-repl-flakes, fix:homeConfiguration module

video9
video8
2024-11-25 09:45:49 +01:00 · 2024-09-23 14:30:14 +02:00 · 2024-09-21 16:59:39 +02:00 · 2024-09-17 14:28:40 +02:00
25 changed files with 429 additions and 34 deletions
--- a/flake.lock
+++ b/flake.lock
@ -1,5 +1,68 @@
 {
  "nodes": {
    "agenix": {
      "inputs": {
        "darwin": "darwin",
        "home-manager": "home-manager",
        "nixpkgs": "nixpkgs",
        "systems": "systems"
      },
      "locked": {
        "lastModified": 1723293904,
        "narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=",
        "owner": "ryantm",
        "repo": "agenix",
        "rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41",
        "type": "github"
      },
      "original": {
        "owner": "ryantm",
        "repo": "agenix",
        "type": "github"
      }
    },
    "darwin": {
      "inputs": {
        "nixpkgs": [
          "agenix",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1700795494,
        "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
        "owner": "lnl7",
        "repo": "nix-darwin",
        "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
        "type": "github"
      },
      "original": {
        "owner": "lnl7",
        "ref": "master",
        "repo": "nix-darwin",
        "type": "github"
      }
    },
    "disko": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1726524467,
        "narHash": "sha256-xkPPPvfHhHK7BNX5ZrQ9N6AIEixCmFzRZHduDf0zv30=",
        "owner": "nix-community",
        "repo": "disko",
        "rev": "22ee467a54a3ab7fa9d637ccad5330c6c087e9dc",
        "type": "github"
      },
      "original": {
        "owner": "nix-community",
        "repo": "disko",
        "type": "github"
      }
    },
    "dotfiles": {
      "flake": false,
      "locked": {
@ -17,6 +80,27 @@
      }
    },
    "home-manager": {
      "inputs": {
        "nixpkgs": [
          "agenix",
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1703113217,
        "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
        "owner": "nix-community",
        "repo": "home-manager",
        "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
        "type": "github"
      },
      "original": {
        "owner": "nix-community",
        "repo": "home-manager",
        "type": "github"
      }
    },
    "home-manager_2": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs"
@ -38,15 +122,15 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1711703276,
+        "lastModified": 1703013332,
-        "narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=",
+        "narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=",
-        "owner": "nixos",
+        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "d8fe5e6c92d0d190646fb9f1056741a229980089",
+        "rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6",
        "type": "github"
      },
      "original": {
-        "owner": "nixos",
+        "owner": "NixOS",
        "ref": "nixos-unstable",
        "repo": "nixpkgs",
        "type": "github"
@ -68,13 +152,46 @@
        "type": "github"
      }
    },
    "nixpkgs_2": {
      "locked": {
        "lastModified": 1711703276,
        "narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=",
        "owner": "nixos",
        "repo": "nixpkgs",
        "rev": "d8fe5e6c92d0d190646fb9f1056741a229980089",
        "type": "github"
      },
      "original": {
        "owner": "nixos",
        "ref": "nixos-unstable",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "root": {
      "inputs": {
        "agenix": "agenix",
        "disko": "disko",
        "dotfiles": "dotfiles",
-        "home-manager": "home-manager",
+        "home-manager": "home-manager_2",
-        "nixpkgs": "nixpkgs",
+        "nixpkgs": "nixpkgs_2",
        "nixpkgs-stable": "nixpkgs-stable"
      }
    },
    "systems": {
      "locked": {
        "lastModified": 1681028828,
        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
        "owner": "nix-systems",
        "repo": "default",
        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
        "type": "github"
      },
      "original": {
        "owner": "nix-systems",
        "repo": "default",
        "type": "github"
      }
    }
  },
  "root": "root",
--- a/flake.nix
+++ b/flake.nix
@ -18,6 +18,13 @@
    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
    nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-24.05";
    agenix.url = "github:ryantm/agenix";
    disko = {
      url = "github:nix-community/disko";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    dotfiles = {
      url = "git+https://code.m3tam3re.com/m3tam3re/dotfiles-flake-demo.git";
      flake = false;
@ -26,6 +33,8 @@
  outputs = {
    self,
    agenix,
    disko,
    dotfiles,
    home-manager,
    nixpkgs,
@ -47,14 +56,18 @@
    nixosConfigurations = {
      m3-kratos-vm = nixpkgs.lib.nixosSystem {
        specialArgs = {inherit inputs outputs;};
-        modules = [./hosts/m3-kratos];
+        modules = [
          ./hosts/m3-kratos
          inputs.disko.nixosModules.disko
          agenix.nixosModules.default
        ];
      };
    };
    homeConfigurations = {
      "m3tam3re@m3-kratos-vm" = home-manager.lib.homeManagerConfiguration {
        pkgs = nixpkgs.legacyPackages."x86_64-linux";
        extraSpecialArgs = {inherit inputs outputs;};
-        modules = [./home/m3tam3re/m3tam3re.nix];
+        modules = [./home/m3tam3re/m3-kratos.nix];
      };
    };
  };
--- a/home/common/default.nix
+++ b/home/common/default.nix
@ -1,4 +1,10 @@
-{ config, lib, outputs, pkgs, ... }: {
+{
  config,
  lib,
  outputs,
  pkgs,
  ...
