cleslie/nixfiles
1
0
Fork 0
mirror of https://github.com/callumio/nixfiles.git synced 2025-12-17 03:29:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

finally on flake parts

Browse source 
just need to remove fup now
This commit is contained in:
Callum Leslie 2024-09-05 09:50:37 +01:00 committed by Callum Leslie
parent 3b4057b366
commit fdafb67215
20 changed files with 206 additions and 123 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -1 +1,2 @@
result result
.pre-commit-config.yaml

108
flake.lock generated
View file

@ -314,6 +314,24 @@
} }
}, },
"flake-parts_2": { "flake-parts_2": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_2"
},
"locked": {
"lastModified": 1725234343,
"narHash": "sha256-+ebgonl3NbiKD2UD0x4BszCZQ6sTfL4xioaM49o5B3Y=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "567b938d64d4b4112ee253b9274472dc3a346eb6",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_3": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"nixvim", "nixvim",
@ -335,7 +353,7 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts_3": { "flake-parts_4": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"nixvim", "nixvim",
@ -413,7 +431,7 @@
}, },
"flake-utils_4": { "flake-utils_4": {
"inputs": { "inputs": {
"systems": "systems_4" "systems": "systems_5"
}, },
"locked": { "locked": {
"lastModified": 1694529238, "lastModified": 1694529238,
@ -593,7 +611,7 @@
}, },
"hercules-ci-effects": { "hercules-ci-effects": {
"inputs": { "inputs": {
"flake-parts": "flake-parts_3", "flake-parts": "flake-parts_4",
"nixpkgs": [ "nixpkgs": [
"nixvim", "nixvim",
"neovim-nightly-overlay", "neovim-nightly-overlay",
@ -681,7 +699,7 @@
"neovim-nightly-overlay": { "neovim-nightly-overlay": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_2", "flake-compat": "flake-compat_2",
"flake-parts": "flake-parts_2", "flake-parts": "flake-parts_3",
"git-hooks": "git-hooks", "git-hooks": "git-hooks",
"hercules-ci-effects": "hercules-ci-effects", "hercules-ci-effects": "hercules-ci-effects",
"neovim-src": "neovim-src", "neovim-src": "neovim-src",
@ -787,6 +805,18 @@
"url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz" "url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
} }
}, },
"nixpkgs-lib_2": {
"locked": {
"lastModified": 1725233747,
"narHash": "sha256-Ss8QWLXdr2JCBPcYChJhz4xJm+h/xjl4G0c0XlP6a74=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/356624c12086a18f2ea2825fed34523d60ccc4e3.tar.gz"
}
},
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1720386169, "lastModified": 1720386169,
@ -819,9 +849,25 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_3": {
"locked": {
"lastModified": 1725103162,
"narHash": "sha256-Ym04C5+qovuQDYL/rKWSR+WESseQBbNAe5DsXNx5trY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "12228ff1752d7b7624a54e9c1af4b222b3c1073b",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixvim": { "nixvim": {
"inputs": { "inputs": {
"flake-parts": "flake-parts", "flake-parts": "flake-parts_2",
"neovim-nightly-overlay": "neovim-nightly-overlay", "neovim-nightly-overlay": "neovim-nightly-overlay",
"nixpkgs": [ "nixpkgs": [
"unstable" "unstable"
@ -874,21 +920,6 @@
"type": "github" "type": "github"
} }
}, },
"nur": {
"locked": {
"lastModified": 1725450300,
"narHash": "sha256-9/6i4Xv5qwIC3U37lh3v3FZ325D6x6RDIqzKOtl9sYI=",
"owner": "nix-community",
"repo": "NUR",
"rev": "91ebcb1bd65622bf9751881e520e17947ff56bcf",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "NUR",
"type": "github"
}
},
"nuschtosSearch": { "nuschtosSearch": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_2", "flake-utils": "flake-utils_2",
@ -944,13 +975,15 @@
"disko": "disko", "disko": "disko",
"firefox-addons": "firefox-addons", "firefox-addons": "firefox-addons",
"flake-compat": "flake-compat", "flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"nixinate": "nixinate", "nixinate": "nixinate",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nixvim": "nixvim", "nixvim": "nixvim",
"nur": "nur",
"pre-commit-hooks": "pre-commit-hooks", "pre-commit-hooks": "pre-commit-hooks",
"stylix": "stylix", "stylix": "stylix",
"systems": "systems_4",
"treefmt-nix": "treefmt-nix_2",
"unstable": "unstable", "unstable": "unstable",
"utils": "utils" "utils": "utils"
} }
@ -1035,6 +1068,21 @@
} }
}, },
"systems_4": { "systems_4": {
"locked": {
"lastModified": 1680978846,
"narHash": "sha256-Gtqg8b/v49BFDpDetjclCYXm8mAnTrUzR0JnE2nv5aw=",
"owner": "nix-systems",
"repo": "x86_64-linux",
"rev": "2ecfcac5e15790ba6ce360ceccddb15ad16d08a8",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "x86_64-linux",
"type": "github"
}
},
"systems_5": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
@ -1071,6 +1119,24 @@
"type": "github" "type": "github"
} }
}, },
"treefmt-nix_2": {
"inputs": {
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1725271838,
"narHash": "sha256-VcqxWT0O/gMaeWTTjf1r4MOyG49NaNxW4GHTO3xuThE=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "9fb342d14b69aefdf46187f6bb80a4a0d97007cd",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"unstable": { "unstable": {
"locked": { "locked": {
"lastModified": 1725103162, "lastModified": 1725103162,

