NASP/NixOS-Config
47
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

build: nixos 25.05

Browse Source
This commit is contained in:
Dict Xiong 2025-06-12 00:43:35 +08:00
parent 9c6d9a0495
commit ed9f6d2165
5 changed files with 47 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
flake.lock generated
View File

@ -2,43 +2,27 @@
"nodes": { "nodes": {
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1717696253, "lastModified": 1749494155,
"narHash": "sha256-1+ua0ggXlYYPLTmMl3YeYYsBXDSCqT+Gw3u6l4gvMhA=", "narHash": "sha256-FG4DEYBpROupu758beabUk9lhrblSf5hnv84v1TLqMc=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "9b5328b7f761a7bbdc0e332ac4cf076a3eedb89b", "rev": "88331c17ba434359491e8d5889cce872464052c2",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-24.05", "ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1716655032,
"narHash": "sha256-kQ25DAiCGigsNR/Quxm3v+JGXAEXZ8I7RAF4U94bGzE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "59a450646ec8ee0397f5fa54a08573e8240eb91f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-23.11",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1718543737, "lastModified": 1749558678,
"narHash": "sha256-e8S/ODM1vkKHIexSVn9nIvne7vRO5M+35VAq/6JOYto=", "narHash": "sha256-DUVAe8E2X2QM0dAnTGlTiqemMqUMMyIeCH7UeNo0g64=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "683aa7c4e385509ca651d49eeb35e58c7a1baad6", "rev": "a12f3a99614894502e73eb816e9e076b0ab05730",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -59,15 +43,14 @@
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ]
"nixpkgs-stable": "nixpkgs-stable"
}, },
"locked": { "locked": {
"lastModified": 1716692524, "lastModified": 1749592509,
"narHash": "sha256-sALodaA7Zkp/JD6ehgwc0UCBrSBfB4cX66uFGTsqeFU=", "narHash": "sha256-VunQzfZFA+Y6x3wYi2UE4DEQ8qKoAZZCnZPUlSoqC+A=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "962797a8d7f15ed7033031731d0bb77244839960", "rev": "50754dfaa0e24e313c626900d44ef431f3210138",
"type": "github" "type": "github"
}, },
"original": { "original": {

2
flake.nix
View File

@ -1,7 +1,7 @@
{ {
description = "NixOS System Config"; description = "NixOS System Config";
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
sops-nix.url = "github:Mic92/sops-nix"; sops-nix.url = "github:Mic92/sops-nix";
sops-nix.inputs.nixpkgs.follows = "nixpkgs"; sops-nix.inputs.nixpkgs.follows = "nixpkgs";

3
hosts/g17/configuration.nix
View File

@ -17,9 +17,6 @@
}; };
}; };
networking.hostId = "c5543d16"; networking.hostId = "c5543d16";
security.sudo.extraConfig = ''
%nasp ALL = (root) NOPASSWD: /run/wrappers/bin/crontab
'';
hardware.nvidia.package = lib.mkForce config.boot.kernelPackages.nvidiaPackages.stable; hardware.nvidia.package = lib.mkForce config.boot.kernelPackages.nvidiaPackages.stable;
system.stateVersion = "24.05"; system.stateVersion = "24.05";

