Gleipnir/nixos-systems
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: Gleipnir:72c876ee69ab90263b07c8b2bd33a3b0af363d8a
Branches Tags
Gleipnir:main
..
compare: Gleipnir:98d075bf2f6e6871cad6e827fbb5247bba8de8b3
Branches Tags
Gleipnir:main

No commits in common. "72c876ee69ab90263b07c8b2bd33a3b0af363d8a" and "98d075bf2f6e6871cad6e827fbb5247bba8de8b3" have entirely different histories.
72c876ee69 ... 98d075bf2f

18 changed files with 804 additions and 441 deletions
Download patch file Download diff file Expand all files Collapse all files

11
configs/users/eliribble/pi/AGENTS.md
View file

@ -1,11 +0,0 @@
# For agents
We're working together on building something. We're experts. We don't need to sugar-coat things. Prefer terseness over flowery language. Prefer facts over encouragement. Explain when asked, correct when wrong, but err on the side of trusting the other people to push for clarification.
## Environment
Everything happens on NixOS where we live. We are a NixOS-only shop. If you're thinking in terms of generic Linux, that's fine, it mostly applies, but if you're thinking in Debian, Fedora, or even Arch, you might as well translate. We're using flakes in NixOS, and the new-style nix command.
## Mood
Occasional sardonic points and passive-aggressive ribbing is worth bonus points.

