bertof/nix-dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nix-dotfiles/flake.nix
Filippo Berto 076291e119
Fix cute-api input
2025-09-09 15:19:17 +02:00

471 lines
18 KiB
Nix
Raw Blame History

{
description = "bertof's system configuration";
inputs = {
flake-compat.url = "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz";
nixpkgs-s.url = "github:NixOS/nixpkgs/release-25.05";
nixpkgs-u.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs.follows = "nixpkgs-u";
home-manager = { url = "github:nix-community/home-manager/release-24.11"; inputs.nixpkgs.follows = "nixpkgs-s"; };
home-manager-u = { url = "github:nix-community/home-manager"; inputs = { nixpkgs.follows = "nixpkgs-u"; }; };
# agenix.url = "github:ryantm/agenix";
ragenix = { url = "github:yaxitech/ragenix"; inputs.nixpkgs.follows = "nixpkgs"; };
deploy-rs = { url = "github:serokell/deploy-rs"; inputs.nixpkgs.follows = "nixpkgs"; };
nix-rice = {
url = "github:bertof/nix-rice/modules";
inputs.nixpkgs.follows = "nixpkgs";
};
nixos-generators = { url = "github:nix-community/nixos-generators"; inputs.nixpkgs.follows = "nixpkgs"; };
nixos-hardware.url = "github:NixOS/nixos-hardware";
systems.url = "github:nix-systems/default";
flake-parts.url = "github:hercules-ci/flake-parts";
git-hooks = {
url = "github:cachix/git-hooks.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
# agenix-shell.url = "github:aciceri/agenix-shell"; # TODO
# agenix-rekey.url = "github:oddlama/agenix-rekey"; # TODO
# emanote.url = "github:srid/emanote";
cute-api = {
url = "git+ssh://git@gitlab.com/bertof/cute-api.git";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = inputs:
let
nix-config = {
allowUnfree = true;
extraOptions = "experimental-features = nix-command flakes";
permittedInsecurePackages = [
# "electron-27.3.11" # LogSeq
# "aspnetcore-runtime-6.0.36" # Sonarr
# "aspnetcore-runtime-wrapped-6.0.36" # Sonarr
# "dotnet-sdk-6.0.428" # Sonarr
# "dotnet-sdk-wrapped-6.0.428" # Sonarr
];
};
basic_module = {
nixpkgs = {
config = nix-config;
overlays = [
# packages
inputs.self.overlays.packages
inputs.self.overlays.overrides
];
};
nix = {
inherit (nix-config) extraOptions;
registry = {
stable = { from = { id = "stable"; type = "indirect"; }; flake = inputs.nixpkgs; };
unstable = { from = { id = "unstable"; type = "indirect"; }; flake = inputs.nixpkgs-u; };
};
};
};
# Home manager configuration
homeManagerModules = [
inputs.home-manager.nixosModules.default
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = {
stable = inputs.nixpkgs;
unstable = inputs.nixpkgs-u;
};
};
}
];
homeManagerUModules = [
inputs.home-manager-u.nixosModules.default
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = {
stable = inputs.nixpkgs;
unstable = inputs.nixpkgs-u;
};
};
}
];
commonModules = [
# Nix configuration
basic_module
# Nix rice
inputs.nix-rice.modules.default
./modules/nixos/rice.nix
# # S3 cache read
# ./modules/nixos/s3_cache_read.nix
# Agenix configuration
inputs.ragenix.nixosModules.default
# inputs.agenix.nixosModules.default
# { services.userborn.enable = true; }
./modules/nixos/users/bertof.nix
# Some basic defaults
./modules/nixos/basics
{
age.secrets = {
# ollama = { file = ./secrets/ollama.age; owner = "bertof"; };
};
}
];
installerModules = commonModules ++ [ ./modules/nixos/installer.nix ];
in
inputs.flake-parts.lib.mkFlake { inherit inputs; } {
