2021-09-24 06:09:20 +02:00
|
|
|
{
|
|
|
|
inputs = {
|
2023-04-29 23:29:05 +02:00
|
|
|
|
2021-09-25 11:07:09 +02:00
|
|
|
secrets = {
|
2022-01-15 09:32:59 +01:00
|
|
|
url = "git+ssh://gitea@git.ingolf-wagner.de/palo/nixos-secrets.git?ref=main";
|
2021-09-25 11:07:09 +02:00
|
|
|
flake = false;
|
|
|
|
};
|
2023-06-29 10:08:09 +02:00
|
|
|
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
2023-06-30 00:14:18 +02:00
|
|
|
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
|
2023-06-29 18:02:42 +02:00
|
|
|
nixpkgs-legacy_2211.url = "github:nixos/nixpkgs/nixos-22.11";
|
2023-06-29 10:08:09 +02:00
|
|
|
nixpkgs-legacy_2205.url = "github:nixos/nixpkgs/nixos-22.05";
|
|
|
|
nixpkgs-legacy_2105.url = "github:nixos/nixpkgs/nixos-21.05";
|
2023-06-30 00:14:18 +02:00
|
|
|
nixos-hardware.url = "github:nixos/nixos-hardware";
|
2023-06-29 10:08:09 +02:00
|
|
|
home-manager = {
|
|
|
|
url = "github:nix-community/home-manager/release-23.05";
|
|
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
|
|
};
|
2022-06-22 21:54:57 +02:00
|
|
|
polygon-art = {
|
|
|
|
url = "git+https://git.ingolf-wagner.de/palo/polygon-art.git";
|
|
|
|
};
|
|
|
|
sops-nix.url = "github:Mic92/sops-nix";
|
|
|
|
emacs-overlay = {
|
|
|
|
url = "github:nix-community/emacs-overlay";
|
|
|
|
flake = false;
|
|
|
|
};
|
|
|
|
doom-emacs-nix = {
|
|
|
|
url = "github:nix-community/nix-doom-emacs";
|
|
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
|
|
#inputs.emacs-overlay.follows = "emacs-overlay";
|
|
|
|
};
|
|
|
|
home-manager-utils = {
|
|
|
|
url = "github:mrvandalo/home-manager-utils";
|
|
|
|
inputs.home-manager.follows = "home-manager";
|
|
|
|
};
|
|
|
|
nixpkgs-fmt = {
|
|
|
|
url = "github:nix-community/nixpkgs-fmt";
|
|
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
|
|
};
|
|
|
|
grocy-scanner = {
|
|
|
|
url = "github:mrVanDalo/grocy-scanner";
|
|
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
|
|
};
|
2022-12-18 16:46:20 +01:00
|
|
|
permown = {
|
2022-12-18 17:29:16 +01:00
|
|
|
url = "github:mrVanDalo/module.permown";
|
2022-12-18 16:46:20 +01:00
|
|
|
#url = "git+file:///home/palo/dev/nixos/permown";
|
|
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
|
|
};
|
2022-06-22 23:06:16 +02:00
|
|
|
private_assets = {
|
2023-06-29 10:08:09 +02:00
|
|
|
#url = "git+file:///home/palo/dev/nixos/nixos-private-assets";
|
|
|
|
url = "git+ssh://gitea@git.ingolf-wagner.de/palo/nixos-private-assets.git?ref=main";
|
2023-03-07 16:21:46 +01:00
|
|
|
flake = true;
|
2022-06-22 23:06:16 +02:00
|
|
|
};
|
2022-09-29 12:36:36 +02:00
|
|
|
retiolum = {
|
2023-02-16 21:43:28 +01:00
|
|
|
url = "github:Mic92/retiolum";
|
|
|
|
#url = "git+file:///home/palo/dev/nixos/retiolum";
|
2022-09-29 12:36:36 +02:00
|
|
|
};
|
2022-11-24 13:48:18 +01:00
|
|
|
landingpage = {
|
|
|
|
#url = "git+file:///home/palo/dev/landingpage";
|
|
|
|
url = "github:mrVanDalo/landingpage";
|
2022-10-22 15:01:11 +02:00
|
|
|
};
|
2023-02-17 11:45:09 +01:00
