mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

oh boy, disko, updates, etc

Browse Source
This commit is contained in:
mjallen18
2025-05-14 13:20:20 -05:00
parent e16e0e82e5
commit 7bdf93a58c
13 changed files with 359 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -1,4 +1,5 @@
hosts/nas/*.conf
hosts/nas/*.users
result
*.raw
.codegpt

198
flake.lock generated
View File

@@ -35,16 +35,16 @@
"authentik-src": {
"flake": false,
"locked": {
"lastModified": 1744135136,
"narHash": "sha256-7wvoCRhLipX4qzrb/ctsozG565yckx+moxiF6vRo84I=",
"lastModified": 1745954192,
"narHash": "sha256-QuIgeu3CN6S44/zSiaj+iIkDz2494mb1MWvD3eYYkVE=",
"owner": "goauthentik",
"repo": "authentik",
"rev": "74eab55c615b156e4191ee98dc789e2d58c016f9",
"rev": "22412729e2379d645da2ac0c0270a0ac6147945e",
"type": "github"
},
"original": {
"owner": "goauthentik",
"ref": "version/2025.2.4",
"ref": "version/2025.4.0",
"repo": "authentik",
"type": "github"
}
@@ -332,11 +332,11 @@
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1717312683,
"narHash": "sha256-FrlieJH50AuvagamEvWMIE6D2OAnERuDboFDYAED/dE=",
"lastModified": 1746162366,
"narHash": "sha256-5SSSZ/oQkwfcAz/o/6TlejlVGqeK08wyREBQ5qFFPhM=",
"owner": "nix-community",
"repo": "flake-compat",
"rev": "38fd3954cf65ce6faf3d0d45cd26059e059f07ea",
"rev": "0f158086a2ecdbb138cd0429410e44994f1b7e4b",
"type": "github"
},
"original": {
@@ -656,7 +656,7 @@
},
"jovian_2": {
"inputs": {
"nix-github-actions": "nix-github-actions_3",
"nix-github-actions": "nix-github-actions_2",
"nixpkgs": [
"steamdeck-chaotic",
"nixpkgs"
@@ -712,15 +712,17 @@
"nixpkgs": [
"nas-nixpkgs"
],
"poetry2nix": "poetry2nix",
"systems": "systems"
"pyproject-build-systems": "pyproject-build-systems",
"pyproject-nix": "pyproject-nix",
"systems": "systems",
"uv2nix": "uv2nix"
},
"locked": {
"lastModified": 1744375272,
"narHash": "sha256-xvWbdTctLu5YWgcp+lNTh51GAY3vB2XEXUFKRMJUiCM=",
"lastModified": 1746874492,
"narHash": "sha256-Gm2Eb5KBxAL6y9WJj7phRMXNAZzVkKlm9Dky9WDZHtQ=",
"owner": "nix-community",
"repo": "authentik-nix",
"rev": "105b3b6c004ce00d1d3c7a88669bea4aadfd4580",
"rev": "2ef24fac993808a1a57f367ef58ac0f5254c3489",
"type": "github"
},
"original": {
@@ -739,11 +741,11 @@
"rust-overlay": "rust-overlay_2"
},
"locked": {
"lastModified": 1746109800,
"narHash": "sha256-sjDpqdvbQaiA6OAsgLE4niz6hmmCpoUH0cl5zyfu6FI=",
"lastModified": 1747134561,
"narHash": "sha256-aMmu9e2uH7rLCuGn46EpjlRRA7ialRK1IZXu53UAR4s=",
"owner": "lilyinstarlight",
"repo": "nixos-cosmic",
"rev": "9fe1aa7b6a1043003b38f36626dd29b52247d720",
"rev": "b5009fbd6ac6f1e550b00c9b8539548d7b678c01",
"type": "github"
},
"original": {
@@ -780,11 +782,11 @@
]
},
"locked": {
"lastModified": 1746040799,
"narHash": "sha256-osgPX/SzIpkR50vev/rqoTEAVkEcOWXoQXmbzsaI4KU=",
"lastModified": 1747147271,
"narHash": "sha256-ORthkM8I3GpWDK/pjOSXPuxWjLJV2AwWERKQCsjPPAk=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "5f217e5a319f6c186283b530f8c975e66c028433",
"rev": "df556f2a17b7b94148d0275c1a57fed20e62ad18",
"type": "github"
},
"original": {
@@ -836,11 +838,11 @@
},
"nas-nixos-hardware": {
"locked": {
"lastModified": 1745955289,
"narHash": "sha256-mmV2oPhQN+YF2wmnJzXX8tqgYmUYXUj3uUUBSTmYN5o=",
"lastModified": 1747129300,
"narHash": "sha256-L3clA5YGeYCF47ghsI7Tcex+DnaaN/BbQ4dR2wzoiKg=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "72081c9fbbef63765ae82bff9727ea79cc86bd5b",
"rev": "e81fd167b33121269149c57806599045fd33eeed",
"type": "github"
},
"original": {
@@ -852,11 +854,11 @@
},
"nas-nixpkgs": {
"locked": {
"lastModified": 1745930157,
"narHash": "sha256-y3h3NLnzRSiUkYpnfvnS669zWZLoqqI6NprtLQ+5dck=",
"lastModified": 1746904237,
"narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "46e634be05ce9dc6d4db8e664515ba10b78151ae",
"rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956",
"type": "github"
},
"original": {
@@ -889,11 +891,11 @@
]
},
"locked": {
"lastModified": 1745310711,
"narHash": "sha256-ePyTpKEJTgX0gvgNQWd7tQYQ3glIkbqcW778RpHlqgA=",
"lastModified": 1746485181,
"narHash": "sha256-PxrrSFLaC7YuItShxmYbMgSuFFuwxBB+qsl9BZUnRvg=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "5e3e92b16d6fdf9923425a8d4df7496b2434f39c",
