From 0d6fe4e94164e5256f74bdffbd1b651997b7bfc6 Mon Sep 17 00:00:00 2001 From: Aaron Honeycutt Date: Mon, 28 Jul 2025 07:35:33 -0600 Subject: [PATCH] update EDI config on GitLab --- homelab/ahoneybun-net/default.nix | 36 +++---- homelab/gollum/default.nix | 19 +++- homelab/honeyfetch-app/default.nix | 36 +++---- hosts/x86_64/edi/configuration.nix | 151 +++++++++++------------------ 4 files changed, 109 insertions(+), 133 deletions(-) diff --git a/homelab/ahoneybun-net/default.nix b/homelab/ahoneybun-net/default.nix index 86eb87e..98f8cc5 100644 --- a/homelab/ahoneybun-net/default.nix +++ b/homelab/ahoneybun-net/default.nix @@ -1,23 +1,6 @@ { config, pkgs, lib, ... }: { - systemd.user.services."website-zola-build" = { - enable = true; - description = "rebuild zola website"; - serviceConfig = { - ExecStart = "/run/current-system/sw/bin/zola -r /mnt/DATA/Website/ahoneybun-net build"; - }; - wantedBy = [ "default.target" ]; - }; - - systemd.user.timers."website-zola-build" = { - wantedBy = [ "timers.target" ]; - timerConfig = { - OnBootSec = "2h"; - OnUnitActiveSec = "7h"; - }; - }; - services.nginx = { enable = true; virtualHosts."ahoneybun.net" = { @@ -34,4 +17,21 @@ }; }; }; -} \ No newline at end of file + + systemd.user.services."website-zola-build" = { + enable = true; + description = "rebuild zola website"; + serviceConfig = { + ExecStart = "/run/current-system/sw/bin/zola -r /mnt/DATA/Website/ahoneybun-net build"; + }; + wantedBy = [ "default.target" ]; + }; + + systemd.user.timers."website-zola-build" = { + wantedBy = [ "timers.target" ]; + timerConfig = { + OnBootSec = "2h"; + OnUnitActiveSec = "7h"; + }; + }; +} diff --git a/homelab/gollum/default.nix b/homelab/gollum/default.nix index e96d878..938544c 100644 --- a/homelab/gollum/default.nix +++ b/homelab/gollum/default.nix @@ -6,4 +6,21 @@ no-edit = true; stateDir = "/mnt/DATA/Wiki"; }; -} \ No newline at end of file + + systemd.user.services."wiki-git-update" = { + enable = true; + description = "wiki-git-update runs git to pull latest wiki changes"; + serviceConfig = { + ExecStart = "/run/current-system/sw/bin/git -C /mnt/DATA/knowledge-base pull"; + }; + wantedBy = [ "default.target" ]; + }; + + systemd.user.timers."wiki-git-update" = { + wantedBy = [ "timers.target" ]; + timerConfig = { + OnBootSec = "1h"; + OnUnitActiveSec = "6h"; + }; + }; +} diff --git a/homelab/honeyfetch-app/default.nix b/homelab/honeyfetch-app/default.nix index 660ff85..442e5f2 100644 --- a/homelab/honeyfetch-app/default.nix +++ b/homelab/honeyfetch-app/default.nix @@ -1,23 +1,6 @@ { config, pkgs, lib, ... }: { - systemd.user.services."honeyfetch-website-zola-build" = { - enable = true; - description = "rebuild zola honeyfetch website"; - serviceConfig = { - ExecStart = "/run/current-system/sw/bin/zola -r /mnt/DATA/honeyfetch-website build"; - }; - wantedBy = [ "default.target" ]; - }; - - systemd.user.timers."honeyfetch-website-zola-build" = { - wantedBy = [ "timers.target" ]; - timerConfig = { - OnBootSec = "2h"; - OnUnitActiveSec = "7h"; - }; - }; - services.nginx = { enable = true; virtualHosts."honeyfetch.app" = { @@ -40,4 +23,21 @@ }; }; }; -} \ No newline at end of file + + systemd.user.services."honeyfetch-website-zola-build" = { + enable = true; + description = "rebuild zola honeyfetch website"; + serviceConfig = { + ExecStart = "/run/current-system/sw/bin/zola -r /mnt/DATA/honeyfetch-website build"; + }; + wantedBy = [ "default.target" ]; + }; + + systemd.user.timers."honeyfetch-website-zola-build" = { + wantedBy = [ "timers.target" ]; + timerConfig = { + OnBootSec = "2h"; + OnUnitActiveSec = "7h"; + }; + }; +} diff --git a/hosts/x86_64/edi/configuration.nix b/hosts/x86_64/edi/configuration.nix index 2f89ba3..926f91a 100644 --- a/hosts/x86_64/edi/configuration.nix +++ b/hosts/x86_64/edi/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, ... }: +{ config, pkgs, lib, inputs, ... }: { imports = @@ -8,68 +8,80 @@ boot.loader = { systemd-boot.enable = true; + systemd-boot.consoleMode = "0"; + systemd-boot.configurationLimit = 5; efi.canTouchEfiVariables = true; }; -## Disabled as the drives may not be there when I install the OS. - -# boot.swraid = { -# enable = true; -# mdadmConf = '' -# ARRAY /dev/md/edi:DATA metadata=1.2 UUID=f0384881:84c12f70:3dcad802:653ccc30 -# MAILADDR root -# ''; -# }; + # Change the UUID for the new RAID setup + boot.swraid = { + enable = true; + mdadmConf = '' + ARRAY /dev/md/edi:DATA metadata=1.2 UUID=f0384881:84c12f70:3dcad802:653ccc30 + MAILADDR root + ''; + }; boot.kernelParams = [ "console=tty0" ]; boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; -## Disabled as the drives may not be there when I install the OS. - -# fileSystems = { -# "/mnt/DATA" = { -# device = "/dev/md127"; -# }; -# }; + fileSystems = { + "/mnt/DATA" = { + device = "/dev/md127"; + }; + }; nix.settings = { experimental-features = [ "nix-command" "flakes" ]; extra-platforms = [ "aarch64-linux" ]; + trusted-users = [ "aaronh" ]; }; - nix.buildMachines = [{ - hostName = "localhost"; - systems = ["x86_64-linux" - "aarch64-linux"]; - supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ]; - maxJobs = 8; - }]; + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 1w"; + }; nixpkgs.config.allowUnfree = true; + # Set your time zone. + time.timeZone = "America/Denver"; + # Define user accounts users.users.aaronh = { description = "Aaron Honeycutt"; home = "/home/aaronh"; - extraGroups = [ "wheel" "networkmanager" "adm" "video" ]; + extraGroups = [ "wheel" "networkmanager" "adm" "video" "docker" ]; isNormalUser = true; hashedPassword = "$6$aAcbLtqiqzySifls$jdKMOQjoWITHD/dWNNZVUH/qNc6aoJ7v4zYofi0U7IJSVTbmOfChS3mzaJbp57AodjdPNKPrnrip8Nlh2Qanx."; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBAqd2jZ2ULrFvna4KbdgZrDyvlXNFONzZzrImSkT/W aaronhoneycutt@protonmail.com" + ]; + }; + + security.sudo.wheelNeedsPassword = false; + + environment.variables = { + EDITOR = "hx"; + VISUAL = "hx"; }; # Install some packages - environment.systemPackages = - with pkgs; + environment.systemPackages = + with pkgs; [ - bottom - busybox - byobu - cloudflared - ffmpeg-full - freshfetch - git - git-lfs - tmux - zola + bottom + busybox + cloudflared + docker + docker-compose + ffmpeg-full + git + git-lfs + helix + restic + zola ]; hardware.graphics = { @@ -79,9 +91,10 @@ networking.hostName = "edi"; networking.firewall = { enable = true; - # 11434 = Ollama + # 8384 = Syncthing + # 9999 = crab-hole # 25565 = Minecraft - allowedTCPPorts = [ 80 443 2342 9091 11434 25565 ]; + allowedTCPPorts = [ 80 443 2342 5000 8384 9000 9091 9999 25565 ]; }; nixpkgs.config.permittedInsecurePackages = [ @@ -94,64 +107,10 @@ PermitRootLogin = "no"; }; - # Services - services.hydra = { - enable = true; - hydraURL = "localhost:3000"; - buildMachinesFiles = [ "/etc/nix/machines" ]; - notificationSender = "hydra@localhost"; - useSubstitutes = true; - }; - - services.ollama = { - enable = true; - acceleration = "rocm"; - environmentVariables = - { - OLLAMA_HOST = "0.0.0.0"; - }; - }; - services.tailscale.enable = true; -## These are disabled currently as I am testing this. - - systemd.user.services."website-git-update" = { - enable = false; - description = "website-git-update runs git to pull latest website changes"; - serviceConfig = { - ExecStart = "/run/current-system/sw/bin/git -C /mnt/DATA/Website/ahoneybun.net pull"; - }; - wantedBy = [ "default.target" ]; - }; - - systemd.user.timers."website-git-update" = { - wantedBy = [ "timers.target" ]; - timerConfig = { - OnBootSec = "15m"; - OnUnitActiveSec = "15m"; - }; - }; - - systemd.user.services."website-zola-build" = { - enable = false; - description = "rebuild zola website"; - serviceConfig = { - ExecStart = "/run/current-system/sw/bin/zola -r /mnt/DATA/Website/ahoneybun.net build"; - }; - wantedBy = [ "default.target" ]; - }; - - systemd.user.timers."website-zola-build" = { - wantedBy = [ "timers.target" ]; - timerConfig = { - OnBootSec = "30m"; - OnUnitActiveSec = "30m"; - }; - }; - - # System - system.stateVersion = "24.11"; + # System + system.stateVersion = "25.05"; system.autoUpgrade.enable = true; -} \ No newline at end of file +}