From 17611b7e53b7336ac80f1afec826fa8996ce596e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20=E2=80=9CNiols=E2=80=9D=20Jeannerod?= Date: Wed, 20 Nov 2024 16:43:41 +0100 Subject: [PATCH 1/6] Timezone and locale --- infra/common/default.nix | 3 +++ infra/vm02116/configuration.nix | 6 ------ infra/vm02179/configuration.nix | 6 ------ infra/vm02186/procolix-configuration.nix | 6 ------ infra/vm02187/configuration.nix | 6 ------ 5 files changed, 3 insertions(+), 24 deletions(-) diff --git a/infra/common/default.nix b/infra/common/default.nix index 0630f2f..88e61d2 100644 --- a/infra/common/default.nix +++ b/infra/common/default.nix @@ -4,4 +4,7 @@ ./networking.nix ./users.nix ]; + + time.timeZone = "Europe/Amsterdam"; + i18n.defaultLocale = "en_US.UTF-8"; } diff --git a/infra/vm02116/configuration.nix b/infra/vm02116/configuration.nix index 01f855f..aa1432b 100644 --- a/infra/vm02116/configuration.nix +++ b/infra/vm02116/configuration.nix @@ -9,12 +9,6 @@ ip6 = "2a00:51c0:12:1201::20"; }; - # Set your time zone. - time.timeZone = "Europe/Amsterdam"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; - # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ diff --git a/infra/vm02179/configuration.nix b/infra/vm02179/configuration.nix index 59a5add..263b94c 100644 --- a/infra/vm02179/configuration.nix +++ b/infra/vm02179/configuration.nix @@ -9,12 +9,6 @@ ip6 = "2a00:51c0:12:1201::179"; }; - # Set your time zone. - time.timeZone = "Europe/Amsterdam"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; - nix = { settings.trusted-users = [ "@wheel" ]; }; diff --git a/infra/vm02186/procolix-configuration.nix b/infra/vm02186/procolix-configuration.nix index ea0c923..96c9ac5 100644 --- a/infra/vm02186/procolix-configuration.nix +++ b/infra/vm02186/procolix-configuration.nix @@ -9,12 +9,6 @@ ip6 = "2a00:51c0:12:1201::186"; }; - # Set your time zone. - time.timeZone = "Europe/Amsterdam"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; - # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ diff --git a/infra/vm02187/configuration.nix b/infra/vm02187/configuration.nix index 3c58f39..6de5a01 100644 --- a/infra/vm02187/configuration.nix +++ b/infra/vm02187/configuration.nix @@ -71,12 +71,6 @@ users.users.nginx.extraGroups = [ "acme" ]; - # Set your time zone. - time.timeZone = "Europe/Amsterdam"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; - # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ From dbba09de454f444d162177ba5a5c3b4411bacdac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20=E2=80=9CNiols=E2=80=9D=20Jeannerod?= Date: Wed, 20 Nov 2024 16:44:48 +0100 Subject: [PATCH 2/6] `system.stateVersion` --- infra/common/default.nix | 1 + infra/vm02116/configuration.nix | 18 ------------------ infra/vm02179/configuration.nix | 8 -------- infra/vm02186/procolix-configuration.nix | 8 -------- infra/vm02187/configuration.nix | 9 --------- 5 files changed, 1 insertion(+), 43 deletions(-) diff --git a/infra/common/default.nix b/infra/common/default.nix index 88e61d2..1cf40fe 100644 --- a/infra/common/default.nix +++ b/infra/common/default.nix @@ -7,4 +7,5 @@ time.timeZone = "Europe/Amsterdam"; i18n.defaultLocale = "en_US.UTF-8"; + system.stateVersion = "24.05"; # do not change } diff --git a/infra/vm02116/configuration.nix b/infra/vm02116/configuration.nix index aa1432b..98d9548 100644 --- a/infra/vm02116/configuration.nix +++ b/infra/vm02116/configuration.nix @@ -35,22 +35,4 @@ ## two options can safely be removed. boot.initrd.availableKernelModules = [ "xen_blkfront" ]; services.xe-guest-utilities.enable = true; - - # This option defines the first version of NixOS you have installed on this particular machine, - # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. - # - # Most users should NEVER change this value after the initial install, for any reason, - # even if you've upgraded your system to a new NixOS release. - # - # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, - # so