"rev": "e93ee1d900ad264d65e9701a5c6f895683433386",
"type": "github"
},
"original": {
@@ -946,28 +948,6 @@
}
},
"nix-github-actions_2": {
"inputs": {
"nixpkgs": [
"nas-authentik-nix",
"poetry2nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1729742964,
"narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=",
"owner": "nix-community",
"repo": "nix-github-actions",
"rev": "e04df33f62cdcf93d73e9a04142464753a16db67",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-github-actions",
"type": "github"
}
},
"nix-github-actions_3": {
"inputs": {
"nixpkgs": [
"steamdeck-chaotic",
@@ -990,7 +970,7 @@
"type": "github"
}
},
"nix-github-actions_4": {
"nix-github-actions_3": {
"inputs": {
"nixpkgs": [
"steamdeck-jovian",
@@ -1133,11 +1113,11 @@
},
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1746055187,
"narHash": "sha256-3dqArYSMP9hM7Qpy5YWhnSjiqniSaT2uc5h2Po7tmg0=",
"lastModified": 1746957726,
"narHash": "sha256-k9ut1LSfHCr0AW82ttEQzXVCqmyWVA5+SHJkS5ID/Jo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3e362ce63e16b9572d8c2297c04f7c19ab6725a5",
"rev": "a39ed32a651fdee6842ec930761e31d1f242cb94",
"type": "github"
},
"original": {
@@ -1458,37 +1438,6 @@
"type": "github"
}
},
"poetry2nix": {
"inputs": {
"flake-utils": [
"nas-authentik-nix",
"flake-utils"
],
"nix-github-actions": "nix-github-actions_2",
"nixpkgs": [
"nas-authentik-nix",
"nixpkgs"
],
"systems": [
"nas-authentik-nix",
"systems"
],
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1743690424,
"narHash": "sha256-cX98bUuKuihOaRp8dNV1Mq7u6/CQZWTPth2IJPATBXc=",
"owner": "nix-community",
"repo": "poetry2nix",
"rev": "ce2369db77f45688172384bbeb962bc6c2ea6f94",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "poetry2nix",
"type": "github"
}
},
"pre-commit-hooks-nix": {
"inputs": {
"flake-compat": [
@@ -1570,6 +1519,56 @@
"type": "github"
}
},
"pyproject-build-systems": {
"inputs": {
"nixpkgs": [
"nas-authentik-nix",
"nixpkgs"
],
"pyproject-nix": [
"nas-authentik-nix",
"pyproject-nix"
],
"uv2nix": [
"nas-authentik-nix",
"uv2nix"
]
},
"locked": {
"lastModified": 1744599653,
"narHash": "sha256-nysSwVVjG4hKoOjhjvE6U5lIKA8sEr1d1QzEfZsannU=",
"owner": "pyproject-nix",
"repo": "build-system-pkgs",
"rev": "7dba6dbc73120e15b558754c26024f6c93015dd7",
"type": "github"
},
"original": {
"owner": "pyproject-nix",
"repo": "build-system-pkgs",
"type": "github"
}
},
"pyproject-nix": {
"inputs": {
"nixpkgs": [
"nas-authentik-nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1746146146,
"narHash": "sha256-60+mzI2lbgn+G8F5mz+cmkDvHFn4s5oqcOna1SzYy74=",
"owner": "pyproject-nix",
"repo": "pyproject.nix",
"rev": "3e9623bdd86a3c545e82b7f97cfdba5f07232d9a",
"type": "github"
},
"original": {
"owner": "pyproject-nix",
"repo": "pyproject.nix",
"type": "github"
}
},
"root": {
"inputs": {
"desktop-chaotic": "desktop-chaotic",
@@ -1679,11 +1678,11 @@
]
},
"locked": {
"lastModified": 1746067100,
"narHash": "sha256-6JeEbboDvRjLwB9kzCnmWj+f+ZnMtKOe5c2F1VBpaTs=",
"lastModified": 1747103809,
"narHash": "sha256-a3Yk+CoFmNw7V8J/si/AM8WuI/qTxQhiJpuQ7HFl774=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "026e8fedefd6b167d92ed04b195c658d95ffc7a5",
"rev": "fe36c63649875f391949e8b2ec33949d0cd8aa95",
"type": "github"
},
"original": {
@@ -1794,7 +1793,7 @@
},
"steamdeck-jovian": {
"inputs": {
"nix-github-actions": "nix-github-actions_4",
"nix-github-actions": "nix-github-actions_3",
"nixpkgs": [
"steamdeck-nixpkgs"
]
@@ -1944,25 +1943,28 @@
"type": "github"
}
},
"treefmt-nix": {
"uv2nix": {
"inputs": {
"nixpkgs": [
"nas-authentik-nix",
"poetry2nix",
"nixpkgs"
],
"pyproject-nix": [
"nas-authentik-nix",
"pyproject-nix"
]
},
"locked": {
"lastModified": 1730120726,
"narHash": "sha256-LqHYIxMrl/1p3/kvm2ir925tZ8DkI0KA10djk8wecSk=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "9ef337e492a5555d8e17a51c911ff1f02635be15",
"lastModified": 1746048139,
"narHash": "sha256-LdCLyiihLg6P2/mjzP0+W7RtraDSIaJJPTy6SCtW5Ag=",
"owner": "pyproject-nix",
"repo": "uv2nix",
"rev": "680e2f8e637bc79b84268949d2f2b2f5e5f1d81c",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"owner": "pyproject-nix",
"repo": "uv2nix",
"type": "github"
}
}

