rogueking/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

new system based abstraction

Browse Source
This commit is contained in:
rogueking
2026-01-07 22:34:39 -08:00
parent edd4d6d5a3
commit 9f48316c21
14 changed files with 337 additions and 154 deletions
Download Patch File Download Diff File Expand all files Collapse all files
assets/eva-01.jpg → assets/pfp/eva-01.jpg
View File
assets/pfp/jaUtSEI.jpg → assets/pfp/eva-02.2.jpg
View File
assets/pfp/eva-02.png
LFS
BIN
View File
Binary file not shown.
assets/pfp/eva-03.png
LFS
BIN
View File
Binary file not shown.
assets/pfp/nerv-color.png
LFS
BIN
View File
Binary file not shown.
assets/pfp/uptime-kuma.png
LFS
BIN
View File
Binary file not shown.
flake.lock
Generated
+24 -24
View File
@@ -40,11 +40,11 @@
]
},
"locked": {
"lastModified": 1763759067,
"narHash": "sha256-LlLt2Jo/gMNYAwOgdRQBrsRoOz7BPRkzvNaI/fzXi2Q=",
"lastModified": 1765835352,
"narHash": "sha256-XswHlK/Qtjasvhd1nOa1e8MgZ8GS//jBoTqWtrS1Giw=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "2cccadc7357c0ba201788ae99c4dfa90728ef5e0",
"rev": "a34fae9c08a15ad73f295041fec82323541400a9",
"type": "github"
},
"original": {
@@ -60,11 +60,11 @@
]
},
"locked": {
"lastModified": 1764866045,
"narHash": "sha256-0GsEtXV9OquDQ1VclQfP16cU5VZh7NEVIOjSH4UaJuM=",
"lastModified": 1767780135,
"narHash": "sha256-5SbmsLMgxzPd9YMbFR4IHfOXv6bjWs+dfl6IbSq3r7s=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "f63d0fe9d81d36e5fc95497217a72e02b8b7bcab",
"rev": "c08430923ed417abc653884328a39e98496cfd0f",
"type": "github"
},
"original": {
@@ -81,11 +81,11 @@
]
},
"locked": {
"lastModified": 1764998300,
"narHash": "sha256-fZatn/KLfHLDXnF0wy7JxXqGaZmGDTVufT4o/AOlj44=",
"lastModified": 1767738364,
"narHash": "sha256-rmAerMcKMYusVs5B88RAKAYUiENrO+d4bjvpQkkaaks=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "27a6182347ccae90a88231ae0dc5dfa7d15815bb",
"rev": "4e8b7bef66c60735982369f3151b93e62fe37da7",
"type": "github"
},
"original": {
@@ -101,11 +101,11 @@
]
},
"locked": {
"lastModified": 1765065051,
"narHash": "sha256-b7W9WsvyMOkUScNxbzS45KEJp0iiqRPyJ1I3JBE+oEE=",
"lastModified": 1767718503,
"narHash": "sha256-V+VkFs0aSG0ca8p/N3gib7FAf4cq9jyr5Gm+ZBrHQpo=",
"owner": "nix-darwin",
"repo": "nix-darwin",
"rev": "7e22bf538aa3e0937effcb1cee73d5f1bcc26f79",
"rev": "9f48ffaca1f44b3e590976b4da8666a9e86e6eb1",
"type": "github"
},
"original": {
@@ -137,11 +137,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1764440730,
"narHash": "sha256-ZlJTNLUKQRANlLDomuRWLBCH5792x+6XUJ4YdFRjtO4=",
"lastModified": 1767185284,
"narHash": "sha256-ljDBUDpD1Cg5n3mJI81Hz5qeZAwCGxon4kQW3Ho3+6Q=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "9154f4569b6cdfd3c595851a6ba51bfaa472d9f3",
"rev": "40b1a28dce561bea34858287fbb23052c3ee63fe",
"type": "github"
},
"original": {
@@ -183,11 +183,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1764950072,
"narHash": "sha256-BmPWzogsG2GsXZtlT+MTcAWeDK5hkbGRZTeZNW42fwA=",
"lastModified": 1767640445,
"narHash": "sha256-UWYqmD7JFBEDBHWYcqE6s6c77pWdcU/i+bwD6XxMb8A=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "f61125a668a320878494449750330ca58b78c557",
"rev": "9f0c42f8bc7151b8e7e5840fb3bd454ad850d8c5",
"type": "github"
