cy/nixos-config
cy/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: cy:08a75b8b8fe22e907f6ccdcd280aaa20f99a791a
Branches Tags
cy:main
cy:update
cy:2025-04-14
cy:2025-04-07
cy:2025-04-05
cy:2025-04-04
cy:staging
cy:dogfood-nixcp
cy:no-follows
cy:workflow-test
cy:update_flake_lock_action
cy:caddy-s3
cy:workflow-copy
cy:workflow-lix
cy:test-s3-cache
cy:temp
cy:attic
cy:helix
cy:test
cy:lix-test
cy:bitwarden-patch
cy:chromium
cy:new-attic
cy:canary
cy:downgrade-kernel
cy:soju
cy:kde
cy:shiori
cy:caddy-module
cy:anki-overlay
cy:nixpkgs-master
cy:lix
cy:pan-home
cy:pi
cy:pancake
cy:pancake-sd-image
cy:arm
cy:lix-404
cy:customize-kernel
cy:blueprint
cy:flake-utils
cy:conduwuit-flake
cy:ghostty
cy:zen
cy:lact-fix-test
cy:alvr-test
cy:workflow-refactor
cy:bump-conduwuit
cy:gollum
cy:build
cy:nginx
cy:iso
cy:flake-parts
cy:codespace
cy:sway
cy:minio
cy:garage-module
cy:garage-test
cy:vscode
cy:purge
cy:create-pull-request/patch
cy:garage
cy:harmonia
cy:impermanence
...
compare: cy:0db4f4c4abce421fefe7e8d5e01fae93e317c93d
Branches Tags
cy:main
cy:update
cy:2025-04-14
cy:2025-04-07
cy:2025-04-05
cy:2025-04-04
cy:staging
cy:dogfood-nixcp
cy:no-follows
cy:workflow-test
cy:update_flake_lock_action
cy:caddy-s3
cy:workflow-copy
cy:workflow-lix
cy:test-s3-cache
cy:temp
cy:attic
cy:helix
cy:test
cy:lix-test
cy:bitwarden-patch
cy:chromium
cy:new-attic
cy:canary
cy:downgrade-kernel
cy:soju
cy:kde
cy:shiori
cy:caddy-module
cy:anki-overlay
cy:nixpkgs-master
cy:lix
cy:pan-home
cy:pi
cy:pancake
cy:pancake-sd-image
cy:arm
cy:lix-404
cy:customize-kernel
cy:blueprint
cy:flake-utils
cy:conduwuit-flake
cy:ghostty
cy:zen
cy:lact-fix-test
cy:alvr-test
cy:workflow-refactor
cy:bump-conduwuit
cy:gollum
cy:build
cy:nginx
cy:iso
cy:flake-parts
cy:codespace
cy:sway
cy:minio
cy:garage-module
cy:garage-test
cy:vscode
cy:purge
cy:create-pull-request/patch
cy:garage
cy:harmonia
cy:impermanence

4 commits
08a75b8b8f ... 0db4f4c4ab

Author SHA1 Message Date
cy
0db4f4c4ab
dogfood nixcp everywhere 2025-04-01 12:37:10 -04:00
cy
35638117ab
dogfood nixcp 2025-04-01 12:22:32 -04:00
cy
de4797cf06
caddy: add keys.cy7.sh 2025-04-01 12:18:12 -04:00
cy
ecc20e71f3
don't use flake-parts 2025-04-01 12:17:57 -04:00
5 changed files with 99 additions and 132 deletions
Download patch file Download diff file Expand all files Collapse all files