17
flake.nix
View File

@@ -463,11 +463,26 @@
# pi4
"pi4" = pi4-nixpkgs.lib.nixosSystem {
# specialArgs = inputs;
specialArgs = {
inherit inputs outputs;
};
system = "aarch64-linux";
modules = [
pi4-disko.nixosModules.disko
./share/disko/disko.nix
pi4-impermanence.nixosModules.impermanence
pi4-sops-nix.nixosModules.sops
./hosts/pi4/configuration.nix
{
disko.imageBuilder = {
enableBinfmt = true;
pkgs = inputs.pi4-nixpkgs.legacyPackages.x86_64-linux;
kernelPackages = inputs.pi4-nixpkgs.legacyPackages.x86_64-linux.linuxPackages_latest;
};
nixpkgs.hostPlatform = "aarch64-linux";
}
#{
# # Hardware specific configuration, see section below for a more complete
# # list of modules
@@ -500,6 +515,8 @@
inherit inputs outputs;
};
modules = [
pi4-disko.nixosModules.disko
./share/disko/disko.nix
steamdeck-impermanence.nixosModules.impermanence
steamdeck-lanzaboote.nixosModules.lanzaboote
./hosts/deck/configuration.nix

2
hosts/deck/boot.nix
View File

@@ -13,7 +13,7 @@ in
enable = true;
configurationLimit = 5;
extraInstallCommands = ''
${pkgs.uutils-coreutils}/bin/echo "timeout 0
${pkgs.uutils-coreutils}/bin/uutils-echo "timeout 0
console-mode 1
default nixos-*" > /boot/loader/loader.conf
'';

4
hosts/deck/configuration.nix
View File

@@ -10,7 +10,7 @@
../default.nix
./boot.nix
./jovian.nix
./hardware-configuration.nix
# ./hardware-configuration.nix
];
nixpkgs.config.allowUnfree = true;
@@ -110,7 +110,7 @@
];
nix-index = {
enable = true;
enableBashIntegration = true;
enableBashIntegration = false;
enableZshIntegration = true;
};
};

1
hosts/default.nix
View File

@@ -156,6 +156,7 @@ in
uutils-coreutils
uutils-diffutils
uutils-findutils
coreutils
update-script
nixd
pinentry-curses

