style: reformat with nixfmt-rfc-style
This commit is contained in:
parent
5ad8bc1d56
commit
1c5d83d81e
99 changed files with 2247 additions and 1334 deletions
|
@ -1,16 +1,24 @@
|
|||
{ self, ... }: {
|
||||
perSystem = { self', pkgs, lib, ... }: {
|
||||
packages.doctr = self.lib.mkOpenwrtImage {
|
||||
inherit pkgs;
|
||||
hostname = "doctr";
|
||||
timezone = "Europe/Berlin";
|
||||
ipaddr = "192.168.1.1";
|
||||
packages = [
|
||||
"tang" # for automatic LUKS decryption with clevis
|
||||
];
|
||||
uci = ''
|
||||
uci set tang.config.enabled='1'
|
||||
'';
|
||||
{ self, ... }:
|
||||
{
|
||||
perSystem =
|
||||
{
|
||||
self',
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{
|
||||
packages.doctr = self.lib.mkOpenwrtImage {
|
||||
inherit pkgs;
|
||||
hostname = "doctr";
|
||||
timezone = "Europe/Berlin";
|
||||
ipaddr = "192.168.1.1";
|
||||
packages = [
|
||||
"tang" # for automatic LUKS decryption with clevis
|
||||
];
|
||||
uci = ''
|
||||
uci set tang.config.enabled='1'
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{ self, inputs, ... }: {
|
||||
{ self, inputs, ... }:
|
||||
{
|
||||
flake = {
|
||||
nixosConfigurations = {
|
||||
home-pc = inputs.nixpkgs.lib.nixosSystem {
|
||||
|
@ -28,12 +29,16 @@
|
|||
config = ../home/felschr.nix;
|
||||
usesContainers = true;
|
||||
})
|
||||
({ pkgs, ... }: {
|
||||
environment.systemPackages =
|
||||
[ inputs.deploy-rs.defaultPackage.x86_64-linux ];
|
||||
})
|
||||
(
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
environment.systemPackages = [ inputs.deploy-rs.defaultPackage.x86_64-linux ];
|
||||
}
|
||||
)
|
||||
];
|
||||
specialArgs = { inherit inputs; };
|
||||
specialArgs = {
|
||||
inherit inputs;
|
||||
};
|
||||
};
|
||||
pilot1 = inputs.nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
|
@ -47,13 +52,19 @@
|
|||
config = ../hosts/work-pc.nix;
|
||||
})
|
||||
(self.lib.createUser "felschr" {
|
||||
user.extraGroups = [ "wheel" "audio" "disk" ];
|
||||
user.extraGroups = [
|
||||
"wheel"
|
||||
"audio"
|
||||
"disk"
|
||||
];
|
||||
modules = [ self.homeManagerModules.git ];
|
||||
config = ../home/felschr-work.nix;
|
||||
usesContainers = true;
|
||||
})
|
||||
];
|
||||
specialArgs = { inherit inputs; };
|
||||
specialArgs = {
|
||||
inherit inputs;
|
||||
};
|
||||
};
|
||||
home-server = inputs.nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
|
@ -70,7 +81,12 @@
|
|||
self.lib.createMediaGroup
|
||||
(self.lib.createUser "felschr" {
|
||||
user = {
|
||||
extraGroups = [ "wheel" "audio" "disk" "media" ];
|
||||
extraGroups = [
|
||||
"wheel"
|
||||
"audio"
|
||||
"disk"
|
||||
"media"
|
||||
];
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP751vlJUnB7Pfe1KNr6weWkx/rkP4J3lTYpAekHdOgV"
|
||||
];
|
||||
|
@ -79,7 +95,9 @@
|
|||
config = ../home/felschr-server.nix;
|
||||
})
|
||||
];
|
||||
specialArgs = { inherit inputs; };
|
||||
specialArgs = {
|
||||
inherit inputs;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -89,13 +107,19 @@
|
|||
sshUser = "felschr";
|
||||
sshOpts = [ "-t" ];
|
||||
user = "root";
|
||||
path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos
|
||||
