mirror of
https://github.com/alyraffauf/nixcfg.git
synced 2024-11-22 05:53:56 -05:00
hosts: reorganize common config (#39)
* hosts: mv common.nix -> common/default.nix * hosts/common: move wifi settings to wifi.nix * hosts/common: add locale.nix, nix.nix, samba.nix, and secrets.nix * hosts/common: move network and wifi settings to network.nix * hosts/common: org fixes
This commit is contained in:
parent
83e4f55604
commit
a844e2ff68
177
hosts/common.nix
177
hosts/common.nix
|
@ -1,177 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
self,
|
||||
...
|
||||
}: {
|
||||
age.secrets = {
|
||||
tailscaleAuthKey.file = ../secrets/tailscale/authKeyFile.age;
|
||||
wifi.file = ../secrets/wifi.age;
|
||||
};
|
||||
|
||||
environment = {
|
||||
systemPackages = with pkgs; [
|
||||
self.inputs.agenix.packages.${pkgs.system}.default
|
||||
inxi
|
||||
];
|
||||
|
||||
variables.FLAKE = "github:alyraffauf/nixcfg";
|
||||
};
|
||||
|
||||
i18n = {
|
||||
defaultLocale = lib.mkDefault "en_US.UTF-8";
|
||||
extraLocaleSettings = {
|
||||
LC_ADDRESS = config.i18n.defaultLocale;
|
||||
LC_IDENTIFICATION = config.i18n.defaultLocale;
|
||||
LC_MEASUREMENT = config.i18n.defaultLocale;
|
||||
LC_MONETARY = config.i18n.defaultLocale;
|
||||
LC_NAME = config.i18n.defaultLocale;
|
||||
LC_NUMERIC = config.i18n.defaultLocale;
|
||||
LC_PAPER = config.i18n.defaultLocale;
|
||||
LC_TELEPHONE = config.i18n.defaultLocale;
|
||||
LC_TIME = config.i18n.defaultLocale;
|
||||
};
|
||||
};
|
||||
|
||||
fileSystems = lib.attrsets.optionalAttrs (config.networking.hostName != "mauville") {
|
||||
"/mnt/Archive" = {
|
||||
device = "//mauville/Archive";
|
||||
fsType = "cifs";
|
||||
options = [
|
||||
"gid=100"
|
||||
"guest"
|
||||
"nofail"
|
||||
"uid=${toString config.users.users.aly.uid}"
|
||||
"x-systemd.after=network.target"
|
||||
"x-systemd.after=tailscaled.service"
|
||||
"x-systemd.automount"
|
||||
"x-systemd.device-timeout=5s"
|
||||
"x-systemd.idle-timeout=60"
|
||||
"x-systemd.mount-timeout=5s"
|
||||
];
|
||||
};
|
||||
|
||||
"/mnt/Media" = {
|
||||
device = "//mauville/Media";
|
||||
fsType = "cifs";
|
||||
options = [
|
||||
"gid=100"
|
||||
"guest"
|
||||
"nofail"
|
||||
"uid=${toString config.users.users.aly.uid}"
|
||||
"x-systemd.after=network.target"
|
||||
"x-systemd.after=tailscaled.service"
|
||||
"x-systemd.automount"
|
||||
"x-systemd.device-timeout=5s"
|
||||
"x-systemd.idle-timeout=60"
|
||||
"x-systemd.mount-timeout=5s"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
home-manager.sharedModules = [
|
||||
{
|
||||
gtk.gtk3.bookmarks = lib.optionals (config.networking.hostName != "mauville") [
|
||||
"file:///mnt/Media"
|
||||
"file:///mnt/Archive"
|
||||
];
|
||||
}
|
||||
];
|
||||
|
||||
nix.settings = {
|
||||
substituters = [
|
||||
"https://alyraffauf.cachix.org"
|
||||
"https://cache.nixos.org/"
|
||||
"https://nix-community.cachix.org"
|
||||
];
|
||||
|
||||
trusted-public-keys = [
|
||||
"alyraffauf.cachix.org-1:GQVrRGfjTtkPGS8M6y7Ik0z4zLt77O0N25ynv2gWzDM="
|
||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||
];
|
||||
|
||||
trusted-users = ["aly"];
