From 59a1fbaf0f4b7db1c7c683f59489f08253939d79 Mon Sep 17 00:00:00 2001 From: chris Date: Tue, 24 Mar 2026 14:09:46 +0000 Subject: [PATCH] initial migration --- .just/machine.just | 20 - .just/users.just | 101 ----- .just/vars.just | 27 +- .justfile | 31 -- clan.nix | 101 +++++ flake.lock | 351 ++--------------- flake.nix | 365 +++++++++++++++--- .../x86_64-linux => machines}/aule/README.md | 0 machines/aule/configuration.nix | 2 + .../mandos/README.md | 0 .../mandos/configuration.nix | 2 +- machines/mandos/default.nix | 3 + .../mandos/disks.nix | 0 .../mandos/hardware.nix | 0 .../x86_64-linux => machines}/manwe/README.md | 0 .../manwe/configuration.nix | 2 +- machines/manwe/default.nix | 3 + .../x86_64-linux => machines}/manwe/disks.nix | 0 .../manwe/hardware.nix | 0 .../melkor/README.md | 0 machines/melkor/configuration.nix | 2 + .../x86_64-linux => machines}/orome/README.md | 0 .../orome/configuration.nix | 2 +- machines/orome/default.nix | 3 + .../x86_64-linux => machines}/orome/disks.nix | 0 .../orome/hardware.nix | 0 .../tulkas/README.md | 0 .../tulkas/configuration.nix | 2 +- machines/tulkas/default.nix | 3 + .../tulkas/disks.nix | 0 .../tulkas/hardware.nix | 0 .../ulmo/configuration.nix | 2 +- machines/ulmo/default.nix | 3 + .../x86_64-linux => machines}/ulmo/disks.nix | 0 .../ulmo/hardware.nix | 0 .../x86_64-linux => machines}/varda/README.md | 0 machines/varda/configuration.nix | 2 + .../yavanna/README.md | 0 machines/yavanna/configuration.nix | 2 + modules/home/application/studio/default.nix | 7 +- .../home/application/thunderbird/default.nix | 4 +- modules/home/application/zen/default.nix | 6 +- modules/nixos/desktop/default.nix | 5 - modules/nixos/desktop/gamescope/default.nix | 4 +- modules/nixos/editor/nvim/default.nix | 6 +- .../authentication/himmelblau/default.nix | 3 - .../authentication/zitadel/default.nix | 8 +- .../services/games/minecraft/default.nix | 5 - .../nixos/services/media/mydia/default.nix | 5 - .../nixos/services/media/servarr/default.nix | 8 +- .../services/networking/caddy/default.nix | 13 +- .../services/security/vaultwarden/default.nix | 8 +- .../nixos/system/security/sops/default.nix | 10 +- packages/studio/default.nix | 14 +- 54 files changed, 522 insertions(+), 613 deletions(-) delete mode 100644 .just/machine.just delete mode 100644 .just/users.just create mode 100644 clan.nix rename {systems/x86_64-linux => machines}/aule/README.md (100%) create mode 100644 machines/aule/configuration.nix rename {systems/x86_64-linux => machines}/mandos/README.md (100%) rename systems/x86_64-linux/mandos/default.nix => machines/mandos/configuration.nix (99%) create mode 100644 machines/mandos/default.nix rename {systems/x86_64-linux => machines}/mandos/disks.nix (100%) rename {systems/x86_64-linux => machines}/mandos/hardware.nix (100%) rename {systems/x86_64-linux => machines}/manwe/README.md (100%) rename systems/x86_64-linux/manwe/default.nix => machines/manwe/configuration.nix (99%) create mode 100644 machines/manwe/default.nix rename {systems/x86_64-linux => machines}/manwe/disks.nix (100%) rename {systems/x86_64-linux => machines}/manwe/hardware.nix (100%) rename {systems/x86_64-linux => machines}/melkor/README.md (100%) create mode 100644 machines/melkor/configuration.nix rename {systems/x86_64-linux => machines}/orome/README.md (100%) rename systems/x86_64-linux/orome/default.nix => machines/orome/configuration.nix (87%) create mode 100644 machines/orome/default.nix rename {systems/x86_64-linux => machines}/orome/disks.nix (100%) rename {systems/x86_64-linux => machines}/orome/hardware.nix (100%) rename {systems/x86_64-linux => machines}/tulkas/README.md (100%) rename systems/x86_64-linux/tulkas/default.nix => machines/tulkas/configuration.nix (99%) create mode 100644 machines/tulkas/default.nix rename {systems/x86_64-linux => machines}/tulkas/disks.nix (100%) rename {systems/x86_64-linux => machines}/tulkas/hardware.nix (100%) rename systems/x86_64-linux/ulmo/default.nix => machines/ulmo/configuration.nix (99%) create mode 100644 machines/ulmo/default.nix rename {systems/x86_64-linux => machines}/ulmo/disks.nix (100%) rename {systems/x86_64-linux => machines}/ulmo/hardware.nix (100%) rename {systems/x86_64-linux => machines}/varda/README.md (100%) create mode 100644 machines/varda/configuration.nix rename {systems/x86_64-linux => machines}/yavanna/README.md (100%) create mode 100644 machines/yavanna/configuration.nix diff --git a/.just/machine.just b/.just/machine.just deleted file mode 100644 index 3cb4587..0000000 --- a/.just/machine.just +++ /dev/null @@ -1,20 +0,0 @@ -@_default: list - -[doc('List machines')] -@list: - ls -1 ../systems/x86_64-linux/ - -[doc('Update target machine')] -[no-exit-message] -@update machine: - echo "Checking vars" - cd .. && just vars _check {{ machine }} - echo "" - just assert '-d "../systems/x86_64-linux/{{ machine }}"' "Machine {{ machine }} does not exist, must be one of: $(ls ../systems/x86_64-linux/ | sed ':a;N;$!ba;s/\n/, /g')" - nixos-rebuild switch -L --sudo --target-host {{ machine }} --flake ..#{{ machine }} --log-format internal-json -v |& nom --json - -[doc('Check if target machine builds')] -[no-exit-message] -@check machine: - just assert '-d "../systems/x86_64-linux/{{ machine }}"' "Machine {{ machine }} does not exist, must be one of: $(ls ../systems/x86_64-linux/ | sed ':a;N;$!ba;s/\n/, /g')" - nix build ..#nixosConfigurations.{{ machine }}.config.system.build.toplevel diff --git a/.just/users.just b/.just/users.just deleted file mode 100644 index e798cc3..0000000 --- a/.just/users.just +++ /dev/null @@ -1,101 +0,0 @@ -set unstable := true -set quiet := true - -_default: - just --list users - -[doc('List available users')] -[script] -list: - cd .. && just vars get ulmo zitadel/users | jq -r -C ' - import ".jq/table" as table; - import ".jq/format" as f; - - fromjson - | to_entries - | sort_by(.key) - | map( - (.key|f::to_title) + ":\n" - + table::create( - .value - | to_entries - | sort_by(.key) - | map({username:.key} + .value) - ) - ) - | join("\n\n┄┄┄\n\n") - '; - -[doc('Add a new user')] -[script] -add: - exec 5>&1 - - pad () { [ "$#" -gt 1 ] && [ -n "$2" ] && printf "%$2.${2#-}s" "$1"; } - - input() { - local label=$1 - local value=$2 - - local res=$(gum input --header "$label" --value "$value") - echo -e "\e[2m$(pad "$label" -11)\e[0m$res" >&5 - echo $res - } - - data=`cd .. && just vars get ulmo zitadel/users | jq 'fromjson'` - - # Gather inputs - org=` - jq -r 'to_entries | map(.key)[]' <<< "$data" \ - | gum choose --header 'Which organisation to save to?' --select-if-one - ` - username=`input 'user name' ''` - email=`input 'email' ''` - first_name=`input 'first name' ''` - last_name=`input 'last name' ''` - - user_exists=`jq --arg 'org' "$org" --arg 'username' "$username" '.