From af7b1d1b63506c836263f3c04fcfee6987d89dbd Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 15:49:10 -0800 Subject: [PATCH 01/35] Add solaar autostart --- users/caperren/dotfiles/hyprland/hyprland-common.conf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/users/caperren/dotfiles/hyprland/hyprland-common.conf b/users/caperren/dotfiles/hyprland/hyprland-common.conf index a9505eb..dbc2abc 100644 --- a/users/caperren/dotfiles/hyprland/hyprland-common.conf +++ b/users/caperren/dotfiles/hyprland/hyprland-common.conf @@ -183,6 +183,8 @@ exec-once = waybar # Wayland specific status bar exec-once = sleep 5 && nm-applet # Traditional notifications area exec-once = sleep 5 && blueman-applet # Traditional bluetooth management tool exec-once = sleep 5 && streamdeck -n # Streamdeck management tool +exec-once = sleep 5 && solaar --window=hide # Logitech device management and battery + exec-once = sleep 5 && Telegram -startintray # Gotta keep in touch with peeps exec-once = sleep 10 && itch # More fun games From e717edc177cb52ded3a1684d5b2e7bf07b046dc1 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 16:37:20 -0800 Subject: [PATCH 02/35] Add cluster host definitions, cluster utilities, and admin, switch nixpkgs to stable --- flake.nix | 2 +- hosts/cap-clust-01/configuration.nix | 41 +++++++++++++++ hosts/cap-clust-01/hardware-configuration.nix | 52 +++++++++++++++++++ hosts/cap-clust-02/hardware-configuration.nix | 52 +++++++++++++++++++ hosts/cap-clust-03/hardware-configuration.nix | 52 +++++++++++++++++++ hosts/cap-clust-04/hardware-configuration.nix | 52 +++++++++++++++++++ hosts/cap-clust-05/hardware-configuration.nix | 52 +++++++++++++++++++ hosts/cap-clust-06/hardware-configuration.nix | 52 +++++++++++++++++++ hosts/cap-clust-07/hardware-configuration.nix | 52 +++++++++++++++++++ hosts/cap-clust-09/hardware-configuration.nix | 52 +++++++++++++++++++ hosts/cap-clust-10/hardware-configuration.nix | 52 +++++++++++++++++++ .../system-utilities-cluster.nix | 26 ++++++++++ modules/system/gpu-amd.nix | 8 ++- users/cluster-admin/cluster-admin.nix | 36 +++++++++++++ 14 files changed, 579 insertions(+), 2 deletions(-) create mode 100644 hosts/cap-clust-01/configuration.nix create mode 100644 hosts/cap-clust-01/hardware-configuration.nix create mode 100644 hosts/cap-clust-02/hardware-configuration.nix create mode 100644 hosts/cap-clust-03/hardware-configuration.nix create mode 100644 hosts/cap-clust-04/hardware-configuration.nix create mode 100644 hosts/cap-clust-05/hardware-configuration.nix create mode 100644 hosts/cap-clust-06/hardware-configuration.nix create mode 100644 hosts/cap-clust-07/hardware-configuration.nix create mode 100644 hosts/cap-clust-09/hardware-configuration.nix create mode 100644 hosts/cap-clust-10/hardware-configuration.nix create mode 100644 modules/application-groups/system-utilities-cluster.nix create mode 100644 users/cluster-admin/cluster-admin.nix diff --git a/flake.nix b/flake.nix index ecdf6c8..9492ad2 100644 --- a/flake.nix +++ b/flake.nix @@ -2,7 +2,7 @@ description = "Nixos config flake"; inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11"; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; home-manager = { diff --git a/hosts/cap-clust-01/configuration.nix b/hosts/cap-clust-01/configuration.nix new file mode 100644 index 0000000..9864e1b --- /dev/null +++ b/hosts/cap-clust-01/configuration.nix @@ -0,0 +1,41 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = [ + # Hardware Scan + ./hardware-configuration.nix + + # Users + ../../users/cluster-admin/cluster-admin.nix + + + # System Configuration + ../../modules/system/cpu-amd.nix + ../../modules/system/fonts.nix + ../../modules/system/gpu-amd.nix + ../../modules/system/home-manager-settings.nix + ../../modules/system/internationalization.nix + ../../modules/system/networking.nix + ../../modules/system/nix-settings.nix + ../../modules/system/security.nix + ../../modules/system/systemd-boot.nix + + # Application Groups + ../../modules/application-groups/system-utilities-cluster.nix + ]; + + networking.hostName = "cap-clust-01"; + time.timeZone = "America/Los_Angeles"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "25.11"; # Did you read the comment? +} diff --git a/hosts/cap-clust-01/hardware-configuration.nix b/hosts/cap-clust-01/hardware-configuration.nix new file mode 100644 index 0000000..0925162 --- /dev/null +++ b/hosts/cap-clust-01/hardware-configuration.nix @@ -0,0 +1,52 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "ehci_pci" + "usb_storage" + "usbhid" + "sd_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ + "kvm-amd" + "amdgpu" + ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/0028a3af-8470-46c2-81ca-6d9be16a6236"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/C389-7B6B"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/2b063ac4-54ee-4b16-b766-9c470733995c"; } + ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/cap-clust-02/hardware-configuration.nix b/hosts/cap-clust-02/hardware-configuration.nix new file mode 100644 index 0000000..44763c6 --- /dev/null +++ b/hosts/cap-clust-02/hardware-configuration.nix @@ -0,0 +1,52 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "ehci_pci" + "usb_storage" + "usbhid" + "sd_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ + "kvm-amd" + "amdgpu" + ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/9fcf291d-2576-44b4-bcba-98e40305e531"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/7727-439F"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/56f2d727-03c5-4aef-9871-217bf98cdbb4"; } + ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/cap-clust-03/hardware-configuration.nix b/hosts/cap-clust-03/hardware-configuration.nix new file mode 100644 index 0000000..2b3d738 --- /dev/null +++ b/hosts/cap-clust-03/hardware-configuration.nix @@ -0,0 +1,52 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "ehci_pci" + "usbhid" + "usb_storage" + "sd_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ + "kvm-amd" + "amdgpu" + ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/c2cfd56f-0090-45eb-a239-068fdadd2fd4"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/C3CF-3854"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/e60a5ced-d01e-4613-afba-9b445bc43097"; } + ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/cap-clust-04/hardware-configuration.nix b/hosts/cap-clust-04/hardware-configuration.nix new file mode 100644 index 0000000..c866270 --- /dev/null +++ b/hosts/cap-clust-04/hardware-configuration.nix @@ -0,0 +1,52 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "ehci_pci" + "usbhid" + "usb_storage" + "sd_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ + "kvm-amd" + "amdgpu" + ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/b9c79a2f-8c6a-4f86-8562-b2f882992e95"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/EF0B-C66E"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/9a123c08-cc9b-4516-a158-b274e9b399c3"; } + ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/cap-clust-05/hardware-configuration.nix b/hosts/cap-clust-05/hardware-configuration.nix new file mode 100644 index 0000000..1d5c3c7 --- /dev/null +++ b/hosts/cap-clust-05/hardware-configuration.nix @@ -0,0 +1,52 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "ehci_pci" + "usbhid" + "usb_storage" + "sd_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ + "kvm-amd" + "amdgpu" + ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/51ce9236-fe8c-49bc-bb90-1e582d163d04"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/FF5C-EB30"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/1d24fd7d-c958-44ad-bb28-c394f3d56a6b"; } + ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/cap-clust-06/hardware-configuration.nix b/hosts/cap-clust-06/hardware-configuration.nix new file mode 100644 index 0000000..69ddb4b --- /dev/null +++ b/hosts/cap-clust-06/hardware-configuration.nix @@ -0,0 +1,52 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "ehci_pci" + "usbhid" + "usb_storage" + "sd_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ + "kvm-amd" + "amdgpu" + ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/8cf14e41-2af7-4bbd-89e2-90f5d04601b8"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/33C3-BB59"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/262fa61f-4beb-4822-ace6-bb15c62b2cca"; } + ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/cap-clust-07/hardware-configuration.nix b/hosts/cap-clust-07/hardware-configuration.nix new file mode 100644 index 0000000..b826cb5 --- /dev/null +++ b/hosts/cap-clust-07/hardware-configuration.nix @@ -0,0 +1,52 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "ehci_pci" + "usbhid" + "usb_storage" + "sd_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ + "kvm-amd" + "amdgpu" + ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/ad88a1b0-c98e-4a95-9fb3-3299169c952b"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/73CA-8E6D"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/c6139db9-2a9d-400a-b8a8-c8f77c5713ca"; } + ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/cap-clust-09/hardware-configuration.nix b/hosts/cap-clust-09/hardware-configuration.nix new file mode 100644 index 0000000..b35edaa --- /dev/null +++ b/hosts/cap-clust-09/hardware-configuration.nix @@ -0,0 +1,52 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "ehci_pci" + "usbhid" + "usb_storage" + "sd_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ + "kvm-amd" + "amdgpu" + ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/30b3183d-8358-46aa-b565-70c7d30af7c7"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/BA04-7969"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/42aeb402-5b5a-4423-b2a5-2c08935c9f57"; } + ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/cap-clust-10/hardware-configuration.nix b/hosts/cap-clust-10/hardware-configuration.nix new file mode 100644 index 0000000..81bb55a --- /dev/null +++ b/hosts/cap-clust-10/hardware-configuration.nix @@ -0,0 +1,52 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "ehci_pci" + "usbhid" + "usb_storage" + "sd_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ + "kvm-amd" + "amdgpu" + ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/affec1c2-bf7c-499e-80a6-6615fd163e1a"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/9E1A-C3DA"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/a17f3a16-78fb-494d-8319-89e31e1defae"; } + ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/modules/application-groups/system-utilities-cluster.nix b/modules/application-groups/system-utilities-cluster.nix new file mode 100644 index 0000000..728ba64 --- /dev/null +++ b/modules/application-groups/system-utilities-cluster.nix @@ -0,0 +1,26 @@ +{ config, pkgs, ... }: +{ + + services.glances.enable = true; + services.openssh.enable = true; + + environment.systemPackages = with pkgs; [ + btop + dnsutils + git + htop + iftop + iotop + killall + kitty + ncdu + networkmanager + nmap + nvtopPackages.full + pciutils + unzip + usbutils + util-linux + wget + ]; +} diff --git a/modules/system/gpu-amd.nix b/modules/system/gpu-amd.nix index 80b1f66..d6f2f57 100644 --- a/modules/system/gpu-amd.nix +++ b/modules/system/gpu-amd.nix @@ -1,5 +1,11 @@ { config, pkgs, ... }: { - services.xserver.videoDrivers = [ "amdgpu" ]; + hardware.graphics = { + enable = true; + enable32Bit = true; + }; + nixpkgs.config.rocmSupport = true; + + services.xserver.videoDrivers = [ "amdgpu" ]; } diff --git a/users/cluster-admin/cluster-admin.nix b/users/cluster-admin/cluster-admin.nix new file mode 100644 index 0000000..16dac1e --- /dev/null +++ b/users/cluster-admin/cluster-admin.nix @@ -0,0 +1,36 @@ +{ config, pkgs, ... }: +{ + users.users.cluster-admin = { + initialPassword = "changeme"; + isNormalUser = true; + description = "Cluster Admin"; + extraGroups = [ + "networkmanager" + "wheel" + ]; + }; + + home-manager.users.cluster-admin = { + home.username = "cluster-admin"; + home.homeDirectory = "/home/cluster-admin"; + home.stateVersion = "25.05"; + + home.packages = with pkgs; [ ]; + + programs.bash.enable = true; + + programs.git = { + enable = true; + settings.user = { + name = "Corwin Perren"; + email = "caperren@gmail.com"; + }; + + }; + + programs.kitty = { + enable = true; + font.name = "JetBrains Mono"; + }; + }; +} From 4fe3ce49e6bc6d83d60f4e5b810d2798369e29e1 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 16:58:02 -0800 Subject: [PATCH 03/35] Add pubkeys for ssh on caperren and cluster admin from caperren account --- users/caperren/caperren.nix | 6 ++++++ users/caperren/pubkeys/cap-nr200p.pub | 1 + users/caperren/pubkeys/cap-slim7.pub | 0 users/cluster-admin/cluster-admin.nix | 6 ++++++ 4 files changed, 13 insertions(+) create mode 100644 users/caperren/pubkeys/cap-nr200p.pub create mode 100644 users/caperren/pubkeys/cap-slim7.pub diff --git a/users/caperren/caperren.nix b/users/caperren/caperren.nix index 190e7c3..1575113 100644 --- a/users/caperren/caperren.nix +++ b/users/caperren/caperren.nix @@ -2,6 +2,8 @@ let hyprlandConfigPath = ./. + "/dotfiles/hyprland/${config.networking.hostName}"; kanshiConfigPath = ./. + "/dotfiles/kanshi/${config.networking.hostName}"; + sshDesktopPubkey = builtins.readFile ./pubkeys/cap-nr200p.pub; + sshLaptopPubkey = builtins.readFile ./pubkeys/cap-slim7.pub; spotifyPlayerAppTomlTextTemplate = builtins.readFile ./dotfiles/spotify-player/app.toml; spotifyPlayerAppTomlText = builtins.replaceStrings [ "{{hostname}}" ] [ config.networking.hostName ] @@ -22,6 +24,10 @@ in "podman" "wheel" ]; + openssh.authorizedKeys.keys = [ + sshDesktopPubkey +# sshLaptopPubkey + ]; }; home-manager.users.caperren = { diff --git a/users/caperren/pubkeys/cap-nr200p.pub b/users/caperren/pubkeys/cap-nr200p.pub new file mode 100644 index 0000000..6b7f9a2 --- /dev/null +++ b/users/caperren/pubkeys/cap-nr200p.