nixos-config/flake.nix
2024-05-27 08:20:07 +02:00

419 lines
12 KiB
Nix

{
inputs = {
secrets = {
url = "git+ssh://gitea@git.ingolf-wagner.de/palo/nixos-secrets.git?ref=main";
flake = false;
};
flake-parts.url = "github:hercules-ci/flake-parts";
flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs";
clan-core = {
url = "git+https://git.clan.lol/clan/clan-core";
inputs.nixpkgs.follows = "nixpkgs"; # Needed if your configuration uses nixpkgs unstable.
inputs.flake-parts.follows = "flake-parts";
};
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-legacy_2305.url = "github:nixos/nixpkgs/nixos-23.05";
nixpkgs-legacy_2211.url = "github:nixos/nixpkgs/nixos-22.11";
nixpkgs-legacy_2205.url = "github:nixos/nixpkgs/nixos-22.05";
nixpkgs-legacy_2105.url = "github:nixos/nixpkgs/nixos-21.05";
nixos-hardware.url = "github:nixos/nixos-hardware";
nixos-anywhere.url = "github:nix-community/nixos-anywhere";
home-manager = {
url = "github:nix-community/home-manager/release-23.11";
inputs.nixpkgs.follows = "nixpkgs";
};
polygon-art = {
url = "git+https://git.ingolf-wagner.de/palo/polygon-art.git";
};
sops-nix.url = "github:Mic92/sops-nix";
doom-emacs-nix = {
url = "github:nix-community/nix-doom-emacs";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager-utils = {
url = "github:mrvandalo/home-manager-utils";
inputs.home-manager.follows = "home-manager";
};
nixpkgs-fmt = {
url = "github:nix-community/nixpkgs-fmt";
inputs.nixpkgs.follows = "nixpkgs";
};
grocy-scanner = {
url = "github:mrVanDalo/grocy-scanner";
inputs.nixpkgs.follows = "nixpkgs";
};
permown = {
url = "github:mrVanDalo/module.permown";
#url = "git+file:///home/palo/dev/nixos/permown";
inputs.nixpkgs.follows = "nixpkgs";
};
private_assets = {
#url = "git+file:///home/palo/dev/nixos/nixos-private-assets";
url = "git+ssh://gitea@git.ingolf-wagner.de/palo/nixos-private-assets.git?ref=main";
flake = true;
};
retiolum = {
url = "github:Mic92/retiolum";
#url = "git+file:///home/palo/dev/nixos/retiolum";
};
srvos.url = "github:nix-community/srvos";
srvos_nixpkgs.follows = "srvos/nixpkgs";
landingpage = {
#url = "git+file:///home/palo/dev/landingpage";
url = "github:mrVanDalo/landingpage";
};
kmonad = {
url = "github:kmonad/kmonad?dir=nix";
inputs.nixpkgs.follows = "nixpkgs";
};
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
dns = {
url = "github:kirelagin/dns.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
nixinate.url = "github:matthewcroughan/nixinate";
stylix = {
#url = "github:danth/stylix?ref=35cab8eb76c1d3672b2b290a64f357847c30d090";
url = "github:danth/stylix/release-23.11";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};
smoke = {
url = github:SamirTalwar/smoke;
inputs.nixpkgs.follows = "nixpkgs";
};
taskshell = {
url = "github:mrvandalo/taskshell";
inputs.nixpkgs.follows = "nixpkgs";
};
overviewer.url = "git+ssh://gitea@git.ingolf-wagner.de/palo/overviewer.git?ref=main";
};
outputs =
inputs@{ self
, clan-core
, disko
, dns
, doom-emacs-nix
, flake-parts
, grocy-scanner
, home-manager
, home-manager-utils
, kmonad
, landingpage
, nixinate
, nixos-anywhere
, nixos-hardware
, nixpkgs
, nixpkgs-fmt
, nixpkgs-legacy_2105
, nixpkgs-legacy_2205
, nixpkgs-legacy_2211
, nixpkgs-legacy_2305
, nixpkgs-unstable
, overviewer
, permown
, polygon-art
, private_assets
, retiolum
, secrets
, smoke
, sops-nix
, srvos
, srvos_nixpkgs
, stylix
, taskshell
}:
let
#system = "x86_64-linux";
#pkgs = nixpkgs.legacyPackages.${system};
inherit (nixpkgs) lib;
meta = rec {
system = "x86_64-linux";
pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
config.permittedInsecurePackages = [
"python-2.7.18.6"
"python-2.7.18.7"
"electron-24.8.6" # for bitwarden
];
overlays = [
(_self: _super: {
unstable = import nixpkgs-unstable {
inherit system;
config.allowUnfree = true;
};
legacy_2211 = import nixpkgs-legacy_2211 { inherit system; };
legacy_2205 = import nixpkgs-legacy_2205 { inherit system; };
legacy_2105 = nixpkgs-legacy_2105 { inherit system; };
legacy_2305 = nixpkgs-legacy_2105 { inherit system; };
polygon-art = polygon-art.packages.${system};
landingpage = landingpage.packages.${system}.plain;
trilium-server = nixpkgs-unstable.legacyPackages.${system}.trilium-server;
kmonad = kmonad.packages.${system}.kmonad;
tasksh = taskshell.packages.${system}.tasksh;
overviewer = overviewer.packages.${system}.overviewer;
smoke = smoke.packages.${system}.default;
})
(import ./nixos/pkgs)
];
};
specialArgs = {
inherit private_assets;
assets = ./nixos/assets;
};
};
clanSetup =
{ name
, host
, modules
#, nixpackages ? meta.nixpkgs
}: {
clan.networking.targetHost = lib.mkDefault "root@${host}";
clanCore.machineIcon = null; # Optional, a path to an image file
#nixpkgs.pkgs = nixpackages;
