diff --git a/README.md b/README.md index bf61f6b..54420f0 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,65 @@ # Meine wundervolle nix config -For secrets: - - encrypt using: `rage -R recipients.txt -o [OUT] -e [IN] ` - - decrypt using: `rage -R recipients.txt -o [OUT] -d [IN] ` +## Structure + +- `hosts/` contain nixos configuration for hosts + - `common/` shared configuration modules + - `core/` base configuration shared on all machines + - `dev/` configuration enabling dev environment + - `graphical/` configuration for graphical environments + - `hardware/` configuration for hardware components + - `/` configuration for hosts + - `default.nix` Toplevel system definition + - `fs.nix` file system definiton + - `net.nix` network setup + - `secrets/` secrets local to this hosts + - `secrets.nix.age` local secrets usable on deploy + - `host.pub` host public key, needed for rekeying agenix secrets +- `modules/` extra nixos modules + - `secrets.nix` module to enable deploy-time secrets +- `nix/` additional nix functions + - `checks.nix` pre-commit checks + - `colmena.nix` Setup for using colmena to deploy + - `devshell.nix` Development shell + - `extra-builtins.nix` Extra builtin plugin file to enable repository secrets + - `generate-node.nix` logic to generate nodes for colmena + - `lib.nix` additional library functions +- `secrets/` global secrets + - `.key.pub` public key handles to decrypt secrets using yubikey + - `recipients.txt` rage recipient file for encrypting secrets + - currently containing both yubikeys and a rage backup key + - `secrets.nix.age` global secrets available at deploy +- `users/` home manager user configuration + - `common/` shared home-manager modules + - `graphical/` configuration for graphical programs + - `programs/` configuration for miscellaneous programs + - `shells/` configuration for shells + - `impermanence.nix` hm-impermanence setup for users + - `default.nix` minimal setup for all users + - `interactive.nix` minimal setup for interactive users on a command line + - `graphical.nix` configuration for users utilizing a graphical interface + - `/` configuration for users + - `impermanence.nix` users persistence configuration + +## Hosts +- `patricknix` my main laptop + +## Users +- `patrick` my normal everyday unprivileged user +- `root` root user imported by every host + +## Flake structure + +## How-To + +...TODO + +## Deploy + +```bash +colmena apply --on +``` +If deploying from a host not containing the necessary nix configuration option append +```bash +--nix-option plugin-files "$NIX_PLUGINS"/lib/nix/plugins --nix-option extra-builtins-file ./nix/extra-builtins` +``` diff --git a/flake.nix b/flake.nix index 8a6f1db..ca80fdb 100644 --- a/flake.nix +++ b/flake.nix @@ -102,7 +102,7 @@ }; apps = agenix-rekey.defineApps self pkgs self.nodes; checks = import ./nix/checks.nix inputs system; - devShell = import ./nix/dev-shell.nix inputs system; + devShell = import ./nix/devshell.nix inputs system; formatter = pkgs.alejandra; }); } diff --git a/hosts/common/core/default.nix b/hosts/common/core/default.nix index 89928ee..8afaf76 100644 --- a/hosts/common/core/default.nix +++ b/hosts/common/core/default.nix @@ -1,5 +1,8 @@ { imports = [ + ./efi.nix + ./home-manager.nix + ./impermanence.nix ./inputrc.nix ./issue.nix ./net.nix @@ -7,8 +10,6 @@ ./ssh.nix ./system.nix ./xdg.nix - ./impermanence.nix - ./home-manager.nix ../../../users/root diff --git a/hosts/common/efi.nix b/hosts/common/core/efi.nix similarity index 100% rename from hosts/common/efi.nix rename to hosts/common/core/efi.nix diff --git a/hosts/common/graphical/default.nix b/hosts/common/graphical/default.nix deleted file mode 100644 index 2b547d6..0000000 --- a/hosts/common/graphical/default.