116
flake.nix
View file

@ -52,7 +52,6 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nur.url = "github:nix-community/NUR";
pre-commit-hooks = { pre-commit-hooks = {
url = "github:cachix/pre-commit-hooks.nix"; url = "github:cachix/pre-commit-hooks.nix";
inputs = { inputs = {
@ -61,73 +60,102 @@
}; };
}; };
flake-compat.url = "github:edolstra/flake-compat"; flake-compat.url = "github:edolstra/flake-compat";
flake-parts.url = "github:hercules-ci/flake-parts";
# systems.url = "github:nix-systems/default";
# systems.url = "github:nix-systems/default-linux";
systems.url = "github:nix-systems/x86_64-linux";
treefmt-nix.url = "github:numtide/treefmt-nix";
}; };
outputs = { outputs = {
self, self,
disko, disko,
nixpkgs, nixpkgs,
flake-parts,
nixinate, nixinate,
utils, utils,
nur,
home-manager, home-manager,
... ...
} @ inputs: let } @ inputs: let
inherit (utils.lib) mkApp; inherit (utils.lib) mkApp;
mods = import ./modules {inherit utils;}; mods = import ./modules {inherit utils;};
hosts = import ./hosts {inherit inputs utils;}; #_nixosConfigurations = import ./hosts {inherit inputs utils mods self;};
overlay = import ./overlays {inherit inputs;}; overlay = import ./overlays {inherit inputs;};
mkLinuxSystem = mod:
nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs;};
modules =
[
inputs.home-manager.nixosModules.home-manager
inputs.stylix.nixosModules.stylix
inputs.agenix.nixosModules.default
{
nixpkgs.config.allowUnfree = true;
nixpkgs.overlays = [self.overlays.default];
}
mod
]
++ mods.sharedModules;
};
in in
with mods.nixosModules; flake-parts.lib.mkFlake {inherit self inputs;} {
utils.lib.mkFlake { imports = [
inherit self inputs; inputs.flake-parts.flakeModules.easyOverlay
inputs.pre-commit-hooks.flakeModule
inputs.treefmt-nix.flakeModule
];
systems = import inputs.systems;
flake = {
inherit (mods) homeManagerModules nixosModules; inherit (mods) homeManagerModules nixosModules;
inherit (hosts) hosts; nixosConfigurations = {
supportedSystems = ["x86_64-linux" "aarch64-linux"]; artemis = mkLinuxSystem ./hosts/artemis;
channelsConfig.allowUnfree = true; hermes = mkLinuxSystem ./hosts/hermes;
channelsConfig.allowBroken = false; };
#nixosConfigurations.artemis = inputs.nixpkgs.lib.nixosSystem {};
};
channels.nixpkgs.overlaysBuilder = channels: [ perSystem = {
(final: prev: { config,
inherit (channels) unstable; pkgs,
}) final,
]; system,
inputs',
self',
...
}: {
_module.args.pkgs = inputs'.nixpkgs.legacyPackages.extend self.overlays.default;
overlayAttrs = config.packages // {unstable = inputs.unstable.legacyPackages.${system};};
channels.unstable.overlaysBuilder = channels: [ pre-commit.check.enable = false;
