diff --git a/flake.lock b/flake.lock index c39c334..8e91c45 100644 --- a/flake.lock +++ b/flake.lock @@ -80,19 +80,17 @@ } }, "flake-compat": { - "flake": false, "locked": { - "lastModified": 1747046372, - "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", - "type": "github" + "lastModified": 1733328505, + "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", + "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", + "revCount": 69, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.1.0/01948eb7-9cba-704f-bbf3-3fa956735b52/source.tar.gz" }, "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" + "type": "tarball", + "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz" } }, "flake-input-patcher": { @@ -201,7 +199,9 @@ "lanzaboote": { "inputs": { "crane": "crane", - "flake-compat": "flake-compat", + "flake-compat": [ + "flake-compat" + ], "flake-parts": [ "flake-parts" ], @@ -248,6 +248,30 @@ "url": "https://git.karaolidis.com/karaolidis/nix-lib.git" } }, + "nixos-wsl": { + "inputs": { + "flake-compat": [ + "flake-compat" + ], + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1755261305, + "narHash": "sha256-EOqCupB5X5WoGVHVcfOZcqy0SbKWNuY3kq+lj1wHdu8=", + "owner": "nix-community", + "repo": "NixOS-WSL", + "rev": "203a7b463f307c60026136dd1191d9001c43457f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "main", + "repo": "NixOS-WSL", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1755186698, @@ -371,12 +395,14 @@ "ags": "ags", "astal": "astal", "disko": "disko", + "flake-compat": "flake-compat", "flake-input-patcher": "flake-input-patcher", "flake-parts": "flake-parts", "flake-utils": "flake-utils", "home-manager": "home-manager", "lanzaboote": "lanzaboote", "lib": "lib", + "nixos-wsl": "nixos-wsl", "nixpkgs": "nixpkgs", "nur": "nur", "nvidia-patch": "nvidia-patch", diff --git a/flake.nix b/flake.nix index 83c4c0f..da5787d 100644 --- a/flake.nix +++ b/flake.nix @@ -21,10 +21,19 @@ url = "github:nix-community/lanzaboote"; inputs = { nixpkgs.follows = "nixpkgs"; + flake-compat.follows = "flake-compat"; flake-parts.follows = "flake-parts"; }; }; + nixos-wsl = { + url = "github:nix-community/NixOS-WSL/main"; + inputs = { + nixpkgs.follows = "nixpkgs"; + flake-compat.follows = "flake-compat"; + }; + }; + # FIXME: https://github.com/NixOS/nix/issues/12281 lib = { url = "git+https://git.karaolidis.com/karaolidis/nix-lib.git"; @@ -110,6 +119,8 @@ url = "github:numtide/flake-utils"; inputs.systems.follows = "systems"; }; + + flake-compat.url = "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"; }; outputs = diff --git a/hosts/common/configs/system/dnsmasq/default.nix b/hosts/common/configs/system/dnsmasq/default.nix deleted file mode 100644 index d43c5e0..0000000 --- a/hosts/common/configs/system/dnsmasq/default.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ lib, pkgs, ... }: -{ - networking.networkmanager.dns = "dnsmasq"; - - environment.etc."NetworkManager/dnsmasq.d/10-bind-interfaces.conf".source = - (pkgs.formats.keyValue { - mkKeyValue = - name: value: - if value == true then - name - else if value == false then - "" - else - lib.generators.mkKeyValueDefault { } "=" name value; - listsAsDuplicateKeys = true; - }).generate - "10-bind-interfaces.conf" - { - bind-interfaces = true; - listen-address = [ "127.0.0.1" ]; - }; -} diff --git a/hosts/common/configs/system/gpg-agent/default.nix b/hosts/common/configs/system/gpg-agent/default.nix deleted file mode 100644 index 19f9336..0000000 --- a/hosts/common/configs/system/gpg-agent/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ ... }: -{ - programs.gnupg.agent.enable = true; -} diff --git a/hosts/common/configs/system/libvirt/default.nix b/hosts/common/configs/system/libvirt/default.nix index e37e6e1..2efebba 