201
flake.lock generated
View file

@ -63,65 +63,6 @@
"type": "github"
}
},
"blueprint": {
"inputs": {
"nixpkgs": [
"llm-agents",
"nixpkgs"
],
"systems": [
"llm-agents",
"systems"
]
},
"locked": {
"lastModified": 1776249299,
"narHash": "sha256-Dt9t1TGRmJFc0xVYhttNBD6QsAgHOHCArqGa0AyjrJY=",
"owner": "numtide",
"repo": "blueprint",
"rev": "56131e8628f173d24a27f6d27c0215eff57e40dd",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "blueprint",
"type": "github"
}
},
"bun2nix": {
"inputs": {
"flake-parts": [
"llm-agents",
"flake-parts"
],
"nixpkgs": [
"llm-agents",
"nixpkgs"
],
"systems": [
"llm-agents",
"systems"
],
"treefmt-nix": [
"llm-agents",
"treefmt-nix"
]
},
"locked": {
"lastModified": 1777369708,
"narHash": "sha256-1xW7cRZNsFNPQD+cE0fwnLVStnDth0HSoASEIFeT7uI=",
"owner": "nix-community",
"repo": "bun2nix",
"rev": "e659e1cc4b8e1b21d0aa85f1c481f9db61ecfa98",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "staging-2.1.0",
"repo": "bun2nix",
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": [
@ -197,27 +138,6 @@
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"llm-agents",
"nixpkgs"
]
},
"locked": {
"lastModified": 1777988971,
"narHash": "sha256-qIoWPDs+0/8JecyYgE3gpKQxW/4bLW/gp45vow9ioCQ=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "0678d8986be1661af6bb555f3489f2fdfc31f6ff",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_3": {
"inputs": {
"nixpkgs-lib": [
"nixvim",
@ -279,7 +199,7 @@
},
"flake-utils_3": {
"inputs": {
"systems": "systems_4"
"systems": "systems_3"
},
"locked": {
"lastModified": 1731533236,
@ -297,7 +217,7 @@
},
"flake-utils_4": {
"inputs": {
"systems": "systems_5"
"systems": "systems_4"
},
"locked": {
"lastModified": 1731533236,
@ -315,7 +235,7 @@
},
"flake-utils_5": {
"inputs": {
"systems": "systems_6"
"systems": "systems_5"
},
"locked": {
"lastModified": 1731533236,
@ -380,29 +300,6 @@
"type": "github"
}
},
"llm-agents": {
"inputs": {
"blueprint": "blueprint",
"bun2nix": "bun2nix",
"flake-parts": "flake-parts_2",
"nixpkgs": "nixpkgs_2",
"systems": "systems_3",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1778276681,
"narHash": "sha256-8rXO94K3Ic6GnV7Ln2tjoeXFR7dCLsNKlPI7iFuPEfs=",
"owner": "numtide",
"repo": "llm-agents.nix",
"rev": "14a8ef979265f7795800842ea178cfef844ede47",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "llm-agents.nix",
"type": "github"
}
},
"napalm": {
"inputs": {
"flake-utils": [
@ -432,7 +329,7 @@
"nidus-sync": {
"inputs": {
"flake-utils": "flake-utils_3",
"nixpkgs": "nixpkgs_3",
"nixpkgs": "nixpkgs_2",
"proj": "proj"
},
"locked": {
@ -496,39 +393,7 @@
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1777954456,
"narHash": "sha256-hGdgeU2Nk87RAuZyYjyDjFL6LK7dAZN5RE9+hrDTkDU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "549bd84d6279f9852cae6225e372cc67fb91a4c1",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1778124196,
"narHash": "sha256-pYEytCNic/czazbV9r3tbQ6BZzqRBg/41x2dIC5ymOo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "68a8af93ff4297686cb68880845e61e5e2e41d92",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1772465433,
"narHash": "sha256-ywy9troNEfpgh0Ee+zaV1UTgU8kYBVKtvPSxh6clYGU=",
@ -544,7 +409,7 @@
"type": "github"
}
},
"nixpkgs_4": {
"nixpkgs_3": {
"locked": {
"lastModified": 1772542754,
"narHash": "sha256-WGV2hy+VIeQsYXpsLjdr4GvHv5eECMISX1zKLTedhdg=",
@ -560,7 +425,7 @@
"type": "github"
}
},
"nixpkgs_5": {
"nixpkgs_4": {
"locked": {
"lastModified": 1776734388,
"narHash": "sha256-vl3dkhlE5gzsItuHoEMVe+DlonsK+0836LIRDnm6MXQ=",
@ -576,7 +441,7 @@
"type": "github"
}
},
"nixpkgs_6": {
"nixpkgs_5": {
"locked": {
"lastModified": 1775888245,
"narHash": "sha256-nwASzrRDD1JBEu/o8ekKYEXm/oJW6EMCzCRdrwcLe90=",
@ -592,7 +457,7 @@
"type": "github"
}
},
"nixpkgs_7": {
"nixpkgs_6": {
"locked": {
"lastModified": 1758763312,
"narHash": "sha256-puBMviZhYlqOdUUgEmMVJpXqC/ToEqSvkyZ30qQ09xM=",
@ -608,12 +473,12 @@
},
"nixvim": {
"inputs": {
"flake-parts": "flake-parts_3",
"flake-parts": "flake-parts_2",
"nixpkgs": [
"nixpkgs"
],
"nuschtosSearch": "nuschtosSearch",
"systems": "systems_7"
"systems": "systems_6"
},
"locked": {
"lastModified": 1769049374,
@ -656,7 +521,7 @@
"proj": {
"inputs": {
"flake-utils": "flake-utils_4",
"nixpkgs": "nixpkgs_4"
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1772585816,
@ -749,11 +614,9 @@
"disko": "disko",
"fieldseeker-sync": "fieldseeker-sync",
"home-manager": "home-manager",
"llm-agents": "llm-agents",
"nidus-sync": "nidus-sync",
"nixos-facter-modules": "nixos-facter-modules",
"nixpkgs": "nixpkgs_5",
"nixpkgs-unstable": "nixpkgs-unstable",
"nixpkgs": "nixpkgs_4",
"nixvim": "nixvim",
"sops-nix": "sops-nix",
"timecard-bot": "timecard-bot"
@ -761,7 +624,7 @@
},
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs_6"
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1776771786,
@ -867,24 +730,9 @@
"type": "github"
}
},
"systems_7": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"timecard-bot": {
"inputs": {
"nixpkgs": "nixpkgs_7",
"nixpkgs": "nixpkgs_6",
"pyproject-nix": "pyproject-nix_2"
},
"locked": {
@ -902,27 +750,6 @@
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"llm-agents",
"nixpkgs"
]
},
"locked": {
"lastModified": 1775636079,
"narHash": "sha256-pc20NRoMdiar8oPQceQT47UUZMBTiMdUuWrYu2obUP0=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "790751ff7fd3801feeaf96d7dc416a8d581265ba",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"uv2nix": {
"inputs": {
"nixpkgs": [