 }: {
  nixpkgs = {
    # You can add overlays here
    overlays = [
@ -29,7 +35,7 @@
  nix = {
    package = lib.mkDefault pkgs.nix;
    settings = {
-      experimental-features = [ "nix-command" "flakes" "repl-flake" ];
+      experimental-features = ["nix-command" "flakes"];
      warn-dirty = false;
    };
  };
--- a/home/features/cli/fish.nix
+++ b/home/features/cli/fish.nix
@ -15,6 +15,7 @@ in {
        set -x NIX_PATH nixpkgs=channel:nixos-unstable
        set -x NIX_LOG info
        set -x TERMINAL kitty
        source /run/agenix/${config.home.username}-secrets
        if test (tty) = "/dev/tty1"
          exec Hyprland &> /dev/null
--- a/hosts/common/default.nix
+++ b/hosts/common/default.nix
@ -7,6 +7,7 @@
  ...
 }: {
  imports = [
    ./extraServices
    ./users
    inputs.home-manager.nixosModules.home-manager
  ];
--- a/hosts/common/extraServices/default.nix
+++ b/hosts/common/extraServices/default.nix
@ -0,0 +1,5 @@
 {
  imports = [
    ./podman.nix
  ];
 }
--- a/hosts/common/extraServices/extraServices/default.nix
+++ b/hosts/common/extraServices/extraServices/default.nix
@ -0,0 +1,5 @@
 {
  imports = [
    ./podman.nix
  ];
 }
--- a/hosts/common/extraServices/extraServices/extraServices/extraServices/podman.nix
+++ b/hosts/common/extraServices/extraServices/extraServices/extraServices/podman.nix
@ -0,0 +1,32 @@
 {
  config,
  lib,
  pkgs,
  ...
 }:
 with lib; let
  cfg = config.extraServices.podman;
 in {
  options.extraServices.podman.enable = mkEnableOption "enable podman";
  config = mkIf cfg.enable {
    virtualisation = {
      podman = {
        enable = true;
        dockerCompat = true;
        autoPrune = {
          enable = true;
          dates = "weekly";
          flags = [
            "--filter=until=24h"
            "--filter=label!=important"
          ];
        };
        defaultNetwork.settings.dns_enabled = true;
      };
    };
    environment.systemPackages = with pkgs; [
      podman-compose
    ];
  };
 }
--- a/hosts/common/extraServices/extraServices/extraServices/podman.nix
+++ b/hosts/common/extraServices/extraServices/extraServices/podman.nix
@ -0,0 +1,32 @@
 {
  config,
  lib,
  pkgs,
  ...
 }:
 with lib; let
  cfg = config.extraServices.podman;
 in {
  options.extraServices.podman.enable = mkEnableOption "enable podman";
  config = mkIf cfg.enable {
    virtualisation = {
      podman = {
        enable = true;
        dockerCompat = true;
        autoPrune = {
          enable = true;
          dates = "weekly";
          flags = [
            "--filter=until=24h"
            "--filter=label!=important"
          ];
        };
        defaultNetwork.settings.dns_enabled = true;
      };
    };
    environment.systemPackages = with pkgs; [
      podman-compose
    ];
  };
 }
--- a/hosts/common/extraServices/extraServices/podman.nix
+++ b/hosts/common/extraServices/extraServices/podman.nix
@ -0,0 +1,32 @@
 {
  config,
  lib,
  pkgs,
  ...
