matt1432/nixos-configs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor: make sshd module and some code refactor
All checks were successful
Discord / discord commits (push) Has been skipped
Details

Browse source
This commit is contained in:
matt1432 2023-12-27 11:39:38 -05:00
parent f8442fc37e
commit ed92a42266
15 changed files with 82 additions and 90 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
common/home/neovim/default.nix
View file

@ -161,11 +161,6 @@ in {
type = "viml"; type = "viml";
config = fileContents ./plugins/dracula.vim; config = fileContents ./plugins/dracula.vim;
} }
{
plugin = lualine-nvim;
type = "lua";
config = fileContents ./plugins/lualine.lua;
}
{ {
plugin = todo-comments-nvim; plugin = todo-comments-nvim;
type = "lua"; type = "lua";
@ -176,11 +171,6 @@ in {
type = "lua"; type = "lua";
config = fileContents ./plugins/gitsigns.lua; config = fileContents ./plugins/gitsigns.lua;
} }
{
plugin = nvim-autopairs;
type = "lua";
config = fileContents ./plugins/autopairs.lua;
}
{ {
plugin = indent-blankline-nvim; plugin = indent-blankline-nvim;
type = "lua"; type = "lua";
@ -221,6 +211,16 @@ in {
coc-markdownlint coc-markdownlint
coc-tsserver coc-tsserver
{
plugin = nvim-autopairs;
type = "lua";
config = fileContents ./plugins/autopairs.lua;
}
{
plugin = lualine-nvim;
type = "lua";
config = fileContents ./plugins/lualine.lua;
}
{ {
plugin = neo-tree-nvim; plugin = neo-tree-nvim;
type = "viml"; type = "viml";

4
common/nix-on-droid.nix
View file

@ -22,10 +22,14 @@
substituters = [ substituters = [
# Neovim and stuff # Neovim and stuff
"https://nix-community.cachix.org" "https://nix-community.cachix.org"
# Personal config cache
"https://cache.nelim.org"
]; ];
trustedPublicKeys = [ trustedPublicKeys = [
# Neovim and stuff # Neovim and stuff
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
# Personal config cache
"cache.nelim.org:JmFqkUdH11EA9EZOFAGVHuRYp7EbsdJDHvTQzG2pPyY="
]; ];
}; };

19
common/pkgs/default.nix
View file

@ -2,7 +2,8 @@
lib, lib,
pkgs, pkgs,
... ...
}: let }:
with lib; let
mkPackage = name: v: { mkPackage = name: v: {
${name} = pkgs.callPackage ./${name} {}; ${name} = pkgs.callPackage ./${name} {};
}; };
@ -10,19 +11,15 @@
rmNotPackage = name: value: rmNotPackage = name: value:
value value
== "directory" == "directory"
&& builtins.pathExists ./${name}/default.nix; && pathExists ./${name}/default.nix;
packages = lib.attrsets.filterAttrs rmNotPackage (builtins.readDir ./.); packages = filterAttrs rmNotPackage (builtins.readDir ./.);
pkgSet = lib.attrsets.concatMapAttrs mkPackage packages; pkgSet = concatMapAttrs mkPackage packages;
in { in {
imports = [ options.customPkgs = mkOption {
{ type = types.attrs;
options.customPkgs = lib.mkOption {
type = lib.types.attrs;
}; };
}
];
customPkgs = pkgSet; config.customPkgs = pkgSet;
} }

11
devices/binto/default.nix
View file

@ -8,6 +8,7 @@
../../modules/kmscon.nix ../../modules/kmscon.nix
../../modules/printer.nix ../../modules/printer.nix
../../modules/proton-bridge.nix ../../modules/proton-bridge.nix
../../modules/sshd.nix
../../modules/tailscale.nix ../../modules/tailscale.nix
./modules/gpu-replay.nix ./modules/gpu-replay.nix
@ -56,16 +57,6 @@
firewall.enable = false; firewall.enable = false;
}; };
services = {
openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
PermitRootLogin = "no";
};
};
};
# Set your time zone. # Set your time zone.
time.timeZone = "America/Montreal"; time.timeZone = "America/Montreal";

11
devices/oksys/default.nix
View file

@ -2,6 +2,7 @@
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
../../modules/sshd.nix
../../modules/tailscale.nix ../../modules/tailscale.nix
./modules/blocky.nix ./modules/blocky.nix
@ -47,16 +48,6 @@
firewall.enable = false; firewall.enable = false;
}; };
services = {
openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
PermitRootLogin = "no";
};
};
};
# Set your time zone. # Set your time zone.
time.timeZone = "America/Montreal"; time.timeZone = "America/Montreal";

