chn/nixos
1
0
Fork 0
mirror of https://github.com/CHN-beta/nixos.git synced 2024-10-24 04:48:54 +08:00
Code Issues Packages Projects Releases Wiki Activity
59ead7ad36
nixos/flake.nix

755 lines
23 KiB
Nix
Raw Normal View History

do not link include
2023-07-08 16:56:36 +08:00
{
description = "CNH's NixOS Flake";
暂存
2023-07-08 16:26:12 +08:00
do not link include
2023-07-08 16:56:36 +08:00
inputs =
{
switch to unstable branch
2023-08-12 01:03:55 +08:00
nixpkgs.url = "github:CHN-beta/nixpkgs/nixos-unstable";
do not link include
2023-07-08 16:56:36 +08:00
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-23.05";
flake-utils.url = "github:numtide/flake-utils";
整理 lock
2023-07-11 10:05:16 +08:00
flake-utils-plus =
{
url = "github:gytis-ivaskevicius/flake-utils-plus";
inputs.flake-utils.follows = "flake-utils";
};
do not link include
2023-07-08 16:56:36 +08:00
flake-compat = { url = "github:edolstra/flake-compat"; flake = false; };
disable ccache libreoffice enable nixd
2023-07-15 19:12:15 +08:00
flake-parts =
{
url = "github:hercules-ci/flake-parts";
inputs.nixpkgs-lib.follows = "nixpkgs";
};
do not link include
2023-07-08 16:56:36 +08:00
nvfetcher =
{
url = "github:berberman/nvfetcher";
inputs =
{
nixpkgs.follows = "nixpkgs";
flake-utils.follows = "flake-utils";
flake-compat.follows = "flake-compat";
};
};
home-manager = { url = "github:nix-community/home-manager/master"; inputs.nixpkgs.follows = "nixpkgs"; };
sops-nix =
{
url = "github:Mic92/sops-nix";
inputs = { nixpkgs.follows = "nixpkgs"; nixpkgs-stable.follows = "nixpkgs-stable"; };
};
touchix = { url = "github:CHN-beta/touchix"; inputs.nixpkgs.follows = "nixpkgs"; };
aagl =
{
url = "github:ezKEa/aagl-gtk-on-nix";
inputs = { nixpkgs.follows = "nixpkgs"; flake-compat.follows = "flake-compat"; };
};
nix-index-database = { url = "github:Mic92/nix-index-database"; inputs.nixpkgs.follows = "nixpkgs"; };
nur.url = "github:nix-community/NUR";
nixos-cn =
{
url = "github:nixos-cn/flakes";
inputs = { nixpkgs.follows = "nixpkgs"; flake-utils.follows = "flake-utils"; };
};
nur-xddxdd =
{
url = "github:xddxdd/nur-packages";
整理 lock
2023-07-11 10:05:16 +08:00
inputs =
{
flake-utils.follows = "flake-utils";
nixpkgs.follows = "nixpkgs-stable";
flake-utils-plus.follows = "flake-utils-plus";
};
do not link include
2023-07-08 16:56:36 +08:00
};
nix-vscode-extensions =
{
url = "github:nix-community/nix-vscode-extensions";
inputs =
{
nixpkgs.follows = "nixpkgs";
flake-utils.follows = "flake-utils";
flake-compat.follows = "flake-compat";
};
};
nix-alien =
{
url = "github:thiagokokada/nix-alien";
inputs =
{
flake-compat.follows = "flake-compat";
flake-utils.follows = "flake-utils";
nix-index-database.follows = "nix-index-database";
};
};
impermanence.url = "github:nix-community/impermanence";
qchem =
{
url = "github:Nix-QChem/NixOS-QChem";
inputs.nixpkgs.follows = "nixpkgs";
};
update intput
2023-08-20 10:41:01 +08:00
nixd.url = "github:nix-community/nixd";
add send
2023-08-13 19:42:41 +08:00
napalm =
{
url = "github:nix-community/napalm";
inputs =
{
nixpkgs.follows = "nixpkgs";
flake-utils.follows = "flake-utils";
};
};
update intput
2023-08-20 10:41:01 +08:00
nixpak =
{
url = "github:nixpak/nixpak";
inputs.nixpkgs.follows = "nixpkgs";
};
do not link include
