all repos — dotfiles @ 384af0ed90faf144a1d594cb1dc4f0196faf441a

my *nix dotfiles 

nix/iso: add host
Anirudh Oppiliappan x@icyphox.sh
Tue, 09 Jul 2024 08:57:58 +0300
commit

384af0ed90faf144a1d594cb1dc4f0196faf441a

parent

d50e42615b05e5b3d1263b257bee841e2043c822

4 files changed, 173 insertions(+), 0 deletions(-)

jump to
M flake.nixflake.nix 
@@ -152,5 +152,18 @@ }
           ];
         };
       };
+
+      nixosConfigurations = {
+        iso = nixpkgs.lib.nixosSystem {
+          system = "x86_64-linux";
+          modules = [
+            ({ config = { nix.registry.nixpkgs.flake = nixpkgs; }; })
+            {
+              imports = [ ./hosts/iso/configuration.nix ];
+              _module.args.self = self;
+            }
+          ];
+        };
+      };
     };
 }
M home.nixhome.nix 
@@ -52,6 +52,7 @@ dconf
     chromium
     evolution
     nix-your-shell
+    pass
 
     gnome3.gnome-tweaks
     gnome3.gnome-shell-extensions
A hosts/iso/configuration.nix 
@@ -0,0 +1,116 @@ 
+{ config, pkgs, lib, ... }:
+
+{
+  imports =
+    [
+      ./hardware-configuration.nix
+      ../ssh.nix
+    ];
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "iso";
+  networking.networkmanager.enable = true;
+
+  time.timeZone = "Europe/Helsinki";
+
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "en_US.UTF-8";
+    LC_IDENTIFICATION = "en_US.UTF-8";
+    LC_MEASUREMENT = "en_US.UTF-8";
+    LC_MONETARY = "en_US.UTF-8";
+    LC_NAME = "en_US.UTF-8";
+    LC_NUMERIC = "en_US.UTF-8";
+    LC_PAPER = "en_US.UTF-8";
+    LC_TELEPHONE = "en_US.UTF-8";
+    LC_TIME = "en_US.UTF-8";
+  };
+
+  sound.enable = true;
+  hardware.pulseaudio.enable = true;
+  hardware.opengl = {
+    enable = true;
+    extraPackages = with pkgs; [
+      intel-media-driver
+      vaapiIntel
+      vaapiVdpau
+      libvdpau-va-gl
+      intel-compute-runtime
+    ];
+  };
+
+  security = {
+    doas.enable = true;
+    sudo.enable = true;
+    doas.extraConfig = ''
+      permit nopass :wheel
+    '';
+    doas.extraRules = [{
+      users = [ "icy" ];
+    }];
+  };
+
+  users.users.icy = {
+    isNormalUser = true;
+    description = "icy";
+    extraGroups = [ "networkmanager" "wheel" "docker" ];
+    packages = with pkgs; [ ];
+  };
+
+  users.users.git = {
+    isNormalUser = true;
+    description = "git";
+    extraGroups = [ "networkmanager" "wheel" ];
+    homeMode = "755";
+    packages = with pkgs; [ ];
+  };
+
+
+  nixpkgs.config.allowUnfree = true;
+  environment.systemPackages = with pkgs; [
+    vim
+    wget
+    git
+  ];
+
+  services = {
+    openssh.enable = true;
+    tailscale.enable = true;
+    # nix-snapshotter.enable = true;
+  };
+
+  # services.k3s = let address = "100.77.4.74"; in {
+  #   enable = true;
+  #   role = "agent";
+  #   extraFlags = "--node-ip=${address} --node-external-ip=${address} --flannel-iface=tailscale0";
+  #   serverAddr = "https://sini:6443";
+  #   tokenFile = "/var/lib/rancher/k3s/token";
+  # };
+
+  services.openiscsi = {
+    enable = true;
+    name = config.networking.hostName;
+  };
+
+  environment.etc = {
+    "rancher/k3s/registries.yaml" = {
+      text = ''
+        mirrors:
+          sini:5000:
+            endpoint:
+              - "http://sini:5000"
+      '';
+    };
+  };
+
+  systemd.tmpfiles.rules = [
+    "L+ /usr/local/bin - - - - /run/current-system/sw/bin/"
+  ];
+
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+  system.stateVersion = "24.05";
+}
+
A hosts/iso/hardware-configuration.nix 
@@ -0,0 +1,43 @@ 
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [
+      (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    {
+      device = "/dev/disk/by-uuid/355bf4cf-648a-4c43-8741-ac1804e2d31a";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    {
+      device = "/dev/disk/by-uuid/4E8B-13EC";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices =
+    [{ device = "/dev/disk/by-uuid/c056b71a-e6eb-49ca-a137-3a24d9e299d9"; }];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
+