diff --git a/devshells/java17-maven/flake.lock b/devshells/java17-maven/flake.lock index b4da842..ae71305 100644 --- a/devshells/java17-maven/flake.lock +++ b/devshells/java17-maven/flake.lock @@ -22,16 +22,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1766473571, - "narHash": "sha256-5G1NDO2PulBx1RoaA6U1YoUDX0qZslpPxv+n5GX6Qto=", + "lastModified": 1736684107, + "narHash": "sha256-vH5mXxEvZeoGNkqKoCluhTGfoeXCZ1seYhC2pbMN0sg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "76701a179d3a98b07653e2b0409847499b2a07d3", + "rev": "635e887b48521e912a516625eee7df6cf0eba9c1", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-25.11", + "ref": "nixos-24.11", "repo": "nixpkgs", "type": "github" } diff --git a/devshells/java17-maven/flake.nix b/devshells/java17-maven/flake.nix index 169ccb2..106308a 100644 --- a/devshells/java17-maven/flake.nix +++ b/devshells/java17-maven/flake.nix @@ -1,6 +1,6 @@ { description = "A basic flake with a shell"; - inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11"; + inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; inputs.systems.url = "github:nix-systems/default"; inputs.flake-utils = { url = "github:numtide/flake-utils"; diff --git a/devshells/java21-maven/flake.lock b/devshells/java21-maven/flake.lock index b4da842..72a721c 100644 --- a/devshells/java21-maven/flake.lock +++ b/devshells/java21-maven/flake.lock @@ -22,16 +22,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1766473571, - "narHash": "sha256-5G1NDO2PulBx1RoaA6U1YoUDX0qZslpPxv+n5GX6Qto=", + "lastModified": 1734435836, + "narHash": "sha256-kMBQ5PRiFLagltK0sH+08aiNt3zGERC2297iB6vrvlU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "76701a179d3a98b07653e2b0409847499b2a07d3", + "rev": "4989a246d7a390a859852baddb1013f825435cee", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-25.11", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } diff --git a/devshells/java21-maven/flake.nix b/devshells/java21-maven/flake.nix index 943795f..79f8a2c 100644 --- a/devshells/java21-maven/flake.nix +++ b/devshells/java21-maven/flake.nix @@ -1,6 +1,6 @@ { description = "A basic flake with a shell"; - inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11"; + inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; inputs.systems.url = "github:nix-systems/default"; inputs.flake-utils = { url = "github:numtide/flake-utils"; diff --git a/flake.lock b/flake.lock index a5e3b36..000b4f1 100644 --- a/flake.lock +++ b/flake.lock @@ -1,28 +1,5 @@ { "nodes": { - "agenix": { - "inputs": { - "darwin": [], - "home-manager": "home-manager", - "nixpkgs": [ - "nixpkgs" - ], - "systems": "systems" - }, - "locked": { - "lastModified": 1762618334, - "narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=", - "owner": "ryantm", - "repo": "agenix", - "rev": "fcdea223397448d35d9b31f798479227e80183f6", - "type": "github" - }, - "original": { - "owner": "ryantm", - "repo": "agenix", - "type": "github" - } - }, "auto-cpufreq": { "inputs": { "nixpkgs": [ @@ -30,11 +7,11 @@ ] }, "locked": { - "lastModified": 1765042799, - "narHash": "sha256-G7UJDUNcuHm1n2EuA+2iKPNISSWoUgqk85ktncJoelo=", + "lastModified": 1748372346, + "narHash": "sha256-7y7NZ6uW0GbT0h4gqfD2xvRuJj5IlPGw32oIc9Twga8=", "owner": "AdnanHodzic", "repo": "auto-cpufreq", - "rev": "2e5c725be0a7da2c749a345e09f3df3b9ef8c209", + "rev": "becd5b89963fa54fef3566147f3fd2087f8a5842", "type": "github" }, "original": { @@ -43,26 +20,6 @@ "type": "github" } }, - "disko": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1766150702, - "narHash": "sha256-P0kM+5o+DKnB6raXgFEk3azw8Wqg5FL6wyl9jD+G5a4=", - "owner": "nix-community", - "repo": "disko", - "rev": "916506443ecd0d0b4a0f4cf9d40a3c22ce39b378", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "disko", - "type": "github" - } - }, "flake-compat": { "flake": false, "locked": { @@ -79,21 +36,6 @@ "type": "github" } }, - "flake-compat_2": { - "locked": { - "lastModified": 1747046372, - "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, "gitignore": { "inputs": { "nixpkgs": [ @@ -119,41 +61,20 @@ "home-manager": { "inputs": { "nixpkgs": [ - "agenix", "nixpkgs" ] }, "locked": { - "lastModified": 1745494811, - "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=", + "lastModified": 1749154018, + "narHash": "sha256-gjN3j7joRvT3a8Zgcylnd4NFsnXeDBumqiu4HmY1RIg=", "owner": "nix-community", "repo": "home-manager", - "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be", + "rev": "7aae0ee71a17b19708b93b3ed448a1a0952bf111", "type": "github" }, "original": { "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, - "home-manager_2": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1766529401, - "narHash": "sha256-OJAjJcW6ZADEzTBrvOTZanbgC8ObEWveObujtpazEbg=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "aaf46506426cc8c53719dd20de660fc856a5561e", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "release-25.11", + "ref": "release-25.05", "repo": "home-manager", "type": "github" } @@ -166,11 +87,11 @@ "pre-commit-hooks": "pre-commit-hooks" }, "locked": { - "lastModified": 1764660538, - "narHash": "sha256-kEWb9Hc2OxdLhJ1pRdW7zRZ57Mul3/Jpy3vyhQ8Yq6o=", + "lastModified": 1746906641, + "narHash": "sha256-b6few4tkqN2TWdrZTwWOjsWxA11rle7y9pcc0/ynuoE=", "owner": "~rycee", "repo": "lazy-apps", - "rev": "4ddc92c77213f8ed3ddef1868f4a19002afa728a", + "rev": "0b30a0bf524a661f9657c441d021aaa5724f12ff", "type": "sourcehut" }, "original": { @@ -181,11 +102,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1764440730, - "narHash": "sha256-ZlJTNLUKQRANlLDomuRWLBCH5792x+6XUJ4YdFRjtO4=", + "lastModified": 1749195551, + "narHash": "sha256-W5GKQHgunda/OP9sbKENBZhMBDNu2QahoIPwnsF6CeM=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "9154f4569b6cdfd3c595851a6ba51bfaa472d9f3", + "rev": "4602f7e1d3f197b3cb540d5accf5669121629628", "type": "github" }, "original": { @@ -197,35 +118,20 @@ }, "nixpkgs": { "locked": { - "lastModified": 1766473571, - "narHash": "sha256-5G1NDO2PulBx1RoaA6U1YoUDX0qZslpPxv+n5GX6Qto=", + "lastModified": 1749086602, + "narHash": "sha256-DJcgJMekoxVesl9kKjfLPix2Nbr42i7cpEHJiTnBUwU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "76701a179d3a98b07653e2b0409847499b2a07d3", + "rev": "4792576cb003c994bd7cc1edada3129def20b27d", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-25.11", + "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } }, - "nixpkgs-libvncserver": { - "locked": { - "lastModified": 1750111231, - "narHash": "sha256-3a7Tha/RwYlzH/v3PJrG7+HjOj4c6YOv2K8sqdGsHVQ=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "e6f23dc08d3624daab7094b701aa3954923c6bbb", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "rev": "e6f23dc08d3624daab7094b701aa3954923c6bbb", - "type": "indirect" - } - }, "nixpkgs-stable": { "locked": { "lastModified": 1730741070, @@ -242,36 +148,6 @@ "type": "github" } }, - "nixpkgs-stable_2": { - "locked": { - "lastModified": 1761016216, - "narHash": "sha256-G/iC4t/9j/52i/nm+0/4ybBmAF4hzR8CNHC75qEhjHo=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "481cf557888e05d3128a76f14c76397b7d7cc869", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "ref": "nixos-25.05", - "type": "indirect" - } - }, - "nixpkgs-unstable": { - "locked": { - "lastModified": 1761114652, - "narHash": "sha256-f/QCJM/YhrV/lavyCVz8iU3rlZun6d+dAiC3H+CDle4=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "01f116e4df6a15f4ccdffb1bcd41096869fb385c", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "ref": "nixos-unstable", - "type": "indirect" - } - }, "pre-commit-hooks": { "inputs": { "flake-compat": "flake-compat", @@ -296,89 +172,17 @@ "type": "github" } }, - "proxmox-nixos": { - "inputs": { - "flake-compat": "flake-compat_2", - "nixpkgs-libvncserver": "nixpkgs-libvncserver", - "nixpkgs-stable": "nixpkgs-stable_2", - "nixpkgs-unstable": "nixpkgs-unstable", - "utils": "utils" - }, - "locked": { - "lastModified": 1764188113, - "narHash": "sha256-Oq4aCjczgnFQqFNWZ6Ablg6x9579CO8tyBktYDYiZEs=", - "owner": "SaumonNet", - "repo": "proxmox-nixos", - "rev": "3be878a84866b9ef9214b8ea6f53630f47f4b192", - "type": "github" - }, - "original": { - "owner": "SaumonNet", - "repo": "proxmox-nixos", - "type": "github" - } - }, "root": { "inputs": { - "agenix": "agenix", "auto-cpufreq": "auto-cpufreq", - "disko": "disko", - "home-manager": "home-manager_2", + "home-manager": "home-manager", "lazy-apps": "lazy-apps", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs", - "proxmox-nixos": "proxmox-nixos", - "secrets": "secrets", - "systems": "systems_3" - } - }, - "secrets": { - "flake": false, - "locked": { - "lastModified": 