bertof/nix-dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nix-dotfiles/flake.nix
Filippo Berto cdccd6e1ae
Thor: unstable
2024-09-15 12:04:52 +02:00

532 lines
16 KiB
Nix
Raw Blame History

{
description = "Thor system configuration";
inputs = {
flake-compat.url = "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz";
nixpkgs.url = "github:NixOS/nixpkgs/release-24.05";
nixpkgs-u.url = "github:NixOS/nixpkgs/nixos-unstable";
home-manager = {
url = "github:nix-community/home-manager/release-24.05";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager-u = {
url = "github:nix-community/home-manager";
inputs = { nixpkgs.follows = "nixpkgs-u"; };
};
agenix = {
url = "github:ryantm/agenix";
inputs.nixpkgs.follows = "nixpkgs";
};
deploy-rs = {
url = "github:serokell/deploy-rs";
inputs = {
nixpkgs.follows = "nixpkgs";
};
};
flake-utils.url = "github:numtide/flake-utils";
nix-rice.url = "github:bertof/nix-rice";
nixos-generators = {
url = "github:nix-community/nixos-generators";
inputs = {
nixpkgs.follows = "nixpkgs";
};
};
nixos-hardware.url = "github:NixOS/nixos-hardware";
pre-commit-hooks = {
url = "github:cachix/pre-commit-hooks.nix";
inputs = {
nixpkgs.follows = "nixpkgs";
};
};
};
outputs =
{ self
, nixpkgs
, nixpkgs-u
, home-manager
, home-manager-u
, agenix
, deploy-rs
, flake-utils
, nixos-generators
, nixos-hardware
, nix-rice
, pre-commit-hooks
, ...
}:
let
config = {
allowUnfree = true;
extraOptions = "experimental-features = nix-command flakes";
permittedInsecurePackages = [
# "zotero-6.0.27"
# "electron-24.8.6" # Bitwarden
# "electron-25.9.0" # Obsidian
"electron-27.3.11" # LogSeq
];
};
overlays = [
# Combine stable and unstable packages
(self: _: {
stable_pkgs = import nixpkgs {
inherit config overlays;
inherit (self) system;
};
unstable_pkgs = import nixpkgs-u {
inherit config overlays;
inherit (self) system;
};
})
# Nix rice
nix-rice.overlays.default
(import ./rice.nix)
# Flakes packages
(self: super: {
clipedit = self.callPackage ./custom/clipedit { };
wl-clipedit = self.callPackage ./custom/wl-clipedit { };
update-background = self.callPackage ./custom/update-background {
backgrounds_directory = "$HOME/Immagini/Sfondi/1080+/1440+";
};
lockscreen = self.callPackage ./custom/lockscreen {
palette = self.rice.colorPalette;
font = self.rice.font.normal;
};
way-lockscreen = self.callPackage ./custom/way-lockscreen {
palette = self.rice.colorPalette;
font = self.rice.font.normal;
};
sddm-theme-clairvoyance = self.callPackage ./custom/sddm-theme-clairvoyance {
wallpaper = ./wallpapers/background.jpg;
};
keyboard-switch = self.callPackage ./custom/keyboard-switch { };
sddm-sugar-dark = self.callPackage ./custom/sddm-sugar-dark { };
google-chrome = super.google-chrome.override {
commandLineArgs = [
"--password-store=gnome"
"--force-dark-mode"
];
};
})
];
basic =
with flake-utils.lib;
eachDefaultSystem (
system:
let
pkgs = import nixpkgs { inherit system config overlays; };
in
{
checks = {
pre-commit-check = pre-commit-hooks.lib.${system}.run {
src = ./.;
hooks = {
deadnix.enable = true;
nixpkgs-fmt.enable = true;
statix.enable = true;
};
};
};
devShells.default = pkgs.mkShell {
buildInputs = [
# deploy-rs.packages.${system}.deploy-rs
pkgs.deploy-rs
];
shellHook = ''
${self.checks.${system}.pre-commit-check.shellHook}
'';
LOCAL_KEY = "/etc/nix/key";
};
formatter = pkgs.nixpkgs-fmt;
}
);
nix_configuration = {
nixpkgs = {
inherit overlays config;
};
nix = {
inherit (config) extraOptions;
registry = {
nixpkgs = {
from = {
id = "nixpkgs";