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILb5YZG6wCmqoevSHsP9f9eix3iugntBFy9hf/gkGb5v caperren@cap-nr200p \ No newline at end of file diff --git a/users/caperren/pubkeys/cap-slim7.pub b/users/caperren/pubkeys/cap-slim7.pub new file mode 100644 index 0000000..e69de29 diff --git a/users/cluster-admin/cluster-admin.nix b/users/cluster-admin/cluster-admin.nix index 16dac1e..6a91906 100644 --- a/users/cluster-admin/cluster-admin.nix +++ b/users/cluster-admin/cluster-admin.nix @@ -1,4 +1,7 @@ { config, pkgs, ... }: +let + sshCaperrenDesktopPubkey = builtins.readFile ../caperren/pubkeys/cap-nr200p.pub; +in { users.users.cluster-admin = { initialPassword = "changeme"; @@ -8,6 +11,9 @@ "networkmanager" "wheel" ]; + openssh.authorizedKeys.keys = [ + sshCaperrenDesktopPubkey + ]; }; home-manager.users.cluster-admin = { From 6cbde55575ac25e8650b791427f578c7b95a9fdd Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 17:04:34 -0800 Subject: [PATCH 04/35] Add cap-clust-01 to test --- flake.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/flake.nix b/flake.nix index 9492ad2..27e5fd9 100644 --- a/flake.nix +++ b/flake.nix @@ -20,6 +20,13 @@ ... }@inputs: { + nixosConfigurations.cap-clust-01 = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./hosts/cap-clust-01/configuration.nix + inputs.home-manager.nixosModules.default + ]; + }; nixosConfigurations.cap-slim7 = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; From dbd85672a39af8bc7a1d7f94fcde7e9b7fc41e1b Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 17:28:12 -0800 Subject: [PATCH 05/35] Deduplicate cluster config --- hosts/cap-clust-01/configuration.nix | 33 ++-------------------------- modules/host-groups/cluster.nix | 32 +++++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 31 deletions(-) create mode 100644 modules/host-groups/cluster.nix diff --git a/hosts/cap-clust-01/configuration.nix b/hosts/cap-clust-01/configuration.nix index 9864e1b..628d33b 100644 --- a/hosts/cap-clust-01/configuration.nix +++ b/hosts/cap-clust-01/configuration.nix @@ -1,41 +1,12 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - { config, pkgs, ... }: - { imports = [ # Hardware Scan ./hardware-configuration.nix - # Users - ../../users/cluster-admin/cluster-admin.nix - - - # System Configuration - ../../modules/system/cpu-amd.nix - ../../modules/system/fonts.nix - ../../modules/system/gpu-amd.nix - ../../modules/system/home-manager-settings.nix - ../../modules/system/internationalization.nix - ../../modules/system/networking.nix - ../../modules/system/nix-settings.nix - ../../modules/system/security.nix - ../../modules/system/systemd-boot.nix - - # Application Groups - ../../modules/application-groups/system-utilities-cluster.nix + # Host Groups + ../../modules/host-groups/cluster.nix ]; networking.hostName = "cap-clust-01"; - time.timeZone = "America/Los_Angeles"; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "25.11"; # Did you read the comment? } diff --git a/modules/host-groups/cluster.nix b/modules/host-groups/cluster.nix new file mode 100644 index 0000000..f3eec0e --- /dev/null +++ b/modules/host-groups/cluster.nix @@ -0,0 +1,32 @@ +{ config, pkgs, ... }: + +{ + imports = [ + # Users + ../../users/cluster-admin/cluster-admin.nix + + # System Configuration + ../system/cpu-amd.nix + ../system/fonts.nix + ../system/gpu-amd.nix + ../system/home-manager-settings.nix + ../system/internationalization.nix + ../system/networking.nix + ../system/nix-settings.nix + ../system/security.nix + ../system/systemd-boot.nix + + # Application Groups + ../application-groups/system-utilities-cluster.nix + ]; + + time.timeZone = "America/Los_Angeles"; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "25.11"; # Did you read the comment? +} From 1c944019f46555591f7d4e49a6d0f94ea8682e91 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 17:36:46 -0800 Subject: [PATCH 06/35] Add configs for other cluster hosts --- flake.nix | 56 +++++++++++++++++++ hosts/cap-clust-02/configuration.nix | 12 ++++ hosts/cap-clust-03/configuration.nix | 12 ++++ hosts/cap-clust-04/configuration.nix | 12 ++++ hosts/cap-clust-05/configuration.nix | 12 ++++ hosts/cap-clust-06/configuration.nix | 12 ++++ hosts/cap-clust-07/configuration.nix | 12 ++++ hosts/cap-clust-08/configuration.nix | 12 ++++ .../hardware-configuration.nix | 6 +- hosts/cap-clust-09/configuration.nix | 12 ++++ hosts/cap-clust-09/hardware-configuration.nix | 6 +- 11 files changed, 158 insertions(+), 6 deletions(-) create mode 100644 hosts/cap-clust-02/configuration.nix create mode 100644 hosts/cap-clust-03/configuration.nix create mode 100644 hosts/cap-clust-04/configuration.nix create mode 100644 hosts/cap-clust-05/configuration.nix create mode 100644 hosts/cap-clust-06/configuration.nix create mode 100644 hosts/cap-clust-07/configuration.nix create mode 100644 hosts/cap-clust-08/configuration.nix rename hosts/{cap-clust-10 => cap-clust-08}/hardware-configuration.nix (82%) create mode 100644 hosts/cap-clust-09/configuration.nix diff --git a/flake.nix b/flake.nix index 27e5fd9..deb9953 100644 --- a/flake.nix +++ b/flake.nix @@ -27,6 +27,62 @@ inputs.home-manager.nixosModules.default ]; }; + nixosConfigurations.cap-clust-02 = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./hosts/cap-clust-02/configuration.nix + inputs.home-manager.nixosModules.default + ]; + }; + nixosConfigurations.cap-clust-03 = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./hosts/cap-clust-03/configuration.nix + inputs.home-manager.nixosModules.default + ]; + }; + nixosConfigurations.cap-clust-04 = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./hosts/cap-clust-04/configuration.nix + inputs.home-manager.nixosModules.default + ]; + }; + nixosConfigurations.cap-clust-05 = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./hosts/cap-clust-05/configuration.nix + inputs.home-manager.nixosModules.default + ]; + }; + nixosConfigurations.cap-clust-06 = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./hosts/cap-clust-06/configuration.nix + inputs.home-manager.nixosModules.default + ]; + }; + nixosConfigurations.cap-clust-07 = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./hosts/cap-clust-07/configuration.nix + inputs.home-manager.nixosModules.default + ]; + }; + nixosConfigurations.cap-clust-08 = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./hosts/cap-clust-08/configuration.nix + inputs.home-manager.nixosModules.default + ]; + }; + nixosConfigurations.cap-clust-09 = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./hosts/cap-clust-09/configuration.nix + inputs.home-manager.nixosModules.default + ]; + }; nixosConfigurations.cap-slim7 = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; diff --git a/hosts/cap-clust-02/configuration.nix b/hosts/cap-clust-02/configuration.nix new file mode 100644 index 0000000..6b30a45 --- /dev/null +++ b/hosts/cap-clust-02/configuration.nix @@ -0,0 +1,12 @@ +{ config, pkgs, ... }: +{ + imports = [ + # Hardware Scan + ./hardware-configuration.nix + + # Host Groups + ../../modules/host-groups/cluster.nix + ]; + + networking.hostName = "cap-clust-02"; +} diff --git a/hosts/cap-clust-03/configuration.nix b/hosts/cap-clust-03/configuration.nix new file mode 100644 index 0000000..837686d --- /dev/null +++ b/hosts/cap-clust-03/configuration.nix @@ -0,0 +1,12 @@ +{ config, pkgs, ... }: +{ + imports = [ + # Hardware Scan + ./hardware-configuration.nix + + # Host Groups + ../../modules/host-groups/cluster.nix + ]; + + networking.hostName = "cap-clust-03"; +} diff --git a/hosts/cap-clust-04/configuration.nix b/hosts/cap-clust-04/configuration.nix new file mode 100644 index 0000000..268cabe --- /dev/null +++ b/hosts/cap-clust-04/configuration.nix @@ -0,0 +1,12 @@ +{ config, pkgs, ... }: +{ + imports = [ + # Hardware Scan + ./hardware-configuration.nix + + # Host Groups + ../../modules/host-groups/cluster.nix + ]; + + networking.hostName = "cap-clust-04"; +} diff --git a/hosts/cap-clust-05/configuration.nix b/hosts/cap-clust-05/configuration.nix new file mode 100644 index 0000000..aa49857 --- /dev/null +++ b/hosts/cap-clust-05/configuration.nix @@ -0,0 +1,12 @@ +{ config, pkgs, ... }: +{ + imports = [ + # Hardware Scan + ./hardware-configuration.nix + + # Host Groups + ../../modules/host-groups/cluster.nix + ]; + + networking.hostName = "cap-clust-05"; +} diff --git a/hosts/cap-clust-06/configuration.nix b/hosts/cap-clust-06/configuration.nix new file mode 100644 index 0000000..46f8569 --- /dev/null +++ b/hosts/cap-clust-06/configuration.nix @@ -0,0 +1,12 @@ +{ config, pkgs, ... }: +{ + imports = [ + # Hardware Scan + ./hardware-configuration.nix + + # Host Groups + ../../modules/host-groups/cluster.nix + ]; + + networking.hostName = "cap-clust-06"; +} diff --git a/hosts/cap-clust-07/configuration.nix b/hosts/cap-clust-07/configuration.nix new file mode 100644 index 0000000..4956ce5 --- /dev/null +++ b/hosts/cap-clust-07/configuration.nix @@ -0,0 +1,12 @@ +{ config, pkgs, ... }: +{ + imports = [ + # Hardware Scan + ./hardware-configuration.nix + + # Host Groups + ../../modules/host-groups/cluster.nix + ]; + + networking.hostName = "cap-clust-07"; +} diff --git a/hosts/cap-clust-08/configuration.nix b/hosts/cap-clust-08/configuration.nix new file mode 100644 index 0000000..e120484 --- /dev/null +++ b/hosts/cap-clust-08/configuration.nix @@ -0,0 +1,12 @@ +{ config, pkgs, ... }: +{ + imports = [ + # Hardware Scan + ./hardware-configuration.nix + + # Host Groups + ../../modules/host-groups/cluster.nix + ]; + + networking.hostName = "cap-clust-08"; +} diff --git a/hosts/cap-clust-10/hardware-configuration.nix b/hosts/cap-clust-08/hardware-configuration.nix similarity index 82% rename from hosts/cap-clust-10/hardware-configuration.nix rename to hosts/cap-clust-08/hardware-configuration.nix index 81bb55a..b35edaa 100644 --- a/hosts/cap-clust-10/hardware-configuration.nix +++ b/hosts/cap-clust-08/hardware-configuration.nix @@ -30,12 +30,12 @@ boot.extraModulePackages = [ ]; fileSystems."/" = { - device = "/dev/disk/by-uuid/affec1c2-bf7c-499e-80a6-6615fd163e1a"; + device = "/dev/disk/by-uuid/30b3183d-8358-46aa-b565-70c7d30af7c7"; fsType = "ext4"; }; fileSystems."/boot" = { - device = "/dev/disk/by-uuid/9E1A-C3DA"; + device = "/dev/disk/by-uuid/BA04-7969"; fsType = "vfat"; options = [ "fmask=0077" @@ -44,7 +44,7 @@ }; swapDevices = [ - { device = "/dev/disk/by-uuid/a17f3a16-78fb-494d-8319-89e31e1defae"; } + { device = "/dev/disk/by-uuid/42aeb402-5b5a-4423-b2a5-2c08935c9f57"; } ]; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; diff --git a/hosts/cap-clust-09/configuration.nix b/hosts/cap-clust-09/configuration.nix new file mode 100644 index 0000000..e2c6c14 --- /dev/null +++ b/hosts/cap-clust-09/configuration.nix @@ -0,0 +1,12 @@ +{ config, pkgs, ... }: +{ + imports = [ + # Hardware Scan + ./hardware-configuration.nix + + # Host Groups + ../../modules/host-groups/cluster.nix + ]; + + networking.hostName = "cap-clust-09"; +} diff --git a/hosts/cap-clust-09/hardware-configuration.nix b/hosts/cap-clust-09/hardware-configuration.nix index b35edaa..81bb55a 100644 --- a/hosts/cap-clust-09/hardware-configuration.nix +++ b/hosts/cap-clust-09/hardware-configuration.nix @@ -30,12 +30,12 @@ boot.extraModulePackages = [ ]; fileSystems."/" = { - device = "/dev/disk/by-uuid/30b3183d-8358-46aa-b565-70c7d30af7c7"; + device = "/dev/disk/by-uuid/affec1c2-bf7c-499e-80a6-6615fd163e1a"; fsType = "ext4"; }; fileSystems."/boot" = { - device = "/dev/disk/by-uuid/BA04-7969"; + device = "/dev/disk/by-uuid/9E1A-C3DA"; fsType = "vfat"; options = [ "fmask=0077" @@ -44,7 +44,7 @@ }; swapDevices = [ - { device = "/dev/disk/by-uuid/42aeb402-5b5a-4423-b2a5-2c08935c9f57"; } + { device = "/dev/disk/by-uuid/a17f3a16-78fb-494d-8319-89e31e1defae"; } ]; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; From 246c71dc43675b8f0d099458f0039a5e417be1f6 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 18:16:17 -0800 Subject: [PATCH 07/35] Fix clust-08 hardware --- hosts/cap-clust-08/hardware-configuration.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/hosts/cap-clust-08/hardware-configuration.nix b/hosts/cap-clust-08/hardware-configuration.nix index b35edaa..e450374 100644 --- a/hosts/cap-clust-08/hardware-configuration.nix +++ b/hosts/cap-clust-08/hardware-configuration.nix @@ -30,12 +30,12 @@ boot.extraModulePackages = [ ]; fileSystems."/" = { - device = "/dev/disk/by-uuid/30b3183d-8358-46aa-b565-70c7d30af7c7"; + device = "/dev/disk/by-uuid/deed37a4-4d5a-465c-93e6-1b7b216e0a1c"; fsType = "ext4"; }; fileSystems."/boot" = { - device = "/dev/disk/by-uuid/BA04-7969"; + device = "/dev/disk/by-uuid/3ABB-C794"; fsType = "vfat"; options = [ "fmask=0077" @@ -44,7 +44,7 @@ }; swapDevices = [ - { device = "/dev/disk/by-uuid/42aeb402-5b5a-4423-b2a5-2c08935c9f57"; } + { device = "/dev/disk/by-uuid/6a99a895-a58c-43d2-8b62-02e3c915f46c"; } ]; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; From f6387b341f6fa918556a54b9622519b9c05a842a Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 18:20:20 -0800 Subject: [PATCH 08/35] Fix clust-09 hardware --- hosts/cap-clust-09/hardware-configuration.nix | 57 +++++++------------ 1 file changed, 19 insertions(+), 38 deletions(-) diff --git a/hosts/cap-clust-09/hardware-configuration.nix b/hosts/cap-clust-09/hardware-configuration.nix index 81bb55a..acff45e 100644 --- a/hosts/cap-clust-09/hardware-configuration.nix +++ b/hosts/cap-clust-09/hardware-configuration.nix @@ -1,52 +1,33 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: +{ config, lib, pkgs, modulesPath, ... }: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ - "xhci_pci" - "ahci" - "ehci_pci" - "usbhid" - "usb_storage" - "sd_mod" - ]; + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "ehci_pci" "usbhid" "usb_storage" "sd_mod" ]; boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ - "kvm-amd" - "amdgpu" - ]; + boot.kernelModules = [ "kvm-amd" "amdgpu" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = { - device = "/dev/disk/by-uuid/affec1c2-bf7c-499e-80a6-6615fd163e1a"; - fsType = "ext4"; - }; + fileSystems."