0xa/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Update to 23.05

Browse source
This commit is contained in:
Grigory Shipunov 2023-06-01 20:33:05 +02:00
parent a892e5e2f0
commit 59723f3310
Signed by: 0xa
GPG key ID: 91FA5E5BF9AA901C
10 changed files with 75 additions and 90 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

75
flake.lock generated
View file

@ -40,14 +40,15 @@
],
"nixpkgs": [
"nixpkgs-unstable"
]
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1685384353,
"narHash": "sha256-AIJW/Mu0s2gf1M1Hn5U5tuFMnJRpZ4dVai42x6CpimU=",
"lastModified": 1685787331,
"narHash": "sha256-th38r/V0uUDeflZ8cfiXX5rv/ioZhicBW9M0y8r4KMU=",
"owner": "nix-community",
"repo": "emacs-overlay",
"rev": "3ed7dbbbfaf8014175bc25d3f88702e4e522d9d6",
"rev": "fbbf354bceb8d42d1e0eef8116b66e9947c84017",
"type": "github"
},
"original": {
@ -64,11 +65,11 @@
"rust-analyzer-src": "rust-analyzer-src"
},
"locked": {
"lastModified": 1685341338,
"narHash": "sha256-krAvPYZ8B1xF+90OaYcEyFw1W7L4bPskjcRFKA+NaQE=",
"lastModified": 1685773231,
"narHash": "sha256-UXX8dNzmZFqQhvHKPoarLxgTUll+knUHLW1W71gwnEQ=",
"owner": "nix-community",
"repo": "fenix",
"rev": "9a32630ddfa5bf4e31c94b360cb29cdcd15960e6",
"rev": "09380d8560af38fffc04d95951b981f5b754ff48",
"type": "github"
},
"original": {
@ -119,11 +120,11 @@
"systems": "systems"
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"lastModified": 1685518550,
"narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef",
"type": "github"
},
"original": {
@ -169,11 +170,11 @@
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1685349926,
"narHash": "sha256-c1rKI1glJWdJIPefp9aiyhAkEZ4Sc6Rh/J5VumEXu1M=",
"lastModified": 1685709197,
"narHash": "sha256-ASoXZVoXj6L9PzNDfuDrAxrqaDuH7e1qTzdzkOODu4M=",
"owner": "nix-community",
"repo": "lanzaboote",
"rev": "2e62c11babeead4b26efbb7f2cd4488baaa2e897",
"rev": "e422970c1bc3351bb7a20cf6e30e78d975280ed3",
"type": "github"
},
"original": {
@ -207,11 +208,27 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1685314633,
"narHash": "sha256-8LXBPqTQXl5ofkjpJ18JcbmLJ/lWDoMxtUwiDYv0wro=",
"lastModified": 1685620773,
"narHash": "sha256-iQ+LmporQNdLz8uMJdP62TaAWeLUwl43/MYUBtWqulM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c8a17ce7abc03c50cd072e9e6c9b389c5f61836b",
