format wiht nixpkgs-fmt
This commit is contained in:
zimbatm
parent
f4e9b4e741
commit
b5f7438b2f
14 changed files with 124 additions and 99 deletions
|
|
@ -1,4 +1,4 @@
|
||||||
{ pkgs, ...}:
|
{ pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
services.buildkite-agent = {
|
services.buildkite-agent = {
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,8 @@
|
||||||
let
|
let
|
||||||
userImports = builtins.map (f: ../users/. + "/${f}") (builtins.filter (x: x != "lib.nix") (lib.attrNames (builtins.readDir ../users)));
|
userImports = builtins.map (f: ../users/. + "/${f}") (builtins.filter (x: x != "lib.nix") (lib.attrNames (builtins.readDir ../users)));
|
||||||
|
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -5,7 +5,8 @@ let
|
||||||
url = "https://gitlab.com/arianvp/nixos-gitlab-runner/-/archive/9126927c701aa399bd1734e7e5230c3a0010c1b7/nixos-gitlab-runner-9126927c701aa399bd1734e7e5230c3a0010c1b7.tar.gz";
|
url = "https://gitlab.com/arianvp/nixos-gitlab-runner/-/archive/9126927c701aa399bd1734e7e5230c3a0010c1b7/nixos-gitlab-runner-9126927c701aa399bd1734e7e5230c3a0010c1b7.tar.gz";
|
||||||
sha256 = "1s0fy5ny2ygcfvx35xws8xz5ih4z4kdfqlq3r6byxpylw7r52fyi";
|
sha256 = "1s0fy5ny2ygcfvx35xws8xz5ih4z4kdfqlq3r6byxpylw7r52fyi";
|
||||||
};
|
};
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
imports = [
|
imports = [
|
||||||
"${gitlabModule}/gitlab-runner.nix"
|
"${gitlabModule}/gitlab-runner.nix"
|
||||||
];
|
];
|
||||||
|
|
|
||||||
|
|
@ -4,35 +4,37 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports =
|
imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
|
||||||
[ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
|
||||||
];
|
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ];
|
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ];
|
||||||
boot.kernelModules = [ "kvm-amd" ];
|
boot.kernelModules = [ "kvm-amd" ];
|
||||||
boot.extraModulePackages = [ ];
|
boot.extraModulePackages = [];
|
||||||
|
|
||||||
fileSystems."/" =
|
fileSystems."/" =
|
||||||
{ device = "zroot/root";
|
{
|
||||||
|
device = "zroot/root";
|
||||||
fsType = "zfs";
|
fsType = "zfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/nix" =
|
fileSystems."/nix" =
|
||||||
{ device = "zroot/root/nix";
|
{
|
||||||
|
device = "zroot/root/nix";
|
||||||
fsType = "zfs";
|
fsType = "zfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/home" =
|
fileSystems."/home" =
|
||||||
{ device = "zroot/root/home";
|
{
|
||||||
|
device = "zroot/root/home";
|
||||||
fsType = "zfs";
|
fsType = "zfs";
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems."/boot" =
|
fileSystems."/boot" =
|
||||||
{ device = "/dev/disk/by-uuid/3593e0a3-3bc7-42a7-b829-685b9e98e6ba";
|
{
|
||||||
|
device = "/dev/disk/by-uuid/3593e0a3-3bc7-42a7-b829-685b9e98e6ba";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [ ];
|
swapDevices = [];
|
||||||
|
|
||||||
