alejandra: initial repo format

This commit is contained in:
Fiscal Velvet Poet 2022-08-15 17:32:25 +10:00
parent 180d6bc1a5
commit 584f00ed86
Signed by: fiscalvelvetpoet
GPG key ID: D8EBFD58B023BD47
13 changed files with 426 additions and 435 deletions

View file

@ -1,18 +1,20 @@
# Configuration common to all JFDIC Linode VMs
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}: {
imports = [
# Import the NixOS Qemu guest settings
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
];
boot.initrd.availableKernelModules = [ "virtio_pci" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.initrd.availableKernelModules = ["virtio_pci" "ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
boot.kernelParams = ["console=ttyS0,19200n8"];
boot.loader = {
grub = {
extraConfig = ''
@ -26,8 +28,8 @@
};
# File systems configuration for the Linode VMs
fileSystems."/" =
{ device = "/dev/sda";
fileSystems."/" = {
device = "/dev/sda";
fsType = "ext4";
};

View file

@ -1,10 +1,11 @@
# NixOps configuration common to Linode VMs
{ config, pkgs, lib, ... }:
{
imports =
[
config,
pkgs,
lib,
...
}: {
imports = [
../profiles/host_common.nix
../profiles/server_common.nix
];
@ -29,9 +30,8 @@
interfaces.eth0.useDHCP = true;
firewall = {
enable = true;
allowedTCPPorts = [ 80 443 ];
trustedInterfaces = [ "lo" ];
allowedTCPPorts = [80 443];
trustedInterfaces = ["lo"];
};
};
}

View file

@ -1,10 +1,11 @@
# NixOps configuration for the Linode VMs
{ config, pkgs, lib, ... }:
{
imports =
[
config,
pkgs,
lib,
...
}: {
imports = [
../hardware/linode_vm.nix
./linode-common.nix
];

View file

@ -1,9 +1,5 @@
# Configuration common to all JFDIC servers
{ config, ... }:
{
{config, ...}: {
# Program defaults for all hosts
programs.bash = {
interactiveShellInit = ''
@ -15,5 +11,4 @@
'';
vteIntegration = true;
};
}

View file

@ -1,11 +1,6 @@
# NixOps configuration for the hosts running a Chrony service
{ config, ... }:
{
{config, ...}: {
services.chrony = {
enable = true; # Enable Chrony
};
}

View file

@ -1,9 +1,10 @@
# NixOps configuration for the hosts running Gitea
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}: {
services.gitea = {
enable = true; # Enable Gitea
appName = "JFDI Collective: Gitea Service"; # Give the site a name
@ -16,8 +17,8 @@
rootUrl = "https://source.jfdic.org/"; # Root web URL
httpPort = 3002; # Provided unique port
settings = let
docutils =
pkgs.python37.withPackages (ps: with ps; [
docutils = pkgs.python37.withPackages (ps:
with ps; [
docutils # Provides rendering of ReStructured Text files
pygments # Provides syntax highlighting
]);
@ -49,15 +50,17 @@
authentication = ''
local gitea all ident map=gitea-users
'';
identMap = # Map the gitea user to postgresql
identMap =
# Map the gitea user to postgresql
''
gitea-users gitea gitea
'';
ensureDatabases = [ "gitea" ]; # Ensure the database persists
ensureDatabases = ["gitea"]; # Ensure the database persists
ensureUsers = [
{
name = "gitea"; # Ensure the database user persists
ensurePermissions = { # Ensure the database permissions persist
ensurePermissions = {
# Ensure the database permissions persist
"DATABASE gitea" = "ALL PRIVILEGES";
"ALL TABLES IN SCHEMA public" = "ALL PRIVILEGES";
};
@ -71,7 +74,8 @@
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts."source.jfdic.org" = { # Gitea hostname
virtualHosts."source.jfdic.org" = {
# Gitea hostname
enableACME = true; # Use ACME certs
forceSSL = true; # Force SSL
locations."/".proxyPass = "http://localhost:3002/"; # Proxy Gitea
@ -85,6 +89,5 @@
};
};
users.groups.keys.members = [ "gitea" ]; # Required due to NixOps issue #1204
users.groups.keys.members = ["gitea"]; # Required due to NixOps issue #1204
}

View file

@ -1,9 +1,10 @@
# Configuration common to all JFDIC servers
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}: {
imports = [
../profiles/bash.nix
../profiles/chrony.nix
@ -52,7 +53,8 @@
# Ruin the config so we don't accidentally run
# nixos-rebuild switch on the host
(let
cfg = pkgs.writeText "configuration.nix"
cfg =
pkgs.writeText "configuration.nix"
''
assert builtins.trace "This system is managed by NixOps." false;
{}
@ -81,7 +83,7 @@
environment.etc.host-nix-channel.source = pkgs.path;
environment.variables = {
BAT_THEME="Dracula";
BAT_THEME = "Dracula";
};
# Set the system-wide environment

View file

@ -1,11 +1,6 @@
# logrotate configuration for NixOS / NixOps
{ config, ... }:
{
{config, ...}: {
services.logrotate = {
enable = true; # Enable the logrotate service
};
}

View file

@ -1,9 +1,9 @@
{ pkgs, ... }:
{
environment.variables = { EDITOR = "vim"; };
{pkgs, ...}: {
environment.variables = {EDITOR = "vim";};
environment.systemPackages = with pkgs; [
(neovim.override {
(
neovim.override {
vimAlias = true;
configure = {
packages.myPlugins = with pkgs.vimPlugins; {
@ -296,5 +296,6 @@
'';
};
}
)];
)
];
}

View file

@ -1,9 +1,10 @@
# NixOps configuration nix-direnv
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}: {
nix = {
extraOptions = ''
keep-outputs = true
@ -23,7 +24,6 @@
};
nixpkgs.overlays = [
(self: super: { nix-direnv = super.nix-direnv.override { enableFlakes = true; }; } )
(self: super: {nix-direnv = super.nix-direnv.override {enableFlakes = true;};})
];
}

View file

@ -1,11 +1,11 @@
# Configuration common to all JFDIC servers
{ config, pkgs, lib, ... }:
{
imports =
[
config,
pkgs,
lib,
...
}: {
imports = [
../profiles/openssh.nix
../secrets/user-fiscalvelvetpoet.nix
../secrets/user-root.nix
@ -15,5 +15,4 @@
enable = true;
withUtempter = true;
};
}

View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
starship # A minimal, blazing fast, and extremely customizable prompt for any shell
];

View file

@ -1,9 +1,10 @@
# Configuration common to all JFDIC servers
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}: {
# Program defaults for all hosts
programs.zsh = {
enable = true; # Also enables & installs nix-zsh-completions
@ -38,5 +39,4 @@
];
users.defaultUserShell = pkgs.zsh; # Set the default shell for all users
}