1758149597, - "narHash": "sha256-qUkhfFBEuDJ7nP6jcdBZzGBBhLKnXYxumBQI75DGcFc=", - "ref": "refs/heads/main", - "rev": "8404f6877e25b8cbf3f504ef1926034e8c401dbe", - "revCount": 6, - "type": "git", - "url": "ssh://git@git.jfreudenberger.de/JuliusFreudenberger/nix-private.git" - }, - "original": { - "type": "git", - "url": "ssh://git@git.jfreudenberger.de/JuliusFreudenberger/nix-private.git" + "systems": "systems" } }, "systems": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_2": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_3": { "locked": { "lastModified": 1689347949, "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", @@ -392,24 +196,6 @@ "repo": "default-linux", "type": "github" } - }, - "utils": { - "inputs": { - "systems": "systems_2" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 1e2ce3f..558ac71 100644 --- a/flake.nix +++ b/flake.nix @@ -1,21 +1,12 @@ { description = "NixOS configuration of Julius Freudenberger"; - nixConfig = { - extra-substituters = [ - "https://cache.saumon.network/proxmox-nixos" - ]; - extra-trusted-public-keys = [ - "proxmox-nixos:D9RYSWpQQC/msZUWphOY2I5RLH5Dd6yQcaHIuug7dWM=" - ]; - }; - inputs = { #nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; - nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; home-manager = { - url = "github:nix-community/home-manager/release-25.11"; + url = "github:nix-community/home-manager/release-25.05"; inputs.nixpkgs.follows = "nixpkgs"; }; auto-cpufreq = { @@ -26,22 +17,7 @@ url = "sourcehut:~rycee/lazy-apps"; inputs.nixpkgs.follows = "nixpkgs"; }; - proxmox-nixos.url = "github:SaumonNet/proxmox-nixos"; - disko = { - url = "github:nix-community/disko"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - agenix = { - url = "github:ryantm/agenix"; - inputs = { - nixpkgs.follows = "nixpkgs"; - darwin.follows = ""; - }; - }; - secrets = { - url = "git+ssh://git@git.jfreudenberger.de/JuliusFreudenberger/nix-private.git"; - flake = false; - }; + systems.url = "github:nix-systems/default-linux"; }; @@ -52,9 +28,6 @@ nixos-hardware, home-manager, auto-cpufreq, - proxmox-nixos, - agenix, - disko, systems, ... } @ inputs: let @@ -117,107 +90,6 @@ ./hosts/backup-raspberrypi ]; }; - - server = nixpkgs.lib.nixosSystem rec { - system = "x86_64-linux"; - - specialArgs = { - inherit inputs outputs; - }; - - modules = [ - ./hosts/nixos-server-test - proxmox-nixos.nixosModules.proxmox-ve - - ({...}: { - nixpkgs.overlays = [ - proxmox-nixos.overlays.${system} - ]; - }) - ]; - }; - - srv01-hf = nixpkgs.lib.nixosSystem rec { - system = "x86_64-linux"; - - specialArgs = { - inherit inputs outputs; - }; - - modules = [ - disko.nixosModules.disko - agenix.nixosModules.default - ./hosts/srv01.hf - ]; - }; - - kube01 = nixpkgs.lib.nixosSystem rec { - system = "x86_64-linux"; - - specialArgs = { - inherit inputs outputs; - }; - - modules = [ - disko.nixosModules.disko - ./hosts/kube01 - ]; - }; - - kube02 = nixpkgs.lib.nixosSystem rec { - system = "x86_64-linux"; - - specialArgs = { - inherit inputs outputs; - }; - - modules = [ - disko.nixosModules.disko - ./hosts/kube02 - ]; - }; - - kube03 = nixpkgs.lib.nixosSystem rec { - system = "x86_64-linux"; - - specialArgs = { - inherit inputs outputs; - }; - - modules = [ - disko.nixosModules.disko - ./hosts/kube03 - ]; - }; - }; - - homeConfigurations = { - jufr2 = let - username = "jufr2"; - system = "x86_64-linux"; - pkgs = nixpkgs.legacyPackages.${system}; - in - home-manager.lib.homeManagerConfiguration { - inherit pkgs; - - extraSpecialArgs = { - inherit username; - }; - - modules = [ - home/core.nix - - home/targets/genericLinux.nix - - modules/nix.nix - home/neovim/default.nix - home/zsh/default.nix - home/cli.nix - ]; - - }; - }; - }; } diff --git a/home/cli.nix b/home/cli.nix deleted file mode 100644 index 301cffc..0000000 --- a/home/cli.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ - pkgs, - lib, - config, - ... -}: { - home.packages = with pkgs; [ - wget - curl - git - neofetch - tealdeer - - pdfgrep - pdftk - p7zip - ]; - - programs = { - htop.enable = true; - git.enable = true; - bat.enable = true; - }; -} diff --git a/home/targets/genericLinux.nix b/home/targets/genericLinux.nix deleted file mode 100644 index 061ab31..0000000 --- a/home/targets/genericLinux.