2023-11-30 00:49:32 -06:00
|
|
|
{
|
|
|
|
description = "Price Hiller's home manager configuration";
|
|
|
|
|
|
|
|
inputs = {
|
2024-05-03 14:35:00 -05:00
|
|
|
nix.url = "github:nixos/nix";
|
|
|
|
deploy-rs.url = "github:serokell/deploy-rs";
|
2024-04-23 10:36:34 -05:00
|
|
|
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
2024-09-05 10:57:43 -05:00
|
|
|
nixpkgs-master.url = "github:nixos/nixpkgs";
|
2024-02-13 12:31:59 -06:00
|
|
|
flake-utils.url = "github:numtide/flake-utils";
|
2024-09-27 00:36:41 -05:00
|
|
|
lanzaboote = {
|
|
|
|
url = "github:nix-community/lanzaboote";
|
|
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
|
|
};
|
2024-01-06 00:39:19 -06:00
|
|
|
bob = {
|
2024-05-03 14:35:00 -05:00
|
|
|
flake = false;
|
|
|
|
url = "github:MordechaiHadad/bob";
|
2024-03-16 15:21:25 -05:00
|
|
|
};
|
2023-11-30 00:49:32 -06:00
|
|
|
home-manager = {
|
|
|
|
url = "github:nix-community/home-manager";
|
|
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
|
|
};
|
2024-07-26 01:05:18 -05:00
|
|
|
wezterm = {
|
|
|
|
url = "github:wez/wezterm?dir=nix";
|
|
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
|
|
};
|
2024-03-14 03:37:02 -05:00
|
|
|
agenix = {
|
|
|
|
url = "github:yaxitech/ragenix";
|
|
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
|
|
};
|
2024-05-03 14:35:00 -05:00
|
|
|
impermanence = {
|
|
|
|
url = "github:nix-community/impermanence";
|
|
|
|
};
|
|
|
|
disko = {
|
|
|
|
url = "github:nix-community/disko";
|
|
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
|
|
};
|
|
|
|
blog = {
|
|
|
|
url = "git+https://git.orion-technologies.io/blog/blog";
|
|
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
|
|
};
|
2024-07-09 23:26:57 -05:00
|
|
|
emacs-overlay = {
|
|
|
|
url = "github:nix-community/emacs-overlay";
|
|
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
|
|
inputs.flake-utils.follows = "flake-utils";
|
|
|
|
};
|
2024-09-26 23:43:49 -05:00
|
|
|
secrets = {
|
|
|
|
url = "git+file:secrets?submodules=1";
|
|
|
|
flake = false;
|
|
|
|
};
|
2023-11-30 00:49:32 -06:00
|
|
|
};
|
|
|
|
|
2024-04-19 22:27:46 -05:00
|
|
|
outputs =
|
2024-05-03 14:35:00 -05:00
|
|
|
inputs@{ self, nixpkgs, ... }:
|
2023-11-30 00:49:32 -06:00
|
|
|
let
|
2024-05-03 14:35:00 -05:00
|
|
|
inherit (self) outputs;
|
|
|
|
forAllSystems =
|
|
|
|
function:
|
|
|
|
nixpkgs.lib.genAttrs
|
|
|
|
[
|
|
|
|
"aarch64-linux"
|
|
|
|
"i686-linux"
|
|
|
|
"x86_64-linux"
|
|
|
|
"aarch64-darwin"
|
|
|
|
"x86_64-darwin"
|
|
|
|
]
|
|
|
|
(
|
|
|
|
system:
|
|
|
|
function (
|
|
|
|
import nixpkgs {
|
|
|
|
inherit system;
|
|
|
|
overlays = [
|
|
|
|
inputs.agenix.overlays.default
|
2024-05-10 02:41:46 -05:00
|
|
|
self.overlays.modifications
|
|
|
|
self.overlays.additions
|
2024-05-03 14:35:00 -05:00
|
|
|
];
|
|
|
|
}
|
|
|
|
)
|
|
|
|
);
|
|
|
|
mkHomeCfg =
|
|
|
|
user: home-config:
|
|
|
|
let
|
|
|
|
username = "${builtins.head (builtins.match "(.+)(@.+)?" user)}";
|
|
|
|
in
|
|
|
|
inputs.home-manager.lib.homeManagerConfiguration {
|
|
|
|
pkgs = nixpkgs.legacyPackages.x86_64-linux;
