From 82bc9ac40c43d32f71ea1f7ba61dbd66ddcb7b0a Mon Sep 17 00:00:00 2001 From: Vivian Roest Date: Tue, 19 Dec 2023 14:52:25 +0100 Subject: [PATCH] move service to different flake --- flake.lock | 240 ++++++++++++++----------- flake.nix | 7 +- nixos/common/default.nix | 2 - nixos/common/modules/gnome/default.nix | 14 +- nixos/hosts/hades/default.nix | 1 + nixos/templates/proxmox-vm.nix | 2 +- nixos/util.nix | 3 +- 7 files changed, 155 insertions(+), 114 deletions(-) diff --git a/flake.lock b/flake.lock index b9eec3cf..75456f31 100644 --- a/flake.lock +++ b/flake.lock @@ -50,11 +50,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1698258239, - "narHash": "sha256-qnhoYYIJ0L/P7H/f56lQUEvpzNlXh4sxuHpRERV+B44=", + "lastModified": 1702969472, + "narHash": "sha256-IJP9sC+/gLUdWhm6TsnWpw6A1zQWUfn53ym63KeLXvU=", "owner": "zhaofengli", "repo": "attic", - "rev": "e9918bc6be268da6fa97af6ced15193d8a0421c0", + "rev": "bdafd64910bb2b861cf90fa15f1fc93318b6fbf6", "type": "github" }, "original": { @@ -123,26 +123,17 @@ }, "crane": { "inputs": { - "flake-compat": [ - "attic", - "flake-compat" - ], - "flake-utils": [ - "attic", - "flake-utils" - ], "nixpkgs": [ "attic", "nixpkgs" - ], - "rust-overlay": "rust-overlay" + ] }, "locked": { - "lastModified": 1677892403, - "narHash": "sha256-/Wi0L1spSWLFj+UQxN3j0mPYMoc7ZoAujpUF/juFVII=", + "lastModified": 1702918879, + "narHash": "sha256-tWJqzajIvYcaRWxn+cLUB9L9Pv4dQ3Bfit/YjU5ze3g=", "owner": "ipetkov", "repo": "crane", - "rev": "105e27adb70a9890986b6d543a67761cbc1964a2", + "rev": "7195c00c272fdd92fc74e7d5a0a2844b9fadb2fb", "type": "github" }, "original": { @@ -483,6 +474,24 @@ "inputs": { "systems": "systems_2" }, + "locked": { + "lastModified": 1701680307, + "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { + "inputs": { + "systems": "systems_3" + }, "locked": { "lastModified": 1694529238, "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", @@ -497,9 +506,9 @@ "type": "github" } }, - "flake-utils_4": { + "flake-utils_5": { "inputs": { - "systems": "systems_3" + "systems": "systems_4" }, "locked": { "lastModified": 1701680307, @@ -515,9 +524,9 @@ "type": "github" } }, - "flake-utils_5": { + "flake-utils_6": { "inputs": { - "systems": "systems_4" + "systems": "systems_5" }, "locked": { "lastModified": 1685518550, @@ -533,7 +542,7 @@ "type": "github" } }, - "flake-utils_6": { + "flake-utils_7": { "locked": { "lastModified": 1678901627, "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", @@ -547,9 +556,9 @@ "type": "indirect" } }, - "flake-utils_7": { + "flake-utils_8": { "inputs": { - "systems": "systems_6" + "systems": "systems_7" }, "locked": { "lastModified": 1681202837, @@ -641,6 +650,25 @@ "type": "github" } }, + "gnome-autounlock-keyring": { + "inputs": { + "flake-utils": "flake-utils_3", + "nixpkgs": "nixpkgs_4" + }, + "locked": { + "lastModified": 1702990449, + "narHash": "sha256-IU5ERslQmh3x0CWmBCq69kAJrmOAo+iRWXRGOFI4J1s=", + "ref": "refs/heads/main", + "rev": "47ce78481c94dfcd98848353b1a9b8eaa876fb80", + "revCount": 11, + "type": "git", + "url": "https://git.0x76.dev/v/gnome-autounlock-keyring.git" + }, + "original": { + "type": "git", + "url": "https://git.0x76.dev/v/gnome-autounlock-keyring.git" + } + }, "gomod2nix": { "flake": false, "locked": { @@ -664,11 +692,11 @@ ] }, "locked": { - "lastModified": 1702814335, - "narHash": "sha256-Qck7BAMi3eydzT1WFOzp/SgECetyPpOn1dLgmxH2ebQ=", + "lastModified": 