(final: prev: { pre-commit.settings.hooks.alejandra.enable = true;
jellyfin-ffmpeg = prev.jellyfin-ffmpeg.override {
ffmpeg_6-full = prev.ffmpeg_6-full.override {
withMfx = false;
withVpl = true;
};
};
})
];
sharedOverlays = [ treefmt.config = {
overlay projectRootFile = "flake.nix";
nur.overlay programs.alejandra.enable = true;
];
hostDefaults.modules = [home-manager.nixosModules.home-manager inputs.stylix.nixosModules.stylix inputs.agenix.nixosModules.default] ++ mods.sharedModules;
hostDefaults.extraArgs = {
inherit inputs;
}; };
outputsBuilder = channels: devShells.default = final.mkShell {
with channels.nixpkgs; { meta.description = "Default dev shell";
defaultPackage = nixvim; inputsFrom = [config.pre-commit.devShell config.treefmt.build.devShell];
packages = utils.lib.exportPackages self.overlays channels; packages = with final; [just git nixvim cachix jq devour-flake agenix deadnix];
};
formatter = alejandra; apps = nixpkgs.lib.mapAttrs' (name: value: nixpkgs.lib.nameValuePair ("deploy-" + name) value) (nixinate.nixinate.${system} self).nixinate;
devShell = mkShell {
packages = [just git nixvim cachix jq devour-flake agenix]; packages = {
nixvim = inputs.nixvim.packages.${system}.default;
agenix = inputs.agenix.packages.${system}.default;
vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;};
devour-flake = pkgs.callPackage inputs.devour-flake {};
jellyfin-ffmpeg = pkgs.jellyfin-ffmpeg.override {
ffmpeg_6-full = pkgs.ffmpeg_6-full.override {
withMfx = false;
withVpl = true;
}; };
}; };
overlays = utils.lib.exportOverlays {
inherit (self) pkgs inputs;
}; };
apps.x86_64-linux = (nixinate.nixinate.x86_64-linux self).nixinate;
}; };
};
} }

8
hosts/artemis/configuration.nix
View file

@ -2,10 +2,12 @@
config, config,
pkgs, pkgs,
inputs, inputs,
self,
... ...
}: let }: let
inherit (inputs.self.nixosModules) keys; #inherit (self.nixosModules) keys;
in { in {
nixpkgs.hostPlatform = "x86_64-linux";
c.services.mesh = { c.services.mesh = {
enable = true; enable = true;
exitNode = false; exitNode = false;
@ -13,7 +15,7 @@ in {
}; };
c.services.remote-deploy = { c.services.remote-deploy = {
enable = false; enable = false;
keys = keys.c; keys = config.keys.c;
}; };
time.timeZone = "Europe/London"; time.timeZone = "Europe/London";
@ -22,7 +24,7 @@ in {
users.users.c = { users.users.c = {
isNormalUser = true; isNormalUser = true;
extraGroups = ["wheel" "networkmanager" "libvirtd" "dialout"]; extraGroups = ["wheel" "networkmanager" "libvirtd" "dialout"];
openssh.authorizedKeys.keys = keys.c; openssh.authorizedKeys.keys = config.keys.c;
shell = pkgs.fish; shell = pkgs.fish;
packages = with pkgs; []; packages = with pkgs; [];
}; };

