flake.nix at master · ryan.freumh.org/nixos

ryan.freumh.org / nixos
btw i use nix
nixos / flake.nix
at master 11 kB view raw
  1{
  2  inputs = {
  3    nixpkgs-compat.url = "github:nixos/nixpkgs/nixos-24.05";
  4    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
  5    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
  6    nixpkgs-element.url = "github:nixos/nixpkgs/b91f647a35c4e18a73adf617e6ef9eb5f3baa503";
  7    nixpkgs-flaresolverr.url = "github:nixos/nixpkgs/ebbc0409688869938bbcf630da1c1c13744d2a7b";
  8    nixpkgs-sonarr.url = "github:nixos/nixpkgs/394571358ce82dff7411395829aa6a3aad45b907";
  9    nixos-hardware.url = "github:nixos/nixos-hardware";
 10    home-manager.url = "github:nix-community/home-manager/release-24.11";
 11    agenix.url = "github:ryantm/agenix";
 12    deploy-rs.url = "github:serokell/deploy-rs";
 13    nix-on-droid.url = "github:nix-community/nix-on-droid/release-24.05";
 14    eon.url = "github:RyanGibb/eon";
 15    eilean.url = "github:RyanGibb/eilean-nix/main";
 16    alec-website.url = "github:alexanderhthompson/website";
 17    fn06-website.url = "github:RyanGibb/fn06";
 18    i3-workspace-history.url = "github:RyanGibb/i3-workspace-history";
 19    hyperbib-eeg.url = "github:RyanGibb/hyperbib?ref=nixify";
 20    nix-rpi5.url = "gitlab:vriska/nix-rpi5?ref=main";
 21    nur.url = "github:nix-community/NUR/e9e77b7985ef9bdeca12a38523c63d47555cc89b";
 22    timewall.url = "github:bcyran/timewall/";
 23    tangled.url = "git+https://tangled.sh/@tangled.sh/core";
 24    disko.url = "github:nix-community/disko";
 25
 26    # deduplicate flake inputs
 27    eilean.inputs.nixpkgs.follows = "nixpkgs";
 28    eilean.inputs.eon.follows = "eon";
 29    home-manager.inputs.nixpkgs.follows = "nixpkgs";
 30    deploy-rs.inputs.nixpkgs.follows = "nixpkgs";
 31    nix-on-droid.inputs.nixpkgs.follows = "nixpkgs";
 32    nix-on-droid.inputs.home-manager.follows = "home-manager";
 33    alec-website.inputs.nixpkgs.follows = "nixpkgs";
 34    fn06-website.inputs.nixpkgs.follows = "nixpkgs";
 35    eon.inputs.nixpkgs.follows = "nixpkgs";
 36    i3-workspace-history.inputs.nixpkgs.follows = "nixpkgs";
 37    hyperbib-eeg.inputs.nixpkgs.follows = "nixpkgs";
 38    nix-rpi5.inputs.nixpkgs.follows = "nixpkgs";
 39    nur.inputs.nixpkgs.follows = "nixpkgs";
 40    timewall.inputs.nixpkgs.follows = "nixpkgs";
 41    tangled.inputs.nixpkgs.follows = "nixpkgs";
 42    disko.inputs.nixpkgs.follows = "nixpkgs";
 43  };
 44
 45  outputs =
 46    inputs:
 47    let
 48      getSystemOverlays = system: nixpkgsConfig: [
 49        (final: prev: {
 50          # https://github.com/mautrix/whatsapp/issues/749
 51          overlay-compat = import inputs.nixpkgs-compat {
 52            inherit system;
 53            # follow stable nixpkgs config
 54            config = nixpkgsConfig;
 55          };
 56          overlay-unstable = import inputs.nixpkgs-unstable {
 57            inherit system;
 58            # follow stable nixpkgs config
 59            config = nixpkgsConfig;
 60          };
 61          # to use an unstable version of a package
 62          #package = final.overlay-unstable.package;
 63          # to use an custom version of a package
 64          #package = prev.callPackage ./pkgs/package.nix { };
 65          # to use an unstable custom version of a package
 66          #package = final.callPackage ./pkgs/package.nix { };
 67          # to override attributes of a package
 68          # package = prev.package.overrideAttrs
 69          #  (_: { patches = [ ./pkgs/package.patch ]; });
 70          opam = final.overlay-unstable.opam.overrideAttrs (_: {
 71            src = final.fetchurl {
 72              url = "http://ryan.freumh.org/software/opam-full-2.3.0-nixos-depexts.tar.gz";
 73              sha256 = "sha256-mRxxZtWFgQ8v1szVq5g5+qVqa+OffoG1aHzGUiMMvT0=";
 74            };
 75            version = "2.3.0";
 76          });
 77          immich = final.overlay-unstable.immich;
 78          mautrix-whatsapp = final.overlay-compat.mautrix-whatsapp;
 79          element-desktop =
 80            (import inputs.nixpkgs-element {
 81              inherit system;
 82              config = nixpkgsConfig;
 83            }).element-desktop;
 84          # https://github.com/NixOS/nixpkgs/issues/332776
 85          flaresolverr =
 86            (import inputs.nixpkgs-flaresolverr {
 87              inherit system;
 88              config = nixpkgsConfig;
 89            }).flaresolverr;
 90          sonarr =
 91            (import inputs.nixpkgs-sonarr {
 92              inherit system;
 93              config = nixpkgsConfig;
 94            }).sonarr;
 95          timewall = inputs.timewall.packages.${system}.default;
 96        })
 97        inputs.nur.overlays.default
 98      ];
 99    in
100    {
101      nixosConfigurations =
102        let
103          mkMode =
104            mode: host:
105            let
106              host-nixpkgs = inputs.nixpkgs;
107              host-home-manager = inputs.home-manager;
108            in
109            host-nixpkgs.lib.nixosSystem {
110              # use system from config.localSystem
111              # see https://github.com/NixOS/nixpkgs/blob/5297d584bcc5f95c8e87c631813b4e2ab7f19ecc/nixos/lib/eval-config.nix#L55
112              system = null;
113              pkgs = null;
114              specialArgs = inputs;
115              modules = [
116                ./hosts/${host}/${mode}.nix
117                ./modules/default.nix
118                (
119                  { config, ... }:
120                  {
121                    networking.hostName = host-nixpkgs.lib.mkDefault "${host}";
122                    # pin nix command's nixpkgs flake to the system flake to avoid unnecessary downloads
123                    nix.registry.nixpkgs.flake = host-nixpkgs;
124                    system.stateVersion = "24.05";
125                    # record git revision (can be queried with `nixos-version --json)
126                    system.configurationRevision = host-nixpkgs.lib.mkIf (inputs.self ? rev) inputs.self.rev;
127                    nixpkgs = {
128                      config.allowUnfree = true;
129                      config.permittedInsecurePackages = [
130                        # https://github.com/nix-community/nixd/issues/357
131                        "nix-2.16.2"
132                        # https://github.com/mautrix/go/issues/262
133                        "olm-3.2.16"
134                        "aspnetcore-runtime-6.0.36"
135                        "aspnetcore-runtime-wrapped-6.0.36"
136                        "dotnet-sdk-6.0.428"
137                        "dotnet-sdk-wrapped-6.0.428"
138                      ];
139                      overlays = getSystemOverlays config.nixpkgs.hostPlatform.system config.nixpkgs.config;
140                      # uncomment for cross compilation (https://github.com/NixOS/nix/issues/3843)
141                      #buildPlatform.system = "cpu-os";
142                    };
143                    security.acme-eon.acceptTerms = true;
144                  }
145                )
146                host-home-manager.nixosModule
147                inputs.eilean.nixosModules.default
148                inputs.agenix.nixosModules.default
149              ];
150            };
151          readModes =
152            dir:
153            let
154              files = builtins.readDir dir;
155            in
156            let
157              filtered = inputs.nixpkgs.lib.attrsets.filterAttrs (
158                n: v: v == "regular" && (n == "default.nix" || n == "minimal.nix")
159              ) files;
160            in
161            let
162              names = inputs.nixpkgs.lib.attrNames filtered;
163            in
164            builtins.map (f: inputs.nixpkgs.lib.strings.removeSuffix ".nix" f) names;
165          mkModes =
166            host: modes:
167            builtins.map (mode: {
168              name = "${host}${if mode == "default" then "" else "-${mode}"}";
169              value = mkMode mode host;
170            }) modes;
171          mkHosts =
172            hosts:
173            let
174              nestedList = builtins.map (host: mkModes host (readModes ./hosts/${host})) hosts;
175            in
176            let
177              list = inputs.nixpkgs.lib.lists.flatten nestedList;
178            in
179            builtins.listToAttrs list;
180          hosts = builtins.attrNames (builtins.readDir ./hosts);
181        in
182        mkHosts hosts;
183
184      deploy = {
185        user = "root";
186        nodes = builtins.listToAttrs (
187          builtins.map
188            (
189              name:
190              let
191                machine = inputs.self.nixosConfigurations.${name};
192                system = machine.pkgs.system;
193                pkgs = import inputs.nixpkgs { inherit system; };
194                # nixpkgs with deploy-rs overlay but force the nixpkgs package
195                deployPkgs = import inputs.nixpkgs {
196                  inherit system;
197                  overlays = [
198                    inputs.deploy-rs.overlay
199                    (self: super: {
200                      deploy-rs = {
201                        inherit (pkgs) deploy-rs;
202                        lib = super.deploy-rs.lib;
203                      };
204                    })
205                  ];
206                };
207              in
208              {
209                inherit name;
210                value = {
211                  # if we're on a different system build on the remote
212                  #remoteBuild = machine.config.nixpkgs.hostPlatform.system == builtins.currentSystem;
213                  remoteBuild = true;
214                  sshUser = "root";
215                  hostname = if name == "swan" then "eeg.cl.cam.ac.uk" else machine.config.networking.hostName;
216                  profiles.system = {
217                    user = "root";
218                    path = deployPkgs.deploy-rs.lib.activate.nixos machine;
219                  };
220                };
221              }
222            )
223            [
224              "capybara"
225              "duck"
226              "elephant"
227              "gecko"
228              "owl"
229              "shrew"
230              "swan"
231            ]
232        );
233      };
234
235      nixOnDroidConfigurations.default = inputs.nix-on-droid.lib.nixOnDroidConfiguration {
236        modules = [ (import ./nix-on-droid/default.nix inputs) ];
237        pkgs = import inputs.nixpkgs {
238          overlays = getSystemOverlays "aarch64-linux" { };
239          config.permittedInsecurePackages = [
240            # https://github.com/nix-community/nixd/issues/357
241            "nix-2.16.2"
242          ];
243        };
244      };
245
246      homeConfigurations = {
247        rtg24 =
248          let
249            system = "x86_64-linux";
250            pkgs = inputs.nixpkgs.legacyPackages.${system};
251          in
252          inputs.home-manager.lib.homeManagerConfiguration {
253            inherit pkgs;
254            modules = [
255              ./home/default.nix
256              {
257                nix.package = pkgs.nix;
258                nixpkgs.overlays = getSystemOverlays system { };
259                home.username = "rtg24";
260                home.homeDirectory = "/home/rtg24";
261                home.packages = with pkgs; [ home-manager ];
262                custom = {
263                  machineColour = "red";
264                };
265              }
266            ];
267          };
268      };
269
270      legacyPackages = inputs.nixpkgs.lib.genAttrs inputs.nixpkgs.lib.systems.flakeExposed (system: {
271        nixpkgs = import inputs.nixpkgs {
272          inherit system;
273          overlays = getSystemOverlays system { };
274        };
275      });
276
277      formatter = inputs.nixpkgs.lib.genAttrs inputs.nixpkgs.lib.systems.flakeExposed (
278        system: inputs.nixpkgs.legacyPackages.${system}.nixfmt-rfc-style
279      );
280    };
281}