osbm/flake
1
0
Fork 0
Code Issues Pull requests Wiki Activity

formatting

Browse source
This commit is contained in:
Osman Faruk Bayram 2025-10-19 22:46:17 +03:00
parent 20e99d234d
commit 9ea28ef218
18 changed files with 183 additions and 75 deletions
Download patch file Download diff file Expand all files Collapse all files

16
hosts/darwinHosts/prometheus/configuration.nix
View file

@ -67,7 +67,6 @@
nix.channel.enable = false;
nix.registry = {
self.flake = inputs.self;
nixpkgs.flake = inputs.nixpkgs;
@ -91,7 +90,10 @@
osbm-nvim.flake = inputs.osbm-nvim;
my-nixpkgs = {
from = { type = "indirect"; id = "my-nixpkgs"; };
from = {
type = "indirect";
id = "my-nixpkgs";
};
to = {
owner = "osbm";
repo = "nixpkgs";
@ -99,7 +101,10 @@
};
};
osbm-dev = {
from = { type = "indirect"; id = "osbm-dev"; };
from = {
type = "indirect";
id = "osbm-dev";
};
to = {
owner = "osbm";
repo = "osbm.dev";
@ -107,7 +112,10 @@
};
};
devshells = {
from = { type = "indirect"; id = "devshells"; };
from = {
type = "indirect";
id = "devshells";
};
to = {
owner = "osbm";
repo = "devshells";

29
hosts/nixos/apollo/configuration.nix
View file

@ -48,10 +48,10 @@
enable = true;
hostID = "0f7de22e";
root = {
useTmpfs = false; # Use ZFS root, not tmpfs
useTmpfs = false; # Use ZFS root, not tmpfs
encrypt = true;
disk1 = "vda";
impermanenceRoot = true; # Wipe root on boot with ZFS snapshots
impermanenceRoot = true; # Wipe root on boot with ZFS snapshots
};
};
};
@ -73,17 +73,24 @@
useDHCP = false;
interfaces.ens3 = {
useDHCP = false;
ipv4.addresses = [{
address = "152.53.152.129";
prefixLength = 22;
}];
ipv6.addresses = [{
address = "2a00:11c0:47:3b2a::1";
prefixLength = 64;
}];
ipv4.addresses = [
{
address = "152.53.152.129";
prefixLength = 22;
}
];
ipv6.addresses = [
{
address = "2a00:11c0:47:3b2a::1";
prefixLength = 64;
}
];
};
defaultGateway = "152.53.152.1";
defaultGateway6 = { address = "fe80::1"; interface = "ens3"; };
defaultGateway6 = {
address = "fe80::1";
interface = "ens3";
};
};
# Override initrd kernel params for static IP

2
hosts/nixos/apollo/hardware-configuration.nix
View file

@ -2,7 +2,7 @@
{
# Disko configuration is now managed by osbmModules.hardware.disko
# All disk configuration moved to configuration.nix
# Required for ZFS
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

2
modules/home-manager/programs/ssh.nix
View file

@ -28,7 +28,7 @@ in
programs.ssh = {
enable = true;
enableDefaultConfig = false;
matchBlocks = {
ymir = sshBlock "192.168.0.2";
ymir-ts = sshBlock "ymir.curl-boga.ts.net";

