cy/nixos-config
cy/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: cy:0db4f4c4abce421fefe7e8d5e01fae93e317c93d
Branches Tags
cy:main
cy:update
cy:2025-04-14
cy:2025-04-07
cy:2025-04-05
cy:2025-04-04
cy:staging
cy:dogfood-nixcp
cy:no-follows
cy:workflow-test
cy:update_flake_lock_action
cy:caddy-s3
cy:workflow-copy
cy:workflow-lix
cy:test-s3-cache
cy:temp
cy:attic
cy:helix
cy:test
cy:lix-test
cy:bitwarden-patch
cy:chromium
cy:new-attic
cy:canary
cy:downgrade-kernel
cy:soju
cy:kde
cy:shiori
cy:caddy-module
cy:anki-overlay
cy:nixpkgs-master
cy:lix
cy:pan-home
cy:pi
cy:pancake
cy:pancake-sd-image
cy:arm
cy:lix-404
cy:customize-kernel
cy:blueprint
cy:flake-utils
cy:conduwuit-flake
cy:ghostty
cy:zen
cy:lact-fix-test
cy:alvr-test
cy:workflow-refactor
cy:bump-conduwuit
cy:gollum
cy:build
cy:nginx
cy:iso
cy:flake-parts
cy:codespace
cy:sway
cy:minio
cy:garage-module
cy:garage-test
cy:vscode
cy:purge
cy:create-pull-request/patch
cy:garage
cy:harmonia
cy:impermanence
..
compare: cy:08a75b8b8fe22e907f6ccdcd280aaa20f99a791a
Branches Tags
cy:main
cy:update
cy:2025-04-14
cy:2025-04-07
cy:2025-04-05
cy:2025-04-04
cy:staging
cy:dogfood-nixcp
cy:no-follows
cy:workflow-test
cy:update_flake_lock_action
cy:caddy-s3
cy:workflow-copy
cy:workflow-lix
cy:test-s3-cache
cy:temp
cy:attic
cy:helix
cy:test
cy:lix-test
cy:bitwarden-patch
cy:chromium
cy:new-attic
cy:canary
cy:downgrade-kernel
cy:soju
cy:kde
cy:shiori
cy:caddy-module
cy:anki-overlay
cy:nixpkgs-master
cy:lix
cy:pan-home
cy:pi
cy:pancake
cy:pancake-sd-image
cy:arm
cy:lix-404
cy:customize-kernel
cy:blueprint
cy:flake-utils
cy:conduwuit-flake
cy:ghostty
cy:zen
cy:lact-fix-test
cy:alvr-test
cy:workflow-refactor
cy:bump-conduwuit
cy:gollum
cy:build
cy:nginx
cy:iso
cy:flake-parts
cy:codespace
cy:sway
cy:minio
cy:garage-module
cy:garage-test
cy:vscode
cy:purge
cy:create-pull-request/patch
cy:garage
cy:harmonia
cy:impermanence

No commits in common. "0db4f4c4abce421fefe7e8d5e01fae93e317c93d" and "08a75b8b8fe22e907f6ccdcd280aaa20f99a791a" have entirely different histories.
0db4f4c4ab ... 08a75b8b8f

5 changed files with 135 additions and 102 deletions
Download patch file Download diff file Expand all files Collapse all files

30
.github/workflows/build-machines-and-homes.yml vendored
View file

@ -76,11 +76,16 @@ jobs:
if: '!cancelled()' if: '!cancelled()'
run: | run: |
package=".#nixosConfigurations."${{ matrix.machine }}".config.system.build.toplevel" package=".#nixosConfigurations."${{ matrix.machine }}".config.system.build.toplevel"
nix run git+https://git.cy7.sh/cy/nixcp.git -- \ derivations=()
--to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem' \ while IFS=$'\n' read derivation; do
-u https://nix-community.cachix.org \ derivations+=("$derivation")
-u https://nixcache.cy7.sh \ done < <(nix path-info --derivation "$package")
$package
for derivation in "${derivations[@]}"; do
nix copy -j8 \
--to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem' \
$(nix-store --query --requisites --include-outputs "$derivation")
done
build-homes: build-homes:
strategy: strategy:
@ -148,8 +153,13 @@ jobs:
if: '!cancelled()' if: '!cancelled()'
run: | run: |
package=".#homeConfigurations."${{ matrix.home }}".activationPackage" package=".#homeConfigurations."${{ matrix.home }}".activationPackage"
nix run git+https://git.cy7.sh/cy/nixcp.git -- \ derivations=()
--to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem' \ while IFS=$'\n' read derivation; do
-u https://nix-community.cachix.org \ derivations+=("$derivation")
-u https://nixcache.cy7.sh \ done < <(nix path-info --derivation "$package")
$package
for derivation in "${derivations[@]}"; do
nix copy -j8 \
--to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem' \
$(nix-store --query --requisites --include-outputs "$derivation")
done

15
.github/workflows/build-packages.yml vendored
View file

@ -64,11 +64,16 @@ jobs:
# https://stackoverflow.com/a/58859404 # https://stackoverflow.com/a/58859404
if: '!cancelled()' if: '!cancelled()'
run: | run: |
nix run git+https://git.cy7.sh/cy/nixcp.git -- \ derivations=()
--to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem' \ while IFS=$'\n' read derivation; do
-u https://nix-community.cachix.org \ derivations+=("$derivation")
-u https://nixcache.cy7.sh \ done < <(nix path-info --derivation "${{ matrix.package }}")
"${{ matrix.package }}"
for derivation in "${derivations[@]}"; do
nix copy -j8 \
--to 's3://nixcache?endpoint=s3.cy7.sh&secret-key=/home/runner/cache-priv-key.pem' \
$(nix-store --query --requisites --include-outputs "$derivation")
done
- name: prepare tarball to upload - name: prepare tarball to upload
run: nix run github:nixos/nixpkgs#gnutar hcvf result.tar result run: nix run github:nixos/nixpkgs#gnutar hcvf result.tar result

19
flake.lock generated
View file

@ -273,7 +273,9 @@
}, },
"flake-parts_2": { "flake-parts_2": {
"inputs": { "inputs": {
"nixpkgs-lib": "nixpkgs-lib" "nixpkgs-lib": [
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1741352980, "lastModified": 1741352980,
@ -761,21 +763,6 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-lib": {
"locked": {
"lastModified": 1743296961,
"narHash": "sha256-b1EdN3cULCqtorQ4QeWgLMrd5ZGOjLSLemfa00heasc=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "e4822aea2a6d1cdd36653c134cacfd64c97ff4fa",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1730741070, "lastModified": 1730741070,

164
flake.nix
View file

@ -29,6 +29,10 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-parts.follows = "flake-parts"; inputs.flake-parts.follows = "flake-parts";
}; };
flake-parts = {
url = "github:hercules-ci/flake-parts";
inputs.nixpkgs-lib.follows = "nixpkgs";
};
rust-overlay = { rust-overlay = {
url = "github:oxalica/rust-overlay"; url = "github:oxalica/rust-overlay";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
@ -97,7 +101,6 @@
flake-utils.url = "github:numtide/flake-utils"; flake-utils.url = "github:numtide/flake-utils";
crane.url = "github:ipetkov/crane"; crane.url = "github:ipetkov/crane";
flake-compat.url = "github:edolstra/flake-compat"; flake-compat.url = "github:edolstra/flake-compat";
flake-parts.url = "github:hercules-ci/flake-parts";
}; };
nixConfig = { nixConfig = {
@ -116,74 +119,111 @@
self, self,
nixpkgs, nixpkgs,
home-manager, home-manager,
flake-parts,
... ...
}@inputs: }@inputs:
let flake-parts.lib.mkFlake { inherit inputs; } (
pkgs = import nixpkgs { { ... }:
config.allowUnfree = true;
system = "x86_64-linux";
overlays = [
inputs.rust-overlay.overlays.default
inputs.vscode-extensions.overlays.default
] ++ (import ./overlay { inherit inputs; });
};
in
{ {
nixosConfigurations = imports = [
let inputs.treefmt.flakeModule
lib = nixpkgs.lib; ];
in systems = [
"x86_64-linux"
];
perSystem =
{ {
ytnix = lib.nixosSystem { inputs',
specialArgs = { inherit inputs; }; ...
modules = [ }:
{
nixpkgs = { inherit pkgs; };
}
./hosts/ytnix
./modules
inputs.sops-nix.nixosModules.sops
inputs.lanzaboote.nixosModules.lanzaboote
inputs.lix-module.nixosModules.default
inputs.nix-ld.nixosModules.nix-ld
];
};
chunk = lib.nixosSystem {
specialArgs = { inherit inputs; };
modules = [
{
nixpkgs = { inherit pkgs; };
}
./hosts/chunk
./modules
inputs.sops-nix.nixosModules.sops
inputs.lix-module.nixosModules.default
];
};
};
homeConfigurations =
let
lib = home-manager.lib;
in
{ {
"yt@ytnix" = lib.homeManagerConfiguration { treefmt = {
inherit pkgs; projectRootFile = "flake.nix";
extraSpecialArgs = { inherit inputs; }; programs.nixfmt.enable = true;
modules = [ programs.typos.enable = true;
./home/yt/ytnix.nix programs.shellcheck.enable = true;
inputs.nixvim.homeManagerModules.nixvim
inputs.nix-index-database.hmModules.nix-index
];
};
"yt@chunk" = lib.homeManagerConfiguration { programs.yamlfmt = {
inherit pkgs; enable = true;
extraSpecialArgs = { inherit inputs; }; settings.retain_line_breaks = true;
modules = [ };
./home/yt/chunk.nix
inputs.nixvim.homeManagerModules.nixvim settings.global.excludes = [
"secrets/*"
"**/*.png" # tries to format a png file
]; ];
}; };
}; };
};
flake =
let
pkgs = import nixpkgs {
config.allowUnfree = true;
system = "x86_64-linux";
overlays = [
inputs.rust-overlay.overlays.default
inputs.vscode-extensions.overlays.default
] ++ (import ./overlay { inherit inputs; });
};
in
{
nixosConfigurations =
let
lib = nixpkgs.lib;
in
{
ytnix = lib.nixosSystem {
specialArgs = { inherit inputs; };
modules = [
{
nixpkgs = { inherit pkgs; };
}
./hosts/ytnix
./modules
inputs.sops-nix.nixosModules.sops
inputs.lanzaboote.nixosModules.lanzaboote
inputs.lix-module.nixosModules.default
inputs.nix-ld.nixosModules.nix-ld
];
};
chunk = lib.nixosSystem {
specialArgs = { inherit inputs; };
modules = [
{
nixpkgs = { inherit pkgs; };
}
./hosts/chunk
./modules
inputs.sops-nix.nixosModules.sops
inputs.lix-module.nixosModules.default
];
};
};
homeConfigurations =
let
lib = home-manager.lib;
in
{
"yt@ytnix" = lib.homeManagerConfiguration {
inherit pkgs;
extraSpecialArgs = { inherit inputs; };
modules = [
./home/yt/ytnix.nix
inputs.nixvim.homeManagerModules.nixvim
inputs.nix-index-database.hmModules.nix-index
];
};
"yt@chunk" = lib.homeManagerConfiguration {
inherit pkgs;
extraSpecialArgs = { inherit inputs; };
modules = [
./home/yt/chunk.nix
inputs.nixvim.homeManagerModules.nixvim
];
};
};
};
}
);
} }

9
modules/caddy.nix
View file

@ -36,15 +36,6 @@ in
} }
''; '';
environmentFile = config.sops.secrets."caddy/env".path; environmentFile = config.sops.secrets."caddy/env".path;
virtualHosts."keys.cy7.sh".extraConfig = ''
import common
respond / 200 {
body "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfubDWr0kRm2o4DqaK6l1s4NCdTkljXZWKWCiF5nX+6
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPhUt9h5dCcrwOrZNKkStCX5OxumPzEwYXSU/0DgtWgP
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINyn2+OoRN4nExti+vFQ1NHEZip0slAoCH9C5/FzvgZD"
}
'';
}; };
}; };
} }