[$org][$username]? | . != null' <<< "$data"` - - if [ "$user_exists" == "true" ]; then - gum confirm 'User already exists, overwrite it?' --padding="1 1" || exit 0 - fi - - next=` - jq \ - --arg 'org' "$org" \ - --arg 'username' "$username" \ - --arg 'email' "$email" \ - --arg 'first_name' "$first_name" \ - --arg 'last_name' "$last_name" \ - --compact-output \ - '.[$org] += { $username: { email: $email, firstName: $first_name, lastName: $last_name } }' \ - <<< $data - ` - - gum spin --title "saving..." -- echo "$(cd .. && just vars set ulmo 'zitadel/users' "$next")" - -[doc('Remove a new user')] -[script] -remove: - data=`cd .. && just vars get ulmo zitadel/users | jq fromjson` - - # Gather inputs - org=` - jq -r 'to_entries | map(.key)[]' <<< "$data" \ - | gum choose --header 'Which organisation?' --select-if-one - ` - user=` - jq -r --arg org "$org" '.[$org] | to_entries | map(.key)[]' <<< "$data" \ - | gum choose --header 'Which user?' --select-if-one - ` - - next=` - jq \ - --arg 'org' "$org" \ - --arg 'user' "$user" \ - --compact-output \ - 'del(.[$org][$user])' \ - <<< $data - ` - - gum spin --title "saving..." -- echo "$(cd .. && just vars set ulmo 'zitadel/users' "$next")" diff --git a/.just/vars.just b/.just/vars.just index 62a8bd9..9c63565 100644 --- a/.just/vars.just +++ b/.just/vars.just @@ -1,38 +1,39 @@ set unstable := true set quiet := true -base_path := justfile_directory() + "/systems/x86_64-linux" +machine_base_path := justfile_directory() + "/../machines" +secret_base_path := justfile_directory() + "/../systems/x86_64-linux" _default: just --list vars [doc('List all vars of {machine}')] list machine: - sops decrypt {{ base_path }}/{{ machine }}/secrets.yml + sops decrypt {{ secret_base_path }}/{{ machine }}/secrets.yml [doc('Edit all vars of {machine} in your editor')] edit machine: - sops edit {{ base_path }}/{{ machine }}/secrets.yml + sops edit {{ secret_base_path }}/{{ machine }}/secrets.yml [doc('Set var {value} by {key} for {machine}')] @set machine key value: - sops set {{ base_path }}/{{ machine }}/secrets.yml "$(printf '%s\n' '["{{ key }}"]' | sed -E 's#/#"]["#g; s/\["([0-9]+)"\]/[\1]/g')" "\"$(echo '{{ value }}' | sed 's/\"/\\\"/g')\"" + sops set {{ secret_base_path }}/{{ machine }}/secrets.yml "$(printf '%s\n' '["{{ key }}"]' | sed -E 's#/#"]["#g; s/\["([0-9]+)"\]/[\1]/g')" "\"$(echo '{{ value }}' | sed 's/\"/\\\"/g')\"" - git add {{ base_path }}/{{ machine }}/secrets.yml - git commit -m 'chore(secrets): set secret "{{ key }}" for machine "{{ machine }}"' -- {{ base_path }}/{{ machine }}/secrets.yml > /dev/null + git add {{ secret_base_path }}/{{ machine }}/secrets.yml + git commit -m 'chore(secrets): set secret "{{ key }}" for machine "{{ machine }}"' -- {{ secret_base_path }}/{{ machine }}/secrets.yml > /dev/null echo "Done" [doc('Get var by {key} from {machine}')] get machine key: - sops decrypt {{ base_path }}/{{ machine }}/secrets.yml | yq ".$(echo "{{ key }}" | sed -E 's/\//./g') // \"\"" + sops decrypt {{ secret_base_path }}/{{ machine }}/secrets.yml | yq ".$(echo "{{ key }}" | sed -E 's/\//./g') // \"\"" [doc('Remove var by {key} for {machine}')] remove machine key: - sops unset {{ base_path }}/{{ machine }}/secrets.yml "$(printf '%s\n' '["{{ key }}"]' | sed -E 's#/#"]["#g; s/\["([0-9]+)"\]/[\1]/g')" + sops unset {{ secret_base_path }}/{{ machine }}/secrets.yml "$(printf '%s\n' '["{{ key }}"]' | sed -E 's#/#"]["#g; s/\["([0-9]+)"\]/[\1]/g')" - git add {{ base_path }}/{{ machine }}/secrets.yml - git commit -m 'chore(secrets): removed secret "{{ key }}" from machine "{{ machine }}"' -- {{ base_path }}/{{ machine }}/secrets.yml > /dev/null + git add {{ secret_base_path }}/{{ machine }}/secrets.yml + git commit -m 'chore(secrets): removed secret "{{ key }}" from machine "{{ machine }}"' -- {{ secret_base_path }}/{{ machine }}/secrets.yml > /dev/null echo "Done" @@ -59,7 +60,7 @@ _rotate machine key: check: cd .. - for machine in $(ls {{ base_path }}); do + for machine in $(ls {{ machine_base_path }}); do just vars _check "$machine" done @@ -70,14 +71,14 @@ _check machine: # we can skip this folder as we are # missing the files used to compare # the defined vs the configured secrets - if [ ! -f "{{ base_path }}/{{ machine }}/default.nix" ]; then + if [ ! -f "{{ machine_base_path }}/{{ machine }}/default.nix" ]; then printf "\r• %-8sskipped\n" "{{ machine }}" exit 0 fi exec 3< <(jq -nr \ --rawfile defined <(nix eval --json ..#nixosConfigurations.{{ machine }}.config.sops.secrets 2>/dev/null) \ - --rawfile configured <([ -f "{{ base_path }}/{{ machine }}/secrets.yml" ] && sops decrypt {{ base_path }}/{{ machine }}/secrets.yml | yq '.' || echo "{}") \ + --rawfile configured <([ -f "{{ secret_base_path }}/{{ machine }}/secrets.yml" ] && sops decrypt {{ secret_base_path }}/{{ machine }}/secrets.yml | yq '.' || echo "{}") \ ' [ $configured | fromjson | paths(scalars) | join("/") ] as $conf | $defined diff --git a/.justfile b/.justfile index cee0db9..7f91bca 100644 --- a/.justfile +++ b/.justfile @@ -3,34 +3,3 @@ [doc('Manage vars')] mod vars '.just/vars.just' - -[doc('Manage users')] -mod users '.just/users.just' - -[doc('Manage machines')] -mod machine '.just/machine.just' - -[doc('Show information about project')] -@show: - echo "show" - -[doc('update the flake dependencies')] -@update: - nix flake update - git commit -m 'chore: update dependencies' -- ./flake.lock > /dev/null - echo "Done" - -[doc('Introspection on flake output')] -@select key: - nix eval --show-trace --json .#{{ key }} | jq . - - - -#=============================================================================================== -# Utils -#=============================================================================================== -[no-exit-message] -[no-cd] -[private] -@assert condition message: - [ {{ condition }} ] || { echo -e 1>&2 "\n\x1b[1;41m Error \x1b[0m {{ message }}\n"; exit 1; } diff --git a/clan.nix b/clan.nix new file mode 100644 index 0000000..18af8a9 --- /dev/null +++ b/clan.nix @@ -0,0 +1,101 @@ +{ + sharedSpecialArgs, + mkMachineModuleList, +}: { + meta = { + name = "arda"; + domain = "arda"; + description = "My personal machines at home"; + }; + + directory = ./.; + + inventory.machines = { + aule = { + name = "aule"; + description = "Planned build server."; + machineClass = "nixos"; + tags = ["planned" "build"]; + }; + mandos = { + name = "mandos"; + description = "Living room Steam box."; + machineClass = "nixos"; + tags = ["gaming" "living-room"]; + }; + manwe = { + name = "manwe"; + description = "Main desktop."; + machineClass = "nixos"; + tags = ["desktop"]; + }; + melkor = { + name = "melkor"; + description = "Planned machine with no defined role yet."; + machineClass = "nixos"; + tags = []; + }; + orome = { + name = "orome"; + description = "Work laptop."; + machineClass = "nixos"; + tags = ["laptop" "work"]; + }; + tulkas = { + name = "tulkas"; + description = "Steam Deck."; + machineClass = "nixos"; + tags = ["gaming" "handheld"]; + }; + ulmo = { + name = "ulmo"; + description = "Primary self-hosted services machine."; + machineClass = "nixos"; + tags = ["server" "services"]; + }; + varda = { + name = "varda"; + description = "Planned machine with no defined role yet."; + machineClass = "nixos"; + tags = []; + }; + yavanna = { + name = "yavanna"; + description = "Planned machine with no defined role yet."; + machineClass = "nixos"; + tags = []; + }; + }; + + machines = { + mandos = { + _module.args = sharedSpecialArgs; + imports = mkMachineModuleList "mandos"; + nixpkgs.hostPlatform = "x86_64-linux"; + }; + + manwe = { + _module.args = sharedSpecialArgs; + imports = mkMachineModuleList "manwe"; + nixpkgs.hostPlatform = "x86_64-linux"; + }; + + orome = { + _module.args = sharedSpecialArgs; + imports = mkMachineModuleList "orome"; + nixpkgs.hostPlatform = "x86_64-linux"; + }; + + tulkas = { + _module.args = sharedSpecialArgs; + imports = mkMachineModuleList "tulkas"; + nixpkgs.hostPlatform = "x86_64-linux"; + }; + + ulmo = { + _module.args = sharedSpecialArgs; + imports = mkMachineModuleList "ulmo"; + nixpkgs.hostPlatform = "x86_64-linux"; + }; + }; +} diff --git a/flake.lock b/flake.lock index c9df8ee..24acfef 100644 --- a/flake.lock +++ b/flake.lock @@ -72,12 +72,12 @@ "inputs": { "data-mesher": "data-mesher", "disko": "disko", - "flake-parts": "flake-parts", + "flake-parts": [ + "flake-parts" + ], "nix-darwin": "nix-darwin", "nix-select": "nix-select", - "nixpkgs": [ - "nixpkgs" - ], + "nixpkgs": "nixpkgs", "sops-nix": "sops-nix", "systems": "systems", "treefmt-nix": "treefmt-nix" @@ -160,7 +160,7 @@ "erosanix": { "inputs": { "flake-compat": "flake-compat", - "nixpkgs": "nixpkgs" + "nixpkgs": "nixpkgs_2" }, "locked": { "lastModified": 1773767380, @@ -197,26 +197,6 @@ "type": "github" } }, - "firefox": { - "inputs": { - "flake-compat": "flake-compat_2", - "lib-aggregate": "lib-aggregate", - "nixpkgs": "nixpkgs_2" - }, - "locked": { - "lastModified": 1774141843, - "narHash": "sha256-gpjHyyfLvBLZQiWumOxsfsOxt6KTjNhUOXk+m9ISBHc=", - "owner": "nix-community", - "repo": "flake-firefox-nightly", - "rev": "3a1fcd6a4dbd617ad2014dd03aa68cdd885d5322", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "flake-firefox-nightly", - "type": "github" - } - }, "firefox-gnome-theme": { "flake": false, "locked": { @@ -250,21 +230,6 @@ } }, "flake-compat_2": { - "locked": { - "lastModified": 1761640442, - "narHash": "sha256-AtrEP6Jmdvrqiv4x2xa5mrtaIp3OEe8uBYCDZDS+hu8=", - "owner": "nix-community", - "repo": "flake-compat", - "rev": "4a56054d8ffc173222d09dad23adf4ba946c8884", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_3": { "flake": false, "locked": { "lastModified": 1747046372, @@ -280,7 +245,7 @@ "type": "github" } }, - "flake-compat_4": { + "flake-compat_3": { "flake": false, "locked": { "lastModified": 1751685974, @@ -296,22 +261,6 @@ "url": "https://git.lix.systems/lix-project/flake-compat.git" } }, - "flake-compat_5": { - "flake": false, - "locked": { - "lastModified": 1650374568, - "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "b4a34015c698c7793d592d66adbab377907a2be8", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, "flake-parts": { "inputs": { "nixpkgs-lib": [ @@ -417,61 +366,6 @@ "type": "github" } }, - "flake-utils": { - "inputs": { - "systems": "systems_2" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils-plus": { - "inputs": { - "flake-utils": "flake-utils_2" - }, - "locked": { - "lastModified": 1715533576, - "narHash": "sha256-fT4ppWeCJ0uR300EH3i7kmgRZnAVxrH+XtK09jQWihk=", - "owner": "gytis-ivaskevicius", - "repo": "flake-utils-plus", - "rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f", - "type": "github" - }, - "original": { - "owner": "gytis-ivaskevicius", - "repo": "flake-utils-plus", - "rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f", - "type": "github" - } - }, - "flake-utils_2": { - "inputs": { - "systems": "systems_5" - }, - "locked": { - "lastModified": 1694529238, - "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, "flux": { "inputs": { "mcman": "mcman", @@ -626,25 +520,6 @@ "type": "github" } }, - "lib-aggregate": { - "inputs": { - "flake-utils": "flake-utils", - "nixpkgs-lib": "nixpkgs-lib" - }, - "locked": { - "lastModified": 1773579712, - "narHash": "sha256-cvxFTYuOvvmpLJz5nB8iREmMGsDksY6gmZFf74UKD1Q=", - "owner": "nix-community", - "repo": "lib-aggregate", - "rev": "c23c52797845b8e4f273ddb5ccdf8622b5d98284", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "lib-aggregate", - "type": "github" - } - }, "mcman": { "inputs": { "crane": "crane", @@ -765,9 +640,9 @@ }, "nix-minecraft": { "inputs": { - "flake-compat": "flake-compat_3", + "flake-compat": "flake-compat_2", "nixpkgs": "nixpkgs_7", - "systems": "systems_3" + "systems": "systems_2" }, "locked": { "lastModified": 1774060651, @@ -796,78 +671,6 @@ "url": "https://git.clan.lol/clan/nix-select/archive/main.tar.gz" } }, - "nixlib": { - "locked": { - "lastModified": 1736643958, - "narHash": "sha256-tmpqTSWVRJVhpvfSN9KXBvKEXplrwKnSZNAoNPf/S/s=", - "owner": "nix-community", - "repo": "nixpkgs.lib", - "rev": "1418bc28a52126761c02dd3d89b2d8ca0f521181", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nixpkgs.lib", - "type": "github" - } - }, - "nixos-boot": { - "locked": { - "lastModified": 1722927293, - "narHash": "sha256-8oCsiFyAuidAdhSz60Lu8+TwCPHxaeWixyv0xT0mLt4=", - "owner": "Melkor333", - "repo": "nixos-boot", - "rev": "afaed735149d0a06f234e54dd2d9db2e18dc64ae", - "type": "github" - }, - "original": { - "owner": "Melkor333", - "repo": "nixos-boot", - "type": "github" - } - }, - "nixos-generators": { - "inputs": { - "nixlib": "nixlib", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1769813415, - "narHash": "sha256-nnVmNNKBi1YiBNPhKclNYDORoHkuKipoz7EtVnXO50A=", - "owner": "nix-community", - "repo": "nixos-generators", - "rev": "8946737ff703382fda7623b9fab071d037e897d5", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nixos-generators", - "type": "github" - } - }, - "nixos-wsl": { - "inputs": { - "flake-compat": [], - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1773882647, - "narHash": "sha256-VzcOcE0LLpEnyoxLuMuptZ9ZWCkSBn99bTgEQoz5Viw=", - "owner": "nix-community", - "repo": "nixos-wsl", - "rev": "fd0eae98d1ecee31024271f8d64676250a386ee7", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nixos-wsl", - "type": "github" - } - }, "nixpkgs": { "locked": { "lastModified": 