1
devices/oksys/modules/blocky.nix
View file

@ -2,6 +2,7 @@
services = { services = {
blocky = { blocky = {
enable = true; enable = true;
settings = { settings = {
upstream = { upstream = {
default = [ default = [

11
devices/servivi/default.nix
View file

@ -3,6 +3,7 @@
./hardware-configuration.nix ./hardware-configuration.nix
../../modules/kmscon.nix ../../modules/kmscon.nix
../../modules/sshd.nix
../../modules/tailscale.nix ../../modules/tailscale.nix
./modules/binary-cache.nix ./modules/binary-cache.nix
@ -41,16 +42,6 @@
firewall.enable = false; firewall.enable = false;
}; };
services = {
openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
PermitRootLogin = "no";
};
};
};
# Set your time zone. # Set your time zone.
time.timeZone = "America/Montreal"; time.timeZone = "America/Montreal";

29
devices/servivi/modules/binary-cache.nix
View file

@ -1,7 +1,6 @@
{ {
config, config,
pkgs, pkgs,
nixpkgs,
... ...
}: let }: let
secrets = config.sops.secrets; secrets = config.sops.secrets;
@ -12,6 +11,7 @@ in {
secretKeyFile = secrets.binary-cache-key.path; secretKeyFile = secrets.binary-cache-key.path;
}; };
# Populate cache
systemd = { systemd = {
services.buildAll = { services.buildAll = {
serviceConfig = { serviceConfig = {
@ -19,25 +19,28 @@ in {
User = vars.user; User = vars.user;
Group = config.users.users.${vars.user}.group; Group = config.users.users.${vars.user}.group;
}; };
path = with pkgs; [
git
nix
nixci
openssh
];
script = '' script = ''
cd /tmp cd /tmp
${pkgs.nix}/bin/nix-shell \ git clone https://git.nelim.org/matt1432/nixos-configs.git nix-clone
-I "nixpkgs=${nixpkgs}" \ cd nix-clone
-p openssh nix git nixci --run \ nix flake update
"${builtins.concatStringsSep "; " [ nixci .
"git clone https://git.nelim.org/matt1432/nixos-configs.git nix-clone" cd ..
"cd nix-clone" rm -r nix-clone
"nix flake update"
"nixci ."
"cd .."
"rm -r nix-clone"
]}"
''; '';
}; };
timers.buildAll = { timers.buildAll = {
wantedBy = ["timers.target"]; wantedBy = ["timers.target"];
partOf = ["buildAll.service"]; partOf = ["buildAll.service"];
timerConfig.OnCalendar = ["*-*-* 0:00:00"]; timerConfig.OnCalendar = ["0:00:00"];
}; };
}; };
} }

22
devices/servivi/modules/borgbackup.nix
View file

@ -3,18 +3,27 @@
lib, lib,
pkgs, pkgs,
... ...
}: { }:
with lib; let
cfg = config.services.borgbackup;
secrets = config.sops.secrets;
in {
# Make this file declare default settings # Make this file declare default settings
options.services.borgbackup = with lib; { options.services.borgbackup = {
#
defaults = mkOption { defaults = mkOption {
type = types.attrs; type = types.attrs;
}; };
configs = mkOption {
type = types.attrs;
};
}; };
config = { config = {
users.groups.borg = {}; users.groups.borg = {};
users.users.borg = { users.users.borg = {
isSystemUser = true; isSystemUser = true;
# https://mynixos.com/nixpkgs/option/services.borgbackup.jobs.%3Cname%3E.readWritePaths
createHome = true; createHome = true;
home = "/var/lib/borg"; home = "/var/lib/borg";
group = "borg"; group = "borg";
@ -28,17 +37,14 @@
services.borgbackup = { services.borgbackup = {
defaults = { defaults = {
user = "borg"; user = "borg";
environment = { environment = {BORG_RSH = "ssh -i ${secrets.borg-ssh.path}";};
# TODO: use secrets
BORG_RSH = "ssh -i ${config.users.users.borg.home}/.ssh/id_ed25519";
};
repo = "ssh://matt@pve/data/backups/borg"; repo = "ssh://matt@pve/data/backups/borg";
encryption = { encryption = {
mode = "repokey"; mode = "repokey";
passCommand = let passCommand = let
cat = "${pkgs.coreutils}/bin/cat"; cat = "${pkgs.coreutils}/bin/cat";
key = config.sops.secrets.borg-repo.path; key = secrets.borg-repo.path;
in "${cat} ${key}"; in "${cat} ${key}";
}; };
@ -46,6 +52,8 @@
startAt = "00/3:00"; startAt = "00/3:00";
compression = "auto,lzma"; compression = "auto,lzma";
}; };
jobs = mapAttrs (_: v: v // cfg.defaults) cfg.configs;
}; };
}; };
} }

4
devices/servivi/modules/minecraft.nix
View file

@ -88,9 +88,7 @@
}; };
}; };
borgbackup.jobs.mc = borgbackup.configs.mc = {
config.services.borgbackup.defaults
// {
paths = [ paths = [
"/var/lib/minecraft" "/var/lib/minecraft"
]; ];

BIN
flake.lock
View file

Binary file not shown.

