feat: Wrote README improving folder structure otw

2023-06-03 18:05:10 +09:00 · 2023-06-03 18:05:10 +09:00 · 5835335a2e
parent bb50ea0d5a
commit 5835335a2e
18 changed files with 97 additions and 74 deletions
--- a/README.md
+++ b/README.md
@ -1,5 +1,65 @@
 # Meine wundervolle nix config

-For secrets:
-	- encrypt using: `rage -R recipients.txt -o [OUT] -e [IN]  `
-	- decrypt using: `rage -R recipients.txt -o [OUT] -d [IN]  `
+## Structure
+
+- `hosts/` contain nixos configuration for hosts
+    - `common/` shared configuration modules
+        - `core/` base configuration shared on all machines
+        - `dev/` configuration enabling dev environment
+        - `graphical/` configuration for graphical environments
+        - `hardware/` configuration for hardware components
+    - `<hostname>/` configuration for hosts
+        - `default.nix` Toplevel system definition
+        - `fs.nix` file system definiton
+        - `net.nix` network setup
+        - `secrets/` secrets local to this hosts
+            - `secrets.nix.age` local secrets usable on deploy
+            - `host.pub` host public key, needed for rekeying agenix secrets
+- `modules/` extra nixos modules
+    - `secrets.nix` module to enable deploy-time secrets
+- `nix/` additional nix functions
+    - `checks.nix` pre-commit checks
+    - `colmena.nix` Setup for using colmena to deploy
+    - `devshell.nix` Development shell
+    - `extra-builtins.nix` Extra builtin plugin file to enable repository secrets
+    - `generate-node.nix` logic to generate nodes for colmena
+    - `lib.nix` additional library functions
+- `secrets/` global secrets
+    - `<name>.key.pub` public key handles to decrypt secrets using yubikey
+    - `recipients.txt` rage recipient file for encrypting secrets
+        - currently containing both yubikeys and a rage backup key
+    - `secrets.nix.age` global secrets available at deploy
+- `users/` home manager user configuration
+    - `common/` shared home-manager modules
+        - `graphical/` configuration for graphical programs
+        - `programs/` configuration for miscellaneous programs
+        - `shells/` configuration for shells
+        - `impermanence.nix` hm-impermanence setup for users
+        - `default.nix` minimal setup for all users
+        - `interactive.nix` minimal setup for interactive users on a command line
+        - `graphical.nix` configuration for users utilizing a graphical interface
+    - `<username>/` configuration for users
+        - `impermanence.nix` users persistence configuration
+
+## Hosts
+- `patricknix` my main laptop
+
+## Users
+- `patrick` my normal everyday unprivileged user
+- `root` root user imported by every host
+
+## Flake structure
+
+## How-To
+
+...TODO
+
+## Deploy
+
+```bash
+colmena apply --on <hostname>
+```
+If deploying from a host not containing the necessary nix configuration option append
+```bash
+--nix-option plugin-files "$NIX_PLUGINS"/lib/nix/plugins --nix-option extra-builtins-file ./nix/extra-builtins`
+```
--- a/flake.nix
+++ b/flake.nix
@ -102,7 +102,7 @@
      };
      apps = agenix-rekey.defineApps self pkgs self.nodes;
      checks = import ./nix/checks.nix inputs system;
-      devShell = import ./nix/dev-shell.nix inputs system;
+      devShell = import ./nix/devshell.nix inputs system;
      formatter = pkgs.alejandra;
    });
 }
--- a/hosts/common/core/default.nix
+++ b/hosts/common/core/default.nix
@ -1,5 +1,8 @@
 {
  imports = [
+    ./efi.nix
+    ./home-manager.nix
+    ./impermanence.nix
    ./inputrc.nix
    ./issue.nix
    ./net.nix
@ -7,8 +10,6 @@
    ./ssh.nix
    ./system.nix
    ./xdg.nix
-    ./impermanence.nix
-    ./home-manager.nix

