nixos-config/flake.nix

316 lines
9.8 KiB
Nix
Raw Normal View History

2021-09-24 06:09:20 +02:00
{
description = "my krops file";
inputs = {
2021-09-25 11:07:09 +02:00
secrets = {
2022-01-15 09:32:59 +01:00
url = "git+ssh://gitea@git.ingolf-wagner.de/palo/nixos-secrets.git?ref=main";
2021-09-25 11:07:09 +02:00
flake = false;
};
2022-12-20 17:11:43 +01:00
nixpkgs.url = "github:nixos/nixpkgs/nixos-22.11";
2023-01-23 20:04:50 +01:00
nixos-hardware = {
url = "github:nixos/nixos-hardware";
inputs.nixpkgs.follows = "nixpkgs";
};
# colmena
2022-06-22 23:06:16 +02:00
# -------
2022-09-23 20:29:18 +02:00
colmena = {
url = "github:zhaofengli/colmena";
inputs.nixpkgs.follows = "nixpkgs";
};
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
2023-01-16 11:21:15 +01:00
nixpkgs-legacy.url = "github:nixos/nixpkgs/nixos-22.05";
polygon-art = {
url = "git+https://git.ingolf-wagner.de/palo/polygon-art.git";
};
sops-nix.url = "github:Mic92/sops-nix";
emacs-overlay = {
url = "github:nix-community/emacs-overlay";
flake = false;
};
doom-emacs-nix = {
url = "github:nix-community/nix-doom-emacs";
inputs.nixpkgs.follows = "nixpkgs";
#inputs.emacs-overlay.follows = "emacs-overlay";
};
home-manager = {
2022-12-20 17:11:43 +01:00
url = "github:nix-community/home-manager/release-22.11";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager-utils = {
url = "github:mrvandalo/home-manager-utils";
inputs.home-manager.follows = "home-manager";
};
nixpkgs-fmt = {
url = "github:nix-community/nixpkgs-fmt";
inputs.nixpkgs.follows = "nixpkgs";
};
grocy-scanner = {
url = "github:mrVanDalo/grocy-scanner";
inputs.nixpkgs.follows = "nixpkgs";
};
2022-12-18 16:46:20 +01:00
permown = {
2022-12-18 17:29:16 +01:00
url = "github:mrVanDalo/module.permown";
2022-12-18 16:46:20 +01:00
#url = "git+file:///home/palo/dev/nixos/permown";
inputs.nixpkgs.follows = "nixpkgs";
};
2022-06-22 23:06:16 +02:00
private_assets = {
2023-04-19 07:31:34 +02:00
url = "git+file:///home/palo/dev/nixos/nixos-private-assets";
#url = "git+ssh://gitea@git.ingolf-wagner.de/palo/nixos-private-assets.git?ref=main";
flake = true;
2022-06-22 23:06:16 +02:00
};
2022-09-29 12:36:36 +02:00
retiolum = {
2023-02-16 21:43:28 +01:00
url = "github:Mic92/retiolum";
#url = "git+file:///home/palo/dev/nixos/retiolum";
2022-09-29 12:36:36 +02:00
};
2022-11-24 13:48:18 +01:00
landingpage = {
#url = "git+file:///home/palo/dev/landingpage";
url = "github:mrVanDalo/landingpage";
2022-10-22 15:01:11 +02:00
};
2023-02-17 11:45:09 +01:00
kmonad = {
url = "github:kmonad/kmonad?dir=nix";
inputs.nixpkgs.follows = "nixpkgs";
};
2021-09-24 06:09:20 +02:00
};
outputs =
{ self
, colmena
, doom-emacs-nix
, emacs-overlay
, grocy-scanner
, home-manager
, home-manager-utils
2023-01-23 20:04:50 +01:00
, nixos-hardware
, nixpkgs
, nixpkgs-fmt
2023-01-16 11:21:15 +01:00
, nixpkgs-legacy
2023-01-23 20:04:50 +01:00