34
flake.nix
View file

@ -20,7 +20,6 @@
url = "github:nix-community/home-manager/release-25.11";
inputs.nixpkgs.follows = "nixpkgs";
};
llm-agents.url = "github:numtide/llm-agents.nix";
nidus-sync = {
type = "github";
owner = "Gleipnir-Technology";
@ -29,7 +28,6 @@
};
nixos-facter-modules.url = "github:numtide/nixos-facter-modules";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
nixvim = {
url = "github:nix-community/nixvim/nixos-25.11";
inputs.nixpkgs.follows = "nixpkgs";
@ -38,43 +36,47 @@
timecard-bot.url = "github:Gleipnir-Technology/timecard-bot?rev=8c81b6683f97aa2712323836e629adf102be58ac";
};
outputs = inputs@{ self, nixpkgs, nixpkgs-unstable, ... }: {
outputs = inputs@{ self, disko, home-manager, nixpkgs, nixvim, sops-nix, timecard-bot, ...}:
let
configFiles = pkgs.stdenv.mkDerivation {
installPhase = ''
mkdir -p $out
cp -r * $out/
'';
name = "config-files";
src = ./configs;
};
pkgs = nixpkgs.legacyPackages.${system};
system = "x86_64-linux";
in {
nixosConfigurations = {
"nocix-amd-legacy-octacore" = import ./system.nix {
inherit inputs;
configuration = ./host/nocix/amd-legacy-octacore;
nixpkgs = nixpkgs;
roles = [
./roles/corp.nix
];
system = "x86_64-linux";
inherit configFiles disko home-manager inputs nixpkgs nixvim sops-nix system timecard-bot;
};
"nocix-amd-legacy-quadcore" = import ./system.nix {
inherit inputs;
configuration = ./host/nocix/amd-legacy-quadcore;
nixpkgs = nixpkgs;
roles = [
./roles/nidus-sync.nix
];
system = "x86_64-linux";
inherit configFiles disko home-manager inputs nixpkgs nixvim sops-nix system timecard-bot;
};
"nocix-amd-legacy-quadcore-292465" = import ./system.nix {
inherit inputs;
configuration = ./host/nocix/amd-legacy-quadcore-292465;
nixpkgs = nixpkgs-unstable;
roles = [ ./roles/llm.nix ];
system = "x86_64-linux";
roles = [ ];
inherit configFiles disko home-manager inputs nixpkgs nixvim sops-nix system timecard-bot;
};
"nocix-amd-legacy-sexcore" = import ./system.nix {
inherit inputs;
configuration = ./host/nocix/amd-legacy-sexcore;
nixpkgs = nixpkgs;
roles = [
./roles/nidus-marketing.nix
./roles/nidus-sync.nix
./roles/sovr.nix
];
system = "x86_64-linux";
inherit configFiles disko home-manager inputs nixpkgs nixvim sops-nix system timecard-bot;
};
};
};

4
home/eliribble/config/tmux/tmux.conf
View file

@ -20,7 +20,3 @@ set-window-option -g bell-action other
set -g window-status-style bg=yellow
set -g window-status-current-style bg=red,fg=white
# Set up modifier keys so that Shift+Enter and Ctrl+Enter are distinguishable
# based on https://github.com/earendil-works/pi/blob/main/packages/coding-agent/docs/tmux.md
set -g extended-keys on
set -g extended-keys-format csi-u

4
host/nocix/amd-legacy-quadcore-292465/disk-config.nix
View file

@ -35,8 +35,9 @@
};
};
};
/*
data = {
device = "/dev/disk/by-id/ata-Hitachi_HUA722020ALA331_B9HMU2WF";
device = "/dev/sdb";
type = "disk";
content = {
type = "gpt";
@ -55,6 +56,7 @@
};
};
};
*/
};
lvm_vg = {
pool = {

