diff --git a/flake.lock b/flake.lock index 7568c62..f011f37 100644 --- a/flake.lock +++ b/flake.lock @@ -456,31 +456,7 @@ "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_2", "nixpkgs-u": "nixpkgs-u", - "pre-commit-hooks": "pre-commit-hooks_2", - "tex2nix": "tex2nix" - } - }, - "tex2nix": { - "inputs": { - "flake-utils": [ - "flake-utils" - ], - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1675719328, - "narHash": "sha256-emjsJLIC3ediFxJhPyW7A9KFXMETCyCdDMWPb2OF/kA=", - "owner": "Mic92", - "repo": "tex2nix", - "rev": "7044a5c0934f3afc6050c697a32526bd5a05af5d", - "type": "github" - }, - "original": { - "owner": "Mic92", - "repo": "tex2nix", - "type": "github" + "pre-commit-hooks": "pre-commit-hooks_2" } }, "utils": { diff --git a/flake.nix b/flake.nix index 02ded39..13ace86 100644 --- a/flake.nix +++ b/flake.nix @@ -4,59 +4,18 @@ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/release-22.11"; nixpkgs-u.url = "github:NixOS/nixpkgs/nixos-unstable"; - home-manager = { - url = "github:nix-community/home-manager/release-22.11"; - inputs = { - nixpkgs.follows = "nixpkgs"; - utils.follows = "flake-utils"; - }; - }; + home-manager = { url = "github:nix-community/home-manager/release-22.11"; inputs = { nixpkgs.follows = "nixpkgs"; utils.follows = "flake-utils"; }; }; - agenix = { - url = "github:ryantm/agenix"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - deploy-rs = { - url = "github:serokell/deploy-rs"; - inputs = { nixpkgs.follows = "nixpkgs"; }; - }; + agenix = { url = "github:ryantm/agenix"; inputs.nixpkgs.follows = "nixpkgs"; }; + deploy-rs = { url = "github:serokell/deploy-rs"; inputs = { nixpkgs.follows = "nixpkgs"; }; }; flake-utils.url = "github:numtide/flake-utils"; - nixos-generators = { - url = "github:nix-community/nixos-generators"; - inputs = { nixpkgs.follows = "nixpkgs"; }; - }; - nixos-hardware.url = "github:NixOS/nixos-hardware"; nix-rice = { url = "github:bertof/nix-rice/v0.3.1"; }; - pre-commit-hooks = { - url = "github:cachix/pre-commit-hooks.nix"; - inputs = { - nixpkgs.follows = "nixpkgs"; - flake-utils.follows = "flake-utils"; - }; - }; - tex2nix = { - url = "github:Mic92/tex2nix"; - inputs = { - nixpkgs.follows = "nixpkgs"; - flake-utils.follows = "flake-utils"; - }; - }; + nixos-generators = { url = "github:nix-community/nixos-generators"; inputs = { nixpkgs.follows = "nixpkgs"; }; }; + nixos-hardware.url = "github:NixOS/nixos-hardware"; + pre-commit-hooks = { url = "github:cachix/pre-commit-hooks.nix"; inputs = { nixpkgs.follows = "nixpkgs"; flake-utils.follows = "flake-utils"; }; }; }; - outputs = - { self - , nixpkgs - , nixpkgs-u - , home-manager - , agenix - , deploy-rs - , flake-utils - , nixos-generators - , nixos-hardware - , nix-rice - , pre-commit-hooks - , tex2nix - }: + outputs = { self, nixpkgs, nixpkgs-u, home-manager, agenix, deploy-rs, flake-utils, nixos-generators, nixos-hardware, nix-rice, pre-commit-hooks }: let config = { allowUnfree = true; @@ -69,15 +28,8 @@ overlays = [ # Combine stable and unstable packages (self: _: { - stable_pkgs = import nixpkgs { - inherit config overlays; - inherit (self) system; - }; - unstable_pkgs = import nixpkgs-u { - inherit config overlays; - inherit (self) system; - }; - inherit (tex2nix.packages.${self.system}) tex2nix; + stable_pkgs = import nixpkgs { inherit config overlays; inherit (self) system; }; + unstable_pkgs = import nixpkgs-u { inherit config overlays; inherit (self) system; }; }) # Nix rice @@ -87,21 +39,11 @@ # Flakes packages (self: _: { clipedit = self.callPackage ./custom/clipedit { }; - update-background = self.callPackage ./custom/update-background { - backgrounds_directory = "$HOME/Immagini/Sfondi/1080+/1440+"; - }; - lockscreen = self.callPackage ./custom/lockscreen { - palette = self.rice.colorPalette; - font = self.rice.font.normal; - }; - sddm-theme-clairvoyance = - self.callPackage ./custom/sddm-theme-clairvoyance { - wallpaper = ./wallpapers/background.jpg; - }; + update-background = self.callPackage ./custom/update-background { backgrounds_directory = "$HOME/Immagini/Sfondi/1080+/1440+"; }; + lockscreen = self.callPackage ./custom/lockscreen { palette = self.rice.colorPalette; font = self.rice.font.normal; }; + sddm-theme-clairvoyance = self.callPackage ./custom/sddm-theme-clairvoyance { wallpaper = ./wallpapers/background.jpg; }; sddm-sugar-dark = self.callPackage ./custom/sddm-sugar-dark { }; - google-chrome = self.google-chrome.override { - commandLineArgs = [ "--password-store=gnome" "--force-dark-mode" ]; - }; + google-chrome = self.google-chrome.override { commandLineArgs = [ "--password-store=gnome" "--force-dark-mode" ]; }; }) ]; @@ -109,8 +51,6 @@ eachDefaultSystem (system: let pkgs = import nixpkgs { inherit system config overlays; }; in { - formatter = pkgs.nixpkgs-fmt; - checks = { pre-commit-check = pre-commit-hooks.lib.