type = "indirect";
};
to = {
owner = "nixos";
repo = "nixpkgs";
type = "github";
};
};
stable = {
from = {
id = "stable";
type = "indirect";
};
flake = nixpkgs;
};
unstable = {
from = {
id = "unstable";
type = "indirect";
};
flake = nixpkgs-u;
};
};
};
};
# Home manager configuration
homeManagerModules = [
home-manager.nixosModules.default
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
};
}
];
homeManagerUModules = [
home-manager-u.nixosModules.default
{ home-manager = { useGlobalPkgs = true; useUserPackages = true; }; }
];
commonModules = [
# Nix configuration
nix_configuration
# S3 cache read
./modules/nixos/s3_cache_read.nix
# Agenix configuration
agenix.nixosModules.default
{
age.secrets = {
# oauth_proxy_client_credentials.file = ./secrets/oauth_proxy_client_credentials.age;
# spotify_password = { file = ./secrets/spotify_password.age; owner = "bertof"; };
wg_psk = {
file = ./secrets/wg_psk.age;
};
baldur_wg_priv = {
file = ./secrets/baldur_wg_priv.age;
};
oppo_wg_priv = {
file = ./secrets/oppo_wg_priv.age;
};
};
}
./modules/nixos/users/bertof.nix
# Some basic defaults
./modules/nixos/basics
];
installerModules = commonModules ++ [ ./modules/nixos/installer.nix ];
thorConfig = {
nixosConfigurations = {
thor = nixpkgs-u.lib.nixosSystem {
system = "x86_64-linux";
modules =
commonModules
++ [
./instances/thor/hardware-configuration.nix
nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-pc-ssd
./instances/thor/configuration.nix
# S3 cache write
./modules/nixos/s3_cache_write.nix
./modules/nixos/pro_audio.nix
./modules/nixos/kdeconnect.nix
./modules/nixos/steam.nix
./modules/nixos/hyprland.nix
{
home-manager.users.bertof.imports = [
./modules/hm/hyprland.nix
./modules/hm/swayidle.nix
];
}
./modules/nixos/musa.nix
]
++ homeManagerUModules
++ [{ home-manager.users.bertof = import ./instances/thor/hm.nix; }];
};
};
};
odinConfig = {
nixosConfigurations =
let
odinCommonModules = [
nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-laptop
nixos-hardware.nixosModules.common-pc-laptop-ssd
./instances/odin/hardware-configuration.nix
./instances/odin/common_configuration.nix
# S3 cache write
./modules/nixos/s3_cache_write.nix
# ./modules/nixos/pro_audio.nix
./modules/nixos/kdeconnect.nix
./modules/nixos/steam.nix
./modules/nixos/hyprland.nix
{ home-manager.users.bertof.imports = [ ./modules/hm/hyprland.nix ]; }
./modules/nixos/musa.nix
] ++ homeManagerModules ++ [{ home-manager.users.bertof = import ./instances/odin/hm.nix; }];
in
rec {
odin-nvidia = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = commonModules ++ odinCommonModules ++ [ ./instances/odin/configuration-nvidia.nix ];
};
odin-intel = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = commonModules ++ odinCommonModules ++ [ ./instances/odin/configuration-intel.nix ];
};
odin = odin-intel;
};
};
heimdallConfig = {
nixosConfigurations = {
heimdall = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules =
commonModules
++ [
nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-gpu-amd
nixos-hardware.nixosModules.common-pc-ssd
./modules/nixos/server
./instances/heimdall/hardware-configuration.nix
./instances/heimdall/configuration.nix
./modules/nixos/users/tiziano.nix
./modules/nixos/torrentbox.nix
./modules/nixos/minio.nix
./modules/nixos/rclone.nix
./modules/nixos/nextcloud.nix
# ./modules/nixos/ntfy.nix
]
++ homeManagerModules
++ [{ home-manager.users.bertof = import ./instances/heimdall/hm.nix; }];
};
};
};
freyaConfig = {
nixosConfigurations = {
