Compare commits

...

2 commits

Author SHA1 Message Date
chayleaf 6a329dab38 refactor pkgs, allow NixOS HM module to be used 2023-05-25 06:26:52 +07:00
chayleaf d86b83c319 update private config sample 2023-05-25 05:09:17 +07:00
46 changed files with 208 additions and 182 deletions

View file

@ -1,12 +1,9 @@
# My Nix config
To install, simply run `nixos-rebuild switch --flake .` and
`home-manager switch --flake .`.
The reason I don't use the NixOS home-manager module is is because I
want to be able to iterate home config quickly, and `nixos-rebuild`'ing
the entire system for every little change is pretty annoying (not to
mention the necessity of `sudo`). I'll probably merge them later,
especially after [Tvix](https://tvl.fyi/blog/rewriting-nix) becomes
feature-complete.
`home-manager switch --flake .`... just kidding, this config relies on a
bunch of secrets that I'm too lazy to make defaults for (such as initial
root password for impermanence), so you won't be able to run it as-is.
Home-manager config and modules are in `./home`, NixOS config and
modules are in `./system`.

View file

@ -152,11 +152,11 @@
"utils": "utils"
},
"locked": {
"lastModified": 1684962389,
"narHash": "sha256-pGAbDgIusNLVUFF5BcfI8ZPQGuQvMmlINOJUztHZrsg=",
"lastModified": 1684964237,
"narHash": "sha256-dDS+GhdZN2MAa2FJKFGM2gpgAXhx+xoMkpVsRx9qpDE=",
"owner": "simple-nixos-mailserver",
"repo": "nixos-mailserver",
"rev": "fd605a419bcad2513844ccee0fc6f7760cdd657e",
"rev": "1bcfcf786bc289ca1bd2c9d29d6f02d9141b1da3",
"type": "gitlab"
},
"original": {