100644 --- a/hosts/common/configs/system/libvirt/default.nix +++ b/hosts/common/configs/system/libvirt/default.nix @@ -1,9 +1,4 @@ -{ - config, - lib, - pkgs, - ... -}: +{ config, pkgs, ... }: { virtualisation = { libvirtd = { diff --git a/hosts/common/configs/user/console/sops/default.nix b/hosts/common/configs/user/console/sops/default.nix index e52134e..56dfb10 100644 --- a/hosts/common/configs/user/console/sops/default.nix +++ b/hosts/common/configs/user/console/sops/default.nix @@ -3,12 +3,18 @@ { environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt" = { }; - home-manager.users.${user} = { - imports = [ inputs.sops-nix.homeManagerModules.sops ]; + home-manager.users.${user} = + let + sopsKeyFile = + if config.environment.impermanence.enable then + config.environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt".source + else + "${home}/.config/sops-nix/key.txt"; + in + { + imports = [ inputs.sops-nix.homeManagerModules.sops ]; - sops.age.keyFile = - config.environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt".source; - home.sessionVariables.SOPS_AGE_KEY_FILE = - config.environment.persistence."/persist/state"."${home}/.config/sops-nix/key.txt".source; - }; + sops.age.keyFile = sopsKeyFile; + home.sessionVariables.SOPS_AGE_KEY_FILE = sopsKeyFile; + }; } diff --git a/hosts/elara/README.md b/hosts/elara/README.md index 7784f32..36d6994 100644 --- a/hosts/elara/README.md +++ b/hosts/elara/README.md @@ -4,7 +4,13 @@ This host uses private SAS repositories. You can find the imports for these in: -- [./default.nix](./default.nix) -- [./users/nikara/default.nix](./users/nikara/default.nix) +You must build the system once with `sas.build.private = false;`. Then, connect to the SAS VPN, and rebuild the system. -You must build the system once with these imports commented out. Then, connect to the SAS VPN, uncomment them, and rebuild the system. +## Installation Instructions + +1. Using a separate Nix system, run `hosts/elara/build-tarball.sh` +2. Copy the generated tarball to the Elara host +3. On the Elara host, run `wsl --import NixOS $env:USERPROFILE\NixOS nixos.wsl --version 2` in PowerShell +4. `chown` your home directory to your user +5. Restart WSL with `wsl --shutdown` +6. Optionally, run `wsl --set-default nixos` to make NixOS the default WSL distribution diff --git a/hosts/elara/build-tarball.nix b/hosts/elara/build-tarball.nix new file mode 100644 index 0000000..c666811 --- /dev/null +++ b/hosts/elara/build-tarball.nix @@ -0,0 +1,92 @@ +{ + config, + pkgs, + lib, + ... +}: +# FIXME: https://github.com/nix-community/NixOS-WSL/issues/343 +# FIXME: https://github.com/nix-community/NixOS-WSL/issues/612 +{ + system.build.tarballBuilder = lib.mkForce ( + pkgs.writeShellApplication { + name = "nixos-wsl-tarball-builder"; + + runtimeInputs = [ + config.nix.package + pkgs.coreutils + pkgs.e2fsprogs + pkgs.gnutar + pkgs.nixos-install-tools + pkgs.pigz + ]; + + text = '' + if ! [ "$EUID" -eq 0 ]; then + echo "This script must be run as root!" + exit 1 + fi + + out="nixos-wsl.tar.gz" + extra_files="" + + positional=() + while [ $# -gt 0 ]; do + case "$1" in + --extra-files=*) + extra_files="''${1#*=}" + ;; + --extra-files) + shift + extra_files="$1" + ;; + -*) + echo "Unknown option: $1" + echo "Usage: $0 [--extra-files PATH] [output.tar.gz]" + exit 1 + ;; + *) + positional+=("$1") + ;; + esac + shift + done + + if [ ''${#positional[@]} -gt 0 ]; then + out="''${positional[0]}" + fi + + root=$(mktemp -p "''${TMPDIR:-/tmp}" -d nixos-wsl-tarball.XXXXXXXXXX) + # FIXME: fails in CI for some reason, but we don't really care because it's CI + trap 'chattr -Rf -i "$root" || true && rm -rf "$root" || true' INT TERM EXIT + + if [ -n "$extra_files" ]; then + echo "[NixOS-WSL] Copying