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - ... -}: { - - targets.genericLinux.enable = true; - -} diff --git a/hosts/kube01/default.nix b/hosts/kube01/default.nix deleted file mode 100644 index a72dee8..0000000 --- a/hosts/kube01/default.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ inputs, outputs, config, lib, pkgs, ... }: - -{ - imports = - [ - ../../modules/disko/efi-full-btrfs.nix - ../../modules/systemd-boot.nix - - ../../users/julius/nixos-server.nix - ../../modules/nix.nix - ../../modules/network-server.nix - ../../modules/locale.nix - ../../modules/server-cli.nix - ../../modules/sshd.nix - ../../modules/k3s.nix - ../../modules/qemu-guest.nix - # Include the results of the hardware scan. - ./hardware-configuration.nix - ]; - - - networking.hostName = "kube01"; # Define your hostname. - - services.k3s = { - clusterInit = true; - }; - - # This option defines the first version of NixOS you have installed on this particular machine, - # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. - # Most users should NEVER change this value after the initial install, for any reason, - # even if you've upgraded your system to a new NixOS release. - # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, - # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how - # to actually do that. - # This value being lower than the current NixOS release does NOT mean your system is - # out of date, out of support, or vulnerable. - # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, - # and migrated your data accordingly. - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . - system.stateVersion = "25.05"; # Did you read the comment? -} diff --git a/hosts/kube01/hardware-configuration.nix b/hosts/kube01/hardware-configuration.nix deleted file mode 100644 index f198f81..0000000 --- a/hosts/kube01/hardware-configuration.nix +++ /dev/null @@ -1,24 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/profiles/qemu-guest.nix") - ]; - - boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; -} diff --git a/hosts/kube02/default.nix b/hosts/kube02/default.nix deleted file mode 100644 index 504afef..0000000 --- a/hosts/kube02/default.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ inputs, outputs, config, lib, pkgs, ... }: - -{ - imports = - [ - ../../modules/disko/efi-full-btrfs.nix - ../../modules/systemd-boot.nix - - ../../users/julius/nixos-server.nix - ../../modules/nix.nix - ../../modules/network-server.nix - ../../modules/locale.nix - ../../modules/server-cli.nix - ../../modules/sshd.nix - ../../modules/k3s.nix - ../../modules/qemu-guest.nix - # Include the results of the hardware scan. - ./hardware-configuration.nix - ]; - - networking.hostName = "kube02"; # Define your hostname. - - services.k3s = { - serverAddr = "https://kube01:6443"; - clusterInit = false; - }; - - # This option defines the first version of NixOS you have installed on this particular machine, - # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. - # Most users should NEVER change this value after the initial install, for any reason, - # even if you've upgraded your system to a new NixOS release. - # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, - # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how - # to actually do that. - # This value being lower than the current NixOS release does NOT mean your system is - # out of date, out of support, or vulnerable. - # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, - # and migrated your data accordingly. - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . - system.stateVersion = "25.05"; # Did you read the comment? -} diff --git a/hosts/kube02/hardware-configuration.nix b/hosts/kube02/hardware-configuration.nix deleted file mode 100644 index f198f81..0000000 --- a/hosts/kube02/hardware-configuration.nix +++ /dev/null @@ -1,24 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/profiles/qemu-guest.nix") - ]; - - boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; -} diff --git a/hosts/kube03/default.nix b/hosts/kube03/default.nix deleted file mode 100644 index 12884e5..0000000 --- a/hosts/kube03/default.