diff options
| author | Caroline Larimore <caroline@larimo.re> | 2024-07-18 23:39:42 -0700 |
|---|---|---|
| committer | Caroline Larimore <caroline@larimo.re> | 2024-07-18 23:39:42 -0700 |
| commit | 65174b4b5c05bb143e6681a4cbcd0a95f04987e2 (patch) | |
| tree | 35383af43f2aa972b316dd12e1d5d1bd5df84086 | |
| parent | 15c5050590415fd64e984e994ec77186918cf7b7 (diff) | |
Begin modularization!
23 files changed, 569 insertions, 97 deletions
@@ -1,5 +1,39 @@ { "nodes": { + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1681202837, + "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -35,13 +69,49 @@ "type": "github" } }, + "nix-minecraft": { + "inputs": { + "flake-compat": "flake-compat", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1721343928, + "narHash": "sha256-Ly3BzMJs1raGQAtheNRZH/PcNcjfu18G1AJ8dkyymWI=", + "owner": "CartConnoisseur", + "repo": "nix-minecraft", + "rev": "40aa0fa24f1d0e57ade2d68512a915779a1fe201", + "type": "github" + }, + "original": { + "owner": "CartConnoisseur", + "repo": "nix-minecraft", + "type": "github" + } + }, "nixpkgs": { "locked": { - "lastModified": 1720957393, - "narHash": "sha256-oedh2RwpjEa+TNxhg5Je9Ch6d3W1NKi7DbRO1ziHemA=", + "lastModified": 1715266358, + "narHash": "sha256-doPgfj+7FFe9rfzWo1siAV2mVCasW+Bh8I1cToAXEE4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "693bc46d169f5af9c992095736e82c3488bf7dbb", + "rev": "f1010e0469db743d14519a1efd37e23f8513d714", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1721138476, + "narHash": "sha256-+W5eZOhhemLQxelojLxETfbFbc19NWawsXBlapYpqIA=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "ad0b5eed1b6031efaed382844806550c3dcb4206", "type": "github" }, "original": { @@ -55,7 +125,23 @@ "inputs": { "home-manager": "home-manager", "impermanence": "impermanence", - "nixpkgs": "nixpkgs" + "nix-minecraft": "nix-minecraft", + "nixpkgs": "nixpkgs_2" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" } } }, @@ -4,26 +4,37 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; - impermanence = { - url = "github:nix-community/impermanence"; - }; - home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; + + impermanence.url = "github:nix-community/impermanence"; + + nix-minecraft.url = "github:CartConnoisseur/nix-minecraft"; }; outputs = {nixpkgs, ...} @ inputs: { - nixosConfigurations.default = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs;}; - modules = [ - ./configuration.nix - - inputs.home-manager.nixosModules.default - inputs.impermanence.nixosModules.impermanence - ]; + nixosConfigurations = { + default = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs; }; + modules = [ + ./hosts/c-pc/configuration.nix + inputs.home-manager.nixosModules.default + inputs.impermanence.nixosModules.impermanence + inputs.nix-minecraft.nixosModules.minecraft-servers + ]; + }; + + copenhagen = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs; }; + modules = [ + ./hosts/copenhagen/configuration.nix + inputs.home-manager.nixosModules.default + inputs.nix-minecraft.nixosModules.minecraft-servers + ]; + }; }; }; } diff --git a/home/default.nix b/home/default.nix index a7eceb9..385e750 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,5 +1,6 @@ { ... }: +#TODO: properly migrate to a module/role { imports = [ ./discord.nix diff --git a/configuration.nix b/hosts/c-pc/configuration.nix index 9a29307..73797ea 100644 --- a/configuration.nix +++ b/hosts/c-pc/configuration.nix @@ -3,7 +3,8 @@ { imports = [ ./hardware-configuration.nix - ./system + ./networking.nix + ../../roles ]; nix.settings.experimental-features = [ "nix-command" "flakes" ]; @@ -35,7 +36,7 @@ localBinInPath = true; interactiveShellInit = '' - alias ssh="kitty +kitten ssh" + alias kitty-ssh="kitty +kitten ssh" alias lsa="ls -lAsh" alias c="codium ." @@ -70,6 +71,26 @@ "steam-run" ]; + roles = { + desktop.enable = true; + }; + + programs = { + steam.enable = true; + + gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + + dconf.enable = true; + }; + + services = { + pcscd.enable = true; + printing.enable = true; + }; + environment.systemPackages = with pkgs; [ (writeShellScriptBin "rb" "sudo nixos-rebuild switch --flake /etc/nixos#default") (writeShellScriptBin "rbf" "sudo nixos-rebuild switch --flake path:/etc/nixos#default") @@ -97,22 +118,6 @@ libGL ]; - programs = { - steam.enable = true; - - gnupg.agent = { - enable = true; - enableSSHSupport = true; - }; - - dconf.enable = true; - }; - - services = { - pcscd.enable = true; - printing.enable = true; - }; - # This option defines the first version of NixOS you have installed on this particular machine, # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. # diff --git a/hardware-configuration.nix b/hosts/c-pc/hardware-configuration.nix index c268ff8..c268ff8 100644 --- a/hardware-configuration.nix +++ b/hosts/c-pc/hardware-configuration.nix diff --git a/home.nix b/hosts/c-pc/home.nix index 66392f2..9ee1988 100644 --- a/home.nix +++ b/hosts/c-pc/home.nix @@ -4,12 +4,12 @@ imports = [ inputs.impermanence.nixosModules.home-manager.impermanence - ./home + ../../home ]; # theme.nix is an untracked symlink to a theme under ./themes/ # This lets me switch out my theme without making changes in git - theme = import ./theme.nix; + theme = import ../../theme.nix; home.stateVersion = "23.11"; diff --git a/system/networking.nix b/hosts/c-pc/networking.nix index 31632c1..31632c1 100644 --- a/system/networking.nix +++ b/hosts/c-pc/networking.nix diff --git a/hosts/copenhagen/configuration.nix b/hosts/copenhagen/configuration.nix new file mode 100644 index 0000000..21a2e98 --- /dev/null +++ b/hosts/copenhagen/configuration.nix @@ -0,0 +1,99 @@ +{ config, lib, pkgs, inputs, ... }: + +{ + imports = [ + ./hardware-configuration.nix + ../../roles + ]; + + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + networking.hostName = "copenhagen"; + time.timeZone = "America/Los_Angeles"; + + # home-manager = { + # extraSpecialArgs = { inherit inputs; }; + # users = { + # "c" = import ./home.nix; + # }; + # }; + + environment = { + localBinInPath = true; + + interactiveShellInit = '' + alias lsa="ls -lAsh" + alias c="codium ." + alias p="nix-shell -p" + + mkcd() { + mkdir -p "$1" + cd "$1" + } + ''; + + variables = { + EDITOR = "${pkgs.vim}/bin/vim"; + }; + }; + + users.users = { + root.password = "password"; + + "c" = { + isNormalUser = true; + password = "password"; + extraGroups = [ "wheel" "minecraft" ]; + }; + }; + + environment.systemPackages = with pkgs; [ + (writeShellScriptBin "rb" "sudo nixos-rebuild switch --flake /etc/nixos#copenhagen") + (writeShellScriptBin "rbf" "sudo nixos-rebuild switch --flake path:/etc/nixos#copenhagen") + + git + vim + wget + killall + ffmpeg + ]; + + roles = { + minecraft = { + enable = true; + servers = { + test = { + enable = true; + port = 25566; + }; + }; + }; + web = { + proxy.enable = true; + stargazers.enable = true; + test.enable = true; + }; + }; + + # services = { + # pcscd.enable = true; + # }; + + # This option defines the first version of NixOS you have installed on this particular machine, + # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. + # + # Most users should NEVER change this value after the initial install, for any reason, + # even if you've upgraded your system to a new NixOS release. + # + # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, + # so changing it will NOT upgrade your system. + # + # This value being lower than the current NixOS release does NOT mean your system is + # out of date, out of support, or vulnerable. + # + # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, + # and migrated your data accordingly. + # + # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . + system.stateVersion = "23.11"; # Did you read the comment? 🤨 +}
