sync

2026-01-25 14:41:44 +00:00 · 2024-01-24 22:36:34 +00:00
parent d2150a7470
commit 8c279674b0
12 changed files with 264 additions and 260 deletions
--- a/hosts/binfmt.nix
+++ b/hosts/binfmt.nix
@@ -1,26 +1,33 @@
-
-{ lib, inputs, outputs, pkgs, config, ... }:
-# Define qemu-arm-static source.
-let qemu-arm-static = pkgs.stdenv.mkDerivation {
-  name = "qemu-arm-static";
-  src = builtins.fetchurl {
-    url = "https://github.com/multiarch/qemu-user-static/releases/download/v6.1.0-8/qemu-arm-static";
-    sha256 = "06344d77d4f08b3e1b26ff440cb115179c63ca8047afb978602d7922a51231e3";
-  };
-  dontUnpack = true;
-  installPhase = "install -D -m 0755 $src $out/bin/qemu-arm-static";
-};
-in {
-  # Enable binfmt emulation of extra binary formats (armv7l-linux, for exmaple).
-  boot.binfmt.registrations.arm = {
-    interpreter = "${qemu-arm-static}/bin/qemu-arm-static";
-    magicOrExtension = ''\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00'';
-    mask = ''\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff'';
-  };
-
-  # Define additional settings for nix.
-  nix.extraOptions = ''
-    extra-platforms = armv7l-linux aarch64-linux
-  '';
-  nix.settings.extra-sandbox-paths = [ "/run/binfmt/arm=${qemu-arm-static}/bin/qemu-arm-static" ];
-}
+{
+  lib,
+  inputs,
+  outputs,
+  pkgs,
+  config,
+  ...
+}:
+# Define qemu-arm-static source.
+let
+  qemu-arm-static = pkgs.stdenv.mkDerivation {
+    name = "qemu-arm-static";
+    src = builtins.fetchurl {
+      url = "https://github.com/multiarch/qemu-user-static/releases/download/v6.1.0-8/qemu-arm-static";
+      sha256 = "06344d77d4f08b3e1b26ff440cb115179c63ca8047afb978602d7922a51231e3";
+    };
+    dontUnpack = true;
+    installPhase = "install -D -m 0755 $src $out/bin/qemu-arm-static";
+  };
+in {
+  # Enable binfmt emulation of extra binary formats (armv7l-linux, for exmaple).
+  boot.binfmt.registrations.arm = {
+    interpreter = "${qemu-arm-static}/bin/qemu-arm-static";
+    magicOrExtension = ''\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00'';
+    mask = ''\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff'';
+  };
+
+  # Define additional settings for nix.
+  nix.extraOptions = ''
+    extra-platforms = armv7l-linux aarch64-linux
+  '';
+  nix.settings.extra-sandbox-paths = ["/run/binfmt/arm=${qemu-arm-static}/bin/qemu-arm-static"];
+}
--- a/hosts/common.nix
+++ b/hosts/common.nix
@@ -1,101 +1,101 @@
-# This file (and the global directory) holds config that i use on all hosts
-{
-  lib,
-  inputs,
-  outputs,
-  pkgs,
-  config,
-  ...
-}: {
-  imports =
-    [
-      inputs.home-manager.nixosModules.home-manager
-      inputs.sops-nix.nixosModules.sops
-    ]
-    ++ (builtins.attrValues outputs.nixosModules);
-
-  ###dotfiles path variable
-  options._dotfiles = lib.mkOption {
-    type = lib.types.str;
-    default = "${inputs.self}/home-manager/dotfiles";
-    description = "Path to the dotfiles in this repository";
-  };
-
-  ###secrets path variable
-  options._secrets = lib.mkOption {
-    type = lib.types.str;
-    default = "/run/user/1000/secrets";
-    description = "Path to the Secrets runtime";
-  };
-
-  ###secretstore path variable
-  options._secretstore = lib.mkOption {
-    type = lib.types.str;
-    default = "${inputs.self}/secrets";
-    description = "Path to the Secrets storage";
-  };
-
-  config = {
-    system.stateVersion = "23.05";
-
-    sops = {
-      defaultSopsFile = "${config._secretstore}/host-secrets.yaml";
-      age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
-    };
-
-    home-manager = {
-      useUserPackages = true;
-      extraSpecialArgs = {inherit inputs outputs;};
-      sharedModules = [
-        inputs.sops-nix.homeManagerModules.sops
-      ];
-    };
-
-    nixpkgs.config.allowUnfree = true;
-    programs.fuse.userAllowOther = true;
-    security.sudo.wheelNeedsPassword = false;
-  virtualisation.docker.enable = true;
-
-    # nixpkgs.overlays = overlays;
-    # Enable nix flakes
-    nix.package = pkgs.nixFlakes;
-    nix.extraOptions = ''
-      experimental-features = nix-command flakes
-    '';
-    nix.nixPath = ["nixpkgs=${inputs.nixpkgs}"];
-    #  nix.nixPath = [ "nixpkgs=pkgs.outPath" ];
-    networking.search = ["node.dc1.consul" "service.dc1.consul"];
-    networking.nameservers = ["192.168.1.1" "1.1.1.1"];
-  # Enable networking
-  networking.networkmanager.enable = true;
-
-# Select internationalisation properties.
