diff --git a/.gitea/workflows/build.yml b/.gitea/workflows/build.yml new file mode 100644 index 0000000..d2310fc --- /dev/null +++ b/.gitea/workflows/build.yml @@ -0,0 +1,28 @@ +name: Nix Build + +on: + pull_request: + push: + workflow_run: + workflows: [] + types: [completed] + workflow_dispatch: + +jobs: + build-nixos: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: "Install Nix ❄️" + uses: cachix/install-nix-action@v26 + + - name: "Install Cachix ❄️" + uses: cachix/cachix-action@v14 + with: + name: helcel + authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}" + + - name: "Build NixOS config ❄️" + run: | + nix build .#nixosConfigurations.ci.config.system.build.toplevel \ No newline at end of file diff --git a/flake.nix b/flake.nix index ed0181e..1be858d 100755 --- a/flake.nix +++ b/flake.nix @@ -56,7 +56,11 @@ system = "x86_64-linux"; host = "avalon"; }; - + ci = gen.generate { + type = "nixos"; + system = "x86_64-linux"; + host = "ci"; + }; }; darwinConfigurations = { asgard = gen.generate { diff --git a/modules/home/gui/theme/gtk-theme-gen.nix b/modules/home/gui/theme/gtk-theme-gen.nix index 3eaaf89..a9ed78a 100755 --- a/modules/home/gui/theme/gtk-theme-gen.nix +++ b/modules/home/gui/theme/gtk-theme-gen.nix @@ -15,9 +15,9 @@ in pkgs.stdenv.mkDerivation rec { sha256 = "sha256-m7xh/1uIDh2BM0hTPA5QymXQt6yV7mM7Ivg5VaF2PvM="; }; - nativeBuildInputs = with pkgs;[ gtk3 sassc ]; - buildInputs = with pkgs;[ gnome-themes-extra ]; - propagatedUserEnvPkgs = with pkgs;[ gtk-engine-murrine ]; + nativeBuildInputs = with pkgs; [ gtk3 sassc ]; + buildInputs = with pkgs; [ gnome-themes-extra ]; + propagatedUserEnvPkgs = with pkgs; [ gtk-engine-murrine ]; preInstall = '' mkdir -p $out/share/themes @@ -94,5 +94,4 @@ in pkgs.stdenv.mkDerivation rec { runHook postInstall ''; - } diff --git a/modules/home/wayland/apps/eww/bar/eww.yuck b/modules/home/wayland/apps/eww/bar/eww.yuck index ec3ac08..81f7b7a 100644 --- a/modules/home/wayland/apps/eww/bar/eww.yuck +++ b/modules/home/wayland/apps/eww/bar/eww.yuck @@ -2,6 +2,7 @@ (include "modules/sys.yuck") (include "modules/net.yuck") +(include "modules/systray.yuck") (include "modules/clock.yuck") (include "windows/calendar.yuck") @@ -26,6 +27,7 @@ :valign "end" (sys-mod) (net-mod) + (systray-mod) (clock-mod))) (defwidget center [] diff --git a/modules/home/wayland/apps/eww/bar/modules/systray.yuck b/modules/home/wayland/apps/eww/bar/modules/systray.yuck new file mode 100644 index 0000000..822ccf2 --- /dev/null +++ b/modules/home/wayland/apps/eww/bar/modules/systray.yuck @@ -0,0 +1,15 @@ + +(defwidget systray-mod [] + (module + (box + :orientation "v" + (systray + :class "tray" + :space-evenly "true" + :orientation "v" + :icon-size 32 + :prepend-new "false" + ) + ) + ) +) \ No newline at end of file diff --git a/modules/nixos/system/nix/default.nix b/modules/nixos/system/nix/default.nix index f02042c..ba0eb59 100644 --- a/modules/nixos/system/nix/default.nix +++ b/modules/nixos/system/nix/default.nix @@ -25,13 +25,17 @@ settings = { auto-optimise-store = true; builders-use-substitutes = true; - substituters = - [ "https://hyprland.cachix.org" "https://cache.nixos.org" ]; + substituters = [ + "https://hyprland.cachix.org" + "https://cache.nixos.org" + "https://helcel.cachix.org" + ]; trusted-public-keys = [ "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "helcel.cachix.org-1:95s8D+N2xIHwzmkuu7jMUp9t3rtN4EimafR73jO7GLg=" ]; }; }; - system.stateVersion = "23.11"; + system.stateVersion = "24.05"; } diff --git a/modules/nixos/system/security/sops/default.nix b/modules/nixos/system/security/sops/default.nix index 245bbf9..2f44df1 100755 --- a/modules/nixos/system/security/sops/default.nix +++ b/modules/nixos/system/security/sops/default.nix @@ -1,26 +1,30 @@ { config, pkgs, ... }: -let keyFilePath = "/var/lib/sops-nix/age-key.txt"; +let + keyFilePath = "/var/lib/sops-nix/age-key.txt"; + isCI = builtins.elem config.hostcfg.hostname [ "ci" ]; + sopsSettings = { + sops.defaultSopsFile = ./common.yaml; + sops.age.keyFile = keyFilePath; + sops.age.generateKey = true; + + sops.secrets.wifi = { }; + + sops.secrets."