self.nixosConfigurations.home-server;
|
||||
path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.home-server;
|
||||
magicRollback = false; # otherwise password prompt won't work
|
||||
};
|
||||
};
|
||||
};
|
||||
perSystem = { system, config, pkgs, ... }: {
|
||||
checks = inputs.deploy-rs.lib.${system}.deployChecks self.deploy;
|
||||
};
|
||||
perSystem =
|
||||
{
|
||||
system,
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
{
|
||||
checks = inputs.deploy-rs.lib.${system}.deployChecks self.deploy;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ ... }:
|
||||
{ lib, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
|
@ -40,8 +40,10 @@
|
|||
};
|
||||
};
|
||||
|
||||
services.tailscale.extraUpFlags =
|
||||
[ "--operator=felschr" "--advertise-routes=192.168.1.0/24" ];
|
||||
services.tailscale.extraUpFlags = [
|
||||
"--operator=felschr"
|
||||
"--advertise-routes=192.168.1.0/24"
|
||||
];
|
||||
|
||||
networking.firewall.allowedUDPPorts = [
|
||||
24727 # AusweisApp2
|
||||
|
|
|
@ -1,14 +1,22 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
inputs,
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
|
||||
let
|
||||
# mkdir /etc/secrets/initrd -p
|
||||
# chmod 700 -R /etc/secrets/
|
||||
# ssh-keygen -t ed25519 -N "" -f /etc/secrets/initrd/ssh_host_ed25519_key
|
||||
hostKeys = [{
|
||||
path = "/etc/secrets/initrd/ssh_host_ed25519_key";
|
||||
type = "ed25519";
|
||||
}];
|
||||
in {
|
||||
hostKeys = [
|
||||
{
|
||||
path = "/etc/secrets/initrd/ssh_host_ed25519_key";
|
||||
type = "ed25519";
|
||||
}
|
||||
];
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
../hardware/base.nix
|
||||
../desktop/x11.nix
|
||||
|
@ -44,8 +52,14 @@ in {
|
|||
|
||||
networking.domain = "home.felschr.com";
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||
networking.firewall.allowedUDPPorts = [ 80 443 ];
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
80
|
||||
443
|
||||
];
|
||||
networking.firewall.allowedUDPPorts = [
|
||||
80
|
||||
443
|
||||
];
|
||||
|
||||
security.acme.acceptTerms = true;
|
||||
security.acme.defaults.email = "dev@felschr.com";
|
||||
|
@ -134,8 +148,7 @@ in {
|
|||
enable = true;
|
||||
method = "email";
|
||||
email.mailTo = "admin@felschr.com";
|
||||
email.mailFrom =
|
||||
"${config.networking.hostName} <${config.programs.msmtp.accounts.default.from}>";
|
||||
email.mailFrom = "${config.networking.hostName} <${config.programs.msmtp.accounts.default.from}>";
|
||||
};
|
||||
|
||||
# only change this when specified in release notes
|
||||
|
|
|
@ -1,10 +1,18 @@
|
|||
{ self, ... }: {
|
||||
perSystem = { self', pkgs, lib, ... }: {
|
||||
packages.penguin = self.lib.mkOpenwrtImage {
|
||||
inherit pkgs;
|
||||
hostname = "penguin";
|
||||
timezone = "Europe/Berlin";
|
||||
ipaddr = "192.168.0.1";
|
||||
{ self, ... }:
|
||||
{
|
||||
perSystem =
|
||||
{
|
||||
self',
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
{
|
||||
packages.penguin = self.lib.mkOpenwrtImage {
|
||||
inherit pkgs;
|
||||
hostname = "penguin";
|
||||
timezone = "Europe/Berlin";
|
||||
ipaddr = "192.168.0.1";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue