retire toaster, refactor a bit

2023-07-23 22:56:25 +02:00 · 2023-07-23 22:56:25 +02:00 · 5b47cc39c1
commit 5b47cc39c1
parent 8ab21edb0d
10 changed files with 72 additions and 61 deletions
--- a/flake.lock
+++ b/flake.lock
@ -130,7 +130,7 @@
          "flake-utils"
        ],
        "nixpkgs": [
-          "nixpkgs"
+          "nixpkgs-stable"
        ]
      },
      "locked": {
@ -147,22 +147,6 @@
        "type": "github"
      }
    },
-    "nixpkgs": {
-      "locked": {
-        "lastModified": 1689431009,
-        "narHash": "sha256-hPgQCRWP5q/Xc4qOIP3c2krR9nQua78+t9EDiuey5nc=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "af8279f65fe71ce5a448408034a8c06e2b4b2c66",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixos-23.05",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
    "nixpkgs-stable": {
      "locked": {
        "lastModified": 1678872516,
@ -180,6 +164,22 @@
      }
    },
    "nixpkgs-stable_2": {
+      "locked": {
+        "lastModified": 1689605451,
+        "narHash": "sha256-u2qp2k9V1smCfk6rdUcgMKvBj3G9jVvaPHyeXinjN9E=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "53657afe29748b3e462f1f892287b7e254c26d77",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-23.05",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs-stable_3": {
      "locked": {
        "lastModified": 1689398528,
        "narHash": "sha256-qVn/doWn20axR+KvmAAGexv0A5RVzcBbd5HfNMAMeVI=",
@ -248,7 +248,7 @@
        "flake-utils": "flake-utils",
        "lanzaboote": "lanzaboote",
        "microvm": "microvm",
-        "nixpkgs": "nixpkgs",
+        "nixpkgs-stable": "nixpkgs-stable_2",
        "nixpkgs-unstable": "nixpkgs-unstable",
        "sops-nix": "sops-nix",
        "tmux-yank": "tmux-yank"
@ -274,9 +274,9 @@
    "sops-nix": {
      "inputs": {
        "nixpkgs": [
-          "nixpkgs"
+          "nixpkgs-stable"
        ],
-        "nixpkgs-stable": "nixpkgs-stable_2"
+        "nixpkgs-stable": "nixpkgs-stable_3"
      },
      "locked": {
        "lastModified": 1689405598,
--- a/flake.nix
+++ b/flake.nix
@ -2,19 +2,19 @@
  inputs = {
    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";

-    nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05";
+    nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-23.05";

    flake-utils.url = "github:numtide/flake-utils";

    sops-nix = {
      url = "github:Mic92/sops-nix";
-      inputs.nixpkgs.follows = "nixpkgs";
+      inputs.nixpkgs.follows = "nixpkgs-stable";
    };

    microvm = {
      url = "github:astro/microvm.nix";
      inputs = {
-        nixpkgs.follows = "nixpkgs";
+        nixpkgs.follows = "nixpkgs-stable";
        flake-utils.follows = "flake-utils";
      };
    };
@ -44,7 +44,7 @@
    , flake-utils
    , lanzaboote
    , microvm
-    , nixpkgs
+    , nixpkgs-stable
    , nixpkgs-unstable
    , sops-nix
    , ...
@ -53,11 +53,12 @@
    flake-utils.lib.eachDefaultSystem
      (system:
      let
-        pkgs = nixpkgs.legacyPackages.${system};
+        pkgs-stable = nixpkgs-stable.legacyPackages.${system};
+        pkgs-unstable = nixpkgs-unstable.legacyPackages.${system};
      in
      {
-        packages.slick = pkgs.callPackage "${self}/pkgs/slick.nix" { };
-        packages.imhex = pkgs.libsForQt5.callPackage "${self}/pkgs/imhex.nix" { };
+        packages.slick = pkgs-unstable.callPackage "${self}/pkgs/slick.nix" { };
+        # packages.imhex = pkgs-unstable.libsForQt5.callPackage "${self}/pkgs/imhex.nix" { };
      })
    //
    {
@ -67,29 +68,7 @@
      };

      nixosConfigurations = {
-        toaster = nixpkgs-unstable.lib.nixosSystem {
-          system = "x86_64-linux";
-          specialArgs = { inherit inputs; };
-          modules = [
-            sops-nix.nixosModules.sops
-            lanzaboote.nixosModules.lanzaboote
-
-            ./hosts/toaster
-
-            ./modules/basic-tools
-            ./modules/binary-caches.nix
-            ./modules/devtools.nix
-            ./modules/sway.nix
-            ./modules/gnupg.nix
-            ./modules/mail
-            ./modules/radio.nix
-            ./modules/science.nix
-            ./modules/tlp.nix
-            ./modules/virtualization.nix
-          ];
-        };
-
-        cirrus = nixpkgs.lib.nixosSystem {
+        cirrus = nixpkgs-stable.lib.nixosSystem {
          system = "x86_64-linux";
          specialArgs = { inherit inputs; };
          modules = [
@ -100,7 +79,7 @@
          ];
        };

-        dishwasher = nixpkgs.lib.nixosSystem {
+        dishwasher = nixpkgs-stable.lib.nixosSystem {
          system = "x86_64-linux";
          specialArgs = { inherit inputs; };
          modules = [
@ -113,7 +92,7 @@
          ];
        };