284
flake.nix
View file

@ -30,125 +30,169 @@
};
outputs = inputs@{ self, nixpkgs, nixos-hardware, impermanence, home-manager, nur, nix-gaming, notlua, nixos-mailserver, ... }:
let
# IRL-related stuff I'd rather not put into git
priv =
if builtins.pathExists ./private.nix then (import ./private.nix)
else if builtins.pathExists ./private/default.nix then (import ./private)
else { };
getOr = def: s: x: with builtins; if hasAttr s x then getAttr s x else def;
getPriv = hostname: getOr { } hostname priv;
getPrivSys = hostname: getOr { } "system" (getPriv hostname);
getPrivUser = hostname: user: getOr { } user (getPriv hostname);
lib = nixpkgs.lib // {
quoteListenAddr = addr:
if nixpkgs.lib.hasInfix ":" addr then "[${addr}]" else addr;
};
config = {
nixmsi = rec {
system = "x86_64-linux";
modules = [
nix-gaming.nixosModules.pipewireLowLatency
./system/hardware/msi_delta_15.nix
./system/hosts/nixmsi.nix
];
home.user = {
pkgs = import nixpkgs {
inherit system;
binaryCachePublicKeys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
# "nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
];
binaryCaches = [
"https://cache.nixos.org"
# "https://nixpkgs-wayland.cachix.org"
];
overlays = [
(self: super: import ./home/pkgs {
# can't use callPackage here, idk why
pkgs = super;
lib = super.lib;
nur = import nur {
pkgs = super;
nurpkgs = super;
};
nix-gaming = nix-gaming.packages.${system};
})
];
};
extraSpecialArgs = {
notlua = notlua.lib.${system};
# pkgs-wayland = nixpkgs-wayland.packages.${system};
};
modules = [
nur.nixosModules.nur
./home/hosts/nixmsi.nix
];
};
};
nixserver = {
modules = [
nixos-mailserver.nixosModules.default
./system/hardware/hp_probook_g0.nix
./system/hosts/nixserver
];
};
router = {
system = "aarch64-linux";
modules = [
./system/hardware/bpi_r3.nix
./system/hosts/router
];
};
};
in {
nixosConfigurations = builtins.mapAttrs (hostname: args @ { system ? "x86_64-linux", modules, ... }:
lib.nixosSystem ({
inherit system;
modules = modules ++ [
{ networking.hostName = hostname; }
./system/modules/vfio.nix
./system/modules/ccache.nix
./system/modules/impermanence.nix
./system/modules/common.nix
impermanence.nixosModule
(getPrivSys hostname)
{
nix.registry =
builtins.mapAttrs
(_: v: { flake = v; })
(lib.filterAttrs (_: v: v?outputs) inputs);
# add import'able flakes (like nixpkgs) to nix path
environment.etc = lib.mapAttrs'
(name: value: {
name = "nix/inputs/${name}";
value = { source = value.outPath; };
})
(lib.filterAttrs (_: v: builtins.pathExists "${v}/default.nix") inputs);
nix.nixPath = [ "/etc/nix/inputs" ];
}
];
specialArgs = {
inherit lib nixpkgs;
hardware = nixos-hardware.nixosModules;
};
} // (builtins.removeAttrs args [ "home" "modules" ])))
config;
homeConfigurations =
builtins.foldl'
(a: b: a // b)
{ }
(builtins.concatLists
(lib.mapAttrsToList
(hostname: config:
lib.mapAttrsToList
(user: config@{ modules, ... }: {
"${user}@${hostname}" = home-manager.lib.homeManagerConfiguration (config // {
modules = config.modules ++ [ (getPrivUser hostname user) ];
});
})
(getOr { } "home" config))
config));
let
# IRL-related stuff I'd rather not put into git
priv =
if builtins.pathExists ./private.nix then (import ./private.nix)
else if builtins.pathExists ./private/default.nix then (import ./private)
else { };
# if x has key s, get it. Otherwise return def
getOr = def: s: x: with builtins; if hasAttr s x then getAttr s x else def;
# All private config for hostname
getPriv = hostname: getOr { } hostname priv;
# Private NixOS config for hostname
getPrivSys = hostname: getOr { } "system" (getPriv hostname);
# Private home-manager config for hostname and username
getPrivUser = hostname: user: getOr { } user (getPriv hostname);
# extended lib
lib = nixpkgs.lib // {
quoteListenAddr = addr:
if nixpkgs.lib.hasInfix ":" addr then "[${addr}]" else addr;
};
# can't use callPackage here, idk why; use import instead
overlay = self: super: import ./pkgs {
pkgs = super;
lib = super.lib;
nur = import nur {
pkgs = super;
nurpkgs = super;
};
nix-gaming = nix-gaming.packages.${super.system};
};
# I override some settings down the line, but overlays always stay the same
mkPkgs = config: import nixpkgs (config // {
overlays = (if config?overlays then config.overlays else [ ]) ++ [ overlay ];
});
# this is actual config, it gets processed later
config = {
nixserver = {
modules = [
nixos-mailserver.nixosModules.default
./system/hardware/hp_probook_g0.nix
./system/hosts/nixserver
];
};
router = {
system = "aarch64-linux";
modules = [
./system/hardware/bpi_r3.nix
./system/hosts/router
];
};
nixmsi = rec {
system = "x86_64-linux";
nixpkgs.config.allowUnfreePredicate = pkg: (lib.getName pkg) == "steam-original";
modules = [
nix-gaming.nixosModules.pipewireLowLatency
./system/hardware/msi_delta_15.nix
./system/hosts/nixmsi.nix
];
home.common.pkgs = mkPkgs {
inherit system;
config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
"steam-run"
"steam"
"steam-original"
"steam-runtime"
"steamcmd"
"osu-lazer-bin"
];
binaryCachePublicKeys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
# "nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
];
binaryCaches = [
"https://cache.nixos.org"
# "https://nixpkgs-wayland.cachix.org"
];
};
home.common.extraSpecialArgs = {
notlua = notlua.lib.${system};
};
home.user = [
nur.nixosModules.nur
./home/hosts/nixmsi.nix
];
};
};
in {
overlays.default = overlay;
packages = lib.genAttrs [
"x86_64-linux"
"aarch64-linux"
] (system: let self = overlay self (import nixpkgs { inherit system; }); in self );
# this is the system config part
nixosConfigurations = builtins.mapAttrs (hostname: args @ { system ? "x86_64-linux", modules, nixpkgs ? {}, home ? {}, ... }:
lib.nixosSystem ({
inherit system;
pkgs = mkPkgs ({
inherit system;
} // nixpkgs);
modules = modules ++ [
{ networking.hostName = hostname; }
./system/modules/vfio.nix
./system/modules/ccache.nix
./system/modules/impermanence.nix
./system/modules/common.nix
impermanence.nixosModule
(getPrivSys hostname)
{
nix.registry =
builtins.mapAttrs
(_: v: { flake = v; })
(lib.filterAttrs (_: v: v?outputs) inputs);
# add import'able flakes (like nixpkgs) to nix path
environment.etc = lib.mapAttrs'
(name: value: {
name = "nix/inputs/${name}";
value = { source = value.outPath; };
})
(lib.filterAttrs (_: v: builtins.pathExists "${v}/default.nix") inputs);
nix.nixPath = [ "/etc/nix/inputs" ];
}
] ++ (lib.optionals (home != {} && (!(home?common) || !(home.common?pkgs))) [
# only use NixOS HM module if same nixpkgs as system nixpkgs is used for user
# why? because it seems that HM lacks the option to override pkgs, only change nixpkgs.* settings
home-manager.nixosModules.home-manager
{
home-manager = builtins.removeAttrs (getOr { } "common" home) [ "nixpkgs" ];
}
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users = builtins.mapAttrs (k: v: {
imports = v ++ [ {
nixpkgs = getOr { } "nixpkgs" (getOr { } "common" home);
} ];
}) (builtins.removeAttrs home [ "common" ]);
}
]);
specialArgs = {
inherit lib nixpkgs;
hardware = nixos-hardware.nixosModules;
};
} // (builtins.removeAttrs args [ "home" "modules" "nixpkgs" ])))
config;
# for each hostname, for each user, generate an attribute "${user}@${hostname}"
homeConfigurations =
builtins.foldl'
(a: b: a // b)
{ }
(builtins.concatLists
(lib.mapAttrsToList
(hostname: sysConfig:
let common = builtins.removeAttrs (getOr { } "common" sysConfig.home) [ "nixpkgs" ]; in
lib.mapAttrsToList
# this is where actual config takes place
(user: homeConfig: {
"${user}@${hostname}" = home-manager.lib.homeManagerConfiguration (common // {
modules = homeConfig ++ [
(getPrivUser hostname user)
];
});
})
(builtins.removeAttrs (getOr { } "home" sysConfig) [ "common" ]))
config));
};
}