672
llm/flake.lock generated Normal file
View file

@ -0,0 +1,672 @@
{
"nodes": {
"authentik-go": {
"flake": false,
"locked": {
"lastModified": 1771856219,
"narHash": "sha256-zTEmvxe+BpfWYvAl675PnhXCH4jV4GUTFb1MrQ1Eyno=",
"owner": "goauthentik",
"repo": "client-go",
"rev": "4c1444ee54d945fbcc5ae107b4f191ca0352023d",
"type": "github"
},
"original": {
"owner": "goauthentik",
"repo": "client-go",
"type": "github"
}
},
"authentik-nix": {
"inputs": {
"authentik-go": "authentik-go",
"authentik-src": "authentik-src",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"flake-utils": "flake-utils",
"napalm": "napalm",
"nixpkgs": [
"nixpkgs"
],
"pyproject-build-systems": "pyproject-build-systems",
"pyproject-nix": "pyproject-nix",
"systems": "systems",
"uv2nix": "uv2nix"
},
"locked": {
"lastModified": 1776085803,
"narHash": "sha256-JvvWVbXJYSY8qOReMbAOD4lxcN2cjKV6lg/jLz8CEuY=",
"owner": "nix-community",
"repo": "authentik-nix",
"rev": "4370b561c8bafb59773ce3a518506bcf1161dbdb",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "authentik-nix",
"type": "github"
}
},
"authentik-src": {
"flake": false,
"locked": {
"lastModified": 1775573258,
"narHash": "sha256-Xq7JGI/8ppIydIuWd9KRJKUrh7UpeniwvZ4NAtXbYJ4=",
"owner": "goauthentik",
"repo": "authentik",
"rev": "5249546862986202b901c2afd860992ec48c6ef6",
"type": "github"
},
"original": {
"owner": "goauthentik",
"ref": "version/2026.2.2",
"repo": "authentik",
"type": "github"
}
},
"blueprint": {
"inputs": {
"nixpkgs": [
"llm-agents",
"nixpkgs"
],
"systems": [
"llm-agents",
"systems"
]
},
"locked": {
"lastModified": 1776249299,
"narHash": "sha256-Dt9t1TGRmJFc0xVYhttNBD6QsAgHOHCArqGa0AyjrJY=",
"owner": "numtide",
"repo": "blueprint",
"rev": "56131e8628f173d24a27f6d27c0215eff57e40dd",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "blueprint",
"type": "github"
}
},
"bun2nix": {
"inputs": {
"flake-parts": [
"llm-agents",
"flake-parts"
],
"nixpkgs": [
"llm-agents",
"nixpkgs"
],
"systems": [
"llm-agents",
"systems"
],
"treefmt-nix": [
"llm-agents",
"treefmt-nix"
]
},
"locked": {
"lastModified": 1777369708,
"narHash": "sha256-1xW7cRZNsFNPQD+cE0fwnLVStnDth0HSoASEIFeT7uI=",
"owner": "nix-community",
"repo": "bun2nix",
"rev": "e659e1cc4b8e1b21d0aa85f1c481f9db61ecfa98",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "staging-2.1.0",
"repo": "bun2nix",
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1777713215,
"narHash": "sha256-8GzXDOXckDWwST8TY5DbwYFjdvQLlP7K9CLSVx6iTTo=",
"owner": "nix-community",
"repo": "disko",
"rev": "63b4e7e6cf75307c1d26ac3762b886b5b0247267",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1767039857,
"narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1769996383,
"narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "57928607ea566b5db3ad13af0e57e921e6b12381",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"llm-agents",
"nixpkgs"
]
},
"locked": {
"lastModified": 1777988971,
"narHash": "sha256-qIoWPDs+0/8JecyYgE3gpKQxW/4bLW/gp45vow9ioCQ=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "0678d8986be1661af6bb555f3489f2fdfc31f6ff",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_3": {
"inputs": {
"nixpkgs-lib": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1768135262,
"narHash": "sha256-PVvu7OqHBGWN16zSi6tEmPwwHQ4rLPU9Plvs8/1TUBY=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "80daad04eddbbf5a4d883996a73f3f542fa437ac",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": [
"authentik-nix",
"systems"
]
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1777851538,
"narHash": "sha256-Gp8qwTEYNoy2yvmErVGlvLOQvrtEECCAKbonW7VJef8=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "cc09c0f9b7eaa95c2d9827338a5eb03d32505ca5",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-25.11",
"repo": "home-manager",
"type": "github"
}
},
"ixx": {
"inputs": {
"flake-utils": [
"nixvim",
"nuschtosSearch",
"flake-utils"
],
"nixpkgs": [
"nixvim",
"nuschtosSearch",
"nixpkgs"
]
},
"locked": {
"lastModified": 1754860581,
"narHash": "sha256-EM0IE63OHxXCOpDHXaTyHIOk2cNvMCGPqLt/IdtVxgk=",
"owner": "NuschtOS",
"repo": "ixx",
"rev": "babfe85a876162c4acc9ab6fb4483df88fa1f281",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"ref": "v0.1.1",
"repo": "ixx",
"type": "github"
}
},
"llm-agents": {
"inputs": {
"blueprint": "blueprint",
"bun2nix": "bun2nix",
"flake-parts": "flake-parts_2",
"nixpkgs": "nixpkgs",
"systems": "systems_2",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1778219255,
"narHash": "sha256-fAJUly400K2SoP75LaZ7x1fhwau2BxI7XBY4UgFXm6A=",
"owner": "numtide",
"repo": "llm-agents.nix",
"rev": "8dc08cc44249bacfabaf4e25e223ec9d1e7d677b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "llm-agents.nix",
"type": "github"
}
},
"napalm": {
"inputs": {
"flake-utils": [
"authentik-nix",
"flake-utils"
],
"nixpkgs": [