2
hosts/artemis/containers.nix
View file

@ -1,4 +1,4 @@
{ {...}: {
virtualisation = { virtualisation = {
libvirtd.enable = true; libvirtd.enable = true;
podman = { podman = {

7
hosts/artemis/default.nix
View file

@ -1,5 +1,5 @@
{inputs}: { {inputs, ...}: {
modules = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
./configuration.nix ./configuration.nix
./containers.nix ./containers.nix
@ -9,7 +9,4 @@
./home.nix ./home.nix
./styling.nix ./styling.nix
]; ];
extraArgs = {};
specialArgs = {};
system = "x86_64-linux";
} }

2
hosts/artemis/ssh.nix
View file

@ -1,4 +1,4 @@
{ {...}: {
services.openssh = { services.openssh = {
enable = true; enable = true;
settings = { settings = {

14
hosts/default.nix
View file

@ -1,13 +1,13 @@
{ {
inputs, inputs,
utils, utils,
mods,
self,
...
}: let }: let
# TODO: function to do this sharedModules = [inputs.home-manager.nixosModules.home-manager inputs.stylix.nixosModules.stylix inputs.agenix.nixosModules.default] ++ mods.sharedModules;
artemis = import ./artemis {inherit inputs;}; artemis = import ./artemis {inherit inputs sharedModules;};
hermes = import ./hermes {inherit inputs;}; hermes = import ./hermes {inherit inputs sharedModules;};
in { in {
hosts = { hosts = [artemis hermes];
inherit artemis;
inherit hermes;
};
} }

8
hosts/hermes/configuration.nix
View file

@ -3,10 +3,12 @@
lib, lib,
pkgs, pkgs,
inputs, inputs,
self,
... ...
}: let }: let
inherit (inputs.self.nixosModules) keys; #inherit (self.nixosModules) keys;
in { in {
nixpkgs.hostPlatform = "x86_64-linux";
c.services.mesh = { c.services.mesh = {
enable = true; enable = true;
exitNode = true; exitNode = true;
@ -17,7 +19,7 @@ in {
enable = true; enable = true;
host = "media.cleslie.uk"; host = "media.cleslie.uk";
port = 62480; port = 62480;
keys = keys.c; keys = config.keys.c;
buildOn = "local"; buildOn = "local";
}; };
@ -26,7 +28,7 @@ in {
users.users.media = { users.users.media = {
isNormalUser = true; isNormalUser = true;
extraGroups = ["wheel" "multimedia"]; extraGroups = ["wheel" "multimedia"];
openssh.authorizedKeys.keys = keys.c; openssh.authorizedKeys.keys = config.keys.c;
packages = with pkgs; [ packages = with pkgs; [
tree tree
nixvim nixvim

2
hosts/hermes/containers.nix
View file

@ -1,4 +1,4 @@
{ {...}: {
virtualisation = { virtualisation = {
podman.enable = true; podman.enable = true;
podman.dockerCompat = true; podman.dockerCompat = true;

8
hosts/hermes/default.nix
View file

@ -1,5 +1,5 @@
{inputs}: { {inputs, ...}: {
modules = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
./configuration.nix ./configuration.nix
./fail2ban.nix ./fail2ban.nix
@ -9,8 +9,4 @@
./media.nix ./media.nix
./headscale.nix ./headscale.nix
]; ];
extraArgs = {};
specialArgs = {};
system = "x86_64-linux";
channelName = "unstable";
} }

10
hosts/hermes/media.nix
View file

@ -32,11 +32,11 @@ in {
"d /var/lib/tdarr/logs 0775 - multimedia - " "d /var/lib/tdarr/logs 0775 - multimedia - "
]; ];
nixpkgs.config.packageOverrides = pkgs: { # nixpkgs.config.packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;}; # vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;};
}; # };
hardware.graphics = { hardware.opengl = {
enable = true; enable = true;
extraPackages = with pkgs; [ extraPackages = with pkgs; [
intel-media-driver intel-media-driver
@ -44,7 +44,7 @@ in {
vaapiVdpau vaapiVdpau
libvdpau-va-gl libvdpau-va-gl
intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in) intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in)
vpl-gpu-rt # QSV on 11th gen or newer unstable.vpl-gpu-rt # QSV on 11th gen or newer
#intel-media-sdk # QSV up to 11th gen #intel-media-sdk # QSV up to 11th gen
]; ];
}; };

2
hosts/hermes/ssh.nix
View file

@ -1,4 +1,4 @@
{ {...}: {
services = { services = {
openssh = { openssh = {
enable = true; enable = true;

5
lib/keys.nix Normal file
View file

@ -0,0 +1,5 @@
{
c = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDStMNZgO26AhBz+GkwkMnnDL7nfhOblEMz+bXVaDM3M ssh@cleslie.uk"
];
}

7
modules/default.nix
View file

@ -1,13 +1,13 @@
{utils}: let {utils, ...}: let
nixosModules = utils.lib.exportModules [ nixosModules = utils.lib.exportModules [
./nix.nix ./nix.nix
./pinentry-fix.nix ./pinentry-fix.nix
./hm.nix ./hm.nix
./boot.nix ./boot.nix
./deploy.nix
./keys.nix ./keys.nix
./secret.nix ./deploy.nix
./tailscale.nix ./tailscale.nix
./secret.nix
]; ];
homeManagerModules = utils.lib.exportModules [ homeManagerModules = utils.lib.exportModules [
./trayscale.nix ./trayscale.nix
@ -17,6 +17,7 @@
nix nix
hm hm
boot boot
keys
deploy deploy
tailscale tailscale
secret secret

8
modules/keys.nix
View file

@ -1,5 +1,5 @@
{ {lib, ...}: {
c = [ options.keys = lib.mkOption {
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDStMNZgO26AhBz+GkwkMnnDL7nfhOblEMz+bXVaDM3M ssh@cleslie.uk" default = import ../lib/keys.nix;
]; };
} }

2
modules/nix.nix
View file

@ -1,4 +1,4 @@
{ {...}: {
nix = { nix = {
gc = { gc = {
automatic = true; automatic = true;

2
modules/secret.nix
View file

@ -1,3 +1,3 @@
{ {...}: {
imports = [../secrets/secrets-configuration.nix]; imports = [../secrets/secrets-configuration.nix];
} }

15
pre-commit-hooks.nix
View file

@ -1,15 +0,0 @@
{inputs, ...}: {
imports = [inputs.pre-commit-hooks.flakeModule];
perSystem.pre-commit = {
settings.excludes = ["flake.lock"];
settings.hooks = {
alejandra.enable = true;
prettier = {
enable = true;
excludes = [".js" ".md" ".ts"];
};
};
};
}

2
secrets/secrets.nix
View file

@ -1,5 +1,5 @@
let let
keys = import ../modules/keys.nix; keys = import ../lib/keys.nix;
systems = { systems = {
hermes = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILnmnOWpdewwytd15JcnJvJWbIE8hcMu/pp1TPqsvdol"; hermes = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILnmnOWpdewwytd15JcnJvJWbIE8hcMu/pp1TPqsvdol";
artemis = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILERlCL5ZwP/mmtBNAMtLrUwEDy+tOprUWUmsGBRlTCF"; artemis = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILERlCL5ZwP/mmtBNAMtLrUwEDy+tOprUWUmsGBRlTCF";