},
"original": {
@@ -199,11 +199,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1764831616,
"narHash": "sha256-OtzF5wBvO0jgW1WW1rQU9cMGx7zuvkF7CAVJ1ypzkxA=",
"lastModified": 1767634882,
"narHash": "sha256-2GffSfQxe3sedHzK+sTKlYo/NTIAGzbFCIsNMUPAAnk=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "c97c47f2bac4fa59e2cbdeba289686ae615f8ed4",
"rev": "3c9db02515ef1d9b6b709fc60ba9a540957f661c",
"type": "github"
},
"original": {
@@ -222,11 +222,11 @@
"systems": "systems"
},
"locked": {
"lastModified": 1765043977,
"narHash": "sha256-Gcdn1s/ynXRFNqInTcYltAi1gqgmTKw8Hw6OSfFNWMY=",
"lastModified": 1767608728,
"narHash": "sha256-kmSJCTgrx+BxgqQOTPHAOkohvO+lbRsPWqu+PSPcz3I=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "b65233d5f9736cf8d8fe9d4652e1faf610b574bc",
"rev": "851399eebd0fb383d2fd76269d859f16021dc7a8",
"type": "github"
},
"original": {
flake.nix
+48 -6
View File
@@ -47,13 +47,34 @@
configPath = "/etc/nixos";
pkgs-unstable = import nixpkgs-unstable {
system = system;
config.allowUnfree = true;
config.allowUnfree = true;
};
# Host type abstractions
hostTypes = {
# Server hosts
isServer = hostname: builtins.elem hostname [ "buildbox" "acheron" ];
# Linux desktop hosts
isLinuxDesktop = hostname: builtins.elem hostname [ "eva-01" "eva-03" ];
# macOS host
isMacos = hostname: hostname == "eva-02";
# Helper to get host type category
getHostType = hostname:
if builtins.elem hostname [ "buildbox" "acheron" ] then "server"
else if hostname == "eva-02" then "macos"
else "linux-desktop";
};
in
{
nixosConfigurations = {
buildbox = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs pkgs-unstable configPath;} // {hostname = "buildbox";};
specialArgs = {
inherit inputs pkgs-unstable configPath hostTypes;
hostname = "buildbox";
};
system = system;
modules = [
./hosts/buildbox/configuration.nix
@@ -62,7 +83,10 @@
};
eva-01 = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs pkgs-unstable configPath;} // {hostname = "eva-01";};
specialArgs = {
inherit inputs pkgs-unstable configPath hostTypes;
hostname = "eva-01";
};
system = system;
modules = [
./hosts/eva-01/configuration.nix
@@ -73,22 +97,40 @@
};
eva-03 = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs pkgs-unstable configPath;} // {hostname = "eva-03";};
specialArgs = {
inherit inputs pkgs-unstable configPath hostTypes;
hostname = "eva-03";
};
system = system;
modules = [
./hosts/eva-03/configuration.nix
inputs.home-manager.nixosModules.default
];
};
acheron = nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs pkgs-unstable configPath hostTypes;
hostname = "acheron";
};
system = system;
modules = [
./hosts/acheron/configuration.nix
inputs.home-manager.nixosModules.default
];
};
};
darwinConfigurations = {
eva-02 = nix-darwin.lib.darwinSystem{
specialArgs = {inherit inputs configPath;
specialArgs = {
inherit inputs configPath hostTypes;
hostname = "eva-02";
pkgs-unstable = import nixpkgs-unstable {
system = "aarch64-darwin";
config.allowUnfree = true;
};
} // {hostname = "eva-02";};
};
system = "aarch64-darwin";
modules = [
./hosts/eva-02/configuration.nix
home-manager/commands/commands.nix
+22 -20
View File
@@ -3,6 +3,7 @@
pkgs-unstable,
lib,
hostname,
hostTypes,
...
