cleslie/nixfiles
1
0
Fork 0
mirror of https://github.com/callumio/nixfiles.git synced 2025-12-17 03:29:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

finally on flake parts

Browse source 
just need to remove fup now
This commit is contained in:
Callum Leslie 2024-09-05 09:50:37 +01:00
parent 3b4057b366
commit 3c48de49f6
Signed by: cleslie
GPG key ID: D382C4AFEECEAA90
20 changed files with 206 additions and 123 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -1 +1,2 @@
result
.pre-commit-config.yaml

108
flake.lock generated
View file

@ -314,6 +314,24 @@
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_2"
},
"locked": {
"lastModified": 1725234343,
"narHash": "sha256-+ebgonl3NbiKD2UD0x4BszCZQ6sTfL4xioaM49o5B3Y=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "567b938d64d4b4112ee253b9274472dc3a346eb6",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_3": {
"inputs": {
"nixpkgs-lib": [
"nixvim",
@ -335,7 +353,7 @@
"type": "github"
}
},
"flake-parts_3": {
"flake-parts_4": {
"inputs": {
"nixpkgs-lib": [
"nixvim",
@ -413,7 +431,7 @@
},
"flake-utils_4": {
"inputs": {
"systems": "systems_4"
"systems": "systems_5"
},
"locked": {
"lastModified": 1694529238,
@ -593,7 +611,7 @@
},
"hercules-ci-effects": {
"inputs": {
"flake-parts": "flake-parts_3",
"flake-parts": "flake-parts_4",
"nixpkgs": [
"nixvim",
"neovim-nightly-overlay",
@ -681,7 +699,7 @@
"neovim-nightly-overlay": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-parts": "flake-parts_2",
"flake-parts": "flake-parts_3",
"git-hooks": "git-hooks",
"hercules-ci-effects": "hercules-ci-effects",
"neovim-src": "neovim-src",
@ -787,6 +805,18 @@
"url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
}
},
"nixpkgs-lib_2": {
"locked": {
"lastModified": 1725233747,
"narHash": "sha256-Ss8QWLXdr2JCBPcYChJhz4xJm+h/xjl4G0c0XlP6a74=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1720386169,
@ -819,9 +849,25 @@
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1725103162,
"narHash": "sha256-Ym04C5+qovuQDYL/rKWSR+WESseQBbNAe5DsXNx5trY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "12228ff1752d7b7624a54e9c1af4b222b3c1073b",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixvim": {
"inputs": {
"flake-parts": "flake-parts",
"flake-parts": "flake-parts_2",
"neovim-nightly-overlay": "neovim-nightly-overlay",
"nixpkgs": [
"unstable"
@ -874,21 +920,6 @@
"type": "github"
}
},
"nur": {
"locked": {
"lastModified": 1725450300,
"narHash": "sha256-9/6i4Xv5qwIC3U37lh3v3FZ325D6x6RDIqzKOtl9sYI=",
"owner": "nix-community",
"repo": "NUR",
"rev": "91ebcb1bd65622bf9751881e520e17947ff56bcf",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "NUR",
"type": "github"
}
},
"nuschtosSearch": {
"inputs": {
"flake-utils": "flake-utils_2",
@ -944,13 +975,15 @@
"disko": "disko",
"firefox-addons": "firefox-addons",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"home-manager": "home-manager_2",
"nixinate": "nixinate",
"nixpkgs": "nixpkgs",
"nixvim": "nixvim",
"nur": "nur",
"pre-commit-hooks": "pre-commit-hooks",
"stylix": "stylix",
"systems": "systems_4",
"treefmt-nix": "treefmt-nix_2",
"unstable": "unstable",
"utils": "utils"
}
@ -1035,6 +1068,21 @@
}
},
"systems_4": {
"locked": {
"lastModified": 1680978846,
"narHash": "sha256-Gtqg8b/v49BFDpDetjclCYXm8mAnTrUzR0JnE2nv5aw=",
"owner": "nix-systems",
"repo": "x86_64-linux",
"rev": "2ecfcac5e15790ba6ce360ceccddb15ad16d08a8",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "x86_64-linux",
"type": "github"
}
},
"systems_5": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
@ -1071,6 +1119,24 @@
"type": "github"
}
},
"treefmt-nix_2": {
"inputs": {
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1725271838,
"narHash": "sha256-VcqxWT0O/gMaeWTTjf1r4MOyG49NaNxW4GHTO3xuThE=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "9fb342d14b69aefdf46187f6bb80a4a0d97007cd",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"unstable": {
"locked": {
"lastModified": 1725103162,