"rev": "f0ba8235153dd2e25cf06cbf70d43efdd4443592",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1685650716,
"narHash": "sha256-sDd7QIcMbIb37nuqMrJElvuyE5eVgWuKGtIPP8IWwCc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f7c1500e2eefa58f3c80dd046cba256e10440201",
"type": "github"
},
"original": {
@ -221,7 +238,7 @@
"type": "github"
}
},
"nixpkgs-stable": {
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1678872516,
"narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=",
@ -237,7 +254,7 @@
"type": "github"
}
},
"nixpkgs-stable_2": {
"nixpkgs-stable_3": {
"locked": {
"lastModified": 1685215858,
"narHash": "sha256-IRMFoDXA6cYx3ifVw3B2JcC4JrjT5v7tRAx2vro2Ffs=",
@ -255,11 +272,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1685290091,
"narHash": "sha256-GGQYNZ7POoqPTtXgPOLUuSiHkOKFRWYpCoWUOSeSRoU=",
"lastModified": 1685655444,
"narHash": "sha256-6EujQNAeaUkWvpEZZcVF8qSfQrNVWFNNGbUJxv/A5a8=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "4e37b4e55b60fb7d43d2b62deb51032a489bcbe8",
"rev": "e635192892f5abbc2289eaac3a73cdb249abaefd",
"type": "github"
},
"original": {
@ -284,7 +301,7 @@
"lanzaboote",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
"nixpkgs-stable": "nixpkgs-stable_2"
},
"locked": {
"lastModified": 1682596858,
@ -316,11 +333,11 @@
"rust-analyzer-src": {
"flake": false,
"locked": {
"lastModified": 1685280411,
"narHash": "sha256-8fOFw6B9lDUt4slKAGHj6Bipi5or7nNQvOB9vvN2R9U=",
"lastModified": 1685736988,
"narHash": "sha256-2Z9Auifh8bTp4gw+rySAUSVq0B0cEKJyoV3Znb8wfcQ=",
"owner": "rust-lang",
"repo": "rust-analyzer",
"rev": "505fd09f9e020b096d014e68b667268e743c2dd6",
"rev": "7f3bfc6ae75a47e1fd8d79b4dde79956cdd98093",
"type": "github"
},
"original": {
@ -360,14 +377,14 @@
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable_2"
"nixpkgs-stable": "nixpkgs-stable_3"
},
"locked": {
"lastModified": 1685242617,
"narHash": "sha256-UBPXGfGwGMJm2Wj9kDj8+TMMK2PTouSM/TpiXYtaqtQ=",
"lastModified": 1685434555,
"narHash": "sha256-aZl0yeaYX3T2L3W3yXOd3S9OfpS+8YUOT2b1KwrSf6E=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "3e016341d4dca6ce7c62316f90e66341841a30f9",
"rev": "876846cde9762ae563f018c17993354875e2538e",
"type": "github"
},
"original": {