nix.maxJobs = lib.mkDefault 16;
|
nix.maxJobs = lib.mkDefault 16;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -27,11 +27,12 @@ let
|
||||||
CacheDirectoryMode = "700";
|
CacheDirectoryMode = "700";
|
||||||
LogsDirectory = "nixpkgs-update";
|
LogsDirectory = "nixpkgs-update";
|
||||||
LogsDirectoryMode = "700";
|
LogsDirectoryMode = "700";
|
||||||
StandardOutput="journal";
|
StandardOutput = "journal";
|
||||||
};
|
};
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
users.users.r-ryantm.packages = [ pkgs.cachix ];
|
users.users.r-ryantm.packages = [ pkgs.cachix ];
|
||||||
users.groups.r-ryantm = { };
|
users.groups.r-ryantm = {};
|
||||||
users.users.r-ryantm = {
|
users.users.r-ryantm = {
|
||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
isNormalUser = true; # The hub cli seems to really want stuff to be set up like a normal user
|
isNormalUser = true; # The hub cli seems to really want stuff to be set up like a normal user
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,8 @@ let
|
||||||
|
|
||||||
secrets = import ./secrets;
|
secrets = import ./secrets;
|
||||||
|
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
|
|
||||||
network.description = "nix-community infra";
|
network.description = "nix-community infra";
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -21,7 +21,8 @@
|
||||||
|
|
||||||
nix = let
|
nix = let
|
||||||
asGB = size: toString (size * 1024 * 1024);
|
asGB = size: toString (size * 1024 * 1024);
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
extraOptions = ''
|
extraOptions = ''
|
||||||
# auto-free the /nix/store
|
# auto-free the /nix/store
|
||||||
min-free = ${asGB 10}
|
min-free = ${asGB 10}
|
||||||
|
|
@ -56,10 +57,17 @@
|
||||||
|
|
||||||
# Assign keys from all users in wheel group
|
# Assign keys from all users in wheel group
|
||||||
# This is only done because nixops cant be deployed from any other account
|
# This is only done because nixops cant be deployed from any other account
|
||||||
users.extraUsers.root.openssh.authorizedKeys.keys = lib.unique (lib.flatten (
|
users.extraUsers.root.openssh.authorizedKeys.keys = lib.unique (
|
||||||
|
lib.flatten (
|
||||||
builtins.map (u: u.openssh.authorizedKeys.keys)
|
builtins.map (u: u.openssh.authorizedKeys.keys)
|
||||||
(lib.attrValues (lib.filterAttrs (_: u: lib.elem "wheel" u.extraGroups)
|
(
|
||||||
config.users.extraUsers))));
|
lib.attrValues (
|
||||||
|
lib.filterAttrs (_: u: lib.elem "wheel" u.extraGroups)
|
||||||
|
config.users.extraUsers
|
||||||
|
)
|
||||||
|
)
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,4 @@
|
||||||
{...}:
|
{ ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
|
|
||||||
|
|
|
||||||
17
shell.nix
17
shell.nix
|
|
@ -6,20 +6,25 @@ let
|
||||||
overlays = [];
|
overlays = [];
|
||||||
};
|
};
|
||||||
|
|
||||||
in pkgs.mkShell {
|
in
|
||||||
|
pkgs.mkShell {
|
||||||
|
|