2023-07-08 16:56:36 +08:00
};
暂存
2023-07-08 16:26:12 +08:00
do not link include
2023-07-08 16:56:36 +08:00
outputs = inputs:
let
整理 local
2023-07-21 21:57:06 +08:00
localLib = import ./local/lib inputs.nixpkgs.lib;
do not link include
2023-07-08 16:56:36 +08:00
in
enable nix-alien
2023-06-13 13:50:37 +08:00
{
add toplevel virtual package
2023-08-16 01:33:29 +08:00
packages.x86_64-linux.default = inputs.nixpkgs.legacyPackages.x86_64-linux.stdenv.mkDerivation
{
add nas and xmupc1
2023-08-16 02:34:22 +08:00
name = "systems";
add toplevel virtual package
2023-08-16 01:33:29 +08:00
propagateBuildInputs = builtins.map
(system: inputs.self.outputs.nixosConfigurations.${system}.config.system.build.toplevel)
add nas and xmupc1
2023-08-16 02:34:22 +08:00
[ "chn-PC" "vps6" "vps4" "vps7" "nas" "xmupc1" ];
add toplevel virtual package
2023-08-16 01:33:29 +08:00
phases = [ "installPhase" ];
installPhase = localLib.stripeTabs
''
runHook preInstall
mkdir -p $out
runHook postInstall
'';
};
do not link include
2023-07-08 16:56:36 +08:00
nixosConfigurations =
enable nix-alien
2023-06-13 13:50:37 +08:00
{
do not link include
2023-07-08 16:56:36 +08:00
"chn-PC" = inputs.nixpkgs.lib.nixosSystem
{
system = "x86_64-linux";
整理 local
2023-07-21 21:57:06 +08:00
specialArgs = { topInputs = inputs; inherit localLib; };
暂存
2023-07-27 22:24:01 +08:00
modules = localLib.mkModules
do not link include
2023-07-08 16:56:36 +08:00
[
暂存
2023-07-27 22:24:01 +08:00
(inputs: { config.nixpkgs.overlays = [(final: prev: { localPackages =
(import ./local/pkgs { inherit (inputs) lib; pkgs = final; });})]; })
./modules
(inputs: { config.nixos =
{
fileSystems =
do not link include
2023-07-08 16:56:36 +08:00
{
暂存
2023-07-27 22:24:01 +08:00
mount =
{
vfat."/dev/disk/by-uuid/3F57-0EBE" = "/boot/efi";
btrfs =
{
"/dev/disk/by-uuid/02e426ec-cfa2-4a18-b3a5-57ef04d66614"."/" = "/boot";
"/dev/mapper/root" = { "/nix" = "/nix"; "/nix/rootfs/current" = "/"; };
};
};
decrypt.auto =
{
"/dev/disk/by-uuid/55fdd19f-0f1d-4c37-bd4e-6df44fc31f26" = { mapper = "root"; ssd = true; };
"/dev/md/swap" = { mapper = "swap"; ssd = true; before = [ "root" ]; };
};
mdadm =
"ARRAY /dev/md/swap metadata=1.2 name=chn-PC:swap UUID=2b546b8d:e38007c8:02990dd1:df9e23a4";
swap = [ "/dev/mapper/swap" ];
resume = "/dev/mapper/swap";
rollingRootfs = { device = "/dev/mapper/root"; path = "/nix/rootfs"; };
do not link include
2023-07-08 16:56:36 +08:00
};
暂存
2023-07-27 22:24:01 +08:00
kernel =
{
patches = [ "cjktty" "preempt" ];
modules.modprobeConfig = [ "options iwlmvm power_scheme=1" "options iwlwifi uapsd_disable=1" ];
};
hardware =
{
cpus = [ "intel" ];
gpus = [ "intel" "nvidia" ];
bluetooth.enable = true;
joystick.enable = true;
printer.enable = true;
sound.enable = true;
prime =
{ enable = true; mode = "offload"; busId = { intel = "PCI:0:2:0"; nvidia = "PCI:1:0:0"; };};
};
packages =
{
packageSet = "workstation";
add clang-git
2023-08-18 13:24:42 +08:00
extraPrebuildPackages = with inputs.pkgs; [ localPackages.oneapi llvmPackages_git.stdenv ];
暂存
2023-07-27 22:24:01 +08:00
extraPythonPackages = [(pythonPackages:
[ inputs.pkgs.localPackages.upho inputs.pkgs.localPackages.spectral ])];
};
fix ssh
2023-08-01 11:22:30 +08:00
boot.grub =
暂存
2023-07-27 22:24:01 +08:00
{
fix ssh