|
||||
};
|
||||
|
||||
nixpkgs.config.allowUnfree = true; # Allow unfree packages
|
||||
|
||||
networking.networkmanager = {
|
||||
enable = true;
|
||||
|
||||
ensureProfiles = {
|
||||
environmentFiles = [config.age.secrets.wifi.path];
|
||||
|
||||
profiles = let
|
||||
mkOpenWiFi = ssid: {
|
||||
connection.id = "${ssid}";
|
||||
connection.type = "wifi";
|
||||
ipv4.method = "auto";
|
||||
ipv6.addr-gen-mode = "default";
|
||||
ipv6.method = "auto";
|
||||
wifi.mode = "infrastructure";
|
||||
wifi.ssid = "${ssid}";
|
||||
};
|
||||
|
||||
mkWPA2WiFi = ssid: psk: (
|
||||
(mkOpenWiFi ssid)
|
||||
// {
|
||||
wifi-security.auth-alg = "open";
|
||||
wifi-security.key-mgmt = "wpa-psk";
|
||||
wifi-security.psk = "${psk}";
|
||||
}
|
||||
);
|
||||
|
||||
mkEAPWiFi = ssid: identity: pass: auth: (
|
||||
(mkOpenWiFi ssid)
|
||||
// {
|
||||
"802-1x".eap = "peap;";
|
||||
"802-1x".identity = "${identity}";
|
||||
"802-1x".password = "${pass}";
|
||||
"802-1x".phase2-auth = "${auth}";
|
||||
wifi-security.auth-alg = "open";
|
||||
wifi-security.key-mgmt = "wpa-eap";
|
||||
}
|
||||
);
|
||||
in {
|
||||
"Dustin's A54" = mkWPA2WiFi "Dustin's A54" "$DustinsA54PSK";
|
||||
"FCS-WiFi2" = mkEAPWiFi "FCS-WiFi2" "$FCSIdentity" "$FCSPassword" "mschapv2";
|
||||
"javapatron" = mkOpenWiFi "javapatron";
|
||||
"Stargate-Discovery" = mkWPA2WiFi "Stargate-Discovery" "$StargateDiscoveryPSK";
|
||||
"Taproom Public WiFi" = mkOpenWiFi "Taproom Public WiFi";
|
||||
"wallace" = mkWPA2WiFi "wallace" "$wallacePSK";
|
||||
"WeWorkWiFi" = mkEAPWiFi "WeWorkWiFi" "$WeWorkWiFiIdentity" "$WeWorkWiFiPassword" "mschapv2";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
services = {
|
||||
tailscale = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
authKeyFile = config.age.secrets.tailscaleAuthKey.path;
|
||||
};
|
||||
|
||||
xserver.xkb = {
|
||||
layout = "us";
|
||||
variant = "altgr-intl";
|
||||
};
|
||||
};
|
||||
|
||||
system.autoUpgrade = {
|
||||
enable = true;
|
||||
allowReboot = true;
|
||||
dates = "02:00";
|
||||
flake = "github:alyraffauf/nixcfg";
|
||||
operation = "switch";
|
||||
persistent = true;
|
||||
randomizedDelaySec = "30min";
|
||||
|
||||
rebootWindow = {
|
||||
lower = "04:00";
|
||||
upper = "06:00";
|
||||
};
|
||||
};
|
||||
|
||||
time.timeZone = "America/New_York";
|
||||
}
|
11
hosts/common/default.nix
Normal file
11
hosts/common/default.nix
Normal file
|
@ -0,0 +1,11 @@
|
|||
{pkgs, ...}: {
|
||||
imports = [
|
||||
./locale.nix
|
||||
./network.nix
|
||||
./nix.nix
|
||||
./samba.nix
|
||||
./secrets.nix
|
||||
];
|
||||
|
||||
environment.systemPackages = with pkgs; [inxi];
|
||||
}
|
28
hosts/common/locale.nix
Normal file
28
hosts/common/locale.nix
Normal file
|
@ -0,0 +1,28 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
i18n = {
|
||||
defaultLocale = lib.mkDefault "en_US.UTF-8";
|
||||
|
||||
extraLocaleSettings = {
|
||||
LC_ADDRESS = config.i18n.defaultLocale;
|
||||
LC_IDENTIFICATION = config.i18n.defaultLocale;
|
||||
LC_MEASUREMENT = config.i18n.defaultLocale;
|
||||
LC_MONETARY = config.i18n.defaultLocale;
|
||||