2
home/alacritty.nix
View file

@ -3,8 +3,6 @@
enable = true; enable = true;
settings = { settings = {
env = { env = {
POKE = "true";
# fix wrong colors in tmux # fix wrong colors in tmux
TERM = "xterm-256color"; TERM = "xterm-256color";
}; };

9
modules/greetd/default.nix
View file

@ -3,9 +3,8 @@
pkgs, pkgs,
config, config,
... ...
}: let }: with lib; let
# Nix stuff # Nix stuff
optionals = lib.lists.optionals;
isNvidia = config.hardware.nvidia.modesetting.enable; isNvidia = config.hardware.nvidia.modesetting.enable;
isTouchscreen = config.hardware.sensor.iio.enable; isTouchscreen = config.hardware.sensor.iio.enable;
@ -20,7 +19,7 @@
.finalPackage; .finalPackage;
# Executables' paths # Executables' paths
hyprBin = "${hyprland}/bin"; hyprBin = "${hyprland}/bin";
regreetBin = "${lib.getExe config.programs.regreet.package}"; regreetBin = "${getExe config.programs.regreet.package}";
# Show Regreet on all monitors # Show Regreet on all monitors
dupeMonitors = pkgs.writeShellScriptBin "dupeMonitors" '' dupeMonitors = pkgs.writeShellScriptBin "dupeMonitors" ''
@ -49,7 +48,7 @@
else "${dupeMonitors}/bin/dupeMonitors"; else "${dupeMonitors}/bin/dupeMonitors";
# Get css for regreet # Get css for regreet
style = pkgs.writeText "style.css" ''${builtins.readFile ./style.css}''; style = pkgs.writeText "style.css" ''${readFile ./style.css}'';
# Setup Hyprland as regreet's compositor # Setup Hyprland as regreet's compositor
hyprConf = hyprConf =
@ -66,7 +65,7 @@
" sleep 1; swww init --no-cache &&" " sleep 1; swww init --no-cache &&"
" swww img -t none ${pkgs.dracula-theme}/wallpapers/waves.png\n" " swww img -t none ${pkgs.dracula-theme}/wallpapers/waves.png\n"
"${builtins.readFile ./hyprland.conf}\n" "${readFile ./hyprland.conf}\n"
"exec-once = ${regreetBin} -s ${style};" "exec-once = ${regreetBin} -s ${style};"
" ${hyprBin}/hyprctl dispatch exit" " ${hyprBin}/hyprctl dispatch exit"

8
modules/hyprland/default.nix
View file

@ -82,22 +82,22 @@ in {
xwayland.force_zero_scaling = true; xwayland.force_zero_scaling = true;
monitor = [ monitor = [
(builtins.concatStringsSep "," [ (concatStringsSep "," [
"desc:Acer Technologies Acer K212HQL T3EAA0014201" "desc:Acer Technologies Acer K212HQL T3EAA0014201"
"1920x1080@60" "1920x1080@60"
"840x1000, 1, transform, 3" "840x1000, 1, transform, 3"
]) ])
(builtins.concatStringsSep "," [ (concatStringsSep "," [
"desc:BOE 0x0964" "desc:BOE 0x0964"
"1920x1200@60" "1920x1200@60"
"0x2920, 1" "0x2920, 1"
]) ])
(builtins.concatStringsSep "," [ (concatStringsSep "," [
"desc:Samsung Electric Company C27JG5x HTOM100586" "desc:Samsung Electric Company C27JG5x HTOM100586"
"2560x1440@60" "2560x1440@60"
"1920x120, 1" "1920x120, 1"
]) ])
(builtins.concatStringsSep "," [ (concatStringsSep "," [
"desc:GIGA-BYTE TECHNOLOGY CO. LTD. G27QC 0x00000B1D" "desc:GIGA-BYTE TECHNOLOGY CO. LTD. G27QC 0x00000B1D"
"2560x1440@165" "2560x1440@165"
"1920x1560, 1" "1920x1560, 1"

11
modules/sshd.nix Normal file
View file

@ -0,0 +1,11 @@
{...}: {
services = {
openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
PermitRootLogin = "no";
};
};
};
}