|
|
|
kmonad = {
|
|
|
|
url = "github:kmonad/kmonad?dir=nix";
|
|
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
|
|
};
|
2023-04-29 23:29:05 +02:00
|
|
|
disko = {
|
|
|
|
url = "github:nix-community/disko";
|
|
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
|
|
};
|
2023-06-13 19:58:51 +02:00
|
|
|
#dns = {
|
|
|
|
# url = "github:kirelagin/dns.nix";
|
|
|
|
# inputs.nixpkgs.follows = "nixpkgs";
|
|
|
|
#};
|
2023-06-30 00:14:18 +02:00
|
|
|
nixinate.url = "github:matthewcroughan/nixinate";
|
|
|
|
|
|
|
|
# For accessing `deploy-rs`'s utility Nix functions
|
|
|
|
deploy-rs.url = "github:serokell/deploy-rs";
|
|
|
|
|
2021-09-24 06:09:20 +02:00
|
|
|
};
|
|
|
|
|
2022-06-22 21:54:57 +02:00
|
|
|
outputs =
|
|
|
|
{ self
|
2023-04-29 23:29:05 +02:00
|
|
|
, disko
|
2023-06-13 20:42:58 +02:00
|
|
|
#, dns
|
2023-06-30 00:14:18 +02:00
|
|
|
, deploy-rs
|
2022-06-22 21:54:57 +02:00
|
|
|
, doom-emacs-nix
|
|
|
|
, emacs-overlay
|
|
|
|
, grocy-scanner
|
|
|
|
, home-manager
|
|
|
|
, home-manager-utils
|
2023-06-13 19:58:51 +02:00
|
|
|
, kmonad
|
|
|
|
, landingpage
|
2023-06-30 00:14:18 +02:00
|
|
|
, nixinate
|
2023-01-23 20:04:50 +01:00
|
|
|
, nixos-hardware
|
2022-06-22 21:54:57 +02:00
|
|
|
, nixpkgs
|
|
|
|
, nixpkgs-fmt
|
2023-06-29 10:08:09 +02:00
|
|
|
, nixpkgs-legacy_2105
|
|
|
|
, nixpkgs-legacy_2205
|
2023-06-30 00:14:18 +02:00
|
|
|
, nixpkgs-legacy_2211
|
2023-01-23 20:04:50 +01:00
|
|
|
, nixpkgs-unstable
|
|
|
|
, permown
|
2022-06-22 21:54:57 +02:00
|
|
|
, polygon-art
|
2022-06-22 23:06:16 +02:00
|
|
|
, private_assets
|
2023-04-29 23:29:05 +02:00
|
|
|
, retiolum
|
2022-06-22 21:54:57 +02:00
|
|
|
, secrets
|
2022-06-22 23:06:16 +02:00
|
|
|
, sops-nix
|
2022-06-22 21:54:57 +02:00
|
|
|
}:
|
2021-09-25 20:28:25 +02:00
|
|
|
let
|
|
|
|
system = "x86_64-linux";
|
2023-06-30 00:14:18 +02:00
|
|
|
|
2021-09-25 20:28:25 +02:00
|
|
|
pkgs = nixpkgs.legacyPackages.${system};
|
2023-06-30 00:14:18 +02:00
|
|
|
inherit (nixpkgs) lib;
|
|
|
|
|
|
|
|
nixosSystem = args:
|
|
|
|
(lib.makeOverridable lib.nixosSystem)
|
|
|
|
(lib.recursiveUpdate args {
|
|
|
|
modules =
|
|
|
|
args.modules
|
|
|
|
++ [
|
|
|
|
{
|
|
|
|
config.nixpkgs.pkgs = lib.mkDefault args.pkgs;
|
|
|
|
config.nixpkgs.localSystem = lib.mkDefault args.pkgs.stdenv.hostPlatform;
|
|
|
|
}
|
|
|
|
];
|
|
|
|
});
|
|
|
|
|
2022-06-23 00:33:59 +02:00
|
|
|
|
|
|
|
pullNetworkPasswords = pkgs.writers.writeBashBin "pull-network-passwords" ''
|
2022-06-23 01:03:37 +02:00
|
|
|
# collect all network configurations and save them in the store
|
|
|
|
sudo ls /etc/NetworkManager/system-connections \
|
|
|
|
| while read file
|
|
|
|
do
|
|
|
|
sudo cat "/etc/NetworkManager/system-connections/$file" \
|
|
|
|
| ${pkgs.pass}/bin/pass insert -m "krops/desktop_secrets/network-manager/system-connections/$file"
|
|
|
|
done
|
2022-06-23 00:33:59 +02:00
|
|
|
'';
|
|
|
|
pushNetworkPasswords = pkgs.writers.writeBashBin "push-network-passwords" ''