"authentik-nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1725806412,
"narHash": "sha256-lGZjkjds0p924QEhm/r0BhAxbHBJE1xMOldB/HmQH04=",
"owner": "willibutz",
"repo": "napalm",
"rev": "b492440d9e64ae20736d3bec5c7715ffcbde83f5",
"type": "github"
},
"original": {
"owner": "willibutz",
"ref": "avoid-foldl-stack-overflow",
"repo": "napalm",
"type": "github"
}
},
"nixos-facter-modules": {
"locked": {
"lastModified": 1773858690,
"narHash": "sha256-oW0/lC0oRG5H5LaK6Rmh9L1wmkn9TbenM4bXwnIEDKA=",
"owner": "numtide",
"repo": "nixos-facter-modules",
"rev": "139dcef4dfc97009629c445806f197883351ab4a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "nixos-facter-modules",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1778124196,
"narHash": "sha256-pYEytCNic/czazbV9r3tbQ6BZzqRBg/41x2dIC5ymOo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "68a8af93ff4297686cb68880845e61e5e2e41d92",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1769909678,
"narHash": "sha256-cBEymOf4/o3FD5AZnzC3J9hLbiZ+QDT/KDuyHXVJOpM=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "72716169fe93074c333e8d0173151350670b824c",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1777954456,
"narHash": "sha256-hGdgeU2Nk87RAuZyYjyDjFL6LK7dAZN5RE9+hrDTkDU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "549bd84d6279f9852cae6225e372cc67fb91a4c1",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1775888245,
"narHash": "sha256-nwASzrRDD1JBEu/o8ekKYEXm/oJW6EMCzCRdrwcLe90=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "13043924aaa7375ce482ebe2494338e058282925",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixvim": {
"inputs": {
"flake-parts": "flake-parts_3",
"nixpkgs": [
"nixpkgs"
],
"nuschtosSearch": "nuschtosSearch",
"systems": "systems_4"
},
"locked": {
"lastModified": 1769049374,
"narHash": "sha256-h0Os2qqNyycDY1FyZgtbn28VF1ySP74/n0f+LDd8j+w=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "b8f76bf5751835647538ef8784e4e6ee8deb8f95",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "nixos-25.11",
"repo": "nixvim",
"type": "github"
}
},
"nuschtosSearch": {
"inputs": {
"flake-utils": "flake-utils_2",
"ixx": "ixx",
"nixpkgs": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1768249818,
"narHash": "sha256-ANfn5OqIxq3HONPIXZ6zuI5sLzX1sS+2qcf/Pa0kQEc=",
"owner": "NuschtOS",
"repo": "search",
"rev": "b6f77b88e9009bfde28e2130e218e5123dc66796",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"repo": "search",
"type": "github"
}
},
"pyproject-build-systems": {
"inputs": {
"nixpkgs": [
"authentik-nix",
"nixpkgs"
],
"pyproject-nix": [
"authentik-nix",
"pyproject-nix"
],
"uv2nix": [
"authentik-nix",
"uv2nix"
]
},
"locked": {
"lastModified": 1771423342,
"narHash": "sha256-7uXPiWB0YQ4HNaAqRvVndYL34FEp1ZTwVQHgZmyMtC8=",
"owner": "pyproject-nix",
"repo": "build-system-pkgs",
"rev": "04e9c186e01f0830dad3739088070e4c551191a4",
"type": "github"
},
"original": {
"owner": "pyproject-nix",
"repo": "build-system-pkgs",
"type": "github"
}
},
"pyproject-nix": {
"inputs": {
"nixpkgs": [
"authentik-nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1771518446,
"narHash": "sha256-nFJSfD89vWTu92KyuJWDoTQJuoDuddkJV3TlOl1cOic=",
"owner": "pyproject-nix",
"repo": "pyproject.nix",
"rev": "eb204c6b3335698dec6c7fc1da0ebc3c6df05937",
"type": "github"
},
"original": {
"owner": "pyproject-nix",
"repo": "pyproject.nix",
"type": "github"
}
},
"root": {
"inputs": {
"authentik-nix": "authentik-nix",
"disko": "disko",
"home-manager": "home-manager",
"llm-agents": "llm-agents",
"nixos-facter-modules": "nixos-facter-modules",
"nixpkgs": "nixpkgs_2",
"nixvim": "nixvim",
"sops-nix": "sops-nix"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1777944972,
"narHash": "sha256-VfGRo1qTBKOe3s2gOv8LSoA6Fk19PvBlwQ1ECN0Evn8=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "c591bf665727040c6cc5cb409079acb22dcce33c",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems",
"repo": "default-linux",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default-linux",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"llm-agents",
"nixpkgs"
]
},
"locked": {
"lastModified": 1775636079,
"narHash": "sha256-pc20NRoMdiar8oPQceQT47UUZMBTiMdUuWrYu2obUP0=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "790751ff7fd3801feeaf96d7dc416a8d581265ba",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"uv2nix": {
"inputs": {
"nixpkgs": [
"authentik-nix",
"nixpkgs"
],
"pyproject-nix": [
"authentik-nix",
"pyproject-nix"
]
},
"locked": {
"lastModified": 1772187362,
"narHash": "sha256-gCojeIlQ/rfWMe3adif3akyHsT95wiMkLURpxTeqmPc=",
"owner": "pyproject-nix",
"repo": "uv2nix",
"rev": "abe65de114300de41614002fe9dce2152ac2ac23",
"type": "github"
},
"original": {
"owner": "pyproject-nix",
"repo": "uv2nix",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

