michael/nix-dots
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: michael:0e8ec4cd07358af391f41eaccbb5d4c5e4306d98
Branches Tags
michael:main
..
compare: michael:3bd412ef0e0c0f5147d6ab930a34789c7b3d7bf2
Branches Tags
michael:main

No commits in common. "0e8ec4cd07358af391f41eaccbb5d4c5e4306d98" and "3bd412ef0e0c0f5147d6ab930a34789c7b3d7bf2" have entirely different histories.
0e8ec4cd07 ... 3bd412ef0e

7 changed files with 88 additions and 97 deletions
Show Stats Expand all files Collapse all files

82
flake.lock generated
View File

@ -1,36 +1,5 @@
{ {
"nodes": { "nodes": {
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1650374568,
"narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "b4a34015c698c7793d592d66adbab377907a2be8",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1653893745,
"narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"home-manager": { "home-manager": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -38,65 +7,43 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1654113405, "lastModified": 1651519540,
"narHash": "sha256-VpK+0QaWG2JRgB00lw77N9TjkE3ec0iMYIX1TzGpxa4=", "narHash": "sha256-3k6p8VsTwwRPQjE8rrMh+o2AZACZn/eeYJ7ivdQ/Iro=",
"owner": "rycee", "owner": "rycee",
"repo": "home-manager", "repo": "home-manager",
"rev": "ac2287df5a2d6f0a44bbcbd11701dbbf6ec43675", "rev": "d93d56ab8c1c6aa575854a79b9d2f69d491db7d0",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "rycee", "owner": "rycee",
"ref": "release-22.05", "ref": "release-21.11",
"repo": "home-manager", "repo": "home-manager",
"type": "github" "type": "github"
} }
}, },
"nixos-wsl": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1654591300,
"narHash": "sha256-53a6fimkMTc1DqnzdEWFHbaOT1xlMgeOJaD2/IGO22k=",
"owner": "nix-community",
"repo": "NixOS-WSL",
"rev": "4de4d6acb7fc868677380496b62a5e51890fc331",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "NixOS-WSL",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1654442937, "lastModified": 1651848520,
"narHash": "sha256-dYJ79gt85hwIbPlX52eAwnkYzMexLyNRmRcTRpMn+Gw=", "narHash": "sha256-KkJ28fShdd78+zal5HlHsXUICOCtO7Bdvylc5zlp5Mk=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "ca2629644d4a5098004e20cb9ca179345f2acd8e", "rev": "5656d7f92aa8264eb06ba68ad94c87ac5b5312e8",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"ref": "nixos-22.05", "ref": "nixos-21.11",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nur": { "nur": {
"locked": { "locked": {
"lastModified": 1654593979, "lastModified": 1651887110,
"narHash": "sha256-iDvyU5vs7IoPBpxwhNAI/J3llDsmtzH1xYqvCGvzCww=", "narHash": "sha256-AMQ0A5Osq647zEHWb+GZEIYZeNrZm55kY24uVOqSTzg=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "47044837d4ebcaa37e699d92d893a32d4e301852", "rev": "c7a43bc69e52a636e76ba3d378695c1bd4f0bbbd",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -108,7 +55,6 @@
"root": { "root": {
"inputs": { "inputs": {
"home-manager": "home-manager", "home-manager": "home-manager",
"nixos-wsl": "nixos-wsl",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nur": "nur", "nur": "nur",
"unstable": "unstable" "unstable": "unstable"
@ -116,11 +62,11 @@
}, },
"unstable": { "unstable": {
"locked": { "locked": {
"lastModified": 1654230545, "lastModified": 1651726670,
"narHash": "sha256-8Vlwf0x8ow6pPOK2a04bT+pxIeRnM1+O0Xv9/CuDzRs=", "narHash": "sha256-dSGdzB49SEvdOJvrQWfQYkAefewXraHIV08Vz6iDXWQ=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "236cc2971ac72acd90f0ae3a797f9f83098b17ec", "rev": "c777cdf5c564015d5f63b09cc93bef4178b19b01",
"type": "github" "type": "github"
}, },
"original": { "original": {

13
flake.nix
View File

@ -2,26 +2,19 @@
description = "Michael Thomas's NixOS configuration"; description = "Michael Thomas's NixOS configuration";
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-22.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-21.11";
unstable.url = "github:nixos/nixpkgs/nixos-unstable"; unstable.url = "github:nixos/nixpkgs/nixos-unstable";
nur.url = "github:nix-community/NUR"; nur.url = "github:nix-community/NUR";
nixos-wsl = {
url = "github:nix-community/NixOS-WSL";
inputs = {
nixpkgs.follows = "nixpkgs";
};
};
home-manager = { home-manager = {
url = "github:rycee/home-manager/release-22.05"; url = "github:rycee/home-manager/release-21.11";
inputs = { inputs = {
nixpkgs.follows = "nixpkgs"; nixpkgs.follows = "nixpkgs";
}; };
}; };
}; };
outputs = { self, nixpkgs, unstable, nur, nixos-wsl, home-manager, ... }@inputs: { outputs = { self, nixpkgs, unstable, nur, home-manager, ... }@inputs: {
# This repo's overlay plus any other overlays you use # This repo's overlay plus any other overlays you use
# If you want to use packages from flakes that are not nixpkgs (such as NUR), add their overlays here. # If you want to use packages from flakes that are not nixpkgs (such as NUR), add their overlays here.

