{ inputs = { secrets = { url = "git+ssh://forgejo@git.ingolf-wagner.de/palo/nixos-secrets.git?ref=main"; flake = false; }; flake-parts.url = "github:hercules-ci/flake-parts"; flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs"; clan-core = { #url = "git+https://git.clan.lol/clan/clan-core"; url = "git+file:///home/palo/dev/nixos/clan-core"; inputs.nixpkgs.follows = "nixpkgs"; # Needed if your configuration uses nixpkgs unstable. inputs.flake-parts.follows = "flake-parts"; }; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-legacy_2105.url = "github:nixos/nixpkgs/nixos-21.05"; nixpkgs-legacy_2205.url = "github:nixos/nixpkgs/nixos-22.05"; nixpkgs-legacy_2211.url = "github:nixos/nixpkgs/nixos-22.11"; nixpkgs-legacy_2305.url = "github:nixos/nixpkgs/nixos-23.05"; nixpkgs-legacy_2311.url = "github:nixos/nixpkgs/nixos-23.11"; nixos-hardware.url = "github:nixos/nixos-hardware"; nixos-anywhere.url = "github:nix-community/nixos-anywhere"; home-manager = { #url = "github:nix-community/home-manager/release-23.11"; url = "github:nix-community/home-manager"; #inputs.nixpkgs.follows = "nixpkgs"; }; polygon-art = { url = "git+https://git.ingolf-wagner.de/palo/polygon-art.git"; }; sops-nix.url = "github:Mic92/sops-nix"; home-manager-utils = { url = "github:mrvandalo/home-manager-utils"; inputs.home-manager.follows = "home-manager"; }; nixpkgs-fmt = { url = "github:nix-community/nixpkgs-fmt"; inputs.nixpkgs.follows = "nixpkgs"; }; grocy-scanner = { url = "github:mrVanDalo/grocy-scanner"; inputs.nixpkgs.follows = "nixpkgs"; }; permown = { url = "github:mrVanDalo/module.permown"; #url = "git+file:///home/palo/dev/nixos/permown"; inputs.nixpkgs.follows = "nixpkgs"; }; private_assets = { #url = "git+file:///home/palo/dev/nixos/nixos-private-assets"; url = "git+ssh://forgejo@git.ingolf-wagner.de/palo/nixos-private-assets.git?ref=main"; flake = true; }; retiolum = { url = "github:Mic92/retiolum"; #url = "git+file:///home/palo/dev/nixos/retiolum"; }; srvos.url = "github:nix-community/srvos"; srvos_nixpkgs.follows = "srvos/nixpkgs"; landingpage = { #url = "git+file:///home/palo/dev/landingpage"; url = "github:mrVanDalo/landingpage"; }; kmonad = { url = "github:kmonad/kmonad?dir=nix"; inputs.nixpkgs.follows = "nixpkgs"; }; disko = { url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; }; dns = { url = "github:kirelagin/dns.nix"; inputs.nixpkgs.follows = "nixpkgs"; }; nixinate.url = "github:matthewcroughan/nixinate"; stylix = { #url = "github:danth/stylix?ref=35cab8eb76c1d3672b2b290a64f357847c30d090"; #url = "github:danth/stylix/release-23.11"; url = "github:danth/stylix"; inputs.nixpkgs.follows = "nixpkgs"; inputs.home-manager.follows = "home-manager"; }; smoke = { url = github:SamirTalwar/smoke; inputs.nixpkgs.follows = "nixpkgs"; }; taskshell = { url = "github:mrvandalo/taskshell"; inputs.nixpkgs.follows = "nixpkgs"; }; overviewer.url = "git+ssh://forgejo@git.ingolf-wagner.de/palo/overviewer.git?ref=main"; }; outputs = inputs@{ self , clan-core , disko , dns #, doom-emacs-nix , flake-parts , grocy-scanner , home-manager , home-manager-utils , kmonad , landingpage , nixinate , nixos-anywhere , nixos-hardware , nixpkgs , nixpkgs-fmt , nixpkgs-legacy_2105 , nixpkgs-legacy_2205 , nixpkgs-legacy_2211 , nixpkgs-legacy_2305 , nixpkgs-legacy_2311 , overviewer , permown , polygon-art , private_assets , retiolum , secrets , smoke , sops-nix , srvos , srvos_nixpkgs , stylix , taskshell }: let #system = "x86_64-linux"; #pkgs = nixpkgs.legacyPackages.