From 374733e40f0f919c4dff84e327e832152d85de50 Mon Sep 17 00:00:00 2001 From: Sameer Rahmani Date: Fri, 19 Apr 2024 21:53:25 +0100 Subject: [PATCH] Add the X1 host --- flake.lock | 38 ++++++------ flake.nix | 32 ++++++++-- users/lxsameer/desktop.nix | 5 +- worlds/majin.nix | 27 ++++---- worlds/x1.nix | 119 ++++++++++++++++++++++++++++++++++++ worlds/x1/configuration.nix | 0 worlds/x1/disks.nix | 43 +++++++++++++ 7 files changed, 224 insertions(+), 40 deletions(-) create mode 100644 worlds/x1.nix delete mode 100644 worlds/x1/configuration.nix create mode 100644 worlds/x1/disks.nix diff --git a/flake.lock b/flake.lock index ca4f233..ce7382e 100644 --- a/flake.lock +++ b/flake.lock @@ -197,11 +197,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1712798444, - "narHash": "sha256-aAksVB7zMfBQTz0q2Lw3o78HM3Bg2FRziX2D6qnh+sk=", + "lastModified": 1713406758, + "narHash": "sha256-kwZvhmx+hSZvjzemKxsAqzEqWmXZS47VVwQhNrINORQ=", "owner": "nix-community", "repo": "disko", - "rev": "a297cb1cb0337ee10a7a0f9517954501d8f6f74d", + "rev": "1efd500e9805a9efbce401ed5999006d397b9f11", "type": "github" }, "original": { @@ -260,11 +260,11 @@ "noether": "noether" }, "locked": { - "lastModified": 1712913470, - "narHash": "sha256-4k0NGJ4b/sd7IU/4Pth6uDBWO6R8fZwFTPnG3BlUOWA=", + "lastModified": 1713556431, + "narHash": "sha256-M/ZdNssBX9t2qRbbTELUtaAnL0UlRgxGKwbgDd+/kIo=", "ref": "refs/heads/master", - "rev": "26c1a6074dd9f9e08ee5f54af6766e43d1c2956d", - "revCount": 1098, + "rev": "259379d20d979aff1726d01afcf602a75151bf05", + "revCount": 1124, "type": "git", "url": "https://devheroes.codes/FG42/FG42" }, @@ -495,11 +495,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1712909959, - "narHash": "sha256-7/5ubuwdEbQ7Z+Vqd4u0mM5L2VMNDsBh54visp27CtQ=", + "lastModified": 1713521961, + "narHash": "sha256-EwR8wW9AqJhSIY+0oxWRybUZ32BVKuZ9bjlRh8SJvQ8=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "f58b25254be441cd2a9b4b444ed83f1e51244f1f", + "rev": "5d48925b815fd202781bfae8fb6f45c07112fdb2", "type": "github" }, "original": { @@ -510,11 +510,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1712757991, - "narHash": "sha256-kR7C7Fqt3JP40h0mzmSZeWI5pk1iwqj4CSeGjnUbVHc=", + "lastModified": 1713254108, + "narHash": "sha256-0TZIsfDbHG5zibtlw6x0yOp3jkInIGaJ35B7Y4G8Pec=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d6b3ddd253c578a7ab98f8011e59990f21dc3932", + "rev": "2fd19c8be2551a61c1ddc3d9f86d748f4db94f00", "type": "github" }, "original": { @@ -695,16 +695,16 @@ "nixpkgs": "nixpkgs_5" }, "locked": { - "lastModified": 1712846008, - "narHash": "sha256-0739q1QSpprLrlqdmQeSM9ynqmuqHagmRLnyMEy47Xc=", - "ref": "refs/tags/v0.1.8", - "rev": "e53688bcc79e5e3142bb2c912d59965c086dafe4", - "revCount": 49, + "lastModified": 1713553841, + "narHash": "sha256-k0p6s7cbN3cAeOBeTpIaFWbHhma+yNisC7HwAo4aDuA=", + "ref": "refs/tags/v0.1.10", + "rev": "8164261df59f6a31cbbd72b19777b1023aa38448", + "revCount": 52, "type": "git", "url": "https://devheroes.codes/lxsameer/noether" }, "original": { - "ref": "refs/tags/v0.1.8", + "ref": "refs/tags/v0.1.10", "type": "git", "url": "https://devheroes.codes/lxsameer/noether" } diff --git a/flake.nix b/flake.nix index 653f4ac..1db83f9 100644 --- a/flake.nix +++ b/flake.nix @@ -58,7 +58,7 @@ ]; }; - utils = pkgs.callPackage ./utils {}; + utils = pkgs.callPackage ./utils { }; modules = pkgs.callPackage ./modules { inherit system pkgs; inherit (inputs) nixos-generators; @@ -78,11 +78,12 @@ inherit nixpkgs inputs system pkgs modules utils; inherit (inputs) sops; hostBuilderConfig = { - inVM = false; - }; + inVM = false; + }; }; - in rec{ + in + rec{ inherit pkgs; packages.