28
modules/nixos/hardware/disko.nix
View file

@ -1,4 +1,10 @@
{ config, inputs, lib, pkgs, ... }:
{
config,
inputs,
lib,
pkgs,
...
}:
let
cfg = config.osbmModules.hardware.disko;
inherit (config.networking) hostName;
@ -9,9 +15,11 @@ let
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHYSJ9ywFRJ747tkhvYWFkx/Y9SkLqv3rb7T1UuXVBWo"
];
authorizedKeys = if cfg.initrd-ssh.authorizedKeys != []
then cfg.initrd-ssh.authorizedKeys
else defaultAuthorizedKeys;
authorizedKeys =
if cfg.initrd-ssh.authorizedKeys != [ ] then
cfg.initrd-ssh.authorizedKeys
else
defaultAuthorizedKeys;
in
{
imports = [
@ -52,9 +60,12 @@ in
# ZFS does not support swapfiles
kernelParams = [
"nohibernate"
"zfs.zfs_arc_max=17179869184" # 16GB ARC max
"zfs.zfs_arc_max=17179869184" # 16GB ARC max
];
supportedFilesystems = [
"vfat"
"zfs"
];
supportedFilesystems = [ "vfat" "zfs" ];
zfs = {
devNodes = "/dev/disk/by-id/";
forceImportAll = true;
@ -117,7 +128,10 @@ in
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "defaults" "umask=0077" ];
mountOptions = [
"defaults"
"umask=0077"
];
};
};

23
modules/nixos/options.nix
View file

@ -3,14 +3,23 @@
options.osbmModules = {
# Desktop Environment
desktopEnvironment = lib.mkOption {
type = lib.types.enum [ "plasma" "none" ];
type = lib.types.enum [
"plasma"
"none"
];
default = "none";
description = "Which desktop environment to use";
};
# Machine Type
machineType = lib.mkOption {
type = lib.types.enum [ "desktop" "laptop" "server" "embedded" "mobile" ];
type = lib.types.enum [
"desktop"
"laptop"
"server"
"embedded"
"mobile"
];
default = "server";
description = "Type of machine for appropriate defaults";
};
@ -18,7 +27,10 @@
# Users
users = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ "osbm" "bayram" ];
default = [
"osbm"
"bayram"
];
description = "List of users to create. `osbm` is my main user, and `bayram` is for my family.";
};
@ -188,7 +200,10 @@
};
fileSystem = lib.mkOption {
type = lib.types.enum [ "zfs" "ext4" ];
type = lib.types.enum [
"zfs"
"ext4"
];
default = "ext4";
description = "Root filesystem type";
};

7
modules/nixos/programs/arduino.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.osbmModules.programs.arduino.enable {
environment.systemPackages = with pkgs; [

7
modules/nixos/programs/command-line.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.osbmModules.programs.commandLine.enable {
environment.systemPackages = with pkgs; [

7
modules/nixos/programs/graphical.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.osbmModules.programs.graphical.enable {
environment.systemPackages = with pkgs; [

8
modules/nixos/programs/neovim.nix
View file

@ -1,4 +1,10 @@
{ lib, inputs, config, pkgs, ... }:
{
lib,
inputs,
config,
pkgs,
...
}:
{
config = lib.mkIf config.osbmModules.programs.neovim.enable {
environment.systemPackages = [

18
modules/nixos/programs/steam.nix
View file

@ -1,14 +1,14 @@
{ lib, config, ... }:
{
config = lib.mkIf config.osbmModules.programs.steam.enable {
programs.steam = {
enable = true;
# Open ports in the firewall for Steam Remote Play
remotePlay.openFirewall = true;
# Open ports in the firewall for Source Dedicated Server
dedicatedServer.openFirewall = true;
# Open ports in the firewall for Steam Local Network Game Transfers
localNetworkGameTransfers.openFirewall = true;
};
programs.steam = {
enable = true;
# Open ports in the firewall for Steam Remote Play
remotePlay.openFirewall = true;
# Open ports in the firewall for Source Dedicated Server
dedicatedServer.openFirewall = true;
# Open ports in the firewall for Steam Local Network Game Transfers
localNetworkGameTransfers.openFirewall = true;
};
};
}

