refactor nixos hosts

This commit is contained in:
Sean Buckley 2021-04-10 12:55:17 -04:00
parent 8f75961458
commit ba35b789b8
10 changed files with 156 additions and 120 deletions

View file

@ -8,5 +8,10 @@
config = { sconfig.flakes.enable = true; }; config = { sconfig.flakes.enable = true; };
}; };
nixosConfigurations = import ./hosts { inherit unstable stable2009; }; nixosConfigurations = import ./hosts { inherit unstable stable2009; };
defaultPackage."x86_64-linux" =
with (import unstable { system = "x86_64-linux"; });
(writeShellScriptBin "x" "cat ${writeText "x" self.nixosConfigurations.test}");
}; };
} }

View file

@ -1,34 +1,45 @@
{ unstable, stable2009 }: { unstable, stable2009 }:
let let
commonModules = name: [ hostMetadata =
(../.) let
(./. + "/${name}") inherit (builtins) readDir concatMap attrNames;
fs = readDir ./.;
hostNames = concatMap (x: if fs.${x} == "directory" then [ x ] else [ ]) (attrNames fs);
in
map
(hn: { name = hn; inherit (import (./. + "/${hn}")) hardware pkgs system; })
hostNames;
hardwareModule = { pkgs, hardware }: (
{
qemu = (x: { imports = [ "${x.modulesPath}/profiles/qemu-guest.nix" ]; });
physical = pkgs.nixosModules.notDetected;
}
).${hardware};
in
builtins.listToAttrs (
map
(h:
let pkgs = { inherit unstable stable2009; }.${h.pkgs};
in
{
name = h.name;
value = pkgs.lib.nixosSystem {
system = h.system;
modules = [
(./..)
(./. + "/${h.name}/configuration.nix")
(hardwareModule { inherit pkgs; inherit (h) hardware; })
({ ... }: { ({ ... }: {
networking.hostName = name; networking.hostName = h.name;
sconfig.flakes.enable = true; sconfig.flakes.enable = true;
sconfig.flakes.rebuildPath = "github:buckley310/nixos-config"; sconfig.flakes.rebuildPath = "github:buckley310/nixos-config";
}) })
]; ];
mkStandardSystem = { name, pkgs, system }: pkgs.lib.nixosSystem {
inherit system;
modules = (commonModules name) ++ [
pkgs.nixosModules.notDetected
];
}; };
mkQemuSystem = { name, pkgs, system }: pkgs.lib.nixosSystem {
inherit system;
modules = (commonModules name) ++ [
(x: { imports = [ "${x.modulesPath}/profiles/qemu-guest.nix" ]; })
];
};
in
{
vm = mkQemuSystem { name = "vm"; system = "x86_64-linux"; pkgs = unstable; };
hp = mkStandardSystem { name = "hp"; system = "x86_64-linux"; pkgs = unstable; };
manta = mkStandardSystem { name = "manta"; system = "x86_64-linux"; pkgs = unstable; };
neo = mkStandardSystem { name = "neo"; system = "x86_64-linux"; pkgs = unstable; };
} }
)
hostMetadata
)

View file

@ -0,0 +1,30 @@
{ ... }:
{
services = {
tlp.enable = true;
openssh.enable = true;
};
sconfig = {
gnome = true;
profile = "desktop";
security-tools = true;
};
networking = {
search = [ "bck.me" ];
};
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = false;
};
fileSystems = {
"/" = { device = "zroot/locker/os"; fsType = "zfs"; };
"/home" = { device = "zroot/locker/home"; fsType = "zfs"; };
"/boot" = { device = "/dev/disk/by-partlabel/EFI\\x20system\\x20partition"; fsType = "vfat"; };
};
system.stateVersion = "20.09";
}

View file

@ -1,30 +1,5 @@
{ ... }:
{ {
services = { pkgs = "unstable";
tlp.enable = true; system = "x86_64-linux";
openssh.enable = true; hardware = "physical";
};
sconfig = {
gnome = true;
profile = "desktop";
security-tools = true;
};
networking = {
search = [ "bck.me" ];
};
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = false;
};
fileSystems = {
"/" = { device = "zroot/locker/os"; fsType = "zfs"; };
"/home" = { device = "zroot/locker/home"; fsType = "zfs"; };
"/boot" = { device = "/dev/disk/by-partlabel/EFI\\x20system\\x20partition"; fsType = "vfat"; };
};
system.stateVersion = "20.09";
} }