|
|
|
|
echo "push network passwords to $1"
|
|
|
|
'';
|
2023-06-30 00:14:18 +02:00
|
|
|
|
|
|
|
meta = rec {
|
|
|
|
system = "x86_64-linux";
|
|
|
|
pkgs = import nixpkgs {
|
|
|
|
inherit system;
|
|
|
|
config.allowUnfree = true;
|
|
|
|
config.permittedInsecurePackages = [ "python-2.7.18.6" ];
|
|
|
|
overlays = [
|
|
|
|
(_self: _super: {
|
|
|
|
unstable = import nixpkgs-unstable {
|
|
|
|
inherit system;
|
|
|
|
config.allowUnfree = true;
|
|
|
|
};
|
|
|
|
legacy_2211 = import nixpkgs-legacy_2211 {
|
|
|
|
inherit system;
|
|
|
|
};
|
|
|
|
legacy_2205 = import nixpkgs-legacy_2205 {
|
|
|
|
inherit system;
|
|
|
|
};
|
|
|
|
legacy_2105 = nixpkgs-legacy_2105 {
|
|
|
|
inherit system;
|
|
|
|
};
|
|
|
|
polygon-art = polygon-art.packages.${pkgs.system};
|
|
|
|
landingpage = landingpage.packages.${pkgs.system}.plain;
|
|
|
|
trilium-server = nixpkgs-unstable.legacyPackages.${pkgs.system}.trilium-server;
|
|
|
|
kmonad = kmonad.packages.${pkgs.system}.kmonad;
|
|
|
|
#deploy-rs = deploy-rs.packages.${system}.deploy-rs;
|
|
|
|
})
|
|
|
|
(import ./nixos/pkgs)
|
2022-06-23 00:33:59 +02:00
|
|
|
];
|
2022-06-22 21:54:57 +02:00
|
|
|
};
|
2023-06-30 00:14:18 +02:00
|
|
|
specialArgs = {
|
|
|
|
inherit private_assets;
|
|
|
|
assets = ./nixos/assets;
|
|
|
|
};
|
|
|
|
};
|
2022-06-22 21:54:57 +02:00
|
|
|
|
2023-06-30 00:14:18 +02:00
|
|
|
defaultModules = [
|
|
|
|
({ pkgs, lib, ... }:
|
|
|
|
{
|
2022-06-23 00:33:59 +02:00
|
|
|
nix = {
|
|
|
|
# no channesl needed this way
|
|
|
|
nixPath = [ "nixpkgs=${pkgs.path}" ];
|
|
|
|
# make flakes available
|
|
|
|
package = pkgs.nixUnstable;
|
|
|
|
extraOptions = ''
|
|
|
|
experimental-features = nix-command flakes
|
|
|
|
'';
|
2022-06-22 21:54:57 +02:00
|
|
|
};
|
2023-06-30 00:14:18 +02:00
|
|
|
boot.tmp.useTmpfs = lib.mkDefault true;
|
|
|
|
environment.systemPackages = [ nixpkgs-fmt.defaultPackage.${system} ];
|
2022-06-23 00:33:59 +02:00
|
|
|
imports = [
|
2023-06-30 00:14:18 +02:00
|
|
|
#./nixos/machines/${name}/configuration.nix
|
|
|
|
#(sopsModule name)
|
2022-06-23 00:33:59 +02:00
|
|
|
home-manager.nixosModules.home-manager
|
2022-12-18 16:46:20 +01:00
|
|
|
permown.nixosModules.permown
|
2023-04-29 23:29:05 +02:00
|
|
|
disko.nixosModules.disko
|
2023-06-30 00:14:18 +02:00
|
|
|
kmonad.nixosModules.default
|
2023-06-09 01:24:53 +02:00
|
|
|
{ nix.settings.substituters = [ "https://cache.nixos.org/" ]; }
|
2022-06-23 00:33:59 +02:00
|
|
|
];
|
|
|
|
home-manager.useGlobalPkgs = true;
|
|
|
|
home-manager.useUserPackages = true;
|
2023-06-30 00:14:18 +02:00
|
|
|
})
|
|
|
|
];
|
2022-06-22 21:54:57 +02:00
|
|
|
|
2023-06-30 00:14:18 +02:00
|
|
|
sopsModule = name: { lib, ... }: {
|
|
|
|
sops.defaultSopsFile = lib.mkForce "${secrets}/secrets/${name}.yaml";
|
|
|
|
imports = [
|
|
|
|
sops-nix.nixosModules.sops
|
|
|
|
];
|
|
|
|
};
|
2023-02-13 18:40:56 +01:00
|
|
|
|
2023-06-30 00:14:18 +02:00
|
|
|
in
|
|
|
|
{
|
|
|
|
devShells.${system}.default =