 }:
 with lib; let
  cfg = config.extraServices.podman;
 in {
  options.extraServices.podman.enable = mkEnableOption "enable podman";
  config = mkIf cfg.enable {
    virtualisation = {
      podman = {
        enable = true;
        dockerCompat = true;
        autoPrune = {
          enable = true;
          dates = "weekly";
          flags = [
            "--filter=until=24h"
            "--filter=label!=important"
          ];
        };
        defaultNetwork.settings.dns_enabled = true;
      };
    };
    environment.systemPackages = with pkgs; [
      podman-compose
    ];
  };
 }
--- a/hosts/common/extraServices/podman.nix
+++ b/hosts/common/extraServices/podman.nix
@ -0,0 +1,32 @@
 {
  config,
  lib,
  pkgs,
  ...
 }:
 with lib; let
  cfg = config.extraServices.podman;
 in {
  options.extraServices.podman.enable = mkEnableOption "enable podman";
  config = mkIf cfg.enable {
    virtualisation = {
      podman = {
        enable = true;
        dockerCompat = true;
        autoPrune = {
          enable = true;
          dates = "weekly";
          flags = [
            "--filter=until=24h"
            "--filter=label!=important"
          ];
        };
        defaultNetwork.settings.dns_enabled = true;
      };
    };
    environment.systemPackages = with pkgs; [
      podman-compose
    ];
  };
 }
--- a/hosts/common/users/m3tam3re
+++ b/hosts/common/users/m3tam3re
@ -1 +0,0 @@
 ../../../home/m3tam3re
--- a/hosts/common/users/m3tam3re.nix
+++ b/hosts/common/users/m3tam3re.nix
@ -26,5 +26,5 @@
    packages = [inputs.home-manager.packages.${pkgs.system}.default];
  };
  home-manager.users.m3tam3re =
-    import m3tam3re/${config.networking.hostName}.nix;
+    import ../../../home/m3tam3re/${config.networking.hostName}.nix;
 }
--- a/hosts/m3-kratos/configuration.nix
+++ b/hosts/m3-kratos/configuration.nix
@ -4,13 +4,13 @@
 {pkgs, ...}: {
  imports = [
    # Include the results of the hardware scan.
    ./disko-config.nix
    ./hardware-configuration.nix
  ];
  # Bootloader.
-  boot.loader.grub.enable = true;
+  boot.loader.systemd-boot.enable = true;
-  boot.loader.grub.device = "/dev/vda";
+  boot.loader.efi.canTouchEfiVariables = true;
  boot.loader.grub.useOSProber = true;
  networking.hostName = "m3-kratos"; # Define your hostname.
  # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
--- a/hosts/m3-kratos/default.nix
+++ b/hosts/m3-kratos/default.nix
@ -33,5 +33,12 @@
 #:w
 # networking.hostName = "nixos"; # Define your hostname.
 {
-  imports = [../common ./configuration.nix];
+  imports = [
    ../common
    ./configuration.nix
    ./secrets.nix
    ./services
  ];
  extraServices.podman.enable = true;
 }
--- a/hosts/m3-kratos/disko-config.nix
+++ b/hosts/m3-kratos/disko-config.nix
@ -0,0 +1,36 @@
 {
  disko.devices = {
    disk = {
      nixos = {
        type = "disk";
        device = "/dev/vda";
        content = {
          type = "gpt";
          partitions = {
            boot = {
              size = "1M";
              type = "EF02"; # for grub MBR
            };
            ESP = {
              size = "512M";
              type = "EF00";
              content = {
                type = "filesystem";
                format = "vfat";
                mountpoint = "/boot";
              };
            };
            root = {
              size = "100%";
              content = {
                type = "filesystem";
                format = "ext4";
                mountpoint = "/";
              };
            };
          };
        };
      };
    };
  };
 }
--- a/hosts/m3-kratos/hardware-configuration.nix
+++ b/hosts/m3-kratos/hardware-configuration.nix
@ -1,24 +1,21 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
 { config, lib, pkgs, modulesPath, ... }:
 {
-  imports =
+  config,
-    [ (modulesPath + "/profiles/qemu-guest.nix")
+  lib,
-    ];
+  pkgs,
  modulesPath,
  ...
