mirror of
https://github.com/sstent/vmimages.git
synced 2026-01-25 06:31:35 +00:00
updates
This commit is contained in:
@@ -14,6 +14,7 @@
|
|||||||
# system.stateVersion = "22.11";
|
# system.stateVersion = "22.11";
|
||||||
nixpkgs.hostPlatform.system = "x86_64-linux";
|
nixpkgs.hostPlatform.system = "x86_64-linux";
|
||||||
networking.hostName = "StuPC-WSL";
|
networking.hostName = "StuPC-WSL";
|
||||||
|
services.openssh.enable = true;
|
||||||
custom = {
|
custom = {
|
||||||
mullvad.enable = true;
|
mullvad.enable = true;
|
||||||
mnt_public.enable = true;
|
mnt_public.enable = true;
|
||||||
|
|||||||
26
hosts/binfmt.nix
Normal file
26
hosts/binfmt.nix
Normal file
@@ -0,0 +1,26 @@
|
|||||||
|
|
||||||
|
{ lib, inputs, outputs, pkgs, config, ... }:
|
||||||
|
# Define qemu-arm-static source.
|
||||||
|
let qemu-arm-static = pkgs.stdenv.mkDerivation {
|
||||||
|
name = "qemu-arm-static";
|
||||||
|
src = builtins.fetchurl {
|
||||||
|
url = "https://github.com/multiarch/qemu-user-static/releases/download/v6.1.0-8/qemu-arm-static";
|
||||||
|
sha256 = "06344d77d4f08b3e1b26ff440cb115179c63ca8047afb978602d7922a51231e3";
|
||||||
|
};
|
||||||
|
dontUnpack = true;
|
||||||
|
installPhase = "install -D -m 0755 $src $out/bin/qemu-arm-static";
|
||||||
|
};
|
||||||
|
in {
|
||||||
|
# Enable binfmt emulation of extra binary formats (armv7l-linux, for exmaple).
|
||||||
|
boot.binfmt.registrations.arm = {
|
||||||
|
interpreter = "${qemu-arm-static}/bin/qemu-arm-static";
|
||||||
|
magicOrExtension = ''\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00'';
|
||||||
|
mask = ''\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\x00\xff\xfe\xff\xff\xff'';
|
||||||
|
};
|
||||||
|
|
||||||
|
# Define additional settings for nix.
|
||||||
|
nix.extraOptions = ''
|
||||||
|
extra-platforms = armv7l-linux aarch64-linux
|
||||||
|
'';
|
||||||
|
nix.settings.extra-sandbox-paths = [ "/run/binfmt/arm=${qemu-arm-static}/bin/qemu-arm-static" ];
|
||||||
|
}
|
||||||
@@ -1,3 +1,4 @@
|
|||||||
|
<<<<<<< HEAD
|
||||||
# This file (and the global directory) holds config that i use on all hosts
|
# This file (and the global directory) holds config that i use on all hosts
|
||||||
{
|
{
|
||||||
lib,
|
lib,
|
||||||
@@ -83,3 +84,97 @@
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
=======
|
||||||
|
# This file (and the global directory) holds config that i use on all hosts
|
||||||
|
{ lib, inputs, outputs, pkgs, config, ... }:
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
inputs.home-manager.nixosModules.home-manager
|
||||||
|
inputs.sops-nix.nixosModules.sops
|
||||||
|
# ./binfmt.nix
|
||||||
|
]++ (builtins.attrValues outputs.nixosModules);
|
||||||
|
|
||||||
|
###dotfiles path variable
|
||||||
|
options._dotfiles = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
default = "${inputs.self}/home-manager/dotfiles";
|
||||||
|
description = "Path to the dotfiles in this repository";
|
||||||
|
};
|
||||||
|
|
||||||
|
###secrets path variable
|
||||||
|
options._secrets = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
default = "/run/user/1000/secrets";
|
||||||
|
description = "Path to the Secrets runtime";
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
###secretstore path variable
|
||||||
|
options._secretstore = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
default = "${inputs.self}/secrets";
|
||||||
|
description = "Path to the Secrets storage";
|
||||||
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
|
system.stateVersion = "23.05";
|
||||||
|
|
||||||
|
|
||||||
|
sops = {
|
||||||
|
defaultSopsFile = "${config._secretstore}/host-secrets.yaml";
|
||||||
|
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
home-manager = {
|
||||||
|
useUserPackages = true;
|
||||||
|
extraSpecialArgs = { inherit inputs outputs; };
|
||||||
|
sharedModules = [
|
||||||
|
inputs.sops-nix.homeManagerModules.sops
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
nixpkgs.config.allowUnfree = true;
|
||||||
|
programs.fuse.userAllowOther = true;
|
||||||
|
security.sudo.wheelNeedsPassword = false;
|
||||||
|
|
||||||
|
# nixpkgs.overlays = overlays;
|
||||||
|
# Enable nix flakes
|
||||||
|
nix.package = pkgs.nixFlakes;
|
||||||
|
nix.extraOptions = ''
|
||||||
|
experimental-features = nix-command flakes
|
||||||
|
'';
|
||||||
|
nix.nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
|
||||||
|
# nix.extra-platforms = aarch64-linux i686-linux;
|
||||||
|
|
||||||
|
# nix.nixPath = [ "nixpkgs=pkgs.outPath" ];
|
||||||
|
# boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
||||||
|
boot.binfmt.emulatedSystems = ["armv7l-linux" "aarch64-linux"];
|
||||||
|
|
||||||
|
nix.settings.substituters = [
|
||||||
|
"https://fbleagh.cachix.org"
|
||||||
|
"https://cache.armv7l.xyz"
|
||||||
|
"https://arm.cachix.org"
|
||||||
|
"https://thefloweringash-armv7.cachix.org" ];
|
||||||
|
nix.settings.trusted-public-keys = [
|
||||||
|
"fbleagh.cachix.org-1:HNgEVkx9HfKmEQdR+9IeCwqFza0k8d8fJgcYvOTVDB8="
|
||||||
|
"cache.armv7l.xyz-1:kBY/eGnBAYiqYfg0fy0inWhshUo+pGFM3Pj7kIkmlBk="
|
||||||
|
"arm.cachix.org-1:K3XjAeWPgWkFtSS9ge5LJSLw3xgnNqyOaG7MDecmTQ8="
|
||||||
|
"thefloweringash-armv7.cachix.org-1:v+5yzBD2odFKeXbmC+OPWVqx4WVoIVO6UXgnSAWFtso="
|
||||||
|
];
|
||||||
|
nix.settings.trusted-users = [ "root" "sstent" ];
|
||||||
|
|
||||||
|
#services.envfs.enable = true;
|
||||||
|
environment.systemPackages = [
|
||||||
|
pkgs.git
|
||||||
|
pkgs.home-manager
|
||||||
|
pkgs.sops
|
||||||
|
pkgs.ssh-to-age
|
||||||
|
pkgs.age
|
||||||
|
pkgs.qemu
|
||||||
|
pkgs.cachix
|
||||||
|
];
|
||||||
|
|
||||||
|
};
|
||||||
|
}
|
||||||
|
>>>>>>> dacf7df (updates)
|
||||||
|
|||||||
Reference in New Issue
Block a user