2023-08-01 11:22:30 +08:00
windowsEntries = { "7317-1DB6" = "Windows"; "7321-FA9C" = "Windows for malware"; };
installDevice = "efi";
暂存
2023-07-27 22:24:01 +08:00
};
system =
{
hostname = "chn-PC";
march = "alderlake";
allow more march
2023-08-05 19:32:34 +08:00
extraMarch =
[
# CX16
"sandybridge"
init nas
2023-08-16 02:16:27 +08:00
# CX16 SAHF FXSR
"silvermont"
allow more march
2023-08-05 19:32:34 +08:00
# RDSEED MWAITX SHA CLZERO CX16 SSE4A ABM CLFLUSHOPT WBNOINVD
"znver2" "znver3"
];
暂存
2023-07-27 22:24:01 +08:00
gui.enable = true;
bootstrap do not keep output
2023-07-31 21:55:15 +08:00
keepOutputs = true;
暂存
2023-07-27 22:24:01 +08:00
};
virtualization =
{
waydroid.enable = true;
docker.enable = true;
kvmHost = { enable = true; gui = true; autoSuspend = [ "win10" "hardconnect" ]; };
# kvmGuest.enable = true;
add fedora
2023-08-05 11:50:18 +08:00
nspawn = [ "arch" "ubuntu-22.04" "fedora" ];
暂存
2023-07-27 22:24:01 +08:00
};
services =
{
impermanence.enable = true;
snapper = { enable = true; configs.persistent = "/nix/persistent"; };
fontconfig.enable = true;
sops = { enable = true; keyPathPrefix = "/nix/persistent"; };
samba =
尝试修复 x0rg
2023-07-25 20:06:07 +08:00
{
暂存
2023-07-27 22:24:01 +08:00
enable = true;
private = true;
hostsAllowed = "192.168. 127.";
shares =
整理文件系统的配置
2023-07-09 12:39:03 +08:00
{
暂存
2023-07-27 22:24:01 +08:00
media.path = "/run/media/chn";
home.path = "/home/chn";
mnt.path = "/mnt";
share.path = "/home/chn/share";
};
};
sshd.enable = true;
xrayClient =
{
enable = true;
xray 使用明文服务器地址
2023-08-10 20:14:41 +08:00
serverAddress = "74.211.99.69";
serverName = "vps6.xserver.chn.moe";
暂存
2023-07-27 22:24:01 +08:00
dns =
{
extraInterfaces = [ "docker0" ];
hosts =
整理services
2023-07-25 23:33:37 +08:00
{
暂存
2023-07-27 22:24:01 +08:00
"mirism.one" = "216.24.188.24";
"beta.mirism.one" = "216.24.188.24";
"ng01.mirism.one" = "216.24.188.24";
"debug.mirism.one" = "127.0.0.1";
add initrd.vps6.chn.moe
2023-08-11 02:31:59 +08:00
"initrd.vps6.chn.moe" = "74.211.99.69";
add rsshub
2023-08-14 21:40:01 +08:00
"nix-store.chn.moe" = "127.0.0.1";
整理services
2023-07-25 23:33:37 +08:00
};
整理很多内容
2023-07-27 11:05:14 +08:00
};
暂存
2023-07-27 22:24:01 +08:00
};
docker shoud set firewall
2023-08-14 23:51:07 +08:00
firewall.trustedInterfaces = [ "virbr0" "waydroid0" ];
try to enable acme
2023-08-04 20:07:57 +08:00
acme =
{
enable = true;
certs = [ "debug.mirism.one" ];
};
add frp
2023-08-07 21:16:49 +08:00
frpClient =
{
enable = true;
serverName = "frp.chn.moe";
user = "pc";
nix-store compress at local
2023-08-14 14:24:39 +08:00
tcp.store = { localPort = 443; remotePort = 7676; };
add frp
2023-08-07 21:16:49 +08:00
};
nix-serve enable nginx proxy
2023-08-14 13:55:27 +08:00
nix-serve = { enable = true; hostname = "nix-store.chn.moe"; };
enable smartd
2023-08-10 10:15:21 +08:00
smartd.enable = true;
enable nginx for PC
2023-08-14 13:59:32 +08:00
nginx = { enable = true; transparentProxy.enable = false; };
enable postgresql
2023-08-14 17:07:57 +08:00
postgresql.enable = true;
暂存
2023-07-27 22:24:01 +08:00
};
add xmunet fix
2023-07-27 23:14:44 +08:00
bugs =
[
"intel-hdmi" "suspend-hibernate-no-platform" "hibernate-iwlwifi" "suspend-lid-no-wakeup" "xmunet"
move fix of embree into bugs
2023-08-18 03:41:44 +08:00
