diff --git a/flake.lock b/flake.lock index b08213f..f45d58e 100644 --- a/flake.lock +++ b/flake.lock @@ -36,6 +36,24 @@ "type": "github" } }, + "flake-utils_3": { + "inputs": { + "systems": "systems_3" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "flakey-profile": { "locked": { "lastModified": 1712898590, @@ -58,11 +76,11 @@ ] }, "locked": { - "lastModified": 1741701235, - "narHash": "sha256-gBlb8R9gnjUAT5XabJeel3C2iEUiBHx3+91651y3Sqo=", + "lastModified": 1742588233, + "narHash": "sha256-Fi5g8H5FXMSRqy+mU6gPG0v+C9pzjYbkkiePtz8+PpA=", "owner": "nix-community", "repo": "home-manager", - "rev": "c630dfa8abcc65984cc1e47fb25d4552c81dd37e", + "rev": "296ddc64627f4a6a4eb447852d7346b9dd16197d", "type": "github" }, "original": { @@ -99,7 +117,7 @@ "narHash": "sha256-YMLrcBpf0TR5r/eaqm8lxzFPap2TxCor0ZGcK3a7+b8=", "rev": "b90bf629bbd835e61f1317b99e12f8c831017006", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/b90bf629bbd835e61f1317b99e12f8c831017006.tar.gz" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/b90bf629bbd835e61f1317b99e12f8c831017006.tar.gz?rev=b90bf629bbd835e61f1317b99e12f8c831017006" }, "original": { "type": "tarball", @@ -114,11 +132,11 @@ ] }, "locked": { - "lastModified": 1742305973, - "narHash": "sha256-1LtwFQf95Wm7HbpX85Hls3mme92ysFvGWWoyWUrRz94=", + "lastModified": 1742486781, + "narHash": "sha256-Q0JINFp8mtpkbvODO2arZJUONfXhYBu8O4oGqUjso2A=", "ref": "refs/heads/master", - "rev": "3f9a4859a98123dd840e928d0e6af60ca921607a", - "revCount": 75, + "rev": "14454885f19e63584cc3ce557e97488541f15883", + "revCount": 77, "type": "git", "url": "https://git.syzygial.cc/Syzygial/EmacsConfig.git" }, @@ -127,6 +145,28 @@ "url": "https://git.syzygial.cc/Syzygial/EmacsConfig.git" } }, + "microvm": { + "inputs": { + "flake-utils": "flake-utils_3", + "nixpkgs": [ + "nixpkgs" + ], + "spectrum": "spectrum" + }, + "locked": { + "lastModified": 1743083165, + "narHash": "sha256-Fz7AiCJWtoWZ2guJwO3B1h3RuJxYWaCzFIqY0Kmkyrs=", + "owner": "astro", + "repo": "microvm.nix", + "rev": "773d5a04e2e10ca7b412270dea11276a496e1b61", + "type": "github" + }, + "original": { + "owner": "astro", + "repo": "microvm.nix", + "type": "github" + } + }, "nix-darwin": { "inputs": { "nixpkgs": [ @@ -134,11 +174,11 @@ ] }, "locked": { - "lastModified": 1741229100, - "narHash": "sha256-0HwrTDXp9buEwal/1ymK9uQmzUD5ozIA7CJGqnT/gLs=", + "lastModified": 1742595055, + "narHash": "sha256-cEetDber6LF8W4ThmRc4rwKs/o8y2GH0pUdX7e6CnAQ=", "owner": "LnL7", "repo": "nix-darwin", - "rev": "adf5c88ba1fe21af5c083b4d655004431f20c5ab", + "rev": "e9f41de2a81f04390afd106959adf352a207628f", "type": "github" }, "original": { @@ -150,11 +190,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1741513245, - "narHash": "sha256-7rTAMNTY1xoBwz0h7ZMtEcd8LELk9R5TzBPoHuhNSCk=", + "lastModified": 1742422364, + "narHash": "sha256-mNqIplmEohk5jRkqYqG19GA8MbQ/D4gQSK0Mu4LvfRQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e3e32b642a31e6714ec1b712de8c91a3352ce7e1", + "rev": "a84ebe20c6bc2ecbcfb000a50776219f48d134cc", "type": "github" }, "original": { @@ -166,11 +206,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1731763621, - "narHash": "sha256-ddcX4lQL0X05AYkrkV2LMFgGdRvgap7Ho8kgon3iWZk=", + "lastModified": 1741865919, + "narHash": "sha256-4thdbnP6dlbdq+qZWTsm4ffAwoS8Tiq1YResB+RP6WE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c69a9bffbecde46b4b939465422ddc59493d3e4d", + "rev": "573c650e8a14b2faa0041645ab18aed7e60f0c9a", "type": "github" }, "original": { @@ -185,6 +225,7 @@ "home-manager": "home-manager", "lix-module": "lix-module", "me-emacs": "me-emacs", + "microvm": "microvm", "nix-darwin": "nix-darwin", "nixpkgs": "nixpkgs", "sops-nix": "sops-nix" @@ -195,11 +236,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1741644481, - "narHash": "sha256-E0RrMykMtEv15V3QhpsFutgoSKhL1JBhidn+iZajOyg=", + "lastModified": 1742595978, + "narHash": "sha256-05onsoMrLyXE4XleDCeLC3bXnC4nyUbKWInGwM7v6hU=", "owner": "Mic92", "repo": "sops-nix", - "rev": "e653d71e82575a43fe9d228def8eddb73887b866", + "rev": "b7756921b002de60fb66782effad3ce8bdb5b25d", "type": "github" }, "original": { @@ -208,6 +249,22 @@ "type": "github" } }, + "spectrum": { + "flake": false, + "locked": { + "lastModified": 1733308308, + "narHash": "sha256-+RcbMAjSxV1wW5UpS9abIG1lFZC8bITPiFIKNnE7RLs=", + "ref": "refs/heads/main", + "rev": "80c9e9830d460c944c8f730065f18bb733bc7ee2", + "revCount": 792, + "type": "git", + "url": "https://spectrum-os.org/git/spectrum" + }, + "original": { + "type": "git", + "url": "https://spectrum-os.org/git/spectrum" + } + }, "systems": { "locked": { "lastModified": 1681028828, @@ -237,6 +294,21 @@ "repo": "default", "type": "github" } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 281ee87..bbb3d4b 100644 --- a/flake.nix +++ b/flake.nix @@ -12,9 +12,11 @@ url = "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; }; + microvm.url = "github:astro/microvm.nix"; + microvm.inputs.nixpkgs.follows = "nixpkgs"; }; - outputs = { self, nixpkgs, sops-nix, me-emacs, nix-darwin, home-manager, lix-module }@inputs: let + outputs = { self, nixpkgs, sops-nix, me-emacs, nix-darwin, home-manager, lix-module, microvm }@inputs: let overlays = import ./overlays/default.nix inputs; modules = import ./modules/default.nix inputs; @@ -63,6 +65,14 @@ lix-module.nixosModules.default ]; }; + pericyte = nixosSystem' { + modules = [ + ./machines/pericyte/configuration.nix + modules.sops + # lix-module.nixosModules.default + microvm.nixosModules.host + ]; + }; }; darwinConfigurations = { UniverseAir = darwinSystem' { diff --git a/machines/pericyte/configuration.nix b/machines/pericyte/configuration.nix new file mode 100644 index 0000000..c89a940 --- /dev/null +++ b/machines/pericyte/configuration.nix @@ -0,0 +1,25 @@ +{ pkgs, inputs, ... }: { + imports = [ + ./hardware-configuration.nix + "${inputs.nixpkgs}/nixos/modules/profiles/headless.nix" + "${inputs.nixpkgs}/nixos/modules/profiles/minimal.nix" + + ./microvm-configuration.nix + ./k3s.nix + ]; + + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + environment.systemPackages = with pkgs; [ + git + btop + ]; + + boot.tmp.cleanOnBoot = true; + zramSwap.enable = true; + networking.hostName = "pericyte"; + networking.domain = ""; + services.openssh.enable = true; + users.users.root.openssh.authorizedKeys.keys = [''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOaNNSV/wurGA8D7bT+WX4UlHdKqd9SFfVXvSalvHag5qYDPUIsGGkqSNj1dcong9qxrC8y7G7ybWhwRKTKXInXrq6EO4JkVkCSbVqrq8gIv66upsKltvmf0esiOdrpRgHoiup8JKaX93aUT27rykReT39mFwkJZDoD4ViNiK7QmbgDC/9pyGDSJykreSnBoxtczox8Zi+pwN8XMI4nRVdV9hppXMpj38/O3Qaq+oXdHJ2MVNy9D+TqxYofstFbzpJpEb2xA4QYnq/VVJFk8VaZlg3qxelwBJ1GNZO8TMkLA+6b07D3aISyEIQAONviNktPwRPiw903hsDyeKDunDx ssh-key-2025-03-31'' ]; + system.stateVersion = "25.05"; +} diff --git a/machines/pericyte/hardware-configuration.nix b/machines/pericyte/hardware-configuration.nix new file mode 100644 index 0000000..b26ab3a --- /dev/null +++ b/machines/pericyte/hardware-configuration.nix @@ -0,0 +1,14 @@ +{ modulesPath, ... }: +{ + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + boot.loader.grub = { + efiSupport = true; + efiInstallAsRemovable = true; + device = "nodev"; + }; + fileSystems."/boot" = { device = "/dev/disk/by-uuid/FCE4-1F46"; fsType = "vfat"; }; + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ]; + boot.initrd.kernelModules = [ "nvme" ]; + fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; }; + +} diff --git a/machines/pericyte/k3s.nix b/machines/pericyte/k3s.nix new file mode 100644 index 0000000..e8e8508 --- /dev/null +++ b/machines/pericyte/k3s.nix @@ -0,0 +1,19 @@ +{ pkgs, ... }: { + networking.firewall = { + allowedTCPPorts = [ + 6443 # k3s: required so that pods can reach the API server (running on port 6443 by default) + # 2379 # k3s, etcd clients: required if using a "High Availability Embedded etcd" configuration + # 2380 # k3s, etcd peers: required if using a "High Availability Embedded etcd" configuration + ]; + allowedUDPPorts = [ + # 8472 # k3s, flannel: required if using multi-node for inter-node networking + ]; + }; + services.k3s = { + enable = true; + role = "server"; + extraFlags = toString [ + # "--debug" # Optionally add additional args to k3s + ]; + }; +} diff --git a/machines/pericyte/microvm-configuration.nix b/machines/pericyte/microvm-configuration.nix new file mode 100644 index 0000000..ba993fc --- /dev/null +++ b/machines/pericyte/microvm-configuration.nix @@ -0,0 +1,6 @@ +{ pkgs, ... }: { + microvm.autostart = [ + "vm-starbot" + "vm-starbot-dev" + ]; +} diff --git a/machines/universedesktop/desktop/graphics.nix b/machines/universedesktop/desktop/graphics.nix index f259404..fa6c7d8 100644 --- a/machines/universedesktop/desktop/graphics.nix +++ b/machines/universedesktop/desktop/graphics.nix @@ -9,7 +9,7 @@ powerManagement.finegrained = false; nvidiaSettings = true; open = true; - package = config.boot.kernelPackages.nvidiaPackages.vulkan_beta; + # package = config.boot.kernelPackages.nvidiaPackages.vulkan_beta; #package = let # rcu_patch = pkgs.fetchpatch { # url = "https://github.com/gentoo/gentoo/raw/c64caf53/x11-drivers/nvidia-drivers/files/nvidia-drivers-470.223.02-gpl-pfn_valid.patch";