View file

@ -29,14 +29,6 @@
enable = true;
};
services.kdeconnect.enable = true;
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
"steam-run"
"steam"
"steam-original"
"steam-runtime"
"steamcmd"
"osu-lazer-bin"
];
home.sessionVariables = {
STEAM_EXTRA_COMPAT_TOOLS_PATHS = "${pkgs.proton-ge}";
CARGO_PROFILE_DEV_INCREMENTAL = "true";

View file

@ -1,5 +0,0 @@
{
nixmsi = { pkgs, ... }: {
# insert private config here
};
}

View file

@ -5,7 +5,7 @@
, ... }:
let
inherit (pkgs) callPackage;
sources = import ../_sources/generated.nix {
sources = import ./_sources/generated.nix {
inherit (pkgs) fetchgit fetchurl fetchFromGitHub dockerTools;
};
in
@ -30,6 +30,8 @@ in
fetchSubmodules = true;
};
});
maubot = callPackage ./maubot.nix { };
pineapplebot = callPackage ./pineapplebot.nix { };
proton-ge = pkgs.stdenvNoCC.mkDerivation {
inherit (sources.proton-ge) pname version src;
installPhase = ''
@ -38,6 +40,7 @@ in
'';
};
rofi-steam-game-list = callPackage ./rofi-steam-game-list { };
system76-scheduler = callPackage ./system76-scheduler.nix { };
techmino = callPackage ./techmino { };
firefox-addons = lib.recurseIntoAttrs (callPackage ./firefox-addons { inherit nur sources; });