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ inputs, outputs, config, lib, pkgs, ... }: - -{ - imports = - [ - ../../modules/disko/efi-full-btrfs.nix - ../../modules/systemd-boot.nix - - ../../users/julius/nixos-server.nix - ../../modules/nix.nix - ../../modules/network-server.nix - ../../modules/locale.nix - ../../modules/server-cli.nix - ../../modules/sshd.nix - ../../modules/k3s.nix - ../../modules/qemu-guest.nix - # Include the results of the hardware scan. - ./hardware-configuration.nix - ]; - - - networking.hostName = "kube03"; # Define your hostname. - - services.k3s = { - serverAddr = "https://kube01:6443"; - clusterInit = false; - }; - - # This option defines the first version of NixOS you have installed on this particular machine, - # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. - # Most users should NEVER change this value after the initial install, for any reason, - # even if you've upgraded your system to a new NixOS release. - # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, - # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how - # to actually do that. - # This value being lower than the current NixOS release does NOT mean your system is - # out of date, out of support, or vulnerable. - # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, - # and migrated your data accordingly. - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . - system.stateVersion = "25.05"; # Did you read the comment? -} diff --git a/hosts/kube03/hardware-configuration.nix b/hosts/kube03/hardware-configuration.nix deleted file mode 100644 index f198f81..0000000 --- a/hosts/kube03/hardware-configuration.nix +++ /dev/null @@ -1,24 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/profiles/qemu-guest.nix") - ]; - - boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; -} diff --git a/hosts/nixos-server-test/default.nix b/hosts/nixos-server-test/default.nix deleted file mode 100644 index 409e2fa..0000000 --- a/hosts/nixos-server-test/default.nix +++ /dev/null @@ -1,96 +0,0 @@ -{ inputs, outputs, config, lib, pkgs, ... }: - -{ - imports = - [ - ../../modules/nix.nix - ../../modules/locale.nix - ../../modules/server-cli.nix - ../../modules/sshd.nix - # Include the results of the hardware scan. - ./hardware-configuration.nix - ]; - # Use the GRUB 2 boot loader. - boot = { - loader.grub = { - enable = true; - device = "/dev/vda"; - }; - tmp.useTmpfs = true; - }; - networking.hostName = "nixos-server"; # Define your hostname. - users = { - users = { - julius = { - isNormalUser = true; - uid = 1000; - extraGroups = [ "wheel" "julius" ]; - }; - }; - groups = { - julius = { - gid = 1000; - }; - }; - }; - - nix.settings = { - substituters = [ - "https://cache.saumon.network/proxmox-nixos" - ]; - trusted-public-keys = [ - "proxmox-nixos:D9RYSWpQQC/msZUWphOY2I5RLH5Dd6yQcaHIuug7dWM=" - ]; - }; - - services.proxmox-ve = { - enable = true; - ipAddress = "192.168.122.71"; - - # Make vmbr0 bridge visible in Proxmox web interface - bridges = [ "vmbr0" ]; - }; - - networking.useDHCP = false; - - systemd.network = { - enable = true; - - networks."10-lan" = { - matchConfig.Name = [ "enp1s0" ]; - networkConfig = { - Bridge = "vmbr0"; - }; - }; - - netdevs."vmbr0" = { - netdevConfig = { - Name = "vmbr0"; - Kind = "bridge"; - }; - }; - - networks."10-lan-bridge" = { - matchConfig.Name = "vmbr0"; - networkConfig = { - IPv6AcceptRA = true; - DHCP = "ipv4"; - }; - linkConfig.RequiredForOnline = "routable"; - }; - }; - - # This option defines the first version of NixOS you have installed on this particular machine, - # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. - # Most users should NEVER change this value after the initial install, for any reason, - # even if you've upgraded your system to a new NixOS release. - # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, - # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how - # to actually do that. - # This value being lower than the current NixOS release does NOT mean your system is - # out of date, out of support, or vulnerable. - # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, - # and migrated your data accordingly. - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . - system.stateVersion = "25.05"; # Did you read the comment? -} diff --git a/hosts/nixos-server-test/hardware-configuration.nix b/hosts/nixos-server-test/hardware-configuration.nix deleted file mode 100644 index 6dfd7c4..0000000 --- a/hosts/nixos-server-test/hardware-configuration.nix +++ /dev/null @@ -1,31 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/profiles/qemu-guest.nix") - ]; - - boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/e46c412a-8b6d-41b8-b53c-65d7a8fc39ed"; - fsType = "ext4"; - }; - - swapDevices = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; -} diff --git a/hosts/srv01.hf/default.nix b/hosts/srv01.hf/default.nix deleted file mode 100644 index feb2183..0000000 --- a/hosts/srv01.hf/default.nix +++ /dev/null @@ -1,71 +0,0 @@ -{ inputs, outputs, config, lib, pkgs, ... }: - -{ - imports = - [ - ../../modules/disko/efi-full-btrfs.nix - ./secrets.nix - - ../../users/julius/nixos-server.nix - ../../users/nixremote.nix - ../../modules/nix.nix - ../../modules/network-server.nix - ../../modules/locale.nix - ../../modules/server-cli.nix - ../../modules/sshd.nix - ../../modules/qemu-guest.nix - ../../modules/docker.nix - ../../modules/teleport.nix - ../../modules/portainer_agent.nix - ../../modules/auto-upgrade.nix - # Include the results of the hardware scan. - ./hardware-configuration.nix - ]; - - services.openssh.openFirewall = false; - services.teleport = { - enable = true; - settings.teleport = { - ca_pin = config.age.secrets."teleport-ca_pin".path; - auth_token = config.age.secrets."teleport-join_token".path; - }; - }; - - virtualisation.oci-containers.containers.portainer_agent.environmentFiles = [ config.age.secrets."portainer-join_token".path ]; - - systemd.network = { - enable = true; - networks."10-wan" = { - matchConfig.Name = "ens18"; - networkConfig.DHCP = "no"; - address = [ - "77.90.17.93/24" - "2a06:de00:100:63::2/64" - ]; - routes = [ - { Gateway = "77.90.17.1"; } - { Gateway = "2a06:de00:100::1"; GatewayOnLink = true; } - ]; - dns = [ "9.9.9.9" ]; - }; - }; - - # Disable classic networking configuration - networking.useDHCP = lib.mkForce false; - - networking.hostName = "srv01-hf"; # Define your hostname. - - # This option defines the first version of NixOS you have installed on this particular machine, - # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. - # Most users should NEVER change this value after the initial install, for any reason, - # even if you've upgraded your system to a new NixOS release. - # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, - # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how - # to actually do that. - # This value being lower than the current NixOS release does NOT mean your system is - # out of date, out of support, or vulnerable. - # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, - # and migrated your data accordingly. - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . - system.stateVersion = "25.05"; # Did you read the comment? -} diff --git a/hosts/srv01.hf/hardware-configuration.nix b/hosts/srv01.hf/hardware-configuration.nix deleted file mode 100644 index d152a40..0000000 --- a/hosts/srv01.hf/hardware-configuration.nix +++ /dev/null @@ -1,24 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/profiles/qemu-guest.nix") - ]; - - boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "sr_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; -} diff --git a/hosts/srv01.hf/secrets.nix b/hosts/srv01.hf/secrets.nix deleted file mode 100644 index 8697e77..0000000 --- a/hosts/srv01.hf/secrets.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ inputs, ... }: -{ - age.secrets = { - teleport-ca_pin.file = "${inputs.secrets}/secrets/teleport/ca_pin"; - teleport-join_token.file = "${inputs.secrets}/secrets/srv01-hf/teleport_auth_token"; - portainer-join_token.file = "${inputs.secrets}/secrets/srv01-hf/portainer_join_token"; - }; -} diff --git a/modules/auto-upgrade.nix b/modules/auto-upgrade.nix deleted file mode 100644 index 3dc9849..0000000 --- a/modules/auto-upgrade.