${config.hostcfg.hostname}_ssh_priv" = { + mode = "0400"; + owner = config.users.users.sora.name; + group = config.users.users.sora.group; + }; + sops.secrets."${config.hostcfg.hostname}_ssh_pub" = { + mode = "0400"; + owner = config.users.users.sora.name; + group = config.users.users.sora.group; + }; + sops.secrets."${config.hostcfg.hostname}_wg_priv" = { }; + sops.secrets."${config.hostcfg.hostname}_wg_pub" = { }; + }; in { - sops.defaultSopsFile = ./common.yaml; - sops.age.keyFile = keyFilePath; - sops.age.generateKey = true; - - sops.secrets.wifi = { }; - - sops.secrets."${config.hostcfg.hostname}_ssh_priv" = { - mode = "0400"; - owner = config.users.users.sora.name; - group = config.users.users.sora.group; - }; - sops.secrets."${config.hostcfg.hostname}_ssh_pub" = { - mode = "0400"; - owner = config.users.users.sora.name; - group = config.users.users.sora.group; - }; - sops.secrets."${config.hostcfg.hostname}_wg_priv" = { }; - sops.secrets."${config.hostcfg.hostname}_wg_pub" = { }; - environment.systemPackages = with pkgs; [ sops ]; environment.sessionVariables.OPS_AGE_KEY_FILE = keyFilePath; + inherit (if isCI then { } else sopsSettings) sops; } diff --git a/overlays/default.nix b/overlays/default.nix index b9ffff9..833d91b 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -3,5 +3,6 @@ (final: prev: { openttd-jgrpp = import ./openttd-jgrpp { inherit final prev; }; yarn-berry = import ./yarn-berry { inherit final prev; }; + eww = import ./eww { inherit final prev; }; }) ] diff --git a/overlays/eww/default.nix b/overlays/eww/default.nix new file mode 100644 index 0000000..f8da5a7 --- /dev/null +++ b/overlays/eww/default.nix @@ -0,0 +1,18 @@ +{ final, prev, ... }: +prev.eww.overrideAttrs (old: rec { + pname = "eww"; + version = "ebe5f349d184e79edc33199d064d9ec5f1e4dd9b"; + src = prev.fetchFromGitHub { + owner = "elkowar"; + repo = "eww"; + rev = "${version}"; + hash = "sha256-WcAWIvIdGE0tcS7WJ6JlbRlUnKvpvut500NozUmJ6jY="; + }; + buildInputs = old.buildInputs ++ [ final.libdbusmenu-gtk3 ]; + cargoDeps = old.cargoDeps.overrideAttrs (_: { + name = "${pname}-vendor.tar.gz"; + inherit src; + outputHash = "sha256-seq5aS+TCLAV3qnKu6fRYdSXC+w7vI4ae+A7dBdpw14="; + + }); +}) diff --git a/systems/ci/default.nix b/systems/ci/default.nix new file mode 100644 index 0000000..c79a786 --- /dev/null +++ b/systems/ci/default.nix @@ -0,0 +1,29 @@ +{ config, inputs, ... }: { + imports = [ ./hardware.nix ]; + + hostcfg = { + hostname = "valinor"; + username = "sora"; + make = { + gui = true; + cli = true; + virt = true; + power = true; + game = true; + develop = true; + }; + net = { + wlp = { + enable = false; + nif = "NA"; + }; + wg = { + enable = false; + ip4 = ""; + ip6 = ""; + pk = ""; + }; + }; + }; +} + diff --git a/systems/ci/hardware.nix b/systems/ci/hardware.nix new file mode 100644 index 0000000..aa830be --- /dev/null +++ b/systems/ci/hardware.nix @@ -0,0 +1,21 @@ +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + + boot.initrd.availableKernelModules = + [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "v4l2loopback" ]; + boot.extraModulePackages = with config.boot.kernelPackages; + [ v4l2loopback.out ]; + + fileSystems."/" = { + device = "NA"; + fsType = "ext4"; + }; + + networking.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/systems/ci/home.nix b/systems/ci/home.nix new file mode 100644 index 0000000..e3a0d68 --- /dev/null +++ b/systems/ci/home.nix @@ -0,0 +1,18 @@ +{ config, ... }: { + + config.homecfg = { + username = "sora"; + make = { + gui = true; + cli = true; + game = true; + develop = true; + power = true; + }; + git = { + email = "ci@nonet"; + username = "CI"; + key = ""; + }; + }; +}