From f633888c3a32039f0f8471caf3ddbc4a32d21ae1 Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Mon, 10 Nov 2025 00:18:51 -0600 Subject: [PATCH 1/2] l001 upgraded to new flake modules --- hosts/linode/l001/configuration.nix | 7 - hosts/linode/l001/flake.lock | 273 +++------------------------- hosts/linode/l001/flake.nix | 99 +++++----- 3 files changed, 86 insertions(+), 293 deletions(-) delete mode 100644 hosts/linode/l001/configuration.nix diff --git a/hosts/linode/l001/configuration.nix b/hosts/linode/l001/configuration.nix deleted file mode 100644 index 016d4ad..0000000 --- a/hosts/linode/l001/configuration.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - ... -}: -{ - boot.loader.grub.enable = true; - system.stateVersion = "24.11"; -} diff --git a/hosts/linode/l001/flake.lock b/hosts/linode/l001/flake.lock index 26cba9a..23af41d 100644 --- a/hosts/linode/l001/flake.lock +++ b/hosts/linode/l001/flake.lock @@ -1,104 +1,34 @@ { "nodes": { - "agenix": { - "inputs": { - "darwin": "darwin", - "home-manager": "home-manager", - "nixpkgs": [ - "common", - "ragenix", - "nixpkgs" - ], - "systems": "systems" - }, - "locked": { - "lastModified": 1736955230, - "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", - "owner": "ryantm", - "repo": "agenix", - "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", - "type": "github" - }, - "original": { - "owner": "ryantm", - "repo": "agenix", - "type": "github" - } - }, "common": { - "inputs": { - "home-manager": [ - "home-manager" - ], - "nixpkgs": "nixpkgs", - "ragenix": "ragenix" - }, "locked": { - "lastModified": 1745855931, - "narHash": "sha256-8lxgNWqlRXH2Fen6RRfqmy9tckUXiOV5/Fcr4jh2smQ=", + "dir": "flakes/common", + "lastModified": 1762754782, + "narHash": "sha256-orYfD6CRMZAD2EUmxTdXNH0vctXQ04tOp0TmcrlPNcI=", "ref": "refs/heads/master", - "rev": "39edfefa5871d07c9f88ce92a55995eb347d9b09", - "revCount": 407, + "rev": "49afd9829075a3e68676978f6565cf8f419d24ef", + "revCount": 766, "type": "git", "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" }, "original": { - "rev": "39edfefa5871d07c9f88ce92a55995eb347d9b09", + "dir": "flakes/common", "type": "git", "url": "https://git.joshuabell.xyz/ringofstorms/dotfiles" } }, - "crane": { - "locked": { - "lastModified": 1741481578, - "narHash": "sha256-JBTSyJFQdO3V8cgcL08VaBUByEU6P5kXbTJN6R0PFQo=", - "owner": "ipetkov", - "repo": "crane", - "rev": "bb1c9567c43e4434f54e9481eb4b8e8e0d50f0b5", - "type": "github" - }, - "original": { - "owner": "ipetkov", - "repo": "crane", - "type": "github" - } - }, - "darwin": { - "inputs": { - "nixpkgs": [ - "common", - "ragenix", - "agenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1700795494, - "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", - "owner": "lnl7", - "repo": "nix-darwin", - "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", - "type": "github" - }, - "original": { - "owner": "lnl7", - "ref": "master", - "repo": "nix-darwin", - "type": "github" - } - }, "deploy-rs": { "inputs": { "flake-compat": "flake-compat", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs", "utils": "utils" }, "locked": { - "lastModified": 1727447169, - "narHash": "sha256-3KyjMPUKHkiWhwR91J1YchF6zb6gvckCAY1jOE+ne0U=", + "lastModified": 1762286984, + "narHash": "sha256-9I2H9x5We6Pl+DBYHjR1s3UT8wgwcpAH03kn9CqtdQc=", "owner": "serokell", "repo": "deploy-rs", - "rev": "aa07eb05537d4cd025e2310397a6adcedfe72c76", + "rev": "9c870f63e28ec1e83305f7f6cb73c941e699f74f", "type": "github" }, "original": { @@ -110,11 +40,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "lastModified": 1733328505, + "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", "owner": "edolstra", "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", "type": "github" }, "original": { @@ -123,50 +53,9 @@ "type": "github" } }, - "flake-utils": { - "inputs": { - "systems": "systems_2" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, "home-manager": { "inputs": { - "nixpkgs": [ - "common", - "ragenix", - "agenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1703113217, - "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, - "home-manager_2": { - "inputs": { - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_2" }, "locked": { "lastModified": 1747688870, @@ -185,43 +74,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1742069588, - "narHash": "sha256-C7jVfohcGzdZRF6DO+ybyG/sqpo1h6bZi9T56sxLy+k=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "c80f6a7e10b39afcc1894e02ef785b1ad0b0d7e5", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1741379970, - "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { - "locked": { - "lastModified": 1702272962, - "narHash": "sha256-D+zHwkwPc6oYQ4G3A1HuadopqRwUY/JkMwHz1YF7j4Q=", + "lastModified": 1743014863, + "narHash": "sha256-jAIUqsiN2r3hCuHji80U7NNEafpIMBXiwKlSrjWMlpg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e97b3e4186bcadf0ef1b6be22b8558eab1cdeb5d", + "rev": "bd3bac8bfb542dbde7ffffb6987a1a1f9d41699f", "type": "github" }, "original": { @@ -231,7 +88,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_2": { "locked": { "lastModified": 1746055187, "narHash": "sha256-3dqArYSMP9hM7Qpy5YWhnSjiqniSaT2uc5h2Po7tmg0=", @@ -247,13 +104,13 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_3": { "locked": { - "lastModified": 1742268799, - "narHash": "sha256-IhnK4LhkBlf14/F8THvUy3xi/TxSQkp9hikfDZRD4Ic=", + "lastModified": 1751274312, + "narHash": "sha256-/bVBlRpECLVzjV19t5KMdMFWSwKLtb5RyXdjz3LJT+g=", "owner": "nixos", "repo": "nixpkgs", - "rev": "da044451c6a70518db5b730fe277b70f494188f1", + "rev": "50ab793786d9de88ee30ec4e4c24fb4236fc2674", "type": "github" }, "original": { @@ -263,56 +120,12 @@ "type": "github" } }, - "ragenix": { - "inputs": { - "agenix": "agenix", - "crane": "crane", - "flake-utils": "flake-utils", - "nixpkgs": "nixpkgs_2", - "rust-overlay": "rust-overlay" - }, - "locked": { - "lastModified": 1741508717, - "narHash": "sha256-iQf1WdNxaApOFHIx4RLMRZ4f8g+8Xp0Z1/E/Mz2rLxY=", - "owner": "yaxitech", - "repo": "ragenix", - "rev": "2a2bea99d74927e54adf53cbf113219def67d5c9", - "type": "github" - }, - "original": { - "owner": "yaxitech", - "repo": "ragenix", - "type": "github" - } - }, "root": { "inputs": { "common": "common", "deploy-rs": "deploy-rs", - "home-manager": "home-manager_2", - "nixpkgs": "nixpkgs_5" - } - }, - "rust-overlay": { - "inputs": { - "nixpkgs": [ - "common", - "ragenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1741400194, - "narHash": "sha256-tEpgT+q5KlGjHSm8MnINgTPErEl8YDzX3Eps8PVc09g=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "16b6045a232fea0e9e4c69e55a6e269607dd8e3f", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" + "home-manager": "home-manager", + "nixpkgs": "nixpkgs_3" } }, "systems": { @@ -330,46 +143,16 @@ "type": "github" } }, - "systems_2": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_3": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "utils": { "inputs": { - "systems": "systems_3" + "systems": "systems" }, "locked": { - "lastModified": 