, nixpkgs-unstable
, permown
, polygon-art
2022-06-22 23:06:16 +02:00
, private_assets
, secrets
2022-06-22 23:06:16 +02:00
, sops-nix
2022-09-29 12:36:36 +02:00
, retiolum
2022-11-24 13:48:18 +01:00
, landingpage
2023-02-17 11:45:09 +01:00
, kmonad
}:
2021-09-25 20:28:25 +02:00
let
system = "x86_64-linux";
pkgs = nixpkgs.legacyPackages.${system};
2022-06-23 00:33:59 +02:00
pullNetworkPasswords = pkgs.writers.writeBashBin "pull-network-passwords" ''
2022-06-23 01:03:37 +02:00
# collect all network configurations and save them in the store
sudo ls /etc/NetworkManager/system-connections \
| while read file
do
sudo cat "/etc/NetworkManager/system-connections/$file" \
| ${pkgs.pass}/bin/pass insert -m "krops/desktop_secrets/network-manager/system-connections/$file"
done
2022-06-23 00:33:59 +02:00
'';
pushNetworkPasswords = pkgs.writers.writeBashBin "push-network-passwords" ''
echo "push network passwords to $1"
'';
2021-11-01 09:20:42 +01:00
in
{
# colmena
2022-06-23 00:33:59 +02:00
devShell.${system} =
pkgs.mkShell {
2022-06-23 00:33:59 +02:00
buildInputs = [
colmena.packages.${system}.colmena
pushNetworkPasswords
pullNetworkPasswords
nixpkgs-fmt.defaultPackage.${system}
];
};
2022-06-23 00:33:59 +02:00
colmena =
let
sopsModule = name: { lib, ... }: {
sops.defaultSopsFile = lib.mkForce "${secrets}/secrets/${name}.yaml";
imports = [
sops-nix.nixosModules.sops
];
};
2022-06-23 00:33:59 +02:00
in
{
meta = {
nixpkgs = import nixpkgs {
system = "x86_64-linux";
overlays = [
(_self: _super: {
# we assign the overlay created before to the overlays of nixpkgs.
unstable = nixpkgs-unstable.legacyPackages.${pkgs.system};
2023-01-16 11:21:15 +01:00
legacy = nixpkgs-legacy.legacyPackages.${pkgs.system};
2022-06-23 00:33:59 +02:00
polygon-art = polygon-art.packages.${pkgs.system};
2022-11-24 13:48:18 +01:00
landingpage = landingpage.packages.${pkgs.system}.plain;
2022-06-23 00:33:59 +02:00
})
];
};
specialArgs = {
2023-01-31 15:28:24 +01:00
inherit private_assets;
2023-03-18 08:16:25 +01:00
assets = ./nixos/assets;
2022-06-23 00:33:59 +02:00
};
2022-06-22 23:06:16 +02:00
};
2023-01-18 11:10:21 +01:00
defaults = { name, pkgs, lib, ... }: {
deployment.buildOnTarget = lib.mkDefault true;
2022-06-23 00:33:59 +02:00
nix = {
# no channesl needed this way
nixPath = [ "nixpkgs=${pkgs.path}" ];
# make flakes available
package = pkgs.nixUnstable;
extraOptions = ''
experimental-features = nix-command flakes
'';
settings = {
substituters = [ "https://colmena.cachix.org" ];
trusted-public-keys = [ "colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg=" ];
};
};
2022-06-23 00:33:59 +02:00
environment.systemPackages = [
2022-06-26 12:54:13 +02:00
nixpkgs-fmt.defaultPackage.${system}
colmena.packages.${system}.colmena
2022-06-23 00:33:59 +02:00
];
2023-02-06 14:02:45 +01:00
boot.tmpOnTmpfs = lib.mkDefault true; # make /tmp a tmpfs (performance!)