"suspend-hibernate-waydroid" "embree"
add xmunet fix
2023-07-27 23:14:44 +08:00
];
暂存
2023-07-27 22:24:01 +08:00
};})
do not link include
2023-07-08 16:56:36 +08:00
];
};
增加 vps6 的初始配置用于测试
2023-07-28 20:06:44 +08:00
# 安装一个带加密、不带 impermanence 的系统
# 增加 impermanence
# 增加 initrd 中的网络
# 使用 yubikey 解锁
bootstrap do not keep output
2023-07-31 21:55:15 +08:00
# nix-serve -p 5000
改正 bootstrap 的挂载
2023-07-31 21:40:07 +08:00
# nix copy --substitute-on-destination --to ssh://server /run/current-system
# nix copy --to ssh://nixos@192.168.122.56 ./result
# sudo nixos-install --flake .#bootstrap
# --option substituters http://192.168.122.1:5000 --option require-sigs false
bootstrap do not keep output
2023-07-31 21:55:15 +08:00
# sudo chattr -i var/empty
add sops for vps6
2023-07-31 22:14:31 +08:00
# nix-shell -p ssh-to-age --run 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'
run roll-rootfs before sysroot.mount
2023-07-31 23:32:19 +08:00
# sudo nixos-rebuild switch --flake .#vps6 --log-format internal-json -v |& nom --json
add dracut
2023-08-01 01:33:00 +08:00
# boot.shell_on_fail systemd.setenv=SYSTEMD_SULOGIN_FORCE=1
longer wait time for manually unlocked device
2023-08-01 16:09:26 +08:00
# sudo usbipd
# ssh -R 3240:127.0.0.1:3240 root@192.168.122.57
fix decrypt manual
2023-08-01 16:14:58 +08:00
# modprobe vhci-hcd
longer wait time for manually unlocked device
2023-08-01 16:09:26 +08:00
# sudo usbip bind -b 3-6
# usbip attach -r 127.0.0.1 -b 3-6
# systemd-cryptenroll --fido2-device=auto /dev/vda2
# systemd-cryptsetup attach root /dev/vda2
add vps6
2023-07-31 22:20:22 +08:00
"vps6" = inputs.nixpkgs.lib.nixosSystem
{
system = "x86_64-linux";
specialArgs = { topInputs = inputs; inherit localLib; };
modules = localLib.mkModules
[
(inputs: { config.nixpkgs.overlays = [(final: prev: { localPackages =
(import ./local/pkgs { inherit (inputs) lib; pkgs = final; });})]; })
./modules
(inputs: { config.nixos =
{
fileSystems =
{
mount =
{
btrfs =
{
fix vps6 config
2023-08-03 17:57:38 +08:00
"/dev/disk/by-uuid/24577c0e-d56b-45ba-8b36-95a848228600"."/boot" = "/boot";
add vps6
2023-07-31 22:20:22 +08:00
"/dev/mapper/root" = { "/nix" = "/nix"; "/nix/rootfs/current" = "/"; };
};
};
暂存
2023-08-01 22:40:09 +08:00
decrypt.manual =
{
enable = true;
fix vps6 config
2023-08-03 17:57:38 +08:00
devices."/dev/disk/by-uuid/4f8aca22-9ec6-4fad-b21a-fd9d8d0514e8" = { mapper = "root"; ssd = true; };
fix manual decrypt
2023-08-02 14:24:25 +08:00
delayedMount = [ "/" ];
暂存
2023-08-01 22:40:09 +08:00
};
add swap for vps6
2023-08-03 18:03:09 +08:00
swap = [ "/nix/swap/swap" ];
add vps6
2023-07-31 22:20:22 +08:00
rollingRootfs = { device = "/dev/mapper/root"; path = "/nix/rootfs"; };
};
fix vps4 config
2023-08-13 13:21:54 +08:00
packages.packageSet = "server";
add vps6
2023-07-31 22:20:22 +08:00
services =
{
impermanence.enable = true;
snapper = { enable = true; configs.persistent = "/nix/persistent"; };
sops = { enable = true; keyPathPrefix = "/nix/persistent"; };
sshd.enable = true;
enable xray server for vps6
2023-08-10 19:41:33 +08:00
xrayServer = { enable = true; serverName = "vps6.xserver.chn.moe"; };
add frp
2023-08-07 21:16:49 +08:00
frpServer = { enable = true; serverName = "frp.chn.moe"; };
enabel nginx transparent proxy for vps6
