-
Notifications
You must be signed in to change notification settings - Fork 0
/
flake.nix
166 lines (160 loc) · 7.19 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
{
# NixOS configuration (with HomeManager)
# build system
outputs = { nixpkgs, home-manager, ... }@inputs: with inputs;
let
system = "x86_64-linux";
inherit (import ./profiles.nix { }) profiles;
inherit (import ./shared/overlays { inherit inputs; }) overlays;
# use a system-specific version of nixpkgs
pkgs = (import nixpkgs) { inherit system overlays; config.allowUnfree = lib.mkDefault true; };
inherit (nixpkgs) lib;
inherit (import ./shared/vars) user;
specialArgs = genSpecialArgs system;
extraModules = [
sops-nix.nixosModules.sops
chaotic.nixosModules.default
auto-cpufreq.nixosModules.default
];
# function to generate specialArgs
genSpecialArgs = system: {
pkgs-small = (import nixpkgs-small) { inherit system; config.allowUnfree = lib.mkDefault true; };
pkgs-stable = (import nixpkgs-stable) { inherit system; config.allowUnfree = lib.mkDefault true; };
inherit (import ./shared/lib { inherit lib; }) sharedLib;
inherit inputs pkgs system user;
};
# function to generate homeModule
genHomeModules = homeModules: [
home-manager.nixosModules.home-manager
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = specialArgs;
users.${user} = homeModules;
sharedModules = [
sops-nix.homeManagerModules.sops
];
};
}
];
# function to generate nixosSystem
genSystem =
{ profile
, isServer ? false
, profilePrefix ? (if (!isServer) then ./profiles/workstation/${profile.hostname} else ./profiles/server/${profile.hostname})
, hostModules ? (
[ (profilePrefix + "/configuration.nix") ] ++ (lib.optionals (!isServer) [
hyprland.nixosModules.default
])
)
, homeModules ? lib.optionals profile.home-manager (genHomeModules (import (profilePrefix + "/home.nix")))
}: lib.nixosSystem {
inherit specialArgs;
modules = hostModules ++ homeModules ++ extraModules;
};
# function to generate remote deploy nixosSystem
genDeploy =
{ profile
, hostModules ? [ ./profiles/server/${profile.hostname}/configuration.nix ]
, homeModules ? lib.optionals profile.home-manager (genHomeModules (import ./profiles/server/${profile.hostname}/home.nix))
}: {
deployment = {
targetHost = "nixos-${profile.hostname}";
# targetHost = "<ipv4 address>";
inherit (import ./shared/vars) targetPort targetUser tags;
inherit (profile) keys;
};
imports = hostModules ++ homeModules ++ extraModules;
};
# function to generate nixosSystem for microvm
genMicroVM =
{ profile
, hostModules ? [
microvm.nixosModules.microvm
(import ./shared/modules/microvm/${profile.hostname}.nix)
]
}: lib.nixosSystem {
inherit specialArgs;
modules = hostModules;
};
# function to generate nixosConfigurations with flake
genFlake = profiles: with profiles; (
# (lib.attrsets.mergeAttrsList): merge attribute sets, expect input as a list
lib.attrsets.mergeAttrsList (
# (map): instantiate nixosConfigurations.${profile} from inputs
(map (profile: { ${profile.hostname} = genSystem { inherit profile; }; }) workstations) ++
(map (profile: { ${profile.hostname} = genSystem { inherit profile; isServer = true; }; }) servers) ++
(map (profile: { "${profile.hostname}-microvm" = genMicroVM { inherit profile; }; }) microvms)
));
# function to generate colemna configs with flake for remote deploy
genColmena = servers: (
{ meta = { nixpkgs = pkgs; inherit specialArgs; }; } //
# (lib.attrsets.mergeAttrsList): merge attribute sets, expect input as a list
lib.attrsets.mergeAttrsList (map (profile: { ${profile.hostname} = genDeploy { inherit profile; }; }) servers)
);
# function to generate pre-commit-checks
genChecks = system: (pre-commit-hooks.lib.${system}.run {
src = ./.;
hooks = {
nixpkgs-fmt.enable = true; # formatter
statix.enable = true; # linter
deadnix.enable = true; # linter
};
});
# function to generate nix packages
genPkgs = microvms: lib.attrsets.mergeAttrsList (map
(profile: {
"${profile.hostname}-microvm" = self.nixosConfigurations."${profile.hostname}-microvm".config.microvm.declaredRunner;
nix-fast-build = inputs.nix-fast-build.packages.${system}.default;
})
microvms
);
in
with profiles;
{
# checks
checks.${system}.pre-commit-check = genChecks system;
# hosts
nixosConfigurations = genFlake profiles;
# remote deploy
colmena = genColmena servers;
# packages
packages.${system} = genPkgs microvms;
};
inputs = {
# public source
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-small.url = "github:nixos/nixpkgs/nixos-unstable-small";
nixpkgs-stable.url = "github:nixos/nixpkgs/bc947f541ae55e999ffdb4013441347d83b00feb";
pilots.url = "github:NixOS-Pilots/pilots";
chaotic.url = "github:chaotic-cx/nyx/nyxpkgs-unstable";
chaotic-kernel.url = "github:chaotic-cx/nyx/18ce11ef64c0d89b48bc9ee73f9b82d7e8f3abc9";
home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; };
sops-nix.url = "github:Mic92/sops-nix";
nixpkgs-wayland = { url = "github:nix-community/nixpkgs-wayland"; inputs.nixpkgs.follows = "nixpkgs"; };
hyprland = { url = "git+https://github.com/hyprwm/Hyprland?tag=v0.45.0&submodules=1"; };
pyprland = { url = "git+https://github.com/hyprland-community/pyprland?tag=2.4.3"; };
rust-nightly-overlay = { url = "github:nix-community/fenix"; inputs.nixpkgs.follows = "nixpkgs"; };
neovim-nightly-overlay.url = "github:nix-community/neovim-nightly-overlay";
impermanence.url = "github:nix-community/impermanence";
pre-commit-hooks.url = "github:cachix/pre-commit-hooks.nix";
microvm = { url = "github:astro/microvm.nix"; inputs.nixpkgs.follows = "nixpkgs"; };
nix-fast-build.url = "github:Mic92/nix-fast-build";
auto-cpufreq.url = "github:AdnanHodzic/auto-cpufreq";
# personal nur
nur.url = "github:piyoki/nur-packages";
assets.url = "github:piyoki/nur-assets";
# private repos
secrets = { url = "git+ssh://[email protected]/piyoki/sops-credentials.git?shallow=1"; flake = false; };
home-estate.url = "git+ssh://[email protected]/piyoki/home-estate.git?shallow=1";
# personal dotfiles
dotfiles.url = "git+https://github.com/piyoki/dotfiles.nix?ref=master";
# legacy
# secrets = { url = "git+file:/home/kev/flake/secrets?shallow=1"; flake = false; };
# home-estate.url = "git+file:/home/kev/flake/home-estate?shallow=1";
};
# === Issues to be fixed ===
# AMD GPU flickering on new Linux kernel patched
# https://www.reddit.com/r/archlinux/comments/1ec3n2e/is_amd_gpu_flickering_on_new_linux_kernel_patched/
}