1702937117, + "narHash": "sha256-4GjkL2D01bDg00UZN/SeGrnBZrDVOFeZTbQx6U702Vc=", "owner": "nix-community", "repo": "home-manager", - "rev": "e4dba0bd01956170667458be7b45f68170a63651", + "rev": "e8aaced73ebaf6bfa8e3c6ab0a19cb184bc4d798", "type": "github" }, "original": { @@ -682,12 +710,12 @@ "crane": "crane_2", "flake-compat": "flake-compat_4", "flake-parts": "flake-parts", - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_4", "nixpkgs": [ "nixpkgs" ], "pre-commit-hooks-nix": "pre-commit-hooks-nix", - "rust-overlay": "rust-overlay_2" + "rust-overlay": "rust-overlay" }, "locked": { "lastModified": 1702288664, @@ -805,7 +833,7 @@ "nix": { "inputs": { "lowdown-src": "lowdown-src", - "nixpkgs": "nixpkgs_7", + "nixpkgs": "nixpkgs_8", "nixpkgs-regression": "nixpkgs-regression" }, "locked": { @@ -890,11 +918,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1691853136, - "narHash": "sha256-wTzDsRV4HN8A2Sl0SVQY0q8ILs90CD43Ha//7gNZE+E=", + "lastModified": 1702539185, + "narHash": "sha256-KnIRG5NMdLIpEkZTnN5zovNYc0hhXjAgv6pfd5Z4c7U=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f0451844bbdf545f696f029d1448de4906c7f753", + "rev": "aa9d4729cbc99dabacb50e3994dcefb3ea0f7447", "type": "github" }, "original": { @@ -970,16 +998,16 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1685004253, - "narHash": "sha256-AbVL1nN/TDicUQ5wXZ8xdLERxz/eJr7+o8lqkIOVuaE=", + "lastModified": 1702780907, + "narHash": "sha256-blbrBBXjjZt6OKTcYX1jpe9SRof2P9ZYWPzq22tzXAA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3e01645c40b92d29f3ae76344a6d654986a91a91", + "rev": "1e2e384c5b7c50dbf8e9c441a9e58d85f408b01f", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-23.05", + "ref": "nixos-23.11", "repo": "nixpkgs", "type": "github" } @@ -1017,6 +1045,22 @@ } }, "nixpkgs_10": { + "locked": { + "lastModified": 1682526928, + "narHash": "sha256-2cKh4O6t1rQ8Ok+v16URynmb0rV7oZPEbXkU0owNLQs=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "d6b863fd9b7bb962e6f9fdf292419a775e772891", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_11": { "locked": { "lastModified": 1670507980, "narHash": "sha256-riNZa0xzM1it3pzxciwALeMs+0CsBMWIW2FqulzK8vM=", @@ -1066,20 +1110,35 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1702855317, - "narHash": "sha256-5EXeUkoWvrfbZQQLVRn7Ebb9LOt3DkVm6T0M31/VhtM=", + "lastModified": 1702933230, + "narHash": "sha256-xi8AZ3noIXrgmKLR+ij+CeYFoUTKiQuTLL+aA7FRdRQ=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "4e2c5373180ecd17e41e879420be69dc642a6349", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1702830618, + "narHash": "sha256-lvhwIvRwhOLgzbRuYkqHy4M5cQHYs4ktL6/hyuBS6II=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3a16c6447466f4034c2d75fe7014477142c9513e", + "rev": "91a00709aebb3602f172a0bf47ba1ef013e34835", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-unstable-small", + "ref": "nixos-unstable", "type": "indirect" } }, - "nixpkgs_5": { + "nixpkgs_6": { "locked": { "lastModified": 1702312524, "narHash": "sha256-gkZJRDBUCpTPBvQk25G0B7vfbpEYM5s5OZqghkjZsnE=", @@ -1095,7 +1154,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_7": { "locked": { "lastModified": 1686736559, "narHash": "sha256-YyUSVoOKIDAscTx7IZhF9x3qgZ9dPNF19fKk+4c5irc=", @@ -1111,7 +1170,7 @@ "type": "github" } }, - "nixpkgs_7": { + "nixpkgs_8": { "locked": { "lastModified": 1645296114, "narHash": "sha256-y53N7TyIkXsjMpOG7RhvqJFGDacLs9HlyHeSTBioqYU=", @@ -1127,7 +1186,7 @@ "type": "github" } }, - "nixpkgs_8": { + "nixpkgs_9": { "locked": { "lastModified": 1696165369, "narHash": "sha256-pd1cjFHCoEf9q5f9B0HhlOwwpBI9RP3HbUE6xjI7wAI=", @@ -1143,22 +1202,6 @@ "type": "github" } }, - "nixpkgs_9": { - "locked": { - "lastModified": 1682526928, - "narHash": "sha256-2cKh4O6t1rQ8Ok+v16URynmb0rV7oZPEbXkU0owNLQs=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "d6b863fd9b7bb962e6f9fdf292419a775e772891", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs_stable": { "locked": { "lastModified": 1702759837, @@ -1176,8 +1219,8 @@ }, "nixvim": { "inputs": { - "flake-utils": "flake-utils_4", - "nixpkgs": "nixpkgs_5", + "flake-utils": "flake-utils_5", + "nixpkgs": "nixpkgs_6", "pre-commit-hooks": "pre-commit-hooks" }, "locked": { @@ -1196,11 +1239,11 @@ }, "nur": { "locked": { - "lastModified": 1702889123, - "narHash": "sha256-hgdt5ZE76rBbOXVgaBfTY5pT8VezeAeeYomyofrs9RY=", + "lastModified": 1702986248, + "narHash": "sha256-fcKATgZsuj89KGeqy/a+DaP66kcm5SPJ0OvciJ444nQ=", "owner": "nix-community", "repo": "NUR", - "rev": "5eb36fd2d32f43177896e8dd5a7ba134d3d5e949", + "rev": "8f5265940d1c9f28cb55db6e1152e5dc2cc1a684", "type": "github" }, "original": { @@ -1229,7 +1272,7 @@ "pre-commit-hooks": { "inputs": { "flake-compat": "flake-compat_6", - "flake-utils": "flake-utils_5", + "flake-utils": "flake-utils_6", "gitignore": "gitignore_2", "nixpkgs": [ "nixvim", @@ -1313,7 +1356,7 @@ "inputs": { "fenix": "fenix", "naersk": "naersk_2", - "nixpkgs": "nixpkgs_6" + "nixpkgs": "nixpkgs_7" }, "locked": { "lastModified": 1690193312, @@ -1334,12 +1377,13 @@ "attic": "attic", "colmena": "colmena", "comma": "comma", + "gnome-autounlock-keyring": "gnome-autounlock-keyring", "home-manager": "home-manager", "lanzaboote": "lanzaboote", "mailserver": "mailserver", "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_5", "nixpkgs_stable": "nixpkgs_stable", "nixvim": "nixvim", "nur": "nur", @@ -1384,33 +1428,6 @@ } }, "rust-overlay": { - "inputs": { - "flake-utils": [ - "attic", - "crane", - "flake-utils" - ], - "nixpkgs": [ - "attic", - "crane", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1675391458, - "narHash": "sha256-ukDKZw922BnK5ohL9LhwtaDAdCsJL7L6ScNEyF1lO9w=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "383a4acfd11d778d5c2efcf28376cbd845eeaedf", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, - "rust-overlay_2": { "inputs": { "flake-utils": [ "lanzaboote", @@ -1541,6 +1558,21 @@ "type": "github" } }, + "systems_7": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "utils": { "inputs": { "systems": "systems" @@ -1576,7 +1608,7 @@ }, "utils_3": { "inputs": { - "systems": "systems_5" + "systems": "systems_6" }, "locked": { "lastModified": 1694529238, @@ -1595,17 +1627,17 @@ "vault-secrets": { "inputs": { "flake-compat": "flake-compat_7", - "flake-utils": "flake-utils_6", + "flake-utils": "flake-utils_7", "nix": "nix", - "nixpkgs": "nixpkgs_8", + "nixpkgs": "nixpkgs_9", "utils": "utils_3" }, "locked": { - "lastModified": 1702405114, - "narHash": "sha256-a4tIqZsu7eCkxfFR9zrQmOAiJnEoz7i1jH9wVzQUF5E=", + "lastModified": 1702898724, + "narHash": "sha256-ypRLpx5VCTyE3mPKNRSOLMfqaOkyLXNU7opn0+dI/Jg=", "owner": "serokell", "repo": "vault-secrets", - "rev": "0fbb2cada27ee335997799d340092d171ab296a3", + "rev": "9139484e388fe98e3facc097b66c018049d5e123", "type": "github" }, "original": { @@ -1616,8 +1648,8 @@ }, "vault-unseal": { "inputs": { - "flake-utils": "flake-utils_7", - "nixpkgs": "nixpkgs_9" + "flake-utils": "flake-utils_8", + "nixpkgs": "nixpkgs_10" }, "locked": { "lastModified": 1683013874, @@ -1636,7 +1668,7 @@ "webcord": { "inputs": { "dream2nix": "dream2nix", - "nixpkgs": "nixpkgs_10", + "nixpkgs": "nixpkgs_11", "webcord": "webcord_2" }, "locked": { diff --git a/flake.nix b/flake.nix index 9326daa4..8edf7cdc 100644 --- a/flake.nix +++ b/flake.nix @@ -5,14 +5,10 @@ # * https://github.com/Infinidoge/nix-minecraft inputs = { - nixpkgs.url = "nixpkgs/nixos-unstable-small"; - + nixpkgs.url = "nixpkgs/nixos-unstable"; nixpkgs_stable.url = "nixpkgs/nixos-23.05"; - nur.url = "github:nix-community/NUR"; - colmena.url = "github:zhaofengli/colmena"; - vault-secrets.url = "github:serokell/vault-secrets"; home-manager.url = "github:nix-community/home-manager"; @@ -42,6 +38,7 @@ }; vault-unseal.url = "git+https://git.0x76.dev/v/vault-unseal.git"; + gnome-autounlock-keyring.url = "git+https://git.0x76.dev/v/gnome-autounlock-keyring.git"; attic.url = "github:zhaofengli/attic"; }; diff --git a/nixos/common/default.nix b/nixos/common/default.nix index 03d5d45c..8397d2cc 100644 --- a/nixos/common/default.nix +++ b/nixos/common/default.nix @@ -101,6 +101,4 @@ info.enable = lib.mkForce false; nixos.enable = lib.mkForce false; }; - - system.disableInstallerTools = lib.mkDefault true; } diff --git a/nixos/common/modules/gnome/default.nix b/nixos/common/modules/gnome/default.nix index eb2d4f09..67a6c148 100644 --- a/nixos/common/modules/gnome/default.nix +++ b/nixos/common/modules/gnome/default.nix @@ -11,6 +11,17 @@ in { Whether to enable home manager integration to set default dconf values ''; }; + + auto-unlock-keyring = mkOption { + type = types.bool; + default = true; + description = '' + Whether to automatically unlock the keyring upon login. + This is mostly useful if you are logging in using a fingerprint + or FIDO device and the keyring does not automatically get unlocked. + Make sure you have enrolled you password into the keyring unlocker. + ''; + }; }; config = mkIf cfg.enable { @@ -24,7 +35,6 @@ in { layout = "us"; xkbVariant = "altgr-intl"; - # Enable the GNOME Desktop Environment. displayManager.gdm.enable = true; desktopManager.gnome.enable = true; @@ -34,6 +44,8 @@ in { udisks2.enable = true; }; + services.gnome-autounlock-keyring.enable = cfg.auto-unlock-keyring; + # Add Home-manager dconf stuff home-manager.sharedModules = mkIf cfg.hm [ ./hm.nix ]; environment.gnome.excludePackages = diff --git a/nixos/hosts/hades/default.nix b/nixos/hosts/hades/default.nix index 8f9a049a..d1ca55b0 100644 --- a/nixos/hosts/hades/default.nix +++ b/nixos/hosts/hades/default.nix @@ -156,6 +156,7 @@ "tudelft" = { ip = "192.168.0.132"; mac = "AE:B3:93:4B:04:76"; + nix = false; }; "mastodon" = { ip = "192.168.0.138"; diff --git a/nixos/templates/proxmox-vm.nix b/nixos/templates/proxmox-vm.nix index 0c220eb5..703a42f2 100644 --- a/nixos/templates/proxmox-vm.nix +++ b/nixos/templates/proxmox-vm.nix @@ -5,7 +5,7 @@ virtio0 = "local-zfs:vm-9999-disk-0"; cores = 4; memory = 4096; - bios = "ovmf"; + bios = "seabios"; additionalSpace = "20G"; }; diff --git a/nixos/util.nix b/nixos/util.nix index 79fe2a0f..067b19bb 100644 --- a/nixos/util.nix +++ b/nixos/util.nix @@ -1,4 +1,4 @@ -{ nixpkgs, home-manager, mailserver, lanzaboote, attic, ... }: +{ nixpkgs, home-manager, mailserver, lanzaboote, attic, gnome-autounlock-keyring, ... }: let inherit (builtins) filter attrValues concatMap mapAttrs; inherit (nixpkgs.lib.attrsets) mapAttrsToList; @@ -18,6 +18,7 @@ let "vm" = [ ./common/generic-vm.nix ]; "local" = [ lanzaboote.nixosModules.lanzaboote + gnome-autounlock-keyring.nixosModules.default ./common/desktop ]; };