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ - inputs, - pkgs, - ... -}: { - system.autoUpgrade = { - enable = true; - flags = [ - "--recreate-lock-file" # Deprecated, but will hopefully be reintroduced - "-L" - ]; - flake = inputs.self.outPath; - dates = "02:00"; - randomizedDelaySec = "45min"; - allowReboot = true; - rebootWindow = { - lower = "01:00"; - upper = "05:00"; - }; - }; - - # Also needs access to the nix-private repo which contains the encrypted secrets - programs.ssh = { - extraConfig = " - Host git.jfreudenberger.de - Port 222 - User git - IdentityFile /etc/ssh/ssh_host_ed25519_key - "; - knownHostsFiles = [ - (pkgs.writeText "forgejo.keys" ''[git.jfreudenberger.de]:222 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK+uqIeb9+AoqwD0Z6xLKI2dsRoS9Qh/VwboYfGpBJd+ -[git.jfreudenberger.de]:222 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8GDSt4LsCzOoIZkqZRLgXyTLyHoJu62cFFP88i8GpSadyV6mJPkK5p2mgBzN/BM9I/G2VWfvqdM8Fy/7p3S8kDhmmkOk1AK7C/+qaQKsKcQauJuzNXlwMHG1Ivath80TO9PIQc9jYakP9xl8SACd5bwkvfEm3rS5awZ8T2hWgnsgO8pFHFOFmFnVbujXZk58FVTCxpgyPqjFv76JSYxpHk1VtiQ52jScsreOImEOWWg88f9IM9etWcshuxte4zudaqc2KjjAB6pYMuVj7O6cwMXKjCUxTzyomWjr2JoEruIslifbZ6bJGgswg5ENJSKURuMPgTuGM6Nrjp75V/yFD -[git.jfreudenberger.de]:222 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOS447cAWRZgHPs6MOoRS6/J66oY753QPiM7BI63/qNDd5qrCan153dJd5lBGwDR0vMWiV/0cmzuACfP5QS1Lv8= - '') - ]; - }; -} diff --git a/modules/disko/efi-full-btrfs.nix b/modules/disko/efi-full-btrfs.nix deleted file mode 100644 index 59e8b26..0000000 --- a/modules/disko/efi-full-btrfs.nix +++ /dev/null @@ -1,61 +0,0 @@ -{ - disko.devices = { - disk = { - sda = { - type = "disk"; - device = "/dev/sda"; - content = { - type = "gpt"; - partitions = { - MBR = { - type = "EF02"; # for grub MBR - size = "1M"; - priority = 1; # Needs to be first partition - }; - ESP = { - priority = 1; - name = "ESP"; - size = "500M"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - mountOptions = [ "umask=0077" ]; - }; - }; - root = { - size = "100%"; - content = { - type = "btrfs"; - extraArgs = [ "-f" ]; # Override existing partition - # Subvolumes must set a mountpoint in order to be mounted, - # unless their parent is mounted - subvolumes = { - # Subvolume name is different from mountpoint - "/rootfs" = { - mountpoint = "/"; - }; - # Subvolume name is the same as the mountpoint - "/home" = { - mountOptions = [ "compress=zstd" ]; - mountpoint = "/home"; - }; - # Sub(sub)volume doesn't need a mountpoint as its parent is mounted - "/home/julius" = { }; - # Parent is not mounted so the mountpoint must be set - "/nix" = { - mountOptions = [ "compress=zstd" "noatime" ]; - mountpoint = "/nix"; - }; - }; - - mountpoint = "/partition-root"; - }; - }; - }; - }; - }; - }; - }; -} diff --git a/modules/docker.nix b/modules/docker.nix index d216ec2..b9f7aa1 100644 --- a/modules/docker.nix +++ b/modules/docker.nix @@ -4,11 +4,8 @@ ... }: { - virtualisation = { - docker = { - enable = true; - }; - oci-containers.backend = "docker"; + virtualisation.docker = { + enable = true; }; } diff --git a/modules/gui-coding.nix b/modules/gui-coding.nix index 223f2b6..33056ef 100644 --- a/modules/gui-coding.nix +++ b/modules/gui-coding.nix @@ -4,8 +4,9 @@ ... }: { environment.systemPackages = with pkgs; [ - jetbrains.idea - jetbrains.pycharm + jetbrains.idea-ultimate + jetbrains.pycharm-professional + jetbrains.phpstorm vscodium-fhs zed-editor.fhs diff --git a/modules/i3.nix b/modules/i3.nix index 80fcb57..dcefbd7 100644 --- a/modules/i3.nix +++ b/modules/i3.nix @@ -18,7 +18,7 @@ lightlocker xautolock # lock screen after some time i3status # provide information to i3bar - i3 # i3 with gaps + i3-gaps # i3 with gaps nitrogen # set wallpaper acpi # battery information arandr # screen layout manager diff --git a/modules/k3s.nix b/modules/k3s.nix deleted file mode 100644 index 2dab28a..0000000 --- a/modules/k3s.