tstarr/dotfiles
1
0
Fork 0
mirror of https://github.com/starr-dusT/dotfiles.git synced 2025-02-18 10:47:31 -08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:starr-dusT/dotfiles

Browse Source 
the commit.
This commit is contained in:
Tyler Starr 2025-01-03 01:03:47 -08:00
commit 396d73cc54
18 changed files with 140 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
provision/flake.nix
View File

@ -15,34 +15,18 @@
outputs = inputs @ { self, nixpkgs, home-manager, jovian-nixos, agenix, nixos-wsl, ... }:
let
system = "x86_64-linux";
user = "tstarr";
hosts = builtins.fromJSON (builtins.readFile ./hosts.json);
lib = nixpkgs.lib;
in {
nixosConfigurations = {
kestrel = lib.nixosSystem (import ./hosts/kestrel {
nixosConfigurations = lib.mapAttrs (hostname: hostConfig:
lib.nixosSystem (import ./hosts/${hostConfig.role} {
inherit lib;
inherit system user inputs agenix home-manager;
});
shivan = lib.nixosSystem (import ./hosts/shivan {
inherit lib;
inherit system user inputs agenix home-manager;
});
torus = lib.nixosSystem (import ./hosts/torus {
inherit lib;
inherit system user inputs agenix home-manager;
});
bulwark = lib.nixosSystem (import ./hosts/bulwark {
inherit lib;
inherit system user inputs agenix home-manager jovian-nixos;
});
wsl = lib.nixosSystem (import ./hosts/wsl {
inherit lib;
inherit system user inputs agenix home-manager nixos-wsl;
});
osprey = lib.nixosSystem (import ./hosts/osprey {
inherit lib;
inherit system user inputs agenix home-manager;
});
};
inherit system inputs agenix home-manager jovian-nixos nixos-wsl;
specialArgs = {
user = hostConfig.user;
hostname = "${hostname}";
};
})
) hosts;
};
}

30
provision/hosts.json Normal file
View File

@ -0,0 +1,30 @@
{
"kestrel": {
"role": "kestrel",
"user": "tstarr"
},
"shivan": {
"role": "shivan",
"user": "tstarr"
},
"torus": {
"role": "torus",
"user": "tstarr"
},
"bulwark": {
"role": "bulwark",
"user": "tstarr"
},
"osprey": {
"role": "osprey",
"user": "tstarr"
},
"wsl": {
"role": "wsl",
"user": "user"
},
"htpc-bako": {
"role": "htpc",
"user": "starr"
}
}

4
provision/hosts/bulwark/configuration.nix
View File

@ -1,11 +1,11 @@
{ config, lib, pkgs, user, ... }:
{ config, lib, pkgs, user, hostname, ... }:
{
imports = [
./steam-deck.nix
];
# Set networking options
networking.hostName = "bulwark";
networking.hostName = "${hostname}";
networking.firewall.checkReversePath = "loose";
networking.firewall.enable = false;

7
provision/hosts/bulwark/default.nix
View File

@ -1,5 +1,8 @@
{ lib, system, user, inputs, agenix, home-manager, jovian-nixos, ... }:
{
{ lib, specialArgs, system, inputs, agenix, home-manager, jovian-nixos, ... }:
let
user = specialArgs.user;
hostname = specialArgs.hostname;
in {
inherit system;
specialArgs = { inherit user inputs home-manager jovian-nixos; };
modules = [

26
provision/hosts/htpc/configuration.nix Normal file
View File

@ -0,0 +1,26 @@
{ config, pkgs, user, lib, hostname, ... }:
{
# Use performance governor for sweet gaming performance!
powerManagement.cpuFreqGovernor = "performance";
# Set networking options
networking.hostName = "${hostname}";
networking.firewall.checkReversePath = "loose";
networking.firewall.enable = false;
# Modules
modules = {
desktop = {
enable = true;
gnome.enable = true;
};
programs = {
chezmoi.apply = true;
kitty.enable = true;
};
services = {
samba-client.enable = true;
ssh.enable = true;
};
};
}

21
provision/hosts/htpc/default.nix Normal file
View File

@ -0,0 +1,21 @@
{ lib, specialArgs, system, inputs, agenix, home-manager, ... }:
let
user = specialArgs.user;
hostname = specialArgs.hostname;
in {
inherit system;
specialArgs = { inherit user hostname inputs home-manager; };
modules = [
../default # shared by all configs
../default/physical/configuration.nix # shared by physical machines
./configuration.nix # htpc specific
../../modules
/etc/nixos/hardware-configuration.nix
agenix.nixosModules.default
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
}
];
}

4
provision/hosts/kestrel/configuration.nix
View File

@ -1,4 +1,4 @@
{ config, pkgs, user, lib, ... }:
{ config, pkgs, user, lib, hostname, ... }:
{
imports = [
./backup.nix
@ -9,7 +9,7 @@
powerManagement.cpuFreqGovernor = "performance";
# Set networking options
networking.hostName = "kestrel";
networking.hostName = "${hostname}";
networking.firewall.checkReversePath = "loose";
networking.firewall.enable = false;

9
provision/hosts/kestrel/default.nix
View File

@ -1,7 +1,10 @@
{ lib, system, user, inputs, agenix, home-manager, ... }:
{
{ lib, specialArgs, system, inputs, agenix, home-manager, ... }:
let
user = specialArgs.user;
hostname = specialArgs.hostname;
in {
inherit system;
specialArgs = { inherit user inputs home-manager; };
specialArgs = { inherit user hostname inputs home-manager; };
modules = [
../default # shared by all configs
../default/physical/configuration.nix # shared by physical machines