systems = import inputs.systems;
imports = [ inputs.git-hooks.flakeModule ];
perSystem = { config, pkgs, system, ... }: {
_module.args.pkgs = import inputs.nixpkgs {
inherit system;
config = nix-config;
overlays = [
# inputs.nix-rice.overlays.default
inputs.self.overlays.packages
];
};
pre-commit.settings.hooks = {
deadnix.enable = true;
nixpkgs-fmt.enable = true;
statix.enable = true;
};
devShells.default = pkgs.mkShellNoCC {
buildInputs = [ pkgs.deploy-rs ];
shellHook = ''
${config.pre-commit.installationScript}
LOCAL_KEY = "/etc/nix/key";
'';
};
formatter = pkgs.nixpkgs-fmt;
packages = {
inherit
(pkgs)
keyboard-switch
wl-clipedit
wl-lockscreen
wl-update-background
;
inherit (inputs.cute-api.packages.${system}) cute-api;
# Installer ISO
install-iso = inputs.nixos-generators.nixosGenerate {
inherit system;
modules = installerModules;
format = "install-iso";
};
# RAW base image
raw-base-image = inputs.nixos-generators.nixosGenerate {
inherit system;
modules = installerModules;
format = "raw-efi";
};
# VMDK base image
vmdk-base-image = inputs.nixos-generators.nixosGenerate {
system = "x86_64-linux";
modules = installerModules;
format = "vmware";
};
# Aarch64 base image
aarch64-base-image = inputs.nixos-generators.nixosGenerate {
system = "aarch64-linux";
modules = installerModules;
format = "sd-aarch64";
};
# Installer DigitalOcean
do-image = inputs.nixos-generators.nixosGenerate {
inherit system;
modules = installerModules;
format = "do";
};
};
};
flake = {
overlays = {
default = inputs.self.overlays.packages;
packages = self: _super: {
keyboard-switch = self.callPackage ./pkgs/keyboard-switch { };
wl-clipedit = self.callPackage ./pkgs/wl-clipedit { };
wl-lockscreen = self.callPackage ./pkgs/wl-lockscreen { };
wl-update-background = self.callPackage ./pkgs/wl-update-background { };
};
overrides = _self: super: {
google-chrome = super.google-chrome.override { commandLineArgs = [ "--password-store=gnome" "--force-dark-mode" ]; };
brave = super.brave.override { commandLineArgs = "--ozone-platform=wayland --enable-features=UseOzonePlatform,WebRTCPipeWireCapturer"; };
smartir-zha = super.home-assistant-custom-components.smartir.overrideAttrs (_attr: rec {
version = "04ac27e";
src = super.fetchFromGitHub {
owner = "bertof";
repo = "SmartIR";
rev = "6f8cac1";
hash = "sha256-5Ulb3z46bfIzztHTMNg/Vc26ru9K40242AsW37TLE18=";
};
code = super.fetchurl {
url = "https://gist.githubusercontent.com/bertof/d2a4af6243300b9ba05638af9a29fa6d/raw/6dbb21db986db15f69bb3040585419a270693289/50.json";
sha256 = "sha256-9564yMudzY8Z9RzvLqJxuV4k6PLBVJdph71BOz6OXRc=";
};
patcher = super.fetchurl {
url = "https://gist.githubusercontent.com/svyatogor/7839d00303998a9fa37eb48494dd680f/raw/66cba20e653f84aab0b9a31ea5b9ca497d038d8a/broadlink_to_tuya.py";
sha256 = "0m5fbfvsq8sxm0ghs8al8b6z4vfycqkr90qb10w9c4ryag2flnsh";
};
postPatch = ''
${super.python312}/bin/python3 ${patcher} codes/climate/1946.json > codes/climate/50.json
# sed 's/Broadlink/MQTT/' codes/climate/1946.json > codes/climate/50.json
# cp ${code} codes/climate/50.json
'';
});
# can be removed when https://github.com/NixOS/nixpkgs/pull/389711 is merged
libfprint = super.libfprint.overrideAttrs (oldAttrs: {
buildInputs = oldAttrs.buildInputs ++ [ super.nss ];
});
};
};
nixosConfigurations = {
thor = inputs.nixpkgs-u.lib.nixosSystem {
system = "x86_64-linux";
modules = commonModules ++ [
