MODEL/usda-dash-config
5
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
65 Commits 1 Branch 0 Tags
main
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

USDA Dashboard System Configuration

External NixOS module configuration for the usda-dash LXC container.

Overview

This repository contains the system configuration for the USDA Dashboard, managed as an external module for the nixos-systems fleet.

Usage

From nixos-systems inventory.nix

Replace the inline configuration with this external module:

nix-lxc = {
  devices = {
    "usda-dash" = builtins.fetchGit {
      url = "https://github.com/UGA-Innovation-Factory/usda-dash-config";
      rev = "abc123...";  # Commit hash for reproducibility
    };
  };
  overrides = {
    athenix.host.useHostPrefix = false;
    extraUsers = [ "sv22900" "hdh20267" ];  # Users remain in inventory
  };
};

Local Development

For testing changes locally before pushing:

nix-lxc = {
  devices = {
    "usda-dash" = /path/to/local/usda-dash-config;
  };
};

Configuration Structure

usda-dash-config/
├── default.nix          # Main module configuration
├── README.md           # This file
└── services/           # Optional: Additional service modules

Module Contents

The default.nix module includes:

  • Base system packages
  • SSH configuration
  • Service configurations (nginx, postgresql, etc.)
  • Firewall rules
  • Dashboard-specific settings

Integration

This module:

  • Receives the same flake inputs as nixos-systems (nixpkgs, home-manager, etc.)
  • Can use athenix.* options from the host type module
  • Is merged with inventory.nix overrides and extraUsers
  • Works with all build methods (LXC, Proxmox, ISO)

Development Workflow

  1. Make changes to default.nix
  2. Test locally by pointing inventory.nix to local path
  3. Build: nix build .#nixosConfigurations.usda-dash.config.system.build.toplevel
  4. Commit and push changes
  5. Update inventory.nix with new commit hash

Important Notes

Avoiding Configuration Conflicts

External modules should generally not override settings that are already defined by the host type modules (like nix-lxc). The host type already configures:

  • SSH settings
  • Basic services
  • Networking

Your external module should focus on:

  • Application-specific packages
  • Custom services unique to your application
  • Application configuration files

If you need to override host type settings, use lib.mkForce:

services.openssh.settings.PermitRootLogin = lib.mkForce "no";

Deployment

After updating the configuration:

cd /path/to/nixos-systems
# Update the rev in inventory.nix to the new commit hash
# Nix will automatically fetch the new version
nix flake check  # Verify the configuration
./deploy usda-dash

To force Nix to re-fetch (if you've updated the same commit):

rm -rf ~/.cache/nix/gitv3/*
nix flake check --refresh
Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 227 KiB
Languages
Nix 100%