create nixos modules for work virtual machines
Signed-off-by: Xe <me@christine.website>
This commit is contained in:
parent
7d65ba8628
commit
e746c5ab3b
|
@ -10,7 +10,9 @@
|
|||
# Works with Fedora 26 and CentOS 7, for CentOS 6 you'll need a third party
|
||||
# repo for fish anyway so make sure it's recent enough.
|
||||
#
|
||||
|
||||
if status --is-interactive
|
||||
mkdir -p ~/.ssh
|
||||
|
||||
# Load the SSH environment variables
|
||||
if test -f ~/.ssh/environment
|
||||
|
|
125
flake.nix
125
flake.nix
|
@ -68,8 +68,6 @@
|
|||
nixpkgs.overlays = [
|
||||
emacs-overlay.overlay
|
||||
(self: super: {
|
||||
nginxStable =
|
||||
super.nginxStable.override { openssl = super.libressl; };
|
||||
inherit (akkoma.legacyPackages.${super.system})
|
||||
akkoma akkoma-frontends;
|
||||
})
|
||||
|
@ -93,16 +91,120 @@
|
|||
];
|
||||
};
|
||||
|
||||
nixosModules = {
|
||||
home-manager = import ./common/home-manager;
|
||||
workVM = ({ pkgs, config, ... }: {
|
||||
home-manager.useGlobalPkgs = true;
|
||||
home-manager.useUserPackages = true;
|
||||
|
||||
nixpkgs.overlays = [ emacs-overlay.overlay ];
|
||||
|
||||
networking.hostName = "toxapex";
|
||||
networking.nameservers = [ "100.100.100.100" ];
|
||||
|
||||
nix.package = pkgs.nixVersions.stable;
|
||||
nix.extraOptions = ''
|
||||
experimental-features = nix-command flakes
|
||||
'';
|
||||
|
||||
security.pam.loginLimits = [{
|
||||
domain = "*";
|
||||
type = "soft";
|
||||
item = "nofile";
|
||||
value = "unlimited";
|
||||
}];
|
||||
|
||||
services.journald.extraConfig = ''
|
||||
SystemMaxUse=100M
|
||||
MaxFileSec=7day
|
||||
'';
|
||||
|
||||
services.resolved = {
|
||||
enable = true;
|
||||
dnssec = "false";
|
||||
};
|
||||
|
||||
users.groups.xe = { };
|
||||
users.users.xe = {
|
||||
extraGroups = [
|
||||
"wheel"
|
||||
"docker"
|
||||
"audio"
|
||||
"plugdev"
|
||||
"libvirtd"
|
||||
"adbusers"
|
||||
"dialout"
|
||||
"within"
|
||||
];
|
||||
shell = pkgs.fish;
|
||||
isNormalUser = true;
|
||||
group = "xe";
|
||||
};
|
||||
|
||||
boot.binfmt.emulatedSystems = [ "wasm32-wasi" ];
|
||||
|
||||
environment.systemPackages = with pkgs; [ mosh flyctl ];
|
||||
virtualisation.docker.enable = true;
|
||||
|
||||
services.tailscale.enable = true;
|
||||
|
||||
home-manager.users.xe = { lib, ... }:
|
||||
let
|
||||
name = "Xe Iaso";
|
||||
email = "xe@tailscale.com";
|
||||
commitTemplate = pkgs.writeTextFile {
|
||||
name = "xe-commit-template";
|
||||
text = ''
|
||||
Signed-off-by: ${name} <${email}>
|
||||
'';
|
||||
};
|
||||
in {
|
||||
imports = [ ./common/home-manager ];
|
||||
|
||||
within = {
|
||||
emacs.enable = true;
|
||||
fish.enable = true;
|
||||
neofetch.enable = true;
|
||||
vim.enable = true;
|
||||
tmux.enable = true;
|
||||
};
|
||||
|
||||
services.lorri.enable = true;
|
||||
services.emacs.enable = lib.mkForce false;
|
||||
programs.direnv.enable = true;
|
||||
programs.direnv.nix-direnv.enable = true;
|
||||
|
||||
programs.git = {
|
||||
package = pkgs.gitAndTools.gitFull;
|
||||
enable = true;
|
||||
userName = name;
|
||||
userEmail = email;
|
||||
ignores = [ "*~" "*.swp" "*.#" ];
|
||||
delta.enable = true;
|
||||
extraConfig = {
|
||||
commit.template = "${commitTemplate}";
|
||||
core.editor = "vim";
|
||||
color.ui = "auto";
|
||||
credential.helper = "store --file ~/.git-credentials";
|
||||
format.signoff = true;
|
||||
init.defaultBranch = "main";
|
||||
protocol.keybase.allow = "always";
|
||||
pull.rebase = "true";
|
||||
push.default = "current";
|
||||
};
|
||||
};
|
||||
};
|
||||
});
|
||||
};
|
||||
|
||||
nixosConfigurations = {
|
||||
toxapex = let
|
||||
pkgs = nixpkgs.legacyPackages."aarch64-linux"; in nixpkgs.lib.nixosSystem rec {
|
||||
toxapex = let pkgs = nixpkgs.legacyPackages."aarch64-linux";
|
||||
in nixpkgs.lib.nixosSystem rec {
|
||||
system = "aarch64-linux";
|
||||
modules = [
|
||||
home-manager.nixosModules.home-manager
|
||||
|
||||
({ ... } :{
|
||||
imports = [./hosts/toxapex];
|
||||
})
|
||||
({ ... }: { imports = [ ./hosts/toxapex ]; })
|
||||
|
||||
({ config, ... }: {
|
||||
home-manager.useGlobalPkgs = true;
|
||||
|
@ -119,6 +221,7 @@
|
|||
experimental-features = nix-command flakes
|
||||
'';
|
||||
|
||||
users.groups.xe = { };
|
||||
users.users.xe = {
|
||||
extraGroups = [
|
||||
"wheel"
|
||||
|
@ -190,14 +293,14 @@
|
|||
};
|
||||
|
||||
# work VM
|
||||
froslass = let
|
||||
pkgs = nixpkgs.legacyPackages."aarch64-linux"; in nixpkgs.lib.nixosSystem rec {
|
||||
froslass = let pkgs = nixpkgs.legacyPackages."aarch64-linux";
|
||||
in nixpkgs.lib.nixosSystem rec {
|
||||
system = "aarch64-linux";
|
||||
modules = [
|
||||
home-manager.nixosModules.home-manager
|
||||
|
||||
({ ... } :{
|
||||
imports = [./hosts/froslass ./hardware/macos-rosetta];
|
||||
({ ... }: {
|
||||
imports = [ ./hosts/froslass ./hardware/macos-rosetta ];
|
||||
fileSystems."/host" = {
|
||||
device = "share";
|
||||
fsType = "virtiofs";
|
||||
|
|
Loading…
Reference in New Issue