diff --git a/README.md b/README.md index f16272d..273bbc0 100755 --- a/README.md +++ b/README.md @@ -1,17 +1,24 @@ # Description This repository contains the configuration for multiple machines, as well as my home / IDE config (home-manager). +It takes heavy inspiration from [khaneliman/khanelinix](https://github.com/khaneliman/khanelinix). -## Home Manager +### NixOS -Utilizing [Home Manager](https://nix-community.github.io/home-manager/). Check out the [README.md](./home-manager/README.md). +```bash -## NixOS +``` ### NixOS Generators ```bash -nix build .#packages.x86_64-linux.rke2-image +nix build .#vmwareConfigurations.rke2-node +``` + +### Home Manager + +```bash +home-manager switch --flake .#evanreichard@MBP-Personal ``` ### NixOS Hosts diff --git a/flake.nix b/flake.nix index b8d3028..e4db2bf 100755 --- a/flake.nix +++ b/flake.nix @@ -52,130 +52,5 @@ sops-nix.nixosModules.sops ]; }; - - outputs-builder = channels: { - # Define packages using nixos-generators - packages.x86_64-linux = { - # VMware image - vmware-image = inputs.nixos-generators.nixosGenerate { - system = "x86_64-linux"; - format = "vmware"; - modules = [ - # Your VMware configuration - ./hosts/vmware-image.nix - ]; - }; - - # Keep your other images - rke2-image = inputs.nixos-generators.nixosGenerate { - system = "x86_64-linux"; - format = "vmware"; - modules = [ - ./hosts/rke2-image.nix - ]; - }; - - usb-image = inputs.nixos-generators.nixosGenerate { - system = "x86_64-linux"; - format = "raw-efi"; - modules = [ - ./hosts/usb-image.nix - ]; - }; - }; - }; }; } - -# outputs = { self, nixpkgs, disko, nixos-generators, apple-silicon }: -# let -# mkSystem = { systemConfig ? { }, moduleConfig }: nixpkgs.lib.nixosSystem { -# system = "x86_64-linux"; -# modules = [ -# disko.nixosModules.disko -# ./lib/disk-config.nix -# ./lib/common-system.nix -# systemConfig -# ({ ... }: moduleConfig) -# ]; -# }; -# in -# { -# # NixOS Generators -# packages.x86_64-linux = { -# # RKE2 -# rke2-image = nixos-generators.nixosGenerate { -# system = "x86_64-linux"; -# format = "vmware"; -# modules = [ -# ./hosts/rke2-image.nix -# ]; -# }; - -# usb-image = nixos-generators.nixosGenerate { -# system = "x86_64-linux"; -# format = "raw-efi"; -# modules = [ -# ./hosts/usb-image.nix -# ]; -# }; -# }; - -# # NixOS Configurations -# nixosConfigurations = { -# # MBP NixOS Asahi -# mpb-asahi = nixpkgs.lib.nixosSystem { -# system = "aarch64-linux"; -# modules = [ -# apple-silicon.nixosModules.default -# ./hosts/mbp-asahi.nix -# ]; -# }; - -# # Office Server (LLaMA / ADS-B) -# lin-va-office = mkSystem { -# systemConfig = ./hosts/office-server.nix; -# moduleConfig = { -# hostName = "lin-va-office"; -# mainDiskID = "/dev/disk/by-id/ata-MTFDDAK512MBF-1AN1ZABHA_161212233628"; -# network = { -# interface = "enp5s0"; -# address = "10.0.50.120"; -# defaultGateway = "10.0.50.254"; -# nameservers = [ "10.0.50.254" ]; -# }; -# }; -# }; - -# # Utility Room Desktop -# lin-va-utility = mkSystem { -# systemConfig = ./hosts/utility-desktop.nix; -# moduleConfig = { -# hostName = "lin-va-utility"; -# mainDiskID = "/dev/disk/by-id/nvme-eui.0026b768429d3eb5"; -# network = { -# interface = "eno1"; -# address = "10.0.20.50"; -# defaultGateway = "10.0.20.254"; -# nameservers = [ "10.0.20.254" ]; -# }; -# }; -# }; - -# # Nix Builder -# lin-va-nix-builder = mkSystem { -# systemConfig = ./hosts/builder.nix; -# moduleConfig = { -# hostName = "lin-va-nix-builder"; -# mainDiskID = "/dev/xvda"; -# enableXenGuest = true; -# network = { -# interface = "enX0"; -# address = "10.0.50.130"; -# defaultGateway = "10.0.50.254"; -# nameservers = [ "10.0.50.254" ]; -# }; -# }; -# }; -# }; -# }; diff --git a/modules/nixos/hardware/asahi/default.nix b/modules/nixos/hardware/asahi/default.nix index 1f82cba..51f783a 100644 --- a/modules/nixos/hardware/asahi/default.nix +++ b/modules/nixos/hardware/asahi/default.nix @@ -1,6 +1,6 @@ { config, lib, inputs, namespace, ... }: let - inherit (lib) mkIf types; + inherit (lib) types optionalAttrs; inherit (lib.${namespace}) mkOpt mkBoolOpt; cfg = config.${namespace}.hardware.asahi; @@ -16,12 +16,12 @@ in firmwareDirectory = mkOpt types.path null "firmware directory"; }; - config = mkIf cfg.enable { - hardware = { - asahi = { - peripheralFirmwareDirectory = cfg.firmwareDirectory; - useExperimentalGPUDriver = cfg.enableGPU; - }; + config = { + hardware.asahi = { + enable = cfg.enable; + } // optionalAttrs cfg.enable { + peripheralFirmwareDirectory = cfg.firmwareDirectory; + useExperimentalGPUDriver = cfg.enableGPU; }; }; } diff --git a/systems/x86_64-virtual/rke2-image.nix b/systems/x86_64-virtual/rke2-image.nix deleted file mode 100755 index 62a7818..0000000 --- a/systems/x86_64-virtual/rke2-image.nix +++ /dev/null @@ -1,189 +0,0 @@ -{ pkgs, lib, modulesPath, ... }: -{ - imports = [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; - config = { - # Basic System - system.stateVersion = "24.11"; - nix.settings.experimental-features = [ "nix-command" "flakes" ]; - time.timeZone = "UTC"; - - fileSystems."/" = { - device = "/dev/disk/by-label/nixos"; - fsType = "ext4"; - autoResize = true; - }; - - boot = { - initrd = { - availableKernelModules = [ - # Xen - "xen_blkfront" - "xen_netfront" - ]; - kernelModules = [ "xen_netfront" "xen_blkfront" ]; - supportedFilesystems = [ "ext4" "xenfs" ]; - }; - kernelModules = [ - # Xen VM Requirements - "xen_netfront" - "xen_blkfront" - "xenfs" - - # iSCSI - "iscsi_tcp" - ]; - }; - - # Add Intel Arc A310 GPU Drivers - nixpkgs.config.allowUnfree = true; - hardware.enableRedistributableFirmware = true; - hardware.graphics = { - enable = true; - extraPackages = with pkgs; [ - libvdpau-va-gl - intel-vaapi-driver - intel-media-driver - intel-compute-runtime - intel-ocl - ]; - }; - - # Network Configuration - networking = { - hostName = lib.mkForce ""; - useNetworkd = true; - useDHCP = false; - - firewall = { - enable = true; - - allowedTCPPorts = [ - # RKE2 Ports - https://docs.rke2.io/install/requirements#networking - 6443 # Kubernetes API - 9345 # RKE2 supervisor API - 2379 # etcd Client Port - 2380 # etcd Peer Port - 2381 # etcd Metrics Port - 10250 # kubelet metrics - 9099 # Canal CNI health checks - ]; - - allowedUDPPorts = [ - # RKE2 Ports - https://docs.rke2.io/install/requirements#networking - 8472 # Canal CNI with VXLAN - # 51820 # Canal CNI with WireGuard IPv4 (if using encryption) - # 51821 # Canal CNI with WireGuard IPv6 (if using encryption) - ]; - - # Allow Multicast - extraCommands = '' - iptables -A INPUT -m pkttype --pkt-type multicast -j ACCEPT - ''; - }; - }; - - services = { - # Enable Xen Guest Utilities - xe-guest-utilities.enable = true; - - # Enable iSCSI - openiscsi = { - enable = true; - name = "iqn.2025.placeholder:initiator"; # Overridden @ Runtime - }; - - # Cloud Init - cloud-init = { - enable = true; - network.enable = true; - settings = { - datasource_list = [ "NoCloud" ]; - preserve_hostname = false; - system_info.distro = "nixos"; - system_info.network.renderers = [ "networkd" ]; - }; - }; - - # Enable SSH - openssh = { - enable = true; - settings = { - PasswordAuthentication = false; - PermitRootLogin = "prohibit-password"; - }; - }; - - # Enable RKE2 - rke2 = { - enable = true; - disable = [ "rke2-ingress-nginx" ]; - }; - }; - - systemd.services = { - # RKE2 - Wait Cloud Init - rke2-server = { - after = [ "cloud-final.service" ]; - requires = [ "cloud-final.service" ]; - }; - - # Runtime iSCSI Initiator Setup - iscsi-initiator-setup = { - description = "Setup iSCSI Initiator Name"; - requires = [ "cloud-final.service" ]; - before = [ "iscsid.service" ]; - after = [ "cloud-final.service" ]; - wantedBy = [ "multi-user.target" ]; - - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - }; - - path = [ pkgs.hostname pkgs.util-linux ]; - script = '' - mkdir -p /run/iscsi - echo "InitiatorName=iqn.2025.org.nixos:$(hostname)" > /run/iscsi/initiatorname.iscsi - mount --bind /run/iscsi/initiatorname.iscsi /etc/iscsi/initiatorname.iscsi - ''; - }; - }; - - # User Authorized Keys - users.users.root = { - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIe1n9l9pVF5+kjWJCOt3AvBVf1HOSZkEDZxCWVPSIkr evan@reichard" - ]; - hashedPassword = null; - }; - - # Add Symlinks Expected by Democratic - system.activationScripts = { - iscsi-initiator = '' - mkdir -p /usr/bin - ln -sf ${pkgs.openiscsi}/bin/iscsiadm /usr/bin/iscsiadm - ln -sf ${pkgs.openiscsi}/bin/iscsid /usr/bin/iscsid - ''; - }; - - # System Packages - environment = { - systemPackages = with pkgs; [ - htop - intel-gpu-tools - k9s - kubectl - kubernetes-helm - nfs-utils - openiscsi - tmux - vim - ]; - - # Don't Manage - Runtime Generation - etc."iscsi/initiatorname.iscsi".enable = false; - }; - }; -} diff --git a/systems/x86_64-virtual/usb-image.nix b/systems/x86_64-virtual/usb-image.nix deleted file mode 100755 index 568f569..0000000 --- a/systems/x86_64-virtual/usb-image.nix +++ /dev/null @@ -1,46 +0,0 @@ -{ pkgs, ... }: - -{ - # Basic System - system.stateVersion = "24.11"; - nix.settings.experimental-features = [ "nix-command" "flakes" ]; - time.timeZone = "UTC"; - - fileSystems."/" = { - device = "/dev/disk/by-label/nixos"; - fsType = "ext4"; - autoResize = true; - }; - - # SSH - services.openssh = { - enable = true; - settings = { - PasswordAuthentication = false; - PermitRootLogin = "prohibit-password"; - }; - }; - - # Firewall Configuration - networking.firewall = { - enable = true; - allowedTCPPorts = [ - 22 - ]; - }; - - # User Authorized Keys - users.users.root = { - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIe1n9l9pVF5+kjWJCOt3AvBVf1HOSZkEDZxCWVPSIkr evan@reichard" - ]; - hashedPassword = null; - }; - - # System Packages - environment.systemPackages = with pkgs; [ - htop - tmux - vim - ]; -} diff --git a/hosts/rke2-image.nix b/systems/x86_64-vmware/rke2-node/default.nix old mode 100644 new mode 100755 similarity index 98% rename from hosts/rke2-image.nix rename to systems/x86_64-vmware/rke2-node/default.nix index 62a7818..9c28331 --- a/hosts/rke2-image.nix +++ b/systems/x86_64-vmware/rke2-node/default.nix @@ -4,6 +4,10 @@ (modulesPath + "/profiles/qemu-guest.nix") ]; config = { + reichard = { + nix.enable = false; + }; + # Basic System system.stateVersion = "24.11"; nix.settings.experimental-features = [ "nix-command" "flakes" ];