@
"systems": "systems" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1715290355, "lastModified": 1707830867,
"narHash": "sha256-2T7CHTqBXJJ3ZC6R/4TXTcKoXWHcvubKNj9SfomURnw=", "narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=",
"owner": "ryantm", "owner": "ryantm",
"repo": "agenix", "repo": "agenix",
"rev": "8d37c5bdeade12b6479c85acd133063ab53187a0", "rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -23,6 +23,28 @@
"type": "github" "type": "github"
} }
}, },
"alejandra": {
"inputs": {
"flakeCompat": "flakeCompat",
"nixpkgs": [
"wired",
"nixpkgs"
]
},
"locked": {
"lastModified": 1652974241,
"narHash": "sha256-0AolxQtKj3Oek0WSbODDpPVO5Ih8PXHOA3qXEKPB4dQ=",
"owner": "kamadorueda",
"repo": "alejandra",
"rev": "0be1462419fc73270a5dc0f84f8092603890b029",
"type": "github"
},
"original": {
"owner": "kamadorueda",
"repo": "alejandra",
"type": "github"
}
},
"firefox-addons": { "firefox-addons": {
"inputs": { "inputs": {
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
@ -45,24 +67,6 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1714641030,
"narHash": "sha256-yzcRNDoyVP7+SCNX0wmuDju1NUCt8Dz9+lyUXEI0dbI=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "e5d10a24b66c3ea8f150e47dfdb0416ab7c3390e",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": { "flake-utils": {
"locked": { "locked": {
"lastModified": 1629284811, "lastModified": 1629284811,
@ -111,31 +115,29 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils_4": { "flakeCompat": {
"inputs": { "flake": false,
"systems": "systems_3"
},
"locked": { "locked": {
"lastModified": 1705309234, "lastModified": 1648199409,
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", "narHash": "sha256-JwPKdC2PoVBkG6E+eWw3j6BMR6sL3COpYWfif7RVb8Y=",
"owner": "numtide", "owner": "edolstra",
"repo": "flake-utils", "repo": "flake-compat",
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", "rev": "64a525ee38886ab9028e6f61790de0832aa3ef03",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "numtide", "owner": "edolstra",
"repo": "flake-utils", "repo": "flake-compat",
"type": "github" "type": "github"
} }
}, },
"hardware": { "hardware": {
"locked": { "locked": {
"lastModified": 1716173274, "lastModified": 1711352745,
"narHash": "sha256-FC21Bn4m6ctajMjiUof30awPBH/7WjD0M5yqrWepZbY=", "narHash": "sha256-luvqik+i3HTvCbXQZgB6uggvEcxI9uae0nmrgtXJ17U=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "d9e0b26202fd500cf3e79f73653cce7f7d541191", "rev": "9a763a7acc4cfbb8603bb0231fec3eda864f81c0",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -194,11 +196,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1715381426, "lastModified": 1712386041,
"narHash": "sha256-wPuqrAQGdv3ISs74nJfGb+Yprm23U/rFpcHFFNWgM94=", "narHash": "sha256-dA82pOMQNnCJMAsPG7AXG35VmCSMZsJHTFlTHizpKWQ=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "ab5542e9dbd13d0100f8baae2bc2d68af901f4b4", "rev": "d6bb9f934f2870e5cbc5b94c79e9db22246141ff",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -240,11 +242,11 @@
"rust-overlay": "rust-overlay_2" "rust-overlay": "rust-overlay_2"
}, },
"locked": { "locked": {
"lastModified": 1714571717, "lastModified": 1694177726,
"narHash": "sha256-o4tqlTzi9kcVub167kTGXgCac9jM3kW4+v9MH/ue4Hk=", "narHash": "sha256-eaYATUkElEbXGcehShhYfcGhrjfTMQEmJqxvO+/5ciw=",
"owner": "oxalica", "owner": "oxalica",
"repo": "nil", "repo": "nil",
"rev": "2f3ed6348bbf1440fcd1ab0411271497a0fbbfa4", "rev": "4775e34c30f6101a9bb4364a0c7e4aae4ae43f11",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -308,25 +310,13 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-lib": {
"locked": {
"lastModified": 1714640452,
