newedge/infra
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: newedge:mob/nix-openwrt
Branches Tags
newedge:main newedge:mob/inventree-test newedge:inventree-test newedge:emmie-separate-home newedge:mob/nix-openwrt newedge:nix-openwrt newedge:mob/phone-eris newedge:phone-eris newedge:mob/inventree-nixpkgs-test newedge:inventree-nixpkgs-test newedge:mob/phonebox-multi-clients newedge:phonebox-multi-clients newedge:buna-machine newedge:whitehouse-router newedge:mob/vega-backup newedge:mob/router-device newedge:router-device newedge:vega-backup newedge:mob/noreply-mailer newedge:noreply-mailer newedge:mob/vega-ups newedge:vega-ups newedge:mob/gitea newedge:gitea
..
compare: newedge:main
Branches Tags
newedge:mob/inventree-test newedge:inventree-test newedge:main newedge:emmie-separate-home newedge:mob/nix-openwrt newedge:nix-openwrt newedge:mob/phone-eris newedge:phone-eris newedge:mob/inventree-nixpkgs-test newedge:inventree-nixpkgs-test newedge:mob/phonebox-multi-clients newedge:phonebox-multi-clients newedge:buna-machine newedge:whitehouse-router newedge:mob/vega-backup newedge:mob/router-device newedge:router-device newedge:vega-backup newedge:mob/noreply-mailer newedge:noreply-mailer newedge:mob/vega-ups newedge:vega-ups newedge:mob/gitea newedge:gitea

12 Commits
mob/nix-op ... main

Author SHA1 Message Date
kurogeek
aa3db27c77 machines/rana: hardcode kernel to version 6.12 to fix freezing issue 2026-04-02 17:53:37 +07:00
kurogeek
44210e6bbb machines/rana: boot.kernelParams adjusted 2026-04-02 17:16:30 +07:00
kurogeek
984d587d00 machines/rana: update facter.json 2026-04-02 11:20:24 +07:00
kurogeek
79be24d581 machines/rana: fixed randomly freeze 2026-04-01 10:49:48 +07:00
kurogeek
1518cd7db6 inputs/nixpkgs: bump version 2026-03-31 13:45:49 +07:00
kurogeek
ac7117c13d clanService/personal-computer: added more drivers 2026-03-31 13:45:23 +07:00
kurogeek
38d13f2fa7 clanService/home-profiles: emmie-home is a separated user 2026-03-24 15:46:57 +07:00
kurogeek
8b1ae80c54 clanInventory/emmie-syncthing: running on emmie as a user 2026-03-24 15:46:57 +07:00
kurogeek
1f867808d2 machines/rana: reinstall 2026-03-24 15:46:57 +07:00
kurogeek
d8b20caf22 machines/rana: enable full-disk encryption 2026-03-24 15:46:57 +07:00
kurogeek
fc2da628e8 clanService/personal-computer: force change-own-password to YES 2026-03-24 15:46:57 +07:00
kurogeek
d4826d803e flake/inputs: plasma-manager init 2026-03-24 15:46:57 +07:00
12 changed files with 976 additions and 753 deletions
Expand all files Collapse all files

46
flake.lock generated
View File

@@ -207,11 +207,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1772173633,
"narHash": "sha256-MOH58F4AIbCkh6qlQcwMycyk5SWvsqnS/TCfnqDlpj4=",
"lastModified": 1774794121,
"narHash": "sha256-gih24b728CK8twDNU7VX9vVYK2tLEXvy9gm/GKq2VeE=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "c0f3d81a7ddbc2b1332be0d8481a672b4f6004d6",
"rev": "c397ef6af68c018462d786e1b65384abc472a907",
"type": "github"
},
"original": {
@@ -221,27 +221,26 @@
"type": "github"
}
},
"openwrt-imagebuilder": {
"plasma-manager": {
"inputs": {
"flake-parts": [
"flake-parts"
"home-manager": [
"home-manager"
],
"nixpkgs": [
"nixpkgs"
],
"systems": "systems_2"
]
},
"locked": {
"lastModified": 1773564448,
"narHash": "sha256-RdhwMI7cAMa0bHkBIG2j1GVTYMEiZOqHWNpNV5nWgdo=",
"owner": "astro",
"repo": "nix-openwrt-imagebuilder",
"rev": "e7c0890d1c740dfd0c0bb2d1dc1703acde60a25f",
"lastModified": 1772361940,
"narHash": "sha256-B1Cz+ydL1iaOnGlwOFld/C8lBECPtzhiy/pP93/CuyY=",
"owner": "nix-community",
"repo": "plasma-manager",
"rev": "a4b33606111c9c5dcd10009042bb710307174f51",
"type": "github"
},
"original": {
"owner": "astro",
"repo": "nix-openwrt-imagebuilder",
"owner": "nix-community",
"repo": "plasma-manager",
"type": "github"
}
},
@@ -254,7 +253,7 @@
"import-tree": "import-tree",
"liminix": "liminix",
"nixpkgs": "nixpkgs",
"openwrt-imagebuilder": "openwrt-imagebuilder",
"plasma-manager": "plasma-manager",
"treefmt-nix": "treefmt-nix"
}
},
@@ -294,21 +293,6 @@
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1680978846,
"narHash": "sha256-Gtqg8b/v49BFDpDetjclCYXm8mAnTrUzR0JnE2nv5aw=",
"owner": "nix-systems",
"repo": "x86_64-linux",
"rev": "2ecfcac5e15790ba6ce360ceccddb15ad16d08a8",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "x86_64-linux",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [

37
flake.nix
View File

@@ -19,13 +19,13 @@
inputs.nixpkgs.follows = "nixpkgs";
url = "github:nix-community/home-manager";
};
plasma-manager = {
url = "github:nix-community/plasma-manager";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};
import-tree.url = "github:vic/import-tree";
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
openwrt-imagebuilder = {
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-parts.follows = "flake-parts";
url = "github:astro/nix-openwrt-imagebuilder";
};
treefmt-nix = {
url = "github:numtide/treefmt-nix";
inputs.nixpkgs.follows = "nixpkgs";
@@ -72,33 +72,6 @@
packages.think-be = pkgs.think-backend-gtcm;
packages.file-uploader = pkgs.gtcm-file-uploader;
};
flake.packages.x86_64-linux.myrouter =
let
pkgs = inputs.nixpkgs.legacyPackages.x86_64-linux;
profiles = inputs.openwrt-imagebuilder.lib.profiles { inherit pkgs; };
config = profiles.identifyProfile "glinet_gl-mt6000" // {
# add package to include in the image, ie. packages that you don't
# want to install manually later
packages = [ "tcpdump" ];
disabledServices = [ "dnsmasq" ];
# include files in the images.
# to set UCI configuration, create a uci-defauts scripts as per
# official OpenWRT ImageBuilder recommendation.
files = pkgs.runCommand "image-files" { } ''
mkdir -p $out/etc/uci-defaults
cat > $out/etc/uci-defaults/99-custom <<EOF
uci -q batch << EOI
set system.@system[0].hostname='testap'
commit
EOI
EOF
'';
};
in
inputs.openwrt-imagebuilder.lib.build config;
}
);
}

18
inventories/emmie.nix
View File

@@ -1,3 +1,8 @@
{ config, ... }:
let
username = "emmie";
userhome = "/home/${username}";
in
{
clan.inventory = {
tags = {
@@ -12,6 +17,11 @@
};
roles.peer.tags.emmie = { };
roles.peer.settings = {
folders = {
Syncthing = {
path = "${userhome}/Share/Syncthing";
};
};
extraDevices = {
pixel7a = {
id = "CEUJMEG-SOHXIJF-G2FT5QB-6MZW3EN-PONI3QN-HPEIOSU-IMSLGW7-XUU6BQK";
@@ -20,6 +30,14 @@
};
};
};
roles.peer.extraModules = [
{
config.services.syncthing = {
user = username;
dataDir = "${userhome}/Share";
};
}
];
};
};
};

7
inventories/personal-computer.nix
View File

@@ -14,14 +14,9 @@
instances = {
emmie-home = {
module = {
name = "home-user";
name = "emmie-home";
input = "self";
};
roles.default.settings = {
username = "emmie";
kbLayout = "us,th";
kbOptions = "grp:win_space_toggle,grp:alt_shift_toggle";
};
roles.default.machines."rana" = { };
};
chocolate-home = {

2
inventory.json
View File

@@ -22,7 +22,7 @@
"installedAt": 1765343708
},
"rana": {
"installedAt": 1768294839
"installedAt": 1773134236
},
"petra": {
"installedAt": 1769064458

10
machines/rana/configuration.nix
View File

@@ -1,4 +1,4 @@
{ self, ... }:
{ self, pkgs, ... }:
{
imports = [
self.nixosModules.common
@@ -9,4 +9,12 @@
};
system.stateVersion = "25.11";
clan.core.sops.defaultGroups = [ "admins" ];
boot.kernelParams = [
"amdgpu.dcdebugmask=0x10"
"amdgpu.cwsr_enable=0"
"amdgpu.gpu_recovery=1"
];
boot.kernelPackages = pkgs.linuxKernel.packages.linux_6_12;
}

3
machines/rana/disko.nix
View File

@@ -53,6 +53,9 @@ in
zroot = {
type = "zpool";
rootFsOptions = {
encryption = "aes-256-gcm";
keyformat = "passphrase";
keylocation = "file:///tmp/secret.key";
mountpoint = "none";
compression = "lz4";
acltype = "posixacl";

