flake.nix at 01ce7f422d06c66e6894e5ac406e5be0e3496695 · ryan.freumh.org/nixos

ryan.freumh.org / nixos
btw i use nix
nixos / flake.nix
at 01ce7f422d06c66e6894e5ac406e5be0e3496695 11 kB view raw
  1{
  2  inputs = {
  3    nixpkgs-compat.url = "github:nixos/nixpkgs/nixos-24.05";
  4    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
  5    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
  6    nixpkgs-element.url = "github:nixos/nixpkgs/b91f647a35c4e18a73adf617e6ef9eb5f3baa503";
  7    nixpkgs-flaresolverr.url = "github:nixos/nixpkgs/ebbc0409688869938bbcf630da1c1c13744d2a7b";
  8    nixpkgs-sonarr.url = "github:nixos/nixpkgs/394571358ce82dff7411395829aa6a3aad45b907";
  9    nixos-hardware.url = "github:nixos/nixos-hardware";
 10    home-manager.url = "github:nix-community/home-manager/release-24.11";
 11    agenix.url = "github:ryantm/agenix";
 12    deploy-rs.url = "github:serokell/deploy-rs";
 13    nix-on-droid.url = "github:nix-community/nix-on-droid/release-24.05";
 14    eon.url = "github:RyanGibb/eon";
 15    eilean.url = "github:RyanGibb/eilean-nix/main";
 16    alec-website.url = "github:alexanderhthompson/website";
 17    fn06-website.url = "github:RyanGibb/fn06";
 18    i3-workspace-history.url = "github:RyanGibb/i3-workspace-history";
 19    hyperbib-eeg.url = "github:RyanGibb/hyperbib?ref=nixify";
 20    nix-rpi5.url = "gitlab:vriska/nix-rpi5?ref=main";
 21    nur.url = "github:nix-community/NUR/e9e77b7985ef9bdeca12a38523c63d47555cc89b";
 22    timewall.url = "github:bcyran/timewall/";
 23    tangled.url = "git+https://tangled.sh/@tangled.sh/core";
 24
 25    # deduplicate flake inputs
 26    eilean.inputs.nixpkgs.follows = "nixpkgs";
 27    eilean.inputs.eon.follows = "eon";
 28    home-manager.inputs.nixpkgs.follows = "nixpkgs";
 29    deploy-rs.inputs.nixpkgs.follows = "nixpkgs";
 30    nix-on-droid.inputs.nixpkgs.follows = "nixpkgs";
 31    nix-on-droid.inputs.home-manager.follows = "home-manager";
 32    alec-website.inputs.nixpkgs.follows = "nixpkgs";
 33    fn06-website.inputs.nixpkgs.follows = "nixpkgs";
 34    eon.inputs.nixpkgs.follows = "nixpkgs";
 35    i3-workspace-history.inputs.nixpkgs.follows = "nixpkgs";
 36    hyperbib-eeg.inputs.nixpkgs.follows = "nixpkgs";
 37    nix-rpi5.inputs.nixpkgs.follows = "nixpkgs";
 38    nur.inputs.nixpkgs.follows = "nixpkgs";
 39    timewall.inputs.nixpkgs.follows = "nixpkgs";
 40    tangled.inputs.nixpkgs.follows = "nixpkgs";
 41  };
 42
 43  outputs =
 44    inputs:
 45    let
 46      getSystemOverlays = system: nixpkgsConfig: [
 47        (final: prev: {
 48          # https://github.com/mautrix/whatsapp/issues/749
 49          overlay-compat = import inputs.nixpkgs-compat {
 50            inherit system;
 51            # follow stable nixpkgs config
 52            config = nixpkgsConfig;
 53          };
 54          overlay-unstable = import inputs.nixpkgs-unstable {
 55            inherit system;
 56            # follow stable nixpkgs config
 57            config = nixpkgsConfig;
 58          };
 59          # to use an unstable version of a package
 60          #package = final.overlay-unstable.package;
 61          # to use an custom version of a package
 62          #package = prev.callPackage ./pkgs/package.nix { };
 63          # to use an unstable custom version of a package
 64          #package = final.callPackage ./pkgs/package.nix { };
 65          # to override attributes of a package
 66          # package = prev.package.overrideAttrs
 67          #  (_: { patches = [ ./pkgs/package.patch ]; });
 68          opam = final.overlay-unstable.opam.overrideAttrs (_: {
 69            src = final.fetchurl {
 70              url = "http://ryan.freumh.org/software/opam-full-2.3.0-nixos-depexts.tar.gz";
 71              sha256 = "sha256-mRxxZtWFgQ8v1szVq5g5+qVqa+OffoG1aHzGUiMMvT0=";
 72            };
 73            version = "2.3.0";
 74          });
 75          immich = final.overlay-unstable.immich;
 76          mautrix-whatsapp = final.overlay-compat.mautrix-whatsapp;
