root/the_prg_server_configuration_old
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Alejandra'd repo, added better dry run script.
All checks were successful
Build Nix modules (dry-run) / build-modules (push) Successful in 3m32s
Details

Browse source
This commit is contained in:
Root User 2026-02-12 20:11:30 +01:00
parent 32cf42d11d
commit 387fb668b3
Signed by: root
GPG key ID: 087F0A95E5766D72
11 changed files with 101 additions and 64 deletions
Download patch file Download diff file Expand all files Collapse all files

9
README.md
View file

@ -14,19 +14,20 @@ TODO HECK
- [x] Do a massive overhaul of the file structure, like there should be like modules where it is possible to call things to be packages. I.e. Calling the OVMF/SeaBIOS + Gnome/Plasma/Sway + Local changes, which two former would be separate .nix files. -> Probably will do a V3 or v2.1 later on when mature - [x] Do a massive overhaul of the file structure, like there should be like modules where it is possible to call things to be packages. I.e. Calling the OVMF/SeaBIOS + Gnome/Plasma/Sway + Local changes, which two former would be separate .nix files. -> Probably will do a V3 or v2.1 later on when mature
- [ ] Add the .env for the configurations so that we add the `git config --global user.email "you@example.com"` and `git config --global user.name "Your Name"` with the account custom made for this. - [ ] Add the .env for the configurations so that we add the `git config --global user.email "you@example.com"` and `git config --global user.name "Your Name"` with the account custom made for this.
- [?] Clean up the hanging configurations -> PiHole DNS Stuff needs to be transferred over elegantly, don't want to touch it unless I am myself en-site. - [ ] Clean up the hanging configurations -> PiHole DNS Stuff needs to be transferred over elegantly, don't want to touch it unless I am myself en-site.
- [x] Find a more clean way to store initial passwords (.env??) -> [nix-sops](https://github.com/Mic92/sops-nix) - [x] Find a more clean way to store initial passwords (.env??) -> [nix-sops](https://github.com/Mic92/sops-nix)
- [?] Create proper build automation scripts -> Needs to be properly done. - [x] Create proper build automation scripts -> Needs to be properly done.
- [ ] Attach more NixOS weblinks... - [ ] Attach more NixOS weblinks...
- [ ] Update Forgejo Styling - [ ] Update Forgejo Styling
- [x] Figure out what the ***hecc*** to do with SSL Certifications in the most elegant way -> Use Traefik - [x] Figure out what the ***hecc*** to do with SSL Certifications in the most elegant way -> Use Traefik
- [x] Add Git Actions to Forgejo -> It was already added, just need to setup the CI itself. - [x] Add Git Actions to Forgejo -> It was already added, just need to setup the CI itself.
- [ ] Setup the CI backend. - [x] Setup the CI backend.
- [x] Create the Podman x Portainer NixOS module -> See `Songsheet` - [x] Create the Podman x Portainer NixOS module -> See `Songsheet`
- [ ] Read up more about how to a backup machine stuff and making it Nix-y... - [ ] Read up more about how to a backup machine stuff and making it Nix-y...
- [ ] Figure out my life - [ ] Figure out my life
- [ ] Setup Hardware Keys - [ ] Setup Hardware Keys
- [ ] Setup a VPN (Likely OpenVPN) - [x] Setup a VPN
- [ ] Setup Alejandra pre-commit hook
## NOTES FOR FUTURE ## NOTES FOR FUTURE

39
dry_run.zsh
View file

@ -21,8 +21,43 @@ if [[ -n "$1" ]]; then
configs=("$1") configs=("$1")
fi fi
# Track results
passed_configs=()
failed_configs=()
for config in "${configs[@]}"; do for config in "${configs[@]}"; do
echo "=== Dry-run: $config ===" echo "Dry-run: $config ==="
nix build --dry-run ".#nixosConfigurations.${config}.config.system.build.toplevel" || true if nix build --dry-run ".#nixosConfigurations.${config}.config.system.build.toplevel" 2>&1; then
echo "[PASSED]: $config"
passed_configs+=("$config")
else
echo "[FAILED]: $config"
failed_configs+=("$config")
fi
echo echo
done done
# Print summary
echo "BUILD SUMMARY"
echo "Total: ${#configs[@]} | Passed: ${#passed_configs[@]} | Failed: ${#failed_configs[@]}"
echo
if [[ ${#passed_configs[@]} -gt 0 ]]; then
echo "Passed configs:"
for c in "${passed_configs[@]}"; do
echo " - $c"
done
echo
fi
if [[ ${#failed_configs[@]} -gt 0 ]]; then
echo "Failed configs:"
for c in "${failed_configs[@]}"; do
echo " - $c"
done
echo
exit 1
fi
echo "All configurations passed!"
exit 0