/" = + { device = "/dev/disk/by-uuid/affec1c2-bf7c-499e-80a6-6615fd163e1a"; + fsType = "ext4"; + }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/9E1A-C3DA"; - fsType = "vfat"; - options = [ - "fmask=0077" - "dmask=0077" + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/9E1A-C3DA"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/a17f3a16-78fb-494d-8319-89e31e1defae"; } ]; - }; - - swapDevices = [ - { device = "/dev/disk/by-uuid/a17f3a16-78fb-494d-8319-89e31e1defae"; } - ]; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} +} \ No newline at end of file From 9191d2c9540dc6f046ae11db3fcc0c9b9223566f Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 18:36:52 -0800 Subject: [PATCH 09/35] Add slim7 pubkey for ssh --- users/caperren/caperren.nix | 2 +- users/caperren/pubkeys/cap-slim7.pub | 1 + users/cluster-admin/cluster-admin.nix | 2 ++ 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/users/caperren/caperren.nix b/users/caperren/caperren.nix index 1575113..be3bde6 100644 --- a/users/caperren/caperren.nix +++ b/users/caperren/caperren.nix @@ -26,7 +26,7 @@ in ]; openssh.authorizedKeys.keys = [ sshDesktopPubkey -# sshLaptopPubkey + sshLaptopPubkey ]; }; diff --git a/users/caperren/pubkeys/cap-slim7.pub b/users/caperren/pubkeys/cap-slim7.pub index e69de29..02f5d76 100644 --- a/users/caperren/pubkeys/cap-slim7.pub +++ b/users/caperren/pubkeys/cap-slim7.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKn/grpCtACdsrw1ocTBsf2Mc6hUZHNwvuZPk8K4UJ3p caperren@cap-slim7 \ No newline at end of file diff --git a/users/cluster-admin/cluster-admin.nix b/users/cluster-admin/cluster-admin.nix index 6a91906..509c5ce 100644 --- a/users/cluster-admin/cluster-admin.nix +++ b/users/cluster-admin/cluster-admin.nix @@ -1,6 +1,7 @@ { config, pkgs, ... }: let sshCaperrenDesktopPubkey = builtins.readFile ../caperren/pubkeys/cap-nr200p.pub; + sshCaperrenLaptopPubkey = builtins.readFile ../caperren/pubkeys/cap-slim7.pub; in { users.users.cluster-admin = { @@ -13,6 +14,7 @@ in ]; openssh.authorizedKeys.keys = [ sshCaperrenDesktopPubkey + sshCaperrenLaptopPubkey ]; }; From 0d65e64e34883f2040bbd9d2381ae35335d9579d Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 18:39:19 -0800 Subject: [PATCH 10/35] Remove kdenlive for build failure --- modules/application-groups/media-creation.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/application-groups/media-creation.nix b/modules/application-groups/media-creation.nix index e204a21..0c114b3 100644 --- a/modules/application-groups/media-creation.nix +++ b/modules/application-groups/media-creation.nix @@ -4,7 +4,7 @@ audacity darktable inkscape - kdePackages.kdenlive + # kdePackages.kdenlive # <- Build Failure obs-studio pinta ]; From 8c4de5f015dafa194835acb9926a2049d6481fa9 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 19:45:59 -0800 Subject: [PATCH 11/35] Testing git auto-rebuild for cluster --- modules/host-groups/cluster.nix | 1 + modules/system/git-auto-rebuild.nix | 15 +++++++++++++++ 2 files changed, 16 insertions(+) create mode 100644 modules/system/git-auto-rebuild.nix diff --git a/modules/host-groups/cluster.nix b/modules/host-groups/cluster.nix index f3eec0e..f827f4d 100644 --- a/modules/host-groups/cluster.nix +++ b/modules/host-groups/cluster.nix @@ -8,6 +8,7 @@ # System Configuration ../system/cpu-amd.nix ../system/fonts.nix + ../system/git-auto-rebuild.nix ../system/gpu-amd.nix ../system/home-manager-settings.nix ../system/internationalization.nix diff --git a/modules/system/git-auto-rebuild.nix b/modules/system/git-auto-rebuild.nix new file mode 100644 index 0000000..4fe4cc6 --- /dev/null +++ b/modules/system/git-auto-rebuild.nix @@ -0,0 +1,15 @@ +{ config, pkgs, ... }: +{ + systemd.services.git-auto-rebuild = { +# enable = true; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + description = "Rebuilds the git repo at /etc/nixos if there are changes in the currently checked out branch"; + # startAt = "*:0/1"; + serviceConfig = { + Type = "simple"; + ExecStart = "/run/current-system/sw/bin/bash -c '/etc/nixos && sudo nixos-rebuild switch --flake #${networking.hostname}'"; + }; + + }; +} From 40b6bde6a437cf9f7b987ea46cb5d14d04b14c6e Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 19:47:58 -0800 Subject: [PATCH 12/35] Misspelling --- modules/system/git-auto-rebuild.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/system/git-auto-rebuild.nix b/modules/system/git-auto-rebuild.nix index 4fe4cc6..763620b 100644 --- a/modules/system/git-auto-rebuild.nix +++ b/modules/system/git-auto-rebuild.nix @@ -8,7 +8,7 @@ # startAt = "*:0/1"; serviceConfig = { Type = "simple"; - ExecStart = "/run/current-system/sw/bin/bash -c '/etc/nixos && sudo nixos-rebuild switch --flake #${networking.hostname}'"; + ExecStart = "/run/current-system/sw/bin/bash -c '/etc/nixos && sudo nixos-rebuild switch --flake #${networking.hostName}'"; }; }; From 561c632289a1985a62d781cea8136564c9a17182 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 19:49:33 -0800 Subject: [PATCH 13/35] Switch to shell command and add git pull --- modules/system/git-auto-rebuild.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/system/git-auto-rebuild.nix b/modules/system/git-auto-rebuild.nix index 763620b..d3ad5f9 100644 --- a/modules/system/git-auto-rebuild.nix +++ b/modules/system/git-auto-rebuild.nix @@ -8,7 +8,7 @@ # startAt = "*:0/1"; serviceConfig = { Type = "simple"; - ExecStart = "/run/current-system/sw/bin/bash -c '/etc/nixos && sudo nixos-rebuild switch --flake #${networking.hostName}'"; + ExecStart = "/run/current-system/sw/bin/bash -c '/etc/nixos && git pull && sudo nixos-rebuild switch --flake #$(hostname)'"; }; }; From 9cd5470c55f00ca33f9cf08488ad43ecfcde6f90 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 19:51:25 -0800 Subject: [PATCH 14/35] Missing cd --- modules/system/git-auto-rebuild.