48
llm/flake.nix Normal file
View file

@ -0,0 +1,48 @@
{
description = "Multi-host NixOS configuration";
inputs = {
authentik-nix = {
inputs.nixpkgs.follows = "nixpkgs";
url = "github:nix-community/authentik-nix";
};
disko = {
inputs.nixpkgs.follows = "nixpkgs";
url = "github:nix-community/disko";
};
home-manager = {
url = "github:nix-community/home-manager/release-25.11";
inputs.nixpkgs.follows = "nixpkgs";
};
llm-agents.url = "github:numtide/llm-agents.nix";
nixos-facter-modules.url = "github:numtide/nixos-facter-modules";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nixvim = {
url = "github:nix-community/nixvim/nixos-25.11";
inputs.nixpkgs.follows = "nixpkgs";
};
sops-nix.url = "github:Mic92/sops-nix";
};
outputs = inputs@{ self, disko, home-manager, nixpkgs, nixvim, sops-nix, ...}:
let
configFiles = pkgs.stdenv.mkDerivation {
installPhase = ''
mkdir -p $out
cp -r * $out/
'';
name = "config-files";
src = ../configs;
};
pkgs = nixpkgs.legacyPackages.${system};
system = "x86_64-linux";
in {
nixosConfigurations = {
"nocix-amd-legacy-quadcore-292465" = import ../system.nix {
configuration = ../host/nocix/amd-legacy-quadcore-292465;
roles = [../roles/llm.nix ];
inherit configFiles disko home-manager inputs nixpkgs nixvim sops-nix system;
};
};
};
}

2
modules/home/default.nix
View file

@ -3,7 +3,5 @@
./base.nix
./fish.nix
./git.nix
./nixvim.nix
./pi.nix
];
}

22
modules/home/pi.nix
View file

@ -1,22 +0,0 @@
{ config, configFiles, lib, pkgs, ... }:
with lib;
{
options.myModules.home.pi = {
enable = mkEnableOption "custom pi agent configuration";
};
config = mkIf config.myModules.home.pi.enable (
let
# Use user-specific config if it exists
configPath = (configFiles + "/users/${config.myModules.home.user}/pi");
in {
# Use the correct Home Manager option
home.file.".pi" = {
source = configPath;
recursive = true;
};
}
);
}