69
hosts/modules/nasp.nix
View File

@ -166,10 +166,9 @@ in
open = false; open = false;
nvidiaSettings = true; nvidiaSettings = true;
}; };
hardware.opengl = { hardware.graphics = {
enable = true; enable = true;
driSupport = true; enable32Bit = true;
driSupport32Bit = true;
}; };
hardware.nvidia-container-toolkit.enable = true; hardware.nvidia-container-toolkit.enable = true;
systemd.services.nvidia-container-toolkit-cdi-generator = { systemd.services.nvidia-container-toolkit-cdi-generator = {
@ -352,36 +351,36 @@ in
(lib.mkIf (gCfg.enable) { (lib.mkIf (gCfg.enable) {
## network ## network
networking.hostName = assert (gCfg.serial > 0); "g" + (builtins.toString gCfg.serial); networking.hostName = assert (gCfg.serial > 0); "g" + (builtins.toString gCfg.serial);
networking.search = [ "nasp" ]; networking.search = [ "" ];
networking.nameservers = [ "192.168.16.118" ]; networking.nameservers = [ "192.168.16.1" ];
networking.extraHosts = '' networking.extraHosts = ''
192.168.16.101 g1-nasp g1 192.168.16.1 nasp.fit git.nasp.fit
192.168.16.102 g2-nasp g2 192.168.16.101 g1.nasp g1
192.168.16.103 g3-nasp g3 192.168.16.102 g2.nasp g2
192.168.16.104 g4-nasp g4 192.168.16.103 g3.nasp g3
192.168.16.105 g5-nasp g5 192.168.16.104 g4.nasp g4
192.168.16.106 g6-nasp g6 192.168.16.105 g5.nasp g5
192.168.16.107 g7-nasp g7 192.168.16.106 g6.nasp g6
192.168.16.108 g8-nasp g8 192.168.16.107 g7.nasp g7
192.168.16.109 g9-nasp g9 192.168.16.108 g8.nasp g8
192.168.16.110 g10-nasp g10 192.168.16.109 g9.nasp g9
192.168.16.111 g11-nasp g11 192.168.16.110 g10.nasp g10
192.168.16.112 g12-nasp g12 192.168.16.111 g11.nasp g11
192.168.16.113 g13-nasp g13 192.168.16.112 g12.nasp g12
192.168.16.114 g14-nasp g14 192.168.16.113 g13.nasp g13
192.168.16.115 g15-nasp g15 192.168.16.114 g14.nasp g14
192.168.16.116 g16-nasp g16 192.168.16.115 g15.nasp g15
192.168.16.117 g17-nasp g17 192.168.16.116 g16.nasp g16
192.168.16.118 g18-nasp g18 nasp.fit git.nasp.fit 192.168.16.117 g17.nasp g17
192.168.16.119 g19-nasp g19 192.168.16.118 g18.nasp g18
192.168.16.120 g20-nasp g20 192.168.16.119 g19.nasp g19
''; '';
networking.firewall.extraCommands = '' networking.firewall.extraCommands = ''
iptables -A INPUT -s 192.168.16.0/24 -j ACCEPT iptables -A INPUT -s 192.168.16.0/24 -j ACCEPT
iptables -A INPUT -s 12.12.12.0/24 -j ACCEPT iptables -A INPUT -s 12.12.12.0/24 -j ACCEPT
''; '';
fileSystems."/gshare" = { fileSystems."/gshare" = {
device = "192.168.16.118:/data1/share"; device = "192.168.16.1:/data1/share";
fsType = "nfs"; fsType = "nfs";
}; };
## packages and services ## packages and services
@ -397,7 +396,7 @@ in
}; };
services.ntp = { services.ntp = {
enable = true; enable = true;
servers = [ "192.168.16.118" ]; servers = [ "192.168.16.1" ];
}; };
}) })
(lib.mkIf (gCfg.enable && gCfg.eth0Name != "") { (lib.mkIf (gCfg.enable && gCfg.eth0Name != "") {
@ -410,18 +409,14 @@ in
address = [ "192.168.16.${builtins.toString (gCfg.serial + 100)}/24" ]; address = [ "192.168.16.${builtins.toString (gCfg.serial + 100)}/24" ];
routes = [ routes = [
{ {
routeConfig = { Gateway = "192.168.16.1";
Gateway = "192.168.16.118"; GatewayOnLink = true;
GatewayOnLink = true; Metric = 90;
Metric = 90;
};
} }
{ {
routeConfig = { Gateway = "fd01:da8:bf:300::1";
Gateway = "fd01:da8:bf:300::1"; GatewayOnLink = true;
GatewayOnLink = true; Metric = 90;
Metric = 90;
};
} }
]; ];
}; };

3
rebuild.sh Executable file
View File

@ -0,0 +1,3 @@
for i in {1,2,3,5,6,7,8,10,11,12,13,14,17}; do
NIX_SSHOPTS="-p 12022 -o StrictHostKeyChecking=accept-new" nixos-rebuild $1 --target-host g$i --flake .#g$i
done