richi/znix

Basic Nixos Module

Find a file

Richi Zee 81baf8286b 🗑️ Dev-Server only Tools		2025-12-09 10:22:38 +01:00
app	🗑️ Dev-Server only Tools	2025-12-09 10:22:38 +01:00
config	⬆️ systemd.settings.Manager	2025-11-30 20:06:53 +01:00
desktop	📝 Doc	2025-09-29 22:28:33 +02:00
overlay/nixos-check_mk_agent-overlay	⬆️ Checkmk Server / Agent 2.4.0p9	2025-08-15 23:05:09 +02:00
service	🐛 Dockge Volume Missing	2025-12-07 14:49:00 +01:00
virtualisation	⬆️ Nixos 25.11 - ovmf is default	2025-11-30 20:06:26 +01:00
default.nix	⚡️ Boost Module (untested)	2025-11-18 08:48:56 +01:00
flake.lock	🚀 Beta zNix with Desktop	2025-06-15 14:08:20 +02:00
flake.nix	⬆️ Nixos 25.11 - Flake	2025-11-30 20:19:04 +01:00
options.nix	🔐 add Audit by default	2025-06-15 23:31:08 +02:00
README.md	📝 Readme	2025-06-17 09:12:32 +02:00

README.md

Nixos - zNix

Vorraussetzung

Flakes wurden aktiviert https://nixos.wiki/wiki/flakes
Paket Colmena ist vorhanden nixos colmena https://github.com/zhaofengli/colmena

Anwendung

Alias zur Anwendung:

alias apply_local="colmena apply-local --impure --sudo"
alias apply_remote="colmena apply --impure --on"

Danach kann mit apply_local oder apply_remote hostname der jeweilige Host aktualisiert werden. Flake aktualisieren: nix flake update znix Erneuert die flake.lock.

Options

Preset

Zusammenstellung aus mehreen Optionen:

Desktop Beispiel

znix = {
  preset = "desktop";
  desktops = ["plasma6" "sddm" "xserver"];
};

Die Option preset = "desktop"; ergibt folgende Config:

znix = {
  # Config
  config = {
    basic = true;
    power = true;
    localuser = true;
    bugfix = true;
    shell = true;
  };
  # Services
  service = {
    ssh = {
      enable = true;
      secure = true;
    };
    checkmk_agent = {
      enable = true;
    };
  };
  # Desktop/s
  desktop = {
    sound = true;
  };
  desktops =  [ "xserver" ];
  # Virtualisation
  virtualisation = {
    podman = {
      enable = true;
    };
  };
  # Apps
  apps = [ "basic" "desktop" ];
};

Server-VM Beispiel

znix = {
  preset = "server";
  config = { vm = true; };
};

Die Option preset = "server"; ergibt folgende Config:

znix = {
  # Config
  config = {
    basic = true;
    power = true;
    secure = true;
    localuser = true;
    bugfix = true;
    shell = true;
  };
  # Services
  service = {
    ssh = {
      enable = true;
      secure = true;
    };
    logrotate = { enable = true; };
    checkmk_agent = {
      enable = true;
    };
  };
  # Virtualisation
  virtualisation = {
    podman = {
      enable = true;
    };
  };
  # Apps
  apps =  [ "basic" ];
};

Setup

flake.nix

inputs = {
  nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
  nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
  home-manager.url = "github:nix-community/home-manager/release-25.05";
  home-manager.inputs.nixpkgs.follows = "nixpkgs";
  nixos-hardware.url = "github:NixOS/nixos-hardware";
  # -- Znix --
  znix.url = "git+https://git.zarix.de/richi/znix.git?ref=main";
  znix.inputs.nixpkgs.follows = "nixpkgs";
  znix.inputs.nixpkgs-unstable.follows = "nixpkgs-unstable"; # optional
};

outputs = { nixpkgs, home-manager, nixpkgs-unstable, nixos-hardware, ... }@inputs: {
      # ...
  };

host.nix

imports = [
  ./hardware-configuration.nix
  inputs.home-manager.nixosModules.home-manager
  inputs.znix.nixosModules.znix
  # ...
];

Alternativ without Flakes

{ config, pkgs, ... }:

let
  znixRepo = pkgs.fetchgit {
    url = "https://git.zarix.de/richi/znix.git";
    rev = "main";
     # sha256 = "sha256-Hash-des-Repository-Inhalts"
  };
in
{
  imports = [
    "${znixRepo}/default.nix"
  ];
  # ...
}

Dev

Revision für ein Pakte/Overlay bei Github ermitteln:

nix-prefetch-git https://github.com/Checkmk/checkmk/ --rev refs/tags/v2.2.0p17