|
|
|
|
pkgs.mkShell {
|
|
|
|
buildInputs = [
|
|
|
|
pushNetworkPasswords
|
|
|
|
pullNetworkPasswords
|
|
|
|
nixpkgs-fmt.defaultPackage.${system}
|
|
|
|
#deploy-rs.packages.${system}.deploy-rs
|
|
|
|
];
|
|
|
|
};
|
2023-01-31 15:28:24 +01:00
|
|
|
|
2023-06-30 00:14:18 +02:00
|
|
|
#deploy.nodes.cream.profiles.system = {
|
|
|
|
# user = "root";
|
|
|
|
# path = meta.deployPkgs.deploy-rs.lib.activate.nixos self.nixosConfigurations.cream;
|
|
|
|
#};
|
2022-06-23 00:33:59 +02:00
|
|
|
|
2023-06-30 00:14:18 +02:00
|
|
|
# This is highly advised, and will prevent many possible mistakes
|
|
|
|
# checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
|
2022-06-23 08:39:18 +02:00
|
|
|
|
2023-06-30 00:14:18 +02:00
|
|
|
apps = nixinate.nixinate.x86_64-linux self;
|
2022-06-22 21:54:57 +02:00
|
|
|
|
2023-06-30 00:14:18 +02:00
|
|
|
#packages = with nixpkgs.lib; {
|
|
|
|
# "x86_64-linux" = (mapAttrs'
|
|
|
|
# (host: sys: {
|
|
|
|
# name = "vm-${host}";
|
|
|
|
# value = sys.config.system.build.vm;
|
|
|
|
# })
|
|
|
|
# self.nixosConfigurations) // (mapAttrs'
|
|
|
|
# (host: sys: {
|
|
|
|
# name = "sd-${host}";
|
|
|
|
# value = sys.config.system.build.sdImage;
|
|
|
|
# })
|
|
|
|
# (filterAttrs
|
|
|
|
# (n: hasAttrByPath [ "config" "system" "build" "sdImage" ])
|
|
|
|
# self.nixosConfigurations));
|
|
|
|
#};
|
2023-04-29 23:29:05 +02:00
|
|
|
|
2023-06-30 00:14:18 +02:00
|
|
|
nixosConfigurations = {
|
|
|
|
cream = nixosSystem {
|
|
|
|
inherit (meta) system specialArgs;
|
|
|
|
pkgs = meta.pkgs;
|
|
|
|
modules = defaultModules ++ [
|
|
|
|
{
|
|
|
|
_module.args.nixinate = {
|
|
|
|
host = "cream.private";
|
|
|
|
sshUser = "root";
|
|
|
|
buildOn = "remote"; # valid args are "local" or "remote"
|
|
|
|
substituteOnTarget = true; # if buildOn is "local" then it will substitute on the target, "-s"
|
|
|
|
hermetic = false;
|
2023-03-13 09:47:33 +01:00
|
|
|
};
|
2023-06-30 00:14:18 +02:00
|
|
|
}
|
|
|
|
{
|
|
|
|
# make flake inputs accessiable in NixOS
|
|
|
|
_module.args.self = self;
|
|
|
|
_module.args.inputs = self.inputs;
|
|
|
|
}
|
|
|
|
{
|
2022-10-19 13:16:24 +02:00
|
|
|
imports = [
|
2023-06-30 00:14:18 +02:00
|
|
|
./nixos/machines/cream/configuration.nix
|
|
|
|
(sopsModule "cream")
|
|
|
|
grocy-scanner.nixosModule
|
|
|
|
nixos-hardware.nixosModules.framework-12th-gen-intel
|
|
|
|
private_assets.nixosModules.jobrad
|
|
|
|
retiolum.nixosModules.retiolum
|
2022-10-19 13:16:24 +02:00
|
|
|
];
|
2023-06-30 00:14:18 +02:00
|
|
|
home-manager.users.mainUser.imports = [
|
2022-09-23 20:29:18 +02:00
|
|
|
doom-emacs-nix.hmModule
|
|
|
|
home-manager-utils.hmModule
|
|
|
|
];
|
2023-06-30 00:14:18 +02:00
|
|
|
}
|
|
|
|
];
|
2022-06-22 21:54:57 +02:00
|
|
|
};
|
2023-06-30 00:14:18 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
2021-09-25 20:28:25 +02:00
|
|
|
};
|
2021-09-24 06:09:20 +02:00
|
|
|
}
|
2022-06-22 21:54:57 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|