mlaga97
/
mlaga97-nix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add config for outpost

This commit is contained in:
Lauren Lagarde 2025-06-10 22:51:08 -05:00
parent 535b8c5230
commit 4ee0f79bc9
5 changed files with 120 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
features/base.nix
View File

@ -1,6 +1,5 @@
{ pkgs, ... }: { { pkgs, ... }: {
users.mutableUsers = false; users.mutableUsers = false;
nixpkgs.config.allowUnfree = true;
networking.wireless.enable = false; # For some reason this is needed all of the time networking.wireless.enable = false; # For some reason this is needed all of the time

44
flake.lock
View File

@ -2,7 +2,9 @@
"nodes": { "nodes": {
"disko": { "disko": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs" "nixpkgs": [
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1736864502, "lastModified": 1736864502,
@ -14,7 +16,7 @@
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "v1.11.0", "ref": "latest",
"repo": "disko", "repo": "disko",
"type": "github" "type": "github"
} }
@ -133,17 +135,17 @@
"mlaga97-home-manager": { "mlaga97-home-manager": {
"inputs": { "inputs": {
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs",
"nixpkgs-unstable": "nixpkgs-unstable" "nixpkgs-unstable": "nixpkgs-unstable"
}, },
"locked": { "locked": {
"lastModified": 1, "lastModified": 1,
"narHash": "sha256-oKpqiYEEMrno6/Cx7kk3FSIeshwyhmm29jppwTEcbMY=", "narHash": "sha256-pYpD+mKj2FS//91FsFc7YfemYBNLrFwXev9v3Q4JUEo=",
"path": "/nix/store/4nfp193ifb272bqfln8bwi788vkqs0p5-source/modules/mlaga97-home-manager", "path": "/nix/store/rm2bwhpxralxzakij7s6mcgbhcn9a5gx-source/modules/mlaga97-home-manager",
"type": "path" "type": "path"
}, },
"original": { "original": {
"path": "/nix/store/4nfp193ifb272bqfln8bwi788vkqs0p5-source/modules/mlaga97-home-manager", "path": "/nix/store/rm2bwhpxralxzakij7s6mcgbhcn9a5gx-source/modules/mlaga97-home-manager",
"type": "path" "type": "path"
} }
}, },
@ -186,16 +188,16 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1736241350, "lastModified": 1741332913,
"narHash": "sha256-CHd7yhaDigUuJyDeX0SADbTM9FXfiWaeNyY34FL1wQU=", "narHash": "sha256-ri1e8ZliWS3Jnp9yqpKApHaOo7KBN33W8ECAKA4teAQ=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "8c9fd3e564728e90829ee7dbac6edc972971cd0f", "rev": "20755fa05115c84be00b04690630cb38f0a203ad",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixpkgs-unstable", "ref": "nixos-24.11",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
@ -233,22 +235,6 @@
} }
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": {
"lastModified": 1741332913,
"narHash": "sha256-ri1e8ZliWS3Jnp9yqpKApHaOo7KBN33W8ECAKA4teAQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "20755fa05115c84be00b04690630cb38f0a203ad",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1735531152, "lastModified": 1735531152,
"narHash": "sha256-As8I+ebItDKtboWgDXYZSIjGlKeqiLBvjxsQHUmAf1Q=", "narHash": "sha256-As8I+ebItDKtboWgDXYZSIjGlKeqiLBvjxsQHUmAf1Q=",
@ -264,7 +250,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_4": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1, "lastModified": 1,
"narHash": "sha256-QJFvxzBCZHVjWApIe4KaxC3gRd5d1QgDT3xJNetMwVE=", "narHash": "sha256-QJFvxzBCZHVjWApIe4KaxC3gRd5d1QgDT3xJNetMwVE=",
@ -283,7 +269,7 @@
"lix-module": "lix-module", "lix-module": "lix-module",
"mlaga97-home-manager": "mlaga97-home-manager", "mlaga97-home-manager": "mlaga97-home-manager",
"nixos-generators": "nixos-generators", "nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_2",
"nixpkgs-unstable": "nixpkgs-unstable_2", "nixpkgs-unstable": "nixpkgs-unstable_2",
"waveforms": "waveforms" "waveforms": "waveforms"
} }
@ -305,7 +291,7 @@
}, },
"waveforms": { "waveforms": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs_4" "nixpkgs": "nixpkgs_3"
}, },
"locked": { "locked": {
"lastModified": 1722915115, "lastModified": 1722915115,