LC_NAME = config.i18n.defaultLocale;
|
||||
LC_NUMERIC = config.i18n.defaultLocale;
|
||||
LC_PAPER = config.i18n.defaultLocale;
|
||||
LC_TELEPHONE = config.i18n.defaultLocale;
|
||||
LC_TIME = config.i18n.defaultLocale;
|
||||
};
|
||||
};
|
||||
|
||||
services.xserver.xkb = {
|
||||
layout = "us";
|
||||
variant = "altgr-intl";
|
||||
};
|
||||
|
||||
time.timeZone = "America/New_York";
|
||||
}
|
56
hosts/common/network.nix
Normal file
56
hosts/common/network.nix
Normal file
|
@ -0,0 +1,56 @@
|
|||
{config, ...}: {
|
||||
networking.networkmanager = {
|
||||
enable = true;
|
||||
|
||||
ensureProfiles = {
|
||||
environmentFiles = [config.age.secrets.wifi.path];
|
||||
|
||||
profiles = let
|
||||
mkOpenWiFi = ssid: {
|
||||
connection.id = "${ssid}";
|
||||
connection.type = "wifi";
|
||||
ipv4.method = "auto";
|
||||
ipv6.addr-gen-mode = "default";
|
||||
ipv6.method = "auto";
|
||||
wifi.mode = "infrastructure";
|
||||
wifi.ssid = "${ssid}";
|
||||
};
|
||||
|
||||
mkWPA2WiFi = ssid: psk: (
|
||||
(mkOpenWiFi ssid)
|
||||
// {
|
||||
wifi-security.auth-alg = "open";
|
||||
wifi-security.key-mgmt = "wpa-psk";
|
||||
wifi-security.psk = "${psk}";
|
||||
}
|
||||
);
|
||||
|
||||
mkEAPWiFi = ssid: identity: pass: auth: (
|
||||
(mkOpenWiFi ssid)
|
||||
// {
|
||||
"802-1x".eap = "peap;";
|
||||
"802-1x".identity = "${identity}";
|
||||
"802-1x".password = "${pass}";
|
||||
"802-1x".phase2-auth = "${auth}";
|
||||
wifi-security.auth-alg = "open";
|
||||
wifi-security.key-mgmt = "wpa-eap";
|
||||
}
|
||||
);
|
||||
in {
|
||||
"Dustin's A54" = mkWPA2WiFi "Dustin's A54" "$DustinsA54PSK";
|
||||
"FCS-WiFi2" = mkEAPWiFi "FCS-WiFi2" "$FCSIdentity" "$FCSPassword" "mschapv2";
|
||||
"javapatron" = mkOpenWiFi "javapatron";
|
||||
"Stargate-Discovery" = mkWPA2WiFi "Stargate-Discovery" "$StargateDiscoveryPSK";
|
||||
"Taproom Public WiFi" = mkOpenWiFi "Taproom Public WiFi";
|
||||
"wallace" = mkWPA2WiFi "wallace" "$wallacePSK";
|
||||
"WeWorkWiFi" = mkEAPWiFi "WeWorkWiFi" "$WeWorkWiFiIdentity" "$WeWorkWiFiPassword" "mschapv2";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
services.tailscale = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
authKeyFile = config.age.secrets.tailscaleAuthKey.path;
|
||||
};
|
||||
}
|
35
hosts/common/nix.nix
Normal file
35
hosts/common/nix.nix
Normal file
|
@ -0,0 +1,35 @@
|
|||
{config, ...}: {
|
||||
environment.variables.FLAKE = "github:alyraffauf/nixcfg";
|
||||
|
||||
nix.settings = {
|
||||
substituters = [
|
||||
"https://alyraffauf.cachix.org"
|
||||
"https://cache.nixos.org/"
|
||||
"https://nix-community.cachix.org"
|
||||
];
|
||||
|
||||
trusted-public-keys = [
|
||||
"alyraffauf.cachix.org-1:GQVrRGfjTtkPGS8M6y7Ik0z4zLt77O0N25ynv2gWzDM="
|
||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||
];
|
||||
|
||||
trusted-users = ["aly"];
|
||||
};
|
||||
|
||||
nixpkgs.config.allowUnfree = true; # Allow unfree packages
|
||||
|
||||
system.autoUpgrade = {
|
||||
enable = true;
|
||||
allowReboot = true;
|
||||
dates = "02:00";
|
||||
flake = config.environment.variables.FLAKE;
|
||||
operation = "switch";
|
||||