"narHash": "sha256-QBx10+k6JWz6u7VsohfSw8g8hjdBZEf8CFzXH1/1Z94=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/50eb7ecf4cd0a5756d7275c8ba36790e5bd53e33.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/50eb7ecf4cd0a5756d7275c8ba36790e5bd53e33.tar.gz"
}
},
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1716128955, "lastModified": 1713714268,
"narHash": "sha256-3DNg/PV+X2V7yn8b/fUR2ppakw7D9N4sjVBGk6nDwII=", "narHash": "sha256-ZJGnom7YthvNxUZLdUzy5VePTwYgDYcnnPpyHT4n9lY=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "f9256de8281f2ccd04985ac5c30d8f69aefadbe8", "rev": "69ee1d82f1fa4c70a3dc9a64111e7eef3b8e4527",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -338,11 +328,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1716061101, "lastModified": 1711460390,
"narHash": "sha256-H0eCta7ahEgloGIwE/ihkyGstOGu+kQwAiHvwVoXaA0=", "narHash": "sha256-akSgjDZL6pVHEfSE6sz1DNSXuYX6hq+P/1Z5IoYWs7E=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "e7cc61784ddf51c81487637b3031a6dd2d6673a2", "rev": "44733514b72e732bd49f5511bd0203dea9b9a434",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -352,22 +342,6 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_3": {
"locked": {
"lastModified": 1706487304,
"narHash": "sha256-LE8lVX28MV2jWJsidW13D2qrHU/RUUONendL2Q/WlJg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "90f456026d284c22b3e3497be980b2e47d0b28ac",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"agenix": "agenix", "agenix": "agenix",
@ -418,30 +392,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1714529851, "lastModified": 1688783586,
"narHash": "sha256-YMKJW880f7LHXVRzu93xa6Ek+QLECIu0IRQbXbzZe38=", "narHash": "sha256-HHaM2hk2azslv1kH8zmQxXo2e7i5cKgzNIuK4yftzB0=",
"owner": "oxalica", "owner": "oxalica",
"repo": "rust-overlay", "repo": "rust-overlay",
"rev": "9ca720fdcf7865385ae3b93ecdf65f1a64cb475e", "rev": "7a29283cc242c2486fc67f60b431ef708046d176",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"rust-overlay_3": {
"inputs": {
"flake-utils": "flake-utils_4",
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1715393623,
"narHash": "sha256-nSUFcUqyTQQ/aYFIB05mpCzytcKvfKMy3ZQAe0fP26A=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "8eb8671512cb0c72c748058506e50c54fb5d8e2b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -480,35 +435,35 @@
"type": "github" "type": "github"
} }
}, },
"systems_3": { "utils": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1652776076,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", "narHash": "sha256-gzTw/v1vj4dOVbpBSJX4J0DwUR6LIyXo7/SuuTJp1kM=",
"owner": "nix-systems", "owner": "numtide",
"repo": "default", "repo": "flake-utils",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "rev": "04c1b180862888302ddfb2e3ad9eaa63afc60cf8",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-systems", "owner": "numtide",
"repo": "default", "repo": "flake-utils",
"type": "github" "type": "github"
} }
}, },
"wired": { "wired": {
"inputs": { "inputs": {
"flake-parts": "flake-parts", "alejandra": "alejandra",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"rust-overlay": "rust-overlay_3" "utils": "utils"
}, },
"locked": { "locked": {
"lastModified": 1715552757, "lastModified": 1671338321,
"narHash": "sha256-ZOgCSIcdvG8+RcZCXSAEmb/LZ2Ap9wU4nvbxNDA+QN0=", "narHash": "sha256-Nm/DarDGFYP+ocPcoEYh4guKXH+jndREtMl0VKMSYF8=",
"owner": "Toqozz", "owner": "Toqozz",
"repo": "wired-notify", "repo": "wired-notify",
"rev": "18b44306b2636fc7f238a9d946c7b8aac217122d", "rev": "f4300acba8180f8fc6babc1a118f9b3753a2b052",
"type": "github" "type": "github"
}, },
"original": { "original": {

