julian/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Releases Wiki Activity

Clean up builder config, add deploy-rs setup for builder

Browse Source
This commit is contained in:
Julian Mutter 2024-11-29 21:34:50 +01:00
parent ede33b5207
commit 38cac91b71
2 changed files with 39 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
flake.nix
View File

@ -138,5 +138,15 @@
confirmTimeout = 90; # default: 30s; raspberrypi takes a little longer restarting services confirmTimeout = 90; # default: 30s; raspberrypi takes a little longer restarting services
}; };
}; };
deploy.nodes.builder = {
hostname = "builder.julian-mutter.de";
profiles.system = {
sshUser = "root";
user = "root";
path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos inputs.self.nixosConfigurations.nix-builder;
# confirmTimeout = 90; # default: 30s; raspberrypi takes a little longer restarting services
};
};
}; };
} }

90
systems/x86_64-linux/nix-builder/default.nix
View File

@ -1,57 +1,27 @@
# sudo nixos-rebuild switch --flake .#nix-builder --target-host root@192.168.3.118 # sudo nixos-rebuild switch --flake .#nix-builder --target-host root@192.168.3.118
# or
# Edit this configuration file to define what should be installed on # deploy .#builder
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
imports = [ imports = [ ./hardware-configuration.nix ];
# Include the results of the hardware scan.
./hardware-configuration.nix
];
# Bootloader.
boot.loader.grub.enable = true; boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda"; boot.loader.grub.device = "/dev/sda";
boot.loader.grub.useOSProber = true;
# Emulated systems used as alternative to cross-compiling
boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
networking.hostName = "nix-builder"; # Define your hostname. networking.hostName = "nix-builder";
# Enable networking
networking.networkmanager.enable = true; networking.networkmanager.enable = true;
# Set your time zone.
time.timeZone = "Europe/Berlin"; time.timeZone = "Europe/Berlin";
# Select internationalisation properties. modules = {
i18n.defaultLocale = "en_US.UTF-8"; keymap.enable = true;
locales.enable = true;
i18n.extraLocaleSettings = {
LC_ADDRESS = "de_DE.UTF-8";
LC_IDENTIFICATION = "de_DE.UTF-8";
LC_MEASUREMENT = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
LC_NAME = "de_DE.UTF-8";
LC_NUMERIC = "de_DE.UTF-8";
LC_PAPER = "de_DE.UTF-8";
LC_TELEPHONE = "de_DE.UTF-8";
LC_TIME = "de_DE.UTF-8";
}; };
# Configure keymap in X11
services.xserver = {
xkb.layout = "de";
xkb.variant = "";
};
# Configure console keymap
console.keyMap = "de";
# Define a user account. Don't forget to set a password with passwd.
users.users.nix = { users.users.nix = {
isNormalUser = true; isNormalUser = true;
description = "Nix"; description = "Nix";
@ -59,7 +29,6 @@
"networkmanager" "networkmanager"
"wheel" "wheel"
]; ];
packages = with pkgs; [ ];
}; };
nix.settings.trusted-users = [ "@wheel" ]; nix.settings.trusted-users = [ "@wheel" ];
@ -92,37 +61,36 @@
min-free-check-interval = 60 min-free-check-interval = 60
''; '';
nixpkgs.config.allowUnfree = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
vim vim
htop htop
mc mc
]; ];
# Enable the OpenSSH daemon. # services.ollama = {
services.openssh.enable = true; # enable = true;
# acceleration = "cuda";
services.ollama = { # };
services.open-webui = {
enable = true; enable = true;
acceleration = "cuda"; port = 8080;
openFirewall = true;
}; };
security.pam.sshAgentAuth.enable = true; # enable sudo logins via ssh services.openssh = {
enable = true;
# require public key authentication for better security
settings.PasswordAuthentication = false;
settings.KbdInteractiveAuthentication = false;
settings.PermitRootLogin = "yes";
};
users.users."root".openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFjSZYdoF/51F+ykcBAYVCzCPTF5EEigWBL1APiR0h+H julian@aspi"
];
# Open ports in the firewall. # security.pam.sshAgentAuth.enable = true; # enable sudo via ssh
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# This value determines the NixOS release from which the default # ======================== DO NOT CHANGE THIS ========================
# settings for stateful data, like file locations and database versions system.stateVersion = "23.11";
# on your system were taken. Its perfectly fine and recommended to leave # ======================== DO NOT CHANGE THIS ========================
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.11"; # Did you read the comment?
} }