feat: add caleastia shell
This commit is contained in:
danny
parent
b9a369436d
commit
146418764e
20 changed files with 926 additions and 286 deletions
348
flake.nix
348
flake.nix
|
|
@ -23,6 +23,8 @@
|
|||
|
||||
ghostty = {
|
||||
url = "github:ghostty-org/ghostty?rev=7f9bb3c0e54f585e11259bc0c9064813d061929c";
|
||||
inputs.nixpkgs-stable.follows = "nixpkgs";
|
||||
inputs.nixpkgs-unstable.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
yazi = {
|
||||
|
|
@ -96,10 +98,21 @@
|
|||
url = "github:DACHXY/actual-budget-api";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
caelestia-shell = {
|
||||
url = "github:caelestia-dots/shell";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
|
||||
microvm = {
|
||||
url = "github:microvm-nix/microvm.nix";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
};
|
||||
|
||||
outputs =
|
||||
{
|
||||
self,
|
||||
nixpkgs,
|
||||
nix-index-database,
|
||||
lanzaboote,
|
||||
|
|
@ -110,6 +123,12 @@
|
|||
system = "x86_64-linux";
|
||||
nix-version = "25.05";
|
||||
|
||||
pkgs = import nixpkgs {
|
||||
inherit system;
|
||||
};
|
||||
|
||||
inherit (pkgs) lib;
|
||||
|
||||
# Declare COMMON modules here
|
||||
common-settings = {
|
||||
modules = [
|
||||
|
|
@ -124,6 +143,7 @@
|
|||
inputs
|
||||
system
|
||||
nix-version
|
||||
self
|
||||
;
|
||||
};
|
||||
};
|
||||
|
|
@ -138,6 +158,58 @@
|
|||
extra-modules = [
|
||||
lanzaboote.nixosModules.lanzaboote
|
||||
./system/dev/dn-pre7780
|
||||
|
||||
# VM
|
||||
inputs.microvm.nixosModules.host
|
||||
{
|
||||
networking.useNetworkd = true;
|
||||
systemd.network.enable = true;
|
||||
systemd.network.networks."10-lan" = {
|
||||
matchConfig.Name = [
|
||||
"enp0s31f6"
|
||||
"vm-*"
|
||||
];
|
||||
networkConfig = {
|
||||
Bridge = "br0";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.network.netdevs."br0" = {
|
||||
netdevConfig = {
|
||||
Name = "br0";
|
||||
Kind = "bridge";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.network.networks."10-lan-bridge" = {
|
||||
matchConfig.Name = "br0";
|
||||
networkConfig = {
|
||||
Address = [ "192.168.0.5/24" ];
|
||||
Gateway = "192.168.0.1";
|
||||
DNS = [ "192.168.0.1" ];
|
||||
};
|
||||
|
||||
linkConfig.RequiredForOnline = "routable";
|
||||
};
|
||||
|
||||
# microvm.autostart = [
|
||||
# "vm-1"
|
||||
# "vm-2"
|
||||
# ];
|
||||
|
||||
microvm.vms = {
|
||||
vm-1 = {
|
||||
flake = self;
|
||||
updateFlake = "git+file:///etc/nixos";
|
||||
autostart = false;
|
||||
};
|
||||
vm-2 = {
|
||||
flake = self;
|
||||
updateFlake = "git+file:///etc/nixos";
|
||||
autostart = false;
|
||||
};
|
||||
};
|
||||
}
|
||||
];
|
||||
overlays = [ ];
|
||||
};
|
||||
|
|
@ -176,60 +248,234 @@
|
|||
};
|
||||
in
|
||||
{
|
||||
nixosConfigurations = builtins.mapAttrs (
|
||||
dev: conf:
|
||||
let
|
||||
domain = if conf.domain != null then conf.domain else "local";
|
||||
inherit (conf) username hostname;
|
||||
in
|
||||
nixpkgs.lib.nixosSystem {
|
||||
modules = [
|
||||
{
|
||||
system.stateVersion = nix-version;
