Created fabius user (raspberry pi 5). Changed flake.nix. (#76)
* Created fabius user (raspberry pi 5). Changed flake.nix. * add custom iso type * change to crossPkgs * add crossCompile aarch64
This commit is contained in:
Dennis
GitHub
parent
4c1e86907a
commit
d020ef2189
68
flake.nix
68
flake.nix
@ -91,13 +91,22 @@
|
|||||||
outputs = { self, nixpkgs-fmt, nix, home-manager, mailserver, nix-pre-commit, nixos-modules, nixpkgs, sops-nix, ... }@inputs:
|
outputs = { self, nixpkgs-fmt, nix, home-manager, mailserver, nix-pre-commit, nixos-modules, nixpkgs, sops-nix, ... }@inputs:
|
||||||
let
|
let
|
||||||
inherit (nixpkgs) lib;
|
inherit (nixpkgs) lib;
|
||||||
systems = [ "x86_64-linux" "aarch64-linux" ];
|
systems = [
|
||||||
|
"x86_64-linux"
|
||||||
|
"aarch64-linux"
|
||||||
|
"x86_64-darwin"
|
||||||
|
"aarch64-darwin"
|
||||||
|
];
|
||||||
|
|
||||||
forEachSystem = lib.genAttrs systems;
|
forEachSystem = lib.genAttrs systems;
|
||||||
overlayList = [ self.overlays.default nix.overlays.default ];
|
overlayList = [ self.overlays.default nix.overlays.default ];
|
||||||
pkgsBySystem = forEachSystem (system: import nixpkgs {
|
pkgsBySystem = forEachSystem (system: import nixpkgs {
|
||||||
inherit system;
|
inherit system;
|
||||||
overlays = overlayList;
|
overlays = overlayList;
|
||||||
config.allowUnfree = true;
|
config = {
|
||||||
|
allowUnfree = true;
|
||||||
|
isHydra = true;
|
||||||
|
};
|
||||||
});
|
});
|
||||||
|
|
||||||
src = builtins.filterSource (path: type: type == "directory" || lib.hasSuffix ".nix" (baseNameOf path)) ./.;
|
src = builtins.filterSource (path: type: type == "directory" || lib.hasSuffix ".nix" (baseNameOf path)) ./.;
|
||||||
@ -140,13 +149,13 @@
|
|||||||
# language = "system";
|
# language = "system";
|
||||||
# files = "\\.nix";
|
# files = "\\.nix";
|
||||||
# }
|
# }
|
||||||
{
|
# {
|
||||||
id = "nix-flake-check";
|
# id = "nix-flake-check";
|
||||||
entry = "nix flake check";
|
# entry = "nix flake check";
|
||||||
language = "system";
|
# language = "system";
|
||||||
files = "\\.nix";
|
# files = "\\.nix";
|
||||||
pass_filenames = false;
|
# pass_filenames = false;
|
||||||
}
|
# }
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
@ -160,11 +169,14 @@
|
|||||||
|
|
||||||
nixosConfigurations =
|
nixosConfigurations =
|
||||||
let
|
let
|
||||||
constructSystem = { hostname, users, home ? true, modules ? [ ], server ? true, sops ? true, system ? "x86_64-linux" }:
|
constructSystem = { hostname, users, home ? true, iso ? [ ], modules ? [ ], server ? true, sops ? true, system ? "x86_64-linux" }:
|
||||||
lib.nixosSystem {
|
lib.nixosSystem {
|
||||||
inherit system;
|
inherit system;
|
||||||
|
modules = [
|
||||||
modules = [ nixos-modules.nixosModule sops-nix.nixosModules.sops { config.networking.hostName = "${hostname}"; } ] ++ (if server then [
|
nixos-modules.nixosModule
|
||||||
|
sops-nix.nixosModules.sops
|
||||||
|
{ config.networking.hostName = "${hostname}"; }
|
||||||
|
] ++ (if server then [
|
||||||
mailserver.nixosModules.mailserver
|
mailserver.nixosModules.mailserver
|
||||||
./systems/programs.nix
|
./systems/programs.nix
|
||||||
./systems/configuration.nix
|
./systems/configuration.nix
|
||||||
@ -173,21 +185,27 @@
|
|||||||
] else [
|
] else [
|
||||||
./users/${builtins.head users}/systems/${hostname}/configuration.nix
|
./users/${builtins.head users}/systems/${hostname}/configuration.nix
|
||||||
./users/${builtins.head users}/systems/${hostname}/hardware.nix
|
./users/${builtins.head users}/systems/${hostname}/hardware.nix
|
||||||
]) ++ modules
|
]) ++ fileList "modules"
|
||||||
++ fileList "modules"
|
++ modules
|
||||||
++ lib.optional home home-manager.nixosModules.home-manager
|
++ lib.optional home home-manager.nixosModules.home-manager
|
||||||
|
