add desktopians (#43)

2024-01-27 16:05:35 +01:00 · 2024-01-27 16:05:35 +01:00 · 66be96ebff
commit 66be96ebff
parent e4f39f57ee
8 changed files with 147 additions and 6 deletions
--- a/flake.nix
+++ b/flake.nix
@ -55,11 +55,20 @@
    };
  };
-  outputs = { nixpkgs, nixos-modules, home-manager, sops-nix, mailserver, nix-pre-commit, ... }:
+  outputs =
    { home-manager
    , mailserver
    , nix-pre-commit
    , nixos-modules
    , nixpkgs
    , sops-nix
    , ...
    }:
    let
      inherit (nixpkgs) lib;
      src = builtins.filterSource (path: type: type == "directory" || lib.hasSuffix ".nix" (baseNameOf path)) ./.;
      ls = dir: lib.attrNames (builtins.readDir (src + "/${dir}"));
      lsdir = dir: if (builtins.pathExists (src + "/${dir}")) then (lib.attrNames (lib.filterAttrs (path: type: type == "directory") (builtins.readDir (src + "/${dir}")))) else [ ];
      fileList = dir: map (file: ./. + "/${dir}/${file}") (ls dir);
      config = {
@ -105,7 +114,6 @@
            , system ? "x86_64-linux"
            , modules ? [ ]
            , users ? [ "dennis" ]
            ,
            }: lib.nixosSystem {
              inherit system;
@ -162,7 +170,24 @@
              "richie"
            ];
          };
-        };
+        } // (builtins.listToAttrs (builtins.concatMap
          (user: map
            (system: {
              name = "${user}.${system}";
              value = lib.nixosSystem {
                system = "x86_64-linux";
                modules = [
                  nixos-modules.nixosModule
                  home-manager.nixosModules.home-manager
                  sops-nix.nixosModules.sops
                  ./users/${user}/systems/${system}/configuration.nix
                  ./users/${user}/systems/${system}/hardware.nix
                  { config.networking.hostName = "${system}"; }
                ] ++ fileList "modules";
              };
            })
            (lsdir "users/${user}/systems"))
          (lsdir "users")));
      devShell = lib.mapAttrs
        (system: sopsPkgs:
--- a/systems/configuration.nix
+++ b/systems/configuration.nix
@ -26,6 +26,8 @@
    };
  };
  security.auditd.enable = true;
  services = {
    fail2ban = {
      enable = lib.mkIf config.networking.firewall.enable (lib.mkDefault true);
--- a/systems/jeeves-jr/configuration.nix
+++ b/systems/jeeves-jr/configuration.nix
@ -58,9 +58,6 @@
    };
  };
  security.auditd.enable = true;
  services = {
    nfs.server.enable = true;
--- a/users/alice/systems/configuration.nix
+++ b/users/alice/systems/configuration.nix
@ -0,0 +1,2 @@
 { ... }:
 { }
--- a/users/alice/systems/programs.nix
+++ b/users/alice/systems/programs.nix
@ -0,0 +1,2 @@
 { ... }:
 { }
--- a/users/alice/systems/testtop/configuration.nix
+++ b/users/alice/systems/testtop/configuration.nix
@ -0,0 +1,32 @@
 { pkgs, ... }:
 {
  imports = [
    ../configuration.nix
    ../programs.nix
    ./programs.nix
  ];
  time.timeZone = "America/New_York";
  console.keyMap = "us";
  networking.hostId = "1beb4026";
  boot = {
    zfs.extraPools = [ "Main" ];
    filesystem = "zfs";
    useSystemdBoot = true;
  };
  i18n = {
    defaultLocale = "en_US.utf8";
    supportedLocales = [ "en_US.UTF-8/UTF-8" ];
  };
  boot = {
    default = true;
    kernel.sysctl = {
      "net.ipv6.conf.ens3.accept_ra" = 1;
    };
  };
  system.stateVersion = "23.05";
 }
--- a/users/alice/systems/testtop/hardware.nix
+++ b/users/alice/systems/testtop/hardware.nix
@ -0,0 +1,41 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
 { config, lib, pkgs, modulesPath, ... }:
 {
  imports =
    [
      (modulesPath + "/installer/scan/not-detected.nix")
    ];
  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ "kvm-amd" ];
  boot.extraModulePackages = [ ];
  fileSystems."/" =
    {
      device = "/dev/disk/by-uuid/c59f7261-ebab-4cc9-8f1d-3f4c2e4b1971";
      fsType = "ext4";
    };
  fileSystems."/boot" =
    {
      device = "/dev/disk/by-uuid/7295-A442";
      fsType = "vfat";
    };
  swapDevices =
    [{ device = "/dev/disk/by-uuid/9d4ef549-d426-489d-8332-0a49589c6aed"; }];
  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's
  # still possible to use this option, but it's recommended to use it in conjunction
  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
  networking.useDHCP = lib.mkDefault true;
  # networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }
--- a/users/alice/systems/testtop/programs.nix
+++ b/users/alice/systems/testtop/programs.nix
@ -0,0 +1,40 @@
 { pkgs, ... }:
 {
  environment.systemPackages = with pkgs; [
    bat
    btop
    croc
    deadnix
    direnv
    fd
    file
    htop
    hwloc
    iperf3
    jp2a
    jq
    lsof
    lynis
    ncdu
    neofetch
    nix-init
    nix-output-monitor
    nix-prefetch
    nix-tree
    nixpkgs-fmt
    nmap
    pciutils
    python3
    qrencode
    ripgrep
    smartmontools
    tig
    tokei
    tree
    unzip
    ventoy
    wget
    zoxide
    zsh-nix-shell
  ];
 }