extra files to $root..." + cp --verbose --archive --no-target-directory "$extra_files" "$root" + fi + + chmod o+rx "$root" + + echo "[NixOS-WSL] Installing..." + nixos-install \ + --root "$root" \ + --no-root-passwd \ + --system ${config.system.build.toplevel} \ + --substituters "" + + echo "[NixOS-WSL] Adding channel..." + nixos-enter --root "$root" --command 'HOME=/root nix-channel --add https://github.com/nix-community/NixOS-WSL/archive/refs/heads/main.tar.gz nixos-wsl' + + echo "[NixOS-WSL] Compressing..." + tar -C "$root" \ + -c \ + --sort=name \ + --mtime='@1' \ + --owner=0 \ + --group=0 \ + --numeric-owner \ + . \ + | pigz > "$out" + ''; + } + ); +} diff --git a/hosts/elara/build-tarball.sh b/hosts/elara/build-tarball.sh new file mode 100755 index 0000000..4c41a20 --- /dev/null +++ b/hosts/elara/build-tarball.sh @@ -0,0 +1,21 @@ +#!/usr/bin/env bash + +set -o errexit +set -o nounset +set -o pipefail + +temp=$(mktemp -d) + +cleanup() { + rm -rf "$temp" +} +trap cleanup EXIT + +install -d -m 755 "$temp/etc/ssh" +cp ./submodules/secrets/hosts/elara/ssh_host_ed25519_key "$temp/etc/ssh/ssh_host_ed25519_key" + +install -d -m 700 "$temp/home/nikara" +install -d -m 755 "$temp/home/nikara/.config/sops-nix" +cp ./submodules/secrets/domains/sas/key.txt "$temp/home/nikara/.config/sops-nix/key.txt" + +sudo nix run .#nixosConfigurations.elara.config.system.build.tarballBuilder -- --extra-files "$temp" diff --git a/hosts/elara/configs/podman/default.nix b/hosts/elara/configs/podman/default.nix new file mode 100644 index 0000000..1529081 --- /dev/null +++ b/hosts/elara/configs/podman/default.nix @@ -0,0 +1,4 @@ +{ lib, ... }: +{ + virtualisation.containers.storage.settings.storage.driver = lib.mkForce "overlay"; +} diff --git a/hosts/elara/default.nix b/hosts/elara/default.nix index cdc7bf9..c1004eb 100644 --- a/hosts/elara/default.nix +++ b/hosts/elara/default.nix @@ -1,4 +1,4 @@ -{ config, inputs, ... }: +{ inputs, lib, ... }: { nixpkgs.overlays = [ inputs.lib.overlays.default @@ -8,51 +8,35 @@ ]; imports = [ - ./options.nix - - inputs.disko.nixosModules.disko - ./format.nix - ./hardware - + inputs.nixos-wsl.nixosModules.default inputs.sas.nixosModules.default + ./hardware + ./build-tarball.nix + ./options.nix + ../common/configs/system - ../common/configs/system/boot - ../common/configs/system/btrbk - ../common/configs/system/btrfs - ../common/configs/system/dnsmasq ../common/configs/system/documentation - ../common/configs/system/getty ../common/configs/system/git - ../common/configs/system/gpg-agent ../common/configs/system/impermanence - ../common/configs/system/libvirt ../common/configs/system/neovim - ../common/configs/system/networkmanager ../common/configs/system/nix - ../common/configs/system/nix-cleanup - ../common/configs/system/nix-install ../common/configs/system/nix-ld ../common/configs/system/nix-update ../common/configs/system/nixpkgs - ../common/configs/system/ntp - ../common/configs/system/pipewire ../common/configs/system/podman - ../common/configs/system/power - ../common/configs/system/printing ../common/configs/system/sops ../common/configs/system/ssh ../common/configs/system/sudo ../common/configs/system/system - ../common/configs/system/timezone ../common/configs/system/tmux - ../common/configs/system/upower ../common/configs/system/users ../common/configs/system/zsh ./configs/nix ./configs/pki + ./configs/podman ./configs/ssh ./users/nikara @@ -62,6 +46,5 @@ sas.build.private = true; - environment.impermanence.device = - config.disko.devices.disk.main.content.partitions.root.content.device; + environment.impermanence.enable = lib.mkForce false; } diff --git a/hosts/elara/format.nix b/hosts/elara/format.nix deleted file mode 100644 index 4c07e29..0000000 --- a/hosts/elara/format.nix +++ /dev/null @@ -1,79 +0,0 @@ -{ - disko.devices = { - disk.main = { - device = "/dev/disk/by-id/scsi-3600224809f331210b85f07f3c5e9dacd"; - type = "disk"; - content = { - type = "gpt"; - partitions = { - boot = { - name = "boot"; - size = "1M"; - type = "EF02"; - }; - esp = { - name = "esp"; - size = "512M"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - mountOptions = [ "umask=0077" ]; - }; - }; - swap = { - name = "swap"; - size = "32G"; - content = { - type = "swap"; - resumeDevice = true; - }; - }; - root = { - name = "root"; - size = "100%"; - content = { - type = "btrfs"; - extraArgs = [ "-f" ]; - subvolumes = - let - mountOptions = [ - "compress=zstd:5" - "noatime" - "user_subvol_rm_allowed" - ]; - in - { - "@" = { - mountpoint = "/"; - inherit mountOptions; - }; - "@persist" = { - mountpoint = "/persist"; - inherit mountOptions; - }; - "@persist/user" = { - mountpoint = "/persist/user"; - inherit mountOptions; - }; - "@persist/state" = { - mountpoint = "/persist/state"; - inherit mountOptions; - }; - "@persist/cache" = { - mountpoint = "/persist/cache"; - inherit mountOptions; - }; - "@nix" = { - mountpoint = "/nix"; - inherit mountOptions; - }; - }; - }; - }; - }; - }; - }; - }; -} diff --git a/hosts/elara/hardware/default.nix b/hosts/elara/hardware/default.nix index 1c4445f..fe3f487 100644 --- a/hosts/elara/hardware/default.nix +++ b/hosts/elara/hardware/default.nix @@ -1,15 +1,8 @@ { ... }: { - imports = [ ./display.nix ]; - - hardware = { - enableAllFirmware = true; - - cpu = { - cores = 14; - threads = 14; - }; + wsl = { + enable = true; + defaultUser = "nikara"; + startMenuLaunchers = true; }; - - virtualisation.hypervGuest.enable = true; } diff --git a/hosts/elara/hardware/display.nix b/hosts/elara/hardware/display.nix deleted file mode 100644 index bc204eb..0000000 --- a/hosts/elara/hardware/display.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ ... }: -{ - boot.kernelParams = [ "video=hyperv_fb:1920x1200@60" ]; - - home-manager.sharedModules = [ - { - wayland.windowManager.hyprland.settings = { - animation = "global, 0"; - - monitor = [ "Virtual-1, preferred, 0x0, 1" ]; - - workspace = [ - "1, monitor:Virtual-1, layoutopt:orientation:left" - "2, monitor:Virtual-1, layoutopt:orientation:left" - "3, monitor:Virtual-1, layoutopt:orientation:left" - "4, monitor:Virtual-1, layoutopt:orientation:left" - "5, monitor:Virtual-1, layoutopt:orientation:left" - "6, monitor:Virtual-1, layoutopt:orientation:left" - "7, monitor:Virtual-1, layoutopt:orientation:left" - "8, monitor:Virtual-1, layoutopt:orientation:left" - "9, monitor:Virtual-1, layoutopt:orientation:left" - "10, monitor:Virtual-1, layoutopt:orientation:left" - ]; - }; - - programs.vscode.profiles.default.userSettings."window.zoomLevel" = (1.25 - 1) / 0.2; - } - ]; -} diff --git a/hosts/elara/users/nikara/configs/console/wsl/default.nix b/hosts/elara/users/nikara/configs/console/wsl/default.nix new file mode 100644 index 0000000..5be028c --- /dev/null +++ b/hosts/elara/users/nikara/configs/console/wsl/default.nix @@ -0,0 +1,5 @@ +{ user, home }: +{ pkgs, ... }: +{ + home-manager.users.${user}.home.packages = with pkgs; [ wsl-wl-clipboard ]; +} diff --git a/hosts/elara/users/nikara/configs/gui/obsidian/default.nix b/hosts/elara/users/nikara/configs/gui/obsidian/default.nix deleted file mode 100644 index 6e6d091..0000000 --- a/hosts/elara/users/nikara/configs/gui/obsidian/default.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ user, home }: -{ ... }: -{ - home-manager.users.${user}.programs.obsidian.vaults."Documents/Obsidian/sas/master".enable = true; -} diff --git a/hosts/elara/users/nikara/configs/gui/vscode/default.nix b/hosts/elara/users/nikara/configs/gui/vscode/default.nix deleted file mode 100644 index 8e4860c..0000000 --- a/hosts/elara/users/nikara/configs/gui/vscode/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ user, home }: -{ ... }: -{ - home-manager.users.