${system}; inherit (nixpkgs) lib; meta = rec { system = "x86_64-linux"; pkgs = import nixpkgs { inherit system; config.allowUnfree = true; config.permittedInsecurePackages = [ "electron-24.8.6" # for bitwarden "python-2.7.18.6" "python-2.7.18.7" "python-2.7.18.8" ]; overlays = [ (_self: _super: { # todo : remove this, we are on unstable in the future unstable = import nixpkgs { inherit system; config.allowUnfree = true; }; legacy_2205 = import nixpkgs-legacy_2205 { inherit system; }; legacy_2211 = import nixpkgs-legacy_2211 { inherit system; }; legacy_2305 = import nixpkgs-legacy_2305 { inherit system; }; legacy_2311 = import nixpkgs-legacy_2311 { inherit system; }; polygon-art = polygon-art.packages.${system}; landingpage = landingpage.packages.${system}.plain; kmonad = kmonad.packages.${system}.kmonad; tasksh = taskshell.packages.${system}.tasksh; overviewer = overviewer.packages.${system}.overviewer; smoke = smoke.packages.${system}.default; }) (import ./nixos/pkgs) ]; }; specialArgs = { inherit private_assets; assets = ./nixos/assets; }; }; clanSetup = { name , host , modules }: { clan.networking.targetHost = lib.mkDefault "root@${host}"; nixpkgs.pkgs = meta.pkgs; nixpkgs.hostPlatform = meta.system; clanCore.facts.secretStore = "password-store"; imports = modules ++ defaultModules ++ [ ./nixos/machines/${name}/configuration.nix (sopsModule name) { imports = [ # this magically adds all my machines in the zero tier network # and makes the controller accept them. # will automatic look into `/machines//facts/zerotier-ip inputs.clan-core.clanModules.zerotier-static-peers # Statically configure the host names of machines based on their respective zerotier-ip. inputs.clan-core.clanModules.static-hosts ]; clan.static-hosts.topLevelDomain = "bear"; } ]; }; defaultModules = [ { # todo : find out what this is? # make flake inputs accessiable in NixOS _module.args.self = self; _module.args.inputs = self.inputs; } ({ pkgs, ... }: { nix.settings.substituters = [ "https://cache.nixos.org/" ]; nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.max-jobs = 1; # no channesl needed this way nix.nixPath = [ "nixpkgs=${pkgs.path}" ]; }) ({ pkgs, ... }: { boot.tmp.useTmpfs = lib.mkDefault true; environment.systemPackages = [ nixpkgs-fmt.defaultPackage.${pkgs.system} clan-core.packages.${pkgs.system}.clan-cli ]; imports = [ permown.nixosModules.permown #disko.nixosModules.disko kmonad.nixosModules.default grocy-scanner.nixosModule ]; }) ]; homeManagerModules = { pkgs, config, ... }: { imports = [ home-manager.nixosModules.home-manager stylix.nixosModules.stylix ]; stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-light-medium.yaml"; stylix.image = ./nixos/assets/wallpaper.png; stylix.fonts = { serif = { package = pkgs.ubuntu_font_family; name = "Ubuntu"; }; sansSerif = { package = pkgs.ubuntu_font_family; name = "Ubuntu"; }; monospace = { package = pkgs.jetbrains-mono; name = "JetBrains Mono"; }; emoji = { package = pkgs.noto-fonts-emoji; name = "Noto Color Emoji"; }; sizes.popups = 15; }; home-manager.extraSpecialArgs = { inherit private_assets; assets = ./nixos/assets; }; home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.backupFileExtension = "backup"; home-manager.sharedModules = [ #doom-emacs-nix.hmModule home-manager-utils.hmModule { stylix.targets.bemenu.enable = false; } ]; home-manager.users.mainUser.home.stateVersion = "22.11"; home-manager.users.root.home.stateVersion = "22.11"; }; sopsModule = name: { lib, ... }: { #imports = [ sops-nix.nixosModules.sops ]; sops.defaultSopsFile = lib.mkForce "${secrets}/secrets/${name}.yaml"; }; in flake-parts.lib.mkFlake { inherit inputs; } ({ self, pkgs, ... }: { # We define our own systems below. you can still use this to add system specific outputs to your flake. # See: https://flake.parts/getting-started systems = [ ]; # import clan-core modules imports = [ clan-core.flakeModules.default ]; # Define your clan clan = { # Clan wide settings. clanName = "gummybears"; # Ensure to choose a unique name. specialArgs = meta.specialArgs; machines = { sternchen = clanSetup { name = "sternchen"; #host = "sternchen.secure"; host = "192.168.178.25"; modules = [ nixos-hardware.nixosModules.lenovo-thinkpad-x220 homeManagerModules { home-manager.users.mainUser.gui.enable = true; } { home-manager.users.mainUser = import ./nixos/homes/tina; home-manager.users.root = import ./nixos/homes/root; } # todo : strange overrides, this should be an option kinda an be changed on another level (the homes/ folders or something) ({ lib, ... }: { home-manager.users = { mainUser = { programs.atuin.enable = lib.mkForce false; }; root = { programs.atuin.enable = lib.mkForce false; }; }; }) { clanCore.machineDescription = "LaLaptop"; } ]; }; cream = clanSetup { name = "cream"; host = "cream.private"; modules = [ nixos-hardware.nixosModules.framework-12th-gen-intel retiolum.nixosModules.retiolum private_assets.nixosModules.cream homeManagerModules { home-manager.users.mainUser.gui.enable = true; } { home-manager.users.mainUser = import ./nixos/homes/palo; home-manager.users.root = import ./nixos/homes/root; } { clanCore.machineDescription = "Laptop"; } ]; }; cherry = clanSetup { name = "cherry"; host = "cherry.private"; modules = [ nixos-hardware.nixosModules.framework-13th-gen-intel homeManagerModules { home-manager.users.mainUser.gui.enable = true; } { home-manager.users.mainUser = import ./nixos/homes/palo; home-manager.users.root = import ./nixos/homes/root; } { clanCore.machineDescription = "Laptop"; } ]; }; chungus = clanSetup { name = "chungus"; host = "chungus.private"; modules = [ homeManagerModules retiolum.nixosModules.retiolum private_assets.nixosModules.chungus #srvos.nixosModules.server #srvos.nixosModules.mixins-terminfo { home-manager.users.mainUser = import ./nixos/homes/palo; home-manager.users.root = import ./nixos/homes/root; } { clanCore.machineDescription = "Home Server"; } ]; }; orbi = clanSetup { name = "orbi"; host = "orbi.private"; # host = "95.216.66.212"; modules = [ { clan.networking.zerotier.controller = { enable = true; public = false; }; } homeManagerModules srvos.nixosModules.hardware-hetzner-online-intel srvos.nixosModules.server srvos.nixosModules.mixins-terminfo { # not needed for servers in general boot.initrd.systemd.emergencyAccess = false; systemd.enableEmergencyMode = false; } { home-manager.users.mainUser = import ./nixos/homes/palo; home-manager.users.root = import ./nixos/homes/root; } { clanCore.machineDescription = "Internet Server"; } ]; }; }; }; }); }