-        nextcloud = nixpkgs.lib.nixosSystem {
+        nextcloud = nixpkgs-stable.lib.nixosSystem {
          system = "x86_64-linux";
          specialArgs = { inherit inputs; };
          modules = [
@ -124,7 +103,7 @@
          ];
        };

-        music = nixpkgs.lib.nixosSystem {
+        music = nixpkgs-stable.lib.nixosSystem {
          system = "x86_64-linux";
          specialArgs = { inherit inputs; };
          modules = [
@ -135,7 +114,7 @@
          ];
        };

-        news = nixpkgs.lib.nixosSystem {
+        news = nixpkgs-stable.lib.nixosSystem {
          system = "x86_64-linux";
          specialArgs = { inherit inputs; };
          modules = [
@ -146,7 +125,7 @@
          ];
        };

-        noctilucent = nixpkgs.lib.nixosSystem {
+        noctilucent = nixpkgs-stable.lib.nixosSystem {
          system = "x86_64-linux";
          specialArgs = { inherit inputs; };
          modules = [
@ -165,6 +144,6 @@
        let
          get-toplevel = (host: nixSystem: nixSystem.config.microvm.declaredRunner or nixSystem.config.system.build.toplevel);
        in
-        nixpkgs.lib.mapAttrs get-toplevel self.nixosConfigurations;
+        nixpkgs-stable.lib.mapAttrs get-toplevel self.nixosConfigurations;
    };
 }
--- a/hosts/cirrus/wireguard-server.nix
+++ b/hosts/cirrus/wireguard-server.nix
@ -41,7 +41,7 @@
      };
      wireguardPeers = [
        {
-          # microwave
+          # toaster
          wireguardPeerConfig = {
            PublicKey = "0zpfcNrmbsNwwbnDDX4SMl4BVTB0zuhGKixT9TJQoHc=";
            AllowedIPs = [ "10.66.66.10/32" ];
--- a/hosts/toaster/default.nix
+++ b/hosts/toaster/default.nix
@ -5,8 +5,6 @@
    ./hardware-configuration.nix
    ./irc.nix
    ./stateful-network.nix
-    ./network.nix
-    ./network-vpns.nix
    ./secrets.nix
    ./secure-boot.nix
    ./zfs.nix
--- a/modules/basic-tools/default.nix
+++ b/modules/basic-tools/default.nix
@ -97,6 +97,15 @@
    '';
  };

+  programs.nix-ld.enable = true;
+  environment.variables = {
+      NIX_LD_LIBRARY_PATH = lib.makeLibraryPath [
+        pkgs.stdenv.cc.cc
+      ];
+      NIX_LD = lib.fileContents "${pkgs.stdenv.cc}/nix-support/dynamic-linker";
+  };
+
+
  programs.iftop.enable = true;
  programs.mosh.enable = true;

--- a/modules/chromium.nix
+++ b/modules/chromium.nix
@ -5,7 +5,7 @@
    chromium
  ];

-  nixpkgs.config.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland  --force-dark-mode --ignore-gpu-blocklist --enable-gpu-rasterization --enable-zero-copy --enable-features=VaapiVideoDecoder,VaapiVideoEncoder,CanvasOopRasterization,WebUIDarkMode";
+  nixpkgs.config.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland  --force-dark-mode --ignore-gpu-blocklist --enable-gpu-rasterization --enable-zero-copy --enable-native-gpu-memory-buffers --enable-features=VaapiVideoDecoder,VaapiVideoEncoder,CanvasOopRasterization,WebUIDarkMode";

  programs.chromium = {
    enable = true;
--- a/modules/desktop-software.nix
+++ b/modules/desktop-software.nix
@ -14,5 +14,6 @@
    tor-browser-bundle-bin
    wl-clipboard
    yt-dlp
+    libreoffice
  ];
 }
--- a/modules/gnome.nix
+++ b/modules/gnome.nix
@ -12,6 +12,7 @@
    gnome.gnome-tweaks
    nextcloud-client
    qbittorrent
+    spotify
  ];

  environment.gnome.excludePackages = with pkgs; [
@ -71,6 +72,7 @@
  programs.bash.vteIntegration = true;

  fonts.fonts = with pkgs; [
+    (nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" ]; })
    monoid
    font-awesome
    dejavu_fonts
--- a/modules/sway.nix
+++ b/modules/sway.nix
@ -22,7 +22,7 @@
    foot
    qt5.qtwayland
    bashmount
-    (xfce.thunar.override { thunarPlugins = with xfce; [ thunar-volman thunar-archive-plugin ]; })
+    gnome.nautilus
    audacity
  ];

--- a/modules/vscode.nix
+++ b/modules/vscode.nix
@ -0,0 +1,22 @@
+{ pkgs, ... }: {
+environment.systemPackages = with pkgs; [
+  (vscode-with-extensions.override {
+    vscodeExtensions = with vscode-extensions; [
+      bbenoist.nix
+      ms-python.python
+      ms-vscode-remote.remote-ssh
+      rust-lang.rust-analyzer
+      vscodevim.vim
+      james-yu.latex-workshop
+      ms-toolsai.jupyter
+    ] ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [
+      {
+        name = "remote-ssh-edit";
+        publisher = "ms-vscode-remote";
+        version = "0.86.0";
+        sha256 = "sha256-JsbaoIekUo2nKCu+fNbGlh5d1Tt/QJGUuXUGP04TsDI=";
+      }
+    ];
+  })
+];
+}