From 4f411004e612724420ec94dd77a5cd2cef3c7173 Mon Sep 17 00:00:00 2001 From: L0m1g Date: Fri, 5 Sep 2025 09:59:31 +0200 Subject: [PATCH] ADD: terre-neuvas server --- flake.lock | 51 ++++++++++++++++++++++---- flake.nix | 33 ++++++++++++----- hm/common/git.nix | 9 +++++ hm/desktop/bspwm.nix | 6 ++-- hm/users/lomig-desktop.nix | 18 ++++++++++ hm/users/lomig.nix | 8 +---- hosts/pennsardin/configuration.nix | 2 +- hosts/terre-neuvas/configuration.nix | 54 ++++++++++++++++++++++++++++ hosts/terre-neuvas/hardware.nix | 41 +++++++++++++++++++++ modules/roles/server.nix | 19 ++++++++++ modules/services/caddy.nix | 13 +++++++ profiles/server-selfhosted.nix | 18 ++++++++++ 12 files changed, 247 insertions(+), 25 deletions(-) create mode 100644 hm/common/git.nix create mode 100644 hm/users/lomig-desktop.nix create mode 100644 hosts/terre-neuvas/configuration.nix create mode 100644 hosts/terre-neuvas/hardware.nix create mode 100644 modules/roles/server.nix create mode 100644 modules/services/caddy.nix create mode 100644 profiles/server-selfhosted.nix diff --git a/flake.lock b/flake.lock index fedbac9..bf5fa73 100644 --- a/flake.lock +++ b/flake.lock @@ -3,7 +3,7 @@ "home-manager": { "inputs": { "nixpkgs": [ - "nixpkgs" + "nixpkgs-unstable" ] }, "locked": { @@ -20,13 +20,50 @@ "type": "github" } }, - "nixpkgs": { + "home-manager-stable": { + "inputs": { + "nixpkgs": [ + "nixpkgs-stable" + ] + }, "locked": { - "lastModified": 1756892917, - "narHash": "sha256-hVsGRW6M3Rd2xSlKowNREyVHXCUbxHoktu1ujgxT4x8=", + "lastModified": 1756679287, + "narHash": "sha256-Xd1vOeY9ccDf5VtVK12yM0FS6qqvfUop8UQlxEB+gTQ=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "07fc025fe10487dd80f2ec694f1cd790e752d0e8", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-25.05", + "repo": "home-manager", + "type": "github" + } + }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1756886854, + "narHash": "sha256-6tooT142NLcFjt24Gi4B0G1pgWLvfw7y93sYEfSHlLI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3f29c71a26f20c830b3708d02bfa62fb1890354a", + "rev": "0e6684e6c5755325f801bda1751a8a4038145d7d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1756936398, + "narHash": "sha256-/o1TTpMIICpjrMHBilL9lYm/r69uhdK1L8j1pfY6tWU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "47f28ad9378956563df9a884fd1b209b64336ba3", "type": "github" }, "original": { @@ -39,7 +76,9 @@ "root": { "inputs": { "home-manager": "home-manager", - "nixpkgs": "nixpkgs" + "home-manager-stable": "home-manager-stable", + "nixpkgs-stable": "nixpkgs-stable", + "nixpkgs-unstable": "nixpkgs-unstable" } } }, diff --git a/flake.nix b/flake.nix index 2d0f6d0..ef02d37 100644 --- a/flake.nix +++ b/flake.nix @@ -2,35 +2,52 @@ description = "My nixos config with WM switch capacity"; inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small"; + nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-25.05"; + nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small"; + home-manager-stable = { + url = "github:nix-community/home-manager/release-25.05"; + inputs.nixpkgs.follows = "nixpkgs-stable"; + }; home-manager = { url = "github:nix-community/home-manager"; - inputs.nixpkgs.follows = "nixpkgs"; + inputs.nixpkgs.follows = "nixpkgs-unstable"; }; }; outputs = { - nixpkgs, + nixpkgs-stable, + nixpkgs-unstable, + home-manager-stable, home-manager, ... }: { # --- Host NixOS (x86_64) --- - nixosConfigurations.pennsardin = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ + nixosConfigurations = { + pennsardin = nixpkgs-unstable.