jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

made a build and nixremote modules.

Browse Source
This commit is contained in:
Danilo Reyes
2025-09-27 16:31:05 -06:00
parent 8cd5e390cf
commit 4b81028cde
7 changed files with 198 additions and 166 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
hosts/miniserver/configuration.nix
View File

@@ -1,11 +1,32 @@
{ ... }:
{ config, ... }:
{
imports = [
./hardware-configuration.nix
../../config/base.nix
../../config/stylix.nix
];
my = import ./toggles.nix;
my = import ./toggles.nix // {
nix.cores = 3;
nix.maxJobs = 8;
users.nixremote.enable = true;
users.nixremote.authorizedKeys = [
../../secrets/ssh/ed25519_nixworkstation.pub
../../secrets/ssh/ed25519_nixserver.pub
];
};
nix.buildMachines =
let
buildMachine = hostName: maxJobs: speedFactor: {
inherit hostName maxJobs speedFactor;
system = "x86_64-linux";
sshUser = "nixremote";
supportedFeatures = config.my.nix.features;
};
in
[
(buildMachine "workstation" 16 40)
(buildMachine "server" 16 17)
];
networking = {
hostName = "miniserver";
firewall = {
@@ -13,47 +34,7 @@
allowedUDPPorts = [ 2049 ];
};
};
nix = {
settings = {
cores = 3;
max-jobs = 8;
};
buildMachines =
let
buildMachine = hostName: maxJobs: speedFactor: {
inherit hostName maxJobs speedFactor;
system = "x86_64-linux";
sshUser = "nixremote";
supportedFeatures = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
"gccarch-znver3"
"gccarch-skylake"
"gccarch-alderlake"
];
};
in
[
(buildMachine "workstation" 16 40)
(buildMachine "server" 16 17)
];
};
nixpkgs.config.permittedInsecurePackages = [ "openssl-1.1.1w" ];
users = {
groups.nixremote.gid = 555;
users.nixremote = {
isNormalUser = true;
createHome = true;
group = "nixremote";
home = "/var/nixremote/";
openssh.authorizedKeys.keyFiles = [
../../secrets/ssh/ed25519_nixworkstation.pub
../../secrets/ssh/ed25519_nixserver.pub
];
};
};
services = {
btrfs.autoScrub = {
enable = true;

63
hosts/server/configuration.nix
View File

@@ -10,7 +10,24 @@
../../config/base.nix
../../config/stylix.nix
];
my = import ./toggles.nix { inherit config; };
my = import ./toggles.nix { inherit config; } // {
nix.cores = 6;
users.nixremote.enable = true;
users.nixremote.authorizedKeys = [
../../secrets/ssh/ed25519_nixworkstation.pub
../../secrets/ssh/ed25519_nixminiserver.pub
];
};
nix.buildMachines = [
{
hostName = "workstation";
system = "x86_64-linux";
sshUser = "nixremote";
maxJobs = 12;
speedFactor = 1;
supportedFeatures = config.my.nix.features;
}
];
sops.secrets."vps/home/private".sopsFile = ../../secrets/wireguard.yaml;
networking =
let
@@ -51,48 +68,8 @@
];
};
};
nix =
let
featuresList = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
"gccarch-znver3"
"gccarch-skylake"
"gccarch-alderlake"
];
in
{
settings.cores = 6;
buildMachines = [
{
hostName = "workstation";
system = "x86_64-linux";
sshUser = "nixremote";
maxJobs = 12;
speedFactor = 1;
supportedFeatures = featuresList;
}
];
};
users = {
groups.nixremote.gid = 555;
users = {
jawz.packages = builtins.attrValues {
inherit (pkgs) podman-compose;
};
nixremote = {
isNormalUser = true;
createHome = true;
group = "nixremote";
home = "/var/nixremote/";
openssh.authorizedKeys.keyFiles = [
../../secrets/ssh/ed25519_nixworkstation.pub
../../secrets/ssh/ed25519_nixminiserver.pub
];
};
};
users.users.jawz.packages = builtins.attrValues {
inherit (pkgs) podman-compose;
};
services.btrfs.autoScrub = {
enable = true;

55
hosts/workstation/configuration.nix
View File

@@ -21,7 +21,15 @@ in
../../config/stylix.nix
../../environments/gnome.nix
];
my = import ./toggles.nix;
my = import ./toggles.nix // {
nix.cores = 8;
nix.maxJobs = 8;
users.nixremote.enable = true;
users.nixremote.authorizedKeys = [
../../secrets/ssh/ed25519_nixserver.pub
../../secrets/ssh/ed25519_nixminiserver.pub
];
};
home-manager.users.jawz = {
programs = {
vscode = {
@@ -60,38 +68,19 @@ in
allowedUDPPortRanges = openPortRanges;
};
};
nix.settings = {
cores = 8;
max-jobs = 8;
};
users = {
groups.nixremote.gid = 555;
users = {
jawz.packages = [
(pkgs.google-cloud-sdk.withExtraComponents [
pkgs.google-cloud-sdk.components.gke-gcloud-auth-plugin
])
]
++ builtins.attrValues {
inherit (pkgs)
distrobox # install packages from other os
gocryptfs # encrypted filesystem! shhh!!!
vcsi # video thumbnails for torrents, can I replace it with ^?
keypunch # practice typing
google-cloud-sdk-gce
;
};
nixremote = {
isNormalUser = true;
createHome = true;
group = "nixremote";
home = "/var/nixremote/";
openssh.authorizedKeys.keyFiles = [
../../secrets/ssh/ed25519_nixserver.pub
../../secrets/ssh/ed25519_nixminiserver.pub
];
};
};
users.users.jawz.packages = [
(pkgs.google-cloud-sdk.withExtraComponents [
pkgs.google-cloud-sdk.components.gke-gcloud-auth-plugin
])
]
++ builtins.attrValues {
inherit (pkgs)
distrobox # install packages from other os
gocryptfs # encrypted filesystem! shhh!!!
vcsi # video thumbnails for torrents, can I replace it with ^?
keypunch # practice typing
google-cloud-sdk-gce
;
};
environment = {
pathsToLink = [ "share/thumbnailers" ];