 77          element-desktop =
 78            (import inputs.nixpkgs-element {
 79              inherit system;
 80              config = nixpkgsConfig;
 81            }).element-desktop;
 82          # https://github.com/NixOS/nixpkgs/issues/332776
 83          flaresolverr =
 84            (import inputs.nixpkgs-flaresolverr {
 85              inherit system;
 86              config = nixpkgsConfig;
 87            }).flaresolverr;
 88          sonarr =
 89            (import inputs.nixpkgs-sonarr {
 90              inherit system;
 91              config = nixpkgsConfig;
 92            }).sonarr;
 93          timewall = inputs.timewall.packages.${system}.default;
 94        })
 95        inputs.nur.overlays.default
 96      ];
 97    in
 98    {
 99      nixosConfigurations =
100        let
101          mkMode =
102            mode: host:
103            let
104              host-nixpkgs = inputs.nixpkgs;
105              host-home-manager = inputs.home-manager;
106            in
107            host-nixpkgs.lib.nixosSystem {
108              # use system from config.localSystem
109              # see https://github.com/NixOS/nixpkgs/blob/5297d584bcc5f95c8e87c631813b4e2ab7f19ecc/nixos/lib/eval-config.nix#L55
110              system = null;
111              pkgs = null;
112              specialArgs = inputs;
113              modules = [
114                ./hosts/${host}/${mode}.nix
115                ./modules/default.nix
116                (
117                  { config, ... }:
118                  {
119                    networking.hostName = "${host}";
120                    # pin nix command's nixpkgs flake to the system flake to avoid unnecessary downloads
121                    nix.registry.nixpkgs.flake = host-nixpkgs;
122                    system.stateVersion = "24.05";
123                    # record git revision (can be queried with `nixos-version --json)
124                    system.configurationRevision = host-nixpkgs.lib.mkIf (inputs.self ? rev) inputs.self.rev;
125                    nixpkgs = {
126                      config.allowUnfree = true;
127                      config.permittedInsecurePackages = [
128                        # https://github.com/nix-community/nixd/issues/357
129                        "nix-2.16.2"
130                        # https://github.com/mautrix/go/issues/262
131                        "olm-3.2.16"
132                        "aspnetcore-runtime-6.0.36"
133                        "aspnetcore-runtime-wrapped-6.0.36"
134                        "dotnet-sdk-6.0.428"
135                        "dotnet-sdk-wrapped-6.0.428"
136                      ];
137                      overlays = getSystemOverlays config.nixpkgs.hostPlatform.system config.nixpkgs.config;
138                      # uncomment for cross compilation (https://github.com/NixOS/nix/issues/3843)
139                      #buildPlatform.system = "cpu-os";
140                    };
141                    security.acme-eon.acceptTerms = true;
142                  }
143                )
144                host-home-manager.nixosModule
145                inputs.eilean.nixosModules.default
146                inputs.agenix.nixosModules.default
147              ];
148            };
149          readModes =
150            dir:
151            let
152              files = builtins.readDir dir;
153            in
154            let
155              filtered = inputs.nixpkgs.lib.attrsets.filterAttrs (
156                n: v: v == "regular" && (n == "default.nix" || n == "minimal.nix")
157              ) files;
158            in
159            let
160              names = inputs.nixpkgs.lib.attrNames filtered;
161            in
162            builtins.map (f: inputs.nixpkgs.lib.strings.removeSuffix ".nix" f) names;
163          mkModes =
164            host: modes:
165            builtins.map (mode: {
166              name = "${host}${if mode == "default" then "" else "-${mode}"}";
167              value = mkMode mode host;
168            }) modes;
