Cloonar/nixos
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

feat: dev fix mkcert and ddev reachability

Browse source
This commit is contained in:
Dominik Polakovics Polakovics 2026-02-01 14:03:32 +01:00
parent 6d7db643bc
commit 91fabfe857
4 changed files with 67 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

1
hosts/dev/channel Normal file
View file

@ -0,0 +1 @@
https://channels.nixos.org/nixos-25.11

50
hosts/dev/configuration.nix
View file

@ -1,17 +1,17 @@
{ config, lib, pkgs, ... }:
let
# === CONFIGURABLE SETTINGS ===
projectsDir = "projects"; # Relative to /home/dominik
repositories = [
{ url = "gitea@git.cloonar.com:Cloonar/wohnservice-wien-typo3.git"; path = "projects/cloonar/wohnservice-wien"}
{ url = "gitea@git.cloonar.com:Cloonar/wohnservice-wien-typo3.git"; path = "cloonar/wohnservice-wien"; }
# Add repos here: { url = "git@..."; path = "relative/path"; }
];
# === END CONFIGURABLE ===
cloneScript = pkgs.writeShellScript "clone-repos" ''
set -eu
export PATH="${pkgs.openssh}/bin:$PATH"
export GIT_SSH_COMMAND="${pkgs.openssh}/bin/ssh"
HOME_DIR="/home/dominik"
PROJECTS_DIR="$HOME_DIR/${projectsDir}"
@ -20,7 +20,7 @@ let
${lib.concatMapStrings (repo: ''
if [ ! -d "$PROJECTS_DIR/${repo.path}" ]; then
${pkgs.sudo}/bin/sudo -u dominik ${pkgs.git}/bin/git clone ${repo.url} "$PROJECTS_DIR/${repo.path}" || true
${pkgs.sudo}/bin/sudo -u dominik -E ${pkgs.git}/bin/git clone ${repo.url} "$PROJECTS_DIR/${repo.path}" || true
fi
'') repositories}
'';
@ -31,12 +31,17 @@ in
];
networking.hostName = "dev";
networking.firewall = {
enable = true;
allowedTCPPorts = [ 22 80 443 ];
};
system.stateVersion = "22.05";
time.timeZone = "Europe/Vienna";
# User configuration
users.users.dominik = {
isNormalUser = true;
uid = 1000;
home = "/home/dominik";
extraGroups = [ "wheel" "docker" ];
openssh.authorizedKeys.keys = [
@ -50,6 +55,22 @@ in
programs.zsh.enable = true;
users.defaultUserShell = pkgs.zsh;
# Auto-attach to tmux on SSH login
environment.interactiveShellInit = ''
if [[ -n "$SSH_CONNECTION" ]] && [[ -z "$TMUX" ]]; then
tmux attach-session -t main 2>/dev/null || tmux new-session -s main
fi
'';
# Passwordless sudo for dominik
security.sudo.extraRules = [{
users = [ "dominik" ];
commands = [{
command = "ALL";
options = [ "NOPASSWD" ];
}];
}];
# Clone repos as dominik user on boot
systemd.services.clone-repos = {
description = "Clone configured git repositories";
@ -62,4 +83,25 @@ in
RemainAfterExit = true;
};
};
# Create ddev global config to bind on all interfaces (allows access from other devices)
systemd.services.ddev-config = {
description = "Create ddev global config";
after = [ "local-fs.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
User = "dominik";
Group = "users";
};
script = ''
mkdir -p /home/dominik/.ddev
if [ ! -f /home/dominik/.ddev/global_config.yaml ]; then
cat > /home/dominik/.ddev/global_config.yaml << 'EOF'
router_bind_all_interfaces: true
EOF
fi
'';
};
}

21
hosts/dev/modules/dev-tools.nix
View file

@ -1,7 +1,7 @@
{ pkgs, ... }:
{
nixpkgs.overlays = [
(import ../../utils/overlays/packages.nix)
(import ../utils/overlays/packages.nix)
];
environment.systemPackages = with pkgs; [
@ -10,6 +10,8 @@
docker-compose
git
git-lfs
mkcert
screen
# PHP
php
@ -27,9 +29,24 @@
wget
curl
htop
tmux
];
# Persistent SSH sessions with tmux
programs.tmux = {
enable = true;
clock24 = true;
historyLimit = 50000;
terminal = "screen-256color";
extraConfig = ''
# Enable mouse support
set -g mouse on
# Start windows and panes at 1, not 0
set -g base-index 1
setw -g pane-base-index 1
'';
};
# Docker for ddev
virtualisation.docker.enable = true;
users.users.dominik.extraGroups = [ "docker" ];

1
hosts/dev/utils Symbolic link
View file

@ -0,0 +1 @@
../../utils