1
modules/system/default.nix
View file

@ -14,7 +14,6 @@
./element-web.nix
#./fieldseeker-sync.nix
./fish.nix
./forgejo.nix
./label-studio.nix
./librechat.nix
./minio.nix

55
modules/system/forgejo.nix
View file

@ -1,55 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.forgejo;
srv = cfg.settings.server;
in {
options.myModules.forgejo.enable = mkEnableOption "custom forgejo configuration";
config = mkIf config.myModules.forgejo.enable {
services.caddy.virtualHosts."source.gleipnir.technology".extraConfig = ''
reverse_proxy unix//var/run/forgejo/socket
'';
services.forgejo = {
database.type = "postgres";
enable = true;
# Enable support for Git Large File Storage
lfs.enable = true;
settings = {
# Add support for actions, based on act: https://github.com/nektos/act
actions = {
ENABLED = false;
DEFAULT_ACTIONS_URL = "github";
};
# Sending emails is completely optional
# You can send a test email from the web UI at:
# Profile Picture > Site Administration > Configuration > Mailer Configuration
#mailer = {
#ENABLED = false;
#SMTP_ADDR = "mail.example.com";
#FROM = "noreply@${srv.DOMAIN}";
#USER = "noreply@${srv.DOMAIN}";
#};
server = {
DOMAIN = "source.gleipnir.technology";
# You need to specify this to remove the port from URLs in the web UI.
HTTP_ADDR = "/var/run/forgejo/socket";
PROTOCOL = "http+unix";
ROOT_URL = "https://${srv.DOMAIN}/";
};
# You can temporarily allow registration to create an admin user.
service.DISABLE_REGISTRATION = true;
# Enable ssh user for 'git push'
ssh = {
PORT = 22;
};
};
stateDir = "/mnt/bigdisk/forgejo";
#mailerPasswordFile = config.age.secrets.forgejo-mailer-password.path;
};
systemd.tmpfiles.rules = [
"d /var/run/forgejo 0750 forgejo forgejo - -"
];
};
}

69
modules/system/pgadmin.nix
View file

@ -2,8 +2,6 @@
with lib;
let
databaseName = "nidus-sync";
dbUsername = "pgadmin";
cfg = config.myModules.pgadmin;
group = "root";
port = 10100;
@ -30,73 +28,8 @@ in {
services.pgadmin = {
enable = true;
initialEmail = "eli@gleipnir.technology";
initialPasswordFile = config.sops.secrets."pgadmin-initial-password-file".path;
initialPasswordFile = "/var/run/secrets/pgadmin.yaml";
port = port;
settings = {
# Pre-configure the database server
Servers = {
"1" = {
Name = "Local ${databaseName}";
Group = "Servers";
Host = "/run/postgresql"; # unix socket directory
Port = 5432;
MaintenanceDB = "postgres";
Username = dbUsername;
SSLMode = "prefer";
};
};
};
};
services.postgresql = {
ensureUsers = [{
# Read only user for pgadmin
ensureClauses.login = true;
name = dbUsername;
}];
};
systemd.services.pgadmin-setup-permissions = {
description = "Setup read-only permissions for pgadmin user";
after = [ "postgresql.service" ];
requires = [ "postgresql.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
User = "postgres";
RemainAfterExit = true;
};
script = ''
${config.services.postgresql.package}/bin/psql -d ${databaseName} << 'EOF'
-- Grant connection to database
GRANT CONNECT ON DATABASE ${databaseName} TO pgadmin;
-- Dynamically grant permissions on all non-system schemas
DO $$
DECLARE
schema_name text;
BEGIN
FOR schema_name IN
SELECT nspname
FROM pg_namespace
WHERE nspname NOT IN ('pg_catalog', 'information_schema', 'pg_toast')
AND nspname NOT LIKE 'pg_temp%'
AND nspname NOT LIKE 'pg_toast_temp%'
LOOP
EXECUTE format('GRANT USAGE ON SCHEMA %I TO pgadmin', schema_name);
EXECUTE format('GRANT SELECT ON ALL TABLES IN SCHEMA %I TO pgadmin', schema_name);
EXECUTE format('GRANT SELECT ON ALL SEQUENCES IN SCHEMA %I TO pgadmin', schema_name);
EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA %I GRANT SELECT ON TABLES TO pgadmin', schema_name);
END LOOP;
END $$;
EOF
'';
# This ensures the service runs again when you deploy changes
restartTriggers = [
config.services.postgresql.package
"${databaseName}"
];
};
sops.secrets."pgadmin-initial-password-file" = {
format = "yaml";

