diff options
| author | quentin@aristote.fr <quentin@aristote.fr> | 2025-03-22 18:58:09 +0100 |
|---|---|---|
| committer | quentin@aristote.fr <quentin@aristote.fr> | 2025-03-22 19:57:35 +0100 |
| commit | bb95fd59d059cb6da89133cc723bb06120fd48d0 (patch) | |
| tree | aee7952372e484e7fad137acd6c3f0c91c27cff3 /config/nix.nix | |
| parent | 1017caeae70f7f9918f3de74e961af220c50940e (diff) | |
split nix and system
Flake lock file updates:
• Updated input 'my-nixpkgs':
'github:qaristote/my-nixpkgs/65eb03f15116223871d06254dc453abc79bcffaa' (2025-03-18)
→ 'github:qaristote/my-nixpkgs/14fb28f55fa552aaeffb987e4078e16691bde5b0' (2025-03-22)
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/da044451c6a70518db5b730fe277b70f494188f1' (2025-03-18)
→ 'github:NixOS/nixpkgs/7105ae3957700a9646cc4b766f5815b23ed0c682' (2025-03-20)
Diffstat (limited to 'config/nix.nix')
| -rw-r--r-- | config/nix.nix | 83 |
1 files changed, 1 insertions, 82 deletions
diff --git a/config/nix.nix b/config/nix.nix index a5110a6..3142f93 100644 --- a/config/nix.nix +++ b/config/nix.nix @@ -1,92 +1,11 @@ -{ - config, - lib, - pkgs, - ... -}: let - allowReboot = true; -in { +{...}: { personal.nix = { enable = true; - autoUpgrade.enable = true; gc.enable = true; - flake = "git+file:///etc/nixos/"; - remoteBuilds = { - enable = true; - machines.hephaistos = { - enable = true; - domain = "aristote.mesh"; - user = config.networking.hostName; - }; - }; }; - system.autoUpgrade = {inherit allowReboot;}; - - # disable remote builds - nix.settings.max-jobs = 0; nixpkgs.flake = { setNixPath = true; setFlakeRegistry = true; }; - - systemd.services.nixos-upgrade = { - preStart = lib.mkForce '' - cd /etc/nixos - # requires to have added - # hephaistos.aristote.mesh:/~/nixos-configuration - # as remote hephaistos - git push --force hephaistos master - ''; - postStop = lib.mkForce ""; - serviceConfig.TimeoutStopSec = lib.mkForce (lib.mkOptionDefault ""); - script = lib.mkForce (let - hephaistos = "hephaistos.aristote.mesh"; - in - '' - RESULT=$(ssh ${hephaistos} -- \ - 'nix build --print-out-paths \ - git+file://$(pwd)/nixos-configuration#nixosConfigurations.hermes.config.system.build.toplevel' \ - ) - nix-copy-closure --from ${hephaistos} "$RESULT" - '' - + ( - let - switch = "$RESULT/bin/switch-to-configuration"; - readlink = "${pkgs.coreutils}/bin/readlink"; - luksCfg = config.boot.initrd.luks.devices; - crypt = luksCfg.crypt.device; - in - if allowReboot - then '' - ${switch} boot - booted="$(${readlink} /run/booted-system/{initrd,kernel,kernel-modules})" - built="$(${readlink} /nix/var/nix/profiles/system/{initrd,kernel,kernel-modules})" - if [ "$booted" = "$built" ] - then - ${switch} switch - else - ${lib.optionalString (luksCfg ? crypt) '' - cryptsetup luksAddKey ${crypt} /etc/luks/keys/tmp \ - --key-file /etc/luks/keys/master \ - --verbose - ''} - shutdown -r now ${lib.optionalString (luksCfg ? crypt) '' || \ - cryptsetup luksRemoveKey ${crypt} \ - --key-file /etc/luks/keys/tmp \ - --verbose - ''} - fi - '' - else '' - ${switch} switch - '' - )); - serviceConfig = { - MemoryAccounting = true; - MemoryHigh = "0.9G"; - MemoryMax = "1G"; - MemorySwapMax = "0"; - }; - }; } |