add desktopians (#43)

2024-01-27 16:05:35 +01:00 · 2024-01-27 16:05:35 +01:00 · 66be96ebff
commit 66be96ebff
parent e4f39f57ee
8 changed files with 147 additions and 6 deletions
--- a/flake.nix
+++ b/flake.nix
@ -55,11 +55,20 @@
    };
  };

-  outputs = { nixpkgs, nixos-modules, home-manager, sops-nix, mailserver, nix-pre-commit, ... }:
+  outputs =
+    { home-manager
+    , mailserver
+    , nix-pre-commit
+    , nixos-modules
+    , nixpkgs
+    , sops-nix
+    , ...
+    }:
    let
      inherit (nixpkgs) lib;
      src = builtins.filterSource (path: type: type == "directory" || lib.hasSuffix ".nix" (baseNameOf path)) ./.;
      ls = dir: lib.attrNames (builtins.readDir (src + "/${dir}"));
+      lsdir = dir: if (builtins.pathExists (src + "/${dir}")) then (lib.attrNames (lib.filterAttrs (path: type: type == "directory") (builtins.readDir (src + "/${dir}")))) else [ ];
      fileList = dir: map (file: ./. + "/${dir}/${file}") (ls dir);

      config = {
@ -105,7 +114,6 @@
            , system ? "x86_64-linux"
            , modules ? [ ]
            , users ? [ "dennis" ]
-            ,
            }: lib.nixosSystem {
              inherit system;

@ -162,7 +170,24 @@
              "richie"
            ];
          };
-        };
+        } // (builtins.listToAttrs (builtins.concatMap
+          (user: map
+            (system: {
+              name = "${user}.${system}";
+              value = lib.nixosSystem {
+                system = "x86_64-linux";
+                modules = [
+                  nixos-modules.nixosModule
+                  home-manager.nixosModules.home-manager
+                  sops-nix.nixosModules.sops
+                  ./users/${user}/systems/${system}/configuration.nix
+                  ./users/${user}/systems/${system}/hardware.nix
+                  { config.networking.hostName = "${system}"; }
+                ] ++ fileList "modules";
+              };
+            })
+            (lsdir "users/${user}/systems"))
+          (lsdir "users")));

      devShell = lib.mapAttrs
        (system: sopsPkgs:
--- a/systems/configuration.nix
+++ b/systems/configuration.nix
@ -26,6 +26,8 @@
    };
  };

+  security.auditd.enable = true;
+
  services = {
    fail2ban = {
      enable = lib.mkIf config.networking.firewall.enable (lib.mkDefault true);
--- a/systems/jeeves-jr/configuration.nix
+++ b/systems/jeeves-jr/configuration.nix
@ -58,9 +58,6 @@
    };
  };

-
-  security.auditd.enable = true;
-
  services = {
    nfs.server.enable = true;

--- a/users/alice/systems/configuration.nix
+++ b/users/alice/systems/configuration.nix
@ -0,0 +1,2 @@
+{ ... }:
+{ }
--- a/users/alice/systems/programs.nix
+++ b/users/alice/systems/programs.nix
@ -0,0 +1,2 @@
+{ ... }:
+{ }
--- a/users/alice/systems/testtop/configuration.nix
+++ b/users/alice/systems/testtop/configuration.nix
@ -0,0 +1,32 @@
+{ pkgs, ... }:
+{
+  imports = [
+    ../configuration.nix
+    ../programs.nix
+    ./programs.nix
+  ];
+
+  time.timeZone = "America/New_York";
+  console.keyMap = "us";
+  networking.hostId = "1beb4026";
+
+  boot = {
+    zfs.extraPools = [ "Main" ];
+    filesystem = "zfs";
+    useSystemdBoot = true;
+  };
+
+  i18n = {
+    defaultLocale = "en_US.utf8";
+    supportedLocales = [ "en_US.UTF-8/UTF-8" ];
+  };
+
+  boot = {
+    default = true;
+    kernel.sysctl = {
+      "net.ipv6.conf.ens3.accept_ra" = 1;
+    };
+  };
+
+  system.stateVersion = "23.05";
+}
--- a/users/alice/systems/testtop/hardware.nix
+++ b/users/alice/systems/testtop/hardware.nix
@ -0,0 +1,41 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [
+      (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    {
+      device = "/dev/disk/by-uuid/c59f7261-ebab-4cc9-8f1d-3f4c2e4b1971";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    {
+      device = "/dev/disk/by-uuid/7295-A442";
+      fsType = "vfat";
+    };
+
+  swapDevices =
+    [{ device = "/dev/disk/by-uuid/9d4ef549-d426-489d-8332-0a49589c6aed"; }];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
--- a/users/alice/systems/testtop/programs.nix
+++ b/users/alice/systems/testtop/programs.nix
@ -0,0 +1,40 @@
+{ pkgs, ... }:
+{
+  environment.systemPackages = with pkgs; [
+    bat
+    btop
+    croc
+    deadnix
+    direnv
+    fd
+    file
+    htop
+    hwloc
+    iperf3
+    jp2a
+    jq
+    lsof
+    lynis
+    ncdu
+    neofetch
+    nix-init
+    nix-output-monitor
+    nix-prefetch
+    nix-tree
+    nixpkgs-fmt
+    nmap
+    pciutils
+    python3
+    qrencode
+    ripgrep
+    smartmontools
+    tig
+    tokei
+    tree
+    unzip
+    ventoy
+    wget
+    zoxide
+    zsh-nix-shell
+  ];
+}