120
flake.nix
View file

@ -52,7 +52,6 @@
inputs.nixpkgs.follows = "nixpkgs";
};
nur.url = "github:nix-community/NUR";
pre-commit-hooks = {
url = "github:cachix/pre-commit-hooks.nix";
inputs = {
@ -61,73 +60,102 @@
};
};
flake-compat.url = "github:edolstra/flake-compat";
flake-parts.url = "github:hercules-ci/flake-parts";
# systems.url = "github:nix-systems/default";
# systems.url = "github:nix-systems/default-linux";
systems.url = "github:nix-systems/x86_64-linux";
treefmt-nix.url = "github:numtide/treefmt-nix";
};
outputs = {
self,
disko,
nixpkgs,
flake-parts,
nixinate,
utils,
nur,
home-manager,
...
} @ inputs: let
inherit (utils.lib) mkApp;
mods = import ./modules {inherit utils;};
hosts = import ./hosts {inherit inputs utils;};
#_nixosConfigurations = import ./hosts {inherit inputs utils mods self;};
overlay = import ./overlays {inherit inputs;};
mkLinuxSystem = mod:
nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs;};
modules =
[
inputs.home-manager.nixosModules.home-manager
inputs.stylix.nixosModules.stylix
inputs.agenix.nixosModules.default
{
nixpkgs.config.allowUnfree = true;
nixpkgs.overlays = [self.overlays.default];
}
mod
]
++ mods.sharedModules;
};
in
with mods.nixosModules;
utils.lib.mkFlake {
inherit self inputs;
inherit (mods) homeManagerModules nixosModules;
inherit (hosts) hosts;
supportedSystems = ["x86_64-linux" "aarch64-linux"];
channelsConfig.allowUnfree = true;
channelsConfig.allowBroken = false;
channels.nixpkgs.overlaysBuilder = channels: [
(final: prev: {
inherit (channels) unstable;
})
flake-parts.lib.mkFlake {inherit self inputs;} {
imports = [
inputs.flake-parts.flakeModules.easyOverlay
inputs.pre-commit-hooks.flakeModule
inputs.treefmt-nix.flakeModule
];
channels.unstable.overlaysBuilder = channels: [
(final: prev: {
jellyfin-ffmpeg = prev.jellyfin-ffmpeg.override {
ffmpeg_6-full = prev.ffmpeg_6-full.override {
systems = import inputs.systems;
flake = {
inherit (mods) homeManagerModules nixosModules;
nixosConfigurations = {
artemis = mkLinuxSystem ./hosts/artemis;
hermes = mkLinuxSystem ./hosts/hermes;
};
#nixosConfigurations.artemis = inputs.nixpkgs.lib.nixosSystem {};
};
perSystem = {
config,
pkgs,
final,
system,
inputs',
self',
...
}: {
_module.args.pkgs = inputs'.nixpkgs.legacyPackages.extend self.overlays.default;
overlayAttrs = config.packages // {unstable = inputs.unstable.legacyPackages.${system};};
pre-commit.check.enable = false;
pre-commit.settings.hooks.alejandra.enable = true;
treefmt.config = {
projectRootFile = "flake.nix";
programs.alejandra.enable = true;
};
devShells.default = final.mkShell {
meta.description = "Default dev shell";
inputsFrom = [config.pre-commit.devShell config.treefmt.build.devShell];
packages = with final; [just git nixvim cachix jq devour-flake agenix deadnix];
};
apps = nixpkgs.lib.mapAttrs' (name: value: nixpkgs.lib.nameValuePair ("deploy-" + name) value) (nixinate.nixinate.${system} self).nixinate;
packages = {
nixvim = inputs.nixvim.packages.${system}.default;
agenix = inputs.agenix.packages.${system}.default;
vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;};
devour-flake = pkgs.callPackage inputs.devour-flake {};
jellyfin-ffmpeg = pkgs.jellyfin-ffmpeg.override {
ffmpeg_6-full = pkgs.ffmpeg_6-full.override {
withMfx = false;
withVpl = true;
};
};
})
];
sharedOverlays = [
overlay
nur.overlay
];
hostDefaults.modules = [home-manager.nixosModules.home-manager inputs.stylix.nixosModules.stylix inputs.agenix.nixosModules.default] ++ mods.sharedModules;
hostDefaults.extraArgs = {
inherit inputs;
};
outputsBuilder = channels:
with channels.nixpkgs; {
defaultPackage = nixvim;
packages = utils.lib.exportPackages self.overlays channels;
formatter = alejandra;
devShell = mkShell {
packages = [just git nixvim cachix jq devour-flake agenix];
};
};
overlays = utils.lib.exportOverlays {
inherit (self) pkgs inputs;
};
apps.x86_64-linux = (nixinate.nixinate.x86_64-linux self).nixinate;
};
}