2023-08-10 17:50:08 +08:00
nginx =
{
fix nginx config
2023-08-13 21:11:48 +08:00
enable = true;
enabel nginx transparent proxy for vps6
2023-08-10 17:50:08 +08:00
transparentProxy =
{
enable xray server for vps6
2023-08-10 19:41:33 +08:00
externalIp = "74.211.99.69";
enabel nginx transparent proxy for vps6
2023-08-10 17:50:08 +08:00
map =
{
使用 xray reality
2023-08-12 23:58:18 +08:00
"ng01.mirism.one" = 7411;
"beta.mirism.one" = 9114;
nix-store compress at local
2023-08-14 14:24:39 +08:00
"nix-store.chn.moe" = 7676;
enabel nginx transparent proxy for vps6
2023-08-10 17:50:08 +08:00
};
add nginx httpProxy
2023-08-12 11:58:01 +08:00
};
enabel nginx transparent proxy for vps6
2023-08-10 17:50:08 +08:00
};
add vps6
2023-07-31 22:20:22 +08:00
};
fix ssh
2023-08-01 11:22:30 +08:00
boot =
{
fix vps6 config
2023-08-03 17:57:38 +08:00
grub.installDevice = "/dev/disk/by-path/pci-0000:00:05.0-scsi-0:0:0:0";
fix network in initrd
2023-08-01 13:05:10 +08:00
network.enable = true;
fix manual decrypt
2023-08-02 14:24:25 +08:00
sshd = { enable = true; hostKeys = [ "/nix/persistent/etc/ssh/initrd_ssh_host_ed25519_key" ]; };
fix ssh
2023-08-01 11:22:30 +08:00
};
vps6 use march
2023-08-05 09:40:10 +08:00
system = { hostname = "vps6"; march = "sandybridge"; };
add vps6
2023-07-31 22:20:22 +08:00
};})
];
};
init for vps4 and vps7
2023-08-06 18:52:32 +08:00
"vps4" = inputs.nixpkgs.lib.nixosSystem
{
system = "x86_64-linux";
specialArgs = { topInputs = inputs; inherit localLib; };
modules = localLib.mkModules
[
(inputs: { config.nixpkgs.overlays = [(final: prev: { localPackages =
(import ./local/pkgs { inherit (inputs) lib; pkgs = final; });})]; })
./modules
(inputs: { config.nixos =
{
fileSystems =
{
mount =
{
btrfs =
{
fix vps4 config
2023-08-13 13:21:54 +08:00
"/dev/disk/by-uuid/a6460ff0-b6aa-4c1c-a546-8ad0d495bcf8"."/boot" = "/boot";
init for vps4 and vps7
2023-08-06 18:52:32 +08:00
"/dev/mapper/root" = { "/nix" = "/nix"; "/nix/rootfs/current" = "/"; };
};
};
decrypt.manual =
{
enable = true;
fix vps4 config
2023-08-13 13:21:54 +08:00
devices."/dev/disk/by-uuid/46e59fc7-7bb1-4534-bbe4-b948a9a8eeda" = { mapper = "root"; ssd = true; };
init for vps4 and vps7
2023-08-06 18:52:32 +08:00
delayedMount = [ "/" ];
};
swap = [ "/nix/swap/swap" ];
rollingRootfs = { device = "/dev/mapper/root"; path = "/nix/rootfs"; };
};
fix vps4 config
2023-08-13 13:21:54 +08:00
packages.packageSet = "server";
init for vps4 and vps7
2023-08-06 18:52:32 +08:00
services =
{
impermanence.enable = true;
snapper = { enable = true; configs.persistent = "/nix/persistent"; };
sops = { enable = true; keyPathPrefix = "/nix/persistent"; };
sshd.enable = true;
};
boot =
{
fix vps4 config
2023-08-13 13:21:54 +08:00
grub.installDevice = "/dev/disk/by-path/pci-0000:00:04.0";
init for vps4 and vps7
2023-08-06 18:52:32 +08:00
network.enable = true;
sshd = { enable = true; hostKeys = [ "/nix/persistent/etc/ssh/initrd_ssh_host_ed25519_key" ]; };
};
system = { hostname = "vps4"; march = "znver3"; };
};})
];
};
"vps7" = inputs.nixpkgs.lib.nixosSystem
{
system = "x86_64-linux";
specialArgs = { topInputs = inputs; inherit localLib; };
modules = localLib.mkModules
[
(inputs: { config.nixpkgs.overlays = [(final: prev: { localPackages =
(import ./local/pkgs { inherit (inputs) lib; pkgs = final; });})]; })
./modules
(inputs: { config.nixos =
{
fileSystems =
{
mount =
{
btrfs =
{
fix config for vps7
2023-08-14 15:57:42 +08:00
"/dev/disk/by-uuid/e36287f7-7321-45fa-ba1e-d126717a65f0"."/boot" = "/boot";
init for vps4 and vps7
2023-08-06 18:52:32 +08:00
"/dev/mapper/root" = { "/nix" = "/nix"; "/nix/rootfs/current" = "/"; };
};
};
decrypt.manual =
{
enable = true;
fix config for vps7
2023-08-14 15:57:42 +08:00
devices."/dev/disk/by-uuid/db48c8de-bcf7-43ae-a977-60c4f390d5c4" = { mapper = "root"; ssd = true; };
init for vps4 and vps7
2023-08-06 18:52:32 +08:00
delayedMount = [ "/" ];
};
swap = [ "/nix/swap/swap" ];
rollingRootfs = { device = "/dev/mapper/root"; path = "/nix/rootfs"; };
};
packages =
{
packageSet = "server";
};
services =
{
impermanence.enable = true;
snapper = { enable = true; configs.persistent = "/nix/persistent"; };
sops = { enable = true; keyPathPrefix = "/nix/persistent"; };
sshd.enable = true;
add rsshub
2023-08-14 21:40:01 +08:00
rsshub.enable = true;
fix vps7 nginx
2023-08-15 00:00:48 +08:00
nginx = { enable = true; transparentProxy.externalIp = "207.180.253.54"; };
enable wallabag to vps7
2023-08-15 01:10:28 +08:00
wallabag.enable = true;
init for vps4 and vps7
2023-08-06 18:52:32 +08:00
};
boot =
{
grub.installDevice = "/dev/disk/by-path/pci-0000:00:05.0-scsi-0:0:0:0";
network.enable = true;
sshd = { enable = true; hostKeys = [ "/nix/persistent/etc/ssh/initrd_ssh_host_ed25519_key" ]; };
};
system = { hostname = "vps7"; march = "znver2"; };
};})
];
};
init nas
2023-08-16 02:16:27 +08:00
"nas" = inputs.nixpkgs.lib.nixosSystem
{
system = "x86_64-linux";
specialArgs = { topInputs = inputs; inherit localLib; };
modules = localLib.mkModules
[
(inputs: { config.nixpkgs.overlays = [(final: prev: { localPackages =
(import ./local/pkgs { inherit (inputs) lib; pkgs = final; });})]; })
./modules
(inputs: { config.nixos =
{
fileSystems =
{
mount =
{
btrfs =
{
"/dev/disk/by-uuid/a6460ff0-b6aa-4c1c-a546-8ad0d495bcf8"."/boot" = "/boot";
"/dev/mapper/root" = { "/nix" = "/nix"; "/nix/rootfs/current" = "/"; };
};
};
decrypt.manual =
{
enable = true;
devices."/dev/disk/by-uuid/46e59fc7-7bb1-4534-bbe4-b948a9a8eeda" = { mapper = "root"; ssd = true; };
delayedMount = [ "/" ];
};
swap = [ "/nix/swap/swap" ];
rollingRootfs = { device = "/dev/mapper/root"; path = "/nix/rootfs"; };
};
packages.packageSet = "server";
services =
{
impermanence.enable = true;
snapper = { enable = true; configs.persistent = "/nix/persistent"; };
sops = { enable = true; keyPathPrefix = "/nix/persistent"; };
sshd.enable = true;
};
boot =
{
grub.installDevice = "/dev/disk/by-path/pci-0000:00:04.0";
network.enable = true;
sshd = { enable = true; hostKeys = [ "/nix/persistent/etc/ssh/initrd_ssh_host_ed25519_key" ]; };
};
system = { hostname = "nas"; march = "silvermont"; };
};})
];
};
xmupc1 init
2023-08-16 01:00:39 +08:00
"xmupc1" = inputs.nixpkgs.lib.nixosSystem
{
system = "x86_64-linux";
specialArgs = { topInputs = inputs; inherit localLib; };
modules = localLib.mkModules
[
(inputs: { config.nixpkgs.overlays = [(final: prev: { localPackages =
(import ./local/pkgs { inherit (inputs) lib; pkgs = final; });})]; })
./modules
(inputs: { config.nixos =
{
fileSystems =