7
flake.nix
View file

@ -2,7 +2,7 @@
inputs = {
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05";
flake-utils.url = "github:numtide/flake-utils";
@ -106,6 +106,7 @@
sops-nix.nixosModules.sops
./hosts/cirrus
./modules/basic-tools
./modules/server
];
};
@ -118,6 +119,7 @@
./hosts/dishwasher
./modules/basic-tools
./modules/binary-caches.nix
./modules/server
];
};
@ -128,6 +130,7 @@
sops-nix.nixosModules.sops
microvm.nixosModules.microvm
./microvms/nextcloud
./modules/server
];
};
@ -138,6 +141,7 @@
sops-nix.nixosModules.sops
microvm.nixosModules.microvm
./microvms/music
./modules/server
];
};
@ -148,6 +152,7 @@
sops-nix.nixosModules.sops
microvm.nixosModules.microvm
./microvms/news
./modules/server
];
};
};

14
hosts/cirrus/configuration.nix
View file

@ -7,7 +7,6 @@
{
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.efiSupport = true;
boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
@ -43,21 +42,8 @@
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
# Enable the OpenSSH daemon.
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDP6xE2ey0C8XXfvniiiHiqXsCC277jKI9RXEA+s2LQLUI5zl7v350i3Oa8H3NCcPj39lfMreqE6ncxcOhqYyzahPrrMkOqgbPAoRvq8H3ophLK+56O3xdHoKwLBwRD1yoGACjqG4UTiTrmnN2ateENgYcnTEY1e4vDw1qMj1drUXCsZ/6mkBBmHJiFfCaR4yCMt1r4gGi/dAC7ifnBP3oSyV/lJEwPxYYkGlbOBIvX/7Ar98pJS6xYPB3jHs9gwyNNON63d0fNYrwBojXPPCnGGaRZNOkBTzex3zZYp12ThINQ2xl8tRp9D8qpZ7vrLjhTD6AXkOBRzmDj+NsCeEaeTuWajqUM93iKncYUI+JxR1t7q8gA2pBMFzLesMXnx7R+5Kw7QDtSJM7a4GMIfsocPwf64BH6rzxEz68rXFE3P+J77PPM9CuaYw90JXHo3z220zYw2nMQ/1qjATVZw/hiVrLmQMVfmFJIufnGjTBs2sy3IoNyzvYm/oDeNNg1cdSV9gyyRKZhK08fxjXN5GSf9vZkfZa9tHtqaZ99HI40GQBHUVx1K2/NQJY8TVTSA+v16SFnJK8BIbmp/WFCuvDcMkgLIbqiYtDASe7P2mKIib86uOENT+P820egeLiTQ06kFw/gfUa8t69d5qEcjiQZ+lxCeYIs/E9KrEXHvRUWew== cardno:16 811 348"
];
# enable openssh
services.openssh = {
enable = true;
permitRootLogin = "prohibit-password";
};
# Open ports in the firewall.
networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [ 22 ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.

14
hosts/dishwasher/configuration.nix
View file

@ -73,20 +73,6 @@
supportedLocales = [ "all" ];
};
# List services that you want to enable:
# Enable the OpenSSH daemon.
programs.mosh.enable = true;
services.openssh = {
enable = true;
permitRootLogin = "prohibit-password";
};
networking.firewall.allowedTCPPorts = [ 22 ];
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDP6xE2ey0C8XXfvniiiHiqXsCC277jKI9RXEA+s2LQLUI5zl7v350i3Oa8H3NCcPj39lfMreqE6ncxcOhqYyzahPrrMkOqgbPAoRvq8H3ophLK+56O3xdHoKwLBwRD1yoGACjqG4UTiTrmnN2ateENgYcnTEY1e4vDw1qMj1drUXCsZ/6mkBBmHJiFfCaR4yCMt1r4gGi/dAC7ifnBP3oSyV/lJEwPxYYkGlbOBIvX/7Ar98pJS6xYPB3jHs9gwyNNON63d0fNYrwBojXPPCnGGaRZNOkBTzex3zZYp12ThINQ2xl8tRp9D8qpZ7vrLjhTD6AXkOBRzmDj+NsCeEaeTuWajqUM93iKncYUI+JxR1t7q8gA2pBMFzLesMXnx7R+5Kw7QDtSJM7a4GMIfsocPwf64BH6rzxEz68rXFE3P+J77PPM9CuaYw90JXHo3z220zYw2nMQ/1qjATVZw/hiVrLmQMVfmFJIufnGjTBs2sy3IoNyzvYm/oDeNNg1cdSV9gyyRKZhK08fxjXN5GSf9vZkfZa9tHtqaZ99HI40GQBHUVx1K2/NQJY8TVTSA+v16SFnJK8BIbmp/WFCuvDcMkgLIbqiYtDASe7P2mKIib86uOENT+P820egeLiTQ06kFw/gfUa8t69d5qEcjiQZ+lxCeYIs/E9KrEXHvRUWew== cardno:16 811 348"
];
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.