8
hosts/artemis/configuration.nix
View file

@ -2,10 +2,12 @@
config,
pkgs,
inputs,
self,
...
}: let
inherit (inputs.self.nixosModules) keys;
#inherit (self.nixosModules) keys;
in {
nixpkgs.hostPlatform = "x86_64-linux";
c.services.mesh = {
enable = true;
exitNode = false;
@ -13,7 +15,7 @@ in {
};
c.services.remote-deploy = {
enable = false;
keys = keys.c;
keys = config.keys.c;
};
time.timeZone = "Europe/London";
@ -22,7 +24,7 @@ in {
users.users.c = {
isNormalUser = true;
extraGroups = ["wheel" "networkmanager" "libvirtd" "dialout"];
openssh.authorizedKeys.keys = keys.c;
openssh.authorizedKeys.keys = config.keys.c;
shell = pkgs.fish;
packages = with pkgs; [];
};

2
hosts/artemis/containers.nix
View file

@ -1,4 +1,4 @@
{
{...}: {
virtualisation = {
libvirtd.enable = true;
podman = {

7
hosts/artemis/default.nix
View file

@ -1,5 +1,5 @@
{inputs}: {
modules = [
{inputs, ...}: {
imports = [
./hardware-configuration.nix
./configuration.nix
./containers.nix
@ -9,7 +9,4 @@
./home.nix
./styling.nix
];
extraArgs = {};
specialArgs = {};
system = "x86_64-linux";
}

2
hosts/artemis/ssh.nix
View file

@ -1,4 +1,4 @@
{
{...}: {
services.openssh = {
enable = true;
settings = {

14
hosts/default.nix
View file

@ -1,13 +1,13 @@
{
inputs,
utils,
mods,
self,
...
}: let
# TODO: function to do this
artemis = import ./artemis {inherit inputs;};
hermes = import ./hermes {inherit inputs;};
sharedModules = [inputs.home-manager.nixosModules.home-manager inputs.stylix.nixosModules.stylix inputs.agenix.nixosModules.default] ++ mods.sharedModules;
artemis = import ./artemis {inherit inputs sharedModules;};
hermes = import ./hermes {inherit inputs sharedModules;};
in {
hosts = {
inherit artemis;
inherit hermes;
};
hosts = [artemis hermes];
}

8
hosts/hermes/configuration.nix
View file

@ -3,10 +3,12 @@
lib,
pkgs,
inputs,
self,
...
}: let
inherit (inputs.self.nixosModules) keys;
#inherit (self.nixosModules) keys;
in {
nixpkgs.hostPlatform = "x86_64-linux";
c.services.mesh = {
enable = true;
exitNode = true;
@ -17,7 +19,7 @@ in {
enable = true;
host = "media.cleslie.uk";
port = 62480;
keys = keys.c;
keys = config.keys.c;
buildOn = "local";
};
@ -26,7 +28,7 @@ in {
users.users.media = {
isNormalUser = true;
extraGroups = ["wheel" "multimedia"];
openssh.authorizedKeys.keys = keys.c;
openssh.authorizedKeys.keys = config.keys.c;
packages = with pkgs; [
tree
nixvim

2
hosts/hermes/containers.nix
View file

@ -1,4 +1,4 @@
{
{...}: {
virtualisation = {
podman.enable = true;
podman.dockerCompat = true;

8
hosts/hermes/default.nix
View file

@ -1,5 +1,5 @@
{inputs}: {
modules = [
{inputs, ...}: {
imports = [
./hardware-configuration.nix
./configuration.nix
./fail2ban.nix
@ -9,8 +9,4 @@
./media.nix
./headscale.nix
];
extraArgs = {};
specialArgs = {};
system = "x86_64-linux";
channelName = "unstable";
}

10
hosts/hermes/media.nix
View file

@ -32,11 +32,11 @@ in {
"d /var/lib/tdarr/logs 0775 - multimedia - "
];
nixpkgs.config.packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;};
};
# nixpkgs.config.packageOverrides = pkgs: {
# vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;};
# };
hardware.graphics = {
hardware.opengl = {
enable = true;
extraPackages = with pkgs; [
intel-media-driver
@ -44,7 +44,7 @@ in {
vaapiVdpau
libvdpau-va-gl
intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in)
vpl-gpu-rt # QSV on 11th gen or newer
unstable.vpl-gpu-rt # QSV on 11th gen or newer
#intel-media-sdk # QSV up to 11th gen
];
};

2
hosts/hermes/ssh.nix
View file

@ -1,4 +1,4 @@
{
{...}: {
services = {
openssh = {
enable = true;

5
lib/keys.nix Normal file
View file

@ -0,0 +1,5 @@
{
c = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDStMNZgO26AhBz+GkwkMnnDL7nfhOblEMz+bXVaDM3M ssh@cleslie.uk"
];
}

7
modules/default.nix
View file

@ -1,13 +1,13 @@
{utils}: let
{utils, ...}: let
nixosModules = utils.lib.exportModules [
./nix.nix
./pinentry-fix.nix
./hm.nix
./boot.nix
./deploy.nix
./keys.nix
./secret.nix
./deploy.nix
./tailscale.nix
./secret.nix
];
homeManagerModules = utils.lib.exportModules [
./trayscale.nix
@ -17,6 +17,7 @@
nix
hm
boot
keys
deploy
tailscale
secret

8
modules/keys.nix
View file

@ -1,5 +1,5 @@
{
c = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDStMNZgO26AhBz+GkwkMnnDL7nfhOblEMz+bXVaDM3M ssh@cleslie.uk"
];
{lib, ...}: {
options.keys = lib.mkOption {
default = import ../lib/keys.nix;
};
}

2
modules/nix.nix
View file

@ -1,4 +1,4 @@
{
{...}: {
nix = {
gc = {
automatic = true;

2
modules/secret.nix
View file

@ -1,3 +1,3 @@
{
{...}: {
imports = [../secrets/secrets-configuration.nix];
}

15
pre-commit-hooks.nix
View file

@ -1,15 +0,0 @@
{inputs, ...}: {
imports = [inputs.pre-commit-hooks.flakeModule];
perSystem.pre-commit = {
settings.excludes = ["flake.lock"];
settings.hooks = {
alejandra.enable = true;
prettier = {
enable = true;
excludes = [".js" ".md" ".ts"];
};
};
};
}

2
secrets/secrets.nix
View file

@ -1,5 +1,5 @@
let
keys = import ../modules/keys.nix;
keys = import ../lib/keys.nix;
systems = {
hermes = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILnmnOWpdewwytd15JcnJvJWbIE8hcMu/pp1TPqsvdol";
artemis = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILERlCL5ZwP/mmtBNAMtLrUwEDy+tOprUWUmsGBRlTCF";