{
mount =
{
vfat."/dev/disk/by-uuid/3F57-0EBE" = "/boot/efi";
btrfs =
{
"/dev/disk/by-uuid/02e426ec-cfa2-4a18-b3a5-57ef04d66614"."/" = "/boot";
"/dev/mapper/root" = { "/nix" = "/nix"; "/nix/rootfs/current" = "/"; };
};
};
decrypt.auto =
{
"/dev/disk/by-uuid/55fdd19f-0f1d-4c37-bd4e-6df44fc31f26" = { mapper = "root"; ssd = true; };
"/dev/md/swap" = { mapper = "swap"; ssd = true; before = [ "root" ]; };
};
mdadm =
"ARRAY /dev/md/swap metadata=1.2 name=chn-PC:swap UUID=2b546b8d:e38007c8:02990dd1:df9e23a4";
swap = [ "/dev/mapper/swap" ];
resume = "/dev/mapper/swap";
rollingRootfs = { device = "/dev/mapper/root"; path = "/nix/rootfs"; };
};
kernel =
{
patches = [ "cjktty" "preempt" ];
modules.modprobeConfig = [ "options iwlmvm power_scheme=1" "options iwlwifi uapsd_disable=1" ];
};
hardware =
{
cpus = [ "intel" ];
gpus = [ "intel" "nvidia" ];
bluetooth.enable = true;
joystick.enable = true;
printer.enable = true;
sound.enable = true;
prime =
{ enable = true; mode = "offload"; busId = { intel = "PCI:0:2:0"; nvidia = "PCI:1:0:0"; };};
};
packages.packageSet = "workstation";
boot.grub.installDevice = "efi";
system =
{
hostname = "xmupc1";
march = "znver3";
extraMarch =
[
"znver2"
# PREFETCHW RDRND XSAVE XSAVEOPT PTWRITE SGX GFNI-SSE MOVDIRI MOVDIR64B CLDEMOTE WAITPKG LZCNT
# PCONFIG SERIALIZE HRESET KL WIDEKL AVX-VNNI
"alderlake"
# SAHF FXSR XSAVE
"sandybridge"
init nas
2023-08-16 02:16:27 +08:00
# SAHF FXSR PREFETCHW RDRND
"silvermont"
xmupc1 init
2023-08-16 01:00:39 +08:00
];
gui.enable = true;
};
virtualization =
{
docker.enable = true;
kvmHost = { enable = true; gui = true; };
};
services =
{
impermanence.enable = true;
snapper = { enable = true; configs.persistent = "/nix/persistent"; };
fontconfig.enable = true;
sops = { enable = true; keyPathPrefix = "/nix/persistent"; };
samba =
{
enable = true;
hostsAllowed = "192.168. 127.";
shares =
{
media.path = "/run/media/chn";
home.path = "/home/chn";
mnt.path = "/mnt";
share.path = "/home/chn/share";
};
};
sshd.enable = true;
xrayClient =
{
enable = true;
serverAddress = "74.211.99.69";
serverName = "vps6.xserver.chn.moe";
dns =
{
extraInterfaces = [ "docker0" ];
hosts =
{
"mirism.one" = "216.24.188.24";
"beta.mirism.one" = "216.24.188.24";
"ng01.mirism.one" = "216.24.188.24";
"debug.mirism.one" = "127.0.0.1";
"initrd.vps6.chn.moe" = "74.211.99.69";
"nix-store.chn.moe" = "127.0.0.1";
};
};
};
firewall.trustedInterfaces = [ "virbr0" ];
frpClient =
{
enable = true;
serverName = "frp.chn.moe";
user = "xmupc1";
tcp.store = { localPort = 443; remotePort = 7676; };
};
smartd.enable = true;
nginx = { enable = true; transparentProxy.enable = false; };
postgresql.enable = true;
};
move fix of embree into bugs
2023-08-18 03:41:44 +08:00
bugs = [ "xmunet" "firefox" "embree" ];
xmupc1 init
2023-08-16 01:00:39 +08:00
};})
];
};
add yoga
2023-08-18 13:04:04 +08:00
"yoga" = inputs.nixpkgs.lib.nixosSystem
{
system = "x86_64-linux";
specialArgs = { topInputs = inputs; inherit localLib; };
modules = localLib.mkModules
[
(inputs: { config.nixpkgs.overlays = [(final: prev: { localPackages =
(import ./local/pkgs { inherit (inputs) lib; pkgs = final; });})]; })
./modules
(inputs: { config.nixos =
{
fileSystems =
{
mount =
{
vfat."/dev/disk/by-uuid/3F57-0EBE" = "/boot/efi";
