BeiNacht/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

framework-2024-08-31-21-11-57

Browse Source
This commit is contained in:
Alexander Szczepanski
2024-08-31 21:11:57 +02:00
parent 8fbc1204a3
commit 0738ab2e8b
4 changed files with 253 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

232
flake.lock generated
View File

@ -1,5 +1,67 @@
{
"nodes": {
"chaotic": {
"inputs": {
"compare-to": "compare-to",
"fenix": "fenix",
"flake-schemas": "flake-schemas",
"home-manager": "home-manager",
"jovian": "jovian",
"nixpkgs": "nixpkgs",
"systems": "systems",
"yafas": "yafas"
},
"locked": {
"lastModified": 1725043054,
"narHash": "sha256-wNKROMH0TmS3yqpces3ldlRLE75Bec0gfmaP9DF6OPc=",
"owner": "chaotic-cx",
"repo": "nyx",
"rev": "1de4f25728a7f37785da5742f6d3fe98daffe83f",
"type": "github"
},
"original": {
"owner": "chaotic-cx",
"ref": "nyxpkgs-unstable",
"repo": "nyx",
"type": "github"
}
},
"compare-to": {
"locked": {
"lastModified": 1695341185,
"narHash": "sha256-htO6DSbWyCgaDkxi7foPjXwJFPzGjVt3RRUbPSpNtZY=",
"rev": "98b8e330823a3570d328720f87a1153f8a7f2224",
"revCount": 2,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/chaotic-cx/nix-empty-flake/0.1.2%2Brev-98b8e330823a3570d328720f87a1153f8a7f2224/018aba35-d228-7fa9-b205-7616c89ef4e0/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/chaotic-cx/nix-empty-flake/%3D0.1.2.tar.gz"
}
},
"fenix": {
"inputs": {
"nixpkgs": [
"chaotic",
"nixpkgs"
],
"rust-analyzer-src": "rust-analyzer-src"
},
"locked": {
"lastModified": 1724999484,
"narHash": "sha256-AIR8uYGteWS/RyHyZJAHQAUEJ/Mv4ktkPe2mzbJ2zCE=",
"owner": "nix-community",
"repo": "fenix",
"rev": "e3bb9176e807e2b166d54153ce8caea5cb2c6700",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "fenix",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
@ -16,6 +78,20 @@
"type": "github"
}
},
"flake-schemas": {
"locked": {
"lastModified": 1693491534,
"narHash": "sha256-ifw8Td8kD08J8DxFbYjeIx5naHcDLz7s2IFP3X42I/U=",
"rev": "c702cbb663d6d70bbb716584a2ee3aeb35017279",
"revCount": 21,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/DeterminateSystems/flake-schemas/0.1.1/018a4c59-80e1-708a-bb4d-854930c20f72/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/DeterminateSystems/flake-schemas/%3D0.1.1.tar.gz"
}
},
"fw-fanctrl": {
"inputs": {
"flake-compat": "flake-compat",
@ -39,6 +115,27 @@
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"chaotic",
"nixpkgs"
]
},
"locked": {
"lastModified": 1724435763,
"narHash": "sha256-UNky3lJNGQtUEXT2OY8gMxejakSWPTfWKvpFkpFlAfM=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "c2cd2a52e02f1dfa1c88f95abeb89298d46023be",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": {
"inputs": {
"nixpkgs": [
"nixpkgs"
@ -59,6 +156,51 @@
"type": "github"
}
},
"jovian": {
"inputs": {
"nix-github-actions": "nix-github-actions",
"nixpkgs": [
"chaotic",
"nixpkgs"
]
},
"locked": {
"lastModified": 1724999205,
"narHash": "sha256-Lc9kb5hhUohcJlUye5Pu8BNYHDPIOUtejYySTvHTlio=",
"owner": "Jovian-Experiments",
"repo": "Jovian-NixOS",
"rev": "a14f978f74e89213a5f565f827454dd6178b2bb5",
"type": "github"
},
"original": {
"owner": "Jovian-Experiments",
"repo": "Jovian-NixOS",
"type": "github"
}
},
"nix-github-actions": {
"inputs": {
"nixpkgs": [
"chaotic",
"jovian",
"nixpkgs"
]
},
"locked": {
"lastModified": 1690328911,
"narHash": "sha256-fxtExYk+aGf2YbjeWQ8JY9/n9dwuEt+ma1eUFzF8Jeo=",
"owner": "zhaofengli",
"repo": "nix-github-actions",
"rev": "96df4a39c52f53cb7098b923224d8ce941b64747",
"type": "github"
},
"original": {
"owner": "zhaofengli",
"ref": "matrix-name",
"repo": "nix-github-actions",
"type": "github"
}
},
"nixos-hardware": {
"locked": {
"lastModified": 1724878143,
@ -77,16 +219,16 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1725001927,
"narHash": "sha256-eV+63gK0Mp7ygCR0Oy4yIYSNcum2VQwnZamHxYTNi+M=",
"owner": "nixos",
"lastModified": 1724819573,
"narHash": "sha256-GnR7/ibgIH1vhoy8cYdmXE6iyZqKqFxQSVkFgosBh6w=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "6e99f2a27d600612004fbd2c3282d614bfee6421",
"rev": "71e91c409d1e654808b2621f28a327acfdad8dc2",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-24.05",
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
@ -123,16 +265,50 @@
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1725001927,
"narHash": "sha256-eV+63gK0Mp7ygCR0Oy4yIYSNcum2VQwnZamHxYTNi+M=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "6e99f2a27d600612004fbd2c3282d614bfee6421",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"chaotic": "chaotic",
"fw-fanctrl": "fw-fanctrl",
"home-manager": "home-manager",
"home-manager": "home-manager_2",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs",
"nixpkgs": "nixpkgs_2",
"nixpkgs-unstable": "nixpkgs-unstable",
"sops-nix": "sops-nix"
}
},
"rust-analyzer-src": {
"flake": false,
"locked": {
"lastModified": 1724937894,
"narHash": "sha256-M/28TIG+fm5x3GtQ6qSGDw1NHS4nHttz0DM7JcDs4g8=",
"owner": "rust-lang",
"repo": "rust-analyzer",
"rev": "0ae42bd42576566540a84c62e118aa823edcf2ec",
"type": "github"
},
"original": {
"owner": "rust-lang",
"ref": "nightly",
"repo": "rust-analyzer",
"type": "github"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": [
@ -153,6 +329,46 @@
"repo": "sops-nix",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems",
"repo": "default-linux",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default-linux",
"type": "github"
}
},
"yafas": {
"inputs": {
"flake-schemas": [
"chaotic",
"flake-schemas"
],
"systems": [
"chaotic",
"systems"
]
},
"locked": {
"lastModified": 1695926485,
"narHash": "sha256-wNFFnItckgSs8XeYhhv8vlJs2WF09fSQaWgw4xkDqHQ=",
"owner": "UbiqueLambda",
"repo": "yafas",
"rev": "7772afd6686458ca0ddbc599a52cf5d337367653",
"type": "github"
},
"original": {
"owner": "UbiqueLambda",
"repo": "yafas",
"type": "github"
}
}
},
"root": "root",