1701680307, - "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=", + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "owner": "numtide", "repo": "flake-utils", - "rev": "4022d587cbbfd70fe950c1e2083a02621806a725", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "type": "github" }, "original": { diff --git a/hosts/linode/l001/flake.nix b/hosts/linode/l001/flake.nix index c313290..c1e3fef 100644 --- a/hosts/linode/l001/flake.nix +++ b/hosts/linode/l001/flake.nix @@ -3,20 +3,29 @@ nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; home-manager.url = "github:rycee/home-manager/release-24.11"; deploy-rs.url = "github:serokell/deploy-rs"; - common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?rev=39edfefa5871d07c9f88ce92a55995eb347d9b09"; - common.inputs.home-manager.follows = "home-manager"; + + # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?rev=39edfefa5871d07c9f88ce92a55995eb347d9b09"; + # common.inputs.home-manager.follows = "home-manager"; + + # Use relative to get current version for testing + # common.url = "path:../../flakes/common"; + common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/common"; }; outputs = { self, nixpkgs, + home-manager, common, deploy-rs, ... - }: + }@inputs: let configuration_name = "l001"; + system = "x86_64-linux"; + stateVersion = "24.11"; + primaryUser = "root"; lib = nixpkgs.lib; in { @@ -38,51 +47,59 @@ nixosConfigurations = { "${configuration_name}" = ( lib.nixosSystem { + inherit system; + specialArgs = { + inherit inputs; + }; modules = [ - common.nixosModules.default - ./configuration.nix + home-manager.nixosModules.default + + common.nixosModules.essentials + common.nixosModules.git + common.nixosModules.hardening + common.nixosModules.nix_options + common.nixosModules.zsh + ./hardware-configuration.nix ./linode.nix ./nginx.nix ./headscale.nix ( { config, pkgs, ... }: - { - ringofstorms_common = { - systemName = configuration_name; - general = { - disableRemoteBuildsOnLio = true; - readWindowsDrives = false; - jetbrainsMonoFont = false; - ttyCapsEscape = false; - }; - programs = { - ssh.enable = true; - }; - users = { - users = { - root = { - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJuo6L6V52AzdQIK6fWW9s0aX1yKUUTXbPd8v8IU9p2o nix2linode" - ]; - shell = pkgs.zsh; - }; - }; - }; - homeManager = { - users = { - root = { - imports = with common.homeManagerModules; [ - tmux - atuin - git - postgres - starship - zoxide - zsh - ]; - }; - }; + rec { + # Home Manager + home-manager = { + useUserPackages = true; + useGlobalPkgs = true; + backupFileExtension = "bak"; + # add all normal users to home manager so it applies to them + users = lib.mapAttrs (name: user: { + home.stateVersion = stateVersion; + programs.home-manager.enable = true; + }) (lib.filterAttrs (name: user: user.isNormalUser or false) users.users); + + sharedModules = [ + common.homeManagerModules.tmux + common.homeManagerModules.atuin + common.homeManagerModules.git + common.homeManagerModules.postgres_cli_options + common.homeManagerModules.starship + common.homeManagerModules.zoxide + common.homeManagerModules.zsh + ]; + }; + + # System configuration + system.stateVersion = stateVersion; + networking.hostName = configuration_name; + programs.nh.flake = "/home/${primaryUser}/.config/nixos-config/hosts/${configuration_name}"; + nixpkgs.config.allowUnfree = true; + users.users = { + "${primaryUser}" = { + shell = pkgs.zsh; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJuo6L6V52AzdQIK6fWW9s0aX1yKUUTXbPd8v8IU9p2o