11
modules/system/pi.nix
View file

@ -16,7 +16,6 @@ in {
config = mkIf config.myModules.pi.enable {
environment.systemPackages = with inputs.llm-agents.packages.${pkgs.stdenv.hostPlatform.system}; [
pkgs.nodejs_24
pi
];
sops.secrets."pi-env" = {
@ -28,14 +27,4 @@ in {
sopsFile = ../../secrets/pi.env;
};
};
/* notes on other stuff I did
I'm installing pi-semaphore and pi-tmux with:
```shell
pi install git:github.com/offline-ant/pi-semaphore
pi install git:github.com/offline-ant/pi-tmux
```
*/
}

4
modules/system/timecardbot.nix
View file

@ -1,7 +1,7 @@
{ config, inputs, lib, pkgs, ... }:
{ config, lib, pkgs, timecard-bot, ... }:
with lib;
let
timecard-bot-pkg = inputs.timecard-bot.packages.x86_64-linux.default;
timecard-bot-pkg = timecard-bot.packages.x86_64-linux.default;
in
{
options.myModules.timecardbot.enable = mkEnableOption "custom timecardbot configuration";

4
nixos-anywhere/nocix/disk-config.nix
View file

@ -35,8 +35,9 @@
};
};
};
/*
data = {
device = "/dev/disk/by-id/ata-Hitachi_HUA722020ALA331_B9HMU2WF";
device = "/dev/sdb";
type = "disk";
content = {
type = "gpt";
@ -55,6 +56,7 @@
};
};
};
*/
};
lvm_vg = {
pool = {

1
roles/corp.nix
View file

@ -4,7 +4,6 @@
caddy.enable = true;
cloudreve.enable = true;
collabora.enable = true;
forgejo.enable = true;
glitchtip.enable = true;
element-web.enable = true;
label-studio.enable = true;

53
system.nix
View file

@ -1,59 +1,44 @@
{ configuration, inputs, nixpkgs, roles ? [], system}:
{ configFiles, configuration, disko, home-manager, inputs, nixpkgs, nixvim, roles, sops-nix, system }:
let
allowed-unfree-packages = [
"corefonts"
"google-chrome"
"mongodb"
];
configFiles = nixpkgs.legacyPackages.${system}.stdenv.mkDerivation {
name = "config-files";
src = ./configs;
installPhase = ''
mkdir -p $out
cp -r * $out/
'';
};
pkgs = import nixpkgs {
inherit system;
config = {
allowUnfreePredicate = pkg:
builtins.elem (nixpkgs.lib.getName pkg) allowed-unfree-packages;
};
};
in
nixpkgs.lib.nixosSystem {
inherit system pkgs;
specialArgs = {
inherit inputs configFiles;
};
in nixpkgs.lib.nixosSystem {
modules = [
configuration
inputs.authentik-nix.nixosModules.default
inputs.disko.nixosModules.disko
inputs.home-manager.nixosModules.home-manager
disko.nixosModules.disko
home-manager.nixosModules.home-manager
{
home-manager.extraSpecialArgs = { inherit configFiles inputs; };
home-manager.sharedModules = [
inputs.nixvim.homeModules.nixvim
nixvim.homeModules.nixvim
./modules/home/nixvim.nix
];
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
}
inputs.sops-nix.nixosModules.sops
{
configuration
./modules
sops-nix.nixosModules.sops {
sops = {
age.generateKey = true;
age.keyFile = "/var/lib/sops-nix/key.txt";
age.keyFile = "/var/libs/sops-nix/key.txt";
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
defaultSopsFile = ./secrets/secrets.yaml;
};
}
./modules
./users
] ++ roles;
pkgs = import nixpkgs {
config = {
allowUnfreePredicate = pkg: builtins.elem (nixpkgs.lib.getName pkg) allowed-unfree-packages;
};
system = "${system}";
};
specialArgs = {
inherit configFiles inputs;
};
system = "${system}";
}

1
users/eliribble.nix
View file

@ -9,7 +9,6 @@ with lib;
myModules.home = {
fish.enable = true;
git.enable = true;
pi.enable = true;
user = "eliribble";
};