nixpkgs.pkgs = meta.pkgs;
nixpkgs.hostPlatform = meta.system;
imports = modules ++ defaultModules ++ [
{
imports = [
./nixos/machines/${name}/configuration.nix
(sopsModule name)
];
}
];
};
defaultModules = [
({ pkgs, lib, ... }: {
# todo : check if this is still needed
nix = {
# no channesl needed this way
nixPath = [ "nixpkgs=${pkgs.path}" ];
# make flakes available
package = pkgs.nixUnstable;
extraOptions = ''
experimental-features = nix-command flakes
'';
};
})
{ nix.settings.substituters = [ "https://cache.nixos.org/" ]; }
({ pkgs, ... }: {
boot.tmp.useTmpfs = lib.mkDefault true;
environment.systemPackages = [ nixpkgs-fmt.defaultPackage.${pkgs.system} ];
imports = [
permown.nixosModules.permown
disko.nixosModules.disko
kmonad.nixosModules.default
grocy-scanner.nixosModule
];
})
];
homeManagerModules = { pkgs, config, ... }: {
imports = [
home-manager.nixosModules.home-manager
stylix.nixosModules.stylix
];
stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-light-medium.yaml";
stylix.image = ./nixos/assets/wallpaper.png;
stylix.fonts = {
serif = {
package = pkgs.ubuntu_font_family;
name = "Ubuntu";
};
sansSerif = {
package = pkgs.ubuntu_font_family;
name = "Ubuntu";
};
monospace = {
package = pkgs.jetbrains-mono;
name = "JetBrains Mono";
};
emoji = {
package = pkgs.noto-fonts-emoji;
name = "Noto Color Emoji";
};
};
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.sharedModules = [
doom-emacs-nix.hmModule
home-manager-utils.hmModule
{ stylix.targets.bemenu.enable = false; }
];
home-manager.users.mainUser.home.stateVersion = "22.11";
home-manager.users.root.home.stateVersion = "22.11";
};
sopsModule = name: { lib, ... }: {
#imports = [ sops-nix.nixosModules.sops ];
sops.defaultSopsFile = lib.mkForce "${secrets}/secrets/${name}.yaml";
};
in
flake-parts.lib.mkFlake { inherit inputs; } ({ self, pkgs, ... }: {
# We define our own systems below. you can still use this to add system specific outputs to your flake.
# See: https://flake.parts/getting-started
systems = [ ];
# import clan-core modules
imports = [
clan-core.flakeModules.default
];
# Define your clan
clan = {
# Clan wide settings. (Required)
clanName = "gummybears"; # Ensure to choose a unique name.
specialArgs = meta.specialArgs;
machines = {
sternchen = clanSetup {
name = "sternchen";
host = "sternchen.secure";
modules = [
nixos-hardware.nixosModules.lenovo-thinkpad-x220
homeManagerModules
];
};
cream = clanSetup {
name = "cream";
#host = "1.2.3.4";
host = "cream.private";
modules = [
nixos-hardware.nixosModules.framework-12th-gen-intel
retiolum.nixosModules.retiolum
private_assets.nixosModules.jobrad
homeManagerModules
{ home-manager.users.mainUser.gui.enable = true; }
{
home-manager.users.mainUser = import ./nixos/homes/palo;
home-manager.users.root = import ./nixos/homes/root;
}
];
};
cherry = clanSetup {
name = "cherry";
host = "cherry.private";
modules = [
nixos-hardware.nixosModules.framework-13th-gen-intel
homeManagerModules
{ home-manager.users.mainUser.gui.enable = true; }
{
home-manager.users.mainUser = import ./nixos/homes/palo;
home-manager.users.root = import ./nixos/homes/root;
}
];
};
chungus = clanSetup {
name = "chungus";
host = "chungus.private";
modules = [
homeManagerModules
retiolum.nixosModules.retiolum
{
home-manager.users.mainUser = import ./nixos/homes/palo;
home-manager.users.root = import ./nixos/homes/root;
}
];
};
orbi = clanSetup {
name = "orbi";
host = "orbi.private";
modules = [
homeManagerModules
srvos.nixosModules.hardware-hetzner-online-intel
srvos.nixosModules.server
srvos.nixosModules.mixins-terminfo
{ home-manager.sharedModules = [{ programs.doom-emacs.enable = false; }]; }
{
home-manager.users.mainUser = import ./nixos/homes/palo;
home-manager.users.root = import ./nixos/homes/root;
}
];
};
robi = clanSetup {
name = "robi";
host = "robi.private";
modules = [
homeManagerModules
{ home-manager.sharedModules = [{ programs.doom-emacs.enable = false; }]; }
{
home-manager.users.mainUser = import ./nixos/homes/palo;
home-manager.users.root = import ./nixos/homes/root;
}
];
};
};
};
});
}
# devShells.${system}.default =
# pkgs.mkShell {
# buildInputs = [
# nixpkgs-fmt.defaultPackage.${system}
# nixos-anywhere.packages.${system}.nixos-anywhere
# ];
# };
#apps = nixinate.nixinate.x86_64-linux self;
# packages = with nixpkgs.lib; {
# ${system} =
# let
# vms = mapAttrs'
# (host: sys: {
# name = "vm-${host}";
# value = sys.config.system.build.vm;
# })
# self.nixosConfigurations;
# sds = mapAttrs'
# (host: sys: {
# name = "sd-${host}";
# value = sys.config.system.build.sdImage;
# })
# (filterAttrs
# (n: hasAttrByPath [ "config" "system" "build" "sdImage" ])
# self.nixosConfigurations);
# in
# vms // sds;
# };
# nixosConfigurations =
# };