++ lib.optional (builtins.elem "minimal" iso) "${toString nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix"
|
||||||
|
++ lib.optional (builtins.elem "sd" iso) "${toString nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
|
||||||
++ (if home then (map (user: { home-manager.users.${user} = import ./users/${user}/home.nix; }) users) else [ ])
|
++ (if home then (map (user: { home-manager.users.${user} = import ./users/${user}/home.nix; }) users) else [ ])
|
||||||
++ map (user: { config, lib, pkgs, ... }@args: {
|
++ lib.optional (system != "x86_64-linux") {
|
||||||
users.users.${user} = import ./users/${user} (args // { name = "${user}"; });
|
config.nixpkgs = {
|
||||||
boot.initrd.network.ssh.authorizedKeys = lib.mkIf server config.users.users.${user}.openssh.authorizedKeys.keys;
|
config.allowUnsupportedSystem = true;
|
||||||
sops = lib.mkIf sops {
|
crossSystem = lib.systems.examples.aarch64-multiplatform;
|
||||||
secrets."${user}/user-password" = {
|
};
|
||||||
sopsFile = ./users/${user}/secrets.yaml;
|
} ++ map (user: { config, lib, pkgs, ... }@args: {
|
||||||
neededForUsers = true;
|
users.users.${user} = import ./users/${user} (args // { name = "${user}"; });
|
||||||
};
|
boot.initrd.network.ssh.authorizedKeys = lib.mkIf server config.users.users.${user}.openssh.authorizedKeys.keys;
|
||||||
|
sops = lib.mkIf sops {
|
||||||
|
secrets."${user}/user-password" = {
|
||||||
|
sopsFile = ./users/${user}/secrets.yaml;
|
||||||
|
neededForUsers = true;
|
||||||
};
|
};
|
||||||
})
|
};
|
||||||
users;
|
}) users;
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
(builtins.listToAttrs (map
|
(builtins.listToAttrs (map
|
||||||
@ -259,7 +277,7 @@
|
|||||||
(type: {
|
(type: {
|
||||||
name = type;
|
name = type;
|
||||||
value = mkBuild type;
|
value = mkBuild type;
|
||||||
}) [ "toplevel" "isoImage" ])
|
}) [ "toplevel" "isoImage" "sdImage" ])
|
||||||
);
|
);
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|||||||
@ -51,7 +51,7 @@ in {
|
|||||||
generationsDir.copyKernels = true;
|
generationsDir.copyKernels = true;
|
||||||
systemd-boot.enable = lib.mkIf cfg.useSystemdBoot true;
|
systemd-boot.enable = lib.mkIf cfg.useSystemdBoot true;
|
||||||
grub = lib.mkIf (!cfg.useSystemdBoot) {
|
grub = lib.mkIf (!cfg.useSystemdBoot) {
|
||||||
enable = true;
|
enable = lib.mkForce true;
|
||||||
copyKernels = true;
|
copyKernels = true;
|
||||||
zfsSupport = lib.mkIf (cfg.filesystem == "zfs") true;
|
zfsSupport = lib.mkIf (cfg.filesystem == "zfs") true;
|
||||||
efiSupport = true;
|
efiSupport = true;
|
||||||
|
|||||||
@ -24,6 +24,7 @@
|
|||||||
nix = {
|
nix = {
|
||||||
extraOptions = ''
|
extraOptions = ''
|
||||||
allowed-uris = github: gitlab: git+https:// git+ssh:// https://
|
allowed-uris = github: gitlab: git+https:// git+ssh:// https://
|
||||||
|
builders-use-substitutes = true
|
||||||
'';
|
'';
|
||||||
|
|
||||||
buildMachines = [{
|
buildMachines = [{
|
||||||
@ -32,7 +33,7 @@
|
|||||||
protocol = "ssh-ng";
|
protocol = "ssh-ng";
|
||||||
speedFactor = 2;
|
speedFactor = 2;
|
||||||
supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ];
|
supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ];
|
||||||
system = "x86_64-linux";
|
systems = [ "x86_64-linux" "x86_64-linux" ];
|
||||||
}];
|
}];
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -109,7 +110,6 @@
|
|||||||
smtpHost = "alicehuston.xyz";
|
smtpHost = "alicehuston.xyz";
|
||||||
notificationSender = "hydra@alicehuston.xyz";
|
notificationSender = "hydra@alicehuston.xyz";
|
||||||
gcRootsDir = "/ZFS/ZFS-Primary/hydra";
|
gcRootsDir = "/ZFS/ZFS-Primary/hydra";
|
||||||
buildMachinesFiles = [ ];
|
|
||||||
useSubstitutes = true;
|
useSubstitutes = true;
|
||||||
minimumDiskFree = 50;
|
minimumDiskFree = 50;
|
||||||
minimumDiskFreeEvaluator = 100;
|
minimumDiskFreeEvaluator = 100;
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user