From 7ddf6d9f21d609569c1a740790f9c08be0abfb9e Mon Sep 17 00:00:00 2001 From: Ingolf Wagner Date: Wed, 17 Apr 2024 21:30:19 +0200 Subject: [PATCH] clan.lol --- flake.nix | 231 +++++++++++++++++++++++++++++------------------------- 1 file changed, 126 insertions(+), 105 deletions(-) diff --git a/flake.nix b/flake.nix index 73eeab4..1a33e7c 100644 --- a/flake.nix +++ b/flake.nix @@ -5,6 +5,16 @@ url = "git+ssh://gitea@git.ingolf-wagner.de/palo/nixos-secrets.git?ref=main"; flake = false; }; + + flake-parts.url = "github:hercules-ci/flake-parts"; + flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs"; + + clan-core = { + url = "git+https://git.clan.lol/clan/clan-core"; + inputs.nixpkgs.follows = "nixpkgs"; # Needed if your configuration uses nixpkgs unstable. + inputs.flake-parts.follows = "flake-parts"; + }; + nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-legacy_2305.url = "github:nixos/nixpkgs/nixos-23.05"; @@ -90,10 +100,12 @@ }; outputs = - { self + inputs@{ self + , clan-core , disko , dns , doom-emacs-nix + , flake-parts , grocy-scanner , home-manager , home-manager-utils @@ -115,23 +127,23 @@ , private_assets , retiolum , secrets - , srvos - , srvos_nixpkgs , smoke , sops-nix + , srvos + , srvos_nixpkgs , stylix , taskshell }: - let - system = "x86_64-linux"; - pkgs = nixpkgs.legacyPackages.${system}; + let + #system = "x86_64-linux"; + + #pkgs = nixpkgs.legacyPackages.${system}; inherit (nixpkgs) lib; - - meta = { nixpackages ? nixpkgs }: rec { + meta = rec { system = "x86_64-linux"; - pkgs = import nixpackages { + pkgs = import nixpkgs { inherit system; config.allowUnfree = true; config.permittedInsecurePackages = [ @@ -165,41 +177,24 @@ inherit private_assets; assets = ./nixos/assets; }; + }; - # todo : why redefine it? - # Mic92 means, is not needed anymore - nixosSystem = args: - (lib.makeOverridable lib.nixosSystem) - (lib.recursiveUpdate args { - modules = - args.modules - ++ [ - { - config.nixpkgs.pkgs = lib.mkDefault args.pkgs; - config.nixpkgs.localSystem = lib.mkDefault args.pkgs.stdenv.hostPlatform; - } - ]; - }); - - nixosConfigurationSetup = + clanSetup = { name - , host ? "${name}.private" + , host , modules - , nixpackages ? nixpkgs - }: - nixosSystem { - inherit (meta { nixpackages = nixpackages; }) system specialArgs pkgs; - modules = modules ++ defaultModules ++ [ - { - _module.args.nixinate = { - host = host; - sshUser = "root"; - buildOn = "remote"; # valid args are "local" or "remote" - substituteOnTarget = false; # if buildOn is "local" then it will substitute on the target, "-s" - hermetic = false; - }; - } + #, nixpackages ? meta.nixpkgs + }: { + + clan.networking.targetHost = lib.mkDefault "root@${host}"; + clanCore.machineIcon = null; # Optional, a path to an image file + + #nixpkgs.pkgs = nixpackages; + nixpkgs.pkgs = meta.pkgs; + nixpkgs.hostPlatform = meta.system; + + imports = modules ++ defaultModules ++ [ { imports = [ ./nixos/machines/${name}/configuration.nix @@ -210,39 +205,32 @@ }; defaultModules = [ - { - # todo : find out what this is? - # make flake inputs accessiable in NixOS - _module.args.self = self; - _module.args.inputs = self.inputs; - } - ({ pkgs, lib, ... }: - { - # todo : check if this is still needed - nix = { - # no channesl needed this way - nixPath = [ "nixpkgs=${pkgs.path}" ]; - # make flakes available - package = pkgs.nixUnstable; - extraOptions = '' - experimental-features = nix-command flakes - ''; - }; - }) + ({ pkgs, lib, ... }: { + # todo : check if this is still needed + nix = { + # no channesl needed this way + nixPath = [ "nixpkgs=${pkgs.path}" ]; + # make flakes available + package = pkgs.nixUnstable; + extraOptions = '' + experimental-features = nix-command flakes + ''; + }; + }) { nix.settings.substituters = [ "https://cache.nixos.org/" ]; } - { + ({ pkgs, ... }: { boot.tmp.useTmpfs = lib.mkDefault true; - environment.systemPackages = [ nixpkgs-fmt.defaultPackage.