pegasust
/
dotfiles
1
0
Fork 0
Code Issues 6 Pull Requests Projects Releases Wiki Activity

Compare commits

base: pegasust:6b832e17698652365a46a20bfbb0efc930b5ed27
Branches Tags
pegasust:bleed
pegasust:telescope-reuse-window
pegasust:lean
pegasust:try-kitty
pegasust:bare
pegasust:master
pegasust:std
pegasust:top-level-wip
pegasust:top-level-wip-bao
pegasust:top-level-nix
pegasust:lazy-refac
pegasust:nix-refac
pegasust:nix-rearch
pegasust:nix-components
pegasust:yaml
pegasust:consolidate-nix
pegasust:fix-pylsp
pegasust:mason-deno-fix
pegasust:archive/test-hm
pegasust:archive/plugins-need-update
pegasust:archive/boost
..
compare: pegasust:6b1174d0dc9510bee4d6e7ef472e2a4dee4c4e57
Branches Tags
pegasust:bleed
pegasust:telescope-reuse-window
pegasust:lean
pegasust:try-kitty
pegasust:bare
pegasust:master
pegasust:std
pegasust:top-level-wip
pegasust:top-level-wip-bao
pegasust:top-level-nix
pegasust:lazy-refac
pegasust:nix-refac
pegasust:nix-rearch
pegasust:nix-components
pegasust:yaml
pegasust:consolidate-nix
pegasust:fix-pylsp
pegasust:mason-deno-fix
pegasust:archive/test-hm
pegasust:archive/plugins-need-update
pegasust:archive/boost

7 Commits
6b832e1769 ... 6b1174d0dc

Author SHA1 Message Date
pegasust 6b1174d0dc cosmetics 2022-11-25 23:02:59 -07:00
pegasust 8d82d12447 Merge remote-tracking branch 'gh/master' into underscore 2022-11-25 23:01:09 -07:00
pegasust 9a476b97bc Merge remote-tracking branch 'gh/master' 2022-11-26 06:00:41 +00:00
pegasust 222afb4f89 add lizzi config 2022-11-26 06:00:06 +00:00
pegasust b6440c0573 WIP on master: 089ce7e ssh: lester:nix-system-nix failed 2022-11-25 22:39:32 -07:00
pegasust 46d0f926f3 index on master: 089ce7e ssh: lester:nix-system-nix failed 2022-11-25 22:39:32 -07:00
pegasust 089ce7e6a3 ssh: lester:nix-system-nix failed 2022-11-25 22:07:48 -07:00
5 changed files with 92 additions and 61 deletions
Show Stats Expand all files Collapse all files

4
.luarc.json Normal file
View File

@ -0,0 +1,4 @@
{
"$schema": "https://raw.githubusercontent.com/sumneko/vscode-lua/master/setting/schema.json",
"Lua.workspace.checkThirdParty": false
}

15
ssh/config
View File

@ -26,13 +26,7 @@ Host nioma
IdentityFile ~/.ssh/free-aws.pem IdentityFile ~/.ssh/free-aws.pem
Port 22 Port 22
# Ubuntu 22.04 LTS Pegasust@Linode # NixOS Pegasust-gh@Linode
Host ocolo-lab
HostName ocolo.pegasust.com
User root
Port 22
# NixOS Pegasust@Linode
Host nyx Host nyx
HostName nyx.pegasust.com HostName nyx.pegasust.com
User hungtr User hungtr
@ -43,14 +37,9 @@ Host lizzi
User hungtr User hungtr
Port 22 Port 22
# Ubuntu 4G Pegasust-gh@Linode
Host ash Host ash
HostName 192.155.95.41 HostName 192.155.95.41
User hungtr User hungtr
Port 22 Port 22
Host lester
HostName 139.144.185.207
User hungtr
Port 22

44
system-nix/configuration.nix
View File

@ -2,9 +2,9 @@
let let
hostname = specialArgs.hostname; hostname = specialArgs.hostname;
enableSSH = specialArgs.enableSSH or true; enableSSH = specialArgs.enableSSH or true;
networking = { hostName = hostname; } // (specialArgs.networking or { }); _networking = { hostName = hostname; } // (specialArgs._networking or { });
boot = specialArgs.boot or { }; _boot = specialArgs._boot or { };
services = specialArgs.services or { }; _services = specialArgs._services or { };
includeHardware = specialArgs.includeHardware or true; includeHardware = specialArgs.includeHardware or true;
in in
with lib; with lib;
@ -14,7 +14,7 @@ with lib;
] else [ ]) ++ [ ] else [ ]) ++ [
"${modulesPath}/profiles/minimal.nix" "${modulesPath}/profiles/minimal.nix"
]; ];
inherit boot; boot = _boot;
system.stateVersion = "22.05"; system.stateVersion = "22.05";
# users.users.<defaultUser>.uid = 1000; # users.users.<defaultUser>.uid = 1000;
@ -56,7 +56,7 @@ with lib;
]; ];
# tailscale is mandatory : ^) # tailscale is mandatory : ^)
# inherit services; # inherit services;
services = services // { services = _services // {
tailscale.enable = true; tailscale.enable = true;
}; };
# create a oneshot job to authenticate to Tailscale # create a oneshot job to authenticate to Tailscale
@ -89,23 +89,25 @@ with lib;
}; };
# Don't touch networking.firewall.enable, just configure everything else. # Don't touch networking.firewall.enable, just configure everything else.
# inherit networking; # inherit networking;
networking = networking // { # inherit _networking;
firewall = (networking.firewall.enable and { networking = _networking // {
trustedInterfaces = networking.firewall.trustedInterfaces or [ ] ++ [ firewall =
"tailscale0" if _networking.firewall.enable ? false then {
]; trustedInterfaces = _networking.firewall.trustedInterfaces or [ ] ++ [
allowedUDPPorts = networking.firewall.allowedUDPPorts or [ ] ++ [ "tailscale0"
config.services.tailscale.port ];
]; allowedUDPPorts = _networking.firewall.allowedUDPPorts or [ ] ++ [
allowedTCPPorts = networking.firewall.allowedTCPPorts or [ ] ++ [ config.services.tailscale.port
22 ];
]; allowedTCPPorts = _networking.firewall.allowedTCPPorts or [ ] ++ [
allowedUDPPortRanges = networking.firewall.allowedUDPPortRanges or [ ] ++ [ 22
{ from = 60000; to = 61000; } # mosh ];
allowedUDPPortRanges = _networking.firewall.allowedUDPPortRanges or [ ] ++ [
{ from = 60000; to = 61000; } # mosh
]; ];
checkReversePath = "loose"; checkReversePath = "loose";
}) or {}; } else { enable = false; };
}; };
} }

