john/nix-docker
Template
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

converted to flake

Browse Source
This commit is contained in:
John Lancaster
2024-12-18 01:05:41 +00:00
parent aab33e4786
commit e210bca113
5 changed files with 166 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
configuration.nix
View File

@@ -1,22 +1,10 @@
{ pkgs, lib, modulesPath, ... }:
{ pkgs, lib, config, ... }:
let
stateVersion = "24.05";
userName = "myuser";
repoPath = "/srv/nix-docker";
unstable = import <nixos-unstable> {};
in
{
system.stateVersion = stateVersion;
imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix")
(import "${builtins.fetchTarball https://github.com/nix-community/home-manager/archive/release-24.05.tar.gz}/nixos")
(fetchTarball "https://github.com/nix-community/nixos-vscode-server/tarball/master")
(import ./users.nix {
inherit stateVersion;
inherit userName;
inherit repoPath;
})
# ./mounts.nix
./users.nix
];
environment.systemPackages = with pkgs; [
@@ -38,23 +26,9 @@ in
# https://nixos.wiki/wiki/Docker
virtualisation.docker = {
enable = true;
# https://docs.docker.com/engine/security/rootless/
# rootless = {
# enable = true;
# setSocketVariable = true;
# };
};
services.vscode-server.enable = true;
system.activationScripts.startup = ''
echo "Starting Nix-Docker container"
'';
# Uses rust-based sudo
security.sudo-rs = {
enable = true;
execWheelOnly = false;
wheelNeedsPassword = false; # allows sudo without password for those in the wheel group
};
}

103
flake.lock generated Normal file
View File

@@ -0,0 +1,103 @@
{
"nodes": {
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1734344598,
"narHash": "sha256-wNX3hsScqDdqKWOO87wETUEi7a/QlPVgpC/Lh5rFOuA=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "83ecd50915a09dca928971139d3a102377a8d242",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1734119587,
"narHash": "sha256-AKU6qqskl0yf2+JdRdD0cfxX4b9x3KKV5RqA6wijmPM=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "3566ab7246670a43abd2ffa913cc62dad9cdf7d5",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"vscode-server": "vscode-server"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"vscode-server": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1729422940,
"narHash": "sha256-DlvJv33ml5UTKgu4b0HauOfFIoDx6QXtbqUF3vWeRCY=",
"owner": "nix-community",
"repo": "nixos-vscode-server",
"rev": "8b6db451de46ecf9b4ab3d01ef76e59957ff549f",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixos-vscode-server",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

42
flake.nix Normal file
View File

@@ -0,0 +1,42 @@
{
description = "A very basic flake";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
vscode-server = {
url = "github:nix-community/nixos-vscode-server";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { self, ... }@args:
let
inherit (self) outputs;
nixosSystem = args.nixpkgs.lib.nixosSystem;
pkgs = args.nixpkgs.legacyPackages.x86_64-linux;
in
{
nixosConfigurations.lxc = nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit pkgs;
};
modules = [
(args.nixpkgs + "/nixos/modules/virtualisation/proxmox-lxc.nix")
args.vscode-server.nixosModules.default
args.home-manager.nixosModules.default
./configuration.nix
({ pkgs, ... }: {
system.stateVersion = "24.11";
nix.settings.experimental-features = [ "nix-command" "flakes" ];
services.vscode-server.enable = true;
environment.systemPackages = [ pkgs.git ];
})
];
};
};
}

3
git.nix
View File

@@ -1,8 +1,7 @@
{ repoPath, ... }:
{ ... }:
{
programs.git = {
enable = true;
extraConfig.safe.directory = "${repoPath}";
extraConfig.credential.helper = "store --file ~/.git-credentials";
userName = "John Lancaster";
userEmail = "32917998+jsl12@users.noreply.github.com";

23
users.nix
View File

@@ -1,5 +1,20 @@
{ stateVersion, userName, repoPath, ... }:
{ config, ... }:
let
userName = "john";
userOptions = {
home.stateVersion = config.system.stateVersion;
imports = [ ./git.nix ];
};
# stateVersion = config.system.stateVersion;
in
{
# Uses rust-based sudo
security.sudo-rs = {
enable = true;
execWheelOnly = false;
wheelNeedsPassword = false; # allows sudo without password for those in the wheel group
};
users.users.${userName} = {
isNormalUser = true;
extraGroups = [
@@ -13,9 +28,7 @@
home-manager = {
useGlobalPkgs = true;
users.${userName} = {
home.stateVersion = stateVersion;
imports = [ (import ./git.nix { inherit repoPath; }) ];
};
users.root = userOptions;
users.${userName} = userOptions;
};
}