raphael/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor(hosts/server): adding the format to nix files

Browse source
This commit is contained in:
Raphael 2026-02-28 16:45:16 +01:00
parent 93d7fabef5
commit 5a7b4e41fc
No known key found for this signature in database
3 changed files with 80 additions and 66 deletions
Download patch file Download diff file Expand all files Collapse all files

85
hosts/server/configuration.nix
View file

@ -77,46 +77,49 @@ in
}; };
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages =
age with pkgs;
bat [
cairo age
dconf bat
fastfetch cairo
git dconf
home-manager fastfetch
lego git
libjpeg home-manager
libpng lego
libuuid libjpeg
linux-manual libpng
man libuuid
man-pages linux-manual
man-pages-posix man
networkmanager man-pages
openssl man-pages-posix
pkg-config networkmanager
postgresql openssl
protonup-ng pkg-config
python3 postgresql
python3Packages.pip protonup-ng
qFlipper python3
ripgrep python3Packages.pip
swaylock qFlipper
swaylock-fancy ripgrep
tmux swaylock
unzip swaylock-fancy
vim tmux
wget unzip
wl-clipboard vim
xclip wget
xdg-desktop-portal-hyprland wl-clipboard
xsel xclip
yarn xdg-desktop-portal-hyprland
zsh xsel
] ++ [ yarn
inputs.agenix.packages.${pkgs.system}.agenix zsh
]; ]
++ [
inputs.agenix.packages.${pkgs.system}.agenix
];
# Bootloader. # Bootloader.
boot.loader = { boot.loader = {
@ -139,7 +142,7 @@ in
openssh = { openssh = {
enable = true; enable = true;
ports = [ ports = [
42131 42131
]; ];
}; };
udev.extraRules = '' udev.extraRules = ''

41
hosts/server/hardware-configuration.nix
View file

@ -1,31 +1,42 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }: {
config,
lib,
pkgs,
modulesPath,
...
}:
{ {
imports = imports = [
[ (modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" ]; boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"usbhid"
"sd_mod"
];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems = { fileSystems = {
"/" = { "/" = {
device = "/dev/disk/by-uuid/67b9f544-f7d6-4203-a1ee-3d527f0c4ace"; device = "/dev/disk/by-uuid/67b9f544-f7d6-4203-a1ee-3d527f0c4ace";
fsType = "ext4"; fsType = "ext4";
}; };
"/boot" = { "/boot" = {
device = "/dev/disk/by-uuid/C2ED-90A4"; device = "/dev/disk/by-uuid/C2ED-90A4";
fsType = "vfat"; fsType = "vfat";
options = [ options = [
"fmask=0077" "fmask=0077"
"dmask=0077" "dmask=0077"
]; ];
}; };
"/mnt/data" = { "/mnt/data" = {
device = "/dev/disk/by-uuid/efa8669d-d141-4858-9e66-d3efa9a88816"; device = "/dev/disk/by-uuid/efa8669d-d141-4858-9e66-d3efa9a88816";
fsType = "ext4"; fsType = "ext4";

20
hosts/server/secrets.nix
View file

@ -9,69 +9,69 @@
file = ../../secrets/wireguard-secret.age; file = ../../secrets/wireguard-secret.age;
owner = "root"; owner = "root";
group = "root"; group = "root";
mode = "0400"; mode = "0400";
}; };
age.secrets."mailjet-user" = { age.secrets."mailjet-user" = {
file = ../../secrets/mailjet-user.age; file = ../../secrets/mailjet-user.age;
owner = "root"; owner = "root";
group = "root"; group = "root";
mode = "0400"; mode = "0400";
}; };
age.secrets."mailjet-pass" = { age.secrets."mailjet-pass" = {
file = ../../secrets/mailjet-pass.age; file = ../../secrets/mailjet-pass.age;
owner = "root"; owner = "root";
group = "root"; group = "root";
mode = "0400"; mode = "0400";
}; };
age.secrets."nextcloud-admin-pass" = { age.secrets."nextcloud-admin-pass" = {
file = ../../secrets/nextcloud-admin-pass.age; file = ../../secrets/nextcloud-admin-pass.age;
owner = "nextcloud"; owner = "nextcloud";
group = "nextcloud"; group = "nextcloud";
mode = "0400"; mode = "0400";
}; };
age.secrets."nextcloud-oidc-secret" = { age.secrets."nextcloud-oidc-secret" = {
file = ../../secrets/nextcloud-oidc-secret.age; file = ../../secrets/nextcloud-oidc-secret.age;
owner = "kanidm"; owner = "kanidm";
group = "kanidm"; group = "kanidm";
mode = "0400"; mode = "0400";
}; };
age.secrets."grafana-oidc-secret" = { age.secrets."grafana-oidc-secret" = {
file = ../../secrets/grafana-oidc-secret.age; file = ../../secrets/grafana-oidc-secret.age;
owner = "kanidm"; owner = "kanidm";
group = "grafana"; group = "grafana";
mode = "0440"; mode = "0440";
}; };
age.secrets."forgejo-oidc-secret" = { age.secrets."forgejo-oidc-secret" = {
file = ../../secrets/forgejo-oidc-secret.age; file = ../../secrets/forgejo-oidc-secret.age;
owner = "kanidm"; owner = "kanidm";
group = "forgejo"; group = "forgejo";
mode = "0440"; mode = "0440";
}; };
age.secrets."nextcloud-database" = { age.secrets."nextcloud-database" = {
file = ../../secrets/nextcloud-database.age; file = ../../secrets/nextcloud-database.age;
owner = "nextcloud"; owner = "nextcloud";
group = "nextcloud"; group = "nextcloud";
mode = "0400"; mode = "0400";
}; };
age.secrets."kanidm-admin" = { age.secrets."kanidm-admin" = {
file = ../../secrets/kandim-admin.age; file = ../../secrets/kandim-admin.age;
owner = "kanidm"; owner = "kanidm";
group = "kanidm"; group = "kanidm";
mode = "0400"; mode = "0400";
}; };
age.secrets."kanidm-idmAdmin" = { age.secrets."kanidm-idmAdmin" = {
file = ../../secrets/kandim-idmAdmin.age; file = ../../secrets/kandim-idmAdmin.age;
owner = "kanidm"; owner = "kanidm";
group = "kanidm"; group = "kanidm";
mode = "0400"; mode = "0400";
}; };
} }