|
|
|
|
extraSpecialArgs = {
|
2024-05-27 17:59:14 +00:00
|
|
|
clib = (import ./lib { lib = nixpkgs.lib; });
|
2024-05-03 14:35:00 -05:00
|
|
|
inherit inputs;
|
|
|
|
};
|
|
|
|
modules = [
|
|
|
|
({
|
|
|
|
imports = [ inputs.agenix.homeManagerModules.default ];
|
|
|
|
nixpkgs.overlays = [
|
2024-07-09 23:26:57 -05:00
|
|
|
inputs.emacs-overlay.overlays.default
|
2024-05-03 14:35:00 -05:00
|
|
|
self.overlays.modifications
|
|
|
|
self.overlays.additions
|
2024-02-04 22:26:55 -06:00
|
|
|
];
|
2024-05-03 14:35:00 -05:00
|
|
|
home = {
|
|
|
|
stateVersion = "24.05";
|
|
|
|
username = "${username}";
|
|
|
|
homeDirectory = "/home/${username}";
|
|
|
|
};
|
|
|
|
})
|
|
|
|
home-config
|
|
|
|
];
|
2024-02-04 22:26:55 -06:00
|
|
|
};
|
2024-05-03 14:35:00 -05:00
|
|
|
in
|
|
|
|
{
|
|
|
|
formatter = forAllSystems (pkgs: pkgs.nixfmt-rfc-style);
|
|
|
|
packages = forAllSystems (pkgs: import ./pkgs pkgs);
|
2024-05-28 11:39:43 -05:00
|
|
|
homeConfigurations = builtins.mapAttrs (mkHomeCfg) { "price" = ./users/price/home.nix; };
|
2024-05-03 14:35:00 -05:00
|
|
|
overlays = import ./overlays { inherit inputs; };
|
|
|
|
devShells = forAllSystems (pkgs: {
|
|
|
|
default = pkgs.mkShell {
|
2024-03-14 03:37:02 -05:00
|
|
|
packages = with pkgs; [
|
|
|
|
age
|
2024-05-10 02:41:46 -05:00
|
|
|
agenix
|
2024-03-14 03:37:02 -05:00
|
|
|
age-plugin-yubikey
|
|
|
|
nixos-rebuild
|
2024-05-03 14:35:00 -05:00
|
|
|
nixos-install-tools
|
2024-03-14 03:37:02 -05:00
|
|
|
pkgs.deploy-rs
|
|
|
|
];
|
|
|
|
shellHook = ''
|
|
|
|
export RULES="$PWD/secrets/secrets.nix"
|
|
|
|
'';
|
|
|
|
};
|
2024-05-03 14:35:00 -05:00
|
|
|
});
|
2024-05-10 00:02:07 -05:00
|
|
|
checks = forAllSystems (pkgs: {
|
|
|
|
formatting =
|
|
|
|
pkgs.runCommand "check-fmt"
|
|
|
|
{
|
|
|
|
buildInputs = with pkgs; [
|
2024-06-28 03:22:50 -05:00
|
|
|
fd
|
2024-05-10 00:02:07 -05:00
|
|
|
(import ./pkgs { inherit pkgs; }).Fmt
|
|
|
|
];
|
|
|
|
}
|
|
|
|
''
|
2024-06-28 03:22:50 -05:00
|
|
|
set -eEuo pipefail
|
|
|
|
fd --exec-batch=Fmt
|
2024-05-10 00:02:07 -05:00
|
|
|
touch $out
|
|
|
|
'';
|
|
|
|
});
|
2024-05-03 14:35:00 -05:00
|
|
|
apps = forAllSystems (pkgs: {
|
|
|
|
home-manager-init = {
|
|
|
|
type = "app";
|
|
|
|
program = "${
|
|
|
|
pkgs.writeShellApplication {
|
|
|
|
name = "home-manager-init";
|
|
|
|
runtimeInputs = with pkgs; [
|
|
|
|
git
|
|
|
|
nix
|
|
|
|
];
|
|
|
|
text = ''
|
|
|
|
#!${pkgs.bash}/bin/bash
|
|
|
|
cd "$(git rev-parse --show-toplevel)"
|
|
|
|
nix run --extra-experimental-features 'nix-command flakes' github:nix-community/home-manager -- switch --extra-experimental-features 'nix-command flakes' --flake "git+file://$(pwd)?submodules=1" "$@"
|
|
|
|
'';
|
|
|
|
}
|
|
|
|
}/bin/home-manager-init";
|
|
|
|
};
|
|
|
|
install-host = {
|
|
|
|
type = "app";
|
|
|
|
program = "${
|
|
|
|
pkgs.writeShellApplication {
|
|
|
|
name = "install-host";
|
|
|
|
runtimeInputs = with pkgs; [
|
|
|
|
openssh
|
|
|
|
coreutils-full
|
|
|
|
git
|
|
|
|
agenix
|
|
|
|
nix
|
|
|
|
];
|
|
|
|
text = (
|
|
|
|
''