|
||||
home-manager = {
|
||||
backupFileExtension = "backup-hm";
|
||||
useUserPackages = true;
|
||||
useGlobalPkgs = true;
|
||||
extraSpecialArgs = {
|
||||
inherit
|
||||
inputs
|
||||
system
|
||||
nix-version
|
||||
devices
|
||||
username
|
||||
;
|
||||
nixosConfigurations =
|
||||
(builtins.mapAttrs (
|
||||
dev: conf:
|
||||
let
|
||||
domain = if conf.domain != null then conf.domain else "local";
|
||||
inherit (conf) username hostname;
|
||||
in
|
||||
nixpkgs.lib.nixosSystem {
|
||||
modules = [
|
||||
{
|
||||
system.stateVersion = nix-version;
|
||||
home-manager = {
|
||||
backupFileExtension = "backup-hm";
|
||||
useUserPackages = true;
|
||||
useGlobalPkgs = true;
|
||||
extraSpecialArgs = {
|
||||
inherit
|
||||
inputs
|
||||
system
|
||||
nix-version
|
||||
devices
|
||||
username
|
||||
;
|
||||
};
|
||||
users."${username}" = lib.mkIf (!((conf ? isVM) && (conf.isVM))) {
|
||||
imports = [
|
||||
inputs.hyprland.homeManagerModules.default
|
||||
inputs.caelestia-shell.homeManagerModules.default
|
||||
inputs.zen-browser.homeManagerModules.${system}.default
|
||||
{
|
||||
home = {
|
||||
homeDirectory = "/home/${username}";
|
||||
stateVersion = nix-version;
|
||||
};
|
||||
# Let Home Manager install and manage itself.
|
||||
programs.home-manager.enable = true;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
users."${username}" = {
|
||||
imports = [
|
||||
inputs.hyprland.homeManagerModules.default
|
||||
inputs.zen-browser.homeManagerModules.${system}.default
|
||||
{
|
||||
home = {
|
||||
homeDirectory = "/home/${username}";
|
||||
stateVersion = nix-version;
|
||||
networking = {
|
||||
inherit domain;
|
||||
hostName = hostname;
|
||||
};
|
||||
nixpkgs.hostPlatform = system;
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
nixpkgs.overlays = ((import ./pkgs/overlays) ++ conf.overlays);
|
||||
}
|
||||
]
|
||||
++ common-settings.modules
|
||||
++ conf.extra-modules;
|
||||
specialArgs = {
|
||||
inherit username;
|
||||
}
|
||||
// common-settings.args;
|
||||
}
|
||||
) devices)
|
||||
//
|
||||
# VM For k8s
|
||||
(
|
||||
let
|
||||
vmList =
|
||||
let
|
||||
kubeMasterIP = "192.168.0.6";
|
||||
kubeMasterHostname = "api.kube";
|
||||
kubeMasterAPIServerPort = 6443;
|
||||
kubeApi = "https://${kubeMasterHostname}:${toString kubeMasterAPIServerPort}";
|
||||
in
|
||||
{
|
||||
# master
|
||||
vm-1 = {
|
||||
ip = "192.168.0.6";
|
||||
mac = "02:00:00:00:00:01";
|
||||
extraConfig = {
|
||||
networking.extraHosts = "${kubeMasterIP} ${kubeMasterHostname}";
|
||||
environment.systemPackages = with pkgs; [
|
||||
kompose
|
||||
kubectl
|
||||
kubernetes
|
||||
];
|
||||
|
||||
services.kubernetes = {
|
||||
roles = [
|
||||
"master"
|
||||
"node"
|
||||
];
|
||||
|
||||
masterAddress = kubeMasterHostname;
|
||||
apiserverAddress = kubeApi;
|
||||
easyCerts = true;
|
||||
apiserver = {
|
||||
securePort = kubeMasterAPIServerPort;
|
||||
advertiseAddress = kubeMasterIP;
|
||||
};
|
||||
|
||||
addons.dns.enable = true;
|
||||
};