${user}.programs.vscode = { - languages = { - c.enable = true; - go.enable = true; - hugo.enable = true; - java.enable = true; - jinja.enable = true; - lua.enable = true; - markdown.enable = true; - nix.enable = true; - podman.enable = true; - python.enable = true; - rest.enable = true; - rust.enable = true; - sas.enable = true; - sops.enable = true; - typescript.enable = true; - yaml.enable = true; - }; - - copilot.enable = true; - }; -} diff --git a/hosts/elara/users/nikara/default.nix b/hosts/elara/users/nikara/default.nix index 56f2297..7352ee7 100644 --- a/hosts/elara/users/nikara/default.nix +++ b/hosts/elara/users/nikara/default.nix @@ -14,7 +14,6 @@ in imports = [ (import ../../../common/configs/user { inherit user home; }) - (import ../../../common/configs/user/console/android { inherit user home; }) (import ../../../common/configs/user/console/btop { inherit user home; }) (import ../../../common/configs/user/console/dive { inherit user home; }) (import ../../../common/configs/user/console/fastfetch { inherit user home; }) @@ -26,18 +25,14 @@ in (import ../../../common/configs/user/console/ip { inherit user home; }) (import ../../../common/configs/user/console/jq { inherit user home; }) (import ../../../common/configs/user/console/kubernetes { inherit user home; }) - (import ../../../common/configs/user/console/libvirt { inherit user home; }) (import ../../../common/configs/user/console/lsof { inherit user home; }) (import ../../../common/configs/user/console/mprocs { inherit user home; }) (import ../../../common/configs/user/console/ncdu { inherit user home; }) - (import ../../../common/configs/user/console/ncspot { inherit user home; }) (import ../../../common/configs/user/console/neovim { inherit user home; }) (import ../../../common/configs/user/console/nix { inherit user home; }) - (import ../../../common/configs/user/console/nix-cleanup { inherit user home; }) (import ../../../common/configs/user/console/nix-develop { inherit user home; }) (import ../../../common/configs/user/console/nix-direnv { inherit user home; }) (import ../../../common/configs/user/console/ouch { inherit user home; }) - (import ../../../common/configs/user/console/pipewire { inherit user home; }) (import ../../../common/configs/user/console/podman { inherit user home; }) (import ../../../common/configs/user/console/sops { inherit user home; }) (import ../../../common/configs/user/console/ssh { inherit user home; }) @@ -47,48 +42,14 @@ in (import ../../../common/configs/user/console/wget { inherit user home; }) (import ../../../common/configs/user/console/xdg { inherit user home; }) (import ../../../common/configs/user/console/yazi { inherit user home; }) - (import ../../../common/configs/user/console/yt-dlp { inherit user home; }) (import ../../../common/configs/user/console/zoxide { inherit user home; }) (import ../../../common/configs/user/console/zsh { inherit user home; }) - (import ../../../common/configs/user/gui/astal { inherit user home; }) - (import ../../../common/configs/user/gui/bluetooth { inherit user home; }) - (import ../../../common/configs/user/gui/btop { inherit user home; }) - (import ../../../common/configs/user/gui/clipbook { inherit user home; }) - (import ../../../common/configs/user/gui/cliphist { inherit user home; }) - (import ../../../common/configs/user/gui/emoji { inherit user home; }) - (import ../../../common/configs/user/gui/feh { inherit user home; }) - (import ../../../common/configs/user/gui/firefox { inherit user home; }) - (import ../../../common/configs/user/gui/gtk { inherit user home; }) - (import ../../../common/configs/user/gui/hyprland { inherit user home; }) - (import ../../../common/configs/user/gui/hyprpicker { inherit user home; }) - (import ../../../common/configs/user/gui/hyprshot { inherit user home; }) - (import ../../../common/configs/user/gui/kitty { inherit user home; }) - (import ../../../common/configs/user/gui/libreoffice { inherit user home; }) - (import ../../../common/configs/user/gui/mpv { inherit user home; }) - (import ../../../common/configs/user/gui/networkmanager { inherit user home; }) - (import ../../../common/configs/user/gui/obs { inherit user home; }) - (import ../../../common/configs/user/gui/obsidian { inherit user home; }) - (import ../../../common/configs/user/gui/pipewire { inherit user home; }) - (import ../../../common/configs/user/gui/qalculate { inherit user home; }) - (import ../../../common/configs/user/gui/qt { inherit user home; }) - (import ../../../common/configs/user/gui/rofi { inherit user home; }) - (import ../../../common/configs/user/gui/rquickshare { inherit user home; }) - (import ../../../common/configs/user/gui/swww { inherit user home; }) - (import ../../../common/configs/user/gui/theme { inherit user home; }) - (import ../../../common/configs/user/gui/vscode { inherit user home; }) - (import ../../../common/configs/user/gui/wev { inherit user home; }) - (import ../../../common/configs/user/gui/wl-clipboard { inherit user home; }) - (import ../../../common/configs/user/gui/x11 { inherit user home; }) - (import ../../../common/configs/user/gui/xdg { inherit user home; }) - (import ./configs/console/gpg { inherit user home; }) (import ./configs/console/podman { inherit user home; }) (import ./configs/console/sas { inherit user home; }) (import ./configs/console/ssh { inherit user home; }) - - (import ./configs/gui/obsidian { inherit user home; }) - (import ./configs/gui/vscode { inherit user home; }) + (import ./configs/console/wsl { inherit user home; }) ]; # mkpasswd -s diff --git a/hosts/himalia/default.nix b/hosts/himalia/default.nix index 63fc31d..5a1396f 100644 --- a/hosts/himalia/default.nix +++ b/hosts/himalia/default.nix @@ -21,7 +21,6 @@ ../common/configs/system/documentation ../common/configs/system/getty ../common/configs/system/git - ../common/configs/system/gpg-agent ../common/configs/system/impermanence ../common/configs/system/lanzaboote ../common/configs/system/libvirt diff --git a/hosts/installer/default.nix b/hosts/installer/default.nix index 362d999..2697841 100644 --- a/hosts/installer/default.nix +++ b/hosts/installer/default.nix @@ -19,7 +19,6 @@ ../common/configs/system/documentation ../common/configs/system/getty ../common/configs/system/git - ../common/configs/system/gpg-agent ../common/configs/system/impermanence ../common/configs/system/lanzaboote ../common/configs/system/neovim diff --git a/hosts/jupiter-vps/README.md b/hosts/jupiter-vps/README.md index 0e10dac..9741c22 100644 --- a/hosts/jupiter-vps/README.md +++ b/hosts/jupiter-vps/README.md @@ -2,7 +2,7 @@ ## Installation Instructions -1. Provision an OVHcloud VPS (ideally running Ubuntu). +1. Provision an OVHcloud VPS (ideally running Ubuntu) 2. Add personal public key 3. Add a CNAME entry for `vps.karaolidis.com` pointing to the VPS IP/host 4. Run `hosts/jupiter-vps/install.sh` diff --git a/hosts/jupiter-vps/install.sh b/hosts/jupiter-vps/install.sh index ce7ace3..3f3537a 100755 --- a/hosts/jupiter-vps/install.sh +++ b/hosts/jupiter-vps/install.sh @@ -12,6 +12,6 @@ cleanup() { trap cleanup EXIT install -d -m 755 "$temp/etc/ssh" -cp ./secrets/hosts/jupiter-vps/ssh_host_ed25519_key "$temp/etc/ssh/ssh_host_ed25519_key" +cp ./submodules/secrets/hosts/jupiter-vps/ssh_host_ed25519_key "$temp/etc/ssh/ssh_host_ed25519_key" nix run github:nix-community/nixos-anywhere -- --flake .