    ../../../users/root

--- a/hosts/common/core/efi.nix
+++ b/hosts/common/core/efi.nix
--- a/hosts/common/graphical/default.nix
+++ b/hosts/common/graphical/default.nix
@ -1,5 +0,0 @@
-{
-  imports = [
-    ./fonts.nix
-  ];
-}
--- a/hosts/common/graphical/steam.nix
+++ b/hosts/common/graphical/steam.nix
--- a/hosts/common/hardware/laptop.nix
+++ b/hosts/common/hardware/laptop.nix
--- a/hosts/common/hardware/pipewire.nix
+++ b/hosts/common/hardware/pipewire.nix
--- a/hosts/common/hardware/prime-offload.nix
+++ b/hosts/common/hardware/prime-offload.nix
--- a/hosts/common/hardware/yubikey.nix
+++ b/hosts/common/hardware/yubikey.nix
--- a/hosts/common/hardware/zfs.nix
+++ b/hosts/common/hardware/zfs.nix
--- a/hosts/patricknix/default.nix
+++ b/hosts/patricknix/default.nix
@ -7,19 +7,20 @@

    ../common/core
    ../common/dev
-    ../common/graphical
+
+    ../common/graphical/fonts.nix
+    ../common/graphical/steam.nix
+
    ../common/hardware/bluetooth.nix
    ../common/hardware/intel.nix
+    ../common/hardware/laptop.nix
    ../common/hardware/physical.nix
-    ../common/efi.nix
-    ../common/laptop.nix
-    ../common/pipewire.nix
-    ../common/steam.nix
-    ../common/yubikey.nix
-    ../common/zfs.nix
+    ../common/hardware/pipewire.nix
+    ../common/hardware/yubikey.nix
+    ../common/hardware/zfs.nix

    ../common/hardware/nvidia.nix
-    ./prime-offload.nix
+    ../common/hardware/prime-offload.nix

    ./net.nix
    ./fs.nix
--- a/nix/dev-shell.nix
+++ b/nix/dev-shell.nix
--- a/templates/default/flake.nix
+++ b/templates/default/flake.nix
@ -1,23 +0,0 @@
-{
-  description = "Patrick tolles flake template";
-
-  inputs = {
-    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
-    flake-utils.url = "github:numtide/flake-utils";
-  };
-
-  outputs = {
-    self,
-    nixpkgs,
-    flake-utils,
-  }:
-    flake-utils.lib.eachDefaultSystem (system: let
-      pkgs = import nixpkgs {inherit system;};
-    in {
-      devShells.default = pkgs.mkShell {
-        packages = with pkgs; [
-          st
-        ];
-      };
-    });
-}
--- a/templates/flake.nix
+++ b/templates/flake.nix
@ -1,12 +0,0 @@
-{
-  description = "A collection of flake templates";
-
-  outputs = {self}: {
-    templates = {
-      default = {
-        path = ./default;
-        description = "My own basic flake template";
-      };
-    };
-  };
-}
--- a/users/patrick/default.nix
+++ b/users/patrick/default.nix
@ -27,6 +27,8 @@
  home-manager.users.patrick = {
    imports = [
      ./patrick.nix
+      ./ssh.nix
+      ./impermanence.nix
      ../common
      ../common/interactive.nix
      ../common/graphical.nix
--- a/users/patrick/impermanence.nix
+++ b/users/patrick/impermanence.nix
@ -0,0 +1,18 @@
+{
+  config,
+  extraLib,
+  ...
+}: {
+  home = {
+    persistence."/state/${config.home.homeDirectory}" = {
+      allowOther = true;
+      directories = extraLib.impermanence.makeSymlinks [
+        "repos"
+        "Downloads"
+
+        "./Nextcloud"
+        ".config/Nextcloud"
+      ];
+    };
+  };
+}
--- a/users/patrick/patrick.nix
+++ b/users/patrick/patrick.nix
@ -1,26 +1,7 @@
-{
-  pkgs,
-  config,
-  extraLib,
-  ...
-}: {
-  imports = [
-    ./ssh.nix
-  ];
-
+{pkgs, ...}: {
  home = {
    packages = [
      pkgs.nextcloud-client
    ];
-    persistence."/state/${config.home.homeDirectory}" = {
-      allowOther = true;
-      directories = extraLib.impermanence.makeSymlinks [
-        "repos"
-        "Downloads"
-
-        "./Nextcloud"
-        ".config/Nextcloud"
-      ];
-    };
  };
 }