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ ./hosts/pennsardin/configuration.nix home-manager.nixosModules.home-manager # L'utilisateur HM est déclaré dans hosts/pennsardin/configuration.nix ]; }; + terre-neuvas = nixpkgs-stable.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./hosts/terre-neuvas/configuration.nix + home-manager-stable.nixosModules.home-manager + ]; + }; + }; + # --- DevShell (x86_64 uniquement) --- devShells.x86_64-linux.default = import ./devshell.nix { - pkgs = import nixpkgs {system = "x86_64-linux";}; + pkgs = import nixpkgs-stable {system = "x86_64-linux";}; }; # --- Formatter (x86_64 uniquement) --- formatter.x86_64-linux = - (import nixpkgs {system = "x86_64-linux";}).alejandra; + (import nixpkgs-stable {system = "x86_64-linux";}).alejandra; }; } diff --git a/hm/common/git.nix b/hm/common/git.nix new file mode 100644 index 0000000..ded9878 --- /dev/null +++ b/hm/common/git.nix @@ -0,0 +1,9 @@ +_: { + programs.git = { + enable = true; + userName = "L0m1g" ; + userEmail = "git@lomig.me"; + }; +} +# vim: set ts=2 sw=2 sts=2 et : + diff --git a/hm/desktop/bspwm.nix b/hm/desktop/bspwm.nix index 2cdfe8a..5c0c83d 100644 --- a/hm/desktop/bspwm.nix +++ b/hm/desktop/bspwm.nix @@ -1,6 +1,9 @@ # hm/desktop/bspwm.nix { pkgs, ... }: { + imports = [ + ../common/browser.nix + ]; home.packages = with pkgs; [ bspwm sxhkd xorg.xinit xterm alacritty rofi feh font-awesome picom xorg.xset xidlehook betterlockscreen pywal16 imagemagick @@ -20,7 +23,6 @@ "setxkbmap bepovim" "xrandr --output DisplayPort-1 --rate 60 --pos 0x0" "while pgrep -x polybar >/dev/null; do sleep 0.2; done; polybar main" - # fond d’écran (feh) "bash ~/.fehbg" ]; @@ -32,7 +34,6 @@ ''; }; - # Réglages X (corrigé : c'était 'xsession s noblank' -> 'xset s noblank') xsession.initExtra = '' xset s 300 300 xset s on @@ -41,7 +42,6 @@ xset dpms 0 0 500 ''; - # sxhkd services.sxhkd = { enable = true; extraOptions = [ "-m" "1" ]; diff --git a/hm/users/lomig-desktop.nix b/hm/users/lomig-desktop.nix new file mode 100644 index 0000000..1cd665e --- /dev/null +++ b/hm/users/lomig-desktop.nix @@ -0,0 +1,18 @@ +{pkgs, ...}: { + imports = [ + ../desktop/bspwm.nix + ./lomig.nix + ]; + home.stateVersion = "25.05"; # ou ton actuelle + home = { + packages = with pkgs; [ + fastfetch + nerd-fonts.iosevka + obsidian + smug + telegram-desktop + ]; + }; +} +# vim: set ts=2 sw=2 sts=2 et : + diff --git a/hm/users/lomig.nix b/hm/users/lomig.nix index 39f069b..54ece41 100644 --- a/hm/users/lomig.nix +++ b/hm/users/lomig.nix @@ -1,9 +1,8 @@ {pkgs, ...}: { imports = [ - ../../hm/common/browser.nix ../common/nvim.nix + ../../hm/common/git.nix ../../hm/common/zsh.nix - ../desktop/bspwm.nix ]; home.stateVersion = "25.05"; # ou ton actuelle home = { @@ -11,11 +10,6 @@ homeDirectory = "/home/lomig"; packages = with pkgs; [ bat - fastfetch - nerd-fonts.iosevka - obsidian - smug - telegram-desktop tree ]; }; diff --git a/hosts/pennsardin/configuration.nix b/hosts/pennsardin/configuration.nix index 724e826..8432613 100644 --- a/hosts/pennsardin/configuration.nix +++ b/hosts/pennsardin/configuration.nix @@ -24,7 +24,7 @@ home-manager = { useGlobalPkgs = true; - users.lomig = import ../../hm/users/lomig.nix; + users.lomig = import ../../hm/users/lomig-desktop.nix; }; system.stateVersion = "25.05"; # pour éviter les hurlements inutiles diff --git a/hosts/terre-neuvas/configuration.nix b/hosts/terre-neuvas/configuration.nix new file mode 100644 index 0000000..0dbb9f5 --- /dev/null +++ b/hosts/terre-neuvas/configuration.nix @@ -0,0 +1,54 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + + nix.settings.experimental-features = ["nix-command" "flakes" ]; + imports = + [ # Include the results of the hardware scan. + ./hardware.nix + ../../profiles/server-selfhosted.nix + ../../modules/services/caddy.nix + ]; + + # Bootloader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostName = "terre-neuvas"; # Define your hostname. + networking.networkmanager.enable = true; + + # Configure keymap in X11 + services.xserver.xkb = { + layout = "fr"; + variant = "azerty"; + }; + + # Configure console keymap + console.keyMap = "fr"; + + users.users.lomig = { + isNormalUser = true; + extraGroups = ["networkmanager" "lp" "wheel"]; + shell = pkgs.zsh; + }; + + home-manager = { + useGlobalPkgs = true; + users.lomig = import ../../hm/users/lomig.nix; + }; + + nixpkgs.config.allowUnfree = true; + + environment.systemPackages = with pkgs; [ + neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + git + hugo + ]; + + networking.firewall.allowedTCPPorts = [ 80 ]; + system.stateVersion = "25.05"; # Did you read the comment? +} diff --git a/hosts/terre-neuvas/hardware.nix b/hosts/terre-neuvas/hardware.nix new file mode 100644 index 0000000..11f1c0c --- /dev/null +++ b/hosts/terre-neuvas/hardware.nix @@ -0,0 +1,41 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/f37e4afb-1ee2-4f70-a93c-398461405181"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/111D-E5E8"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/c3a69154-ead9-4fcc-a9b1-3b741a42ee97"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/modules/roles/server.nix b/modules/roles/server.nix new file mode 100644 index 0000000..67c158d --- /dev/null +++ b/modules/roles/server.nix @@ -0,0 +1,19 @@ +{pkgs, ...}: { + imports = [ + ../common/nix.nix + ]; + + environment.systemPackages = with pkgs; [ + git + wget + curl + ripgrep + fd + pciutils + usbutils + p7zip + gdu + glances + tmux + ]; +} diff --git a/modules/services/caddy.nix b/modules/services/caddy.nix new file mode 100644 index 0000000..94efe9e --- /dev/null +++ b/modules/services/caddy.nix @@ -0,0 +1,13 @@ +_: { + services.caddy = { + enable = true; + virtualHosts."blog.lomig.me" = { + extraConfig = '' + root * /var/www/lomig + file_server + ''; + }; + }; + + networking.firewall.allowedTCPPorts = [ 80 443 ]; +} diff --git a/profiles/server-selfhosted.nix b/profiles/server-selfhosted.nix new file mode 100644 index 0000000..03c37e5 --- /dev/null +++ b/profiles/server-selfhosted.nix @@ -0,0 +1,18 @@ +{pkgs, ...}: { + imports = [ + ../modules/roles/server.nix + ../modules/common/base.nix + ../modules/common/networking.nix + ../modules/services/printing.nix + ]; + + services.openssh.enable = true; + + environment.systemPackages = with pkgs; [ + btrfs-progs + cifs-utils + lm_sensors + ]; +} +# vim: set ts=2 sw=2 sts=2 et : +