From 05fba25e608d3d44e0785f1ddb5ab30a95129131 Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Sun, 14 Dec 2025 13:08:07 -0800 Subject: simplify path structures for machines --- flake.nix | 12 ++-- machines/HQ-KWNY2VH41P.nix | 37 +++++++++++ machines/argonath.nix | 25 ++++++++ machines/bree.nix | 37 +++++++++++ machines/darwin/aarch64-darwin/HQ-KWNY2VH41P.nix | 37 ----------- machines/darwin/aarch64-darwin/mba-m2.nix | 52 ---------------- machines/iso.nix | 24 ++++++++ machines/mba-m2.nix | 52 ++++++++++++++++ machines/nixos/x86_64-linux/argonath.nix | 25 -------- machines/nixos/x86_64-linux/bree.nix | 37 ----------- machines/nixos/x86_64-linux/iso.nix | 24 -------- machines/nixos/x86_64-linux/rivendell.nix | 78 ------------------------ machines/rivendell.nix | 78 ++++++++++++++++++++++++ 13 files changed, 259 insertions(+), 259 deletions(-) create mode 100644 machines/HQ-KWNY2VH41P.nix create mode 100644 machines/argonath.nix create mode 100644 machines/bree.nix delete mode 100644 machines/darwin/aarch64-darwin/HQ-KWNY2VH41P.nix delete mode 100644 machines/darwin/aarch64-darwin/mba-m2.nix create mode 100644 machines/iso.nix create mode 100644 machines/mba-m2.nix delete mode 100644 machines/nixos/x86_64-linux/argonath.nix delete mode 100644 machines/nixos/x86_64-linux/bree.nix delete mode 100644 machines/nixos/x86_64-linux/iso.nix delete mode 100644 machines/nixos/x86_64-linux/rivendell.nix create mode 100644 machines/rivendell.nix diff --git a/flake.nix b/flake.nix index 23d1c44..ec2f077 100644 --- a/flake.nix +++ b/flake.nix @@ -114,29 +114,29 @@ nixos = { rivendell = { system = "x86_64-linux"; - config = ./machines/nixos/x86_64-linux/rivendell.nix; + config = ./machines/rivendell.nix; }; bree = { system = "x86_64-linux"; - config = ./machines/nixos/x86_64-linux/bree.nix; + config = ./machines/bree.nix; }; argonath = { system = "x86_64-linux"; - config = ./machines/nixos/x86_64-linux/argonath.nix; + config = ./machines/argonath.nix; }; iso = { system = "x86_64-linux"; - config = ./machines/nixos/x86_64-linux/iso.nix; + config = ./machines/iso.nix; }; }; darwin = { mba-m2 = { system = "aarch64-darwin"; - config = ./machines/darwin/aarch64-darwin/mba-m2.nix; + config = ./machines/mba-m2.nix; }; HQ-KWNY2VH41P = { system = "aarch64-darwin"; - config = ./machines/darwin/aarch64-darwin/HQ-KWNY2VH41P.nix; + config = ./machines/HQ-KWNY2VH41P.nix; }; }; }; diff --git a/machines/HQ-KWNY2VH41P.nix b/machines/HQ-KWNY2VH41P.nix new file mode 100644 index 0000000..fc4340d --- /dev/null +++ b/machines/HQ-KWNY2VH41P.nix @@ -0,0 +1,37 @@ +{ pkgs, ... }: +{ + imports = [ + ../profiles/darwin.nix + ../profiles/home-manager.nix + ]; + + users.users.fcuny = { + home = "/Users/fcuny"; + shell = pkgs.fish; + }; + + environment.shells = [ pkgs.fish ]; + + programs.fish.enable = true; + programs.fish.shellInit = '' + # Nix + if test -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish' + source '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish' + end + # End Nix + ''; + + home-manager.users.fcuny = { + home.stateVersion = "23.05"; + home.username = "fcuny"; + home.homeDirectory = "/Users/fcuny"; + imports = [ + ../home/profiles/mac.nix + ../home/profiles/work.nix + ]; + userinfo = { + email = "fcuny@roblox.com"; + fullName = "Franck Cuny"; + }; + }; +} diff --git a/machines/argonath.nix b/machines/argonath.nix new file mode 100644 index 0000000..b99e83f --- /dev/null +++ b/machines/argonath.nix @@ -0,0 +1,25 @@ +{ ... }: +{ + imports = [ + ../profiles/acme.nix + ../profiles/cgroups.nix + ../profiles/defaults.nix + ../profiles/disk/basic-vm.nix + ../profiles/hardware/do-droplet.nix + ../profiles/home-manager.nix + ../profiles/reverse-proxy.nix + ../profiles/server.nix + ../profiles/wireguard.nix + ../profiles/users/fcuny.nix + ]; + + networking.hostName = "argonath"; + + system.stateVersion = "25.05"; # Did you read the comment? + + home-manager.users.fcuny = { + imports = [ + ../home/profiles/minimal.nix + ]; + }; +} diff --git a/machines/bree.nix b/machines/bree.nix new file mode 100644 index 0000000..e4cd443 --- /dev/null +++ b/machines/bree.nix @@ -0,0 +1,37 @@ +{ lib, config, ... }: +{ + imports = [ + ../profiles/cgroups.nix + ../profiles/defaults.nix + ../profiles/disk/basic-vm.nix + ../profiles/hardware/synology-vm.nix + ../profiles/home-manager.nix + ../profiles/server.nix + ../profiles/users/fcuny.nix + ../profiles/wireguard.nix + ]; + + networking.hostName = "bree"; + networking.useDHCP = lib.mkDefault true; + systemd.network.wait-online.anyInterface = lib.mkDefault config.networking.useDHCP; + + age.secrets.disk-unlock-key.file = ../secrets/bree/disk-unlock-key.age; + age.secrets.disk-passphrase.file = ../secrets/bree/disk-passphrase.age; + + services.remoteDiskUnlock = { + enable = true; + hosts = [ + "192.168.1.114" + ]; + sshKeyPath = config.age.secrets.disk-unlock-key.path; + passphrasePath = config.age.secrets.disk-passphrase.path; + }; + + system.stateVersion = "23.11"; # Did you read the comment? + + home-manager.users.fcuny = { + imports = [ + ../home/profiles/minimal.nix + ]; + }; +} diff --git a/machines/darwin/aarch64-darwin/HQ-KWNY2VH41P.nix b/machines/darwin/aarch64-darwin/HQ-KWNY2VH41P.nix deleted file mode 100644 index 52dc522..0000000 --- a/machines/darwin/aarch64-darwin/HQ-KWNY2VH41P.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ pkgs, ... }: -{ - imports = [ - ../../../profiles/darwin.nix - ../../../profiles/home-manager.nix - ]; - - users.users.fcuny = { - home = "/Users/fcuny"; - shell = pkgs.fish; - }; - - environment.shells = [ pkgs.fish ]; - - programs.fish.enable = true; - programs.fish.shellInit = '' - # Nix - if test -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish' - source '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish' - end - # End Nix - ''; - - home-manager.users.fcuny = { - home.stateVersion = "23.05"; - home.username = "fcuny"; - home.homeDirectory = "/Users/fcuny"; - imports = [ - ../../../home/profiles/mac.nix - ../../../home/profiles/work.nix - ]; - userinfo = { - email = "fcuny@roblox.com"; - fullName = "Franck Cuny"; - }; - }; -} diff --git a/machines/darwin/aarch64-darwin/mba-m2.nix b/machines/darwin/aarch64-darwin/mba-m2.nix deleted file mode 100644 index 08a27c1..0000000 --- a/machines/darwin/aarch64-darwin/mba-m2.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ pkgs, ... }: -{ - age.secrets = { - ssh-remote-builder.file = ../../../secrets/ssh-remote-builder.age; - }; - - imports = [ - ../../../profiles/darwin.nix - ../../../profiles/home-manager.nix - ../../../profiles/remote-builder.nix - ]; - - # https://github.com/nix-darwin/nix-darwin/issues/1339 - ids.gids.nixbld = 30000; - - networking.hostName = "mba-m2"; - - users.users.fcuny = { - home = "/Users/fcuny"; - shell = pkgs.fish; - }; - - environment.shells = [ pkgs.fish ]; - - programs.fish.enable = true; - programs.fish.shellInit = '' - # Nix - if test -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish' - source '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish' - end - # End Nix - ''; - - home-manager.users.fcuny = { - home.stateVersion = "23.05"; - home.username = "fcuny"; - home.homeDirectory = "/Users/fcuny"; - home.packages = with pkgs; [ - element-desktop - hledger - ]; - imports = [ - ../../../home/profiles/mac.nix - ../../../home/profiles/media.nix - ../../../home/profiles/security.nix - ]; - userinfo = { - email = "franck@fcuny.net"; - fullName = "Franck Cuny"; - }; - }; -} diff --git a/machines/iso.nix b/machines/iso.nix new file mode 100644 index 0000000..a636508 --- /dev/null +++ b/machines/iso.nix @@ -0,0 +1,24 @@ +{ modulesPath, ... }: +{ + # run `nix build .#nixosConfigurations.iso.config.system.build.isoImage` to build the image + imports = [ + "${modulesPath}/installer/cd-dvd/channel.nix" + "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix" + ../profiles/home-manager.nix + ../profiles/users/fcuny.nix + ]; + + boot.loader.grub.efiSupport = true; + boot.loader.grub.efiInstallAsRemovable = true; + boot.loader.grub.device = "nodev"; + + system.stateVersion = "25.05"; # Did you read the comment? + + programs.fish.enable = true; + + home-manager.users.fcuny = { + imports = [ + ../home/profiles/minimal.nix + ]; + }; +} diff --git a/machines/mba-m2.nix b/machines/mba-m2.nix new file mode 100644 index 0000000..398bf6d --- /dev/null +++ b/machines/mba-m2.nix @@ -0,0 +1,52 @@ +{ pkgs, ... }: +{ + age.secrets = { + ssh-remote-builder.file = ../secrets/ssh-remote-builder.age; + }; + + imports = [ + ../profiles/darwin.nix + ../profiles/home-manager.nix + ../profiles/remote-builder.nix + ]; + + # https://github.com/nix-darwin/nix-darwin/issues/1339 + ids.gids.nixbld = 30000; + + networking.hostName = "mba-m2"; + + users.users.fcuny = { + home = "/Users/fcuny"; + shell = pkgs.fish; + }; + + environment.shells = [ pkgs.fish ]; + + programs.fish.enable = true; + programs.fish.shellInit = '' + # Nix + if test -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish' + source '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.fish' + end + # End Nix + ''; + + home-manager.users.fcuny = { + home.stateVersion = "23.05"; + home.username = "fcuny"; + home.homeDirectory = "/Users/fcuny"; + home.packages = with pkgs; [ + element-desktop + hledger + ]; + imports = [ + ../home/profiles/mac.nix + ../home/profiles/media.nix + ../home/profiles/security.nix + ]; + userinfo = { + email = "franck@fcuny.net"; + fullName = "Franck Cuny"; + }; + }; +} diff --git a/machines/nixos/x86_64-linux/argonath.nix b/machines/nixos/x86_64-linux/argonath.nix deleted file mode 100644 index 3dda772..0000000 --- a/machines/nixos/x86_64-linux/argonath.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ ... }: -{ - imports = [ - ../../../profiles/acme.nix - ../../../profiles/cgroups.nix - ../../../profiles/defaults.nix - ../../../profiles/disk/basic-vm.nix - ../../../profiles/hardware/do-droplet.nix - ../../../profiles/home-manager.nix - ../../../profiles/reverse-proxy.nix - ../../../profiles/server.nix - ../../../profiles/wireguard.nix - ../../../profiles/users/fcuny.nix - ]; - - networking.hostName = "argonath"; - - system.stateVersion = "25.05"; # Did you read the comment? - - home-manager.users.fcuny = { - imports = [ - ../../../home/profiles/minimal.nix - ]; - }; -} diff --git a/machines/nixos/x86_64-linux/bree.nix b/machines/nixos/x86_64-linux/bree.nix deleted file mode 100644 index 9c9177d..0000000 --- a/machines/nixos/x86_64-linux/bree.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ lib, config, ... }: -{ - imports = [ - ../../../profiles/cgroups.nix - ../../../profiles/defaults.nix - ../../../profiles/disk/basic-vm.nix - ../../../profiles/hardware/synology-vm.nix - ../../../profiles/home-manager.nix - ../../../profiles/server.nix - ../../../profiles/users/fcuny.nix - ../../../profiles/wireguard.nix - ]; - - networking.hostName = "bree"; - networking.useDHCP = lib.mkDefault true; - systemd.network.wait-online.anyInterface = lib.mkDefault config.networking.useDHCP; - - age.secrets.disk-unlock-key.file = ../../../secrets/bree/disk-unlock-key.age; - age.secrets.disk-passphrase.file = ../../../secrets/bree/disk-passphrase.age; - - services.remoteDiskUnlock = { - enable = true; - hosts = [ - "192.168.1.114" - ]; - sshKeyPath = config.age.secrets.disk-unlock-key.path; - passphrasePath = config.age.secrets.disk-passphrase.path; - }; - - system.stateVersion = "23.11"; # Did you read the comment? - - home-manager.users.fcuny = { - imports = [ - ../../../home/profiles/minimal.nix - ]; - }; -} diff --git a/machines/nixos/x86_64-linux/iso.nix b/machines/nixos/x86_64-linux/iso.nix deleted file mode 100644 index fc9c4fa..0000000 --- a/machines/nixos/x86_64-linux/iso.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ modulesPath, ... }: -{ - # run `nix build .#nixosConfigurations.iso.config.system.build.isoImage` to build the image - imports = [ - "${modulesPath}/installer/cd-dvd/channel.nix" - "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix" - ../../../profiles/home-manager.nix - ../../../profiles/users/fcuny.nix - ]; - - boot.loader.grub.efiSupport = true; - boot.loader.grub.efiInstallAsRemovable = true; - boot.loader.grub.device = "nodev"; - - system.stateVersion = "25.05"; # Did you read the comment? - - programs.fish.enable = true; - - home-manager.users.fcuny = { - imports = [ - ../../../home/profiles/minimal.nix - ]; - }; -} diff --git a/machines/nixos/x86_64-linux/rivendell.nix b/machines/nixos/x86_64-linux/rivendell.nix deleted file mode 100644 index 0bd799c..0000000 --- a/machines/nixos/x86_64-linux/rivendell.nix +++ /dev/null @@ -1,78 +0,0 @@ -{ lib, config, ... }: -{ - imports = [ - ../../../profiles/authelia.nix - ../../../profiles/cgroups.nix - ../../../profiles/defaults.nix - ../../../profiles/disk/btrfs-on-luks.nix - ../../../profiles/git-server.nix - ../../../profiles/hardware/framework-desktop.nix - ../../../profiles/home-manager.nix - ../../../profiles/makemkv.nix - ../../../profiles/miniflux.nix - ../../../profiles/remote-unlock.nix - ../../../profiles/restic-backup.nix - ../../../profiles/server.nix - ../../../profiles/users/builder.nix - ../../../profiles/users/fcuny.nix - ../../../profiles/wireguard.nix - ]; - - networking.hostName = "rivendell"; - networking.networkmanager.enable = true; - networking.useDHCP = lib.mkDefault true; - systemd.network.wait-online.anyInterface = lib.mkDefault config.networking.useDHCP; - - services.website = { - enable = true; - openFirewall = true; - }; - - services.restic.backups.local.paths = [ "/var/lib/gitolite/repositories" ]; - services.restic.backups.synology.paths = [ - "/data/archives" - "/data/media" - "/var/lib/gitolite/repositories" - ]; - - services.samba = { - enable = true; - openFirewall = true; - settings = { - global = { - security = "user"; - workgroup = "WORKGROUP"; - "server string" = config.networking.hostName; - "netbios name" = config.networking.hostName; - "hosts allow" = "192.168.1.0/24 10.100.0.0/24 localhost"; - "guest account" = "nobody"; - "map to guest" = "bad user"; - "use sendfile" = "yes"; - "load printers" = "no"; - "vfs objects" = "catia fruit streams_xattr"; - "fruit:metadata" = "stream"; - }; - - media = { - path = "/data/media"; - browseable = "yes"; - "read only" = "yes"; - "guest ok" = "yes"; - }; - }; - }; - - services.avahi = { - enable = true; - nssmdns4 = true; - openFirewall = true; - }; - - system.stateVersion = "23.11"; # Did you read the comment? - - home-manager.users.fcuny = { - imports = [ - ../../../home/profiles/minimal.nix - ]; - }; -} diff --git a/machines/rivendell.nix b/machines/rivendell.nix new file mode 100644 index 0000000..4940ea3 --- /dev/null +++ b/machines/rivendell.nix @@ -0,0 +1,78 @@ +{ lib, config, ... }: +{ + imports = [ + ../profiles/authelia.nix + ../profiles/cgroups.nix + ../profiles/defaults.nix + ../profiles/disk/btrfs-on-luks.nix + ../profiles/git-server.nix + ../profiles/hardware/framework-desktop.nix + ../profiles/home-manager.nix + ../profiles/makemkv.nix + ../profiles/miniflux.nix + ../profiles/remote-unlock.nix + ../profiles/restic-backup.nix + ../profiles/server.nix + ../profiles/users/builder.nix + ../profiles/users/fcuny.nix + ../profiles/wireguard.nix + ]; + + networking.hostName = "rivendell"; + networking.networkmanager.enable = true; + networking.useDHCP = lib.mkDefault true; + systemd.network.wait-online.anyInterface = lib.mkDefault config.networking.useDHCP; + + services.website = { + enable = true; + openFirewall = true; + }; + + services.restic.backups.local.paths = [ "/var/lib/gitolite/repositories" ]; + services.restic.backups.synology.paths = [ + "/data/archives" + "/data/media" + "/var/lib/gitolite/repositories" + ]; + + services.samba = { + enable = true; + openFirewall = true; + settings = { + global = { + security = "user"; + workgroup = "WORKGROUP"; + "server string" = config.networking.hostName; + "netbios name" = config.networking.hostName; + "hosts allow" = "192.168.1.0/24 10.100.0.0/24 localhost"; + "guest account" = "nobody"; + "map to guest" = "bad user"; + "use sendfile" = "yes"; + "load printers" = "no"; + "vfs objects" = "catia fruit streams_xattr"; + "fruit:metadata" = "stream"; + }; + + media = { + path = "/data/media"; + browseable = "yes"; + "read only" = "yes"; + "guest ok" = "yes"; + }; + }; + }; + + services.avahi = { + enable = true; + nssmdns4 = true; + openFirewall = true; + }; + + system.stateVersion = "23.11"; # Did you read the comment? + + home-manager.users.fcuny = { + imports = [ + ../home/profiles/minimal.nix + ]; + }; +} -- cgit v1.2.3