\ No newline at end of file diff --git a/hosts/copenhagen/hardware-configuration.nix b/hosts/copenhagen/hardware-configuration.nix new file mode 100644 index 0000000..be9ad1c --- /dev/null +++ b/hosts/copenhagen/hardware-configuration.nix @@ -0,0 +1,46 @@ +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + # boot = { + # loader.grub = { + # enable = true; + + # efiSupport = true; + # efiInstallAsRemovable = true; + # mirroredBoots = [ + # { devices = [ "nodev" ]; path = "/boot"; } + # ]; + # }; + + # initrd = { + # availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; + # kernelModules = [ ]; + # }; + + # kernelModules = [ "kvm-amd" ]; + # extraModulePackages = [ ]; + + # supportedFilesystems = [ "ntfs" ]; + # }; + + # fileSystems = { + # "/" = { fsType = "zfs"; device = "zpool/root"; }; + # "/home" = { fsType = "zfs"; device = "zpool/home"; }; + # "/persist" = { fsType = "zfs"; device = "zpool/persist"; }; + # "/nix" = { fsType = "zfs"; device = "zpool/nix"; }; + + # "/boot" = { fsType = "vfat"; device = "/dev/disk/by-uuid/12CE-A600"; }; + + # "/mnt/4tb" = { fsType = "ext4"; device = "/dev/disk/by-label/4tb"; }; + # "/mnt/ssd" = { fsType = "ext4"; device = "/dev/disk/by-label/ssd-256"; }; + # }; + + # swapDevices = [ ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + # hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/roles/default.nix b/roles/default.nix new file mode 100644 index 0000000..420eaeb --- /dev/null +++ b/roles/default.nix @@ -0,0 +1,9 @@ +{ ... }: + +{ + imports = [ + ./desktop + ./minecraft + ./web + ]; +} diff --git a/roles/desktop/default.nix b/roles/desktop/default.nix new file mode 100644 index 0000000..c2fae92 --- /dev/null +++ b/roles/desktop/default.nix @@ -0,0 +1,61 @@ +{ config, pkgs, lib, ... }: +with lib; + +let cfg = config.roles.desktop; in { + imports = [ + ./input.nix + ./xserver.nix + ]; + + options.roles.desktop = { + enable = mkEnableOption "desktop"; + }; + + config = mkIf cfg.enable { + security.rtkit.enable = true; + + i18n.inputMethod.enable = true; + + services = { + displayManager.enable = true; + + xserver = { + enable = true; + displayManager.lightdm.enable = true; + windowManager.i3.enable = true; + }; + + keyd.enable = true; + + pipewire = { + enable = true; + + pulse.enable = true; + alsa.enable = true; + alsa.support32Bit = true; + #jack.enable = true; + }; + }; + + fonts = { + packages = with pkgs; [ + nerdfonts + noto-fonts + noto-fonts-cjk + noto-fonts-cjk-sans + noto-fonts-cjk-serif + noto-fonts-emoji + + minecraftia + ]; + + fontconfig = { + defaultFonts = { + monospace = [ "CaskaydiaMono Nerd Font" ]; + sansSerif = [ "DejaVu Sans" "Noto Sans CJK JP" "Noto Sans" ]; + serif = [ "DejaVu Serif" "Noto Serif CJK JP" "Noto Serif" ]; + }; + }; + }; + }; +} diff --git a/system/keyboard.nix b/roles/desktop/input.nix index 1a3de2f..20e9da8 100644 --- a/system/keyboard.nix +++ b/roles/desktop/input.nix @@ -2,8 +2,6 @@ { services.keyd = { - enable = true; - keyboards."