30
.github/workflows/build-machines-and-homes.yml vendored
View file

@ -76,16 +76,11 @@ jobs:
if: '!cancelled()' if: '!cancelled()'
run: | run: |
package=".#nixosConfigurations."${{ matrix.machine }}".config.system.build.toplevel" package=".#nixosConfigurations."${{ matrix.machine }}".config.system.build.toplevel"
derivations=() nix run git+https://git.cy7.sh/cy/nixcp.git -- \
while IFS=$'\n' read derivation; do --to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem' \
derivations+=("$derivation") -u https://nix-community.cachix.org \
done < <(nix path-info --derivation "$package") -u https://nixcache.cy7.sh \
$package
for derivation in "${derivations[@]}"; do
nix copy -j8 \
--to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem' \
$(nix-store --query --requisites --include-outputs "$derivation")
done
build-homes: build-homes:
strategy: strategy:
@ -153,13 +148,8 @@ jobs:
if: '!cancelled()' if: '!cancelled()'
run: | run: |
package=".#homeConfigurations."${{ matrix.home }}".activationPackage" package=".#homeConfigurations."${{ matrix.home }}".activationPackage"
derivations=() nix run git+https://git.cy7.sh/cy/nixcp.git -- \
while IFS=$'\n' read derivation; do --to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem' \
derivations+=("$derivation") -u https://nix-community.cachix.org \
done < <(nix path-info --derivation "$package") -u https://nixcache.cy7.sh \
$package
for derivation in "${derivations[@]}"; do
nix copy -j8 \
--to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem' \
$(nix-store --query --requisites --include-outputs "$derivation")
done

15
.github/workflows/build-packages.yml vendored
View file

@ -64,16 +64,11 @@ jobs:
# https://stackoverflow.com/a/58859404 # https://stackoverflow.com/a/58859404
if: '!cancelled()' if: '!cancelled()'
run: | run: |
derivations=() nix run git+https://git.cy7.sh/cy/nixcp.git -- \
while IFS=$'\n' read derivation; do --to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem' \
derivations+=("$derivation") -u https://nix-community.cachix.org \
done < <(nix path-info --derivation "${{ matrix.package }}") -u https://nixcache.cy7.sh \
"${{ matrix.package }}"
for derivation in "${derivations[@]}"; do
nix copy -j8 \
--to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem' \
$(nix-store --query --requisites --include-outputs "$derivation")
done
- name: prepare tarball to upload - name: prepare tarball to upload
run: nix run github:nixos/nixpkgs#gnutar hcvf result.tar result run: nix run github:nixos/nixpkgs#gnutar hcvf result.tar result

19
flake.lock generated
View file

@ -273,9 +273,7 @@
}, },
"flake-parts_2": { "flake-parts_2": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": "nixpkgs-lib"
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1741352980, "lastModified": 1741352980,
@ -763,6 +761,21 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-lib": {
"locked": {
"lastModified": 1743296961,
"narHash": "sha256-b1EdN3cULCqtorQ4QeWgLMrd5ZGOjLSLemfa00heasc=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "e4822aea2a6d1cdd36653c134cacfd64c97ff4fa",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1730741070, "lastModified": 1730741070,