32
flake.nix
View File

@ -27,8 +27,9 @@
lix-module.url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-2.tar.gz"; lix-module.url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-2.tar.gz";
lix-module.inputs.nixpkgs.follows = "nixpkgs"; lix-module.inputs.nixpkgs.follows = "nixpkgs";
# Installers disko.url = "github:nix-community/disko/latest";
disko.url = "github:nix-community/disko/v1.11.0"; disko.inputs.nixpkgs.follows = "nixpkgs";
nixos-generators.url = "github:nix-community/nixos-generators/7c60ba4bc8d6aa2ba3e5b0f6ceb9fc07bc261565"; nixos-generators.url = "github:nix-community/nixos-generators/7c60ba4bc8d6aa2ba3e5b0f6ceb9fc07bc261565";
nixos-generators.inputs.nixpkgs.follows = "nixpkgs"; nixos-generators.inputs.nixpkgs.follows = "nixpkgs";
@ -48,7 +49,10 @@
locale = "en_US.UTF-8"; locale = "en_US.UTF-8";
stateVersion = "24.11"; stateVersion = "24.11";
pkgs = import nixpkgs {inherit system; }; pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
};
pkgs-unstable = import nixpkgs-unstable { pkgs-unstable = import nixpkgs-unstable {
inherit system; inherit system;
config.allowUnfree = true; config.allowUnfree = true;
@ -73,14 +77,17 @@
}]; }];
# TODO: Surely a better way, no? # TODO: Surely a better way, no?
inherited_modules = [ inherited_modules_lite = [
{ {
time.timeZone = timezone; time.timeZone = timezone;
system.stateVersion = stateVersion; system.stateVersion = stateVersion;
} }
lix-module.nixosModules.default
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
];
inherited_modules = inherited_modules_lite ++ [
lix-module.nixosModules.default
waveforms.nixosModule waveforms.nixosModule
disko.nixosModules.default disko.nixosModules.default
]; ];
@ -130,7 +137,7 @@
modules = iso_modules ++ [ modules = iso_modules ++ [
{ {
networking.hostName = "ll-nixos-base"; networking.hostName = "ll-nixos-base";
home-manager.users."lauren_lagarde" = { config, ... }: { home-manager.users."lauren_lagarde" = { config, pkgs-unstable, ... }: {
imports = inputs.mlaga97-home-manager.homeManagerModules."lauren_lagarde@ll-latitude-e5591"; imports = inputs.mlaga97-home-manager.homeManagerModules."lauren_lagarde@ll-latitude-e5591";
}; };
} }
@ -204,6 +211,15 @@
] ++ inherited_modules; ] ++ inherited_modules;
specialArgs = { inherit inputs pkgs-unstable; }; specialArgs = { inherit inputs pkgs-unstable; };
}; };
outpost-sdcard = nixos-generators.nixosGenerate {
system = "aarch64-linux";
format = "sd-aarch64";
modules = pi_modules ++ [
./systems/outpost.nix
] ++ inherited_modules_lite;
specialArgs = { inherit inputs pkgs-unstable; };
};
}; };
packages.x86_64-linux = { packages.x86_64-linux = {
@ -220,7 +236,8 @@
modules = iso_modules ++ [ modules = iso_modules ++ [
{ {
networking.hostName = "ll-nixos"; networking.hostName = "ll-nixos";
home-manager.users."lauren_lagarde" = { config, ... }: { home-manager.users."lauren_lagarde" = {
nixpkgs.config.allowUnfree = true;
imports = inputs.mlaga97-home-manager.homeManagerModules."lauren_lagarde@ll-latitude-e5591"; imports = inputs.mlaga97-home-manager.homeManagerModules."lauren_lagarde@ll-latitude-e5591";
}; };
} }
@ -238,6 +255,7 @@
{ {
networking.hostName = "ll-nixos"; networking.hostName = "ll-nixos";
home-manager.users."lauren_lagarde" = { config, ... }: { home-manager.users."lauren_lagarde" = { config, ... }: {
nixpkgs.config.allowUnfree = true;
imports = inputs.mlaga97-home-manager.homeManagerModules."lauren_lagarde@ll-latitude-e5591"; imports = inputs.mlaga97-home-manager.homeManagerModules."lauren_lagarde@ll-latitude-e5591";
}; };
} }

BIN
secrets.tar.zst.gpg
View File

Binary file not shown.

80
systems/outpost.nix Normal file
View File

@ -0,0 +1,80 @@
{ pkgs, ... }: {
networking.hostName = "outpost";
networking.hostId = "373a7023";
imports = [
# Base Config
../features/base.nix
../features/headless.nix
# Features
../features/tui-apps.nix
../features/openssh-server.nix
../features/virtualization/dockge.nix
../features/virtualization/docker.nix
# Tweaks
../tweaks/zfs.nix
../tweaks/zram.nix
../tweaks/enable_flakes.nix
../tweaks/disable_firewall.nix
../tweaks/systemd-resolved_nonsense.nix
# Dotspace
../secrets/dotspace.nix
# Users
../users/lauren_lagarde/lauren_lagarde.nix
];
##############################################################################
##############################################################################
##############################################################################
# Networking
networking.useNetworkd = true;
systemd.network = {
enable = true;
networks = {
"30-end0" = {
matchConfig.Name = "end0";
linkConfig = {
RequiredForOnline = "routable";
};
networkConfig = {
DHCP = "ipv4";
IPv6AcceptRA = true;
};
};
"90-tinc" = {
matchConfig.Name = "tinc.dotspace";
address = [ "10.86.84.106/32" ];
routes = [ { Destination = "10.86.84.0/24"; } ];
};
};
};
services.tinc.networks.dotspace = {
name = "outpost";
ed25519PrivateKeyFile = "/root/tinc/dotspace_ed25519_key.priv";
chroot = false;
settings.ConnectTo = [ "fortress" "stronghold" ];
};
##############################################################################
##############################################################################
##############################################################################
# Services
# TODO: Put scripts into version control
services.cron = {
enable = true;
mailto = "";
systemCronJobs = [
"* * * * * lauren_lagarde /home/lauren_lagarde/bin/PublishStats > /dev/null"
];
};
}