tmayoff/.dotfiles
1
0
Fork 0
mirror of https://codeberg.org/tmayoff/.dotfiles.git synced 2025-12-06 08:48:34 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

added kaylee configuration

Browse source
This commit is contained in:
Tyler Mayoff 2025-10-10 01:37:48 +00:00
parent 157571bd49
commit 682b99d550
3 changed files with 105 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

56
dot_config/flake/machines/kaylee/configuration.nix
View file

@ -4,10 +4,14 @@
lib, lib,
pkgs, pkgs,
... ...
}: { }: let
secrets = builtins.fromTOML (builtins.readFile ./secrets.toml);
in {
imports = [ imports = [
# Include the results of the hardware scan. # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
../../modules/nixos/docker.nix
]; ];
nixpkgs = { nixpkgs = {
@ -31,6 +35,47 @@
nixPath = lib.mapAttrsToList (n: _: "${n}=flake:${n}") flakeInputs; nixPath = lib.mapAttrsToList (n: _: "${n}=flake:${n}") flakeInputs;
}; };
# forgejo
virtualisation.oci-containers = {
backend = "docker";
containers = {
baszel = {
image = "henrygd/beszel-agent:latest";
autoStart = true;
environment = {
PORT = "45876";
KEY = secrets.baszel_key;
HUB_URL = "http://10.0.0.2:8090";
TOKEN = secrets.baszel_token;
};
volumes = [
"/var/run/docker.sock:/var/run/docker.sock"
];
};
forgejo-runner = {
# serviceName = "forgejo-runner";
autoStart = true;
privileged = true;
cmd = ["forgejo-runner" "--config" "/data/config.yml" "daemon"];
user = "1000:131";
networks = ["forgejo"];
image = "data.forgejo.org/forgejo/runner:11";
environment = {
DOCKER_HOST = "unix:///var/run/docker.sock";
};
ports = [
"8080:8080"
];
volumes = [
"/var/run/docker.sock:/var/run/docker.sock"
"/home/tyler/.config/forgejo:/data"
"/home/tyler/.local/cache/forgejo:/cache"
"/home/tyler/.local/share/forgejo:/workspace"
];
};
};
};
# Use the systemd-boot EFI boot loader. # Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
@ -44,12 +89,16 @@
networking.hostName = "kaylee"; networking.hostName = "kaylee";
services.dnsmasq.enable = true; services.dnsmasq.enable = true;
services.avahi = {
enable = true;
nssmdns4 = true;
};
services.xserver.xkb.layout = "us"; services.xserver.xkb.layout = "us";
users.users.tyler = { users.users.tyler = {
isNormalUser = true; isNormalUser = true;
extraGroups = ["wheel"]; # Enable sudo for the user. extraGroups = ["wheel" "docker"]; # Enable sudo for the user.
shell = pkgs.fish; shell = pkgs.fish;
}; };
@ -60,6 +109,9 @@
restic restic
git git
chezmoi chezmoi
git
curl
unzip
]; ];
programs.fish.enable = true; programs.fish.enable = true;

10
dot_config/flake/machines/kaylee/encrypted_secrets.toml.age Normal file
View file

@ -0,0 +1,10 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5b1VYZG8xeFFFQVJUeVdo
UldiWXZvdHlkNmdKTmhYaG5tNWdtNW42ZTJRClA1dDlySFhUMWtjejFva3hPRWNO
dzdaQmNDb0tBd3JXdGFPeElCcDFPLzAKLS0tIGhRSFBMb214R096azVyWElEbE5i
dnNRRW15QzYzKzZteGV5c3ZLQXFkQ2sKlOj5HYEUqcMGMWh3zkgmvIssFg1+8CIS
HrFnwb79/ynhs96j0EKdhaQpNW/El5ZCk4ndQePuK55TYsjxusZA0c3Lxsc6yCUa
9/oO0zHquoVHQbMfpV9ML8k4uT44Vg+3dLBxJJuGs3cVW4uYn2fynUPCy1inTKp0
OHFAAksOJqpq73P6RQYx9tsbUCsfMAeChjUzP3jr2Qen44nCpIASUcnyYdId6RTY
4ENI+pNlS0t4
-----END AGE ENCRYPTED FILE-----

41
dot_config/flake/machines/kaylee/hardware-configuration.nix Normal file
View file

@ -0,0 +1,41 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "ehci_pci" "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/093a88f0-7ec2-4672-b7bb-bb7f62df99ca";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/161E-9FB2";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
swapDevices =
[ { device = "/dev/disk/by-uuid/b150b63b-c446-4134-a444-e789318b9546"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
# networking.interfaces.enp2s0f0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}