${system} = { @@ -94,6 +95,14 @@ boot-majin = utils.bootImage packages.${system}.majinVM; boot-majin-installer = utils.bootImage packages.${system}.majinInstallerVM; + x1 = nixosConfigurations.x1; + x1VM = nixosConfigurations.x1VM; + x1Installer = nixosConfigurations.x1Installer.config.formats.iso; + x1InstallerVM = nixosConfigurations.x1InstallerVM.config.formats.iso; + + boot-x1 = utils.bootImage packages.${system}.x1VM; + boot-x1-installer = utils.bootImage packages.${system}.x1InstallerVM; + maryland = nixosConfigurations.maryland; marylandVM = nixosConfigurations.marylandVM; marylandInstaller = nixosConfigurations.marylandInstaller.config.formats.iso; @@ -110,7 +119,7 @@ majin = (import ./worlds/majin.nix defaultParams).majin; majinInstaller = (import ./worlds/majin.nix defaultParams).installer; - majinVM = (import ./worlds/majin.nix (defaultParams // { + majinVM = (import ./worlds/majin.nix (defaultParams // { hostBuilderConfig.inVM = true; })).majin; @@ -118,10 +127,21 @@ hostBuilderConfig.inVM = true; })).installer; + x1 = (import ./worlds/x1.nix defaultParams).x1; + x1Installer = (import ./worlds/x1.nix defaultParams).installer; + + x1VM = (import ./worlds/x1.nix (defaultParams // { + hostBuilderConfig.inVM = true; + })).x1; + + x1InstallerVM = (import ./worlds/x1.nix (defaultParams // { + hostBuilderConfig.inVM = true; + })).installer; + maryland = (import ./worlds/maryland.nix defaultParams).maryland; marylandInstaller = (import ./worlds/maryland.nix defaultParams).installer; - marylandVM = (import ./worlds/maryland.nix (defaultParams // { + marylandVM = (import ./worlds/maryland.nix (defaultParams // { hostBuilderConfig.inVM = true; })).maryland; diff --git a/users/lxsameer/desktop.nix b/users/lxsameer/desktop.nix index 094a97b..c59a8e6 100644 --- a/users/lxsameer/desktop.nix +++ b/users/lxsameer/desktop.nix @@ -69,7 +69,8 @@ in home.extraOutputsToInstall = [ "man" ]; # Packages that should be installed to the user profile. home.packages = with pkgs; [ - params.fg42.none + params.fg42.default + # archives zip xz @@ -376,7 +377,7 @@ in systemctl --user import-environment XMODIFIERS GTK_IM_MODULE QT_IM_MODULE CLUTTER_IM_MODULE ''; xsession.scriptPath = ".fg42-xsession"; - xsession.windowManager.command = "/etc/profiles/per-user/lxsameer/bin/fg42-wm"; # "${params.fg42}/bin/fg42-wm"; + xsession.windowManager.command = "/etc/profiles/per-user/lxsameer/bin/fg42-wm"; services.dunst.enable = true; services.pasystray.enable = true; diff --git a/worlds/majin.nix b/worlds/majin.nix index a2f7d5b..662ca3b 100644 --- a/worlds/majin.nix +++ b/worlds/majin.nix @@ -13,16 +13,16 @@ # # You should have received a copy of the GNU General Public License # along with this program. If not, see . -{ nixpkgs, - modules, - system, - inputs, - pkgs, - utils, - hostBuilderConfig ? { +{ nixpkgs +, modules +, system +, inputs +, pkgs +, utils +, hostBuilderConfig ? { inVM = false; - }, - ... + } +, ... }@params: @@ -41,8 +41,8 @@ let # I want to fully control my users via nix users.mutableUsers = false; networking.extraHosts = '' - 192.168.0.122 mc - 192.168.0.202 mary + 192.168.0.122 mc + 192.168.0.202 mary ''; fileSystems."