*".settings = { main = { # Swap alt and meta keys. @@ -21,8 +19,7 @@ }; }; - i18n.inputMethod = { - enable = true; + i18n.inputMethod = { type = "fcitx5"; fcitx5.addons = with pkgs; [ fcitx5-mozc ]; }; diff --git a/system/xserver.nix b/roles/desktop/xserver.nix index 38eaf21..461de83 100644 --- a/system/xserver.nix +++ b/roles/desktop/xserver.nix @@ -2,18 +2,13 @@ { services.displayManager = { - enable = true; defaultSession = "none+i3"; }; services.xserver = { - enable = true; - videoDrivers = [ "amdgpu" ]; displayManager = { - lightdm.enable = true; - setupCommands = '' if ${pkgs.xorg.xrandr}/bin/xrandr --query | grep 2560x1080; then ${pkgs.xorg.xrandr}/bin/xrandr --output DVI-D-0 --mode 1920x1080 --rate 60 --pos 0x0 @@ -27,10 +22,6 @@ ''; }; - windowManager.i3 = { - enable = true; - }; - xkb.layout = "us"; # xkb.options = "eurosign:e,caps:escape"; }; diff --git a/roles/minecraft/default.nix b/roles/minecraft/default.nix new file mode 100644 index 0000000..1af96d8 --- /dev/null +++ b/roles/minecraft/default.nix @@ -0,0 +1,29 @@ +{ config, pkgs, lib, inputs, ... }: +with lib; + +let cfg = config.roles.minecraft; in { + imports = [ + ./servers + ]; + + options.roles.minecraft = { + enable = mkEnableOption "minecraft server role"; + }; + + config = mkIf cfg.enable { + nixpkgs = { + overlays = [ inputs.nix-minecraft.overlay ]; + config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ + "minecraft-server" + ]; + }; + + programs.tmux.enable = true; + + services.minecraft-servers = { + enable = true; + eula = true; + openFirewall = true; + }; + }; +} diff --git a/roles/minecraft/servers/default.nix b/roles/minecraft/servers/default.nix new file mode 100644 index 0000000..33ad532 --- /dev/null +++ b/roles/minecraft/servers/default.nix @@ -0,0 +1,7 @@ +{ ... }: + +{ + imports = [ + ./test.nix + ]; +} diff --git a/roles/minecraft/servers/test.nix b/roles/minecraft/servers/test.nix new file mode 100644 index 0000000..cba264d --- /dev/null +++ b/roles/minecraft/servers/test.nix @@ -0,0 +1,67 @@ +{ config, pkgs, lib, ... }: +with lib; + +let cfg = config.roles.minecraft.servers.test; in { + options.roles.minecraft.servers.test = { + enable = mkEnableOption "test server role"; + + port = mkOption { + type = types.port; + default = 25565; + description = "server port"; + }; + + start = mkOption { + type = types.bool; + default = false; + description = "autostart"; + }; + }; + + config = mkIf cfg.enable { + services.minecraft-servers.servers.test = { + enable = true; + openFirewall = true; + autoStart = cfg.start; + + package = pkgs.fabricServers.fabric-1_21; + + whitelist = { + "Townscaper" = "57697615-5b5b-4730-bdaf-5f74ff3ab20d"; + "grippysockjail" = "9448c89d-34eb-4e2c-a231-8112eb1a9e4a"; + }; + + operators = { + "Townscaper" = { + uuid = "57697615-5b5b-4730-bdaf-5f74ff3ab20d"; + level = 4; + bypassesPlayerLimit = true; + }; + "grippysockjail" = "9448c89d-34eb-4e2c-a231-8112eb1a9e4a"; + }; + + serverProperties = { + gamemode = 1; + max-players = 1; + motd = ":3"; + port = cfg.port; + }; + + symlinks.mods = pkgs.linkFarmFromDrvs "mods" (builtins.attrValues { + fabric = pkgs.fetchurl { + url = "https://cdn.modrinth.com/data/P7dR8mSH/versions/vMQdA5QJ/fabric-api-0.100.7%2B1.21.jar"; + sha256 = "sha256-grNmYgSekBaTztR1SLbqZCOC6+QNUDLe4hp105qfibA="; + }; + noChatReports = pkgs.fetchurl { + url = "https://cdn.modrinth.com/data/qQyHxfxd/versions/riMhCAII/NoChatReports-FABRIC-1.21-v2.8.0.jar"; + sha256 = "sha256-jskscOeK3ri2dt3mvWLPVmzddwPqBHJ8Ps+VfZ6l9os="; + }; + }); + }; + }; +} + + + + + diff --git a/roles/web/default.nix b/roles/web/default.nix new file mode 100644 index 0000000..bbcc246 --- /dev/null +++ b/roles/web/default.nix @@ -0,0 +1,9 @@ +{ ... }: + +{ + imports = [ + ./proxy + ./stargazers + ./test + ]; +} diff --git a/roles/web/proxy/default.nix b/roles/web/proxy/default.nix new file