persistent = true;
|
||||
randomizedDelaySec = "30min";
|
||||
|
||||
rebootWindow = {
|
||||
lower = "04:00";
|
||||
upper = "06:00";
|
||||
};
|
||||
};
|
||||
}
|
50
hosts/common/samba.nix
Normal file
50
hosts/common/samba.nix
Normal file
|
@ -0,0 +1,50 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
fileSystems = lib.attrsets.optionalAttrs (config.networking.hostName != "mauville") {
|
||||
"/mnt/Archive" = {
|
||||
device = "//mauville/Archive";
|
||||
fsType = "cifs";
|
||||
options = [
|
||||
"gid=100"
|
||||
"guest"
|
||||
"nofail"
|
||||
"uid=${toString config.users.users.aly.uid}"
|
||||
"x-systemd.after=network.target"
|
||||
"x-systemd.after=tailscaled.service"
|
||||
"x-systemd.automount"
|
||||
"x-systemd.device-timeout=5s"
|
||||
"x-systemd.idle-timeout=60"
|
||||
"x-systemd.mount-timeout=5s"
|
||||
];
|
||||
};
|
||||
|
||||
"/mnt/Media" = {
|
||||
device = "//mauville/Media";
|
||||
fsType = "cifs";
|
||||
options = [
|
||||
"gid=100"
|
||||
"guest"
|
||||
"nofail"
|
||||
"uid=${toString config.users.users.aly.uid}"
|
||||
"x-systemd.after=network.target"
|
||||
"x-systemd.after=tailscaled.service"
|
||||
"x-systemd.automount"
|
||||
"x-systemd.device-timeout=5s"
|
||||
"x-systemd.idle-timeout=60"
|
||||
"x-systemd.mount-timeout=5s"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
home-manager.sharedModules = [
|
||||
{
|
||||
gtk.gtk3.bookmarks = lib.optionals (config.networking.hostName != "mauville") [
|
||||
"file:///mnt/Media"
|
||||
"file:///mnt/Archive"
|
||||
];
|
||||
}
|
||||
];
|
||||
}
|
12
hosts/common/secrets.nix
Normal file
12
hosts/common/secrets.nix
Normal file
|
@ -0,0 +1,12 @@
|
|||
{
|
||||
pkgs,
|
||||
self,
|
||||
...
|
||||
}: {
|
||||
age.secrets = {
|
||||
tailscaleAuthKey.file = ../../secrets/tailscale/authKeyFile.age;
|
||||
wifi.file = ../../secrets/wifi.age;
|
||||
};
|
||||
|
||||
environment.systemPackages = [self.inputs.agenix.packages.${pkgs.system}.default];
|
||||
}
|
|
@ -7,7 +7,7 @@
|
|||
...
|
||||
}: {
|
||||
imports = [
|
||||
../common.nix
|
||||
../common
|
||||
./disko.nix
|
||||
./home.nix
|
||||
self.inputs.nixhw.nixosModules.framework-13-intel-11th
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
...
|
||||
}: {
|
||||
imports = [
|
||||
../common.nix
|
||||
../common
|
||||
./disko.nix
|
||||
./home.nix
|
||||
self.inputs.nixhw.nixosModules.framework-13-amd-7000
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
mediaDirectory = "/mnt/Media";
|
||||
in {
|
||||
imports = [
|
||||
../common.nix
|
||||
../common
|
||||
./filesystems.nix
|
||||
./home.nix
|
||||
self.inputs.nixhw.nixosModules.common-amd-cpu
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
...
|
||||
}: {
|
||||
imports = [
|
||||
../common.nix
|
||||
../common
|
||||
./disko.nix
|
||||
./home.nix
|
||||
self.inputs.nixhw.nixosModules.lenovo-yoga-9i-intel-13th
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
...
|
||||
}: {
|
||||
imports = [
|
||||
../common.nix
|
||||
../common
|
||||
./disko.nix
|
||||
./home.nix
|
||||
self.inputs.nixhw.nixosModules.thinkpad-t440p
|
||||
|
|
Loading…
Reference in a new issue