john/dendritic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: john/dendritic:c1339ef94934641a53d1e16b581e05fbe7181daa
Branches Tags
john/dendritic:main john/dendritic:wrappers john/dendritic:forgejo
...
compare: john/dendritic:9e8c782f889000f15991852abc8808842e6a356d
Branches Tags
john/dendritic:wrappers john/dendritic:forgejo john/dendritic:main

4 Commits
c1339ef949 ... 9e8c782f88

Author SHA1 Message Date
John Lancaster 9e8c782f88 added ds script to shell-tools 2026-03-28 19:16:32 -05:00
John Lancaster 550e61eb5a separated nixos rebuild 2026-03-28 19:15:31 -05:00
John Lancaster 8ec898d874 moved restic to features 2026-03-28 17:41:07 -05:00
John Lancaster 9340776aa3 testpushCmd 2026-03-28 17:40:59 -05:00
6 changed files with 90 additions and 69 deletions
Expand all files Collapse all files
modules/services/restic/default.nix → modules/features/restic.nix
+4 -4
View File
@@ -1,4 +1,4 @@
{ inputs, ... }: {
{ self, inputs, ... }: {
flake.modules.nixos.restic-server = { config, pkgs, lib, ... }: {
services.restic.server = {
enable = true;
@@ -47,20 +47,20 @@
config = let
resticRepository = "rest:https://soteria.john-stream.com/${cfg.repoName}";
caCert = "${config.mtls.certDir}/root_ca.crt";
mtlsClientCert = "${config.mtls.certDir}/${config.mtls.bundleFilename}";
mtlsBundle = "${config.mtls.certDir}/${config.mtls.bundleFilename}";
in
{
home.sessionVariables = {
RESTIC_REPOSITORY = resticRepository;
RESTIC_PASSWORD_FILE = cfg.passwordFile;
RESTIC_CACERT = caCert;
RESTIC_TLS_CLIENT_CERT = mtlsClientCert;
RESTIC_TLS_CLIENT_CERT = mtlsBundle;
};
# This is necessary because the restic service in home manager doesn't otherwise expose these options.
systemd.user.services."restic-backups-${cfg.repoName}".Service.Environment = [
"RESTIC_CACERT=${caCert}"
"RESTIC_TLS_CLIENT_CERT=${mtlsClientCert}"
"RESTIC_TLS_CLIENT_CERT=${mtlsBundle}"
];
services.restic = {
modules/hosts/john-p14s/configuration.nix
+6 -3
View File
@@ -16,6 +16,8 @@
allowUnfree = true;
};
flakeDir = "${config.home-manager.users.john.home.homeDirectory}/Documents/dendritic";
networking = {
hostName = hostname;
networkmanager.enable = true;
@@ -66,9 +68,9 @@
time.timeZone = "America/Chicago";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
@@ -79,6 +81,7 @@
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
};
services.libinput.enable = true; # Enable touchpad support (enabled default in most desktopManager).
services.fprintd.enable = true; # Enables fingerprint sensor
modules/hosts/john-p14s/default.nix
+1
View File
@@ -12,6 +12,7 @@
"${inputs.nixos-hardware}/lenovo/thinkpad/p14s/amd/gen4"
] ++ (with self.modules.nixos; [
p14sConfiguration
rebuild
sudo
john
gnome
modules/hosts/john-pc/default.nix
+24 -20
View File
@@ -1,17 +1,28 @@
{ inputs, ... }:
{ self, inputs, ... }:
let
username = "john";
hostname = "john-pc-ubuntu";
testHost = "soteria";
testTarget = "fded:fb16:653e:25da:be24:11ff:fea0:753f"; # test-nix
# testTarget = "fded:fb16:653e:25da:be24:11ff:fe89:1cc3"; # soteria
in
{
flake.modules.homeManager."${hostname}" = { pkgs, config, ... }:
flake.modules.homeManager."${hostname}" = { config, pkgs, lib, ... }:
let
flakeDir = "${config.xdg.configHome}/home-manager/jsl-dendritic";
certDir = "${config.mtls.certDir}";
mtlsBundle = "${certDir}/${config.mtls.bundleFilename}";
resticPasswordFile = "${config.xdg.configHome}/restic/password.txt";
testPushCmd = (pkgs.writeShellScriptBin "test-push" ''
${lib.getExe' pkgs.coreutils "mkdir"} -p /var/tmp/nix-build
${lib.getExe' pkgs.coreutils "chmod"} 1777 /var/tmp/nix-build
${lib.getExe pkgs.nixos-rebuild} switch \
--flake ${flakeDir}#${testHost} \
