cadey
/
nixos-configs
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

create nixos modules for work virtual machines 

Signed-off-by: Xe <me@christine.website>
This commit is contained in:
Cadey Ratio 2022-12-09 15:26:14 -05:00
parent 7d65ba8628
commit e746c5ab3b
2 changed files with 116 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
common/home-manager/fish/ssh-agent.fish
View File

@ -10,7 +10,9 @@
# Works with Fedora 26 and CentOS 7, for CentOS 6 you'll need a third party
# repo for fish anyway so make sure it's recent enough.
#
if status --is-interactive
mkdir -p ~/.ssh
# Load the SSH environment variables
if test -f ~/.ssh/environment

125
flake.nix
View File

@ -68,8 +68,6 @@
nixpkgs.overlays = [
emacs-overlay.overlay
(self: super: {
nginxStable =
super.nginxStable.override { openssl = super.libressl; };
inherit (akkoma.legacyPackages.${super.system})
akkoma akkoma-frontends;
})
@ -93,16 +91,120 @@
];
};
nixosModules = {
home-manager = import ./common/home-manager;
workVM = ({ pkgs, config, ... }: {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
nixpkgs.overlays = [ emacs-overlay.overlay ];
networking.hostName = "toxapex";
networking.nameservers = [ "100.100.100.100" ];
nix.package = pkgs.nixVersions.stable;
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
security.pam.loginLimits = [{
domain = "*";
type = "soft";
item = "nofile";
value = "unlimited";
}];
services.journald.extraConfig = ''
SystemMaxUse=100M
MaxFileSec=7day
'';
services.resolved = {
enable = true;
dnssec = "false";
};
users.groups.xe = { };
users.users.xe = {
extraGroups = [
"wheel"
"docker"
"audio"
"plugdev"
"libvirtd"
"adbusers"
"dialout"
"within"
];
shell = pkgs.fish;
isNormalUser = true;
group = "xe";
};
boot.binfmt.emulatedSystems = [ "wasm32-wasi" ];
environment.systemPackages = with pkgs; [ mosh flyctl ];
virtualisation.docker.enable = true;
services.tailscale.enable = true;
home-manager.users.xe = { lib, ... }:
let
name = "Xe Iaso";
email = "xe@tailscale.com";
commitTemplate = pkgs.writeTextFile {
name = "xe-commit-template";
text = ''
Signed-off-by: ${name} <${email}>
'';
};
in {
imports = [ ./common/home-manager ];
within = {
emacs.enable = true;
fish.enable = true;
neofetch.enable = true;
vim.enable = true;
tmux.enable = true;
};
services.lorri.enable = true;
services.emacs.enable = lib.mkForce false;
programs.direnv.enable = true;
programs.direnv.nix-direnv.enable = true;
programs.git = {
package = pkgs.gitAndTools.gitFull;
enable = true;
userName = name;
userEmail = email;
ignores = [ "*~" "*.swp" "*.#" ];
delta.enable = true;
extraConfig = {
commit.template = "${commitTemplate}";
core.editor = "vim";
color.ui = "auto";
credential.helper = "store --file ~/.git-credentials";
format.signoff = true;
init.defaultBranch = "main";
protocol.keybase.allow = "always";
pull.rebase = "true";
push.default = "current";
};
};
};
});
};
nixosConfigurations = {
toxapex = let
pkgs = nixpkgs.legacyPackages."aarch64-linux"; in nixpkgs.lib.nixosSystem rec {
toxapex = let pkgs = nixpkgs.legacyPackages."aarch64-linux";
in nixpkgs.lib.nixosSystem rec {
system = "aarch64-linux";
modules = [
home-manager.nixosModules.home-manager
({ ... } :{
imports = [./hosts/toxapex];
})
({ ... }: { imports = [ ./hosts/toxapex ]; })
({ config, ... }: {
home-manager.useGlobalPkgs = true;
@ -119,6 +221,7 @@
experimental-features = nix-command flakes
'';
users.groups.xe = { };
users.users.xe = {
extraGroups = [
"wheel"
@ -190,14 +293,14 @@
};
# work VM
froslass = let
pkgs = nixpkgs.legacyPackages."aarch64-linux"; in nixpkgs.lib.nixosSystem rec {
froslass = let pkgs = nixpkgs.legacyPackages."aarch64-linux";
in nixpkgs.lib.nixosSystem rec {
system = "aarch64-linux";
modules = [
home-manager.nixosModules.home-manager
({ ... } :{
imports = [./hosts/froslass ./hardware/macos-rosetta];
({ ... }: {
imports = [ ./hosts/froslass ./hardware/macos-rosetta ];
fileSystems."/host" = {
device = "share";
fsType = "virtiofs";