||||||
NIX_PATH="nixpkgs=${toString pkgs.path}";
|
NIX_PATH = "nixpkgs=${toString pkgs.path}";
|
||||||
|
|
||||||
NIXOPS_DEPLOYMENT="nix-community-infra";
|
NIXOPS_DEPLOYMENT = "nix-community-infra";
|
||||||
NIXOPS_STATE="./state/deployment-state.nixops";
|
NIXOPS_STATE = "./state/deployment-state.nixops";
|
||||||
|
|
||||||
buildInputs = [
|
buildInputs = [
|
||||||
pkgs.git-crypt
|
pkgs.git-crypt
|
||||||
pkgs.niv
|
pkgs.niv
|
||||||
pkgs.nixops
|
pkgs.nixops
|
||||||
(pkgs.terraform.withPlugins (p: [
|
(
|
||||||
|
pkgs.terraform.withPlugins (
|
||||||
|
p: [
|
||||||
p.cloudflare
|
p.cloudflare
|
||||||
]))
|
]
|
||||||
|
)
|
||||||
|
)
|
||||||
];
|
];
|
||||||
|
|
||||||
# terraform cloud without the remote execution part
|
# terraform cloud without the remote execution part
|
||||||
|
|
|
||||||
|
|
@ -6,7 +6,8 @@ let
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCtr+rcxCZBAAqt8ocvhEEdBWfnRBCljjQPtC6Np24Y3H/HMe3rugsu3OhPscRV1k5hT+UlA2bpN8clMFAfK085orYY7DMUrgKQzFB7GDnOvuS1CqE1PRw7/OHLcWxDwf3YLpa8+ZIwMHFxR2gxsldCLGZV/VukNwhEvWs50SbXwVrjNkwA9LHy3Or0i6sAzU711V3B2heB83BnbT8lr3CKytF3uyoTEJvDE7XMmRdbvZK+c48bj6wDaqSmBEDrdNncsqnReDjScdNzXgP1849kMfIUwzXdhEF8QRVfU8n2A2kB0WRXiGgiL4ba5M+N9v1zLdzSHcmB0veWGgRyX8tN cardno:000607203159"
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCtr+rcxCZBAAqt8ocvhEEdBWfnRBCljjQPtC6Np24Y3H/HMe3rugsu3OhPscRV1k5hT+UlA2bpN8clMFAfK085orYY7DMUrgKQzFB7GDnOvuS1CqE1PRw7/OHLcWxDwf3YLpa8+ZIwMHFxR2gxsldCLGZV/VukNwhEvWs50SbXwVrjNkwA9LHy3Or0i6sAzU711V3B2heB83BnbT8lr3CKytF3uyoTEJvDE7XMmRdbvZK+c48bj6wDaqSmBEDrdNncsqnReDjScdNzXgP1849kMfIUwzXdhEF8QRVfU8n2A2kB0WRXiGgiL4ba5M+N9v1zLdzSHcmB0veWGgRyX8tN cardno:000607203159"
|
||||||
];
|
];
|
||||||
|
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
users.users.adisbladis = {
|
users.users.adisbladis = {
|
||||||
openssh.authorizedKeys.keys = keys;
|
openssh.authorizedKeys.keys = keys;
|
||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
|
|
|
||||||
|
|
@ -1,12 +1,14 @@
|
||||||
{ lib }:
|
{ lib }:
|
||||||
|
|
||||||
let
|
let
|
||||||
chrs = lib.listToAttrs (lib.imap (i: v: {name=v; value=i + 96;}) lib.lowerChars);
|
chrs = lib.listToAttrs (lib.imap (i: v: { name = v; value = i + 96; }) lib.lowerChars);
|
||||||
ord = c: builtins.getAttr c chrs;
|
ord = c: builtins.getAttr c chrs;
|
||||||
|
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
# Make a unique UID from a 4-char identifier
|
# Make a unique UID from a 4-char identifier
|
||||||
mkUid = id: let # TODO: Assert length
|
mkUid = id: let
|
||||||
|
# TODO: Assert length
|
||||||
chars = lib.stringToCharacters id;
|
chars = lib.stringToCharacters id;
|
||||||
n = builtins.map (c: lib.mod (ord c) 10) chars;
|
n = builtins.map (c: lib.mod (ord c) 10) chars;
|
||||||
s = builtins.concatStringsSep "" (builtins.map (i: builtins.toString i) n);
|
s = builtins.concatStringsSep "" (builtins.map (i: builtins.toString i) n);