}:
@@ -21,38 +22,30 @@
];
home.packages = with pkgs; [
# Common packages for all systems
age
age-plugin-1p
age-plugin-yubikey
agedu
awscli2
b3sum
bat
btop
cbonsai
curl
dig
dust
# esptool
fd
fzf
ffmpeg-full
gemini-cli
git-filter-repo
graphviz
jq
kitty
lazygit
lazyjournal
nix-du
nmap
ocamlPackages.utop
opencode
openconnect
openssl
ripgrep
s3cmd
# sage
termusic
timg
tldr
trippy
@@ -62,10 +55,23 @@
#pkgs-unstable.witr
yazi
yt-dlp
yubikey-manager
zstd
]
++ lib.optionals (hostname == "eva-01") [
# Desktop-specific packages (Linux desktops and macOS)
++ lib.optionals (!(hostTypes.isServer hostname)) (with pkgs; [
claude-code
ocamlPackages.utop
opencode
openconnect
termusic
yubikey-manager
])
# Server-specific packages
++ lib.optionals (hostTypes.isServer hostname) (with pkgs; [
# Add server-specific packages here
])
# Host-specific packages
++ lib.optionals (hostname == "eva-01") [
# cli
parted
traceroute
@@ -98,21 +104,17 @@
steghide
thc-hydra
]
++ lib.optionals (hostname == "eva-02") [
]
++ lib.optionals (hostname == "eva-03") [
++ lib.optionals (hostname == "eva-03") [
# cli
parted
traceroute
ffmpeg-full
]
++ lib.optionals (hostname == "buildbox") [
++ lib.optionals (hostname == "buildbox") [
# cli
parted
traceroute
ffmpeg-full
];
programs = {
home-manager/commands/fastfetch/fastfetch.nix
+19 -5
View File
@@ -1,23 +1,37 @@
{
hostname,
lib,
configPath,
...
}:
let
# Map hostnames to their image files
hostImages = {
"eva-01" = "${configPath}/assets/pfp/eva-01.jpg";
"eva-02" = "${configPath}/assets/pfp/eva-02.png";
"eva-03" = "${configPath}/assets/pfp/eva-03.png";
"buildbox" = "${configPath}/assets/pfp/neon-nerv.png";
"acheron" = "${configPath}/assets/pfp/neon-nerv.png";
};
# Get the image path for the current host, or null if not found
hostImage = hostImages.${hostname} or null;
in
{
programs = {
fastfetch = {
enable = true;
settings = {
logo = {
source = lib.mkIf (hostname == "eva-01") "/etc/nixos/assets/pfp/eva-01.jpg";
logo = lib.mkIf (hostImage != null) {
source = hostImage;
type = "kitty";
height = 20;
width = 60;
padding = {
top = 2; # 2;
left = 2; # 3;
top = 2;
left = 2;
};
};
display = {
home-manager/programs/programs.nix
+21 -25
View File
@@ -1,21 +1,23 @@
{ pkgs, hostname, lib, ... }:
{ pkgs, hostname, hostTypes, lib, ... }:
{
imports = lib.optionals (! (lib.elem hostname [ "buildbox" "eva-02" ])) [
./ghostty/ghostty.nix
./rofi/rofi.nix
./hypr/hypridle.nix
./hypr/hyprland.nix
./hypr/hyprlock.nix
#./hypr/waybar.nix
]
++ lib.optionals (hostname == "eva-02") [
./ghostty/ghostty.nix
];
imports =
# Desktop programs (exclude servers)
lib.optionals (hostTypes.isLinuxDesktop hostname) [
./ghostty/ghostty.nix
./rofi/rofi.nix
./hypr/hypridle.nix
./hypr/hyprland.nix
./hypr/hyprlock.nix
]
# macOS programs
++ lib.optionals (hostTypes.isMacos hostname) [
./ghostty/ghostty.nix
];
home.packages =
lib.optionals (! (lib.elem hostname [ "buildbox" "eva-02" ])) (with pkgs; [
#pwndbg
# Desktop packages (Linux desktops)
lib.optionals (hostTypes.isLinuxDesktop hostname) (with pkgs; [
bambu-studio
blender
brave
@@ -60,24 +62,18 @@
wireshark
yubikey-agent
# rpi-imager
]
])
++ lib.optionals (hostname == "eva-01") [
# Host-specific packages
++ lib.optionals (hostname == "eva-01") (with pkgs; [