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/system/git-auto-rebuild.nix b/modules/system/git-auto-rebuild.nix index d3ad5f9..dee9e19 100644 --- a/modules/system/git-auto-rebuild.nix +++ b/modules/system/git-auto-rebuild.nix @@ -8,7 +8,7 @@ # startAt = "*:0/1"; serviceConfig = { Type = "simple"; - ExecStart = "/run/current-system/sw/bin/bash -c '/etc/nixos && git pull && sudo nixos-rebuild switch --flake #$(hostname)'"; + ExecStart = "/run/current-system/sw/bin/bash -c 'cd /etc/nixos && git pull && sudo nixos-rebuild switch --flake #$(hostname)'"; }; }; From 4b9374f7537b167bc85c7584d30b05dd1a4daed0 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 19:52:33 -0800 Subject: [PATCH 15/35] Full paths for everything --- modules/system/git-auto-rebuild.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/system/git-auto-rebuild.nix b/modules/system/git-auto-rebuild.nix index dee9e19..5f4d38a 100644 --- a/modules/system/git-auto-rebuild.nix +++ b/modules/system/git-auto-rebuild.nix @@ -8,7 +8,7 @@ # startAt = "*:0/1"; serviceConfig = { Type = "simple"; - ExecStart = "/run/current-system/sw/bin/bash -c 'cd /etc/nixos && git pull && sudo nixos-rebuild switch --flake #$(hostname)'"; + ExecStart = "/run/current-system/sw/bin/bash -c 'cd /etc/nixos && /run/current-system/sw/bin/git pull && /run/current-system/sw/bin/nixos-rebuild switch --flake #$(hostname)'"; }; }; From 54bb3cb054ad41db948f068ba76bbca3a4068197 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 19:54:46 -0800 Subject: [PATCH 16/35] No auto-start --- modules/system/git-auto-rebuild.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/modules/system/git-auto-rebuild.nix b/modules/system/git-auto-rebuild.nix index 5f4d38a..ac71d57 100644 --- a/modules/system/git-auto-rebuild.nix +++ b/modules/system/git-auto-rebuild.nix @@ -1,9 +1,8 @@ { config, pkgs, ... }: { systemd.services.git-auto-rebuild = { -# enable = true; + enable = true; after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; description = "Rebuilds the git repo at /etc/nixos if there are changes in the currently checked out branch"; # startAt = "*:0/1"; serviceConfig = { From 5d041ac5c78a860d21ed9fc492805b61ede93b52 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 19:58:48 -0800 Subject: [PATCH 17/35] Switch to packages definition --- modules/system/git-auto-rebuild.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/system/git-auto-rebuild.nix b/modules/system/git-auto-rebuild.nix index ac71d57..5de7284 100644 --- a/modules/system/git-auto-rebuild.nix +++ b/modules/system/git-auto-rebuild.nix @@ -7,7 +7,7 @@ # startAt = "*:0/1"; serviceConfig = { Type = "simple"; - ExecStart = "/run/current-system/sw/bin/bash -c 'cd /etc/nixos && /run/current-system/sw/bin/git pull && /run/current-system/sw/bin/nixos-rebuild switch --flake #$(hostname)'"; + ExecStart = "${pkgs.bash}/bin/bash -c 'cd /etc/nixos && ${pkgs.git}/bin/git pull && ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --flake #$(hostname)'"; }; }; From 89b373db53c15c2a5aa4941b0e282fa082d0d09e Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 20:06:26 -0800 Subject: [PATCH 18/35] Allow git-auto-rebuild without password for admins --- modules/system/git-auto-rebuild.nix | 1 - modules/system/security.nix | 7 +++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/modules/system/git-auto-rebuild.nix b/modules/system/git-auto-rebuild.nix index 5de7284..f5c34b8 100644 --- a/modules/system/git-auto-rebuild.nix +++ b/modules/system/git-auto-rebuild.nix @@ -9,6 +9,5 @@ Type = "simple"; ExecStart = "${pkgs.bash}/bin/bash -c 'cd /etc/nixos && ${pkgs.git}/bin/git pull && ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --flake #$(hostname)'"; }; - }; } diff --git a/modules/system/security.nix b/modules/system/security.nix index c3dcd7b..2779970 100644 --- a/modules/system/security.nix +++ b/modules/system/security.nix @@ -14,6 +14,13 @@ command = "${pkgs.systemd}/bin/poweroff"; options = [ "NOPASSWD" ]; } + { + commands = [ + "${pkgs.systemd}/bin/systemctl start git-auto-rebuild" + "${pkgs.systemd}/bin/systemctl stop git-auto-rebuild" + ]; + options = [ "NOPASSWD" ]; + } ]; } { From 90a55fab877061a77d8d61b9a3b7b14f0b296479 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 20:08:26 -0800 Subject: [PATCH 19/35] Double single quote --- modules/system/git-auto-rebuild.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/system/git-auto-rebuild.nix b/modules/system/git-auto-rebuild.nix index f5c34b8..53ea7d4 100644 --- a/modules/system/git-auto-rebuild.nix +++ b/modules/system/git-auto-rebuild.nix @@ -7,7 +7,7 @@ # startAt = "*:0/1"; serviceConfig = { Type = "simple"; - ExecStart = "${pkgs.bash}/bin/bash -c 'cd /etc/nixos && ${pkgs.git}/bin/git pull && ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --flake #$(hostname)'"; + ExecStart = "${pkgs.bash}/bin/bash -c ''cd /etc/nixos && ${pkgs.git}/bin/git pull && ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --flake #$(hostname)''"; }; }; } From 6f852032c950a7e751c5af438674d6f367bbcbd9 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 20:10:06 -0800 Subject: [PATCH 20/35] Seperate commands --- modules/system/security.nix | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/modules/system/security.nix b/modules/system/security.nix index 2779970..b886652 100644 --- a/modules/system/security.nix +++ b/modules/system/security.nix @@ -15,12 +15,14 @@ options = [ "NOPASSWD" ]; } { - commands = [ - "${pkgs.systemd}/bin/systemctl start git-auto-rebuild" - "${pkgs.systemd}/bin/systemctl stop git-auto-rebuild" - ]; + commands = "${pkgs.systemd}/bin/systemctl start git-auto-rebuild"; options = [ "NOPASSWD" ]; } + { + commands = "${pkgs.systemd}/bin/systemctl stop git-auto-rebuild"; + options = [ "NOPASSWD" ]; + } + ]; } { From 4b0011d221973ec16095c74de2bb69bc06bd6ac9 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 20:11:03 -0800 Subject: [PATCH 21/35] Command, not commands --- modules/system/security.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/system/security.nix b/modules/system/security.nix index b886652..ccec4d3 100644 --- a/modules/system/security.nix +++ b/modules/system/security.nix @@ -15,11 +15,11 @@ options = [ "NOPASSWD" ]; } { - commands = "${pkgs.systemd}/bin/systemctl start git-auto-rebuild"; + command = "${pkgs.systemd}/bin/systemctl start git-auto-rebuild"; options = [ "NOPASSWD" ]; } { - commands = "${pkgs.systemd}/bin/systemctl stop git-auto-rebuild"; + command = "${pkgs.systemd}/bin/systemctl stop git-auto-rebuild"; options = [ "NOPASSWD" ]; } From b2cfd98331cb41a9ceeb1367835ca87e3a06f2e8 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 20:12:07 -0800 Subject: [PATCH 22/35] Remove double single-quote --- modules/system/git-auto-rebuild.