-  i18n.defaultLocale = "en_US.UTF-8";
-
-  i18n.extraLocaleSettings = {
-    LC_ADDRESS = "en_US.UTF-8";
-    LC_IDENTIFICATION = "en_US.UTF-8";
-    LC_MEASUREMENT = "en_US.UTF-8";
-    LC_MONETARY = "en_US.UTF-8";
-    LC_NAME = "en_US.UTF-8";
-    LC_PAPER = "en_US.UTF-8";
-    LC_TELEPHONE = "en_US.UTF-8";
-  };
-
-    #services.envfs.enable = true;
-    environment.systemPackages = [
-      pkgs.git
-      pkgs.home-manager
-      pkgs.sops
-      pkgs.ssh-to-age
-      pkgs.age
-      pkgs.bitwarden-cli
-    ];
-
-    nix.gc = {
-      automatic = true; # Enable the automatic garbage collector
-      dates = "03:15"; # When to run the garbage collector
-      options = "-d"; # Arguments to pass to nix-collect-garbage
-    };
-  };
-}
+# This file (and the global directory) holds config that i use on all hosts
+{
+  lib,
+  inputs,
+  outputs,
+  pkgs,
+  config,
+  ...
+}: {
+  imports =
+    [
+      inputs.home-manager.nixosModules.home-manager
+      inputs.sops-nix.nixosModules.sops
+    ]
+    ++ (builtins.attrValues outputs.nixosModules);
+
+  ###dotfiles path variable
+  options._dotfiles = lib.mkOption {
+    type = lib.types.str;
+    default = "${inputs.self}/home-manager/dotfiles";
+    description = "Path to the dotfiles in this repository";
+  };
+
+  ###secrets path variable
+  options._secrets = lib.mkOption {
+    type = lib.types.str;
+    default = "/run/user/1000/secrets";
+    description = "Path to the Secrets runtime";
+  };
+
+  ###secretstore path variable
+  options._secretstore = lib.mkOption {
+    type = lib.types.str;
+    default = "${inputs.self}/secrets";
+    description = "Path to the Secrets storage";
+  };
+
+  config = {
+    system.stateVersion = "23.05";
+
+    sops = {
+      defaultSopsFile = "${config._secretstore}/host-secrets.yaml";
+      age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
+    };
+
+    home-manager = {
+      useUserPackages = true;
+      extraSpecialArgs = {inherit inputs outputs;};
+      sharedModules = [
+        inputs.sops-nix.homeManagerModules.sops
+      ];
+    };
+
+    nixpkgs.config.allowUnfree = true;
+    programs.fuse.userAllowOther = true;
+    security.sudo.wheelNeedsPassword = false;
+    virtualisation.docker.enable = true;
+
+    # nixpkgs.overlays = overlays;
+    # Enable nix flakes
+    nix.package = pkgs.nixFlakes;
+    nix.extraOptions = ''
+      experimental-features = nix-command flakes
+    '';
+    nix.nixPath = ["nixpkgs=${inputs.nixpkgs}"];
+    #  nix.nixPath = [ "nixpkgs=pkgs.outPath" ];
+    networking.search = ["node.dc1.consul" "service.dc1.consul"];
+    networking.nameservers = ["192.168.1.1" "1.1.1.1"];
+    # Enable networking
+    networking.networkmanager.enable = true;
+
+    # Select internationalisation properties.
+    i18n.defaultLocale = "en_US.UTF-8";
+
+    i18n.extraLocaleSettings = {
+      LC_ADDRESS = "en_US.UTF-8";
+      LC_IDENTIFICATION = "en_US.UTF-8";
+      LC_MEASUREMENT = "en_US.UTF-8";
+      LC_MONETARY = "en_US.UTF-8";
+      LC_NAME = "en_US.UTF-8";
+      LC_PAPER = "en_US.UTF-8";
+      LC_TELEPHONE = "en_US.UTF-8";
+    };
+
+    #services.envfs.enable = true;
+    environment.systemPackages = [
+      pkgs.git
+      pkgs.home-manager
+      pkgs.sops
+      pkgs.ssh-to-age
+      pkgs.age
+      pkgs.bitwarden-cli
+    ];
+
+    nix.gc = {
+      automatic = true; # Enable the automatic garbage collector
+      dates = "03:15"; # When to run the garbage collector
+      options = "-d"; # Arguments to pass to nix-collect-garbage
+    };
+  };
+}