|
||||||
|
|
|
||||||
|
|
@ -6,7 +6,8 @@ let
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA5KESKmapziCEd05LPnW1Ib+t5N18aZ8nzeVSZ3w79vGZHacgwKrGAQkQ1JbEFsm1aXQ4LR27l7Y5MM+auf0YZdGjtAiSsV/G/mjBP95HsuFTE1NSsXisdyKBkJ1g8TUfNOq2gsFyUVCeLMz4fC/ZYxdfBRpPnA6lCblWPmwLAaKTuI7afLv9UGN36/lFKReFzLpMfjYu/HAOYglRuQr8UcYvuysfDKwHImZYdZbzId2pg52nntSAiRgavjt2StiXVQz8zrCtvkguAkG6R8ZSPDyIJ0gLPNLxryIVLPscRbmH0usr3ipemOEplIsiNwp9pW2AQj0jZMBA55T75jxW2Q== ryantm-personal"
|
"ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA5KESKmapziCEd05LPnW1Ib+t5N18aZ8nzeVSZ3w79vGZHacgwKrGAQkQ1JbEFsm1aXQ4LR27l7Y5MM+auf0YZdGjtAiSsV/G/mjBP95HsuFTE1NSsXisdyKBkJ1g8TUfNOq2gsFyUVCeLMz4fC/ZYxdfBRpPnA6lCblWPmwLAaKTuI7afLv9UGN36/lFKReFzLpMfjYu/HAOYglRuQr8UcYvuysfDKwHImZYdZbzId2pg52nntSAiRgavjt2StiXVQz8zrCtvkguAkG6R8ZSPDyIJ0gLPNLxryIVLPscRbmH0usr3ipemOEplIsiNwp9pW2AQj0jZMBA55T75jxW2Q== ryantm-personal"
|
||||||
];
|
];
|
||||||
|
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
users.users.ryantm = {
|
users.users.ryantm = {
|
||||||
openssh.authorizedKeys.keys = keys;
|
openssh.authorizedKeys.keys = keys;
|
||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
|
|
|
||||||
|
|
@ -6,7 +6,8 @@ let
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHGEkPcumvhBjIZ44tnhN6+hZR8vsCSLD4r1dFzlnXA4 Nix Community - worldofpeace"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHGEkPcumvhBjIZ44tnhN6+hZR8vsCSLD4r1dFzlnXA4 Nix Community - worldofpeace"
|
||||||
];
|
];
|
||||||
|
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
users.users.worldofpeace = {
|
users.users.worldofpeace = {
|
||||||
openssh.authorizedKeys.keys = keys;
|
openssh.authorizedKeys.keys = keys;
|
||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
|
|
|
||||||
|
|
@ -7,7 +7,8 @@ let
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxiMI0QgaxBTRgzhCtgiyFEcRiZ7SH6LC0byweSlThcpevN6W8ZQZFqv9BhEmq/Hukrgytm8WkdYHCWWRdDcC94AUHxNG+wF4ONLUaX+xpuuwd6KQVHAOZ9kDyPNdXIO9Ad6YiqiVD4fI4wi9wl/hBQQgB7jF+BKPjOfoE2D95psyEqFcD13mlFQAMZnPzYVSv72uWu4Cf6ft4XbrMeqxa71TIoEsjlZ+BVOg+mVmfZNtThtwJ1FZ+tEX6pwFGNAacZWx4TZmPojZaauwBmTJDC5DKgPH4ZmejIgCerjIUsjmNcRXNRinKitWpaV3KIAPc+lrNZPB4I3lmKuW5uFQr"
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxiMI0QgaxBTRgzhCtgiyFEcRiZ7SH6LC0byweSlThcpevN6W8ZQZFqv9BhEmq/Hukrgytm8WkdYHCWWRdDcC94AUHxNG+wF4ONLUaX+xpuuwd6KQVHAOZ9kDyPNdXIO9Ad6YiqiVD4fI4wi9wl/hBQQgB7jF+BKPjOfoE2D95psyEqFcD13mlFQAMZnPzYVSv72uWu4Cf6ft4XbrMeqxa71TIoEsjlZ+BVOg+mVmfZNtThtwJ1FZ+tEX6pwFGNAacZWx4TZmPojZaauwBmTJDC5DKgPH4ZmejIgCerjIUsjmNcRXNRinKitWpaV3KIAPc+lrNZPB4I3lmKuW5uFQr"
|
||||||
];
|
];
|
||||||
|
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
users.users.zimbatm = {
|
users.users.zimbatm = {
|
||||||
openssh.authorizedKeys.keys = keys;
|
openssh.authorizedKeys.keys = keys;
|
||||||
useDefaultShell = true;
|
useDefaultShell = true;
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue