shahab/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: formatter

Browse Source
This commit is contained in:
Shahab Dogar
2025-11-02 08:29:18 +05:00
parent 03b72ee856
commit 7ed5bdf15f
27 changed files with 604 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
hosts/common/core/default.nix
View File

@@ -20,7 +20,6 @@
handle = "shahab96";
email = {user = "shahab@dogar.dev";};
userFullName = "Shahab Dogar";
domain = "rihla";
networking.ports.tcp.ssh = 22;
};
@@ -56,7 +55,7 @@
warn-dirty = false;
trusted-users = ["@wheel"];
substituters = ["https://hyprland.cachix.org"];
substituters = ["https://hyprland.cachix.org" "https://nix.dogar.dev"];
trusted-public-keys = [
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
];

44
hosts/common/disks/aamil.nix Normal file
View File

@@ -0,0 +1,44 @@
{
disko.devices = {
disk = {
vdb = {
type = "disk";
device = "/dev/sda";
content = {
type = "gpt";
partitions = {
ESP = {
priority = 1;
name = "ESP";
start = "1M";
end = "128M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
luks = {
size = "100%";
content = {
name = "crypted";
type = "luks";
passwordFile = "/tmp/secret.key";
settings = {
allowDiscards = true;
crypttabExtraOpts = ["fido2-device=auto" "token-timeout=10"];
};
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
};
}

14
hosts/common/optional/services/k3s.nix Normal file
View File

@@ -0,0 +1,14 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
k3s
cifs-utils
nfs-utils
];
services.k3s = {
enable = true;
role = "agent";
token = "K10aad4485a9e2a872775c6560ab812ac1a05d2dc4c86f189fdf56e5fdc673dcc10::server:G7zhbpu7iSUYvM2e";
serverAddr = "https://rashid:6443";
};
}

8
hosts/common/optional/services/openiscsi.nix Normal file
View File

@@ -0,0 +1,8 @@
{config, ...}: let
hostName = config.hostSpec.hostName;
in {
services.openiscsi = {
enable = true;
name = "iqn.2016-04.com.open-iscsi:${hostName}";
};
}

2
hosts/common/users/primary/default.nix
View File

@@ -19,7 +19,7 @@ in {
home = hostSpec.home;
isNormalUser = true;
hashedPassword = "$y$j9T$pvjyL7hL5x2VBarGNTnMl1$mLA2UsWTbfp8Hgp/ug5l8224thi..Mo8.p7ME.tDZ.4";
extraGroups = ["networkmanager" "wheel" "input" "libvirtd"];
extraGroups = ["networkmanager" "wheel" "input" "libvirtd" "docker"];
# Read all keys in ./keys and add them to authorizedKeys.
openssh.authorizedKeys.keys =

92
hosts/nixos/aamil-1/default.nix Normal file
View File

@@ -0,0 +1,92 @@
{
inputs,
pkgs,
lib,
...
}: let
hostName = "aamil-1";
in {
imports = lib.flatten [
#
# ========= Hardware =========
#
./hardware-configuration.nix
#
# ========= Disk Layout =========
#
inputs.disko.nixosModules.disko
(lib.custom.relativeToRoot "hosts/common/disks/aamil.nix")
#
# ========= Required Configs =========
#
(map lib.custom.relativeToRoot ["hosts/common/core"])
#
# ========= Services =========
#
(map
(s: lib.custom.relativeToRoot "hosts/common/optional/services/${s}.nix") [
"k3s"
"openiscsi"
"openssh"
])
];
#
# ========= Host specification =========
#
hostSpec = {
hostName = hostName;
};
networking = {
hostName = hostName;
networkmanager.enable = true;
enableIPv6 = false;
firewall.enable = false;
};
nix = {
settings = {
require-sigs = false;
experimental-features = ["nix-command" "flakes"];
};
};
# Set your time zone.
time.timeZone = "Asia/Karachi";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
# Fixes for longhorn
systemd.tmpfiles.rules = [
"L+ /usr/local/bin - - - - /run/current-system/sw/bin/"
];
virtualisation.docker.logDriver = "json-file";
security.sudo.extraRules = [
{
users = ["shahab"];
commands = [
{
command = "ALL";
options = ["NOPASSWD"];
}
];
}
];
environment.systemPackages = with pkgs; [
neovim
git
];
system.stateVersion = "25.05";
}

31
hosts/nixos/aamil-1/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,31 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot = {
loader = {
# Use the systemd-boot EFI boot loader.
systemd-boot = {
enable = true;
configurationLimit = 1;
};
efi.canTouchEfiVariables = true;
};
initrd = {
availableKernelModules = ["ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod"];
kernelModules = [];
};
kernelModules = ["kvm-amd"];
extraModulePackages = [];
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

