From b153246f90ca803cf4f7ca99ba73521099c068a9 Mon Sep 17 00:00:00 2001 From: Asyncnomi Date: Fri, 18 Jul 2025 02:05:41 +0200 Subject: [PATCH] add boot vars, and pass name arg --- flake.lock | 226 ++++++++++++++++++++++++++++++++++ flake.nix | 21 ++-- nodes.nix | 3 +- shared/commons.nix | 1 + shared/commons/basics.nix | 36 ++++-- shared/commons/boot.nix | 11 ++ shared/commons/networking.nix | 2 + 7 files changed, 279 insertions(+), 21 deletions(-) create mode 100644 flake.lock create mode 100644 shared/commons/boot.nix diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..94342b2 --- /dev/null +++ b/flake.lock @@ -0,0 +1,226 @@ +{ + "nodes": { + "agenix": { + "inputs": { + "darwin": "darwin", + "home-manager": "home-manager", + "nixpkgs": "nixpkgs", + "systems": "systems" + }, + "locked": { + "lastModified": 1750173260, + "narHash": "sha256-9P1FziAwl5+3edkfFcr5HeGtQUtrSdk/MksX39GieoA=", + "owner": "ryantm", + "repo": "agenix", + "rev": "531beac616433bac6f9e2a19feb8e99a22a66baf", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, + "darwin": { + "inputs": { + "nixpkgs": [ + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1744478979, + "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "43975d782b418ebf4969e9ccba82466728c2851b", + "type": "github" + }, + "original": { + "owner": "lnl7", + "ref": "master", + "repo": "nix-darwin", + "type": "github" + } + }, + "deploy-rs": { + "inputs": { + "flake-compat": "flake-compat", + "nixpkgs": "nixpkgs_2", + "utils": "utils" + }, + "locked": { + "lastModified": 1749105467, + "narHash": "sha256-hXh76y/wDl15almBcqvjryB50B0BaiXJKk20f314RoE=", + "owner": "serokell", + "repo": "deploy-rs", + "rev": "6bc76b872374845ba9d645a2f012b764fecd765f", + "type": "github" + }, + "original": { + "owner": "serokell", + "repo": "deploy-rs", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1733328505, + "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1745494811, + "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1745391562, + "narHash": "sha256-sPwcCYuiEopaafePqlG826tBhctuJsLx/mhKKM5Fmjo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "8a2f738d9d1f1d986b5a4cd2fd2061a7127237d7", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-25-05": { + "locked": { + "lastModified": 1752620740, + "narHash": "sha256-f3pO+9lg66mV7IMmmIqG4PL3223TYMlnlw+pnpelbss=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "32a4e87942101f1c9f9865e04dc3ddb175f5f32e", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1752480373, + "narHash": "sha256-JHQbm+OcGp32wAsXTE/FLYGNpb+4GLi5oTvCxwSoBOA=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "62e0f05ede1da0d54515d4ea8ce9c733f12d9f08", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1743014863, + "narHash": "sha256-jAIUqsiN2r3hCuHji80U7NNEafpIMBXiwKlSrjWMlpg=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "bd3bac8bfb542dbde7ffffb6987a1a1f9d41699f", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "agenix": "agenix", + "deploy-rs": "deploy-rs", + "nixpkgs-25-05": "nixpkgs-25-05", + "nixpkgs-unstable": "nixpkgs-unstable" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "utils": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix index 467b985..be9aa8f 100644 --- a/flake.nix +++ b/flake.nix @@ -20,19 +20,22 @@ deployPkgs-25-05 = import nixpkgs-25-05 { inherit system; overlays = [ - deploy-rs.overlay.default + deploy-rs.overlays.default (self: super: { deploy-rs = { inherit (pkgs-25-05) deploy-rs; lib = super.deploy-rs.lib; }; }) ]; }; deployPkgs-unstable = import nixpkgs-unstable { inherit system; overlays = [ - deploy-rs.overlay.default + deploy-rs.overlays.default (self: super: { deploy-rs = { inherit (pkgs-unstable) deploy-rs; lib = super.deploy-rs.lib; }; }) ]; }; - nodes = import ./shared/nodes.nix; + getDeployPkgs = ver: if ver == "25-05" then deployPkgs-25-05 else deployPkgs-unstable; + getNixpkgs = ver: if ver == "25-05" then nixpkgs-25-05 else nixpkgs-unstable; + + nodes = import ./nodes.nix; defaultModules = [ ./shared/users.nix @@ -40,6 +43,13 @@ ]; in { + nixosConfigurations = builtins.mapAttrs (name: config: + (getNixpkgs config.ver).lib.nixosSystem { + system = config.system; + modules = config.modules ++ defaultModules ++ [{ hostName = ${name}; }]; + } + ) nodes; + deploy = { user = "root"; autoRollback = true; @@ -51,10 +61,7 @@ profilesOrder = [ "system" ]; profiles = { system = { - path = "deployPkgs-${config.ver}".deploy-rs.lib.activate.nixos "nixpkgs-${config.ver}".lib.nixosSystem { - system = config.system; - modules = config.modules ++ defaultModules; - }; + path = (getDeployPkgs config.ver).deploy-rs.lib.activate.nixos self.nixosConfigurations.${name}; }; }; }; diff --git a/nodes.nix b/nodes.nix index 4abdb40..dfaee67 100644 --- a/nodes.nix +++ b/nodes.nix @@ -5,10 +5,11 @@ modules = [ ./shared/bastion.nix ]; - + ip4 = "193.48.225.150/24"; gIp4 = "193.48.225.254/24"; dev = "ens18"; + grubDevice = "/dev/sda"; }; } \ No newline at end of file diff --git a/shared/commons.nix b/shared/commons.nix index a1bcfec..0508059 100755 --- a/shared/commons.nix +++ b/shared/commons.nix @@ -2,6 +2,7 @@ { # Import dependencies imports = [ + ./commons/boot.nix ./commons/basics.nix ./commons/ssh.nix ./commons/sudo.nix diff --git a/shared/commons/basics.nix b/shared/commons/basics.nix index 15da60d..ec8daef 100644 --- a/shared/commons/basics.nix +++ b/shared/commons/basics.nix @@ -1,19 +1,29 @@ { pkgs, ... }: { - nix.settings.experimental-features = [ "nix-command" "flakes" ]; + options.hostName = lib.mkOption { + type = lib.types.str; + default = "you-forgot-to-give-me-a-name-you-moron"; + description = "hostName"; + }; - # Global packages - environment.systemPackages = with pkgs; [ - #(callPackage "${builtins.fetchTarball {url = "https://github.com/ryantm/agenix/archive/main.tar.gz"; sha256 = "103slb8xy5sb68zxjjbb9d0svq8xz751a7yrg6vrz5rh4374bzgl";}}/pkgs/agenix.nix" {}) - bmon - tcpdump - htop - conntrack-tools - mtr - dig - molly-guard - fastfetch - ]; + config = { + hostName = "awendap"; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + # Global packages + environment.systemPackages = with pkgs; [ + bmon + tcpdump + htop + conntrack-tools + mtr + dig + molly-guard + fastfetch + curl + wget + ]; + }; } \ No newline at end of file diff --git a/shared/commons/boot.nix b/shared/commons/boot.nix new file mode 100644 index 0000000..d7b5392 --- /dev/null +++ b/shared/commons/boot.nix @@ -0,0 +1,11 @@ +{ ... }: + +let + # Import nodes + nodes = import ./../../nodes.nix; + myNode = nodes."${config.hostName}"; +in +{ + boot.loader.grub.enable = true; + boot.loader.grub.device = myNode.grubDevice; +} \ No newline at end of file diff --git a/shared/commons/networking.nix b/shared/commons/networking.nix index a201f45..d534e76 100644 --- a/shared/commons/networking.nix +++ b/shared/commons/networking.nix @@ -17,6 +17,8 @@ let route6 = if supportsIPv6 myNode then [{ Gateway = myNode.gIp6; }] else []; in { + networking.hostName = config.hostName; + systemd.network.enable = true; networking.useNetworkd = true; networking.useDHCP = false;