48
modules/nixos/system/agenix.nix
View file

@ -1,32 +1,38 @@
{ lib, pkgs, inputs, config, ... }:
{
lib,
pkgs,
inputs,
config,
...
}:
{
imports = [
inputs.agenix.nixosModules.default
];
config = lib.mkIf config.osbmModules.agenix.enable {
environment.systemPackages = [
inputs.agenix.packages.${pkgs.stdenv.hostPlatform.system}.agenix
pkgs.age
];
environment.systemPackages = [
inputs.agenix.packages.${pkgs.stdenv.hostPlatform.system}.agenix
pkgs.age
];
age.secrets = {
network-manager.file = ../secrets/network-manager.age;
ssh-key-private = {
file = ../secrets/ssh-key-private.age;
path = "/home/osbm/.ssh/id_ed25519";
owner = "osbm";
group = "users";
mode = "600";
};
ssh-key-public = {
file = ../secrets/ssh-key-public.age;
path = "/home/osbm/.ssh/id_ed25519.pub";
owner = "osbm";
group = "users";
mode = "644";
};
age.secrets = {
network-manager.file = ../secrets/network-manager.age;
ssh-key-private = {
file = ../secrets/ssh-key-private.age;
path = "/home/osbm/.ssh/id_ed25519";
owner = "osbm";
group = "users";
mode = "600";
};
ssh-key-public = {
file = ../secrets/ssh-key-public.age;
path = "/home/osbm/.ssh/id_ed25519.pub";
owner = "osbm";
group = "users";
mode = "644";
};
};
};
}

7
modules/nixos/system/desktop-environment.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
cfg = config.osbmModules;
in

20
modules/nixos/system/fonts.nix
View file

@ -1,4 +1,9 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
{
config = lib.mkIf config.osbmModules.fonts.enable {
fonts.packages = with pkgs; [
@ -12,14 +17,23 @@
dina-font
proggyfonts
jetbrains-mono
(nerdfonts.override { fonts = [ "FiraCode" "JetBrainsMono" "Iosevka" ]; })
(nerdfonts.override {
fonts = [
"FiraCode"
"JetBrainsMono"
"Iosevka"
];
})
];
fonts.fontconfig = {
defaultFonts = {
serif = [ "Noto Serif" ];
sansSerif = [ "Noto Sans" ];
monospace = [ "JetBrainsMono Nerd Font" "Fira Code" ];
monospace = [
"JetBrainsMono Nerd Font"
"Fira Code"
];
emoji = [ "Noto Color Emoji" ];
};
};

7
modules/nixos/system/home-manager.nix
View file

@ -1,4 +1,9 @@
{ lib, config, inputs, ... }:
{
lib,
config,
inputs,
...
}:
{
imports = lib.optionals (inputs ? home-manager) [

7
modules/nixos/system/nix-index.nix
View file

@ -1,4 +1,9 @@
{ lib, config, inputs, ... }:
{
lib,
config,
inputs,
...
}:
{
imports = [
inputs.nix-index-database.nixosModules.nix-index

10
modules/nixos/system/nix-settings.nix
View file

@ -1,8 +1,14 @@
{ inputs, lib, config, ... }:
{
inputs,
lib,
config,
...
}:
{
config = lib.mkIf config.osbmModules.nixSettings.enable {
# Allow unfree packages
nixpkgs.config.allowUnfreePredicate = pkg:
nixpkgs.config.allowUnfreePredicate =
pkg:
builtins.elem (lib.getName pkg) [
"vscode"
"discord"

12
modules/nixos/system/users.nix
View file

@ -5,16 +5,18 @@ let
regularUsers = builtins.filter (u: u != "root") cfg.users;
in
{
config = lib.mkIf (cfg.users != []) {
config = lib.mkIf (cfg.users != [ ]) {
users.users = lib.mkMerge [
# Create users based on the list (excluding root)
(lib.genAttrs regularUsers (username: {
isNormalUser = true;
description = username;
extraGroups = [ "networkmanager" ]
++ lib.optional (username == cfg.defaultUser) "wheel"
++ lib.optional config.osbmModules.virtualization.docker.enable "docker"
++ lib.optional config.osbmModules.programs.adbFastboot.enable "adbusers";
extraGroups = [
"networkmanager"
]
++ lib.optional (username == cfg.defaultUser) "wheel"
++ lib.optional config.osbmModules.virtualization.docker.enable "docker"
++ lib.optional config.osbmModules.programs.adbFastboot.enable "adbusers";
}))
# Additional configuration for default user (including root if it's default)