calibre
sdrangel
sdrpp
sonic-visualiser
vscode
]
])
++ lib.optionals (hostname == "eva-02") [
#vscode
]
++ lib.optionals (hostname == "eva-03") [
++ lib.optionals (hostname == "eva-03") (with pkgs; [
vscode
]);
# environment.sessionVariables.NIXOS_OZONE_WL = "1";
}
hosts/acheron/configuration.nix
+173
View File
@@ -0,0 +1,173 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{
config,
pkgs,
pkgs-unstable,
inputs,
configPath,
hostname,
lib,
...
}:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
inputs.home-manager.nixosModules.default
# (modulesPath + "/profiles/qemu-guest.nix")
];
# Bootloader.
boot.loader.grub.enable = lib.mkDefault true;
boot.loader.grub.devices = [ "nodev" ];
nix.settings.experimental-features = ["nix-command" "flakes"];
# Nix optimizations
nix.optimise.automatic = true;
nix.settings.auto-optimise-store = true;
nix.gc = {
automatic = true;
dates = "weekly";
persistent = true;
options = "--delete-older-than 30d";
};
networking.hostName = "acheron"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Enable networking
networking.networkmanager.enable = true;
virtualisation.docker.enable = true;
# Set your time zone.
time.timeZone = "America/Los_Angeles";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
# Enable the X11 windowing system.
# You can disable this if you're only using the Wayland session.
services.xserver.enable = false;
services.tailscale.enable = true;
# Configure keymap in X11
services.xserver.xkb = {
layout = "us";
variant = "";
};
# Enable CUPS to print documents.
services.printing.enable = false;
# Define a user account. Don't forget to set a password with passwd.
programs.zsh.enable = true;
users.users.rogueking = {
isNormalUser = true;
description = "rogueking";
extraGroups = [ "networkmanager" "wheel" "docker" ];
shell = pkgs.zsh;
#packages = [ inputs.home-manager.packages.${pkgs.system}.default ];
packages = with pkgs; [
#apps
#cli
# thunderbird
];
};
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
# Enable OpenSSH daemon
services.openssh = {
enable = true;
ports = [ 22 ];
settings = {
PasswordAuthentication = true;
AllowUsers = [ "rogueking"];
UseDns = true;
X11Forwarding = false;
PermitRootLogin = "no";
MaxAuthTries = 8;
};
};
users.users."rogueking".openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINXqriPZVIuduc/J7GS1mD171LL0gIbgEjlImsxedWVX"
];
nixpkgs.config.permittedInsecurePackages = [
"qtwebengine-5.15.19"
"python3.12-ecdsa-0.19.1"
];
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
#cli tools
btop
curl
docker
dust
file
findutils
git
gparted
lazydocker
nettools
nix-prefetch-github
nmap
openssh
openssl
parted
plocate
ptunnel
tailscale
tlp
unzip
vim
pkgs-unstable.witr
];
home-manager = {
extraSpecialArgs = {
inherit
configPath
inputs
pkgs-unstable
hostname
;
};
users = {
"rogueking" = import ./../../home-manager/home.nix;
};
backupFileExtension = "backup";
};
system.stateVersion = "25.11";
}
hosts/buildbox/configuration.nix
+19 -70
View File
@@ -1,6 +1,6 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
# and in the NixOS manual (accessible by running 'nixos-help').
{
config,
@@ -9,6 +9,7 @@
inputs,
configPath,
hostname,
hostTypes,
lib,
...