3
flake.nix
View File

@ -8,6 +8,7 @@
#nixos-hardware
nixos-hardware.url = "github:nixos/nixos-hardware/master";
chaotic.url = "github:chaotic-cx/nyx/nyxpkgs-unstable";
sops-nix =
{
@ -29,6 +30,7 @@
outputs =
{ self
, chaotic
, fw-fanctrl
, home-manager
, nixos-hardware
@ -71,6 +73,7 @@
modules = [
fw-fanctrl.nixosModules.default
./machine/framework/configuration.nix
chaotic.nixosModules.default # OUR DEFAULT MODULE
];
};

3
machine/desktop/configuration.nix
View File

@ -192,15 +192,12 @@ in
compression = "auto,zstd";
encryption = {
mode = "repokey-blake2";
# passphrase = secrets.borg-key;
passCommand = "cat ${config.sops.secrets.borg-key.path}";
};
extraCreateArgs = "--checkpoint-interval 600 --exclude-caches";
environment.BORG_RSH = "ssh -i ~/.ssh/id_borg_ed25519";
paths = "/home/alex";
repo = "ssh://u278697-sub2@u278697.your-storagebox.de:23/./borg";
# repo = secrets.borg-repo;
# repo = (builtins.readFile config.sops.secrets.borg-repo.path);
startAt = "daily";
user = "alex";
prune.keep = {

30
machine/framework/configuration.nix
View File

@ -1,7 +1,6 @@
{ config, pkgs, lib, outputs, inputs, ... }:
let
be = import ../../configs/borg-exclude.nix;
secrets = import ../../configs/secrets.nix;
in
{
nixpkgs = {
@ -18,6 +17,7 @@ in
imports = [
./hardware-configuration.nix
inputs.nixos-hardware.nixosModules.framework-12th-gen-intel
inputs.sops-nix.nixosModules.sops
../../configs/browser.nix
../../configs/common.nix
../../configs/docker.nix
@ -28,7 +28,30 @@ in
../../configs/user.nix
];
sops = {
defaultSopsFile = ../../secrets.yaml;
validateSopsFiles = true;
age = {
sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
keyFile = "/var/lib/sops-nix/key.txt";
generateKey = true;
};
secrets = {
borg-key = {
sopsFile = ../../secrets-framework.yaml;
owner = config.users.users.alex.name;
group = config.users.users.alex.group;
};
hashedPassword = {
neededForUsers = true;
};
};
};
boot = {
kernelPackages = pkgs.linuxPackages_latest;
initrd.systemd.enable = true;
loader = {
systemd-boot.enable = true;
@ -82,7 +105,6 @@ in
hardware = {
keyboard.qmk.enable = true;
enableAllFirmware = true;
cpu.intel.updateMicrocode = true;
openrazer = {
enable = true;
users = [ "alex" ];
@ -142,13 +164,13 @@ in
compression = "auto,zstd";
encryption = {
mode = "repokey-blake2";
passphrase = secrets.borg-key;
passCommand = "cat ${config.sops.secrets.borg-key.path}";
};
extraCreateArgs =
"--stats --verbose --checkpoint-interval 600 --exclude-caches";
environment.BORG_RSH = "ssh -i /home/alex/.ssh/id_borg_ed25519";
paths = [ "/home/alex" "/var/lib" ];
repo = secrets.borg-repo;
repo = "ssh://u278697-sub9@u278697.your-storagebox.de:23/./borg";
startAt = "daily";
prune.keep = {
daily = 7;