5
flake.nix
View file

@ -53,12 +53,14 @@
(system: (system:
let let
pkgs = import nixpkgs { inherit system; }; pkgs = import nixpkgs { inherit system; };
inherit (pkgs) lib nixos-rebuild; inherit (pkgs) lib;
nixeovimPackage = config: nixeovim.lib.mkNixeovimPackage { inherit system config; }; nixeovimPackage = config: nixeovim.lib.mkNixeovimPackage { inherit system config; };
nixos-rebuild = pkgs.nixos-rebuild.override { nix = pkgs.nixVersions.stable; };
localMachines = lib.filterAttrs (h: m: m.config.deployment.targetHost == null) self.nixosConfigurations; localMachines = lib.filterAttrs (h: m: m.config.deployment.targetHost == null) self.nixosConfigurations;
vpsMachines = lib.filterAttrs (h: m: m.config.deployment.targetHost != null) self.nixosConfigurations; vpsMachines = lib.filterAttrs (h: m: m.config.deployment.targetHost != null) self.nixosConfigurations;
in in
{ {
packages = { packages = {
@ -79,7 +81,6 @@
switch = lib.recurseIntoAttrs (lib.mapAttrs switch = lib.recurseIntoAttrs (lib.mapAttrs
(hostname: machine: pkgs.writeShellScript "switch/${hostname}" '' (hostname: machine: pkgs.writeShellScript "switch/${hostname}" ''
set -e
${nixos-rebuild}/bin/nixos-rebuild switch --flake .#${hostname} $@ ${nixos-rebuild}/bin/nixos-rebuild switch --flake .#${hostname} $@
${lib.optionalString machine.config.hardware.pulseaudio.systemWide '' ${lib.optionalString machine.config.hardware.pulseaudio.systemWide ''
systemctl restart pulseaudio.service systemctl restart pulseaudio.service

2
hosts/home/configuration.nix
View file

@ -7,8 +7,6 @@
./users ./users
]; ];
local.yubikey.enable = true;
################################################################################ ################################################################################
# Programs # Programs
################################################################################ ################################################################################

9
hosts/tatos/services/wireguard/default.nix
View file

@ -72,21 +72,16 @@ in
publicKey = "mzVH0N3q7UE/XjMwgRks+D8KFuIj91VkOK2ytgjsnkw="; publicKey = "mzVH0N3q7UE/XjMwgRks+D8KFuIj91VkOK2ytgjsnkw=";
allowedIPs = [ "10.20.30.4/32" ]; allowedIPs = [ "10.20.30.4/32" ];
} }
# Phone 1 j # Phone 1
{ {
publicKey = "bwKSB61krDPZV9JVw2ChPCImxqjJHQ2vXvWjbqPy/2o="; publicKey = "bwKSB61krDPZV9JVw2ChPCImxqjJHQ2vXvWjbqPy/2o=";
allowedIPs = [ "10.20.30.5/32" ]; allowedIPs = [ "10.20.30.5/32" ];
} }
# Phone 2 m # Phone 2
{ {
publicKey = "0+ejwId5JcTeMvoz+I/ACpmpUFjD7rl9wqz8H/OAHEw="; publicKey = "0+ejwId5JcTeMvoz+I/ACpmpUFjD7rl9wqz8H/OAHEw=";
allowedIPs = [ "10.20.30.6/32" ]; allowedIPs = [ "10.20.30.6/32" ];
} }
# Phone 3 n
{
publicKey = "IUw38F1ik2y2XoPh3Nd1VVxHz9nfKDfNKyzBaEi0rjc=";
allowedIPs = [ "10.20.30.7/32" ];
}
]; ];
}; };
}; };

8
notes/yubikey.md
View file

@ -1,8 +0,0 @@
# Yubikey
configure pam u2f
```bash
mkdir -p ~/.config/Yubico
nix shell nixpkgs#pam_u2f --command pamu2fcfg > ~/.config/Yubico/u2f_keys
```

2
users/jan/default.nix
View file

@ -2,7 +2,7 @@
{ {
nixpkgs.overlays = lib.mkAfter [ nixpkgs.overlays = lib.mkAfter [
inputs.nil.overlays.nil inputs.nil.overlays.default
inputs.wired.overlays.default inputs.wired.overlays.default
]; ];