diff --git a/common/default-minimal.nix b/common/default-minimal.nix new file mode 100644 index 0000000..caa86ec --- /dev/null +++ b/common/default-minimal.nix @@ -0,0 +1,107 @@ +{ + inputs, + outputs, + lib, + config, + pkgs, + ... +}: { + imports = [ + ./packages/neovim.nix + ]; + + nixpkgs = { + # You can add overlays here + overlays = [ + # Add overlays your own flake exports (from overlays and pkgs dir): + outputs.overlays.additions + outputs.overlays.modifications + outputs.overlays.unstable-packages + + # You can also add overlays exported from other flakes: + # neovim-nightly-overlay.overlays.default + + # Or define it inline, for example: + # (final: prev: { + # hi = final.hello.overrideAttrs (oldAttrs: { + # patches = [ ./change-hello-to-hi.patch ]; + # }); + # }) + ]; + # Configure your nixpkgs instance + config = { + # Disable if you don't want unfree packages + allowUnfree = true; + }; + }; + + # This will add each flake input as a registry + # To make nix3 commands consistent with your flake + nix.registry = (lib.mapAttrs (_: flake: {inherit flake;})) ((lib.filterAttrs (_: lib.isType "flake")) inputs); + + # This will additionally add your inputs to the system's legacy channels + # Making legacy nix commands consistent as well, awesome! + nix.nixPath = ["/etc/nix/path"]; + environment.etc = + lib.mapAttrs' + (name: value: { + name = "nix/path/${name}"; + value.source = value.flake; + }) + config.nix.registry; + + nix.settings = { + # Enable flakes and new 'nix' command + experimental-features = "nix-command flakes"; + # Deduplicate and optimize nix store + auto-optimise-store = true; + }; + + # boot.loader = { + # systemd-boot = { + # enable = true; + + # editor = true; # todo + # # memtest86.enable = true; + # }; + + # efi.canTouchEfiVariables = true; + + # grub = { + # #theme = pkgs.sleek-grub-theme; + # #splashImage = ./boot-logo.png; + # }; + # }; + + # Set your time zone. + time.timeZone = "Europe/Paris"; + + services.fwupd.enable = true; + + networking = { + networkmanager.enable = true; + + firewall.enable = true; + }; + + nix.settings.allowed-users = ["@wheel"]; + + security.sudo.execWheelOnly = true; + + services.tailscale.enable = true; + + environment.systemPackages = with pkgs; [ + wget + dig + nmap + btop + gitFull + smartmontools + lm_sensors + pciutils + gcc + gnumake + sysstat + file + ]; +} diff --git a/flake.lock b/flake.lock index 09d77ef..2168872 100644 --- a/flake.lock +++ b/flake.lock @@ -23,11 +23,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1712608508, - "narHash": "sha256-vMZ5603yU0wxgyQeHJryOI+O61yrX2AHwY6LOFyV1gM=", + "lastModified": 1712791164, + "narHash": "sha256-3sbWO1mbpWsLepZGbWaMovSO7ndZeFqDSdX0hZ9nVyw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4cba8b53da471aea2ab2b0c1f30a81e7c451f4b6", + "rev": "1042fd8b148a9105f3c0aca3a6177fd1d9360ba5", "type": "github" }, "original": { @@ -37,13 +37,29 @@ "type": "github" } }, - "nixpkgs-unstable": { + "nixpkgs-stable": { "locked": { - "lastModified": 1712608508, - "narHash": "sha256-vMZ5603yU0wxgyQeHJryOI+O61yrX2AHwY6LOFyV1gM=", + "lastModified": 1712741485, + "narHash": "sha256-bCs0+MSTra80oXAsnM6Oq62WsirOIaijQ/BbUY59tR4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4cba8b53da471aea2ab2b0c1f30a81e7c451f4b6", + "rev": "b2cf36f43f9ef2ded5711b30b1f393ac423d8f72", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1712791164, + "narHash": "sha256-3sbWO1mbpWsLepZGbWaMovSO7ndZeFqDSdX0hZ9nVyw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "1042fd8b148a9105f3c0aca3a6177fd1d9360ba5", "type": "github" }, "original": { @@ -57,6 +73,7 @@ "inputs": { "home-manager": "home-manager", "nixpkgs": "nixpkgs", + "nixpkgs-stable": "nixpkgs-stable", "nixpkgs-unstable": "nixpkgs-unstable" } } diff --git a/flake.nix b/flake.nix index 0264c35..e9a05c7 100644 --- a/flake.nix +++ b/flake.nix @@ -3,7 +3,7 @@ inputs = { # Nixpkgs - # nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11"; + nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-23.11"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; # You can access packages and modules from different nixpkgs revs # at the same time. Here's an working example: @@ -11,8 +11,8 @@ # Also see the 'unstable-packages' overlay at 'overlays/default.nix'. # Home manager - home-manager.url = "github:nix-community/home-manager/release-23.11"; - home-manager.inputs.nixpkgs.follows = "nixpkgs"; + # home-manager.url = "github:nix-community/home-manager/release-23.11"; + # home-manager.inputs.nixpkgs.follows = "nixpkgs"; # TODO: Add any other flake you might need # hardware.url = "github:nixos/nixos-hardware"; @@ -32,7 +32,6 @@ # Supported systems for your flake packages, shell, etc. systems = [ "aarch64-linux" - "i686-linux" "x86_64-linux" ]; # This is a function that generates an attribute by calling a function you @@ -78,6 +77,13 @@ ./hosts/stuff/configuration.nix ]; }; + + enry = nixpkgs.lib.nixosSystem { + specialArgs = {inherit inputs outputs;}; + modules = [ + ./hosts/enry/configuration.nix + ]; + }; }; # Standalone home-manager configuration entrypoint diff --git a/hosts/enry/configuration.nix b/hosts/enry/configuration.nix new file mode 100644 index 0000000..803f335 --- /dev/null +++ b/hosts/enry/configuration.nix @@ -0,0 +1,64 @@ +{ + pkgs, + lib, + ... +}: { + imports = [ + ./hardware-configuration.nix + ../../common/default-minimal.nix + + # ../../common/packages/syncthing.nix + + # If you want to use modules your own flake exports (from modules/nixos): + # outputs.nixosModules.example + + # Or modules from other flakes (such as nixos-hardware): + # inputs.hardware.nixosModules.common-cpu-amd + # inputs.hardware.nixosModules.common-ssd + ]; + + boot.loader.grub.enable = false; + # Enables the generation of /boot/extlinux/extlinux.conf + boot.loader.generic-extlinux-compatible.enable = true; + + networking = { + hostName = "enry"; + + firewall.enable = true; + # firewall.allowedTCPPorts = [8080 12345 13378]; + # firewall.allowedUDPPorts = [8080]; + }; + + users.users.user = { + isNormalUser = true; + description = "User"; + extraGroups = ["networkmanager" "wheel" "dialout" "syncthing"]; + initialPassword = "correcthorsebatterystaple"; + openssh.authorizedKeys.keys = [ + # TODO: Add your SSH public key(s) here, if you plan on using SSH to connect + ]; + }; + + # services.btrfs.autoScrub = { + # enable = true; + # interval = "weekly"; + # fileSystems = ["/" "/data"]; + # }; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + environment.systemPackages = with pkgs; [ + ]; + + hardware.enableRedistributableFirmware = true; + networking.wireless.enable = true; + + # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion + system.stateVersion = "23.11"; +} diff --git a/hosts/enry/hardware-configuration.nix b/hosts/enry/hardware-configuration.nix new file mode 100644 index 0000000..4ca1bf0 --- /dev/null +++ b/hosts/enry/hardware-configuration.nix @@ -0,0 +1,32 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "usbhid" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888"; + fsType = "ext4"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enu1u1u1.useDHCP = lib.mkDefault true; + # networking.interfaces.wlan0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; +}