View file

@ -0,0 +1,29 @@
{ pkgs, ... }:
{
environment.systemPackages = [ pkgs.vmware-horizon-client ];
services.tlp.enable = true;
services.openssh.enable = true;
networking.search = [ "bck.me" ];
sconfig = {
profile = "desktop";
gnome = true;
security-tools = true;
};
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
initrd.luks.devices.cryptroot = { device = "/dev/disk/by-partlabel/_root"; allowDiscards = true; };
};
fileSystems = {
"/" = { device = "/dev/mapper/cryptroot"; fsType = "btrfs"; options = [ "subvol=/os" "compress=zstd" "discard" ]; };
"/home" = { device = "/dev/mapper/cryptroot"; fsType = "btrfs"; options = [ "subvol=/home" "compress=zstd" "discard" ]; };
"/boot" = { device = "/dev/disk/by-partlabel/_esp"; fsType = "vfat"; };
};
system.stateVersion = "20.09";
}

View file

@ -1,29 +1,5 @@
{ pkgs, ... }:
{ {
environment.systemPackages = [ pkgs.vmware-horizon-client ]; pkgs = "unstable";
system = "x86_64-linux";
services.tlp.enable = true; hardware = "physical";
services.openssh.enable = true;
networking.search = [ "bck.me" ];
sconfig = {
profile = "desktop";
gnome = true;
security-tools = true;
};
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
initrd.luks.devices.cryptroot = { device = "/dev/disk/by-partlabel/_root"; allowDiscards = true; };
};
fileSystems = {
"/" = { device = "/dev/mapper/cryptroot"; fsType = "btrfs"; options = [ "subvol=/os" "compress=zstd" "discard" ]; };
"/home" = { device = "/dev/mapper/cryptroot"; fsType = "btrfs"; options = [ "subvol=/home" "compress=zstd" "discard" ]; };
"/boot" = { device = "/dev/disk/by-partlabel/_esp"; fsType = "vfat"; };
};
system.stateVersion = "20.09";
} }

View file

@ -0,0 +1,34 @@
{ pkgs, ... }:
{
sconfig = {
gnome = true;
profile = "desktop";
security-tools = true;
};
networking = {
search = [ "bck.me" ];
};
environment.systemPackages = [ pkgs.vmware-horizon-client ];
services = {
pcscd.enable = true;
openssh.enable = true;
zfs.autoSnapshot = { enable = true; monthly = 0; weekly = 0; };
};
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
kernelPackages = pkgs.linuxPackages_5_10;
};
fileSystems = {
"/" = { device = "zroot/locker/os"; fsType = "zfs"; };
"/home" = { device = "zroot/locker/home"; fsType = "zfs"; };
"/boot" = { device = "/dev/disk/by-partlabel/_esp"; fsType = "vfat"; };
};
system.stateVersion = "20.09";
}

View file

@ -1,34 +1,5 @@
{ pkgs, ... }:
{ {
sconfig = { pkgs = "unstable";
gnome = true; system = "x86_64-linux";
profile = "desktop"; hardware = "physical";
security-tools = true;
};
networking = {
search = [ "bck.me" ];
};
environment.systemPackages = [ pkgs.vmware-horizon-client ];
services = {
pcscd.enable = true;
openssh.enable = true;
zfs.autoSnapshot = { enable = true; monthly = 0; weekly = 0; };
};
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
kernelPackages = pkgs.linuxPackages_5_10;
};
fileSystems = {
"/" = { device = "zroot/locker/os"; fsType = "zfs"; };
"/home" = { device = "zroot/locker/home"; fsType = "zfs"; };
"/boot" = { device = "/dev/disk/by-partlabel/_esp"; fsType = "vfat"; };
};
system.stateVersion = "20.09";
} }

View file

@ -0,0 +1,7 @@
{ ... }:
{
sconfig.profile = "server";
boot.loader.grub.device = "/dev/vda";
fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; };
security.sudo.wheelNeedsPassword = false;
}

View file

@ -1,7 +1,5 @@
{ ... }:
{ {
sconfig.profile = "server"; pkgs = "unstable";
boot.loader.grub.device = "/dev/vda"; system = "x86_64-linux";
fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; }; hardware = "qemu";
security.sudo.wheelNeedsPassword = false;
} }