kat/nixfiles
1
0
Fork 0
mirror of https://github.com/kittywitch/nixfiles.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity

feat: interoperate [deploy-rs, colmena]

Browse source
This commit is contained in:
Kat Inskip 2025-10-13 04:25:45 -07:00
parent 0fef01bfe6
commit f108a20f26
Signed by: kat
GPG key ID: 465E64DECEA8CF0F
15 changed files with 235 additions and 122 deletions
Download patch file Download diff file Expand all files Collapse all files

6
systems/daiyousei.nix
View file

@ -52,8 +52,12 @@ _: let
};
in {
arch = "aarch64";
deploy.hostname = "daiyousei.inskip.me";
type = "NixOS";
deploy.hostname = "daiyousei.inskip.me";
colmena.tags = [
"server"
"oci"
];
modules = [
hostConfig
];

3
systems/goliath.nix
View file

@ -250,6 +250,9 @@ _: let
in {
arch = "x86_64";
type = "NixOS";
colmena.tags = [
"personal"
];
ci.enable = false; # Closure too large
modules = [
hostConfig

3
systems/koishi.nix
View file

@ -166,6 +166,9 @@ _: let
in {
arch = "x86_64";
deploy.hostname = "10.1.1.171";
colmena.tags = [
"personal"
];
ci.enable = false; # Closure too large
type = "NixOS";
modules = [

4
systems/mai.nix
View file

@ -22,6 +22,10 @@ _: let
in {
arch = "x86_64";
type = "NixOS";
colmena.tags = [
"server"
"oci"
];
modules = [
hostConfig
];

4
systems/mei.nix
View file

@ -20,6 +20,10 @@ _: let
in {
arch = "x86_64";
type = "NixOS";
colmena.tags = [
"server"
"oci"
];
modules = [
hostConfig
];

108
systems/renko.nix
View file

@ -1,108 +0,0 @@
_: let
hostConfig = {
lib,
pkgs,
inputs,
...
}: let
inherit (lib.modules) mkDefault mkForce;
in {
imports = [
"${inputs.nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
];
nix.extraOptions = "extra-platforms = x86_64-linux i686-linux";
networking = {
nftables.enable = mkForce false;
firewall.enable = mkForce false;
useDHCP = false;
interfaces.eth0.useDHCP = true;
};
nixpkgs.hostPlatform = mkDefault "aarch64-linux";
boot.kernelPackages = pkgs.linuxPackages_6_3;
environment.systemPackages = with pkgs; [
awscli2
kubectl
];
system.stateVersion = "22.11";
security.sudo.extraRules = [
{
users = ["kat"];
commands = [
{
command = "ALL";
options = ["NOPASSWD"];
}
];
}
];
# add OrbStack CLI tools to PATH
environment.shellInit = ''
. /opt/orbstack-guest/etc/profile-early
# add your customizations here
. /opt/orbstack-guest/etc/profile-late
export PATH="/opt/homebrew/opt/ruby/bin:$PATH"
export LDFLAGS="-L/opt/homebrew/opt/ruby/lib"
export CPPFLAGS="-I/opt/homebrew/opt/ruby/include"
'';
# faster DHCP - OrbStack uses SLAAC exclusively
networking.dhcpcd.extraConfig = ''
noarp
noipv6
'';
# disable sshd
services.openssh.enable = true;
# systemd
systemd.services = {
"systemd-oomd".serviceConfig.WatchdogSec = 0;
"systemd-resolved".serviceConfig.WatchdogSec = 0;
"systemd-userdbd".serviceConfig.WatchdogSec = 0;
"systemd-udevd".serviceConfig.WatchdogSec = 0;
"systemd-timesyncd".serviceConfig.WatchdogSec = 0;
"systemd-timedated".serviceConfig.WatchdogSec = 0;
"systemd-portabled".serviceConfig.WatchdogSec = 0;
"systemd-nspawn@".serviceConfig.WatchdogSec = 0;
"systemd-networkd".serviceConfig.WatchdogSec = 0;
"systemd-machined".serviceConfig.WatchdogSec = 0;
"systemd-localed".serviceConfig.WatchdogSec = 0;
"systemd-logind".serviceConfig.WatchdogSec = 0;
"systemd-journald@".serviceConfig.WatchdogSec = 0;
"systemd-journald".serviceConfig.WatchdogSec = 0;
"systemd-journal-remote".serviceConfig.WatchdogSec = 0;
"systemd-journal-upload".serviceConfig.WatchdogSec = 0;
"systemd-importd".serviceConfig.WatchdogSec = 0;
"systemd-hostnamed".serviceConfig.WatchdogSec = 0;
"systemd-homed".serviceConfig.WatchdogSec = 0;
};
# package installation: not needed
# ssh config
programs.ssh.extraConfig = ''
Include /opt/orbstack-guest/etc/ssh_config
'';
# extra certificates
security.pki.certificateFiles = [
"/opt/orbstack-guest/run/extra-certs.crt"
];
};
in {
arch = "aarch64";
type = "NixOS";
modules = [
hostConfig
];
}