nix2linode" + ]; }; }; } From 9b8c26f558c7495d6581e4c97fce206152a36a3d Mon Sep 17 00:00:00 2001 From: "RingOfStorms (Joshua Bell)" Date: Mon, 10 Nov 2025 00:26:57 -0600 Subject: [PATCH 2/2] upgrade nixpkgs from 24 to 25 for l001 --- hosts/linode/l001/flake.lock | 24 ++++++++++++------------ hosts/linode/l001/flake.nix | 6 +++--- hosts/linode/l001/nginx.nix | 3 +-- 3 files changed, 16 insertions(+), 17 deletions(-) diff --git a/hosts/linode/l001/flake.lock b/hosts/linode/l001/flake.lock index 23af41d..824b057 100644 --- a/hosts/linode/l001/flake.lock +++ b/hosts/linode/l001/flake.lock @@ -58,16 +58,16 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1747688870, - "narHash": "sha256-ypL9WAZfmJr5V70jEVzqGjjQzF0uCkz+AFQF7n9NmNc=", + "lastModified": 1758463745, + "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", "owner": "rycee", "repo": "home-manager", - "rev": "d5f1f641b289553927b3801580598d200a501863", + "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", "type": "github" }, "original": { "owner": "rycee", - "ref": "release-24.11", + "ref": "release-25.05", "repo": "home-manager", "type": "github" } @@ -90,32 +90,32 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1746055187, - "narHash": "sha256-3dqArYSMP9hM7Qpy5YWhnSjiqniSaT2uc5h2Po7tmg0=", + "lastModified": 1753345091, + "narHash": "sha256-CdX2Rtvp5I8HGu9swBmYuq+ILwRxpXdJwlpg8jvN4tU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3e362ce63e16b9572d8c2297c04f7c19ab6725a5", + "rev": "3ff0e34b1383648053bba8ed03f201d3466f90c9", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-24.11", + "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_3": { "locked": { - "lastModified": 1751274312, - "narHash": "sha256-/bVBlRpECLVzjV19t5KMdMFWSwKLtb5RyXdjz3LJT+g=", + "lastModified": 1762498405, + "narHash": "sha256-Zg/SCgCaAioc0/SVZQJxuECGPJy+OAeBcGeA5okdYDc=", "owner": "nixos", "repo": "nixpkgs", - "rev": "50ab793786d9de88ee30ec4e4c24fb4236fc2674", + "rev": "6faeb062ee4cf4f105989d490831713cc5a43ee1", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-24.11", + "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } diff --git a/hosts/linode/l001/flake.nix b/hosts/linode/l001/flake.nix index c1e3fef..4aae7be 100644 --- a/hosts/linode/l001/flake.nix +++ b/hosts/linode/l001/flake.nix @@ -1,7 +1,7 @@ { inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; - home-manager.url = "github:rycee/home-manager/release-24.11"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; + home-manager.url = "github:rycee/home-manager/release-25.05"; deploy-rs.url = "github:serokell/deploy-rs"; # common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?rev=39edfefa5871d07c9f88ce92a55995eb347d9b09"; @@ -76,7 +76,7 @@ users = lib.mapAttrs (name: user: { home.stateVersion = stateVersion; programs.home-manager.enable = true; - }) (lib.filterAttrs (name: user: user.isNormalUser or false) users.users); + }) (lib.filterAttrs (name: user: name == "root" || (user.isNormalUser or false)) users.users); sharedModules = [ common.homeManagerModules.tmux diff --git a/hosts/linode/l001/nginx.nix b/hosts/linode/l001/nginx.nix index e262731..e0ef744 100644 --- a/hosts/linode/l001/nginx.nix +++ b/hosts/linode/l001/nginx.nix @@ -3,8 +3,7 @@ }: { security.acme.acceptTerms = true; - security.acme.email = "admin@joshuabell.xyz"; - # security.acme.default.email = "admin@joshuabell.xyz"; + security.acme.default.email = "admin@joshuabell.xyz"; services.nginx = { enable = true; recommendedGzipSettings = true;