 }: {
  imports = [
    (modulesPath + "/profiles/qemu-guest.nix")
  ];
-  boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
+  boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk"];
-  boot.initrd.kernelModules = [ ];
+  boot.initrd.kernelModules = [];
-  boot.kernelModules = [ "kvm-intel" ];
+  boot.kernelModules = ["kvm-intel"];
-  boot.extraModulePackages = [ ];
+  boot.extraModulePackages = [];
  fileSystems."/" =
    { device = "/dev/disk/by-uuid/b3fbba01-1206-44d9-9b15-72e6313b4f72";
      fsType = "ext4";
    };
  swapDevices = [ ];
  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's
@ -29,4 +26,3 @@
  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
 }
--- a/hosts/m3-kratos/secrets.nix
+++ b/hosts/m3-kratos/secrets.nix
@ -0,0 +1,13 @@
 {
  age = {
    secrets = {
      secret1 = {
        file = ../../secrets/secret1.age;
      };
      m3tam3re-secrets = {
        file = ../../secrets/m3tam3re-secrets.age;
        owner = "m3tam3re";
      };
    };
  };
 }
--- a/hosts/m3-kratos/services/containers/default.nix
+++ b/hosts/m3-kratos/services/containers/default.nix
@ -0,0 +1,6 @@
 {
  imports = [
    ./echo.nix
    ./nginx.nix
  ];
 }
--- a/hosts/m3-kratos/services/containers/echo.nix
+++ b/hosts/m3-kratos/services/containers/echo.nix
@ -0,0 +1,12 @@
 {lib, ...}: {
  virtualisation.oci-containers.containers."echo-http-service" = {
    image = "hashicorp/http-echo";
    extraOptions = ["-text='Hello, World!'" "--network=web"];
    ports = ["5678:5678"];
  };
  system.activationScripts.createPodmanNetworkWeb = lib.mkAfter ''
    if ! /run/current-system/sw/bin/podman network exists web; then
      /run/current-system/sw/bin/podman network create web
    fi
  '';
 }
--- a/hosts/m3-kratos/services/containers/nginx.nix
+++ b/hosts/m3-kratos/services/containers/nginx.nix
@ -0,0 +1,8 @@
 {config, ...}: {
  virtualisation.oci-containers.containers."nginx" = {
    image = "docker.io/nginx:alpine";
    environmentFiles = [
      config.age.secrets.secret1.path
    ];
  };
 }
--- a/hosts/m3-kratos/services/default.nix
+++ b/hosts/m3-kratos/services/default.nix
@ -0,0 +1,5 @@
 {
  imports = [
    ./containers
  ];
 }
--- a/secrets/m3tam3re-secrets.age
+++ b/secrets/m3tam3re-secrets.age
@ -0,0 +1,15 @@
 age-encryption.org/v1
 -> ssh-ed25519 l/KTwg +8dkEwTxSxpSykhcm+qqMU5c9FxuL0VURTO+Et3Hqjg
 IPzfKtktyMQdv5SceryhZrYhCeB/TVLgXAlu78ihMTw
 -> ssh-rsa DQlE7w
 j4z7/+j+OxQn5pyhuzYdhUYKVhsU7VndBt62wHkt/3akh4a31GbXDmhhFasO/0LX
 vj0MnsoNQSyWxSE16oP3abFL3dnv8u5nUNsTUUKnd7gv58RglfGzUI3vZ5iIQVZx
 ryAiRhmZbzb+oXN4Kzi3Mj1yNExnmDK5JXwKMZpWRPlgmnEAvoRnBGK9povIk+Av