/home".neededForBoot = true; @@ -67,13 +67,14 @@ let }; - lxsameer = pkgs.callPackage ../users/lxsameer/default.nix {}; + lxsameer = pkgs.callPackage ../users/lxsameer/default.nix { }; fg42 = inputs.fg42.packages.${system}; inVM = (utils.sanitizeBuilderConfig hostBuilderConfig).inVM; host = if inVM then "majinVM" else "majin"; -in { +in +{ installer = import ./installer.nix (params // { diskModule = (modules.disk-installer diff --git a/worlds/x1.nix b/worlds/x1.nix new file mode 100644 index 0000000..336dd57 --- /dev/null +++ b/worlds/x1.nix @@ -0,0 +1,119 @@ +# Universe - The big bang to my universe +# +# Copyright (c) 2023-2024 Sameer Rahmani +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, version 2. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +{ nixpkgs +, modules +, system +, inputs +, pkgs +, utils +, hostBuilderConfig ? { + inVM = false; + } +, ... +}@params: + + +let + this = { pkgs, config, lib, ... }: { + time.timeZone = lib.mkDefault "Europe/Dublin"; + + networking.hostName = "x1"; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + + hardware.enableRedistributableFirmware = true; + hardware.cpu.intel.updateMicrocode = true; + + # I want to fully control my users via nix + users.mutableUsers = false; + networking.extraHosts = '' + 192.168.0.122 mc + 192.168.0.86 majin + 192.168.0.87 mini + ''; + + fileSystems."/".neededForBoot = true; + services.gvfs.enable = true; + + networking.firewall = { + enable = true; + allowedTCPPorts = [ 8000 ]; + }; + security.pam = { + services = { + login.u2fAuth = true; + sudo.u2fAuth = true; + }; + yubico = { + enable = true; + debug = true; + mode = "challenge-response"; + id = [ "24571728" "24571700" ]; + }; + }; + + }; + + lxsameer = pkgs.callPackage ../users/lxsameer/default.nix { }; + + fg42 = inputs.fg42.packages.${system}; + inVM = (utils.sanitizeBuilderConfig hostBuilderConfig).inVM; + host = if inVM then "x1VM" else "x1"; + hw = inputs.nixos-hardware.nixosModules; +in +{ + + installer = import ./installer.nix (params // { + diskModule = (modules.disk-installer + host + (if inVM then ./x1/vm.disk.nix else ./x1/disks.nix)); + }); + + x1 = nixpkgs.lib.nixosSystem { + inherit system; + + modules = (with modules; [ + "${nixpkgs}/nixos/modules/profiles/minimal.nix" + "${nixpkgs}/nixos/modules/profiles/qemu-guest.nix" + hw.lenovo-thinkpad-x1-7th-gen + hw.common-gpu-intel + this + (disk + (if inVM then ./x1/vm.disk.nix else ./x1/disks.nix)) + bootable + base + lxsameer.user + desktop + styles + yubikey + udev.pio + virtualisation.podman + inputs.home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + + home-manager.users.lxsameer = lxsameer.desktop; + home-manager.extraSpecialArgs = { + inherit inputs fg42; + }; + } + ]); + + # Pass these attributes to all the modules for this + # host + specialArgs = { inherit inputs hostBuilderConfig; }; + }; +} diff --git a/worlds/x1/configuration.nix b/worlds/x1/configuration.nix deleted file mode 100644 index e69de29..0000000 diff --git a/worlds/x1/disks.nix b/worlds/x1/disks.nix new file mode 100644 index 0000000..0b83839 --- /dev/null +++ b/worlds/x1/disks.nix @@ -0,0 +1,43 @@ +{ + disko = { + devices = { + disk = { + main = { + device = "/dev/nvme0n1"; + type = "disk"; + content = { + type = "gpt"; + partitions = { + ESP = { + size = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + swap = { + size = "20G"; + content = { + type = "swap"; + resumeDevice = true; + }; + }; + + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + + }; + }; + }; + }; + }; + }; +}