92
hosts/nixos/aamil-2/default.nix Normal file
View File

@@ -0,0 +1,92 @@
{
inputs,
pkgs,
lib,
...
}: let
hostName = "aamil-2";
in {
imports = lib.flatten [
#
# ========= Hardware =========
#
./hardware-configuration.nix
#
# ========= Disk Layout =========
#
inputs.disko.nixosModules.disko
(lib.custom.relativeToRoot "hosts/common/disks/aamil.nix")
#
# ========= Required Configs =========
#
(map lib.custom.relativeToRoot ["hosts/common/core"])
#
# ========= Services =========
#
(map
(s: lib.custom.relativeToRoot "hosts/common/optional/services/${s}.nix") [
"k3s"
"openiscsi"
"openssh"
])
];
#
# ========= Host specification =========
#
hostSpec = {
hostName = hostName;
};
networking = {
hostName = hostName;
networkmanager.enable = true;
enableIPv6 = false;
firewall.enable = false;
};
nix = {
settings = {
require-sigs = false;
experimental-features = ["nix-command" "flakes"];
};
};
# Set your time zone.
time.timeZone = "Asia/Karachi";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
# Fixes for longhorn
systemd.tmpfiles.rules = [
"L+ /usr/local/bin - - - - /run/current-system/sw/bin/"
];
virtualisation.docker.logDriver = "json-file";
security.sudo.extraRules = [
{
users = ["shahab"];
commands = [
{
command = "ALL";
options = ["NOPASSWD"];
}
];
}
];
environment.systemPackages = with pkgs; [
neovim
git
];
system.stateVersion = "25.05";
}

31
hosts/nixos/aamil-2/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,31 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot = {
loader = {
# Use the systemd-boot EFI boot loader.
systemd-boot = {
enable = true;
configurationLimit = config.hostSpec.bootHistoryLimit;
};
efi.canTouchEfiVariables = true;
};
initrd = {
availableKernelModules = ["nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod"];
kernelModules = [];
};
kernelModules = ["kvm-amd"];
extraModulePackages = [];
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

92
hosts/nixos/aamil-3/default.nix Normal file
View File

@@ -0,0 +1,92 @@
{
inputs,
pkgs,
lib,
...
}: let
hostName = "aamil-3";
in {
imports = lib.flatten [
#
# ========= Hardware =========
#
./hardware-configuration.nix
#
# ========= Disk Layout =========
#
inputs.disko.nixosModules.disko
(lib.custom.relativeToRoot "hosts/common/disks/aamil.nix")
#
# ========= Required Configs =========
#
(map lib.custom.relativeToRoot ["hosts/common/core"])
#
# ========= Services =========
#
(map
(s: lib.custom.relativeToRoot "hosts/common/optional/services/${s}.nix") [
"k3s"
"openiscsi"
"openssh"
])
];
#
# ========= Host specification =========
#
hostSpec = {
hostName = hostName;
};
networking = {
hostName = hostName;
networkmanager.enable = true;
enableIPv6 = false;
firewall.enable = false;
};
nix = {
settings = {
require-sigs = false;
experimental-features = ["nix-command" "flakes"];
};
};
# Set your time zone.
time.timeZone = "Asia/Karachi";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
# Fixes for longhorn
systemd.tmpfiles.rules = [
"L+ /usr/local/bin - - - - /run/current-system/sw/bin/"
];
virtualisation.docker.logDriver = "json-file";
security.sudo.extraRules = [
{
users = ["shahab"];
commands = [
{
command = "ALL";
options = ["NOPASSWD"];
}
];
}
];
environment.systemPackages = with pkgs; [
neovim
git
];
system.stateVersion = "25.05";
}

31
hosts/nixos/aamil-3/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,31 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot = {
loader = {
# Use the systemd-boot EFI boot loader.
systemd-boot = {
enable = true;
configurationLimit = config.hostSpec.bootHistoryLimit;
};
efi.canTouchEfiVariables = true;
};
initrd = {
availableKernelModules = ["nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod"];
kernelModules = [];
};
kernelModules = ["kvm-amd"];
extraModulePackages = [];
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

2
hosts/nixos/rihla/hardware-configuration.nix
View File

@@ -2,7 +2,6 @@
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
pkgs,
config,
lib,
modulesPath,
@@ -26,6 +25,7 @@
kernelModules = ["kvm-amd"];
extraModulePackages = [];
binfmt.emulatedSystems = ["aarch64-linux"]; # Add other target architectures as needed
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking