flake.nix at 7a46ecfb9997df1e3afe72b5778486e82c3d9bff · ryan.freumh.org/nixos

ryan.freumh.org / nixos
btw i use nix
nixos / flake.nix
at 7a46ecfb9997df1e3afe72b5778486e82c3d9bff 11 kB view raw
  1{
  2  inputs = {
  3    nixpkgs-compat.url = "github:nixos/nixpkgs/nixos-24.05";
  4    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
  5    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
  6    nixpkgs-element.url = "github:nixos/nixpkgs/b91f647a35c4e18a73adf617e6ef9eb5f3baa503";
  7    nixpkgs-flaresolverr.url = "github:nixos/nixpkgs/ebbc0409688869938bbcf630da1c1c13744d2a7b";
  8    nixpkgs-sonarr.url = "github:nixos/nixpkgs/394571358ce82dff7411395829aa6a3aad45b907";
  9    nixos-hardware.url = "github:nixos/nixos-hardware";
 10    home-manager.url = "github:nix-community/home-manager/release-24.11";
 11    agenix.url = "github:ryantm/agenix";
 12    deploy-rs.url = "github:serokell/deploy-rs";
 13    nix-on-droid.url = "github:nix-community/nix-on-droid/release-24.05";
 14    eon.url = "github:RyanGibb/eon";
 15    eilean.url = "github:RyanGibb/eilean-nix/main";
 16    alec-website.url = "github:alexanderhthompson/website";
 17    fn06-website.url = "github:RyanGibb/fn06";
 18    colour-guesser.url = "git+ssh://git@github.com/ryangibb/colour-guesser.git?ref=develop";
 19    i3-workspace-history.url = "github:RyanGibb/i3-workspace-history";
 20    hyperbib-eeg.url = "github:RyanGibb/hyperbib?ref=nixify";
 21    nix-rpi5.url = "gitlab:vriska/nix-rpi5?ref=main";
 22    nur.url = "github:nix-community/NUR/e9e77b7985ef9bdeca12a38523c63d47555cc89b";
 23
 24    # deduplicate flake inputs
 25    eilean.inputs.nixpkgs.follows = "nixpkgs";
 26    eilean.inputs.eon.follows = "eon";
 27    home-manager.inputs.nixpkgs.follows = "nixpkgs";
 28    deploy-rs.inputs.nixpkgs.follows = "nixpkgs";
 29    nix-on-droid.inputs.nixpkgs.follows = "nixpkgs";
 30    nix-on-droid.inputs.home-manager.follows = "home-manager";
 31    alec-website.inputs.nixpkgs.follows = "nixpkgs";
 32    fn06-website.inputs.nixpkgs.follows = "nixpkgs";
 33    eon.inputs.nixpkgs.follows = "nixpkgs";
 34    colour-guesser.inputs.nixpkgs.follows = "nixpkgs";
 35    i3-workspace-history.inputs.nixpkgs.follows = "nixpkgs";
 36    hyperbib-eeg.inputs.nixpkgs.follows = "nixpkgs";
 37    nix-rpi5.inputs.nixpkgs.follows = "nixpkgs";
 38    nur.inputs.nixpkgs.follows = "nixpkgs";
 39  };
 40
 41  outputs =
 42    inputs:
 43    let
 44      getSystemOverlays = system: nixpkgsConfig: [
 45        (final: prev: {
 46          # https://github.com/mautrix/whatsapp/issues/749
 47          overlay-compat = import inputs.nixpkgs-compat {
 48            inherit system;
 49            # follow stable nixpkgs config
 50            config = nixpkgsConfig;
 51          };
 52          overlay-unstable = import inputs.nixpkgs-unstable {
 53            inherit system;
 54            # follow stable nixpkgs config
 55            config = nixpkgsConfig;
 56          };
 57          # to use an unstable version of a package
 58          #package = final.overlay-unstable.package;
 59          # to use an custom version of a package
 60          #package = prev.callPackage ./pkgs/package.nix { };
 61          # to use an unstable custom version of a package
 62          #package = final.callPackage ./pkgs/package.nix { };
 63          # to override attributes of a package
 64          # package = prev.package.overrideAttrs
 65          #  (_: { patches = [ ./pkgs/package.patch ]; });
 66          opam = final.overlay-unstable.opam.overrideAttrs (_: {
 67            src = final.fetchurl {
 68              url = "http://ryan.freumh.org/software/opam-full-2.3.0-nixos-depexts.tar.gz";
 69              sha256 = "sha256-mRxxZtWFgQ8v1szVq5g5+qVqa+OffoG1aHzGUiMMvT0=";
 70            };
 71            version = "2.3.0";
 72          });
 73          immich = final.overlay-unstable.immich;
 74          mautrix-whatsapp = final.overlay-compat.mautrix-whatsapp;
 75          element-desktop =
 76            (import inputs.nixpkgs-element {
 77              inherit system;
 78              config = nixpkgsConfig;
 79            }).element-desktop;
 80          # https://github.com/NixOS/nixpkgs/issues/332776
 81          flaresolverr =
 82            (import inputs.nixpkgs-flaresolverr {
 83              inherit system;
 84              config = nixpkgsConfig;
 85            }).flaresolverr;
 86          sonarr =
 87            (import inputs.nixpkgs-sonarr {
 88              inherit system;
 89              config = nixpkgsConfig;
 90            }).sonarr;
 91        })
 92        inputs.nur.overlays.default
 93      ];
 94    in
 95    {
 96      nixosConfigurations =
 97        let
 98          mkMode =
 99            mode: host:
100            let
101              host-nixpkgs = inputs.nixpkgs;
102              host-home-manager = inputs.home-manager;
103            in
104            host-nixpkgs.lib.nixosSystem {
105              # use system from config.localSystem
106              # see https://github.com/NixOS/nixpkgs/blob/5297d584bcc5f95c8e87c631813b4e2ab7f19ecc/nixos/lib/eval-config.nix#L55
107              system = null;
108              pkgs = null;
109              specialArgs = inputs;
110              modules = [
111                ./hosts/${host}/${mode}.nix
112                ./modules/default.nix
113                (
114                  { config, ... }:
115                  {
116                    networking.hostName = "${host}";
117                    # pin nix command's nixpkgs flake to the system flake to avoid unnecessary downloads
118                    nix.registry.nixpkgs.flake = host-nixpkgs;
119                    system.stateVersion = "24.05";
120                    # record git revision (can be queried with `nixos-version --json)
121                    system.configurationRevision = host-nixpkgs.lib.mkIf (inputs.self ? rev) inputs.self.rev;
122                    nixpkgs = {
123                      config.allowUnfree = true;
124                      config.permittedInsecurePackages = [
125                        # https://github.com/nix-community/nixd/issues/357
126                        "nix-2.16.2"
127                        # https://github.com/mautrix/go/issues/262
128                        "olm-3.2.16"
129                        "aspnetcore-runtime-6.0.36"
130                        "aspnetcore-runtime-wrapped-6.0.36"
131                        "dotnet-sdk-6.0.428"
132                        "dotnet-sdk-wrapped-6.0.428"
133                      ];
134                      overlays = getSystemOverlays config.nixpkgs.hostPlatform.system config.nixpkgs.config;
135                      # uncomment for cross compilation (https://github.com/NixOS/nix/issues/3843)
136                      #buildPlatform.system = "cpu-os";
137                    };
138                    security.acme-eon.acceptTerms = true;
139                  }
140                )
141                host-home-manager.nixosModule
142                inputs.eilean.nixosModules.default
143                inputs.agenix.nixosModules.default
144              ];
145            };
146          readModes =
147            dir:
148            let
149              files = builtins.readDir dir;
150            in
151            let
152              filtered = inputs.nixpkgs.lib.attrsets.filterAttrs (
153                n: v: v == "regular" && (n == "default.nix" || n == "minimal.nix")
154              ) files;
155            in
156            let
157              names = inputs.nixpkgs.lib.attrNames filtered;
158            in
159            builtins.map (f: inputs.nixpkgs.lib.strings.removeSuffix ".nix" f) names;
160          mkModes =
161            host: modes:
162            builtins.map (mode: {
163              name = "${host}${if mode == "default" then "" else "-${mode}"}";
164              value = mkMode mode host;
165            }) modes;
166          mkHosts =
167            hosts:
168            let
169              nestedList = builtins.map (host: mkModes host (readModes ./hosts/${host})) hosts;
170            in
171            let
172              list = inputs.nixpkgs.lib.lists.flatten nestedList;
173            in
174            builtins.listToAttrs list;
175          hosts = builtins.attrNames (builtins.readDir ./hosts);
176        in
177        mkHosts hosts;
178
179      deploy = {
180        user = "root";
181        nodes = builtins.listToAttrs (
182          builtins.map
183            (
184              name:
185              let
186                machine = inputs.self.nixosConfigurations.${name};
187                system = machine.pkgs.system;
188                pkgs = import inputs.nixpkgs { inherit system; };
189                # nixpkgs with deploy-rs overlay but force the nixpkgs package
190                deployPkgs = import inputs.nixpkgs {
191                  inherit system;
192                  overlays = [
193                    inputs.deploy-rs.overlay
194                    (self: super: {
195                      deploy-rs = {
196                        inherit (pkgs) deploy-rs;
197                        lib = super.deploy-rs.lib;
198                      };
199                    })
200                  ];
201                };
202              in
203              {
204                inherit name;
205                value = {
206                  # if we're on a different system build on the remote
207                  #remoteBuild = machine.config.nixpkgs.hostPlatform.system == builtins.currentSystem;
208                  remoteBuild = true;
209                  sshUser = "root";
210                  hostname = if name == "swan" then "eeg.cl.cam.ac.uk" else machine.config.networking.hostName;
211                  profiles.system = {
212                    user = "root";
213                    path = deployPkgs.deploy-rs.lib.activate.nixos machine;
214                  };
215                };
216              }
217            )
218            [
219              "capybara"
220              "duck"
221              "elephant"
222              "gecko"
223              "owl"
224              "shrew"
225              "swan"
226            ]
227        );
228      };
229
230      nixOnDroidConfigurations.default = inputs.nix-on-droid.lib.nixOnDroidConfiguration {
231        modules = [ ./nix-on-droid/default.nix ];
232        pkgs = import inputs.nixpkgs {
233          overlays = getSystemOverlays "aarch64-linux" { };
234          config.permittedInsecurePackages = [
235            # https://github.com/nix-community/nixd/issues/357
236            "nix-2.16.2"
237          ];
238        };
239      };
240
241      homeConfigurations = {
242        rtg24 =
243          let
244            system = "x86_64-linux";
245            pkgs = inputs.nixpkgs.legacyPackages.${system};
246          in
247          inputs.home-manager.lib.homeManagerConfiguration {
248            inherit pkgs;
249            modules = [
250              ./home/default.nix
251              {
252                nix.package = pkgs.nix;
253                nixpkgs.overlays = getSystemOverlays system { };
254                home.username = "rtg24";
255                home.homeDirectory = "/home/rtg24";
256                home.packages = with pkgs; [ home-manager ];
257                custom = {
258                  machineColour = "red";
259                  nvim-lsps = true;
260                };
261              }
262            ];
263          };
264      };
265
266      legacyPackages = inputs.nixpkgs.lib.genAttrs inputs.nixpkgs.lib.systems.flakeExposed (system: {
267        nixpkgs = import inputs.nixpkgs {
268          inherit system;
269          overlays = getSystemOverlays system { };
270        };
271      });
272
273      formatter = inputs.nixpkgs.lib.genAttrs inputs.nixpkgs.lib.systems.flakeExposed (
274        system: inputs.nixpkgs.legacyPackages.${system}.nixfmt-rfc-style
275      );
276
277      templates.host.path = ./templates/host;
278    };
279}