./instances/thor/hardware-configuration.nix
inputs.nixos-hardware.nixosModules.common-cpu-amd
inputs.nixos-hardware.nixosModules.common-pc-ssd
./instances/thor/configuration.nix
# # S3 cache write
# ./modules/nixos/s3_cache_write.nix
./modules/nixos/plasma6.nix
# ./modules/nixos/cuda_support.nix
# ./modules/nixos/ollama.nix
./modules/nixos/pro_audio.nix
./modules/nixos/kdeconnect.nix
./modules/nixos/steam.nix
# ./modules/nixos/minio_local.nix
./modules/nixos/hyprland.nix
{ home-manager.users.bertof.imports = [ ./hm/modules/hyprland.nix ]; }
./modules/nixos/musa.nix
] ++ homeManagerUModules ++ [{
age.secrets = {
minio_bertof = { file = ./secrets/minio_bertof.age; owner = "bertof"; };
};
home-manager.users.bertof = import ./instances/thor/hm.nix;
}];
};
sif = inputs.nixpkgs-u.lib.nixosSystem {
system = "x86_64-linux";
modules = commonModules ++ [
./instances/sif/hardware-configuration.nix
inputs.nixos-hardware.nixosModules.common-cpu-intel
inputs.nixos-hardware.nixosModules.common-cpu-intel
inputs.nixos-hardware.nixosModules.common-pc-ssd
./instances/sif/configuration.nix
# S3 cache write
# ./modules/nixos/s3_cache_write.nix
# { age.secrets.s3_sif = { file = ./secrets/s3_sif.age; owner = "bertof"; }; }
# ./modules/nixos/plasma6.nix
# ./modules/nixos/ollama.nix
./modules/nixos/pro_audio.nix
./modules/nixos/kdeconnect.nix
./modules/nixos/steam.nix
# ./modules/nixos/minio_local.nix
./modules/nixos/hyprland.nix
{ home-manager.users.bertof.imports = [ ./hm/modules/hyprland.nix ]; }
./modules/nixos/musa.nix
] ++ homeManagerUModules ++ [{
age.secrets = {
minio_bertof = { file = ./secrets/minio_bertof.age; owner = "bertof"; };
};
home-manager.users.bertof = import ./instances/sif/hm.nix;
}];
};
odin = inputs.nixpkgs-u.lib.nixosSystem {
system = "x86_64-linux";
modules = commonModules ++ [
inputs.nixos-hardware.nixosModules.common-cpu-intel
inputs.nixos-hardware.nixosModules.common-pc-laptop
inputs.nixos-hardware.nixosModules.common-pc-laptop-ssd
./instances/odin/hardware-configuration.nix
./instances/odin/configuration.nix
./modules/nixos/users/tiziano.nix
./modules/nixos/server
./modules/nixos/ip_forwarding.nix
# ./modules/nixos/plasma6.nix
./modules/nixos/steam.nix
] ++ homeManagerUModules ++ [{
home-manager.users.bertof = import ./instances/odin/hm.nix;
home-manager.users.tiziano = import ./instances/odin/hm_tiziano.nix;
age.secrets = {
minio_bertof = { file = ./secrets/minio_bertof.age; owner = "bertof"; };
minio_tiziano = { file = ./secrets/minio_tiziano.age; owner = "tiziano"; };
};
}];
};
heimdall = inputs.nixpkgs-u.lib.nixosSystem {
system = "x86_64-linux";
modules = commonModules ++ [
inputs.nixos-hardware.nixosModules.common-cpu-amd
inputs.nixos-hardware.nixosModules.common-gpu-amd
inputs.nixos-hardware.nixosModules.common-pc-ssd
./modules/nixos/server
./instances/heimdall/hardware-configuration.nix
./instances/heimdall/configuration.nix
./modules/nixos/users/tiziano.nix
./modules/nixos/ip_forwarding.nix
./modules/nixos/torrentbox.nix
./modules/nixos/minio_server.nix
./modules/nixos/nextcloud.nix
./modules/nixos/immich.nix
inputs.cute-api.nixosModules.default
{ services.cute-api = { enable = true; host = "0.0.0.0"; }; }
# ./modules/nixos/garage.nix
# ./modules/nixos/ntfy.nix
# S3 cache read
# ./modules/nixos/s3_cache_read.nix
] ++ homeManagerUModules ++ [{
age.secrets = {