mode 100644 index 0000000..879ef12 --- /dev/null +++ b/roles/web/proxy/default.nix @@ -0,0 +1,28 @@ +{ config, pkgs, lib, inputs, ... }: +with lib; + +let cfg = config.roles.web.proxy; in { + options.roles.web.proxy = { + enable = mkEnableOption "nginx reverse proxy"; + }; + + config = mkIf cfg.enable { + networking.firewall.allowedTCPPorts = [ 80 ]; + + services.nginx = { + enable = true; + virtualHosts = { + "localhost".locations = { + "/test" = { + recommendedProxySettings = true; + proxyPass = "http://192.168.0.2/"; + }; + "/stargazers" = { + recommendedProxySettings = true; + proxyPass = "http://192.168.0.3/"; + }; + }; + }; + }; + }; +} diff --git a/roles/web/stargazers/default.nix b/roles/web/stargazers/default.nix new file mode 100644 index 0000000..78b37d3 --- /dev/null +++ b/roles/web/stargazers/default.nix @@ -0,0 +1,37 @@ +{ config, pkgs, lib, inputs, ... }: +with lib; + +let cfg = config.roles.web.stargazers; in { + options.roles.web.stargazers = { + enable = mkEnableOption "stargazers webserver"; + }; + + config = mkIf cfg.enable { + containers.web-stargazers = { + autoStart = true; + + privateNetwork = true; + hostAddress = "192.168.0.1"; + localAddress = "192.168.0.3"; + + bindMounts = { + "/srv/web/stargazers" = { + hostPath = "/srv/web/stargazers"; + isReadOnly = true; + }; + }; + + config = { ... }: { + system.stateVersion = "23.11"; + networking.firewall.allowedTCPPorts = [ 80 ]; + + services.nginx = { + enable = true; + virtualHosts = { + "192.168.0.3".root = "/srv/web/stargazers"; + }; + }; + }; + }; + }; +} diff --git a/roles/web/test/default.nix b/roles/web/test/default.nix new file mode 100644 index 0000000..04bc1a7 --- /dev/null +++ b/roles/web/test/default.nix @@ -0,0 +1,37 @@ +{ config, pkgs, lib, inputs, ... }: +with lib; + +let cfg = config.roles.web.test; in { + options.roles.web.test = { + enable = mkEnableOption "test webserver"; + }; + + config = mkIf cfg.enable { + containers.web-test = { + autoStart = true; + + privateNetwork = true; + hostAddress = "192.168.0.1"; + localAddress = "192.168.0.2"; + + bindMounts = { + "/srv/web/test" = { + hostPath = "/srv/web/test"; + isReadOnly = true; + }; + }; + + config = { ... }: { + system.stateVersion = "23.11"; + networking.firewall.allowedTCPPorts = [ 80 ]; + + services.nginx = { + enable = true; + virtualHosts = { + "192.168.0.2".root = "/srv/web/test"; + }; + }; + }; + }; + }; +} diff --git a/system/default.nix b/system/default.nix deleted file mode 100644 index 6178ae8..0000000 --- a/system/default.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ ... }: - -{ - imports = [ - ./fonts.nix - ./keyboard.nix - ./networking.nix - ./pipewire.nix - ./xserver.nix - ]; -} diff --git a/system/fonts.nix b/system/fonts.nix deleted file mode 100644 index d582448..0000000 --- a/system/fonts.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ pkgs, ... }: - -{ - fonts = { - packages = with pkgs; [ - nerdfonts - noto-fonts - noto-fonts-cjk - noto-fonts-cjk-sans - noto-fonts-cjk-serif - noto-fonts-emoji - - minecraftia - ]; - - fontconfig = { - defaultFonts = { - monospace = [ "CaskaydiaMono Nerd Font" ]; - sansSerif = [ "DejaVu Sans" "Noto Sans CJK JP" "Noto Sans" ]; - serif = [ "DejaVu Serif" "Noto Serif CJK JP" "Noto Serif" ]; - }; - }; - }; -} diff --git a/system/pipewire.nix b/system/pipewire.nix deleted file mode 100644 index 0dfb230..0000000 --- a/system/pipewire.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ ... }: - -{ - security.rtkit.enable = true; - services.pipewire = { - enable = true; - - pulse.enable = true; - alsa.enable = true; - alsa.support32Bit = true; - #jack.enable = true; - }; -} |