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ - imports = [ - ./fonts.nix - ]; -} diff --git a/hosts/common/steam.nix b/hosts/common/graphical/steam.nix similarity index 100% rename from hosts/common/steam.nix rename to hosts/common/graphical/steam.nix diff --git a/hosts/common/laptop.nix b/hosts/common/hardware/laptop.nix similarity index 100% rename from hosts/common/laptop.nix rename to hosts/common/hardware/laptop.nix diff --git a/hosts/common/pipewire.nix b/hosts/common/hardware/pipewire.nix similarity index 100% rename from hosts/common/pipewire.nix rename to hosts/common/hardware/pipewire.nix diff --git a/hosts/patricknix/prime-offload.nix b/hosts/common/hardware/prime-offload.nix similarity index 100% rename from hosts/patricknix/prime-offload.nix rename to hosts/common/hardware/prime-offload.nix diff --git a/hosts/common/yubikey.nix b/hosts/common/hardware/yubikey.nix similarity index 100% rename from hosts/common/yubikey.nix rename to hosts/common/hardware/yubikey.nix diff --git a/hosts/common/zfs.nix b/hosts/common/hardware/zfs.nix similarity index 100% rename from hosts/common/zfs.nix rename to hosts/common/hardware/zfs.nix diff --git a/hosts/patricknix/default.nix b/hosts/patricknix/default.nix index efc97da..c1262fb 100644 --- a/hosts/patricknix/default.nix +++ b/hosts/patricknix/default.nix @@ -7,19 +7,20 @@ ../common/core ../common/dev - ../common/graphical + + ../common/graphical/fonts.nix + ../common/graphical/steam.nix + ../common/hardware/bluetooth.nix ../common/hardware/intel.nix + ../common/hardware/laptop.nix ../common/hardware/physical.nix - ../common/efi.nix - ../common/laptop.nix - ../common/pipewire.nix - ../common/steam.nix - ../common/yubikey.nix - ../common/zfs.nix + ../common/hardware/pipewire.nix + ../common/hardware/yubikey.nix + ../common/hardware/zfs.nix ../common/hardware/nvidia.nix - ./prime-offload.nix + ../common/hardware/prime-offload.nix ./net.nix ./fs.nix diff --git a/nix/dev-shell.nix b/nix/devshell.nix similarity index 100% rename from nix/dev-shell.nix rename to nix/devshell.nix diff --git a/templates/default/flake.nix b/templates/default/flake.nix deleted file mode 100644 index b255dac..0000000 --- a/templates/default/flake.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ - description = "Patrick tolles flake template"; - - inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; - flake-utils.url = "github:numtide/flake-utils"; - }; - - outputs = { - self, - nixpkgs, - flake-utils, - }: - flake-utils.lib.eachDefaultSystem (system: let - pkgs = import nixpkgs {inherit system;}; - in { - devShells.default = pkgs.mkShell { - packages = with pkgs; [ - st - ]; - }; - }); -} diff --git a/templates/flake.nix b/templates/flake.nix deleted file mode 100644 index 7f3cf19..0000000 --- a/templates/flake.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - description = "A collection of flake templates"; - - outputs = {self}: { - templates = { - default = { - path = ./default; - description = "My own basic flake template"; - }; - }; - }; -} diff --git a/users/patrick/default.nix b/users/patrick/default.nix index 019fb8c..ea71c3e 100644 --- a/users/patrick/default.nix +++ b/users/patrick/default.nix @@ -27,6 +27,8 @@ home-manager.users.patrick = { imports = [ ./patrick.nix + ./ssh.nix + ./impermanence.nix ../common ../common/interactive.nix ../common/graphical.nix diff --git a/users/patrick/impermanence.nix b/users/patrick/impermanence.nix new file mode 100644 index 0000000..d10ce01 --- /dev/null +++ b/users/patrick/impermanence.nix @@ -0,0 +1,18 @@ +{ + config, + extraLib, + ... +}: { + home = { + persistence."/state/${config.home.homeDirectory}" = { + allowOther = true; + directories = extraLib.impermanence.makeSymlinks [ + "repos" + "Downloads" + + "./Nextcloud" + ".config/Nextcloud" + ]; + }; + }; +} diff --git a/users/patrick/patrick.nix b/users/patrick/patrick.nix index e50eeff..b837ae1 100644 --- a/users/patrick/patrick.nix +++ b/users/patrick/patrick.nix @@ -1,26 +1,7 @@ -{ - pkgs, - config, - extraLib, - ... -}: { - imports = [ - ./ssh.nix - ]; - +{pkgs, ...}: { home = { packages = [ pkgs.nextcloud-client ]; - persistence."/state/${config.home.homeDirectory}" = { - allowOther = true; - directories = extraLib.impermanence.makeSymlinks [ - "repos" - "Downloads" - - "./Nextcloud" - ".config/Nextcloud" - ]; - }; }; }