btrfs =
{
"/dev/disk/by-uuid/02e426ec-cfa2-4a18-b3a5-57ef04d66614"."/" = "/boot";
"/dev/mapper/root" = { "/nix" = "/nix"; "/nix/rootfs/current" = "/"; };
};
};
decrypt.auto =
{
"/dev/disk/by-uuid/55fdd19f-0f1d-4c37-bd4e-6df44fc31f26" = { mapper = "root"; ssd = true; };
"/dev/md/swap" = { mapper = "swap"; ssd = true; before = [ "root" ]; };
};
mdadm =
"ARRAY /dev/md/swap metadata=1.2 name=chn-PC:swap UUID=2b546b8d:e38007c8:02990dd1:df9e23a4";
swap = [ "/dev/mapper/swap" ];
resume = "/dev/mapper/swap";
rollingRootfs = { device = "/dev/mapper/root"; path = "/nix/rootfs"; };
};
kernel.patches = [ "cjktty" "preempt" ];
hardware =
{
cpus = [ "intel" ];
gpus = [ "intel" ];
bluetooth.enable = true;
joystick.enable = true;
printer.enable = true;
sound.enable = true;
};
packages.packageSet = "desktop";
boot.grub.installDevice = "efi";
system =
{
hostname = "yoga";
march = "silvermont";
gui.enable = true;
};
virtualization.docker.enable = true;
services =
{
impermanence.enable = true;
snapper = { enable = true; configs.persistent = "/nix/persistent"; };
fontconfig.enable = true;
sops = { enable = true; keyPathPrefix = "/nix/persistent"; };
sshd.enable = true;
xrayClient =
{
enable = true;
serverAddress = "74.211.99.69";
serverName = "vps6.xserver.chn.moe";
dns =
{
extraInterfaces = [ "docker0" ];
hosts =
{
"mirism.one" = "216.24.188.24";
"beta.mirism.one" = "216.24.188.24";
"ng01.mirism.one" = "216.24.188.24";
"debug.mirism.one" = "127.0.0.1";
"initrd.vps6.chn.moe" = "74.211.99.69";
"nix-store.chn.moe" = "127.0.0.1";
};
};
};
firewall.trustedInterfaces = [ "virbr0" ];
frpClient =
{
enable = true;
serverName = "frp.chn.moe";
user = "xmupc1";
tcp.store = { localPort = 443; remotePort = 7676; };
};
smartd.enable = true;
};
xmupc1 init
2023-08-16 01:00:39 +08:00
};})
];
};
add bootstrap system
2023-08-05 21:44:50 +08:00
"bootstrap" = inputs.nixpkgs.lib.nixosSystem
{
system = "x86_64-linux";
specialArgs = { topInputs = inputs; inherit localLib; };
modules = localLib.mkModules
[
(inputs: { config.nixpkgs.overlays = [(final: prev: { localPackages =
(import ./local/pkgs { inherit (inputs) lib; pkgs = final; });})]; })
./modules
(inputs: { config.nixos =
{
bootstrap for pe
2023-08-18 22:48:56 +08:00
fileSystems.mount =
add powertop
2023-08-06 09:46:37 +08:00
{
bootstrap for pe
2023-08-18 22:48:56 +08:00
btrfs =
bootstrap for vps4
2023-08-13 13:10:45 +08:00
{
yoga bootstrap
2023-08-19 11:41:56 +08:00
"/dev/disk/by-uuid/e163b2c7-835b-4ff6-8626-7278762540da"."/boot" = "/boot";
"/dev/mapper/root"."/nix" = "/";
bootstrap for vps4
2023-08-13 13:10:45 +08:00
};
yoga bootstrap
2023-08-19 11:41:56 +08:00
vfat."/dev/disk/by-uuid/5B2E-D1B9" = "/boot/efi";
add powertop
2023-08-06 09:46:37 +08:00
};
bootstrap for pe
2023-08-18 22:48:56 +08:00
packages.packageSet = "desktop";
add bootstrap system
2023-08-05 21:44:50 +08:00
services.sshd.enable = true;
bootstrap for pe
2023-08-18 22:48:56 +08:00
boot.grub.installDevice = "efi";
yoga bootstrap
2023-08-19 11:41:56 +08:00
system = { hostname = "bootstrap"; march = "silvermont"; };
add bootstrap system
2023-08-05 21:44:50 +08:00
};})
];
};
enable nix-alien
2023-06-13 13:50:37 +08:00
};
do not link include
2023-07-08 16:56:36 +08:00
};
}
Reference in New Issue Copy Permalink