7
hosts/nas/apps.nix
View File

@@ -12,6 +12,7 @@
./apps/lubelogger
./apps/nextcloud
./apps/ollama
./apps/orca
./apps/paperless
./apps/traefik
./apps/wyoming
@@ -23,6 +24,12 @@
manyfold.enable = true;
orca-slicer = {
enable = true;
httpPort = "3100";
httpsPort = "3101";
};
tdarr.enable = true;
};
}

30
hosts/nas/apps/orca/default.nix Normal file
View File

@@ -0,0 +1,30 @@
{
lib,
pkgs,
config,
...
}:
with lib;
let
cfg = config.nas-apps.orca-slicer;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [
"${cfg.httpPort}:3000"
"${cfg.httpsPort}:3001"
];
volumes = [ "${cfg.configPath}:/config" ];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
};
};
};
}

57
hosts/nas/apps/orca/options.nix Normal file
View File

@@ -0,0 +1,57 @@
{ lib, ... }:
with lib;
{
options.nas-apps.orca-slicer = {
enable = mkEnableOption "orca slicer docker service";
autoStart = mkOption {
type = types.bool;
default = true;
};
httpPort = mkOption {
type = types.str;
default = "3000";
};
httpsPort = mkOption {
type = types.str;
default = "3001";
};
name = mkOption {
type = types.str;
default = "orca-slicer";
};
image = mkOption {
type = types.str;
default = "linuxserver/orcaslicer";
};
configPath = mkOption {
type = types.str;
default = "/media/nas/ssd/ssd_app_data/orca-slicer";
};
dataPath = mkOption {
type = types.str;
default = "/media/nas/main/3d_printer";
};
puid = mkOption {
type = types.str;
default = "911";
};
pgid = mkOption {
type = types.str;
default = "1000";
};
timeZone = mkOption {
type = types.str;
default = "America/Chicago";
};
};
}

2
hosts/nas/configuration.nix
View File

@@ -119,7 +119,7 @@
};
nix-index = {
enable = true;
enableBashIntegration = true;
enableBashIntegration = false;
enableZshIntegration = true;
};
};

3
hosts/pi4/configuration.nix
View File

@@ -13,7 +13,8 @@ in
./adguard.nix
./boot.nix
./impermanence.nix
./hardware-configuration.nix
# ./hardware-configuration.nix
# ../../share/disko/default-hardware-config.nix
./networking.nix
./sops.nix
../default.nix

53
share/disko/default-hardware-config.nix Normal file
View File

@@ -0,0 +1,53 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
fileSystems."/" =
{ device = "none";
fsType = "tmpfs";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-label/ESP";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
fileSystems."/nix" =
{ device = "/dev/disk/by-label/btrfs-root";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" "noatime" ];
};
fileSystems."/etc" =
{ device = "/dev/disk/by-label/btrfs-root";
fsType = "btrfs";
options = [ "subvol=etc" "compress=zstd" "noatime" ];
};
fileSystems."/var/log" =
{ device = "/dev/disk/by-label/btrfs-root";
fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" "noatime" ];
};
fileSystems."/root" =
{ device = "/dev/disk/by-label/btrfs-root";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" "noatime" ];
};
fileSystems."/home" =
{ device = "/dev/disk/by-label/btrfs-root";
fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" ];
};
swapDevices = [ ];
}

87
share/disko/disko.nix Normal file
View File

@@ -0,0 +1,87 @@
{ ... }:
let
rootDisk = "/dev/nvme0n1";
in
{
disko.devices.disk.main.imageSize = "32G";
disko.devices = {
nodev."/" = {
fsType = "tmpfs";
mountOptions = [
"mode=755"
"defaults"
"size=2G"
];
};
# root disk setup
disk.main = {
type = "disk";
device = rootDisk;
content = {
type = "gpt";
# specify partitions
partitions = {
# /boot
ESP = {
priority = 1;
name = "ESP";
start = "1M";
end = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
root = {
name = "btrfs-root";
size = "100%";
content = {
type = "btrfs";
extraArgs = [ "-f" ]; # Override existing partition
# Subvolumes must set a mountpoint in order to be mounted,
# unless their parent is mounted
subvolumes = {
"home" = {
mountOptions = [ "compress=zstd" ];
mountpoint = "/home";
};
"root" = {
mountOptions = [
"compress=zstd"
"noatime"
];
mountpoint = "/root";
};
"nix" = {
mountOptions = [
"compress=zstd"
"noatime"
];
mountpoint = "/nix";
};
"etc" = {
mountOptions = [
"compress=zstd"
"noatime"
];
mountpoint = "/etc";
};
"log" = {
mountOptions = [
"compress=zstd"
"noatime"
];
mountpoint = "/var/log";
};
};
};
};
};
};
};
};
}