${system}.run { src = ./.; @@ -129,32 +69,24 @@ ''; LOCAL_KEY = "/etc/nix/key"; }; + + formatter = pkgs.nixpkgs-fmt; }); + nix_configuration = { + nixpkgs = { inherit overlays config; }; + nix = { + inherit (config) extraOptions; + registry = { + stable = { from = { id = "stable"; type = "indirect"; }; flake = nixpkgs; }; + unstable = { from = { id = "unstable"; type = "indirect"; }; flake = nixpkgs-u; }; + }; + }; + }; + commonModules = [ # Nix configuration - { - nixpkgs = { inherit overlays config; }; - nix = { - extraOptions = "experimental-features = nix-command flakes"; - registry = { - stable = { - from = { - id = "stable"; - type = "indirect"; - }; - flake = nixpkgs; - }; - unstable = { - from = { - id = "unstable"; - type = "indirect"; - }; - flake = nixpkgs-u; - }; - }; - }; - } + nix_configuration # Home manager configuration home-manager.nixosModules.default @@ -164,26 +96,23 @@ useUserPackages = true; }; } + + # Agenix configuration agenix.nixosModules.default { # age.secrets.oauth_proxy_client_credentials.file = ./secrets/oauth_proxy_client_credentials.age; - age.secrets.spotify_password = { - file = ./secrets/spotify_password.age; - owner = "bertof"; - }; + age.secrets.spotify_password = { file = ./secrets/spotify_password.age; owner = "bertof"; }; } ./nixos_modules/bertof_user.nix # Some defaults - { - services.fstrim.enable = true; - services.fwupd.enable = true; - } - ./nixos_modules/btrfs_scrub.nix + ./nixos_modules/fwupd.nix + ./nixos_modules/fstrim.nix + ./nixos_modules/btrfs-scrub.nix ./nixos_modules/distributed.nix ./nixos_modules/remote-deploy.nix - ./nixos_modules/extended_registry.nix + ./nixos_modules/extended-registry.nix ./nixos_modules/automatic-garbage-collection.nix ./nixos_modules/automatic-upgrade.nix ./nixos_modules/zerotier.nix @@ -191,33 +120,13 @@ installerModules = [ # Nix configuration - { - nixpkgs = { inherit overlays config; }; - nix = { - extraOptions = "experimental-features = nix-command flakes"; - registry = { - stable = { - from = { - id = "stable"; - type = "indirect"; - }; - flake = nixpkgs; - }; - unstable = { - from = { - id = "unstable"; - type = "indirect"; - }; - flake = nixpkgs-u; - }; - }; - }; - } + nix_configuration ./nixos_modules/bertof_user.nix + ./nixos_modules/distributed.nix ./nixos_modules/remote-deploy.nix - ./nixos_modules/extended_registry.nix + ./nixos_modules/extended-registry.nix ./nixos_modules/zerotier.nix ./nixos_modules/installer.nix ]; diff --git a/nixos_modules/btrfs_scrub.nix b/nixos_modules/btrfs-scrub.nix similarity index 100% rename from nixos_modules/btrfs_scrub.nix rename to nixos_modules/btrfs-scrub.nix diff --git a/nixos_modules/extended_registry.nix b/nixos_modules/extended-registry.nix similarity index 100% rename from nixos_modules/extended_registry.nix rename to nixos_modules/extended-registry.nix diff --git a/nixos_modules/fstrim.nix b/nixos_modules/fstrim.nix new file mode 100644 index 0000000..84d7613 --- /dev/null +++ b/nixos_modules/fstrim.nix @@ -0,0 +1,3 @@ +{ + services.fstrim.enable = true; +} diff --git a/nixos_modules/fwupd.nix b/nixos_modules/fwupd.nix new file mode 100644 index 0000000..a62f709 --- /dev/null +++ b/nixos_modules/fwupd.nix @@ -0,0 +1,3 @@ +{ + services.fwupd.enable = true; +} diff --git a/nixos_modules/remote-deploy.nix b/nixos_modules/remote-deploy.nix index 9efcfda..3ddb792 100644 --- a/nixos_modules/remote-deploy.nix +++ b/nixos_modules/remote-deploy.nix @@ -2,9 +2,10 @@ services.openssh = { enable = true; openFirewall = true; + + kbdInteractiveAuthentication = lib.mkDefault false; permitRootLogin = lib.mkDefault "prohibit-password"; - passwordAuthentication = false; - kbdInteractiveAuthentication = false; + passwordAuthentication = lib.mkDefault false; }; users.users.root.openssh.authorizedKeys.keys = [