169          mkHosts =
170            hosts:
171            let
172              nestedList = builtins.map (host: mkModes host (readModes ./hosts/${host})) hosts;
173            in
174            let
175              list = inputs.nixpkgs.lib.lists.flatten nestedList;
176            in
177            builtins.listToAttrs list;
178          hosts = builtins.attrNames (builtins.readDir ./hosts);
179        in
180        mkHosts hosts;
181
182      deploy = {
183        user = "root";
184        nodes = builtins.listToAttrs (
185          builtins.map
186            (
187              name:
188              let
189                machine = inputs.self.nixosConfigurations.${name};
190                system = machine.pkgs.system;
191                pkgs = import inputs.nixpkgs { inherit system; };
192                # nixpkgs with deploy-rs overlay but force the nixpkgs package
193                deployPkgs = import inputs.nixpkgs {
194                  inherit system;
195                  overlays = [
196                    inputs.deploy-rs.overlay
197                    (self: super: {
198                      deploy-rs = {
199                        inherit (pkgs) deploy-rs;
200                        lib = super.deploy-rs.lib;
201                      };
202                    })
203                  ];
204                };
205              in
206              {
207                inherit name;
208                value = {
209                  # if we're on a different system build on the remote
210                  #remoteBuild = machine.config.nixpkgs.hostPlatform.system == builtins.currentSystem;
211                  remoteBuild = true;
212                  sshUser = "root";
213                  hostname = if name == "swan" then "eeg.cl.cam.ac.uk" else machine.config.networking.hostName;
214                  profiles.system = {
215                    user = "root";
216                    path = deployPkgs.deploy-rs.lib.activate.nixos machine;
217                  };
218                };
219              }
220            )
221            [
222              "capybara"
223              "duck"
224              "elephant"
225              "gecko"
226              "owl"
227              "shrew"
228              "swan"
229            ]
230        );
231      };
232
233      nixOnDroidConfigurations.default = inputs.nix-on-droid.lib.nixOnDroidConfiguration {
234        modules = [ (import ./nix-on-droid/default.nix inputs) ];
235        pkgs = import inputs.nixpkgs {
236          overlays = getSystemOverlays "aarch64-linux" { };
237          config.permittedInsecurePackages = [
238            # https://github.com/nix-community/nixd/issues/357
239            "nix-2.16.2"
240          ];
241        };
242      };
243
244      homeConfigurations = {
245        rtg24 =
246          let
247            system = "x86_64-linux";
248            pkgs = inputs.nixpkgs.legacyPackages.${system};
249          in
250          inputs.home-manager.lib.homeManagerConfiguration {
251            inherit pkgs;
252            modules = [
253              ./home/default.nix
254              {
255                nix.package = pkgs.nix;
256                nixpkgs.overlays = getSystemOverlays system { };
257                home.username = "rtg24";
258                home.homeDirectory = "/home/rtg24";
259                home.packages = with pkgs; [ home-manager ];
260                custom = {
261                  machineColour = "red";
262                };
263              }
264            ];
265          };
266      };
267
268      legacyPackages = inputs.nixpkgs.lib.genAttrs inputs.nixpkgs.lib.systems.flakeExposed (system: {
269        nixpkgs = import inputs.nixpkgs {
270          inherit system;
271          overlays = getSystemOverlays system { };
272        };
273      });
274
275      formatter = inputs.nixpkgs.lib.genAttrs inputs.nixpkgs.lib.systems.flakeExposed (
276        system: inputs.nixpkgs.legacyPackages.${system}.nixfmt-rfc-style
277      );
278    };
279}