 vACdqLC0jZPsw3B2zw1L35iVSeb2HbbqYdUab3ElClPu6HVQBa7JGSSNfyVJY3c4
 zbz9H9gwDvspu0jexK6D7cZjDalh3UCYly7JvPGoUd6bWHUCNhHOyAhZFIZlNIhj
 pD1BqBis9Mh5xtCElml+PQkfKQKqGJz7KZ6v6bs6EGq/0nXaEiMmn3HRYnPEL98O
 u63SVH5vevAcUewVw6/iENN+0vUTK19C3vkEFDaEwuPTituAMReicx+9vZZvz7ZE
 nTUDblgl+8MngAQBaRjH4HrsXb3mx/4vFhSMO7gBYwYq8xpPXLqlwqgyBS54fBSU
 --- T7qcXQKB/ktQb5Epx0/k+EDOdpbJV1x7VaZKEGEfaOE
 <0C><>q<EFBFBD>Q<>?N<>˯:a1)<29>\<5C><>&<26>Ezl[<5B>'<27><>`%<25>QQ<51><51>9<>/{<7B><><EFBFBD>&<w<><0F><><EFBFBD><EFBFBD>Ė<EFBFBD>s
--- a/secrets/secret1.age
+++ b/secrets/secret1.age
@ -0,0 +1,15 @@
 age-encryption.org/v1
 -> ssh-ed25519 l/KTwg rtb9YLrncvwCrLgxUrpsyWQKh5EpORg+M3V2jWFEI0Q
 +QaPHNxR+5GcIKt9+0EbP/9UbZPe1ET6OS+NOByeZ90
 -> ssh-rsa DQlE7w
 k2jNaCjCwamanfwOn2U+mxjo1n4445GvfEk2U8OG75AGox4UxlvCBqbzecx9jx+t
 w3CBDstgVvJgEMjZ70g4fhok6gISiyMKc/KQxU9TLRYlTU3ulvX3nf+/4pX05YVv
 Xj+7amLZtEPSMNgNDbRnverPToVTCEgzpG7XELzhrhV+cbLvI702f2ws2puySvkR
 rMkAyyHNA3UfYv42FX4ZitIiOKHALdAVw89oxVFLj4qcYIuo6GdmDoMiRQCLdDvs
 CkRyPm7qtrcc6Kmeyl0xLZnTWi90IOF8tHmwbOhSxbhRpWPn05Gzdw27hbX41gkZ
 qqerT71oFVJhueK8gCJPtePQQXIXLsOc4gjI78WXaRB/BlpwWK4GlKEeaIHP9f35
 HVN8PAjWmgA9MR2/p9azmwYjVduaZoRrINmSVMwtS31h6eZD1m5XAuO3orBZHKqX
 8Z9gkpaeIOvGhdP0ye861l3PSduI01CNe9dT0T+iIWhXbMkJ3woVaQTOl8h/IVb6
 --- Q6mzi+/lp1nHSpHoVZqH4RXzNh0Jei8FRhBgU4IjHCQ
 <EFBFBD><EFBFBD><EFBFBD><EFBFBD>a<EFBFBD><EFBFBD><05>Ck		<09><>l<EFBFBD> !<21>\H<>>܃<>HJ{C:<3A>D<EFBFBD>ѣ&<26><><EFBFBD><EFBFBD>ŲPE<50><45><EFBFBD>W
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -0,0 +1,7 @@
 let
  m3-kratos-vm = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE+8dfimMlWKZOlpjEGI6/2hVFDhytJVTi/P92Jf9mTz";
  m3tam3re = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3YEmpYbM+cpmyD10tzNRHEn526Z3LJOzYpWEKdJg8DaYyPbDn9iyVX30Nja2SrW4Wadws0Y8DW+Urs25/wVB6mKl7jgPJVkMi5hfobu3XAz8gwSdjDzRSWJrhjynuaXiTtRYED2INbvjLuxx3X8coNwMw58OuUuw5kNJp5aS2qFmHEYQErQsGT4MNqESe3jvTP27Z5pSneBj45LmGK+RcaSnJe7hG+KRtjuhjI7RdzMeDCX73SfUsal+rHeuEw/mmjYmiIItXhFTDn8ZvVwpBKv7xsJG90DkaX2vaTk0wgJdMnpVIuIRBa4EkmMWOQ3bMLGkLQeK/4FUkNcvQ/4+zcZsg4cY9Q7Fj55DD41hAUdF6SYODtn5qMPsTCnJz44glHt/oseKXMSd556NIw2HOvihbJW7Rwl4OEjGaO/dF4nUw4c9tHWmMn9dLslAVpUuZOb7ykgP0jk79ldT3Dv+2Hj0CdAWT2cJAdFX58KQ9jUPT3tBnObSF1lGMI7t77VU=";
 in {
  "secret1.age".publicKeys = [m3-kratos-vm m3tam3re];
  "m3tam3re-secrets.age".publicKeys = [m3-kratos-vm m3tam3re];
 }
Author	SHA1	Message	Date
m3tam3re	1b285bef19	-repl-flakes, fix:homeConfiguration module	2024-11-25 09:45:49 +01:00
m3tam3re	78a720e1a3	video9	2024-09-23 14:30:14 +02:00
m3tam3re	b2c3dba781	video8	2024-09-21 16:59:39 +02:00
m3tam3re	6a0334cd38	+disko	2024-09-17 14:28:40 +02:00