|
|
|
|
#!${pkgs.bash}/bin/bash
|
|
|
|
# The below `cd` invocation ensures the installer is running from the toplevel of
|
|
|
|
# the flake and thus has correct paths available.
|
|
|
|
cd "$(git rev-parse --show-toplevel)"
|
|
|
|
''
|
|
|
|
+ builtins.readFile ./scripts/install-host.bash
|
|
|
|
);
|
|
|
|
}
|
|
|
|
}/bin/install-host";
|
|
|
|
};
|
|
|
|
});
|
|
|
|
nixosConfigurations =
|
|
|
|
let
|
2024-08-25 00:28:11 -05:00
|
|
|
clib = (import ./lib { lib = nixpkgs.lib; });
|
2024-05-03 14:35:00 -05:00
|
|
|
in
|
|
|
|
{
|
|
|
|
orion =
|
|
|
|
let
|
|
|
|
hostname = "orion";
|
|
|
|
in
|
|
|
|
nixpkgs.lib.nixosSystem {
|
|
|
|
system = "x86_64-linux";
|
|
|
|
specialArgs = {
|
|
|
|
inherit self;
|
|
|
|
inherit inputs;
|
|
|
|
inherit outputs;
|
|
|
|
inherit hostname;
|
2024-08-25 00:28:11 -05:00
|
|
|
inherit clib;
|
2024-05-03 14:35:00 -05:00
|
|
|
};
|
|
|
|
modules = [
|
2024-08-24 23:38:27 -05:00
|
|
|
./modules/btrfs-rollback.nix
|
2024-09-27 00:36:41 -05:00
|
|
|
inputs.lanzaboote.nixosModules.lanzaboote
|
2024-05-03 14:35:00 -05:00
|
|
|
inputs.impermanence.nixosModules.impermanence
|
|
|
|
inputs.agenix.nixosModules.default
|
|
|
|
inputs.disko.nixosModules.disko
|
|
|
|
{
|
|
|
|
config =
|
2024-09-26 23:43:49 -05:00
|
|
|
(import "${inputs.secrets}" {
|
2024-05-03 14:35:00 -05:00
|
|
|
agenix = false;
|
2024-08-25 00:28:11 -05:00
|
|
|
inherit clib;
|
2024-05-03 14:35:00 -05:00
|
|
|
}).${hostname};
|
|
|
|
}
|
|
|
|
./hosts/${hostname}
|
|
|
|
];
|
|
|
|
};
|
|
|
|
luna =
|
|
|
|
let
|
|
|
|
hostname = "luna";
|
|
|
|
in
|
|
|
|
nixpkgs.lib.nixosSystem {
|
|
|
|
system = "x86_64-linux";
|
|
|
|
specialArgs = {
|
|
|
|
inherit self;
|
|
|
|
inherit inputs;
|
|
|
|
inherit hostname;
|
|
|
|
inherit nixpkgs;
|
2024-08-25 00:28:11 -05:00
|
|
|
inherit clib;
|
2024-05-03 14:35:00 -05:00
|
|
|
};
|
|
|
|
modules = [
|
2024-08-25 00:26:25 -05:00
|
|
|
./modules/btrfs-rollback.nix
|
2024-05-03 14:35:00 -05:00
|
|
|
inputs.impermanence.nixosModules.impermanence
|
|
|
|
inputs.agenix.nixosModules.default
|
|
|
|
inputs.disko.nixosModules.disko
|
|
|
|
{
|
|
|
|
config =
|
2024-09-26 23:43:49 -05:00
|
|
|
(import "${inputs.secrets}" {
|
2024-05-03 14:35:00 -05:00
|
|
|
agenix = false;
|
2024-08-25 00:28:11 -05:00
|
|
|
inherit clib;
|
2024-05-03 14:35:00 -05:00
|
|
|
}).${hostname};
|
|
|
|
}
|
|
|
|
./hosts/${hostname}
|
|
|
|
];
|
|
|
|
};
|
|
|
|
};
|
|
|
|
deploy.nodes =
|
|
|
|
let
|
|
|
|
deploy-rs = inputs.deploy-rs;
|
|
|
|
in
|
|
|
|
{
|
|
|
|
luna = {
|
|
|
|
hostname = "luna.hosts.orion-technologies.io";
|
|
|
|
fastConnection = true;
|
|
|
|
profiles.system = {
|
|
|
|
sshUser = "price";
|
|
|
|
user = "root";
|
|
|
|
path = deploy-rs.lib.x86_64-linux.activate.nixos outputs.nixosConfigurations.luna;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
2023-11-30 00:49:32 -06:00
|
|
|
}
|