dotfiles/flake.nix

291 lines
12 KiB
Nix
Raw Normal View History

{
description = "NixOS + Home Manager configuration of chayleaf";
inputs = {
2023-07-28 14:20:39 +07:00
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixos-hardware.url = "github:NixOS/nixos-hardware";
impermanence.url = "github:nix-community/impermanence";
nur.url = "github:nix-community/NUR";
rust-overlay = {
url = "github:oxalica/rust-overlay";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-gaming = {
url = "github:fufexan/nix-gaming";
inputs.nixpkgs.follows = "nixpkgs";
};
notlua = {
url = "github:chayleaf/notlua";
inputs.nixpkgs.follows = "nixpkgs";
};
2023-06-24 07:12:11 +07:00
notnft = {
url = "github:chayleaf/notnft";
2023-06-24 07:12:11 +07:00
inputs.nixpkgs.follows = "nixpkgs";
};
nixos-router = {
url = "github:chayleaf/nixos-router";
2023-06-24 07:12:11 +07:00
inputs.nixpkgs.follows = "nixpkgs";
};
maubot = {
url = "github:chayleaf/maubot.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
nixos-mailserver = {
url = "gitlab:simple-nixos-mailserver/nixos-mailserver";
inputs.nixpkgs.follows = "nixpkgs";
# prevent extra input from being in flake.lock
# (this doesn't affect any behavior)
inputs.nixpkgs-22_11.follows = "nixpkgs";
inputs.nixpkgs-23_05.follows = "nixpkgs";
};
flake-compat = {
url = "github:edolstra/flake-compat";
flake = false;
};
};
2023-07-28 14:20:39 +07:00
outputs = inputs@{ self, nixpkgs, nixos-hardware, impermanence, home-manager, nur, nix-gaming, notlua, notnft, nixos-mailserver, nixos-router, maubot, ... }:
2023-05-25 05:09:17 +07:00
let
# --impure required for developing
# it takes the paths for modules from filesystem as opposed to flake inputs
devNft = false;
devNixRt = false;
devMaubot = false;
2023-05-25 05:09:17 +07:00
# IRL-related stuff I'd rather not put into git
priv =
if builtins.pathExists ./private.nix then (import ./private.nix { })
else if builtins.pathExists ./private/default.nix then (import ./private { })
# workaround for git flakes not having access to non-checked out files
else if builtins?extraBuiltins.secrets then builtins.extraBuiltins.secrets
# yes, this is impure, this is a last ditch effort at getting access to secrets
else import /etc/nixos/private { };
2023-06-24 07:12:11 +07:00
devPath = priv.devPath or ../.;
# if x has key s, get it. Otherwise return def
# All private config for hostname
getPriv = hostname: priv.${hostname} or { };
# Private NixOS config for hostname
getPrivSys = hostname: (getPriv hostname).system or { };
# Private home-manager config for hostname and username
getPrivUser = hostname: user: (getPriv hostname).${user} or { };
# extended lib
2023-05-25 05:09:17 +07:00
lib = nixpkgs.lib // {
quoteListenAddr = addr:
if nixpkgs.lib.hasInfix ":" addr then "[${addr}]" else addr;
};
# can't use callPackage ./pkgs here, idk why; use import instead
overlay = self: super: import ./pkgs {
pkgs = super;
pkgs' = self;
lib = super.lib;
nur = import nur {
pkgs = super;
nurpkgs = super;
};
nix-gaming = nix-gaming.packages.${super.system};
};
# I override some settings down the line, but overlays always stay the same
mkPkgs = config: import nixpkgs (config // {
2023-07-28 14:20:39 +07:00
overlays = (config.overlays or [ ]) ++ [ overlay ];
});
# this is actual config, it gets processed below
2023-07-28 12:02:37 +07:00
config = let
2023-07-28 14:20:39 +07:00
mkBpiR3 = args: config: config // {
2023-07-28 12:02:37 +07:00
system = "aarch64-linux";
2023-07-28 14:20:39 +07:00
modules = (config.modules or [ ]) ++ [ (import ./system/devices/bpi-r3-router.nix args) ];
2023-05-25 05:09:17 +07:00
};
2023-07-28 12:02:37 +07:00
routerConfig = rec {
2023-05-25 05:09:17 +07:00
