chore(ops/nixos): Move NixOS configuration one level up

2020-01-04 15:08:49 +00:00 · 2020-01-04 15:08:49 +00:00 · 1d687c5303
commit 1d687c5303
parent 3638048c9b
19 changed files with 51 additions and 14 deletions
--- a/ops/infra/nixos/default.nix
+++ b/ops/infra/nixos/default.nix
@ -1,6 +0,0 @@
-{ ... }:
-
-builtins.throw ''
-  The Nix derivations at infra/nixos are not meant to be evaluated
-  like a derivation as they represent NixOS configuration.
-''
--- a/ops/infra/nixos/.gitignore
+++ b/ops/infra/nixos/.gitignore
--- a/ops/infra/nixos/README.md
+++ b/ops/infra/nixos/README.md
--- a/ops/infra/nixos/adho-configuration.nix
+++ b/ops/infra/nixos/adho-configuration.nix
--- a/ops/infra/nixos/configuration.nix
+++ b/ops/infra/nixos/configuration.nix
@ -40,14 +40,6 @@
    firewall.allowedTCPPorts = [ 3000 5556 5558 ];
  };

-  # Generate an immutable /etc/resolv.conf from the nameserver settings
-  # above (otherwise DHCP overwrites it):
-  environment.etc."resolv.conf" = with lib; with pkgs; {
-    source = writeText "resolv.conf" ''
-      ${concatStringsSep "\n" (map (ns: "nameserver ${ns}") config.networking.nameservers)}
-      options edns0
-    '';
-  };

  # Configure emacs:
  # (actually, that's a lie, this only installs emacs!)
--- a/ops/nixos/default.nix
+++ b/ops/nixos/default.nix
@ -0,0 +1,48 @@
+{ pkgs, ... }:
+
+let
+  inherit (pkgs) third_party lib;
+  configuration = rec {
+    boot.loader.systemd-boot.enable = true;
+    boot.loader.efi.canTouchEfiVariables = true;
+    boot.cleanTmpDir = true;
+    hardware.pulseaudio.enable = true;
+    hardware.cpu.intel.updateMicrocode = true;
+    time.timeZone = "Europe/London";
+
+    networking = {
+      # Don't use ISP's DNS servers:
+      nameservers = [
+        "8.8.8.8"
+        "8.8.4.4"
+      ];
+
+      # Open Chromecast-related ports & servedir
+      firewall.allowedTCPPorts = [ 3000 5556 5558 ];
+    };
+
+    # Generate an immutable /etc/resolv.conf from the nameserver settings
+    # above (otherwise DHCP overwrites it):
+    environment.etc."resolv.conf" = with lib; with pkgs; {
+      source = writeText "resolv.conf" ''
+        ${concatStringsSep "\n" (map (ns: "nameserver ${ns}") networking.nameservers)}
+        options edns0
+      '';
+    };
+
+    nixpkgs.config.allowUnfree = true;
+  };
+
+  # Desktop at home
+  stallo = {
+    networking.hostName = "stallo";
+    services.xserver.videoDrivers = [ "nvidia" ];
+    boot.initrd.luks.devices.stallo-luks.device = "/dev/disk/by-uuid/b484cf1e-a27b-4785-8bd6-fa85a004b073";
+
+    fileSystems."/".device = "/dev/disk/by-label/stallo-root";
+  };
+in {
+  stallo = third_party.nixos {
+    configuration = lib.recursiveUpdate configuration stallo;
+  };
+}
--- a/ops/infra/nixos/desktop.nix
+++ b/ops/infra/nixos/desktop.nix
--- a/ops/infra/nixos/dotfiles.nix
+++ b/ops/infra/nixos/dotfiles.nix
--- a/ops/infra/nixos/dotfiles/alacritty.yml
+++ b/ops/infra/nixos/dotfiles/alacritty.yml
--- a/ops/infra/nixos/dotfiles/config.fish
+++ b/ops/infra/nixos/dotfiles/config.fish
--- a/ops/infra/nixos/dotfiles/msmtprc
+++ b/ops/infra/nixos/dotfiles/msmtprc
--- a/ops/infra/nixos/dotfiles/notmuch-config
+++ b/ops/infra/nixos/dotfiles/notmuch-config
--- a/ops/infra/nixos/dotfiles/offlineimaprc
+++ b/ops/infra/nixos/dotfiles/offlineimaprc
--- a/ops/infra/nixos/dotfiles/tmux.conf
+++ b/ops/infra/nixos/dotfiles/tmux.conf
--- a/ops/infra/nixos/home.nix
+++ b/ops/infra/nixos/home.nix
--- a/ops/infra/nixos/mail.nix
+++ b/ops/infra/nixos/mail.nix
--- a/ops/infra/nixos/packages.nix
+++ b/ops/infra/nixos/packages.nix
--- a/ops/infra/nixos/stallo-configuration.nix
+++ b/ops/infra/nixos/stallo-configuration.nix
--- a/third_party/default.nix
+++ b/third_party/default.nix
@ -103,4 +103,7 @@ in exposed // {
  originals = {
    inherit (nixpkgs) git notmuch;
  };
+
+  # Make NixOS available
+  nixos = import "${nixpkgsSrc}/nixos";
 }