1
nix-system-configs/modules/secrets-config/sops-build-machine.nix
View file

@ -34,5 +34,4 @@
owner = "root"; owner = "root";
mode = "0400"; mode = "0400";
}; };
} }

8
nix-system-configs/modules/system/build_machine.nix
View file

@ -13,7 +13,6 @@
fsType = "ext4"; fsType = "ext4";
}; };
}; };
in { in {
options.local = { options.local = {
hostname = lib.mkOption { hostname = lib.mkOption {
@ -38,13 +37,15 @@ in {
}; };
}; };
imports = [ imports =
[
(choose [./modules/local/hostname_username.nix ../local/hostname_username.nix]) (choose [./modules/local/hostname_username.nix ../local/hostname_username.nix])
(choose [./modules/local/networking_local.nix ../local/networking_local.nix]) (choose [./modules/local/networking_local.nix ../local/networking_local.nix])
(choose [./modules/lix-default.nix ../lix-default.nix]) (choose [./modules/lix-default.nix ../lix-default.nix])
(choose [./modules/secrets-config/sops-build-machine.nix ../secrets-config/sops-build-machine.nix]) (choose [./modules/secrets-config/sops-build-machine.nix ../secrets-config/sops-build-machine.nix])
## TODO: Make this more elegant and less risky for unexpected errors happening. ## TODO: Make this more elegant and less risky for unexpected errors happening.
] ++ lib.optional (builtins.pathExists ./hardware-configuration.nix) ./hardware-configuration.nix ]
++ lib.optional (builtins.pathExists ./hardware-configuration.nix) ./hardware-configuration.nix
++ lib.optional (!builtins.pathExists ./hardware-configuration.nix) dummyFileSystems; ++ lib.optional (!builtins.pathExists ./hardware-configuration.nix) dummyFileSystems;
config = { config = {
@ -180,7 +181,6 @@ in {
defaultNetwork.settings.dns_enabled = true; defaultNetwork.settings.dns_enabled = true;
}; };
# Network configuration for the build machine on the Proxmox bridge # Network configuration for the build machine on the Proxmox bridge
networking.interfaces.ens18.ipv4.addresses = [ networking.interfaces.ens18.ipv4.addresses = [
{ {

6
nix-system-configs/modules/system/database.nix
View file

@ -29,7 +29,8 @@ in {
}; };
}; };
imports = [ imports =
[
(choose [./modules/desktop-manager/gnome.nix ../desktop-manager/gnome.nix]) (choose [./modules/desktop-manager/gnome.nix ../desktop-manager/gnome.nix])
(choose [./modules/local/hostname_username.nix ../local/hostname_username.nix]) (choose [./modules/local/hostname_username.nix ../local/hostname_username.nix])
(choose [./modules/local/networking_local.nix ../local/networking_local.nix]) (choose [./modules/local/networking_local.nix ../local/networking_local.nix])
@ -38,7 +39,8 @@ in {
(choose [./modules/secrets-config/sops-database.nix ../secrets-config/sops-database.nix]) (choose [./modules/secrets-config/sops-database.nix ../secrets-config/sops-database.nix])
(choose [./modules/system_scripts/gcloud_backup.nix ../system_scripts/gcloud_backup.nix]) (choose [./modules/system_scripts/gcloud_backup.nix ../system_scripts/gcloud_backup.nix])
## TODO: Make this more elegant and less risky for unexpected errors happening. ## TODO: Make this more elegant and less risky for unexpected errors happening.
] ++ lib.optional (builtins.pathExists ./hardware-configuration.nix) ./hardware-configuration.nix; ]
++ lib.optional (builtins.pathExists ./hardware-configuration.nix) ./hardware-configuration.nix;
config = { config = {
local.hostname = "nixosdd"; local.hostname = "nixosdd";