--target-host root@${testTarget}
'');
in
{
imports = with inputs.self.modules.homeManager; [
@@ -25,28 +36,21 @@ in
docker
desktop
];
targets.genericLinux.enable = true;
shell.program = "zsh";
home.username = "${username}";
home.homeDirectory = "/home/${username}";
home.packages = with pkgs; [
nixos-rebuild
(writeShellScriptBin "test-push" ''
mkdir -p /var/tmp/nix-build
chmod 1777 /var/tmp/nix-build
nixos-rebuild switch \
--flake ${flakeDir}#${hostname} \
--target-host root@${testTarget}
'')
];
# TODO: make this more restrictive, rather than allowing all unfree packages
nixpkgs.config.allowUnfree = true;
nixpkgs.config.permittedInsecurePackages = [ "openssl-1.1.1w" ];
targets.genericLinux.enable = true;
home.username = "${username}";
home.homeDirectory = "/home/${username}";
home.packages = [
pkgs.nixos-rebuild
testPushCmd
];
shell.program = "zsh";
homeManagerFlakeDir = flakeDir;
docker.enable = true;
modules/nix-tools/rebuild.nix
+43 -33
View File
@@ -1,7 +1,49 @@
{ self, inputs, ... }:
{
flake.modules.nixos.rebuild =
{ config, pkgs, lib, ... }:
let
flakeDir = config.rebuild.flakeDir;
echoCmd = lib.getExe' pkgs.coreutils "echo";
hostnameCmd = "$(${lib.getExe pkgs.hostname} -s)";
nfs = (pkgs.writeShellScriptBin "nfs" ''
HOSTNAME=${hostnameCmd}
${echoCmd} "Switching to the $HOSTNAME nixos profile"
sudo ${lib.getExe pkgs.nixos-rebuild} switch --impure --flake ${flakeDir}#$HOSTNAME
'');
in
{
options.rebuild = {
flakeDir = lib.mkOption {
description = "Path to the flake directory.";
type = lib.types.str;
default = "/etc/nixos";
};
};
config = {
environment.systemPackages = with pkgs; [
nfs
(writeShellScriptBin "nfsu" ''
${lib.getExe nix} flake update --impure --flake ${flakeDir}
${lib.getExe git} -C ${flakeDir} add ${flakeDir}/flake.lock > /dev/null 2>&1
${lib.getExe nfs}
'')
(writeShellScriptBin "test-build" ''
if [ -z "$1" ]; then
HOSTNAME=${hostnameCmd}
else
HOSTNAME="$1"
fi
${echoCmd} "Testing the evaulation of the nixos config for $HOSTNAME"
${lib.getExe nix} eval ${flakeDir}#nixosConfigurations.$HOSTNAME.config.system.build.toplevel.drvPath
'')
];
};
};
flake.modules.homeManager.rebuild =
{ pkgs, lib, config, ... }:
{ config, pkgs, lib, ... }:
let
nixBin = lib.getExe pkgs.nix;
flakeDir = config.homeManagerFlakeDir;
@@ -12,11 +54,6 @@
${echoCmd} "Switching to the $HOSTNAME home-manager profile"
${lib.getExe pkgs.home-manager} switch --impure --flake ${flakeDir}#$HOSTNAME
'');
nfs = (pkgs.writeShellScriptBin "nfs" ''
HOSTNAME=${hostnameCmd}
${echoCmd} "Switching to the $HOSTNAME nixos profile"
sudo ${lib.getExe pkgs.nixos-rebuild} switch --impure --flake ${flakeDir}#$HOSTNAME
'');
in
{
options = {
@@ -39,43 +76,16 @@
home.packages = with pkgs; [
home-manager
#
# Flake-Parts checks
#
(writeShellScriptBin "flake-parts-check" ''
cd ${flakeDir}
${nixBin} run "${flakeDir}#write-flake"
${nixBin} flake check
'')
#
# Home-Manager rebuilds
#
nhms
(writeShellScriptBin "nhmu" ''
${nixBin} flake update --flake ${flakeDir}
${lib.getExe nhms}
'')
#
# NixOS rebuilds
#
nfs
(writeShellScriptBin "nfsu" ''
${nixBin} flake update --impure --flake ${flakeDir}
${lib.getExe git} -C ${flakeDir} add ${flakeDir}/flake.lock > /dev/null 2>&1
${lib.getExe nfs}
'')
(writeShellScriptBin "test-build" ''
if [ -z "$1" ]; then
HOSTNAME=${hostnameCmd}
else
HOSTNAME="$1"
fi
${echoCmd} "Testing the evaulation of the nixos config for $HOSTNAME"
${nixBin} eval ${flakeDir}#nixosConfigurations.$HOSTNAME.config.system.build.toplevel.drvPath
'')
];
};
};
modules/programs/shell-tools.nix
+3
View File
@@ -31,6 +31,9 @@
xclip
jq
ripgrep
(writeShellScriptBin "ds" ''
${lib.getExe pkgs.gdu} -x -I /snap /
'')
];
};
};