}:
@@ -18,7 +19,6 @@
[ # Include the results of the hardware scan.
./hardware-configuration.nix
inputs.home-manager.nixosModules.default
# (modulesPath + "/profiles/qemu-guest.nix")
];
# Bootloader.
@@ -38,11 +38,6 @@
};
networking.hostName = "buildbox"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Enable networking
networking.networkmanager.enable = true;
@@ -67,16 +62,9 @@
LC_TIME = "en_US.UTF-8";
};
# Enable the X11 windowing system.
# You can disable this if you're only using the Wayland session.
# Disable X11 for servers
services.xserver.enable = false;
# Enable the KDE Plasma Desktop Environment.
# services.displayManager.sddm.enable = true;
# services.displayManager.sddm.wayland.enable = true;
# services.desktopManager.plasma6.enable = true;
# services.displayManager.sddm.theme = "sddm-astronaut-theme";
services.tailscale.enable = true;
# Configure keymap in X11
@@ -101,7 +89,14 @@
# VSCode-Server
programs.nix-ld.enable = true;
programs.nix-ld.libraries = with pkgs; [
stdenv.cc.cc.lib
zlib
glib
libGL
libGLU
openssl
];
# Define a user account. Don't forget to set a password with passwd.
programs.zsh.enable = true;
@@ -110,12 +105,7 @@
description = "rogueking";
extraGroups = [ "networkmanager" "wheel" "docker" ];
shell = pkgs.zsh;
#packages = [ inputs.home-manager.packages.${pkgs.system}.default ];
packages = with pkgs; [
#apps
#cli
# thunderbird
];
packages = with pkgs; [];
};
users.users.cris = {
@@ -123,9 +113,7 @@
description = "cris";
extraGroups = [ "networkmanager" "wheel" "docker" ];
shell = pkgs.zsh;
packages = with pkgs; [
# Add any specific packages for cris if needed
];
packages = with pkgs; [];
};
# Install firefox.
@@ -138,8 +126,6 @@
programs._1password.enable = true;
programs._1password-gui = {
enable = true;
# Certain features, including CLI integration and system authentication support,
# require enabling PolKit integration on some desktop environments (e.g. Plasma).
polkitPolicyOwners = [ "rogueking" ];
};
@@ -167,18 +153,13 @@
nixpkgs.config.permittedInsecurePackages = [
"qtwebengine-5.15.19"
"python3.12-ecdsa-0.19.1"
"python3.12-ecdsa-0.19.1"
];
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
#apps
#cider-2
#guacamole-client
#sddm-astronaut
#cli tools
# Server-specific packages
btop
curl
docker
@@ -201,6 +182,8 @@
tlp
unzip
vim
pkgs-unstable.witr
];
home-manager = {
@@ -210,6 +193,7 @@
inputs
pkgs-unstable
hostname
hostTypes
;
};
users = {
@@ -219,40 +203,5 @@
backupFileExtension = "backup";
};
#home-manager = {
# extraSpecialArgs = { inherit inputs; };
# users = {
# "rogueking" = import ../home-manager/home.nix;
# };
# backupFileExtension = "backup";
#};
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "25.11"; # Did you read the comment?
system.stateVersion = "25.11";
}
hosts/eva-01/configuration.nix
+2 -1
View File
@@ -9,6 +9,7 @@
inputs,
configPath,
hostname,
hostTypes,
...
}:
@@ -199,7 +200,6 @@
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
security.polkit.enable = true;
programs._1password.enable = true;
programs._1password-gui = {
@@ -295,6 +295,7 @@
inputs
pkgs-unstable
hostname
hostTypes
;
};
users = {