changing it will NOT upgrade your system. - # - # This value being lower than the current NixOS release does NOT mean your system is - # out of date, out of support, or vulnerable. - # - # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, - # and migrated your data accordingly. - # - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . - system.stateVersion = "24.05"; } diff --git a/infra/vm02179/configuration.nix b/infra/vm02179/configuration.nix index 263b94c..7c8e32b 100644 --- a/infra/vm02179/configuration.nix +++ b/infra/vm02179/configuration.nix @@ -32,12 +32,4 @@ }) wget ]; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "24.05"; # Did you read the comment? } diff --git a/infra/vm02186/procolix-configuration.nix b/infra/vm02186/procolix-configuration.nix index 96c9ac5..2919a0e 100644 --- a/infra/vm02186/procolix-configuration.nix +++ b/infra/vm02186/procolix-configuration.nix @@ -28,12 +28,4 @@ }) wget ]; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "24.05"; # Did you read the comment? } diff --git a/infra/vm02187/configuration.nix b/infra/vm02187/configuration.nix index 6de5a01..7687ffb 100644 --- a/infra/vm02187/configuration.nix +++ b/infra/vm02187/configuration.nix @@ -90,13 +90,4 @@ }) wget ]; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "24.05"; # Did you read the comment? - } From 9888ae0d07d5d3f1d10a465a4d3d7b94236adfb8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20=E2=80=9CNiols=E2=80=9D=20Jeannerod?= Date: Wed, 20 Nov 2024 16:46:09 +0100 Subject: [PATCH 3/6] `nixpkgs.hostPlatform` --- infra/common/default.nix | 7 +++++++ infra/vm02116/hardware-configuration.nix | 2 -- infra/vm02179/hardware-configuration.nix | 2 -- infra/vm02186/hardware-configuration.nix | 2 -- infra/vm02187/hardware-configuration.nix | 2 -- 5 files changed, 7 insertions(+), 8 deletions(-) diff --git a/infra/common/default.nix b/infra/common/default.nix index 1cf40fe..687fd58 100644 --- a/infra/common/default.nix +++ b/infra/common/default.nix @@ -1,3 +1,9 @@ +{ lib, ... }: + +let + inherit (lib) mkDefault; + +in { imports = [ ./hardware.nix @@ -8,4 +14,5 @@ time.timeZone = "Europe/Amsterdam"; i18n.defaultLocale = "en_US.UTF-8"; system.stateVersion = "24.05"; # do not change + nixpkgs.hostPlatform = mkDefault "x86_64-linux"; } diff --git a/infra/vm02116/hardware-configuration.nix b/infra/vm02116/hardware-configuration.nix index 2110792..202d8bb 100644 --- a/infra/vm02116/hardware-configuration.nix +++ b/infra/vm02116/hardware-configuration.nix @@ -12,6 +12,4 @@ }; networking.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; } diff --git a/infra/vm02179/hardware-configuration.nix b/infra/vm02179/hardware-configuration.nix index 36a2506..391f2f9 100644 --- a/infra/vm02179/hardware-configuration.nix +++ b/infra/vm02179/hardware-configuration.nix @@ -16,6 +16,4 @@ }; networking.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; } diff --git a/infra/vm02186/hardware-configuration.nix b/infra/vm02186/hardware-configuration.nix index d2d567f..0ed6ebc 100644 --- a/infra/vm02186/hardware-configuration.nix +++ b/infra/vm02186/hardware-configuration.nix @@ -16,6 +16,4 @@ }; networking.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; } diff --git a/infra/vm02187/hardware-configuration.nix b/infra/vm02187/hardware-configuration.nix index 24a8a49..4d9eefc 100644 --- a/infra/vm02187/hardware-configuration.nix +++ b/infra/vm02187/hardware-configuration.nix @@ -16,6 +16,4 @@ }; networking.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; } From 0749bda96caa94e1e5b924698a931f5d5cbe13ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20=E2=80=9CNiols=E2=80=9D=20Jeannerod?