#jupiter-vps --extra-files "$temp" --target-host ubuntu@vps.karaolidis.com -i ~/.ssh/ssh_personal_ed25519_key diff --git a/packages/default.nix b/packages/default.nix index 7c585e5..03343a9 100644 --- a/packages/default.nix +++ b/packages/default.nix @@ -89,5 +89,7 @@ ssh-known-hosts-github = import ./ssh/known-hosts/github { inherit pkgs; }; ssh-known-hosts-gitlab = import ./ssh/known-hosts/gitlab { inherit pkgs; }; + wsl-wl-clipboard = import ./wsl-wl-clipboard { inherit pkgs; }; + yazi-plugin-custom-shell = import ./yazi/plugins/custom-shell { inherit pkgs; }; } diff --git a/packages/wsl-wl-clipboard/default.nix b/packages/wsl-wl-clipboard/default.nix new file mode 100644 index 0000000..c411c59 --- /dev/null +++ b/packages/wsl-wl-clipboard/default.nix @@ -0,0 +1,28 @@ +{ pkgs, ... }: +# FIXME: https://github.com/nix-community/NixOS-WSL/issues/700 +let + wl-copy = pkgs.writeShellScriptBin "wl-copy" '' + printf '%s' "$(cat)" | ${pkgs.dos2unix}/bin/unix2dos | clip.exe + ''; + + wl-paste = pkgs.writeShellScriptBin "wl-paste" '' + powershell.exe -command Get-Clipboard | ${pkgs.dos2unix}/bin/dos2unix + ''; +in +pkgs.stdenv.mkDerivation { + name = "wsl-wl-clipboard"; + version = "1.0"; + + src = ./.; + + buildInputs = [ + wl-copy + wl-paste + ]; + + installPhase = '' + mkdir -p $out/bin + ln -s ${wl-copy}/bin/wl-copy $out/bin/wl-copy + ln -s ${wl-paste}/bin/wl-paste $out/bin/wl-paste + ''; +} diff --git a/scripts/add-host.sh b/scripts/add-host.sh index 27b39eb..34c198d 100755 --- a/scripts/add-host.sh +++ b/scripts/add-host.sh @@ -11,16 +11,16 @@ fi host="$1" -mkdir -p "./secrets/hosts/$host" -ssh-keygen -t ed25519 -f "./secrets/hosts/$host/ssh_host_ed25519_key" -C "root@$host" -N "" -age_key=$(ssh-to-age < "./secrets/hosts/$host/ssh_host_ed25519_key.pub") +mkdir -p "./submodules/secrets/hosts/$host" +ssh-keygen -t ed25519 -f "./submodules/secrets/hosts/$host/ssh_host_ed25519_key" -C "root@$host" -N "" +age_key=$(ssh-to-age < "./submodules/secrets/hosts/$host/ssh_host_ed25519_key.pub") -cat < "./secrets/hosts/$host/sops.yaml" +cat < "./submodules/secrets/hosts/$host/sops.yaml" keys: - hosts: - &$host $age_key - namespaces: - - &personal $(age-keygen -y ./secrets/domains/personal/key.txt | tr -d '\n') + - &personal $(age-keygen -y ./submodules/secrets/domains/personal/key.txt | tr -d '\n') creation_rules: - path_regex: .+\.(yaml|yml|json|env|ini|bin) @@ -46,7 +46,7 @@ done machine_id=$(uuidgen -r | tr -d -) -cat < "./secrets/hosts/$host/.decrypted~secrets.yaml" +cat < "./submodules/secrets/hosts/$host/.decrypted~secrets.yaml" luks: '$luks' machineId: $machine_id EOF @@ -55,11 +55,11 @@ tmp_age_key="$(mktemp)" echo "$age_key" > "$tmp_age_key" export SOPS_AGE_KEY_FILE="$tmp_age_key" -sops --config "./secrets/hosts/$host/sops.yaml" --encrypt "./secrets/hosts/$host/.decrypted~secrets.yaml" > "./secrets/hosts/$host/secrets.yaml" +sops --config "./submodules/secrets/hosts/$host/sops.yaml" --encrypt "./submodules/secrets/hosts/$host/.decrypted~secrets.yaml" > "./submodules/secrets/hosts/$host/secrets.yaml" unset SOPS_AGE_KEY_FILE rm -f "$tmp_age_key" -rm -f "./secrets/hosts/$host/.decrypted~secrets.yaml" +rm -f "./submodules/secrets/hosts/$host/.decrypted~secrets.yaml" mkdir -p "./hosts/$host/hardware" diff --git a/scripts/remove-host.sh b/scripts/remove-host.sh index 0bf102a..65d6f0e 100755 --- a/scripts/remove-host.sh +++ b/scripts/remove-host.sh @@ -11,7 +11,7 @@ fi host="$1" -age_key=$(ssh-to-age < "./secrets/hosts/$host/ssh_host_ed25519_key.pub") +age_key=$(ssh-to-age < "./submodules/secrets/hosts/$host/ssh_host_ed25519_key.pub") find . -type f -name "sops.yaml" | while IFS= read -r sops_file; do sed -i "/ - &$host $age_key/d" "$sops_file"