system = "aarch64-linux";
specialArgs.server-config = nixosConfigurations.nixserver.config;
2023-05-25 05:09:17 +07:00
modules = [
{
_module.args.notnft = if devNft then (import /${devPath}/notnft { inherit (nixpkgs) lib; }).config.notnft else notnft.lib.${system};
}
(if devNixRt then import /${devPath}/nixos-router else nixos-router.nixosModules.default)
2023-06-12 17:07:38 +07:00
];
};
2023-07-28 14:20:39 +07:00
crossConfig' = from: config: config // {
modules = config.modules ++ [
{
_module.args.fromSourcePkgs = (mkPkgs { system = from; }).pkgsCross.${{
aarch64-linux = "aarch64-multiplatform";
}.${config.system}};
}
];
};
crossConfig = config: crossConfig' ({
x86_64-linux = "aarch64-linux";
aarch64-linux = "x86_64-linux";
}.${config.system or "x86_64-linux"}) config;
in rec {
2023-07-28 12:02:37 +07:00
router-emmc = mkBpiR3 "emmc" routerConfig;
router-sd = mkBpiR3 "sd" routerConfig;
2023-07-28 14:20:39 +07:00
router-emmc-cross = crossConfig router-emmc;
router-sd-cross = crossConfig router-emmc;
2023-07-28 12:02:37 +07:00
nixserver = {
2023-06-12 17:07:38 +07:00
modules = [
2023-07-28 12:02:37 +07:00
nixos-mailserver.nixosModules.default
./system/devices/hp-probook-g0-server.nix
(if devMaubot then import /${devPath}/maubot.nix/module else maubot.nixosModules.default)
2023-05-25 05:09:17 +07:00
];
};
2023-07-28 14:20:39 +07:00
nixserver-cross = crossConfig nixserver;
nixmsi = rec {
system = "x86_64-linux";
modules = [
nix-gaming.nixosModules.pipewireLowLatency
./system/devices/msi-delta-15-workstation.nix
];
home.common.enableNixosModule = false;
home.common.extraSpecialArgs = {
notlua = notlua.lib.${system};
};
home.user = [
nur.nixosModules.nur
./home/hosts/nixmsi.nix
];
};
2023-07-28 14:20:39 +07:00
nixmsi-cross = crossConfig nixmsi;
2023-05-25 05:09:17 +07:00
};
# this is the system config processing part
2023-06-24 07:12:11 +07:00
nixosConfigurations = builtins.mapAttrs (hostname: args @ { system ? "x86_64-linux", modules, specialArgs ? {}, nixpkgs ? {}, home ? {}, ... }:
2023-05-25 05:09:17 +07:00
lib.nixosSystem ({
inherit system;
# allow modules to access nixpkgs directly, use customized lib,
# and pass nixos-harware to let hardware modules import parts of nixos-hardware
specialArgs = {
inherit lib nixpkgs;
hardware = nixos-hardware.nixosModules;
2023-06-24 07:12:11 +07:00
} // specialArgs;
2023-05-25 05:09:17 +07:00
modules = modules ++ [
# Third-party NixOS modules
impermanence.nixosModule
# My custom NixOS modules
2023-05-25 05:09:17 +07:00
./system/modules/vfio.nix
./system/modules/ccache.nix
./system/modules/impermanence.nix
./system/modules/common.nix
(getPrivSys hostname)
# The common configuration that isn't part of common.nix
2023-06-12 17:07:38 +07:00
({ config, pkgs, lib, ... }: {
networking.hostName = lib.mkDefault hostname;
nixpkgs.overlays = [ overlay ];
nix.extraOptions = ''
plugin-files = ${pkgs.nix-plugins.override { nix = config.nix.package; }}/lib/nix/plugins/libnix-extra-builtins.so
'';
# registry is used for the new flaky nix command
2023-05-25 05:09:17 +07:00
nix.registry =
builtins.mapAttrs
(_: v: { flake = v; })
(lib.filterAttrs (_: v: v?outputs) inputs);
2023-05-25 05:02:07 +07:00
# add import'able flake inputs (like nixpkgs) to nix path
# nix path is used for old nix commands (like nix-build, nix-shell)
2023-05-25 05:09:17 +07:00
environment.etc = lib.mapAttrs'
(name: value: {
name = "nix/inputs/${name}";
value = { source = value.outPath; };
})
(lib.filterAttrs (_: v: builtins.pathExists "${v}/default.nix") inputs);
nix.nixPath = [ "/etc/nix/inputs" ];
})
]
# the following is NixOS home-manager module configuration. Currently unused, but I might start using it for some hosts later.
++ (lib.optionals (home != {} && ((home.common or {}).enableNixosModule or true)) [
home-manager.nixosModules.home-manager
{
home-manager = builtins.removeAttrs (home.common or { }) [ "nixpkgs" "nix" "enableNixosModule" ];
}
{
# set both to false to match behavior with standalone home-manager
home-manager.useGlobalPkgs = false;
home-manager.useUserPackages = false;
home-manager.users = builtins.mapAttrs (username: modules: {
imports = modules ++ [
{
nixpkgs = (home.common or { }).nixpkgs or { };
nix = (home.common or { }).nix or { };
}
({ config, pkgs, lib, ...}: {
nixpkgs.overlays = [ overlay ];
nix.package = lib.mkDefault pkgs.nixForNixPlugins;
# this is only needed if nixos doesnt set plugin-files already
/*nix.extraOptions = ''
plugin-files = ${pkgs.nix-plugins.override { nix = config.nix.package; }}/lib/nix/plugins/libnix-extra-builtins.so
'';*/
})
(getPrivUser hostname username)
];
}) (builtins.removeAttrs home [ "common" ]);
}
]);
} // (builtins.removeAttrs args [ "home" "modules" "nixpkgs" ])))
2023-05-25 05:09:17 +07:00
config;
# for each hostname, for each user, generate an attribute "${user}@${hostname}"
2023-05-25 05:09:17 +07:00
homeConfigurations =
builtins.foldl'
(a: b: a // b)
{ }
(builtins.concatLists
(lib.mapAttrsToList
(hostname: sysConfig:
let
system = if sysConfig?system then sysConfig.system else "x86_64-linux";
common' = builtins.removeAttrs (sysConfig.home.common or { }) [ "nix" "nixpkgs" "enableNixosModule" ];
pkgs = mkPkgs ({ inherit system; } // ((sysConfig.home.common or { }).nixpkgs or {}));
common = common' // { inherit pkgs; };
in
2023-05-25 05:09:17 +07:00
lib.mapAttrsToList
# this is where actual config takes place
(user: homeConfig: {
"${user}@${hostname}" = home-manager.lib.homeManagerConfiguration (common // {
modules = homeConfig ++ [
(getPrivUser hostname user)
({ config, pkgs, lib, ... }: {
nixpkgs.overlays = [ overlay ];
nix.package = lib.mkDefault pkgs.nixForNixPlugins;
# this is only needed if nixos doesnt set plugin-files already
/*nix.extraOptions = ''
plugin-files = ${pkgs.nix-plugins.override { nix = config.nix.package; }}/lib/nix/plugins/libnix-extra-builtins.so
'';*/
})
];
2023-05-25 05:09:17 +07:00
});
2023-05-25 05:02:07 +07:00
})
(builtins.removeAttrs (sysConfig.home or { }) [ "common" ]))
2023-05-25 05:09:17 +07:00
config));
2023-07-28 10:04:49 +07:00
in {
inherit nixosConfigurations homeConfigurations;
overlays.default = overlay;
packages = lib.genAttrs [
"x86_64-linux"
"aarch64-linux"
] (system: let self = overlay ((mkPkgs { inherit system; }) // self) (import nixpkgs { inherit system; }); in self);
2023-07-28 14:20:39 +07:00
nixosImages.router = let pkgs = mkPkgs { system = "aarch64-linux"; }; in {
2023-07-28 10:04:49 +07:00
emmcImage = pkgs.callPackage ./system/hardware/bpi-r3/image.nix {
inherit (nixosConfigurations.router-emmc) config;
rootfsImage = nixosConfigurations.router-emmc.config.system.build.rootfsImage;
bpiR3Stuff = pkgs.bpiR3StuffEmmc;
};
sdImage = pkgs.callPackage ./system/hardware/bpi-r3/image.nix {
inherit (nixosConfigurations.router-sd) config;
rootfsImage = nixosConfigurations.router-sd.config.system.build.rootfsImage;
bpiR3Stuff = pkgs.bpiR3StuffSd;
};
};
hydraJobs = {
2023-07-28 12:16:03 +07:00
server.${config.nixserver.system or "x86_64-linux"} = nixosConfigurations.nixserver.config.system.build.toplevel;
workstation.${config.nixmsi.system or "x86_64-linux"} = nixosConfigurations.nixmsi.config.system.build.toplevel;
2023-07-28 14:20:39 +07:00
router.${config.router-emmc.system or "x86_64-linux"} = nixosConfigurations.router-emmc-cross.config.system.build.toplevel;
2023-07-28 12:16:03 +07:00
workstation-home.${config.nixmsi.system or "x86_64-linux"} = homeConfigurations."user@nixmsi".activation-script;
2023-07-28 10:04:49 +07:00
};
2023-05-25 05:09:17 +07:00
};
}