rpqt/flocon
rpqt/flocon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: rpqt:bbff7f0ce18d6aeefbb7d725552d4d7ec5bbc8c4
Branches Tags
rpqt:main
rpqt:clan
..
compare: rpqt:657a37b344bf562d643e81a0fcf63f68a004cd22
Branches Tags
rpqt:main
rpqt:clan

No commits in common. "bbff7f0ce18d6aeefbb7d725552d4d7ec5bbc8c4" and "657a37b344bf562d643e81a0fcf63f68a004cd22" have entirely different histories.
bbff7f0ce1 ... 657a37b344

7 changed files with 106 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

21
home/.config/vicinae/settings.json
View file

@ -1,21 +0,0 @@
// This configuration is merged with the default vicinae configuration file, which you can obtain by running the `vicinae config default` command.
// Every item defined in this file takes precedence over the values defined in the default config or any other imported file.
//
// You can make manual edits to this file, however you should keep in mind that this file may be written to by vicinae when a configuration change is made through the GUI.
// When that happens, any custom comments or formatting will be lost.
//
// If you want to maintain a configuration file with your own comments and formatting, you should create a separate file and add it to the 'imports' array.
//
// Learn more about configuration at https://docs.vicinae.com/config
{
"$schema": "https://vicinae.com/schemas/config.json",
"theme": {
"dark": {
"name": "matugen"
}
},
"launcher_window": {
"opacity": 1
}
}

23
home/.config/vicinae/vicinae.json Normal file
View file

@ -0,0 +1,23 @@
{
"closeOnFocusLoss": false,
"considerPreedit": false,
"faviconService": "twenty",
"font": {
"size": 12
},
"keybinding": "default",
"keybinds": {
},
"popToRootOnClose": true,
"rootSearch": {
"searchFiles": true
},
"theme": {
"name": "matugen"
},
"window": {
"csd": true,
"opacity": 1,
"rounding": 10
}
}

4
homeModules/vicinae.nix
View file

@ -10,8 +10,8 @@
systemd.autoStart = true; systemd.autoStart = true;
}; };
xdg.configFile."vicinae/settings.json".source = xdg.configFile."vicinae/vicinae.json".source =
lib.mkForce "${config.dotfiles.path}/.config/vicinae/settings.json"; lib.mkForce "${config.dotfiles.path}/.config/vicinae/vicinae.json";
xdg.configFile."matugen/config.toml".source = "${config.dotfiles.path}/.config/matugen/config.toml"; xdg.configFile."matugen/config.toml".source = "${config.dotfiles.path}/.config/matugen/config.toml";
xdg.configFile."matugen/templates/vicinae.toml".source = xdg.configFile."matugen/templates/vicinae.toml".source =

13
machines/genepi/builder.nix Normal file
View file

@ -0,0 +1,13 @@
{ self, ... }:
{
imports = [
self.nixosModules.remote-builder
];
roles.remote-builder = {
enable = true;
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGa8R8obgptefcp27Cdp9bc2fiyc9x0oTfMsTPFp2ktE rpqt@haze"
];
};
}

1
machines/genepi/configuration.nix
View file

@ -6,6 +6,7 @@
imports = [ imports = [
./actual.nix ./actual.nix
./boot.nix ./boot.nix
./builder.nix
./freshrss.nix ./freshrss.nix
./glance.nix ./glance.nix
./homeassistant.nix ./homeassistant.nix

16
machines/haze/configuration.nix
View file

@ -56,6 +56,22 @@
programs.kdeconnect.enable = true; programs.kdeconnect.enable = true;
# Remote builds
nix = {
distributedBuilds = true;
buildMachines = [
{
sshUser = "nixremote";
sshKey = "/etc/ssh/ssh_host_ed25519_key";
systems = [ "aarch64-linux" ];
hostName = "genepi";
}
];
extraOptions = ''
builders-use-substitutes = true
'';
};
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
i18n.supportedLocales = [ i18n.supportedLocales = [

51
nixosModules/remote-builder.nix Normal file
View file

@ -0,0 +1,51 @@
{ config, lib, ... }:
let
cfg = config.roles.remote-builder;
in
{
options = {
roles.remote-builder = {
enable = lib.mkEnableOption {
description = "Whether to allow remote building on this machine";
};
user = lib.mkOption {
type = lib.types.str;
default = "nixremote";
example = "remote-builder";
description = "The name of the user used to run the builds";
};
group = lib.mkOption {
type = lib.types.str;
default = "${cfg.user}";
example = "remote-builder";
description = "The group of the user used to run the builds";
};
authorizedKeys = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
example = [ "ssh-ed25519 AAAA... user@host" ];
description = "List of SSH keys authorized to run builds on this machine";
};
};
};
config = lib.mkIf cfg.enable {
users.users."${cfg.user}" = {
createHome = true;
home = "/home/${cfg.user}";
isSystemUser = true;
group = cfg.group;
useDefaultShell = true;
openssh.authorizedKeys.keys = map (
key: ''restrict,command="nix-daemon --stdio" ${key}''
) cfg.authorizedKeys;
};
users.groups.${cfg.user} = { };
nix.settings.trusted-users = [ cfg.user ];
};
}