Olivier/chiasson-nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Rebase to flake parts #13

Browse Source
This commit is contained in:
OlivierChiasson
2026-05-30 21:26:13 -03:00
parent 9a4ed1b04b
commit dcdd2c2d90
9 changed files with 245 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/hosts/14900k/configuration.nix
+2
View File
@@ -96,6 +96,8 @@ services.cloudflare-warp.enable = true;
gaming.launchers.enableBottles = false;
gaming.gamescope.enable = true;
gaming.steam.steamTinkerLaunch.enable = true;
gaming.sunshine.enable = true;
gaming.sunshine.cudaSupport = true;
monitorInput.enable = true;
modules/hosts/r5500/configuration.nix
+69
View File
@@ -0,0 +1,69 @@
{ self, inputs, ... }: {
flake.nixosModules.r5500Configuration =
{
self,
config,
lib,
pkgs,
...
}:
{
imports = [
self.nixosModules.r5500Hardware
inputs.sops-nix.nixosModules.sops
self.nixosModules.system
self.nixosModules.users
];
boot.loader.grub = {
enable = true;
efiSupport = false;
device = "/dev/sda";
};
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = true;
KbdInteractiveAuthentication = false;
PermitRootLogin = "no";
UseDns = false;
};
};
sops = {
defaultSopsFile = ../../../secrets/secrets.yaml;
defaultSopsFormat = "yaml";
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
};
sops.secrets."users/server/hashedPassword".neededForUsers = true;
security.sudo.wheelNeedsPassword = true;
nix.settings = {
experimental-features = [ "nix-command" "flakes" ];
trusted-users = [ "root" "@wheel" ];
allowed-users = [ "root" "@wheel" ];
};
chiasson.system = {
networking = {
hostName = "r5500";
networkManager.enable = true;
};
extraPackages = with pkgs; [ btop git ];
};
chiasson.users = {
enabled = [ "server" ];
hostOverrides.server = {
hashedPasswordFile = config.sops.secrets."users/server/hashedPassword".path;
};
};
services.xserver.enable = lib.mkDefault false;
system.stateVersion = "25.11";
};
}
modules/hosts/r5500/default.nix
+13
View File
@@ -0,0 +1,13 @@
{ self, inputs, ... }: {
flake.nixosConfigurations.r5500 = inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit self inputs;
host = "r5500";
system = "x86_64-linux";
};
modules = [
self.nixosModules.r5500Configuration
];
};
}
modules/hosts/r5500/hardware.nix
+51
View File
@@ -0,0 +1,51 @@
{ ... }: {
flake.nixosModules.r5500Hardware =
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [
"uhci_hcd"
"ehci_pci"
"ahci"
"usb_storage"
"usbhid"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/934a5ec3-4bab-49c3-96c9-c857c50076ba";
fsType = "btrfs";
options = [ "subvol=@" ];
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/934a5ec3-4bab-49c3-96c9-c857c50076ba";
fsType = "btrfs";
options = [ "subvol=@home" ];
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/6399d086-687b-4ca9-ad34-da1dd85203d5";
fsType = "ext4";
};
swapDevices = [
{ device = "/dev/disk/by-uuid/ddb9fea1-7c44-44bc-bc74-79a3adb6cc35"; }
];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
};
}
modules/lib/ssh-inventory.nix
+6
View File
@@ -37,6 +37,12 @@
aliases = [ "nix-server" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL3KDicMjtOFR6LfZrFzfAD1gdYUdwv6ZM4PSgtmIuzd nix-server";
};
r5500 = {
hostName = "192.168.2.100";
aliases = [ "r5500" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK7iWCEtkYDLZFRF3w1gzyAok5VCAGUOwu4iWZdMjf3D r5500";
};
};
mkIdentityFileName = hostName: ".ssh/id_ed25519_${lib.strings.toLower hostName}.pub";
modules/system/gaming.nix
+44
View File
@@ -88,6 +88,39 @@
'';
};
sunshine = {
enable = lib.mkEnableOption "Sunshine self-hosted Moonlight streaming host";
openFirewall = lib.mkOption {
type = lib.types.bool;
default = true;
description = "Open Sunshine/Moonlight ports via `services.sunshine.openFirewall`.";
};
capSysAdmin = lib.mkOption {
type = lib.types.bool;
default = true;
description = ''
Grant CAP_SYS_ADMIN to Sunshine for DRM/KMS capture (`services.sunshine.capSysAdmin`).
'';
};
autoStart = lib.mkOption {
type = lib.types.bool;
default = true;
description = "Start Sunshine with the graphical session.";
};
cudaSupport = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Build Sunshine with CUDA/NVENC (`pkgs.sunshine.override { cudaSupport = true; }`).
Enable on NVIDIA hosts for hardware encoding.
'';
};
};
launchers = {
enableBottles = lib.mkOption {
type = lib.types.bool;
@@ -128,6 +161,17 @@
dedicatedServer.openFirewall = cfg.steam.dedicatedServer.openFirewall;
};
services.sunshine = lib.mkIf cfg.sunshine.enable {
enable = true;
openFirewall = cfg.sunshine.openFirewall;
capSysAdmin = cfg.sunshine.capSysAdmin;
autoStart = cfg.sunshine.autoStart;
package = pkgs.sunshine.override {
cudaSupport = cfg.sunshine.cudaSupport;
cudaPackages = pkgs.cudaPackages;
};
};
hardware.graphics = lib.mkIf cfg.graphics.enable {
enable = true;
enable32Bit = cfg.graphics.enable32Bit;