2022-06-23 00:33:59 +02:00
imports = [
2022-09-20 21:48:36 +02:00
./nixos/machines/${name}/configuration.nix
2022-06-23 00:33:59 +02:00
(sopsModule name)
home-manager.nixosModules.home-manager
2022-12-18 16:46:20 +01:00
permown.nixosModules.permown
2022-06-23 00:33:59 +02:00
];
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
};
2023-02-13 18:40:56 +01:00
cream = { name, nodes, pkgs, ... }: {
deployment.allowLocalDeployment = true;
deployment.targetHost = "${name}.private";
deployment.tags = [ "desktop" "online" "private" ];
imports = [
grocy-scanner.nixosModule
nixos-hardware.nixosModules.framework-12th-gen-intel
#retiolum.nixosModules.retiolum
2023-02-17 11:45:09 +01:00
#kmonad.nixosModules.default
private_assets.nixosModules.jobrad
2023-02-13 18:40:56 +01:00
];
2023-02-17 11:45:09 +01:00
# todo : check out => https://github.com/terlar/nix-config/blob/ad35fbfc20e58626eb9fbd5f67716bc07bb98fc9/home-manager/modules/profiles/user/terje/keyboards.nix
#services.kmonad = {
# enable = false;
# keyboards.laptop-keyboard = {
# name = "laptop-keyboard";
# device = "";
# };
#};
2023-02-13 18:40:56 +01:00
home-manager.users.mainUser = {
imports = [
doom-emacs-nix.hmModule
home-manager-utils.hmModule
];
};
};
2022-06-23 00:33:59 +02:00
sterni = { name, nodes, pkgs, ... }: {
2022-09-20 20:08:53 +02:00
deployment.allowLocalDeployment = true;
2022-06-23 00:33:59 +02:00
deployment.targetHost = "${name}.private";
2022-09-23 20:29:18 +02:00
deployment.tags = [ "desktop" "online" "private" ];
2022-06-23 00:33:59 +02:00
imports = [
grocy-scanner.nixosModule
2023-01-23 20:04:50 +01:00
nixos-hardware.nixosModules.lenovo-thinkpad-x220
2023-01-31 15:28:24 +01:00
retiolum.nixosModules.retiolum
2022-06-23 00:33:59 +02:00
];
2023-01-31 15:28:24 +01:00
2022-06-23 00:33:59 +02:00
home-manager.users.mainUser = {
imports = [
doom-emacs-nix.hmModule
home-manager-utils.hmModule
];
};
};
2022-06-23 00:33:59 +02:00
2022-06-23 08:39:18 +02:00
sternchen = { name, nodes, pkgs, ... }: {
deployment.targetHost = "${name}.secret";
deployment.tags = [ "desktop" ];
imports = [
grocy-scanner.nixosModule
];
home-manager.users.mainUser = {
imports = [
doom-emacs-nix.hmModule
home-manager-utils.hmModule
];
2022-06-23 09:51:30 +02:00
programs.doom-emacs.enable = false;
2022-06-23 08:39:18 +02:00
};
};
2022-06-23 00:33:59 +02:00
pepe = { name, nodes, pkgs, ... }: {
deployment.targetHost = "${name}.private";
2022-09-23 20:29:18 +02:00
deployment.tags = [ "server" "online" "private" ];
imports = [
2022-06-23 00:33:59 +02:00
grocy-scanner.nixosModule
2023-01-23 20:04:50 +01:00
nixos-hardware.nixosModules.lenovo-thinkpad-x220
];
};
2022-06-23 00:53:29 +02:00
robi = { name, nodes, pkgs, ... }: {
2022-10-19 13:16:24 +02:00
deployment.targetHost = "${name}.private";
2022-09-23 20:29:18 +02:00
deployment.tags = [ "server" "online" "private" ];
2022-12-18 16:46:20 +01:00
imports = [
2023-01-23 20:04:50 +01:00
nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-gpu-intel
2022-12-18 16:46:20 +01:00
];
2023-03-13 09:47:33 +01:00
home-manager.users.root = {
2023-03-18 08:16:25 +01:00
home.stateVersion = "22.11";
2023-03-13 09:47:33 +01:00
imports = [
doom-emacs-nix.hmModule
];
programs.doom-emacs = {
enable = true;
emacsPackage = pkgs.emacs-nox;
doomPrivateDir = ./doom.d;
};
};
2022-06-23 00:53:29 +02:00
};
2022-10-19 13:16:24 +02:00
bobi = { name, nodes, pkgs, ... }: {
2023-01-18 11:10:21 +01:00
deployment.targetHost = "${name}.private";
deployment.buildOnTarget = false;
2022-10-19 13:16:24 +02:00
deployment.tags = [ "desktop" "usb" "private" ];
imports = [
grocy-scanner.nixosModule
];
home-manager.users.mainUser = {
imports = [
doom-emacs-nix.hmModule
home-manager-utils.hmModule
];
};
};
2022-09-23 20:29:18 +02:00
mobi = { name, nodes, pkgs, ... }: {
deployment.targetHost = "${name}.private";
2023-01-18 11:10:21 +01:00
deployment.buildOnTarget = false;
2022-09-23 20:29:18 +02:00
deployment.tags = [ "desktop" "usb" "private" ];
imports = [
grocy-scanner.nixosModule
];
home-manager.users.mainUser = {
imports = [
doom-emacs-nix.hmModule
home-manager-utils.hmModule
];
};
};
};
2021-09-25 20:28:25 +02:00
};
2021-09-24 06:09:20 +02:00
}