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/system/git-auto-rebuild.nix b/modules/system/git-auto-rebuild.nix index 53ea7d4..f5c34b8 100644 --- a/modules/system/git-auto-rebuild.nix +++ b/modules/system/git-auto-rebuild.nix @@ -7,7 +7,7 @@ # startAt = "*:0/1"; serviceConfig = { Type = "simple"; - ExecStart = "${pkgs.bash}/bin/bash -c ''cd /etc/nixos && ${pkgs.git}/bin/git pull && ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --flake #$(hostname)''"; + ExecStart = "${pkgs.bash}/bin/bash -c 'cd /etc/nixos && ${pkgs.git}/bin/git pull && ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --flake #$(hostname)'"; }; }; } From e797745a6271f6be0aaf08ed9a1087711728c836 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 20:26:55 -0800 Subject: [PATCH 23/35] Copy settings from nix auto-upgrade --- modules/system/git-auto-rebuild.nix | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/modules/system/git-auto-rebuild.nix b/modules/system/git-auto-rebuild.nix index f5c34b8..cc627dc 100644 --- a/modules/system/git-auto-rebuild.nix +++ b/modules/system/git-auto-rebuild.nix @@ -5,9 +5,27 @@ after = [ "network.target" ]; description = "Rebuilds the git repo at /etc/nixos if there are changes in the currently checked out branch"; # startAt = "*:0/1"; + serviceConfig = { - Type = "simple"; - ExecStart = "${pkgs.bash}/bin/bash -c 'cd /etc/nixos && ${pkgs.git}/bin/git pull && ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --flake #$(hostname)'"; + Type = "oneshot"; + ExecStart = "${pkgs.bash}/bin/bash -c 'cd /etc/nixos && ${pkgs.git}/bin/git pull && ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --flake \#$(hostname)'"; }; + environment = + config.nix.envVars + // { + inherit (config.environment.sessionVariables) NIX_PATH; + HOME = "/root"; + } + // config.networking.proxy.envVars; + path = with pkgs; [ + coreutils + gnutar + xz.bin + gzip + gitMinimal + config.nix.package.out + config.programs.ssh.package + ]; }; + } From 6e6ba6c71ff346b473dccc8aeab1892b120f4d5a Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 20:31:32 -0800 Subject: [PATCH 24/35] Flip quote styles --- modules/system/git-auto-rebuild.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/system/git-auto-rebuild.nix b/modules/system/git-auto-rebuild.nix index cc627dc..a383e1f 100644 --- a/modules/system/git-auto-rebuild.nix +++ b/modules/system/git-auto-rebuild.nix @@ -8,7 +8,7 @@ serviceConfig = { Type = "oneshot"; - ExecStart = "${pkgs.bash}/bin/bash -c 'cd /etc/nixos && ${pkgs.git}/bin/git pull && ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --flake \#$(hostname)'"; + ExecStart = ''${pkgs.bash}/bin/bash -c "cd /etc/nixos && ${pkgs.git}/bin/git pull && ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --flake \#$(hostname)"''; }; environment = config.nix.envVars From 0d9db0fd89c13a496cfd4cb998d41db80958fce3 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 20:35:41 -0800 Subject: [PATCH 25/35] Add more paths --- modules/system/git-auto-rebuild.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/modules/system/git-auto-rebuild.nix b/modules/system/git-auto-rebuild.nix index a383e1f..a99317e 100644 --- a/modules/system/git-auto-rebuild.nix +++ b/modules/system/git-auto-rebuild.nix @@ -8,7 +8,7 @@ serviceConfig = { Type = "oneshot"; - ExecStart = ''${pkgs.bash}/bin/bash -c "cd /etc/nixos && ${pkgs.git}/bin/git pull && ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --flake \#$(hostname)"''; + ExecStart = ''${pkgs.bash}/bin/bash -c "cd /etc/nixos && ${pkgs.git}/bin/git pull && ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --flake \#$(${pkgs.hostname}/bin/hostname)"''; }; environment = config.nix.envVars @@ -18,8 +18,10 @@ } // config.networking.proxy.envVars; path = with pkgs; [ + bash coreutils gnutar + hostname xz.bin gzip gitMinimal From 3fc2f349917e2861f4a96920f633d0bc593568b5 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 20:38:59 -0800 Subject: [PATCH 26/35] Switch to system config rebuild --- modules/system/git-auto-rebuild.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/system/git-auto-rebuild.nix b/modules/system/git-auto-rebuild.nix index a99317e..5dc5502 100644 --- a/modules/system/git-auto-rebuild.nix +++ b/modules/system/git-auto-rebuild.nix @@ -8,7 +8,7 @@ serviceConfig = { Type = "oneshot"; - ExecStart = ''${pkgs.bash}/bin/bash -c "cd /etc/nixos && ${pkgs.git}/bin/git pull && ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --flake \#$(${pkgs.hostname}/bin/hostname)"''; + ExecStart = ''${pkgs.bash}/bin/bash -c "cd /etc/nixos && ${pkgs.git}/bin/git pull && ${config.system.build.nixos-rebuild}/bin/nixos-rebuild switch --flake \#$(${pkgs.hostname}/bin/hostname)"''; }; environment = config.nix.envVars From 8d6736598e74642ff3bd722c52e133dd52628453 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 20:40:41 -0800 Subject: [PATCH 27/35] Remove escape char --- modules/system/git-auto-rebuild.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/system/git-auto-rebuild.nix b/modules/system/git-auto-rebuild.nix index 5dc5502..9a131a3 100644 --- a/modules/system/git-auto-rebuild.nix +++ b/modules/system/git-auto-rebuild.nix @@ -8,7 +8,7 @@ serviceConfig = { Type = "oneshot"; - ExecStart = ''${pkgs.bash}/bin/bash -c "cd /etc/nixos && ${pkgs.git}/bin/git pull && ${config.system.build.nixos-rebuild}/bin/nixos-rebuild switch --flake \#$(${pkgs.hostname}/bin/hostname)"''; + ExecStart = ''${pkgs.bash}/bin/bash -c "cd /etc/nixos && ${pkgs.git}/bin/git pull && ${config.system.build.nixos-rebuild}/bin/nixos-rebuild switch --flake #$(${pkgs.hostname}/bin/hostname)"''; }; environment = config.nix.envVars From a8e001ebb15d3eed37f3725c07d77b51fc8a61b1 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 20:45:18 -0800 Subject: [PATCH 28/35] Testing service --- modules/application-groups/system-utilities-cluster.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/application-groups/system-utilities-cluster.nix b/modules/application-groups/system-utilities-cluster.nix index 728ba64..06c94d9 100644 --- a/modules/application-groups/system-utilities-cluster.nix +++ b/modules/application-groups/system-utilities-cluster.nix @@ -22,5 +22,6 @@ usbutils util-linux wget + firefox ]; } From 7611e586c8b03c32b866449013b39abbd797d015 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 20:54:39 -0800 Subject: [PATCH 29/35] Just make auto-rebuild passwordless for the cluster-admin --- .../system-utilities-cluster.nix | 1 - modules/system/security.nix | 14 +++++++++++--- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/modules/application-groups/system-utilities-cluster.nix b/modules/application-groups/system-utilities-cluster.nix index 06c94d9..728ba64 100644 --- a/modules/application-groups/system-utilities-cluster.nix +++ b/modules/application-groups/system-utilities-cluster.nix @@ -22,6 +22,5 @@ usbutils util-linux wget - firefox ]; } diff --git a/modules/system/security.nix b/modules/system/security.nix index ccec4d3..ddee4ca 100644 --- a/modules/system/security.nix +++ b/modules/system/security.nix @@ -14,12 +14,17 @@ command = "${pkgs.systemd}/bin/poweroff"; options = [ "NOPASSWD" ]; } + ]; + } + { + users = [ "cluster-admin" ]; + commands = [ { - command = "${pkgs.systemd}/bin/systemctl start git-auto-rebuild"; + command = "${pkgs.systemd}/bin/systemctl start git-auto-rebuild.service"; options = [ "NOPASSWD" ]; } { - command = "${pkgs.systemd}/bin/systemctl stop git-auto-rebuild"; + command = "${pkgs.systemd}/bin/systemctl stop git-auto-rebuild.service"; options = [ "NOPASSWD" ]; } @@ -30,7 +35,10 @@ commands = [ { command = "${pkgs.nvtopPackages.full}/bin/nvtop"; - options = [ "NOPASSWD" "SETENV" ]; + options = [ + "NOPASSWD" + "SETENV" + ]; } ]; From 28fbea14f64ff1a8b17b6fddb4d5aa1677f05421 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 20:59:19 -0800 Subject: [PATCH 30/35] Use system path config for sudoers changes --- modules/system/security.