2
postpush.sh Executable file
View file

@ -0,0 +1,2 @@
#!/usr/bin/env bash
mv .git .git.bak

19
private.nix.sample Normal file
View file

@ -0,0 +1,19 @@
{
nixmsi = {
system = { pkgs, ... }: {
# insert private config here
time.timeZone = ...;
users.users.root.initialHashedPassword = ...;
users.users.user.initialHashedPassword = ...;
};
username = { pkgs, ... }: {
# insert private user config for username here
};
};
nixserver.system = { ... }: {
server.localIpV4 = ...;
server.lanCidrV4 = ...;
server.localIpV6 = ...;
server.lanCidrV6 = ...;
};
}

View file

@ -1,4 +1,4 @@
#!/usr/bin/env bash
git push
git push github master
mv .git .git.bak
./postpush.sh

View file

@ -93,7 +93,6 @@ in {
# zen619.configuration.boot.kernelPackages = zenKernelPackages "6.1.9" "0fsmcjsawxr32fxhpp6sgwfwwj8kqymy0rc6vh4qli42fqmwdjgv";
# };
nixpkgs.config.allowUnfreePredicate = pkg: (lib.getName pkg) == "steam-original";
hardware = {
steam-hardware.enable = true;
opengl.driSupport32Bit = true;

View file

@ -1,20 +0,0 @@
{ pkgs
, lib
, ... }:
let
inherit (pkgs) callPackage;
in {
system76-scheduler = callPackage ./system76-scheduler.nix { };
maubot = callPackage ./maubot.nix { };
pineapplebot = callPackage ./pineapplebot.nix { };
inherit lib;
}
/*
// (lib.optionalAttrs (pkgs.system == "...") {
fdroidserver = pkgs.fdroidserver.overridePythonAttrs (oldAttrs: {
# remove apksigner, since official Android SDK is unavailable on arm64
makeWrapperArgs = [ ];
});
})
*/

View file

@ -1,9 +0,0 @@
{
nixmsi = { pkgs, lib, ... }: {
# insert private config here
# time.timeZone = ...;
# users.users.root.initialHashedPassword = ...;
# users.users.user.initialHashedPassword = ...;
};
nixserver = { ... }: { };
}

View file

@ -1,11 +1,15 @@
#!/usr/bin/env bash
cp ~/.config/nixpkgs/overlays.nix ./overlays.nix || echo "probably no overlays exist"
cp ~/.config/nixpkgs/overlays.nix ./overlays.nix || (mkdir -p ~/.config/nixpkgs && cp ./overlays.nix ~/.config/nixpkgs)
nix flake update
nvfetcher \
-o ./home/_sources \
-c ./home/nvfetcher.toml || echo "failed to update nvfetcher sources"
-o ./pkgs/_sources \
-c ./pkgs/nvfetcher.toml || echo "failed to update nvfetcher sources"
mozilla-addons-to-nix \
./home/pkgs/firefox-addons/addons.json \
./home/pkgs/firefox-addons/generated.nix || echo "failed to update firefox addons"
s nixos-rebuild switch --flake . || sudo nixos-rebuild switch --flake .
./pkgs/firefox-addons/addons.json \
./pkgs/firefox-addons/generated.nix || echo "failed to update firefox addons"
if [ -z ${SUDO_ASKPASS+x} ]; then
sudo nixos-rebuild switch --flake .
else
sudo -A nixos-rebuild switch --flake .
fi
home-manager switch --flake .