1772380631, @@ -884,38 +687,7 @@ "type": "github" } }, - "nixpkgs-lib": { - "locked": { - "lastModified": 1773538553, - "narHash": "sha256-hohiyWALn8cXqk3FPnE3UADy03lRMaTV5iRzKCU86zM=", - "owner": "nix-community", - "repo": "nixpkgs.lib", - "rev": "a5ed666a3c206de0019b4c9dafc3a51f352bc7e3", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nixpkgs.lib", - "type": "github" - } - }, "nixpkgs_10": { - "locked": { - "lastModified": 1773840656, - "narHash": "sha256-9tpvMGFteZnd3gRQZFlRCohVpqooygFuy9yjuyRL2C0=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "9cf7092bdd603554bd8b63c216e8943cf9b12512", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_11": { "locked": { "lastModified": 1767767207, "narHash": "sha256-Mj3d3PfwltLmukFal5i3fFt27L6NiKXdBezC1EBuZs4=", @@ -933,16 +705,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1774106199, - "narHash": "sha256-US5Tda2sKmjrg2lNHQL3jRQ6p96cgfWh3J1QBliQ8Ws=", - "owner": "nixos", + "lastModified": 1772380631, + "narHash": "sha256-FhW0uxeXjefINP0vUD4yRBB52Us7fXZPk9RiPAopfiY=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "6c9a78c09ff4d6c21d0319114873508a6ec01655", + "rev": "6d3b61b190a899042ce82a5355111976ba76d698", "type": "github" }, "original": { - "owner": "nixos", - "ref": "nixos-unstable-small", + "owner": "NixOS", + "ref": "master", "repo": "nixpkgs", "type": "github" } @@ -1028,11 +800,11 @@ }, "nixpkgs_8": { "locked": { - "lastModified": 1774106199, - "narHash": "sha256-US5Tda2sKmjrg2lNHQL3jRQ6p96cgfWh3J1QBliQ8Ws=", + "lastModified": 1771008912, + "narHash": "sha256-gf2AmWVTs8lEq7z/3ZAsgnZDhWIckkb+ZnAo5RzSxJg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6c9a78c09ff4d6c21d0319114873508a6ec01655", + "rev": "a82ccc39b39b621151d6732718e3e250109076fa", "type": "github" }, "original": { @@ -1044,16 +816,16 @@ }, "nixpkgs_9": { "locked": { - "lastModified": 1771008912, - "narHash": "sha256-gf2AmWVTs8lEq7z/3ZAsgnZDhWIckkb+ZnAo5RzSxJg=", - "owner": "nixos", + "lastModified": 1774273680, + "narHash": "sha256-a++tZ1RQsDb1I0NHrFwdGuRlR5TORvCEUksM459wKUA=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "a82ccc39b39b621151d6732718e3e250109076fa", + "rev": "fdc7b8f7b30fdbedec91b71ed82f36e1637483ed", "type": "github" }, "original": { - "owner": "nixos", - "ref": "nixos-unstable", + "owner": "NixOS", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } @@ -1085,12 +857,12 @@ }, "nvf": { "inputs": { - "flake-compat": "flake-compat_4", + "flake-compat": "flake-compat_3", "flake-parts": "flake-parts_3", "mnw": "mnw", "ndg": "ndg", - "nixpkgs": "nixpkgs_9", - "systems": "systems_4" + "nixpkgs": "nixpkgs_8", + "systems": "systems_3" }, "locked": { "lastModified": 1774224548, @@ -1134,7 +906,7 @@ "clan-core": "clan-core", "erosanix": "erosanix", "fenix": "fenix", - "firefox": "firefox", + "flake-parts": "flake-parts", "flux": "flux", "grub2-themes": "grub2-themes", "himmelblau": "himmelblau", @@ -1142,13 +914,12 @@ "jovian": "jovian", "mydia": "mydia", "nix-minecraft": "nix-minecraft", - "nixos-boot": "nixos-boot", - "nixos-generators": "nixos-generators", - "nixos-wsl": "nixos-wsl", - "nixpkgs": "nixpkgs_8", + "nixpkgs": [ + "clan-core", + "nixpkgs" + ], "nvf": "nvf", "plasma-manager": "plasma-manager", - "snowfall-lib": "snowfall-lib", "sops-nix": "sops-nix_2", "stylix": "stylix", "terranix": "terranix", @@ -1172,28 +943,6 @@ "type": "github" } }, - "snowfall-lib": { - "inputs": { - "flake-compat": "flake-compat_5", - "flake-utils-plus": "flake-utils-plus", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1765361626, - "narHash": "sha256-kX0Dp/kYSRbQ+yd9e3lmmUWdNbipufvKfL2IzbrSpnY=", - "owner": "snowfallorg", - "repo": "lib", - "rev": "c566ad8b7352c30ec3763435de7c8f1c46ebb357", - "type": "github" - }, - "original": { - "owner": "snowfallorg", - "repo": "lib", - "type": "github" - } - }, "sops-nix": { "inputs": { "nixpkgs": [ @@ -1217,7 +966,7 @@ }, "sops-nix_2": { "inputs": { - "nixpkgs": "nixpkgs_10" + "nixpkgs": "nixpkgs_9" }, "locked": { "lastModified": 1774154798, @@ -1242,9 +991,9 @@ "firefox-gnome-theme": "firefox-gnome-theme", "flake-parts": "flake-parts_4", "gnome-shell": "gnome-shell", - "nixpkgs": "nixpkgs_11", + "nixpkgs": "nixpkgs_10", "nur": "nur", - "systems": "systems_6", + "systems": "systems_4", "tinted-foot": "tinted-foot", "tinted-kitty": "tinted-kitty", "tinted-schemes": "tinted-schemes", @@ -1340,43 +1089,13 @@ "type": "github" } }, - "systems_6": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_7": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "terranix": { "inputs": { "flake-parts": "flake-parts_5", "nixpkgs": [ "nixpkgs" ], - "systems": "systems_7" + "systems": "systems_5" }, "locked": { "lastModified": 1773700838, diff --git a/flake.nix b/flake.nix index 7ccab59..f53e964 100644 --- a/flake.nix +++ b/flake.nix @@ -2,13 +2,18 @@ description = "Nixos config flake"; inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; - - snowfall-lib = { - url = "github:snowfallorg/lib"; - inputs.nixpkgs.follows = "nixpkgs"; + flake-parts = { + url = "github:hercules-ci/flake-parts"; + inputs.nixpkgs-lib.follows = "clan-core/nixpkgs"; }; + clan-core = { + url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; + inputs.flake-parts.follows = "flake-parts"; + }; + + nixpkgs.follows = "clan-core/nixpkgs"; + home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; @@ -20,18 +25,20 @@ inputs.home-manager.follows = "home-manager"; }; - nixos-generators = { - url = "github:nix-community/nixos-generators"; - inputs.nixpkgs.follows = "nixpkgs"; - }; + # Legacy ISO flow removed in favor of Clan install workflows. + # nixos-generators = { + # url = "github:nix-community/nixos-generators"; + # inputs.nixpkgs.follows = "nixpkgs"; + # }; # neovim nvf.url = "github:notashelf/nvf"; - # plymouth theme - nixos-boot.url = "github:Melkor333/nixos-boot"; + # Unused input retained as a comment for easy recovery. + # nixos-boot.url = "github:Melkor333/nixos-boot"; - firefox.url = "github:nix-community/flake-firefox-nightly"; + # Unused input retained as a comment for easy recovery. + # firefox.url = "github:nix-community/flake-firefox-nightly"; stylix.url = "github:nix-community/stylix"; @@ -71,72 +78,312 @@ url = "github:vinceliuice/grub2-themes"; }; - nixos-wsl = { - url = "github:nix-community/nixos-wsl"; - inputs = { - nixpkgs.follows = "nixpkgs"; - flake-compat.follows = ""; - }; - }; + # Unused input retained as a comment for easy recovery. + # nixos-wsl = { + # url = "github:nix-community/nixos-wsl"; + # inputs = { + # nixpkgs.follows = "nixpkgs"; + # flake-compat.follows = ""; + # }; + # }; terranix = { url = "github:terranix/terranix"; inputs.nixpkgs.follows = "nixpkgs"; }; - clan-core = { - url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - mydia = { url = "github:chris-kruining/mydia"; # url = "github:getmydia/mydia"; }; }; - outputs = inputs: - inputs.snowfall-lib.mkFlake { - inherit inputs; - src = ./.; + outputs = inputs @ { + flake-parts, + home-manager, + nixpkgs, + ... + }: let + inherit (nixpkgs) lib; - snowfall = { - namespace = "sneeuwvlok"; + namespace = "sneeuwvlok"; - meta = { - name = "sneeuwvlok"; - title = "Sneeuwvlok"; + supportedSystems = [ + "x86_64-linux" + "aarch64-linux" + "x86_64-darwin" + "aarch64-darwin" + ]; + + channelConfig = { + allowUnfree = true; + permittedInsecurePackages = [ + # Due to *arr stack + "dotnet-sdk-6.0.428" + "aspnetcore-runtime-6.0.36" + + # I think this is because of zen + "qtwebengine-5.15.19" + + # For Nheko, the matrix client + "olm-3.2.16" + ]; + }; + + packageDefs = { + studio = { + path = ./packages/studio/default.nix; + extra = { + erosanixLib = inputs.erosanix.lib; + }; + systems = ["x86_64-linux"]; + }; + vaultwarden = { + path = ./packages/vaultwarden/default.nix; + extra = {}; + systems = supportedSystems; + }; + }; + + mkPackageOverlay = name: def: final: prev: + lib.optionalAttrs (lib.elem final.stdenv.hostPlatform.system def.systems) { + ${name} = final.callPackage def.path def.extra; + }; + + packageOverlays = { + "package/studio" = mkPackageOverlay "studio" packageDefs.studio; + "package/vaultwarden" = mkPackageOverlay "vaultwarden" packageDefs.vaultwarden; + }; + + systemOverlays = with inputs; [ + fenix.overlays.default + nix-minecraft.overlay + flux.overlays.default + ]; + + mkPkgs = system: + import nixpkgs { + inherit system; + overlays = systemOverlays; + config = channelConfig; + }; + + collectModules = root: let + recurse = prefix: dir: let + entries = builtins.readDir dir; + selfModule = + if builtins.pathExists (dir + "/default.nix") + then { + "${if prefix == "" then "__root" else prefix}" = dir; + } + else {}; + in + lib.foldl' (acc: name: let + kind = entries.${name}; + path = dir + "/${name}"; + rel = if prefix == "" then name else "${prefix}/${name}"; + children = + if kind == "directory" + then recurse rel path + else {}; + current = + if kind == "directory" && builtins.pathExists (path + "/default.nix") + then {"${rel}" = path;} + else {}; + in + acc // children // current) selfModule (builtins.attrNames entries); + in + recurse "" root; + + nixosModules = collectModules ./modules/nixos; + homeModules = collectModules ./modules/home; + + homeEntries = { + "chris@mandos" = { + machine = "mandos"; + user = "chris"; + path = ./homes/x86_64-linux + "/chris@mandos"; + }; + "chris@manwe" = { + machine = "manwe"; + user = "chris"; + path = ./homes/x86_64-linux + "/chris@manwe"; + }; + "chris@orome" = { + machine = "orome"; + user = "chris"; + path = ./homes/x86_64-linux + "/chris@orome"; + }; + "chris@tulkas" = { + machine = "tulkas"; + user = "chris"; + path = ./homes/x86_64-linux + "/chris@tulkas"; + }; + }; + + sneeuwvlokLib = + (import ./lib/options {inherit lib;}) + // (import ./lib/strings {inherit lib;}); + + machineConfigPaths = builtins.listToAttrs (map (name: lib.nameValuePair name (./machines + "/${name}/configuration.nix")) [ + "aule" + "mandos" + "manwe" + "melkor" + "orome" + "tulkas" + "ulmo" + "varda" + "yavanna" + ]); + + machineHomeModules = lib.mapAttrs' (_: spec: lib.nameValuePair spec.machine [{ + users.users.${spec.user} = { + isNormalUser = lib.mkDefault true; + }; + home-manager.users.${spec.user} = import spec.path; + }]) homeEntries; + + sharedSpecialArgs = { + inherit namespace; + erosanixLib = inputs.erosanix.lib; + repoRoot = ./.; + inherit sneeuwvlokLib; + terranixLib = inputs.terranix.lib; + system = "x86_64-linux"; + }; + + homeSharedModules = + [ + inputs.stylix.homeModules.stylix + inputs.plasma-manager.homeModules.plasma-manager + inputs.zen-browser.homeModules.default + ] + ++ builtins.attrValues homeModules; + + baseNixosModules = + [ + { _module.args = sharedSpecialArgs; } + inputs.grub2-themes.nixosModules.default + inputs.home-manager.nixosModules.home-manager + inputs.himmelblau.nixosModules.himmelblau + inputs.jovian.nixosModules.default + inputs.mydia.nixosModules.default + inputs.nix-minecraft.nixosModules.minecraft-servers + inputs.nvf.nixosModules.default + inputs.sops-nix.nixosModules.sops + { + nixpkgs = { + config = channelConfig; + overlays = systemOverlays; + }; + + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + extraSpecialArgs = sharedSpecialArgs; + sharedModules = homeSharedModules; + }; + } + ] + ++ builtins.attrValues nixosModules; + + mkClanMachineModuleList = name: + baseNixosModules + ++ (machineHomeModules.${name} or []) + ++ [ + { + networking.hostName = lib.mkDefault name; + } + ]; + + mkMachineModuleList = name: + mkClanMachineModuleList name + ++ [ + machineConfigPaths.${name} + ]; + + clanConfig = import ./clan.nix { + inherit sharedSpecialArgs; + mkMachineModuleList = mkClanMachineModuleList; + }; + + activeMachineNames = builtins.attrNames clanConfig.machines; + + nixosConfigurations = + lib.genAttrs activeMachineNames (name: + lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = sharedSpecialArgs; + modules = mkMachineModuleList name; + }); + + homeConfigurations = + lib.mapAttrs (_: spec: + home-manager.lib.homeManagerConfiguration { + pkgs = mkPkgs "x86_64-linux"; + extraSpecialArgs = + sharedSpecialArgs + // { + osConfig = nixosConfigurations.${spec.machine}.config; + }; + modules = + homeSharedModules + ++ [ + { + home.username = spec.user; + home.homeDirectory = "/home/${spec.user}"; + } + spec.path + ]; + }) + homeEntries; + in + flake-parts.lib.mkFlake {inherit inputs;} { + systems = supportedSystems; + + imports = [ + inputs.clan-core.flakeModules.default + ]; + + clan = clanConfig; + + perSystem = { + system, + ... + }: let + pkgs = mkPkgs system; + in { + _module.args.pkgs = pkgs; + + packages = lib.filterAttrs (_: value: value != null) { + studio = + if lib.elem system packageDefs.studio.systems + then pkgs.callPackage packageDefs.studio.path packageDefs.studio.extra + else null; + vaultwarden = + if lib.elem system packageDefs.vaultwarden.systems + then pkgs.callPackage packageDefs.vaultwarden.path packageDefs.vaultwarden.extra + else null; + }; + + devShells.default = import ./shells/default/default.nix { + inherit inputs pkgs; + inherit (pkgs) mkShell stdenv; }; }; - channels-config = { - allowUnfree = true; - permittedInsecurePackages = [ - # Due to *arr stack - "dotnet-sdk-6.0.428" - "aspnetcore-runtime-6.0.36" + flake = { + inherit homeConfigurations; + nixosConfigurations = lib.mkForce nixosConfigurations; - # I think this is because of zen - "qtwebengine-5.15.19" + lib = sneeuwvlokLib; - # For Nheko, the matrix client - "olm-3.2.16" - ]; + overlays = + packageOverlays + // { + default = lib.composeManyExtensions (builtins.attrValues packageOverlays); + }; }; - - overlays = with inputs; [ - fenix.overlays.default - nix-minecraft.overlay - flux.overlays.default - ]; - - systems.modules = with inputs; [ - clan-core.nixosModules.default - ]; - - homes.modules = with inputs; [ - stylix.homeModules.stylix - plasma-manager.homeModules.plasma-manager - ]; }; } diff --git a/systems/x86_64-linux/aule/README.md b/machines/aule/README.md similarity index 100% rename from systems/x86_64-linux/aule/README.md rename to machines/aule/README.md diff --git a/machines/aule/configuration.nix b/machines/aule/configuration.nix new file mode 100644 index 0000000..4b2c5c4 --- /dev/null +++ b/machines/aule/configuration.nix @@ -0,0 +1,2 @@ +{ ... }: { +} diff --git a/systems/x86_64-linux/mandos/README.md b/machines/mandos/README.md similarity index 100% rename from systems/x86_64-linux/mandos/README.md rename to machines/mandos/README.md diff --git a/systems/x86_64-linux/mandos/default.nix b/machines/mandos/configuration.nix similarity index 99% rename from systems/x86_64-linux/mandos/default.nix rename to machines/mandos/configuration.nix index b1605f8..e7dda36 100644 --- a/systems/x86_64-linux/mandos/default.nix +++ b/machines/mandos/configuration.nix @@ -28,4 +28,4 @@ }; system.stateVersion = "23.11"; -} +} \ No newline at end of file diff --git a/machines/mandos/default.nix b/machines/mandos/default.nix new file mode 100644 index 0000000..9e99ca6 --- /dev/null +++ b/machines/mandos/default.nix @@ -0,0 +1,3 @@ +{ ... }: { + imports = [ ./configuration.nix ]; +} diff --git a/systems/x86_64-linux/mandos/disks.nix b/machines/mandos/disks.nix similarity index 100% rename from systems/x86_64-linux/mandos/disks.nix rename to machines/mandos/disks.nix diff --git a/systems/x86_64-linux/mandos/hardware.nix b/machines/mandos/hardware.nix similarity index 100% rename from systems/x86_64-linux/mandos/hardware.nix rename to machines/mandos/hardware.nix diff --git a/systems/x86_64-linux/manwe/README.md b/machines/manwe/README.md similarity index 100% rename from systems/x86_64-linux/manwe/README.md rename to machines/manwe/README.md diff --git a/systems/x86_64-linux/manwe/default.nix b/machines/manwe/configuration.nix similarity index 99% rename from systems/x86_64-linux/manwe/default.nix rename to machines/manwe/configuration.nix index a1b421b..1ba0566 100644 --- a/systems/x86_64-linux/manwe/default.nix +++ b/machines/manwe/configuration.nix @@ -39,4 +39,4 @@ }; system.stateVersion = "23.11"; -} +} \ No newline at end of file diff --git a/machines/manwe/default.nix b/machines/manwe/default.nix new file mode 100644 index 0000000..9e99ca6 --- /dev/null +++ b/machines/manwe/default.nix @@ -0,0 +1,3 @@ +{ ... }: { + imports = [ ./configuration.nix ]; +} diff --git a/systems/x86_64-linux/manwe/disks.nix b/machines/manwe/disks.nix similarity index 100% rename from systems/x86_64-linux/manwe/disks.nix rename to machines/manwe/disks.nix diff --git a/systems/x86_64-linux/manwe/hardware.nix b/machines/manwe/hardware.nix similarity index 100% rename from systems/x86_64-linux/manwe/hardware.nix rename to machines/manwe/hardware.nix diff --git a/systems/x86_64-linux/melkor/README.md b/machines/melkor/README.md similarity index 100% rename from systems/x86_64-linux/melkor/README.md rename to machines/melkor/README.md diff --git a/machines/melkor/configuration.nix b/machines/melkor/configuration.nix new file mode 100644 index 0000000..4b2c5c4 --- /dev/null +++ b/machines/melkor/configuration.nix @@ -0,0 +1,2 @@ +{ ... }: { +} diff --git a/systems/x86_64-linux/orome/README.md b/machines/orome/README.md similarity index 100% rename from systems/x86_64-linux/orome/README.md rename to machines/orome/README.md diff --git a/systems/x86_64-linux/orome/default.nix b/machines/orome/configuration.nix similarity index 87% rename from systems/x86_64-linux/orome/default.nix rename to machines/orome/configuration.nix index e155461..95c8fd4 100644 --- a/systems/x86_64-linux/orome/default.nix +++ b/machines/orome/configuration.nix @@ -15,7 +15,7 @@ audio = true; }; - authentication.himmelblau.enable = true; + services.authentication.himmelblau.enable = true; application = { steam.enable = true; diff --git a/machines/orome/default.nix b/machines/orome/default.nix new file mode 100644 index 0000000..9e99ca6 --- /dev/null +++ b/machines/orome/default.nix @@ -0,0 +1,3 @@ +{ ... }: { + imports = [ ./configuration.nix ]; +} diff --git a/systems/x86_64-linux/orome/disks.nix b/machines/orome/disks.nix similarity index 100% rename from systems/x86_64-linux/orome/disks.nix rename to machines/orome/disks.nix diff --git a/systems/x86_64-linux/orome/hardware.nix b/machines/orome/hardware.nix similarity index 100% rename from systems/x86_64-linux/orome/hardware.nix rename to machines/orome/hardware.nix diff --git a/systems/x86_64-linux/tulkas/README.md b/machines/tulkas/README.md similarity index 100% rename from systems/x86_64-linux/tulkas/README.md rename to machines/tulkas/README.md diff --git a/systems/x86_64-linux/tulkas/default.nix b/machines/tulkas/configuration.nix similarity index 99% rename from systems/x86_64-linux/tulkas/default.nix rename to machines/tulkas/configuration.nix index 40d1673..afba730 100644 --- a/systems/x86_64-linux/tulkas/default.nix +++ b/machines/tulkas/configuration.nix @@ -29,4 +29,4 @@ }; system.stateVersion = "23.11"; -} +} \ No newline at end of file diff --git a/machines/tulkas/default.nix b/machines/tulkas/default.nix new file mode 100644 index 0000000..9e99ca6 --- /dev/null +++ b/machines/tulkas/default.nix @@ -0,0 +1,3 @@ +{ ... }: { + imports = [ ./configuration.nix ]; +} diff --git a/systems/x86_64-linux/tulkas/disks.nix b/machines/tulkas/disks.nix similarity index 100% rename from systems/x86_64-linux/tulkas/disks.nix rename to machines/tulkas/disks.nix diff --git a/systems/x86_64-linux/tulkas/hardware.nix b/machines/tulkas/hardware.nix similarity index 100% rename from systems/x86_64-linux/tulkas/hardware.nix rename to machines/tulkas/hardware.nix diff --git a/systems/x86_64-linux/ulmo/default.nix b/machines/ulmo/configuration.nix similarity index 99% rename from systems/x86_64-linux/ulmo/default.nix rename to machines/ulmo/configuration.nix index 43a5760..cacc4ba 100644 --- a/systems/x86_64-linux/ulmo/default.nix +++ b/machines/ulmo/configuration.nix @@ -271,4 +271,4 @@ }; system.stateVersion = "23.11"; -} +} \ No newline at end of file diff --git a/machines/ulmo/default.nix b/machines/ulmo/default.nix new file mode 100644 index 0000000..9e99ca6 --- /dev/null +++ b/machines/ulmo/default.nix @@ -0,0 +1,3 @@ +{ ... }: { + imports = [ ./configuration.nix ]; +} diff --git a/systems/x86_64-linux/ulmo/disks.nix b/machines/ulmo/disks.nix similarity index 100% rename from systems/x86_64-linux/ulmo/disks.nix rename to machines/ulmo/disks.nix diff --git a/systems/x86_64-linux/ulmo/hardware.nix b/machines/ulmo/hardware.nix similarity index 100% rename from systems/x86_64-linux/ulmo/hardware.nix rename to machines/ulmo/hardware.nix diff --git a/systems/x86_64-linux/varda/README.md b/machines/varda/README.md similarity index 100% rename from systems/x86_64-linux/varda/README.md rename to machines/varda/README.md diff --git a/machines/varda/configuration.nix b/machines/varda/configuration.nix new file mode 100644 index 0000000..4b2c5c4 --- /dev/null +++ b/machines/varda/configuration.nix @@ -0,0 +1,2 @@ +{ ... }: { +} diff --git a/systems/x86_64-linux/yavanna/README.md b/machines/yavanna/README.md similarity index 100% rename from systems/x86_64-linux/yavanna/README.md rename to machines/yavanna/README.md diff --git a/machines/yavanna/configuration.nix b/machines/yavanna/configuration.nix new file mode 100644 index 0000000..4b2c5c4 --- /dev/null +++ b/machines/yavanna/configuration.nix @@ -0,0 +1,2 @@ +{ ... }: { +} diff --git a/modules/home/application/studio/default.nix b/modules/home/application/studio/default.nix index 7f8173a..f235031 100644 --- a/modules/home/application/studio/default.nix +++ b/modules/home/application/studio/default.nix @@ -1,8 +1,11 @@ -{ config, lib, pkgs, namespace, ... }: +{ config, lib, pkgs, namespace, repoRoot, erosanixLib, ... }: let inherit (lib) mkIf mkEnableOption; cfg = config.${namespace}.application.studio; + studioPackage = pkgs.callPackage (repoRoot + "/packages/studio/default.nix") { + inherit erosanixLib; + }; in { options.${namespace}.application.studio = { @@ -10,6 +13,6 @@ in }; config = mkIf cfg.enable { - home.packages = with pkgs.${namespace}; [ studio ]; + home.packages = [ studioPackage ]; }; } diff --git a/modules/home/application/thunderbird/default.nix b/modules/home/application/thunderbird/default.nix index c05f57b..92c8e37 100644 --- a/modules/home/application/thunderbird/default.nix +++ b/modules/home/application/thunderbird/default.nix @@ -14,7 +14,7 @@ in enable = true; package = pkgs.thunderbird-latest; - profiles.${config.snowfallorg.user.name} = { + profiles.chris = { isDefault = true; }; }; @@ -30,7 +30,7 @@ in }; thunderbird = { enable = true; - profiles = [ config.snowfallorg.user.name ]; + profiles = [ "chris" ]; }; }; diff --git a/modules/home/application/zen/default.nix b/modules/home/application/zen/default.nix index b7cec03..1d18a92 100644 --- a/modules/home/application/zen/default.nix +++ b/modules/home/application/zen/default.nix @@ -1,14 +1,10 @@ -{ inputs, config, lib, pkgs, namespace, ... }: +{ config, lib, pkgs, namespace, ... }: let inherit (lib) mkIf mkEnableOption; cfg = config.${namespace}.application.zen; in { - imports = [ - inputs.zen-browser.homeModules.default - ]; - options.${namespace}.application.zen = { enable = mkEnableOption "enable zen"; }; diff --git a/modules/nixos/desktop/default.nix b/modules/nixos/desktop/default.nix index 13ef881..89dfb85 100644 --- a/modules/nixos/desktop/default.nix +++ b/modules/nixos/desktop/default.nix @@ -2,7 +2,6 @@ lib, config, namespace, - inputs, ... }: let inherit (lib) mkIf mkOption mkEnableOption mkMerge; @@ -10,10 +9,6 @@ cfg = config.${namespace}.desktop; in { - imports = [ - inputs.grub2-themes.nixosModules.default - ]; - options.${namespace}.desktop = { use = mkOption { type = nullOr (enum ["plasma" "gamescope" "gnome" "cosmic"]); diff --git a/modules/nixos/desktop/gamescope/default.nix b/modules/nixos/desktop/gamescope/default.nix index 80e6099..9e499be 100644 --- a/modules/nixos/desktop/gamescope/default.nix +++ b/modules/nixos/desktop/gamescope/default.nix @@ -1,12 +1,10 @@ -{ lib, config, namespace, inputs, ... }: +{ lib, config, namespace, ... }: let inherit (lib) mkIf mkEnableOption mkForce; cfg = config.${namespace}.desktop.gamescope; in { - imports = [ inputs.jovian.nixosModules.default ]; - options.${namespace}.desktop.gamescope = { enable = mkEnableOption "Enable Steamdeck ui" // { default = (config.${namespace}.desktop.use == "gamescope"); diff --git a/modules/nixos/editor/nvim/default.nix b/modules/nixos/editor/nvim/default.nix index c29de0f..fb3bc56 100644 --- a/modules/nixos/editor/nvim/default.nix +++ b/modules/nixos/editor/nvim/default.nix @@ -1,14 +1,10 @@ -{ inputs, config, lib, pkgs, namespace, ... }: +{ config, lib, pkgs, namespace, ... }: let inherit (lib) mkIf mkEnableOption; cfg = config.${namespace}.editor.nvim; in { - imports = [ - inputs.nvf.nixosModules.default - ]; - options.${namespace}.editor.nvim = { enable = mkEnableOption "enable nvim via nvf on system level"; }; diff --git a/modules/nixos/services/authentication/himmelblau/default.nix b/modules/nixos/services/authentication/himmelblau/default.nix index d39d4cf..228fea0 100644 --- a/modules/nixos/services/authentication/himmelblau/default.nix +++ b/modules/nixos/services/authentication/himmelblau/default.nix @@ -1,5 +1,4 @@ { - inputs, lib, config, namespace, @@ -9,8 +8,6 @@ cfg = config.${namespace}.services.authentication.himmelblau; in { - imports = [inputs.himmelblau.nixosModules.himmelblau]; - options.${namespace}.services.authentication.himmelblau = { enable = mkEnableOption "enable azure entra ID authentication"; }; diff --git a/modules/nixos/services/authentication/zitadel/default.nix b/modules/nixos/services/authentication/zitadel/default.nix index 7674835..24250cb 100644 --- a/modules/nixos/services/authentication/zitadel/default.nix +++ b/modules/nixos/services/authentication/zitadel/default.nix @@ -1,7 +1,7 @@ -{ config, lib, pkgs, namespace, system, inputs, ... }: +{ config, lib, pkgs, namespace, system, terranixLib, sneeuwvlokLib, ... }: let inherit (lib) mkIf mkEnableOption mkOption types toUpper toSentenceCase nameValuePair mapAttrs mapAttrs' concatMapAttrs concatMapStringsSep filterAttrsRecursive listToAttrs imap0 head drop length literalExpression attrNames; - inherit (lib.${namespace}.strings) toSnakeCase; + inherit (sneeuwvlokLib.strings) toSnakeCase; cfg = config.