${system} ]; + environment.systemPackages = [ nixpkgs-fmt.defaultPackage.${pkgs.system} ]; imports = [ permown.nixosModules.permown disko.nixosModules.disko kmonad.nixosModules.default grocy-scanner.nixosModule ]; - } + }) ]; - homeManagerModules = { config, ... }: { + homeManagerModules = { pkgs, config, ... }: { imports = [ home-manager.nixosModules.home-manager stylix.nixosModules.stylix @@ -280,56 +268,42 @@ }; sopsModule = name: { lib, ... }: { - imports = [ sops-nix.nixosModules.sops ]; + #imports = [ sops-nix.nixosModules.sops ]; sops.defaultSopsFile = lib.mkForce "${secrets}/secrets/${name}.yaml"; }; in - { - devShells.${system}.default = - pkgs.mkShell { - buildInputs = [ - nixpkgs-fmt.defaultPackage.${system} - nixos-anywhere.packages.${system}.nixos-anywhere - ]; - }; - apps = nixinate.nixinate.x86_64-linux self; + flake-parts.lib.mkFlake { inherit inputs; } ({ self, pkgs, ... }: { + # We define our own systems below. you can still use this to add system specific outputs to your flake. + # See: https://flake.parts/getting-started + systems = [ ]; - packages = with nixpkgs.lib; { - ${system} = - let - vms = mapAttrs' - (host: sys: { - name = "vm-${host}"; - value = sys.config.system.build.vm; - }) - self.nixosConfigurations; - sds = mapAttrs' - (host: sys: { - name = "sd-${host}"; - value = sys.config.system.build.sdImage; - }) - (filterAttrs - (n: hasAttrByPath [ "config" "system" "build" "sdImage" ]) - self.nixosConfigurations); - in - vms // sds; - }; + # import clan-core modules + imports = [ + clan-core.flakeModules.default + ]; - nixosConfigurations = - { - sternchen = nixosConfigurationSetup { + # Define your clan + clan = { + # Clan wide settings. (Required) + clanName = "gummybears"; # Ensure to choose a unique name. + specialArgs = meta.specialArgs; + + machines = { + sternchen = clanSetup { name = "sternchen"; - host = "sternchen.secret"; - #host = "192.168.178.25"; + host = "sternchen.secure"; modules = [ nixos-hardware.nixosModules.lenovo-thinkpad-x220 homeManagerModules ]; }; - cream = nixosConfigurationSetup { + + cream = clanSetup { name = "cream"; + #host = "1.2.3.4"; + host = "cream.private"; modules = [ nixos-hardware.nixosModules.framework-12th-gen-intel retiolum.nixosModules.retiolum @@ -342,8 +316,10 @@ } ]; }; - cherry = nixosConfigurationSetup { + + cherry = clanSetup { name = "cherry"; + host = "cherry.private"; modules = [ nixos-hardware.nixosModules.framework-13th-gen-intel homeManagerModules @@ -354,8 +330,10 @@ } ]; }; - chungus = nixosConfigurationSetup { + + chungus = clanSetup { name = "chungus"; + host = "chungus.private"; modules = [ homeManagerModules retiolum.nixosModules.retiolum @@ -365,9 +343,10 @@ } ]; }; - orbi = nixosConfigurationSetup { + + orbi = clanSetup { name = "orbi"; - host = "95.216.66.212"; + host = "orbi.private"; modules = [ homeManagerModules srvos.nixosModules.hardware-hetzner-online-intel @@ -380,8 +359,10 @@ } ]; }; - robi = nixosConfigurationSetup { + + robi = clanSetup { name = "robi"; + host = "robi.private"; modules = [ homeManagerModules { home-manager.sharedModules = [{ programs.doom-emacs.enable = false; }]; } @@ -392,6 +373,46 @@ ]; }; }; - }; + + }; + + }); + } + +# devShells.${system}.default = +# pkgs.mkShell { +# buildInputs = [ +# nixpkgs-fmt.defaultPackage.${system} +# nixos-anywhere.packages.${system}.nixos-anywhere +# ]; +# }; + +#apps = nixinate.nixinate.x86_64-linux self; + +# packages = with nixpkgs.lib; { +# ${system} = +# let +# vms = mapAttrs' +# (host: sys: { +# name = "vm-${host}"; +# value = sys.config.system.build.vm; +# }) +# self.nixosConfigurations; +# sds = mapAttrs' +# (host: sys: { +# name = "sd-${host}"; +# value = sys.config.system.build.sdImage; +# }) +# (filterAttrs +# (n: hasAttrByPath [ "config" "system" "build" "sdImage" ]) +# self.nixosConfigurations); +# in +# vms // sds; +# }; + +# nixosConfigurations = +# }; + +