158
flake.nix
View file

@ -29,10 +29,6 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-parts.follows = "flake-parts"; inputs.flake-parts.follows = "flake-parts";
}; };
flake-parts = {
url = "github:hercules-ci/flake-parts";
inputs.nixpkgs-lib.follows = "nixpkgs";
};
rust-overlay = { rust-overlay = {
url = "github:oxalica/rust-overlay"; url = "github:oxalica/rust-overlay";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
@ -101,6 +97,7 @@
flake-utils.url = "github:numtide/flake-utils"; flake-utils.url = "github:numtide/flake-utils";
crane.url = "github:ipetkov/crane"; crane.url = "github:ipetkov/crane";
flake-compat.url = "github:edolstra/flake-compat"; flake-compat.url = "github:edolstra/flake-compat";
flake-parts.url = "github:hercules-ci/flake-parts";
}; };
nixConfig = { nixConfig = {
@ -119,111 +116,74 @@
self, self,
nixpkgs, nixpkgs,
home-manager, home-manager,
flake-parts,
... ...
}@inputs: }@inputs:
flake-parts.lib.mkFlake { inherit inputs; } ( let
{ ... }: pkgs = import nixpkgs {
config.allowUnfree = true;
system = "x86_64-linux";
overlays = [
inputs.rust-overlay.overlays.default
inputs.vscode-extensions.overlays.default
] ++ (import ./overlay { inherit inputs; });
};
in
{ {
imports = [ nixosConfigurations =
inputs.treefmt.flakeModule let
]; lib = nixpkgs.lib;
systems = [ in
"x86_64-linux"
];
perSystem =
{ {
inputs', ytnix = lib.nixosSystem {
... specialArgs = { inherit inputs; };
}: modules = [
{ {
treefmt = { nixpkgs = { inherit pkgs; };
projectRootFile = "flake.nix"; }
programs.nixfmt.enable = true; ./hosts/ytnix
programs.typos.enable = true; ./modules
programs.shellcheck.enable = true; inputs.sops-nix.nixosModules.sops
inputs.lanzaboote.nixosModules.lanzaboote
programs.yamlfmt = { inputs.lix-module.nixosModules.default
enable = true; inputs.nix-ld.nixosModules.nix-ld
settings.retain_line_breaks = true; ];
}; };
chunk = lib.nixosSystem {
settings.global.excludes = [ specialArgs = { inherit inputs; };
"secrets/*" modules = [
"**/*.png" # tries to format a png file {
nixpkgs = { inherit pkgs; };
}
./hosts/chunk
./modules
inputs.sops-nix.nixosModules.sops
inputs.lix-module.nixosModules.default
]; ];
}; };
}; };
homeConfigurations =
flake =
let let
pkgs = import nixpkgs { lib = home-manager.lib;
config.allowUnfree = true;
system = "x86_64-linux";
overlays = [
inputs.rust-overlay.overlays.default
inputs.vscode-extensions.overlays.default
] ++ (import ./overlay { inherit inputs; });
};
in in
{ {
nixosConfigurations = "yt@ytnix" = lib.homeManagerConfiguration {
let inherit pkgs;
lib = nixpkgs.lib; extraSpecialArgs = { inherit inputs; };
in modules = [
{ ./home/yt/ytnix.nix
ytnix = lib.nixosSystem { inputs.nixvim.homeManagerModules.nixvim
specialArgs = { inherit inputs; }; inputs.nix-index-database.hmModules.nix-index
modules = [ ];
{ };
nixpkgs = { inherit pkgs; };
}
./hosts/ytnix
./modules
inputs.sops-nix.nixosModules.sops
inputs.lanzaboote.nixosModules.lanzaboote
inputs.lix-module.nixosModules.default
inputs.nix-ld.nixosModules.nix-ld
];
};
chunk = lib.nixosSystem {
specialArgs = { inherit inputs; };
modules = [
{
nixpkgs = { inherit pkgs; };
}
./hosts/chunk
./modules
inputs.sops-nix.nixosModules.sops
inputs.lix-module.nixosModules.default
];
};
};
homeConfigurations =
let
lib = home-manager.lib;
in
{
"yt@ytnix" = lib.homeManagerConfiguration {
inherit pkgs;
extraSpecialArgs = { inherit inputs; };
modules = [
./home/yt/ytnix.nix
inputs.nixvim.homeManagerModules.nixvim
inputs.nix-index-database.hmModules.nix-index
];
};
"yt@chunk" = lib.homeManagerConfiguration { "yt@chunk" = lib.homeManagerConfiguration {
inherit pkgs; inherit pkgs;
extraSpecialArgs = { inherit inputs; }; extraSpecialArgs = { inherit inputs; };
modules = [ modules = [
./home/yt/chunk.nix ./home/yt/chunk.nix
inputs.nixvim.homeManagerModules.nixvim inputs.nixvim.homeManagerModules.nixvim
]; ];
}; };
};
}; };
} };
);
} }

9
modules/caddy.nix
View file

@ -36,6 +36,15 @@ in
} }
''; '';
environmentFile = config.sops.secrets."caddy/env".path; environmentFile = config.sops.secrets."caddy/env".path;
virtualHosts."keys.cy7.sh".extraConfig = ''
import common
respond / 200 {
body "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfubDWr0kRm2o4DqaK6l1s4NCdTkljXZWKWCiF5nX+6
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPhUt9h5dCcrwOrZNKkStCX5OxumPzEwYXSU/0DgtWgP
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINyn2+OoRN4nExti+vFQ1NHEZip0slAoCH9C5/FzvgZD"
}
'';
}; };
}; };
} }