first commit

2024-08-21 23:56:00 +00:00
commit c1cb9a5da6
4 changed files with 126 additions and 0 deletions
@@ -0,0 +1,4 @@
+# my nixbox configuration
+
+This is my nixbox configuration it runs a gitea CI runner and podman, so it is very minimal,
+
@@ -0,0 +1,81 @@
+{ pkgs, lib, modulesPath, ... }: {
+  imports = [ 
+(modulesPath + "/virtualisation/proxmox-lxc.nix") 
+#(fetchTarball "https://github.com/nix-community/nixos-vscode-server/tarball/master")
+];
+  environment.systemPackages = with pkgs; [
+    vim
+    gitea-actions-runner
+    podman-compose # start group of containers for dev
+    podman-tui
+    dive
+    neovim
+  ];
+
+ nix.settings.experimental-features = "nix-command flakes"; 
+
+ boot.isContainer = true;
+
+ virtualisation.containers.enable = true;
+  virtualisation = {
+    podman = {
+      enable = true;
+
+      # Create a `docker` alias for podman, to use it as a drop-in replacement
+      dockerCompat = true;
+
+      # Required for containers under podman-compose to be able to talk to each other.
+      defaultNetwork.settings.dns_enabled = true;
+    };
+  };
+
+  
+  # Set the system version
+  system.stateVersion = "unstable";
+  
+  # Enable OpenSSH
+  services.sshd.enable = true;
+  services.openssh.enable = true;
+  services.openssh.settings.PermitRootLogin = "yes";
+
+  # services.vscode-server.enable = true;
+
+  services.gitea-actions-runner.instances = {
+    runner1 = {
+      token = "Pxh7t6Ip39SFjWQyhCjb7xsRC73k5l3JY3jYYzzD";
+      url = "http://gitea.lan:3000/";
+      name = "runner1";
+      enable = true;
+      labels = [ "ubuntu-latest:docker://ubuntu:latest" ];
+    };
+  };
+
+
+  # Don't use the host's nix-daemon  
+  environment.variables.NIX_REMOTE = lib.mkForce "";
+  
+  users.mutableUsers = false; #just activate temporarily to enforce user passwords are original as in this configuration
+  users.users.huntemann = {
+  isNormalUser = true;
+  # password = "hallo";
+  hashedPassword = "$y$j9T$hW.doX2GXbs.bfEjlD5B0/$pG0DPva0RvbG3V0gfWUVAXWDPlIiHzr8MmhCUJuVzG2";
+  openssh.authorizedKeys.keys = [
+"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA6LLy8IibZsCar/hC2U86lFTp4Of2YO+SMm69p+jh6k Marcus macbook"
+];
+
+
+  extraGroups = [ "wheel" ];
+ };
+
+security.sudo.extraRules = [
+  {
+    users = [ "huntemann" ];
+    commands = [
+      {
+        command = "ALL";
+        options = [ "NOPASSWD" ]; # Allows running all commands without a password
+      }
+    ];
+  }
+];
+}
@@ -0,0 +1,27 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1723991338,
+        "narHash": "sha256-Grh5PF0+gootJfOJFenTTxDTYPidA3V28dqJ/WV7iis=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "8a3354191c0d7144db9756a74755672387b702ba",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
@@ -0,0 +1,14 @@
+# /etc/nixos/flake.nix
+{
+  inputs = {
+    # same version number as in system.stateVersion of
+    # configuration.nix. 
+   nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+  };
+  outputs = inputs@{ self, nixpkgs, ... }: {
+    nixosConfigurations.nixbox = nixpkgs.lib.nixosSystem {
+      system = "x86_64-linux";
+      modules = [ ./configuration.nix ];
+    };
+  };
+}