freya = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules =
commonModules
++ [
nixos-hardware.nixosModules.raspberry-pi-4
(
{ lib, ... }:
{
boot.supportedFilesystems = lib.mkForce [
"btrfs"
"reiserfs"
"vfat"
"f2fs"
"xfs"
"ntfs"
"cifs"
];
}
)
./modules/nixos/server
./instances/freya/hardware-configuration.nix
./instances/freya/configuration.nix
./modules/nixos/users/tiziano.nix
./modules/nixos/torrentbox.nix
./modules/nixos/minio.nix
# ./modules/nixos/nextcloud.nix
./modules/nixos/ntfy.nix
]
++ homeManagerModules
++ [{ home-manager.users.bertof = import ./instances/freya/hm.nix; }];
};
};
};
baldurConfig = {
nixosConfigurations = {
baldur = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = commonModules ++ [
./modules/nixos/server
./instances/baldur/hardware-configuration.nix
./instances/baldur/configuration.nix
# ./modules/nixos/digitalocean.nix
./modules/nixos/users/tiziano.nix
]
# ++ homeManagerModules ++ [{
# home-manager.users.bertof = import ./instances/baldur/hm.nix;
# home-manager.users.tiziano = import ./instances/baldur/hm_tiziano.nix;
# }]
;
};
};
};
lokiConfig = {
nixosConfigurations = {
loki = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules =
commonModules
++ [
./modules/nixos/server
nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-ssd
./instances/loki/hardware-configuration.nix
./instances/loki/configuration.nix
./modules/nixos/users/tiziano.nix
]
++ homeManagerModules
++ [
{
# home-manager.users.bertof = import ./instances/loki/hm.nix;
# home-manager.users.tiziano = import ./instances/loki/hm_tiziano.nix;
}
];
};
};
};
deployments = {
# Deploy-rs checks
checks = builtins.mapAttrs (_system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
# Map nodes to Deploy-rs deployments
deploy.nodes = {
baldur = {
hostname = "baldur.bertof.net";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.baldur;
};
};
freya = {
hostname = "freya.tsn";
profiles.system = {
user = "root";
path = deploy-rs.lib.aarch64-linux.activate.nixos self.nixosConfigurations.freya;
};
};
heimdall = {
hostname = "heimdall.tsn";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.heimdall;
};
};
loki = {
hostname = "loki.tsn";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.loki;
};
};
odin = {
hostname = "odin.tsn";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.odin;
};
};
thor = {
hostname = "thor.tsn";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.thor;
};
};
};
};
images =
with flake-utils.lib;
eachSystem
[
system.x86_64-linux
system.aarch64-linux
]
(system: {
packages = {
# Installer ISO
install-iso = nixos-generators.nixosGenerate {
inherit system;
modules = installerModules;
format = "install-iso";
};
# RAW base image
raw-base-image = nixos-generators.nixosGenerate {
system = flake-utils.lib.system.x86_64-linux;
modules = installerModules;
format = "raw-efi";
};
# VMDK base image
vmdk-base-image = nixos-generators.nixosGenerate {
system = flake-utils.lib.system.x86_64-linux;
modules = installerModules;
format = "vmware";
};
# Aarch64 base image
aarch64-base-image = nixos-generators.nixosGenerate {
system = flake-utils.lib.system.aarch64-linux;
modules = installerModules;
format = "sd-aarch64";
};
# Installer DigitalOcean
do-image = nixos-generators.nixosGenerate {
inherit system;
modules = installerModules;
format = "do";
};
};
});
in
builtins.foldl' nixpkgs.lib.recursiveUpdate { } [
basic
thorConfig
odinConfig
freyaConfig
baldurConfig
heimdallConfig
lokiConfig
deployments
images
];
}
Reference in a new issue View git blame Copy permalink