4
provision/hosts/osprey/configuration.nix
View File

@ -1,10 +1,10 @@
{ config, pkgs, user, lib, ... }:
{ config, pkgs, user, lib, hostname, ... }:
{
# Use performance governor for sweet gaming performance!
powerManagement.cpuFreqGovernor = "performance";
# Set networking options
networking.hostName = "osprey";
networking.hostName = "${hostname}";
networking.firewall.checkReversePath = false;
networking.firewall.enable = false;

7
provision/hosts/osprey/default.nix
View File

@ -1,5 +1,8 @@
{ lib, system, user, inputs, agenix, home-manager, ... }:
{
{ lib, specialArgs, system, inputs, agenix, home-manager, ... }:
let
user = specialArgs.user;
hostname = specialArgs.hostname;
in {
inherit system;
specialArgs = { inherit user inputs home-manager; };
modules = [

4
provision/hosts/shivan/configuration.nix
View File

@ -1,10 +1,10 @@
{ config, pkgs, user, lib, ... }:
{ config, pkgs, user, lib, hostname, ... }:
{
# Use performance governor for sweet gaming performance!
powerManagement.cpuFreqGovernor = "performance";
# Set networking options
networking.hostName = "shivan";
networking.hostName = "${hostname}";
networking.firewall.checkReversePath = "loose";
networking.firewall.enable = false;

7
provision/hosts/shivan/default.nix
View File

@ -1,5 +1,8 @@
{ lib, system, user, inputs, agenix, home-manager, ... }:
{
{ lib, specialArgs, system, inputs, agenix, home-manager, ... }:
let
user = specialArgs.user;
hostname = specialArgs.hostname;
in {
inherit system;
specialArgs = { inherit user inputs home-manager; };
modules = [

4
provision/hosts/torus/configuration.nix
View File

@ -1,4 +1,4 @@
{ config, pkgs, user, lib, ... }:
{ config, pkgs, user, lib, hostname, ... }:
{
imports = [
./wireguard-server.nix
@ -18,7 +18,7 @@
boot.kernelModules = [ "sg" ];
# Set networking options
networking.hostName = "torus";
networking.hostName = "${hostname}";
networking.firewall.enable = true;
networking.firewall.checkReversePath = "loose";
networking.firewall.allowedTCPPorts = [ 80 443 ];

7
provision/hosts/torus/default.nix
View File

@ -1,5 +1,8 @@
{ lib, system, user, inputs, agenix, home-manager, ... }:
{
{ lib, specialArgs, system, inputs, agenix, home-manager, ... }:
let
user = specialArgs.user;
hostname = specialArgs.hostname;
in {
inherit system;
specialArgs = { inherit user inputs home-manager; };
modules = [

4
provision/hosts/wsl/configuration.nix
View File

@ -1,4 +1,4 @@
{ config, pkgs, user, lib, inputs, nixos-wsl, ... }:
{ config, pkgs, user, lib, inputs, nixos-wsl, hostname, ... }:
let
defaultUser = user;
in
@ -15,7 +15,7 @@ in
};
# Set networking options
networking.hostName = "wsl";
networking.hostName = "${hostname}";
networking.firewall.checkReversePath = "loose";
networking.firewall.enable = false;

7
provision/hosts/wsl/default.nix
View File

@ -1,5 +1,8 @@
{ lib, system, user, inputs, agenix, home-manager, nixos-wsl, ... }:
{
{ lib, specialArgs, system, inputs, agenix, home-manager, nixos-wsl, ... }:
let
user = specialArgs.user;
hostname = specialArgs.hostname;
in {
inherit system;
specialArgs = { inherit user inputs nixos-wsl home-manager; };
modules = [

7
provision/modules/programs/firefox/default.nix
View File

@ -14,6 +14,13 @@ in {
home-manager.users.${user} = {
programs.firefox = {
enable = true;
policies = {
SecurityDevices = {
Add = {
"NIPR" = "${pkgs.opensc}/lib/opensc-pkcs11.so";
};
};
};
profiles.default = {
bookmarks = import ./bookmarks.nix;
isDefault = true;

5
provision/readme.md
View File

@ -14,16 +14,17 @@ nix-shell -p vim git neovim
git clone https://github.com/starr-dusT/dotfiles ~/.local/share/chezmoi
```
3. Copy existing configuration files from another host and modify as needed. Make sure to move the installer created configuration-hardware.nix to dotfiles (e.g. `provision/hosts/<host>/hardware.nix`).
3. Copy existing configuration files from another host and modify as needed. For most configs, move the installer created `configuration-hardware.nix` to dotfiles (e.g. `provision/hosts/<host>/hardware.nix`); however, role-based installs like `htpc` and `wsl` either do not require a `hardware.nix` file or the flake imports `hardware-configuration.nix` from `/etc/nixos`.
4. If required move agenix keypairs to `~/.ssh/keys/{age,age.pub}`. A new keypair may be required and agenix files will need to be rekeyed on another system.
5. Rebuild the system and initialize chezmoi dotfiles to save America:
```bash
sudo nixos-rebuild switch --flake .#<host>
sudo nixos-rebuild switch --impure --flake .#<host>
chezmoi init && chezmoi apply
```
*Note:* if the `chezmoi.apply` option is enabled in `configuration.nix` the dotfiles should deploy automatically. The chezmoi commands then are not necessary.
6. Profit!