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ - pkgs, - lib, - ... -}: { - - services.k3s = { - enable = true; - role = "server"; - token = "verysecrettoken"; - extraFlags = toString ([ - "--write-kubeconfig-mode \"0644\"" - "--disable servicelb" - "--disable traefik" - "--disable local-storage" - ]); - }; - - networking.firewall.allowedTCPPorts = [ - 6443 - 2379 - 2380 - ]; - networking.firewall.allowedUDPPorts = [ - 8472 - ]; - -} diff --git a/modules/laptop.nix b/modules/laptop.nix index 49e7492..73f9fa6 100644 --- a/modules/laptop.nix +++ b/modules/laptop.nix @@ -6,10 +6,10 @@ boot.kernelPackages = pkgs.linuxKernel.packages.linux_zen; - services.logind.settings.Login = { - HandleLidSwitch= "suspend-then-hibernate"; - HandleLidSwitchDocked = "suspend-then-hibernate"; - HandlePowerKey = "ignore"; + services.logind = { + lidSwitch = "suspend-then-hibernate"; + lidSwitchDocked = "suspend-then-hibernate"; + powerKey = "ignore"; }; programs.auto-cpufreq.enable = true; diff --git a/modules/nix.nix b/modules/nix.nix index 8813371..1329a34 100644 --- a/modules/nix.nix +++ b/modules/nix.nix @@ -5,7 +5,6 @@ }: { # do garbage collection weekly to keep disk usage low nix = { - package = pkgs.nix; settings = { experimental-features = ["nix-command" "flakes"]; }; diff --git a/modules/portainer_agent.nix b/modules/portainer_agent.nix deleted file mode 100644 index 408834b..0000000 --- a/modules/portainer_agent.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ - ... -}: { - virtualisation.oci-containers.containers = { - portainer_agent = { - image = "portainer/agent:2.33.2"; - volumes = [ - "/var/run/docker.sock:/var/run/docker.sock" - "/var/lib/docker/volumes:/var/lib/docker/volumes" - "/:/host" - ]; - environment = { - EDGE = "1"; - CAP_HOST_MANAGEMENT = "1"; - }; - extraOptions = [ - ''--mount=type=volume,source=portainer_agent,target=/data,volume-driver=local'' - ]; - }; - }; -} diff --git a/modules/qemu-guest.nix b/modules/qemu-guest.nix deleted file mode 100644 index 97e2081..0000000 --- a/modules/qemu-guest.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - ... -}: { - - services.qemuGuest.enable = true; - -} diff --git a/modules/sshd.nix b/modules/sshd.nix deleted file mode 100644 index 49af4a5..0000000 --- a/modules/sshd.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ - pkgs, - lib, - ... -}: { - services.openssh = { - enable = true; - settings = { - PasswordAuthentication = false; - PermitRootLogin = "no"; - }; - }; -} diff --git a/modules/systemd-boot.nix b/modules/systemd-boot.nix deleted file mode 100644 index 02f515d..0000000 --- a/modules/systemd-boot.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ - ... -}: { - - boot = { - loader = { - systemd-boot = { - enable = true; - }; - efi.canTouchEfiVariables = true; - }; - tmp.useTmpfs = true; - }; - -} diff --git a/modules/typesetting.nix b/modules/typesetting.nix index b4e321f..56ba34e 100644 --- a/modules/typesetting.nix +++ b/modules/typesetting.nix @@ -5,7 +5,7 @@ }: { environment.systemPackages = with pkgs; [ typst - typstyle + typstfmt texliveFull diff --git a/modules/virtualization.nix b/modules/virtualization.nix index fb232cc..b1cde0f 100644 --- a/modules/virtualization.nix +++ b/modules/virtualization.nix @@ -3,13 +3,12 @@ lib, ... }: { + environment.systemPackages = with pkgs; [ + virt-manager + ]; + virtualisation = { - libvirtd = { - enable = true; - qemu.swtpm.enable = true; - }; + libvirtd.enable = true; spiceUSBRedirection.enable = true; }; - - programs.virt-manager.enable = true; } diff --git a/users/julius/nixos-server.nix b/users/julius/nixos-server.nix deleted file mode 100644 index 5802f86..0000000 --- a/users/julius/nixos-server.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ - ... -}: { - - users = { - users = { - julius = { - initialPassword = "password"; - isNormalUser = true; - uid = 1000; - group = "julius"; - extraGroups = [ "wheel" ]; - }; - }; - groups = { - julius = { - gid = 1000; - }; - }; - }; - - nix.settings.trusted-users = [ "julius" ]; -} diff --git a/users/julius/nixos.nix b/users/julius/nixos.nix index 81c9e60..a424826 100644 --- a/users/julius/nixos.nix +++ b/users/julius/nixos.nix @@ -6,7 +6,7 @@ }: { users.users.julius = { isNormalUser = true; - extraGroups = [ "wheel" "networkmanager" "docker" "libvirtd" "kvm" ]; + extraGroups = [ "wheel" "networkmanager" "docker" "libvirtd" ]; shell = pkgs.zsh; }; diff --git a/users/nixremote.nix b/users/nixremote.nix deleted file mode 100644 index b0075cb..0000000 --- a/users/nixremote.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ - ... -}: { - users.users = { - nixremote = { - isNormalUser = true; - uid = 1100; - group = "users"; - }; - }; - - nix.settings.trusted-users = [ "nixremote" ]; -}