From c32e803f2c347a7f5816283a6fdb9c180151296a Mon Sep 17 00:00:00 2001 From: albert Date: Thu, 21 Mar 2024 18:51:41 +0900 Subject: [PATCH] Testing --- lib/default.nix | 8 ++++---- nixos/common/modules/networking.nix | 13 +++++++------ .../common/services/tailscale-autoconnect.nix | 4 ++-- nixos/containers/default.nix | 11 +++++++++++ nixos/containers/rdesktop/default.nix | 19 +++---------------- nixos/hosts/framework-server/containers.nix | 2 +- nixos/hosts/framework-server/default.nix | 2 +- 7 files changed, 29 insertions(+), 30 deletions(-) create mode 100644 nixos/containers/default.nix diff --git a/lib/default.nix b/lib/default.nix index 53e03f27..9195c5a1 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -32,7 +32,7 @@ # Helper function for generating container configs mkContainer = { - container, + hostname, username ? "albert", desktop ? null, system ? "x86_64-linux", @@ -47,10 +47,10 @@ }: { autoStart = true; privateNetwork = false; - specialArgs = { inherit pkgs pkgs-unstable container username desktop theme system repo unfree stateVersion; }; - config = { lib, config, pkgs, pkgs-unstable, container, username, desktop, theme, system, repo, stateVersion, ... }: { + specialArgs = { inherit pkgs pkgs-unstable hostname username desktop theme system repo unfree stateVersion; }; + config = { lib, config, pkgs, pkgs-unstable, hostname, username, desktop, theme, system, repo, stateVersion, ... }: { system.stateVersion = stateVersion; - imports = [ ../nixos/containers/${container} ]; + imports = [ ../nixos/containers ]; }; }; diff --git a/nixos/common/modules/networking.nix b/nixos/common/modules/networking.nix index d84ab732..b0f53eeb 100644 --- a/nixos/common/modules/networking.nix +++ b/nixos/common/modules/networking.nix @@ -1,13 +1,13 @@ -{lib, pkgs, config, ...}: { - # Enable networking with NetworkManager +{lib, ... }: { + # Enable networking with NetworkManager networking = { networkmanager = { enable = true; }; useDHCP = lib.mkDefault true; - enableIPv6 = lib.mkForce false; + # enableIPv6 = lib.mkForce false; firewall = { enable = true; allowedTCPPorts = [ ]; @@ -15,7 +15,8 @@ }; }; - boot.kernel.sysctl = { - "net.ipv6.conf.all.disable_ipv6" = true; - }; +# boot.kernel.sysctl = { +# "net.ipv6.conf.all.disable_ipv6" = true; +# }; + } diff --git a/nixos/common/services/tailscale-autoconnect.nix b/nixos/common/services/tailscale-autoconnect.nix index aaf8ef18..b07c638b 100644 --- a/nixos/common/services/tailscale-autoconnect.nix +++ b/nixos/common/services/tailscale-autoconnect.nix @@ -1,4 +1,4 @@ -{ inputs, config, lib, pkgs, modulesPath, hostname, ... }: { +{ hostname, ... }: { # Generic Tailscale configs are in /nixos/common/services/tailscale.nix # Set up the secrets file: sops.secrets."tailscale_key" = { @@ -10,4 +10,4 @@ ]; }; services.tailscale.authKeyFile = "/run/secrets/tailscale_key"; -} \ No newline at end of file +} diff --git a/nixos/containers/default.nix b/nixos/containers/default.nix new file mode 100644 index 00000000..e8803591 --- /dev/null +++ b/nixos/containers/default.nix @@ -0,0 +1,11 @@ +{ hostname, username, ... }: { + import = [ + ./${hostname} + ../users/${username} + ../common/modules/nixos.nix + ../common/modules/networking.nix + ../common/services/tailscale-autoconnect.nix + ]; + + networking.hostname = "${hostname}"; +} diff --git a/nixos/containers/rdesktop/default.nix b/nixos/containers/rdesktop/default.nix index 3716e583..7a424730 100644 --- a/nixos/containers/rdesktop/default.nix +++ b/nixos/containers/rdesktop/default.nix @@ -1,26 +1,13 @@ -{ pkgs, username, stateVersion, desktop, ... }: { +{ hostname, username, desktop, ... }: { imports = [ - # ../../common/desktops/${desktop} - ../../users/${username} - ../../common/modules/nixos.nix - ../../common/modules/networking.nix - ../../common/services/tailscale-autoconnect.nix + ../../common/desktops/${desktop} ]; + networking.hostName = "${hostname}"; networking.firewall.allowedTCPPorts = [ 3389 ]; - services.xserver = { - enable = true; - desktopManager = { - xterm.enable = false; - xfce.enable = true; - }; - displayManager.defaultSession = "xfce"; - }; - services.xrdp = { enable = true; openFirewall = true; - defaultWindowManager = "xfce4-session"; }; } diff --git a/nixos/hosts/framework-server/containers.nix b/nixos/hosts/framework-server/containers.nix index 2810e8ff..e470214b 100644 --- a/nixos/hosts/framework-server/containers.nix +++ b/nixos/hosts/framework-server/containers.nix @@ -3,6 +3,6 @@ let libx = import ../../../lib {inherit self inputs outputs stateVersion hmStateVersion pkgs-unstable pkgs; }; in { containers = { - rdesktop = libx.mkContainer { container = "rdesktop"; desktop = "xfce"; unfree = true;}; + rdesktop = libx.mkContainer { hostname = "rdesktop"; desktop = "xfce"; unfree = true;}; }; } diff --git a/nixos/hosts/framework-server/default.nix b/nixos/hosts/framework-server/default.nix index ca6aa49d..83b935a8 100644 --- a/nixos/hosts/framework-server/default.nix +++ b/nixos/hosts/framework-server/default.nix @@ -1,4 +1,4 @@ -{ self, inputs, outputs, username, stateVersion, hmStateVersion, config, lib, pkgs, modulesPath, system, ... }: { +{ inputs, config, lib, pkgs, modulesPath, system, ... }: { imports = [ inputs.nixos-hardware.nixosModules.framework-13th-gen-intel (modulesPath + "/installer/scan/not-detected.nix")