1460
machines/rana/facter.json
View File

File diff suppressed because it is too large Load Diff

1
modules/clan/home-profiles/flake-module.nix
View File

@@ -2,5 +2,6 @@
{
clan.modules = {
home-user = lib.modules.importApply ./home-user { };
emmie-home = lib.modules.importApply ./home-user/emmie.nix { };
};
}

127
modules/clan/home-profiles/home-user/emmie.nix Normal file
View File

@@ -0,0 +1,127 @@
{ ... }:
{
_class = "clan.service";
manifest.name = "emmie-home-manager";
manifest.description = "Emmie's home-manager profile generator";
manifest.readme = "Emmie's home-manager profile generator";
manifest.categories = [ "System" ];
roles.default = {
description = "a default role for the user";
perInstance =
{ ... }:
{
nixosModule =
{ inputs, pkgs, ... }:
let
username = "emmie";
in
{
imports = [ inputs.home-manager.nixosModules.home-manager ];
users.users.${username} = {
initialPassword = "";
isNormalUser = true;
extraGroups = [
"audio"
"video"
"networkmanager"
];
};
services.xserver = {
enable = true;
xkb.layout = "us,th";
xkb.options = "grp:win_space_toggle,grp:alt_shift_toggle";
};
programs.chromium = {
enable = true;
extraOpts = {
"BlockThirdPartyCookies" = true;
"ClearBrowsingDataOnExitList" = [
"download_history"
"cookies_and_other_site_data"
"cached_images_and_files"
"password_signin"
"autofill"
"site_settings"
"hosted_app_data"
];
"BraveRewardsDisabled" = true;
"BraveWalletDisabled" = true;
"BraveAIChatEnabled" = false;
"BraveNewsDisabled" = true;
"BraveSpeedreaderEnabled" = false;
"BraveWaybackMachineEnabled" = false;
"BraveStatsPingEnabled" = false;
"BraveWebDiscoveryEnabled" = false;
"BravePlaylistEnabled" = false;
"BraveVPNDisabled" = true;
"TorDisabled" = true;
"BraveP3AEnabled" = false;
"BraveTalkDisabled" = true;
"SyncDisabled" = false;
"PasswordManagerEnabled" = false;
"AutofillAddressEnabled" = false;
"AutofillCreditCardEnabled" = false;
"TranslateEnabled" = false;
"DnsOverHttpsMode" = "secure";
"DnsOverHttpsTemplates" = "https://dns.adguard-dns.com/dns-query";
};
};
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.${username} =
{
osConfig,
pkgs,
lib,
inputs,
...
}:
{
imports = [ inputs.plasma-manager.homeModules.plasma-manager ];
home = {
homeDirectory = lib.mkForce "/home/${username}";
stateVersion = osConfig.system.stateVersion;
packages = with pkgs; [
libreoffice-fresh
element-desktop
signal-desktop
brave
keepassxc
vlc
thunderbird
wasabiwallet
protonmail-desktop
];
};
programs.chromium.package = pkgs.brave;
programs.home-manager.enable = true;
services.syncthing.tray.enable = osConfig.services.syncthing.enable;
programs.plasma.enable = true;
programs.plasma.powerdevil = {
AC = {
autoSuspend.action = "shutDown";
autoSuspend.idleTimeout = 1800;
};
battery = {
autoSuspend.action = "shutDown";
autoSuspend.idleTimeout = 1800;
};
lowBattery = {
autoSuspend.action = "shutDown";
autoSuspend.idleTimeout = 1800;
};
};
};
home-manager.extraSpecialArgs = {
inherit inputs;
};
};
};
};
}

16
modules/clan/personal-computer/printing.nix
View File

@@ -22,11 +22,27 @@ let
in
{
environment.systemPackages = [ pkgs.simple-scan ];
nixpkgs.config.allowUnfreePredicate =
pkg:
builtins.elem (lib.getName pkg) [
"brgenml1lpr"
"cups-brother-dcpt310"
"cups-brother-dcpt720dw"
"cups-brother-dcpt725dw"
];
# nixpkgs.config.allowUnfree = true;
services.ipp-usb.enable = true;
services.printing = {
enable = true;
drivers = [
pkgs.brlaser
pkgs.gutenprint
pkgs.brgenml1lpr
pkgs.brgenml1cupswrapper
pkgs.cups-brother-dcpt310
pkgs.cups-brother-dcpt720dw
pkgs.cups-brother-dcpt725dw
];
extraFilesConf = ''

2
modules/clan/personal-computer/users.nix
View File

@@ -4,7 +4,7 @@
security.polkit.extraConfig = ''
polkit.addRule(function(action, subject) {
if ((action.id == "org.freedesktop.accounts.change-own-password")) {
return polkit.Result.AUTH_SELF;
return polkit.Result.YES;
}
});
'';