41
machines/work/configuration.nix
View File

@ -1,29 +1,25 @@
{ lib, pkgs, config, modulesPath, inputs, ... }: { lib, pkgs, config, modulesPath, ... }:
with lib; with lib;
let let
defaultUser = "michael"; defaultUser = "michael";
syschdemd = import ./syschdemd.nix { inherit lib pkgs config defaultUser; };
in in
{ {
imports = [ imports = [
"${modulesPath}/profiles/minimal.nix" "${modulesPath}/profiles/minimal.nix"
inputs.nixos-wsl.nixosModules.wsl
]; ];
wsl = { # WSL is closer to a container than anything else
enable = true; boot.isContainer = true;
automountPath = "/mnt";
defaultUser = defaultUser;
startMenuLaunchers = true;
# Enable integration with Docker Desktop (needs to be installed) environment.etc.hosts.enable = false;
# docker.enable = true; environment.etc."resolv.conf".enable = false;
};
time.timeZone = "America/New_York"; time.timeZone = "America/New_York";
programs.adb.enable = true; programs.adb.enable = true;
networking.dhcpcd.enable = false;
# Required because for some reason WSL kernel doesn't play well with nftables # Required because for some reason WSL kernel doesn't play well with nftables
networking.firewall.package = pkgs.iptables-legacy; networking.firewall.package = pkgs.iptables-legacy;
@ -44,10 +40,29 @@ in
}; };
users.users.${defaultUser} = { users.users.${defaultUser} = {
uid = pkgs.lib.mkForce 1001; isNormalUser = true;
extraGroups = [ "wheel" "docker" "podman" ]; extraGroups = [ "wheel" "docker" "podman" ];
shell = pkgs.zsh; shell = pkgs.zsh;
}; };
system.stateVersion = "21.11"; users.users.root = {
shell = "${syschdemd}/bin/syschdemd";
# Otherwise WSL fails to login as root with "initgroups failed 5"
extraGroups = [ "root" ];
};
security.sudo.wheelNeedsPassword = false;
# Disable systemd units that don't make sense on WSL
systemd.services."serial-getty@ttyS0".enable = false;
systemd.services."serial-getty@hvc0".enable = false;
systemd.services."getty@tty1".enable = false;
systemd.services."autovt@".enable = false;
systemd.services.firewall.enable = false;
systemd.services.systemd-resolved.enable = false;
systemd.services.systemd-udevd.enable = false;
# Don't allow emergency mode, because we don't have a console.
systemd.enableEmergencyMode = false;
} }

15
machines/work/syschdemd.nix Normal file
View File

@ -0,0 +1,15 @@
{ lib, pkgs, config, defaultUser, ... }:
pkgs.substituteAll {
name = "syschdemd";
src = ./syschdemd.sh;
dir = "bin";
isExecutable = true;
buildInputs = with pkgs; [ daemonize ];
inherit (pkgs) daemonize;
inherit defaultUser;
inherit (config.security) wrapperDir;
fsPackagesPath = lib.makeBinPath config.system.fsPackages;
}

26
machines/work/syschdemd.sh Normal file
View File

@ -0,0 +1,26 @@
#! @shell@
set -e
sw="/nix/var/nix/profiles/system/sw/bin"
systemPath=`${sw}/readlink -f /nix/var/nix/profiles/system`
# Needs root to work
if [[ $EUID -ne 0 ]]; then
echo "[ERROR] Requires root! :( Make sure the WSL default user is set to root"
exit 1
fi
if [ ! -e "/run/current-system" ]; then
/nix/var/nix/profiles/system/activate
fi
if [ ! -e "/run/systemd.pid" ]; then
PATH=/run/current-system/systemd/lib/systemd:@fsPackagesPath@ \
LOCALE_ARCHIVE=/run/current-system/sw/lib/locale/locale-archive \
@daemonize@/bin/daemonize /run/current-system/sw/bin/unshare -fp --mount-proc systemd
/run/current-system/sw/bin/pgrep -xf systemd > /run/systemd.pid
fi
userShell=$($sw/getent passwd @defaultUser@ | $sw/cut -d: -f7)
exec $sw/nsenter -t $(< /run/systemd.pid) -p -m --wd="$PWD" -- @wrapperDir@/su -s $userShell @defaultUser@ "$@"

2
modules/nix.nix
View File

@ -5,7 +5,7 @@
experimental-features = flakes nix-command experimental-features = flakes nix-command
''; '';
# this is required until nix 2.4 is released # this is required until nix 2.4 is released
package = pkgs.nixFlakes; package = pkgs.nixUnstable;
autoOptimiseStore = true; autoOptimiseStore = true;
gc = { gc = {

4
user/modules/git.nix
View File

@ -9,9 +9,5 @@
enable = true; enable = true;
userEmail = "michaelhthomas@outlook.com"; userEmail = "michaelhthomas@outlook.com";
userName = "Michael Thomas"; userName = "Michael Thomas";
extraConfig = {
credential.helper = "store";
pull.rebase = "false";
};
}; };
} }