minio_bertof = { file = ./secrets/minio_bertof.age; owner = "bertof"; };
heimdall-gitlab-runner-nix.file = ./secrets/heimdall-gitlab-runner-nix.age;
heimdall-gitlab-runner-docker-images.file = ./secrets/heimdall-gitlab-runner-docker-images.age;
heimdall-gitlab-runner-default.file = ./secrets/heimdall-gitlab-runner-default.age;
};
home-manager.users.bertof = import ./instances/heimdall/hm.nix;
}];
};
freya = inputs.nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = commonModules ++ [
inputs.nixos-hardware.nixosModules.raspberry-pi-4
({ lib, ... }: {
boot.supportedFilesystems = lib.mkForce [
"btrfs"
"reiserfs"
"vfat"
"f2fs"
"xfs"
"ntfs"
"cifs"
];
})
./modules/nixos/server
./instances/freya/hardware-configuration.nix
./instances/freya/configuration.nix
./modules/nixos/torrentbox.nix
./modules/nixos/minio_server.nix
# ./modules/nixos/nextcloud.nix
./modules/nixos/ntfy.nix
# S3 cache read
# ./modules/nixos/s3_cache_read.nix
] ++ homeManagerModules ++ [{
home-manager.users.bertof = import ./instances/freya/hm.nix;
}];
};
baldur = inputs.nixpkgs-u.lib.nixosSystem {
system = "x86_64-linux";
modules = commonModules ++ [
./modules/nixos/server
./instances/baldur/hardware-configuration.nix
./instances/baldur/configuration.nix
# ./modules/nixos/digitalocean.nix
# ./modules/nixos/users/tiziano.nix
# S3 cache read
# ./modules/nixos/s3_cache_read.nix
] ++ homeManagerUModules ++ [{
home-manager.users.bertof = import ./instances/baldur/hm.nix;
# home-manager.users.tiziano = import ./instances/baldur/hm_tiziano.nix;
}];
};
loki = inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = commonModules ++ [
./modules/nixos/server
inputs.nixos-hardware.nixosModules.common-cpu-intel
inputs.nixos-hardware.nixosModules.common-pc-ssd
./instances/loki/hardware-configuration.nix
./instances/loki/configuration.nix
./modules/nixos/users/tiziano.nix
# S3 cache read
# ./modules/nixos/s3_cache_read.nix
] ++ homeManagerModules ++ [{
home-manager.users.bertof = import ./instances/odin/hm.nix;
home-manager.users.tiziano = import ./instances/odin/hm_tiziano.nix;
}];
};
};
# # Deploy-rs checks
# checks = builtins.mapAttrs (_system: deployLib: deployLib.deployChecks inputs.self.deploy) inputs.deploy-rs.lib;
# Map nodes to Deploy-rs deployments
deploy.nodes = {
baldur = {
hostname = "baldur.bertof.net";
profiles.system = { user = "root"; path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos inputs.self.nixosConfigurations.baldur; };
};
freya = {
hostname = "freya.tsn";
profiles.system = { user = "root"; path = inputs.deploy-rs.lib.aarch64-linux.activate.nixos inputs.self.nixosConfigurations.freya; };
};
heimdall = {
hostname = "heimdall.tsn";
profiles.system = { user = "root"; path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos inputs.self.nixosConfigurations.heimdall; };
};
loki = {
hostname = "loki.tsn";
profiles.system = { user = "root"; path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos inputs.self.nixosConfigurations.loki; };
};
odin = {
hostname = "odin.tsn";
profiles.system = { user = "root"; path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos inputs.self.nixosConfigurations.odin; };
};
thor = {
hostname = "thor.tsn";
profiles.system = { user = "root"; path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos inputs.self.nixosConfigurations.thor; };
};
};
};
};
}
Reference in a new issue View git blame Copy permalink