43
system-nix/flake.nix
View File

@ -17,7 +17,7 @@
specialArgs = { specialArgs = {
# includeHardware = false; # includeHardware = false;
hostname = "Felia"; hostname = "Felia";
services.openssh = { _services.openssh = {
permitRootLogin = "no"; permitRootLogin = "no";
enable = true; enable = true;
}; };
@ -31,36 +31,25 @@
]; ];
specialArgs = { specialArgs = {
hostname = "lizzi"; hostname = "lizzi";
networking = { _networking = {
interfaces.eth1.ipv4.addresses = [{ interfaces.eth1.ipv4.addresses = [{
address = "71.0.0.1"; address = "71.0.0.1";
prefixLength = 24; prefixLength = 24;
}]; }];
firewall = { firewall = {
enable = false; enable = false;
# Also wishing for nix-lsp to be a bit better here allowedTCPPorts = [ 80 443 ];
# A man can only pray and cry
# How would we add such functionality to nix-lsp if nix is
# inherently lazy?
#
# Can use the schema, maybe?
#
# Also wishing on the ability for services to declare their
# own ports now
#
# Maybe write a mkService?
allowedTCPPorts = [80 443];
}; };
useDHCP = false; useDHCP = false;
interfaces.eth0.useDHCP = true; interfaces.eth0.useDHCP = true;
}; };
boot.loader.grub.enable = true; _boot.loader.grub.enable = true;
boot.loader.grub.version = 2; _boot.loader.grub.version = 2;
services.openssh = { _services.openssh = {
permitRootLogin = "no"; permitRootLogin = "no";
enable = true; enable = true;
}; };
services.gitea = { _services.gitea = {
enable = true; enable = true;
stateDir = "/gitea"; stateDir = "/gitea";
rootUrl = "https://git.pegasust.com"; rootUrl = "https://git.pegasust.com";
@ -71,7 +60,7 @@
}; };
}; };
}; };
services.nginx = { _services.nginx = {
enable = true; enable = true;
clientMaxBodySize = "100m"; # Allow big file transfers over git :^) clientMaxBodySize = "100m"; # Allow big file transfers over git :^)
recommendedGzipSettings = true; recommendedGzipSettings = true;
@ -95,14 +84,14 @@
]; ];
specialArgs = { specialArgs = {
hostname = "lester"; hostname = "lester";
networking = { _networking = {
firewall.enable = true; firewall.enable = true;
useDHCP = false; useDHCP = false;
interfaces.eth0.useDHCP = true; interfaces.eth0.useDHCP = true;
}; };
boot.loader.grub.enable = true; _boot.loader.grub.enable = true;
boot.loader.grub.version = 2; _boot.loader.grub.version = 2;
services.openssh = { _services.openssh = {
permitRootLogin = "no"; permitRootLogin = "no";
enable = true; enable = true;
}; };
@ -115,7 +104,7 @@
]; ];
specialArgs = { specialArgs = {
hostname = "nyx"; hostname = "nyx";
networking = { _networking = {
interfaces.eth1.ipv4.addresses = [{ interfaces.eth1.ipv4.addresses = [{
address = "71.0.0.2"; address = "71.0.0.2";
prefixLength = 24; prefixLength = 24;
@ -124,9 +113,9 @@
useDHCP = false; useDHCP = false;
interfaces.eth0.useDHCP = true; interfaces.eth0.useDHCP = true;
}; };
boot.loader.grub.enable = true; _boot.loader.grub.enable = true;
boot.loader.grub.version = 2; _boot.loader.grub.version = 2;
services.openssh = { _services.openssh = {
permitRootLogin = "no"; permitRootLogin = "no";
enable = true; enable = true;
}; };

47
system-nix/profiles/lizzi/hardware-configuration.nix
View File

@ -0,0 +1,47 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1
terminal_input serial;
terminal_output serial
'';
boot.loader.grub.forceInstall = true;
boot.loader.grub.device = "nodev";
boot.loader.timeout = 10;
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems = {
"/" = { device = "/dev/sda";
fsType = "ext4";
};
"/gitea" = {
device = "/dev/disk/by-id/scsi-0Linode_Volume_gitea";
fsType = "ext4";
};
};
swapDevices =
[ { device = "/dev/sdb"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s5.useDHCP = lib.mkDefault true;
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}