|
||||
# Let Home Manager install and manage itself.
|
||||
programs.home-manager.enable = true;
|
||||
|
||||
systemd.services.link-kube-config = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
ExecStart = "${pkgs.writeShellScript "link-kube-config.sh" ''
|
||||
target="/etc/kubernetes/cluster-admin.kubeconfig"
|
||||
if [ -e "$target" ]; then
|
||||
[ ! -d "/root/.kube" ] && mkdir -p "/root/.kube"
|
||||
ln -sf $target /root/.kube/config
|
||||
fi
|
||||
''}";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
# Node
|
||||
vm-2 = {
|
||||
ip = "192.168.0.7";
|
||||
mac = "02:00:00:00:00:02";
|
||||
extraConfig = {
|
||||
networking.extraHosts = "${kubeMasterIP} ${kubeMasterHostname}";
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
kompose
|
||||
kubectl
|
||||
kubernetes
|
||||
];
|
||||
|
||||
services.kubernetes = {
|
||||
roles = [ "node" ];
|
||||
masterAddress = kubeMasterHostname;
|
||||
easyCerts = true;
|
||||
|
||||
kubelet.kubeconfig.server = kubeApi;
|
||||
apiserverAddress = kubeApi;
|
||||
addons.dns.enable = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
mkMicrovm = name: value: {
|
||||
hypervisor = "qemu";
|
||||
vcpu = 4;
|
||||
mem = 8192;
|
||||
interfaces = [
|
||||
{
|
||||
type = "tap";
|
||||
id = "${name}";
|
||||
mac = value.mac;
|
||||
}
|
||||
];
|
||||
shares = [
|
||||
{
|
||||
tag = "ro-store";
|
||||
source = "/nix/store";
|
||||
mountPoint = "/nix/.ro-store";
|
||||
}
|
||||
];
|
||||
};
|
||||
in
|
||||
lib.mapAttrs' (
|
||||
name: value:
|
||||
lib.nameValuePair name (
|
||||
nixpkgs.lib.nixosSystem ({
|
||||
inherit system;
|
||||
modules = [
|
||||
inputs.microvm.nixosModules.microvm
|
||||
value.extraConfig
|
||||
{
|
||||
microvm = mkMicrovm name value;
|
||||
system.stateVersion = lib.trivial.release;
|
||||
networking.hostName = name;
|
||||
networking.domain = "kube";
|
||||
networking.firewall.enable = false;
|
||||
users.users.root.password = "";
|
||||
services.getty.autologinUser = "root";
|
||||
|
||||
programs.fish.enable = true;
|
||||
programs.bash = {
|
||||
shellInit = ''
|
||||
if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
|
||||
then
|
||||
shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
|
||||
exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
|
||||
fi
|
||||
'';
|
||||
};
|
||||
|
||||
systemd.network.enable = true;
|
||||
systemd.network.networks."20-lan" = {
|
||||
matchConfig.Type = "ether";
|
||||
networkConfig = {
|
||||
Address = [ "${value.ip}/24" ];
|
||||
Gateway = "192.168.0.1";
|
||||
DNS = [ "192.168.0.1" ];
|
||||
DHCP = "no";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.br-netfilter = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = "/run/current-system/sw/bin/modprobe br_netfilter";
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
dig.dnsutils
|
||||
openssl
|
||||
|
||||
fishPlugins.done
|
||||
fishPlugins.fzf-fish
|
||||
fishPlugins.forgit
|
||||
fishPlugins.hydro
|
||||
fzf
|
||||
fishPlugins.grc
|
||||
grc
|
||||
git
|
||||
];
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
networking = {
|
||||
inherit domain;
|
||||
hostName = hostname;
|
||||
};
|
||||
nixpkgs.hostPlatform = system;
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
nixpkgs.overlays = ((import ./pkgs/overlays) ++ conf.overlays);
|
||||
}
|
||||
]
|
||||
++ common-settings.modules
|
||||
++ conf.extra-modules;
|
||||
specialArgs = {
|
||||
inherit username;
|
||||
}
|
||||
// common-settings.args;
|
||||
}
|
||||
) devices;
|
||||
})
|
||||
)
|
||||
) vmList
|
||||
);
|
||||
|
||||
packages."${system}" = {
|
||||
vm-1 = self.nixosConfigurations.vm-1.config.microvm.declaredRunner;
|
||||
vm-2 = self.nixosConfigurations.vm-2.config.microvm.declaredRunner;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue