diff --git a/hive.nix b/hive.nix index d921270..8e8aeaf 100644 --- a/hive.nix +++ b/hive.nix @@ -30,46 +30,13 @@ in }: { imports = [ + ./kat "${sources.home-manager}/nixos" "${sources.disko}/module.nix" ./domain-proxies-module.nix ./domain-proxies.nix ]; - options.system.build.anywhere = lib.mkOption { - type = lib.types.package; - readOnly = true; - }; - config = { - boot.tmp.useTmpfs = true; - networking = { - nftables.enable = true; - hostName = name; - }; - nix = { - nixPath = [ - "nixpkgs=${builtins.storePath pkgs.path}" - "nixos=${builtins.storePath pkgs.path}" - ]; - channel.enable = false; - settings.nix-path = config.nix.nixPath; - package = pkgs.lix; - }; - services = { - resolved.enable = true; - openssh.settings = { - ClientAliveInterval = 60; - ClientAliveCountMax = 1; - }; - }; - system.build.anywhere = pkgs.writeShellApplication { - name = "anywhere-deploy_${name}.sh"; - runtimeInputs = [ pkgs.nixos-anywhere ]; - # --kexec ${nodes.kat-kexec.config.system.build.kexecTarball}/${nodes.kat-kexec.config.system.kexec-installer.name}-${pkgs.stdenv.hostPlatform.system}.tar.gz - text = '' - nixos-anywhere --store-paths ${config.system.build.diskoScriptNoDeps} ${config.system.build.toplevel} ${config.deployment.targetHost} - ''; - }; - }; + networking.hostName = name; }; kat-probook = @@ -79,7 +46,6 @@ in imports = [ ./machines/kat-probook - (users.root { ssh = false; }) users.catvayor ]; nix.settings.trusted-users = [ @@ -92,9 +58,9 @@ in { users, ... }: { deployment.targetHost = "manah.kat"; + services.openssh.enable = true; imports = [ ./machines/kat-manah - (users.root { ssh = true; }) ]; }; @@ -102,9 +68,9 @@ in { users, ... }: { deployment.targetHost = "watcher.kat"; + services.openssh.enable = true; imports = [ ./machines/kat-watcher - (users.root { ssh = true; }) ]; }; @@ -115,12 +81,12 @@ in targetHost = "virt.kat"; tags = [ "kat-vms" ]; }; + services.openssh.enable = true; services.qemuGuest.enable = true; boot.kernelParams = [ "console=ttyS0" ]; imports = [ ./machines/kat-virt - (users.root { ssh = true; }) ]; users.users.root.openssh.authorizedKeys.keys = [ id_sylvain ]; }; @@ -132,12 +98,12 @@ in targetHost = "mail-test.kat"; tags = [ "kat-vms" ]; }; + services.openssh.enable = true; services.qemuGuest.enable = true; boot.kernelParams = [ "console=ttyS0" ]; imports = [ ./machines/kat-mail-test - (users.root { ssh = true; }) ]; users.users.root.openssh.authorizedKeys.keys = [ id_sylvain ]; }; @@ -149,11 +115,11 @@ in targetHost = "son.kat"; tags = [ "kat-vms" ]; }; + services.openssh.enable = true; services.qemuGuest.enable = true; boot.kernelParams = [ "console=ttyS0" ]; imports = [ ./machines/kat-son - (users.root { ssh = true; }) ]; }; @@ -164,11 +130,11 @@ in targetHost = "orchid.kat"; tags = [ "kat-vms" ]; }; + services.openssh.enable = true; services.qemuGuest.enable = true; boot.kernelParams = [ "console=ttyS0" ]; imports = [ ./machines/kat-orchid - (users.root { ssh = true; }) ]; }; @@ -188,7 +154,6 @@ in imports = [ (modulesPath + "/installer/cd-dvd/installation-cd-minimal-new-kernel-no-zfs.nix") - (users.root { ssh = true; }) ]; networking = { @@ -225,7 +190,6 @@ in imports = [ ("${sources.nixos-images}/nix/kexec-installer/module.nix") - (users.root { ssh = true; }) ]; networking = { diff --git a/kat/default.nix b/kat/default.nix new file mode 100644 index 0000000..348752a --- /dev/null +++ b/kat/default.nix @@ -0,0 +1,54 @@ +{ + lib, + config, + pkgs, + ... +}: +with lib; +{ + imports = [ + ./users + ./root.nix + ]; + options.kat = { + path = mkOption { + readOnly = true; + type = types.path; + }; + anywhere = lib.mkOption { + type = lib.types.package; + readOnly = true; + }; + }; + config = { + kat = { + path = ./.; + anywhere = pkgs.writeShellApplication { + name = "anywhere-deploy_${name}.sh"; + runtimeInputs = [ pkgs.nixos-anywhere ]; + # --kexec ${nodes.kat-kexec.config.system.build.kexecTarball}/${nodes.kat-kexec.config.system.kexec-installer.name}-${pkgs.stdenv.hostPlatform.system}.tar.gz + text = '' + nixos-anywhere --store-paths ${config.system.build.diskoScriptNoDeps} ${config.system.build.toplevel} ${config.deployment.targetHost} + ''; + }; + }; + boot.tmp.useTmpfs = true; + networking.nftables.enable = true; + nix = { + nixPath = [ + "nixpkgs=${builtins.storePath pkgs.path}" + "nixos=${builtins.storePath pkgs.path}" + ]; + channel.enable = false; + settings.nix-path = config.nix.nixPath; + package = pkgs.lix; + }; + services = { + resolved.enable = !config.boot.isContainer; + openssh.settings = { + ClientAliveInterval = 60; + ClientAliveCountMax = 1; + }; + }; + }; +} diff --git a/kat/root.nix b/kat/root.nix new file mode 100644 index 0000000..8d960f0 --- /dev/null +++ b/kat/root.nix @@ -0,0 +1,7 @@ +{ ... }: +{ + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor" + ]; + home-manager.users.root = { }; +} diff --git a/kat/users/default.nix b/kat/users/default.nix new file mode 100644 index 0000000..840a656 --- /dev/null +++ b/kat/users/default.nix @@ -0,0 +1,17 @@ +{ config, lib, ... }: +with lib; +let + zsh = import ./zsh.nix; +in +{ + imports = [ (import ./zsh.nix).system ]; + home-manager.sharedModules = [{ + imports = [ zsh.user ./neovim ]; + # options.kat = { + # ssh = mkEnableOption "ssh configuration"; + # }; + config = { + home.stateVersion = config.system.stateVersion; + }; + }]; +} diff --git a/kat/users/neovim/default.nix b/kat/users/neovim/default.nix new file mode 100644 index 0000000..da5a696 --- /dev/null +++ b/kat/users/neovim/default.nix @@ -0,0 +1,38 @@ +{ + pkgs, + config, + lib, + ... +}: +with lib; +{ + options.kat.neovim = mkEnableOption "neovim configuration" // { + default = true; + }; + config = mkIf config.kat.neovim { + programs.neovim = { + enable = true; + defaultEditor = true; + plugins = with pkgs.vimPlugins; [ + (nvim-treesitter.withPlugins (_: pkgs.tree-sitter.allGrammars)) + nvim-treesitter.withAllGrammars + vim-nix + + telescope-nvim + todo-comments-nvim + + gitsigns-nvim + ]; + extraPackages = with pkgs; [ + git + ripgrep + fd + gcc + ]; + extraConfig = builtins.readFile ./nvimrc; + extraLuaConfig = builtins.readFile ./nvim.lua; + vimAlias = true; + viAlias = true; + }; + }; +} diff --git a/modules/neovim/nvim.lua b/kat/users/neovim/nvim.lua similarity index 100% rename from modules/neovim/nvim.lua rename to kat/users/neovim/nvim.lua diff --git a/modules/neovim/nvimrc b/kat/users/neovim/nvimrc similarity index 100% rename from modules/neovim/nvimrc rename to kat/users/neovim/nvimrc diff --git a/kat/users/zsh.nix b/kat/users/zsh.nix new file mode 100644 index 0000000..3bdf522 --- /dev/null +++ b/kat/users/zsh.nix @@ -0,0 +1,91 @@ +{ + system = + { + config, + pkgs, + lib, + ... + }: + with lib; + mkMerge [ + { + users.users = mapAttrs ( + _: val: + mkIf val.kat.zsh { + shell = pkgs.zsh; + } + ) config.home-manager.users; + } + (mkIf (any (val: val.kat.zsh) (attrValues config.home-manager.users)) { + programs.zsh.enable = true; + }) + ]; + user = + { + config, + pkgs, + lib, + ... + }: + with lib; + { + options.kat.zsh = mkEnableOption "zsh configuration" // { + default = true; + }; + config = mkIf config.kat.zsh { + programs = { + zsh = { + enable = true; + oh-my-zsh = { + enable = true; + plugins = [ "git" ]; + }; + plugins = [ + { + name = "zsh-nix-shell"; + file = "nix-shell.plugin.zsh"; + src = pkgs.fetchFromGitHub { + owner = "chisui"; + repo = "zsh-nix-shell"; + rev = "v0.8.0"; + sha256 = "1lzrn0n4fxfcgg65v0qhnj7wnybybqzs4adz7xsrkgmcsr0ii8b7"; + }; + } + { + name = "zsh-autosuggestion"; + file = "zsh-autosuggestions.zsh"; + src = pkgs.fetchFromGitHub { + owner = "zsh-users"; + repo = "zsh-autosuggestions"; + rev = "v0.7.0"; + sha256 = "1g3pij5qn2j7v7jjac2a63lxd97mcsgw6xq6k5p7835q9fjiid98"; + }; + } + { + name = "zsh-syntax-highlighting"; + file = "zsh-syntax-highlighting.zsh"; + src = pkgs.fetchFromGitHub { + owner = "zsh-users"; + repo = "zsh-syntax-highlighting"; + rev = "0.8.0"; + sha256 = "1yl8zdip1z9inp280sfa5byjbf2vqh2iazsycar987khjsi5d5w8"; + }; + } + ]; + }; + + starship = { + enable = true; + enableZshIntegration = true; + settings.battery.disabled = true; + }; + + direnv = { + enable = true; + enableZshIntegration = true; + nix-direnv.enable = true; + }; + }; + }; + }; +} diff --git a/machines/kat-mail-test/modo.nix b/machines/kat-mail-test/modo.nix index 0850123..c9ac19b 100644 --- a/machines/kat-mail-test/modo.nix +++ b/machines/kat-mail-test/modo.nix @@ -10,18 +10,11 @@ let in { users.users.moderators = { - shell = pkgs.zsh; isNormalUser = true; extraGroups = [ "postdrop" ]; openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys; }; - home-manager.users.moderators = { - home.stateVersion = "23.11"; - imports = with mods.home; [ - neovim - zsh - ]; - }; + home-manager.users.moderators = { }; mailserver.loginAccounts."moderators@${host}" = { hashedPassword = ""; sieveScript = '' diff --git a/machines/kat-orchid/default.nix b/machines/kat-orchid/default.nix index 6d40a5b..ed5ce00 100644 --- a/machines/kat-orchid/default.nix +++ b/machines/kat-orchid/default.nix @@ -57,8 +57,6 @@ nixpkgs.config.allowUnfree = true; - programs.zsh.enable = true; - environment.systemPackages = with pkgs; [ wget nix-search-cli @@ -145,17 +143,8 @@ }; }; - users.users.orchid = { - isNormalUser = true; - shell = pkgs.zsh; - }; - home-manager.users.orchid = { - home.stateVersion = "23.11"; - imports = with mods.home; [ - neovim - zsh - ]; - }; + users.users.orchid.isNormalUser = true; + home-manager.users.orchid = { }; system.stateVersion = "23.11"; } diff --git a/modules/default.nix b/modules/default.nix index 6182268..ed27c28 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -4,8 +4,6 @@ in { home = { sway = sway.home; - neovim = ./neovim; - zsh = ./zsh.nix; ssh = ./ssh.nix; mail = ./mail.nix; }; diff --git a/modules/neovim/default.nix b/modules/neovim/default.nix deleted file mode 100644 index d76e1d9..0000000 --- a/modules/neovim/default.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - pkgs, - config, - lib, - ... -}: -{ - programs.neovim = { - enable = true; - defaultEditor = true; - plugins = with pkgs.vimPlugins; [ - (nvim-treesitter.withPlugins (_: pkgs.tree-sitter.allGrammars)) - nvim-treesitter.withAllGrammars - vim-nix - - telescope-nvim - todo-comments-nvim - - gitsigns-nvim - ]; - extraPackages = with pkgs; [ - git - ripgrep - fd - gcc - ]; - extraConfig = builtins.readFile ./nvimrc; - extraLuaConfig = builtins.readFile ./nvim.lua; - vimAlias = true; - viAlias = true; - }; -} diff --git a/modules/zsh.nix b/modules/zsh.nix deleted file mode 100644 index 170b939..0000000 --- a/modules/zsh.nix +++ /dev/null @@ -1,61 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: -{ - programs = { - zsh = { - enable = true; - oh-my-zsh = { - enable = true; - plugins = [ "git" ]; - }; - plugins = [ - { - name = "zsh-nix-shell"; - file = "nix-shell.plugin.zsh"; - src = pkgs.fetchFromGitHub { - owner = "chisui"; - repo = "zsh-nix-shell"; - rev = "v0.8.0"; - sha256 = "1lzrn0n4fxfcgg65v0qhnj7wnybybqzs4adz7xsrkgmcsr0ii8b7"; - }; - } - { - name = "zsh-autosuggestion"; - file = "zsh-autosuggestions.zsh"; - src = pkgs.fetchFromGitHub { - owner = "zsh-users"; - repo = "zsh-autosuggestions"; - rev = "v0.7.0"; - sha256 = "1g3pij5qn2j7v7jjac2a63lxd97mcsgw6xq6k5p7835q9fjiid98"; - }; - } - { - name = "zsh-syntax-highlighting"; - file = "zsh-syntax-highlighting.zsh"; - src = pkgs.fetchFromGitHub { - owner = "zsh-users"; - repo = "zsh-syntax-highlighting"; - rev = "0.8.0"; - sha256 = "1yl8zdip1z9inp280sfa5byjbf2vqh2iazsycar987khjsi5d5w8"; - }; - } - ]; - }; - - starship = { - enable = true; - enableZshIntegration = true; - settings.battery.disabled = true; - }; - - direnv = { - enable = true; - enableZshIntegration = true; - nix-direnv.enable = true; - }; - }; -} diff --git a/users/catvayor.nix b/users/catvayor.nix index c964798..93e61d1 100644 --- a/users/catvayor.nix +++ b/users/catvayor.nix @@ -8,9 +8,7 @@ { imports = with mods.global; [ sway ]; - programs.zsh.enable = true; users.users.catvayor = { - shell = pkgs.zsh; isNormalUser = true; extraGroups = [ "wheel" @@ -36,11 +34,7 @@ ]; home-manager.users.catvayor = { - home.stateVersion = "23.11"; - imports = with mods.home; [ - neovim - zsh sway ssh mail diff --git a/users/default.nix b/users/default.nix index e54e31d..625da66 100644 --- a/users/default.nix +++ b/users/default.nix @@ -1,4 +1,3 @@ { catvayor = ./catvayor.nix; - root = import ./root.nix; } diff --git a/users/root.nix b/users/root.nix deleted file mode 100644 index e4129e4..0000000 --- a/users/root.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ ssh }: -{ - config, - lib, - pkgs, - mods, - ... -}: -{ - programs.zsh.enable = true; - users.users.root = - { - shell = pkgs.zsh; - } - // lib.attrsets.optionalAttrs ssh { - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor" - ]; - }; - home-manager.users.root = { - home.stateVersion = "23.11"; - imports = with mods.home; [ - neovim - zsh - ]; - }; -} -// lib.attrsets.optionalAttrs ssh { services.openssh.enable = true; }