= Date: Wed, 20 Nov 2024 16:48:36 +0100 Subject: [PATCH 4/6] `networking.useDHCP` --- infra/common/networking.nix | 5 ++++- infra/vm02116/hardware-configuration.nix | 4 ---- infra/vm02179/hardware-configuration.nix | 4 ---- infra/vm02186/hardware-configuration.nix | 4 ---- infra/vm02187/hardware-configuration.nix | 4 ---- 5 files changed, 4 insertions(+), 17 deletions(-) diff --git a/infra/common/networking.nix b/infra/common/networking.nix index 49a069b..b6968c8 100644 --- a/infra/common/networking.nix +++ b/infra/common/networking.nix @@ -1,7 +1,7 @@ { config, lib, ... }: let - inherit (lib) mkOption; + inherit (lib) mkOption mkDefault; in { @@ -23,6 +23,9 @@ in hostName = config.procolix.vm.name; domain = "procolix.com"; + ## REVIEW: Do we actually need that, considering that we have static IPs? + useDHCP = mkDefault true; + interfaces = { eth0 = { ipv4 = { diff --git a/infra/vm02116/hardware-configuration.nix b/infra/vm02116/hardware-configuration.nix index 202d8bb..5ad9e85 100644 --- a/infra/vm02116/hardware-configuration.nix +++ b/infra/vm02116/hardware-configuration.nix @@ -1,5 +1,3 @@ -{ lib, ... }: - { fileSystems."/" = { device = "/dev/disk/by-uuid/3802a66d-e31a-4650-86f3-b51b11918853"; @@ -10,6 +8,4 @@ device = "/dev/disk/by-uuid/2CE2-1173"; fsType = "vfat"; }; - - networking.useDHCP = lib.mkDefault true; } diff --git a/infra/vm02179/hardware-configuration.nix b/infra/vm02179/hardware-configuration.nix index 391f2f9..5b89888 100644 --- a/infra/vm02179/hardware-configuration.nix +++ b/infra/vm02179/hardware-configuration.nix @@ -1,5 +1,3 @@ -{ lib, ... }: - { fileSystems."/" = { device = "/dev/disk/by-uuid/119863f8-55cf-4e2f-ac17-27599a63f241"; @@ -14,6 +12,4 @@ "dmask=0022" ]; }; - - networking.useDHCP = lib.mkDefault true; } diff --git a/infra/vm02186/hardware-configuration.nix b/infra/vm02186/hardware-configuration.nix index 0ed6ebc..c9538ea 100644 --- a/infra/vm02186/hardware-configuration.nix +++ b/infra/vm02186/hardware-configuration.nix @@ -1,5 +1,3 @@ -{ lib, ... }: - { fileSystems."/" = { device = "/dev/disk/by-uuid/833ac0f9-ad8c-45ae-a9bf-5844e378c44a"; @@ -14,6 +12,4 @@ "dmask=0022" ]; }; - - networking.useDHCP = lib.mkDefault true; } diff --git a/infra/vm02187/hardware-configuration.nix b/infra/vm02187/hardware-configuration.nix index 4d9eefc..c95e55d 100644 --- a/infra/vm02187/hardware-configuration.nix +++ b/infra/vm02187/hardware-configuration.nix @@ -1,5 +1,3 @@ -{ lib, ... }: - { fileSystems."/" = { device = "/dev/disk/by-uuid/a46a9c46-e32b-4216-a4aa-8819b2cd0d49"; @@ -14,6 +12,4 @@ "dmask=0022" ]; }; - - networking.useDHCP = lib.mkDefault true; } From 9f471327dfbcf069adc2cf6935ce91c50d136803 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20=E2=80=9CNiols=E2=80=9D=20Jeannerod?= Date: Wed, 20 Nov 2024 16:52:13 +0100 Subject: [PATCH 5/6] `environment.systemPackages` --- infra/common/default.nix | 21 ++++++++++++++++++++- infra/vm02116/configuration.nix | 23 ----------------------- infra/vm02179/configuration.nix | 22 ---------------------- infra/vm02186/procolix-configuration.nix | 22 ---------------------- infra/vm02187/configuration.nix | 20 -------------------- 5 files changed, 20 insertions(+), 88 deletions(-) diff --git a/infra/common/default.nix b/infra/common/default.nix index 687fd58..5093233 100644 --- a/infra/common/default.nix +++ b/infra/common/default.nix @@ -1,4 +1,4 @@ -{ lib, ... }: +{ lib, pkgs, ... }: let inherit (lib) mkDefault; @@ -15,4 +15,23 @@ in i18n.defaultLocale = "en_US.UTF-8"; system.stateVersion = "24.05"; # do not change nixpkgs.hostPlatform = mkDefault "x86_64-linux"; + + environment.systemPackages = with pkgs; [ + (pkgs.vim_configurable.customize { + name = "vim"; + vimrcConfig.packages.myplugins = with pkgs.vimPlugins; { + start = [ vim-nix ]; # load plugin on startup + }; + vimrcConfig.customRC = '' + " your custom vimrc + set nocompatible + set backspace=indent,eol,start + " Turn on syntax highlighting by default + syntax on + " ... + ''; + }) + wget + subversion + ]; } diff --git a/infra/vm02116/configuration.nix b/infra/vm02116/configuration.nix index 98d9548..3a4b6f0 100644 --- a/infra/vm02116/configuration.nix +++ b/infra/vm02116/configuration.nix @@ -1,5 +1,3 @@ -{ pkgs, ... }: - { imports = [ ../common ]; @@ -9,27 +7,6 @@ ip6 = "2a00:51c0:12:1201::20"; }; - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - (pkgs.vim_configurable.customize { - name = "vim"; - vimrcConfig.packages.myplugins = with pkgs.vimPlugins; { - start = [ vim-nix ]; # load plugin on startup - }; - vimrcConfig.customRC = '' - " your custom vimrc - set nocompatible - set backspace=indent,eol,start - " Turn on syntax highlighting by default - syntax on - " ... - ''; - }) - wget - subversion - ]; - ## vm02116 is running on old hardware based on a Xen VM environment, so it ## needs these extra options. Once the VM gets moved to a newer node, these ## two options can safely be removed. diff --git a/infra/vm02179/configuration.nix b/infra/vm02179/configuration.nix index 7c8e32b..4e3cce9 100644 --- a/infra/vm02179/configuration.nix +++ b/infra/vm02179/configuration.nix @@ -1,5 +1,3 @@ -{ pkgs, ... }: - { imports = [ ../common ]; @@ -12,24 +10,4 @@ nix = { settings.trusted-users = [ "@wheel" ]; }; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - (pkgs.vim_configurable.customize { - name = "vim"; - vimrcConfig.packages.myplugins = with pkgs.vimPlugins; { - start = [ vim-nix ]; # load plugin on startup - }; - vimrcConfig.customRC = '' - " your custom vimrc - set nocompatible - set backspace=indent,eol,start - " Turn on syntax highlighting by default - syntax on - " ... - ''; - }) - wget - ]; } diff --git a/infra/vm02186/procolix-configuration.nix b/infra/vm02186/procolix-configuration.nix index 2919a0e..9cd4bf0 100644 --- a/infra/vm02186/procolix-configuration.nix +++ b/infra/vm02186/procolix-configuration.nix @@ -1,5 +1,3 @@ -{ pkgs, ... }: - { imports = [ ../common ]; @@ -8,24 +6,4 @@ ip4 = "185.206.232.186"; ip6 = "2a00:51c0:12:1201::186"; }; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - (pkgs.vim_configurable.customize { - name = "vim"; - vimrcConfig.packages.myplugins = with pkgs.vimPlugins; { - start = [ vim-nix ]; # load plugin on startup - }; - vimrcConfig.customRC = '' - " your custom vimrc - set nocompatible - set backspace=indent,eol,start - " Turn on syntax highlighting by default - syntax on - " ... - ''; - }) - wget - ]; } diff --git a/infra/vm02187/configuration.nix b/infra/vm02187/configuration.nix index 7687ffb..6aaf946 100644 --- a/infra/vm02187/configuration.nix +++ b/infra/vm02187/configuration.nix @@ -70,24 +70,4 @@ }; users.users.nginx.extraGroups = [ "acme" ]; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - (pkgs.vim_configurable.customize { - name = "vim"; - vimrcConfig.packages.myplugins = with pkgs.vimPlugins; { - start = [ vim-nix ]; # load plugin on startup - }; - vimrcConfig.customRC = '' - " your custom vimrc - set nocompatible - set backspace=indent,eol,start - " Turn on syntax highlighting by default - syntax on - " ... - ''; - }) - wget - ]; } From fca563a98732c6341532030ba8532b7472f8ca11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20=E2=80=9CNiols=E2=80=9D=20Jeannerod?= Date: Wed, 20 Nov 2024 17:00:50 +0100 Subject: [PATCH 6/6] `nix.settings.trusted-users` --- infra/common/users.nix | 2 ++ infra/vm02179/configuration.nix | 4 ---- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/infra/common/users.nix b/infra/common/users.nix index 8bf33ac..098994d 100644 --- a/infra/common/users.nix +++ b/infra/common/users.nix @@ -29,6 +29,8 @@ security.sudo.wheelNeedsPassword = false; + nix.settings.trusted-users = [ "@wheel" ]; + ## FIXME: Remove direct root authentication once NixOps4 supports users with ## password-less sudo. users.root.openssh.authorizedKeys.keys = [ diff --git a/infra/vm02179/configuration.nix b/infra/vm02179/configuration.nix index 4e3cce9..1974593 100644 --- a/infra/vm02179/configuration.nix +++ b/infra/vm02179/configuration.nix @@ -6,8 +6,4 @@ ip4 = "185.206.232.179"; ip6 = "2a00:51c0:12:1201::179"; }; - - nix = { - settings.trusted-users = [ "@wheel" ]; - }; }