10
microvms/music/default.nix
View file

@ -36,15 +36,5 @@
hostName = "music";
};
services.openssh = {
enable = true;
permitRootLogin = "prohibit-password";
};
networking.firewall.allowedTCPPorts = [ 22 ];
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDP6xE2ey0C8XXfvniiiHiqXsCC277jKI9RXEA+s2LQLUI5zl7v350i3Oa8H3NCcPj39lfMreqE6ncxcOhqYyzahPrrMkOqgbPAoRvq8H3ophLK+56O3xdHoKwLBwRD1yoGACjqG4UTiTrmnN2ateENgYcnTEY1e4vDw1qMj1drUXCsZ/6mkBBmHJiFfCaR4yCMt1r4gGi/dAC7ifnBP3oSyV/lJEwPxYYkGlbOBIvX/7Ar98pJS6xYPB3jHs9gwyNNON63d0fNYrwBojXPPCnGGaRZNOkBTzex3zZYp12ThINQ2xl8tRp9D8qpZ7vrLjhTD6AXkOBRzmDj+NsCeEaeTuWajqUM93iKncYUI+JxR1t7q8gA2pBMFzLesMXnx7R+5Kw7QDtSJM7a4GMIfsocPwf64BH6rzxEz68rXFE3P+J77PPM9CuaYw90JXHo3z220zYw2nMQ/1qjATVZw/hiVrLmQMVfmFJIufnGjTBs2sy3IoNyzvYm/oDeNNg1cdSV9gyyRKZhK08fxjXN5GSf9vZkfZa9tHtqaZ99HI40GQBHUVx1K2/NQJY8TVTSA+v16SFnJK8BIbmp/WFCuvDcMkgLIbqiYtDASe7P2mKIib86uOENT+P820egeLiTQ06kFw/gfUa8t69d5qEcjiQZ+lxCeYIs/E9KrEXHvRUWew== cardno:16 811 348"
];
system.stateVersion = "22.11";
}

10
microvms/news/default.nix
View file

@ -35,15 +35,5 @@
hostName = "news";
};
services.openssh = {
enable = true;
permitRootLogin = "prohibit-password";
};
networking.firewall.allowedTCPPorts = [ 22 ];
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDP6xE2ey0C8XXfvniiiHiqXsCC277jKI9RXEA+s2LQLUI5zl7v350i3Oa8H3NCcPj39lfMreqE6ncxcOhqYyzahPrrMkOqgbPAoRvq8H3ophLK+56O3xdHoKwLBwRD1yoGACjqG4UTiTrmnN2ateENgYcnTEY1e4vDw1qMj1drUXCsZ/6mkBBmHJiFfCaR4yCMt1r4gGi/dAC7ifnBP3oSyV/lJEwPxYYkGlbOBIvX/7Ar98pJS6xYPB3jHs9gwyNNON63d0fNYrwBojXPPCnGGaRZNOkBTzex3zZYp12ThINQ2xl8tRp9D8qpZ7vrLjhTD6AXkOBRzmDj+NsCeEaeTuWajqUM93iKncYUI+JxR1t7q8gA2pBMFzLesMXnx7R+5Kw7QDtSJM7a4GMIfsocPwf64BH6rzxEz68rXFE3P+J77PPM9CuaYw90JXHo3z220zYw2nMQ/1qjATVZw/hiVrLmQMVfmFJIufnGjTBs2sy3IoNyzvYm/oDeNNg1cdSV9gyyRKZhK08fxjXN5GSf9vZkfZa9tHtqaZ99HI40GQBHUVx1K2/NQJY8TVTSA+v16SFnJK8BIbmp/WFCuvDcMkgLIbqiYtDASe7P2mKIib86uOENT+P820egeLiTQ06kFw/gfUa8t69d5qEcjiQZ+lxCeYIs/E9KrEXHvRUWew== cardno:16 811 348"
];
system.stateVersion = "22.11";
}