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/modules/system/security.nix b/modules/system/security.nix index ddee4ca..af20e38 100644 --- a/modules/system/security.nix +++ b/modules/system/security.nix @@ -7,11 +7,11 @@ groups = [ "wheel" ]; commands = [ { - command = "${pkgs.systemd}/bin/reboot"; + command = "${config.system.path}/bin/reboot"; options = [ "NOPASSWD" ]; } { - command = "${pkgs.systemd}/bin/poweroff"; + command = "${config.system.path}/bin/poweroff"; options = [ "NOPASSWD" ]; } ]; @@ -20,11 +20,11 @@ users = [ "cluster-admin" ]; commands = [ { - command = "${pkgs.systemd}/bin/systemctl start git-auto-rebuild.service"; + command = "${config.system.path}/bin/systemctl start git-auto-rebuild.service"; options = [ "NOPASSWD" ]; } { - command = "${pkgs.systemd}/bin/systemctl stop git-auto-rebuild.service"; + command = "${config.system.path}/bin/systemctl stop git-auto-rebuild.service"; options = [ "NOPASSWD" ]; } @@ -34,7 +34,7 @@ users = [ "caperren" ]; commands = [ { - command = "${pkgs.nvtopPackages.full}/bin/nvtop"; + command = "${config.system.path}/bin/nvtop"; options = [ "NOPASSWD" "SETENV" From df2327bfc02039ba003edee46dea155c61c53f49 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 21:00:59 -0800 Subject: [PATCH 31/35] Missing config import --- modules/system/security.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/system/security.nix b/modules/system/security.nix index af20e38..4dbec27 100644 --- a/modules/system/security.nix +++ b/modules/system/security.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ pkgs, config, ... }: { security.sudo = { enable = true; From 0bfc3792bedb90f1e1bfe1303838418dad1dbb89 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 21:04:33 -0800 Subject: [PATCH 32/35] Try current system path instead --- modules/system/security.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/modules/system/security.nix b/modules/system/security.nix index 4dbec27..8597f47 100644 --- a/modules/system/security.nix +++ b/modules/system/security.nix @@ -7,11 +7,11 @@ groups = [ "wheel" ]; commands = [ { - command = "${config.system.path}/bin/reboot"; + command = "/run/current-system/sw/bin/reboot"; options = [ "NOPASSWD" ]; } { - command = "${config.system.path}/bin/poweroff"; + command = "/run/current-system/sw/bin/poweroff"; options = [ "NOPASSWD" ]; } ]; @@ -20,11 +20,11 @@ users = [ "cluster-admin" ]; commands = [ { - command = "${config.system.path}/bin/systemctl start git-auto-rebuild.service"; + command = "/run/current-system/sw/bin/systemctl start git-auto-rebuild.service"; options = [ "NOPASSWD" ]; } { - command = "${config.system.path}/bin/systemctl stop git-auto-rebuild.service"; + command = "/run/current-system/sw/bin/systemctl stop git-auto-rebuild.service"; options = [ "NOPASSWD" ]; } @@ -34,7 +34,7 @@ users = [ "caperren" ]; commands = [ { - command = "${config.system.path}/bin/nvtop"; + command = "/run/current-system/sw/bin/nvtop"; options = [ "NOPASSWD" "SETENV" From 1fa619b95f8c69fc2eddf643cfacfaed2336098f Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 21:09:20 -0800 Subject: [PATCH 33/35] Revert to using system config path --- modules/system/security.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/modules/system/security.nix b/modules/system/security.nix index 8597f47..4dbec27 100644 --- a/modules/system/security.nix +++ b/modules/system/security.nix @@ -7,11 +7,11 @@ groups = [ "wheel" ]; commands = [ { - command = "/run/current-system/sw/bin/reboot"; + command = "${config.system.path}/bin/reboot"; options = [ "NOPASSWD" ]; } { - command = "/run/current-system/sw/bin/poweroff"; + command = "${config.system.path}/bin/poweroff"; options = [ "NOPASSWD" ]; } ]; @@ -20,11 +20,11 @@ users = [ "cluster-admin" ]; commands = [ { - command = "/run/current-system/sw/bin/systemctl start git-auto-rebuild.service"; + command = "${config.system.path}/bin/systemctl start git-auto-rebuild.service"; options = [ "NOPASSWD" ]; } { - command = "/run/current-system/sw/bin/systemctl stop git-auto-rebuild.service"; + command = "${config.system.path}/bin/systemctl stop git-auto-rebuild.service"; options = [ "NOPASSWD" ]; } @@ -34,7 +34,7 @@ users = [ "caperren" ]; commands = [ { - command = "/run/current-system/sw/bin/nvtop"; + command = "${config.system.path}/bin/nvtop"; options = [ "NOPASSWD" "SETENV" From 8c284cc7085723dceee800edfbe47c39f6e4a269 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 21:15:01 -0800 Subject: [PATCH 34/35] Final test --- modules/application-groups/system-utilities-cluster.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/application-groups/system-utilities-cluster.nix b/modules/application-groups/system-utilities-cluster.nix index 728ba64..9f621fe 100644 --- a/modules/application-groups/system-utilities-cluster.nix +++ b/modules/application-groups/system-utilities-cluster.nix @@ -13,7 +13,7 @@ iotop killall kitty - ncdu + networkmanager nmap nvtopPackages.full From 81d7174bdf45c33a4a62fbac6bb9af57418b4332 Mon Sep 17 00:00:00 2001 From: Corwin Perren Date: Sun, 7 Dec 2025 21:29:46 -0800 Subject: [PATCH 35/35] Put ncdu back, and enable ssh agent --- modules/application-groups/system-utilities-cluster.nix | 2 +- modules/application-groups/system-utilities.nix | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/application-groups/system-utilities-cluster.nix b/modules/application-groups/system-utilities-cluster.nix index 9f621fe..728ba64 100644 --- a/modules/application-groups/system-utilities-cluster.nix +++ b/modules/application-groups/system-utilities-cluster.nix @@ -13,7 +13,7 @@ iotop killall kitty - + ncdu networkmanager nmap nvtopPackages.full diff --git a/modules/application-groups/system-utilities.nix b/modules/application-groups/system-utilities.nix index 991b481..806474c 100644 --- a/modules/application-groups/system-utilities.nix +++ b/modules/application-groups/system-utilities.nix @@ -4,6 +4,7 @@ hardware.logitech.wireless.enable = true; hardware.logitech.wireless.enableGraphical = true; + programs.ssh.startAgent = true; programs.thunar.enable = true; programs.thunar.plugins = with pkgs.xfce; [ thunar-archive-plugin