${namespace}.services.authentication.zitadel; @@ -339,7 +339,7 @@ in config' = config; # this is a nix package, the generated json file to be exact - terraformConfiguration = inputs.terranix.lib.terranixConfiguration { + terraformConfiguration = terranixLib.terranixConfiguration { inherit system; modules = [ @@ -576,7 +576,7 @@ in let tofu = lib.getExe pkgs.opentofu; in - '' + lib.replaceStrings ["\r"] [""] '' if [ "$(systemctl is-active zitadel)" != "active" ]; then echo "Zitadel is not running" exit 1 diff --git a/modules/nixos/services/games/minecraft/default.nix b/modules/nixos/services/games/minecraft/default.nix index 84567b3..851d1da 100644 --- a/modules/nixos/services/games/minecraft/default.nix +++ b/modules/nixos/services/games/minecraft/default.nix @@ -1,5 +1,4 @@ { - inputs, config, lib, pkgs, @@ -11,10 +10,6 @@ cfg = config.${namespace}.services.games.minecraft; in { - imports = [ - inputs.nix-minecraft.nixosModules.minecraft-servers - ]; - options.${namespace}.services.games.minecraft = { enable = mkEnableOption "Minecraft"; diff --git a/modules/nixos/services/media/mydia/default.nix b/modules/nixos/services/media/mydia/default.nix index 7e082a3..e850fe4 100644 --- a/modules/nixos/services/media/mydia/default.nix +++ b/modules/nixos/services/media/mydia/default.nix @@ -2,7 +2,6 @@ config, lib, namespace, - inputs, system, ... }: let @@ -10,10 +9,6 @@ cfg = config.${namespace}.services.media.mydia; in { - imports = [ - inputs.mydia.nixosModules.default - ]; - options.${namespace}.services.media.mydia = { enable = mkEnableOption "Enable Mydia"; }; diff --git a/modules/nixos/services/media/servarr/default.nix b/modules/nixos/services/media/servarr/default.nix index c7a066c..152742e 100644 --- a/modules/nixos/services/media/servarr/default.nix +++ b/modules/nixos/services/media/servarr/default.nix @@ -3,8 +3,8 @@ config, lib, namespace, - inputs, system, + terranixLib, ... }: let inherit (builtins) toString; @@ -155,7 +155,7 @@ in { config' = config; lib' = lib; - terraformConfiguration = inputs.terranix.lib.terranixConfiguration { + terraformConfiguration = terranixLib.terranixConfiguration { inherit system; modules = [ @@ -341,11 +341,11 @@ in { } ''; - script = '' + script = lib.replaceStrings ["\r"] [""] '' # Sleep for a bit to give the service a chance to start up sleep 5s - if [ "$(systemctl is-active "${service}")" != "active" ]; then + if [ "$(systemctl is-active ${lib.escapeShellArg service})" != "active" ]; then echo "${service} is not running" exit 1 fi diff --git a/modules/nixos/services/networking/caddy/default.nix b/modules/nixos/services/networking/caddy/default.nix index ec9df3a..2d28435 100644 --- a/modules/nixos/services/networking/caddy/default.nix +++ b/modules/nixos/services/networking/caddy/default.nix @@ -10,25 +10,22 @@ cfg = config.${namespace}.services.networking.caddy; hasHosts = (cfg.hosts |> attrNames |> length) > 0; - caddyBase = pkgs.callPackage "${pkgs.path}/pkgs/by-name/ca/caddy/package.nix" { - buildGo125Module = pkgs.buildGo126Module; - caddy = caddyBase; + caddyPackage = pkgs.caddy.withPlugins { + plugins = ["github.com/corazawaf/coraza-caddy/v2@v2.1.0"]; + hash = "sha256-rsDnTunR8C7hVOX5aKcba+iFYHbpWek65DZgbMxOdTs="; }; - caddyPackage = - caddyBase.withPlugins { - plugins = ["github.com/corazawaf/coraza-caddy/v2@v2.1.0"]; - hash = "sha256-pSXjLaZoRtKV3eFl2ySRSjl3yxi514G1Cb7pfrpxxtE="; - }; in { options.${namespace}.services.networking.caddy = { enable = mkEnableOption "enable caddy" // {default = true;}; hosts = mkOption { type = types.attrsOf types.str; + default = {}; }; extraConfig = mkOption { type = types.str; + default = ""; }; }; diff --git a/modules/nixos/services/security/vaultwarden/default.nix b/modules/nixos/services/security/vaultwarden/default.nix index 7dce380..d398df9 100644 --- a/modules/nixos/services/security/vaultwarden/default.nix +++ b/modules/nixos/services/security/vaultwarden/default.nix @@ -3,6 +3,8 @@ config, lib, namespace, + repoRoot, + sneeuwvlokLib, ... }: let inherit (builtins) toString; @@ -26,7 +28,7 @@ }); databaseProviderPostgresql = types.submodule ({...}: let - urlOptions = lib.${namespace}.options.mkUrlOptions { + urlOptions = sneeuwvlokLib.options.mkUrlOptions { host = { description = '' Hostname of the postgresql server @@ -118,7 +120,7 @@ in { enable = true; dbBackend = "postgresql"; - package = pkgs.${namespace}.vaultwarden; + package = pkgs.callPackage (repoRoot + "/packages/vaultwarden/default.nix") {}; config = { SIGNUPS_ALLOWED = false; @@ -196,7 +198,7 @@ in { else if type == "postgresql" then { inherit (db) type; - url = lib.${namespace}.strings.toUrl { + url = sneeuwvlokLib.strings.toUrl { inherit (db) protocol host port; path = "vaultwarden"; query = { diff --git a/modules/nixos/system/security/sops/default.nix b/modules/nixos/system/security/sops/default.nix index bee7b3c..8438454 100644 --- a/modules/nixos/system/security/sops/default.nix +++ b/modules/nixos/system/security/sops/default.nix @@ -1,12 +1,8 @@ -{ pkgs, config, namespace, inputs, system, ... }: +{ pkgs, config, namespace, repoRoot, system, ... }: let cfg = config.${namespace}.system.security.sops; in { - imports = [ - inputs.sops-nix.nixosModules.sops - ]; - options.${namespace}.system.security.sops = {}; config = { @@ -14,7 +10,7 @@ in sops = { defaultSopsFormat = "yaml"; - defaultSopsFile = inputs.self + "/systems/${system}/${config.networking.hostName}/secrets.yml"; + defaultSopsFile = repoRoot + "/systems/${system}/${config.networking.hostName}/secrets.yml"; age = { # keyFile = "~/.config/sops/age/keys.txt"; @@ -23,4 +19,4 @@ in }; }; }; -} \ No newline at end of file +} diff --git a/packages/studio/default.nix b/packages/studio/default.nix index cb628c9..7c9ce0c 100644 --- a/packages/studio/default.nix +++ b/packages/studio/default.nix @@ -1,10 +1,10 @@ { pkgs, - inputs, + erosanixLib, }: let - inherit (builtins) fetchurl; + inherit (builtins) fetchurl replaceStrings; inherit (pkgs) makeDesktopItem copyDesktopItems wineWow64Packages; - inherit (inputs.erosanix.lib.x86_64-linux) mkWindowsAppNoCC makeDesktopIcon copyDesktopIcons; + inherit (erosanixLib.x86_64-linux) mkWindowsAppNoCC makeDesktopIcon copyDesktopIcons; wine = wineWow64Packages.base; in @@ -56,24 +56,24 @@ in nativeBuildInputs = [copyDesktopIcons copyDesktopItems]; - winAppInstall = '' + winAppInstall = replaceStrings ["\r"] [""] '' wine64 ${src} wineserver -W wine64 reg add 'HKEY_CURRENT_USER\Software\Wine\X11 Driver' /t REG_SZ /v UseTakeFocus /d N /f ''; - winAppPreRun = '' + winAppPreRun = replaceStrings ["\r"] [""] '' wineserver -W wine64 reg add 'HKEY_CURRENT_USER\Software\Wine\X11 Driver' /t REG_SZ /v UseTakeFocus /d N /f ''; - winAppRun = '' + winAppRun = replaceStrings ["\r"] [""] '' wine64 "$WINEPREFIX/drive_c/Program Files/Studio 2.0/Studio.exe" "$ARGS" ''; winAppPostRun = ""; - installPhase = '' + installPhase = replaceStrings ["\r"] [""] '' runHook preInstall ln -s $out/bin/.launcher $out/bin/${pname}