10
microvms/nextcloud/default.nix
View file

@ -112,15 +112,5 @@
hostName = "nextcloud";
};
services.openssh = {
enable = true;
permitRootLogin = "prohibit-password";
};
networking.firewall.allowedTCPPorts = [ 22 ];
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDP6xE2ey0C8XXfvniiiHiqXsCC277jKI9RXEA+s2LQLUI5zl7v350i3Oa8H3NCcPj39lfMreqE6ncxcOhqYyzahPrrMkOqgbPAoRvq8H3ophLK+56O3xdHoKwLBwRD1yoGACjqG4UTiTrmnN2ateENgYcnTEY1e4vDw1qMj1drUXCsZ/6mkBBmHJiFfCaR4yCMt1r4gGi/dAC7ifnBP3oSyV/lJEwPxYYkGlbOBIvX/7Ar98pJS6xYPB3jHs9gwyNNON63d0fNYrwBojXPPCnGGaRZNOkBTzex3zZYp12ThINQ2xl8tRp9D8qpZ7vrLjhTD6AXkOBRzmDj+NsCeEaeTuWajqUM93iKncYUI+JxR1t7q8gA2pBMFzLesMXnx7R+5Kw7QDtSJM7a4GMIfsocPwf64BH6rzxEz68rXFE3P+J77PPM9CuaYw90JXHo3z220zYw2nMQ/1qjATVZw/hiVrLmQMVfmFJIufnGjTBs2sy3IoNyzvYm/oDeNNg1cdSV9gyyRKZhK08fxjXN5GSf9vZkfZa9tHtqaZ99HI40GQBHUVx1K2/NQJY8TVTSA+v16SFnJK8BIbmp/WFCuvDcMkgLIbqiYtDASe7P2mKIib86uOENT+P820egeLiTQ06kFw/gfUa8t69d5qEcjiQZ+lxCeYIs/E9KrEXHvRUWew== cardno:16 811 348"
];
system.stateVersion = "22.05";
}

4
modules/emacs.nix
View file

@ -12,7 +12,7 @@
services.emacs = {
install = true;
enable = false;
package = with pkgs; ((emacsPackagesFor (emacsPgtk.overrideAttrs (old: {
package = with pkgs; ((emacsPackagesFor (emacs-pgtk.overrideAttrs (old: {
passthru = old.passthru // {
treeSitter = true;
};
@ -23,7 +23,7 @@
vterm
pdf-tools
]));
defaultEditor = lib.mkDefault false;
defaultEditor = lib.mkDefault true;
};
}

8
modules/server/default.nix Normal file
View file

@ -0,0 +1,8 @@
{ ... }:
{
imports = [
./ssh.nix
];
networking.firewall.enable = true;
}

13
modules/server/ssh.nix Normal file
View file

@ -0,0 +1,13 @@
{ ... }:
{
programs.mosh.enable = true;
services.openssh = {
enable = true;
settings.PermitRootLogin = "prohibit-password";
};
networking.firewall.allowedTCPPorts = [ 22 ];
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDP6xE2ey0C8XXfvniiiHiqXsCC277jKI9RXEA+s2LQLUI5zl7v350i3Oa8H3NCcPj39lfMreqE6ncxcOhqYyzahPrrMkOqgbPAoRvq8H3ophLK+56O3xdHoKwLBwRD1yoGACjqG4UTiTrmnN2ateENgYcnTEY1e4vDw1qMj1drUXCsZ/6mkBBmHJiFfCaR4yCMt1r4gGi/dAC7ifnBP3oSyV/lJEwPxYYkGlbOBIvX/7Ar98pJS6xYPB3jHs9gwyNNON63d0fNYrwBojXPPCnGGaRZNOkBTzex3zZYp12ThINQ2xl8tRp9D8qpZ7vrLjhTD6AXkOBRzmDj+NsCeEaeTuWajqUM93iKncYUI+JxR1t7q8gA2pBMFzLesMXnx7R+5Kw7QDtSJM7a4GMIfsocPwf64BH6rzxEz68rXFE3P+J77PPM9CuaYw90JXHo3z220zYw2nMQ/1qjATVZw/hiVrLmQMVfmFJIufnGjTBs2sy3IoNyzvYm/oDeNNg1cdSV9gyyRKZhK08fxjXN5GSf9vZkfZa9tHtqaZ99HI40GQBHUVx1K2/NQJY8TVTSA+v16SFnJK8BIbmp/WFCuvDcMkgLIbqiYtDASe7P2mKIib86uOENT+P820egeLiTQ06kFw/gfUa8t69d5qEcjiQZ+lxCeYIs/E9KrEXHvRUWew== cardno:16 811 348"
];
}