Convert nix config into a flake

nixpkgs/config.nix

@@ -1,5 +0,0 @@
-{ ... }:
-{
-  allowUnfree = true;
-  android_sdk.accept_license = true;
-}

nixpkgs/flake.lock

@@ -0,0 +1,69 @@
+{
+  "nodes": {
+    "home-manager": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1639871969,
+        "narHash": "sha256-6feWUnMygRzA9tzkrfAzpA5/NBYg75bkFxnqb1DtD7E=",
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "rev": "697cc8c68ed6a606296efbbe9614c32537078756",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "ref": "release-21.11",
+        "repo": "home-manager",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1640077788,
+        "narHash": "sha256-YMSDk3hlucJTTARaHNOeQEF6zEW3A/x4sXgrz94VbS0=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "9ab7d12287ced0e1b4c03b61c781901f178d9d77",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "ref": "nixos-21.11",
+        "type": "indirect"
+      }
+    },
+    "root": {
+      "inputs": {
+        "home-manager": "home-manager",
+        "nixpkgs": "nixpkgs",
+        "secrets": "secrets"
+      }
+    },
+    "secrets": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1640231944,
+        "narHash": "sha256-nb743xTN5n7LRmiTzfKgknTe+R68FKXIQX/8ERU5JS4=",
+        "ref": "main",
+        "rev": "a489b4a3b5ec636da65886226102a8372c40dcc4",
+        "revCount": 1,
+        "type": "git",
+        "url": "file:///home/h7x4/git/nix-secrets"
+      },
+      "original": {
+        "type": "git",
+        "url": "file:///home/h7x4/git/nix-secrets"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}

nixpkgs/flake.nix

@@ -0,0 +1,88 @@
+{
+  description = "Mmmmmh, Spaghetti™";
+
+  inputs = {
+    nixpkgs.url = "nixpkgs/nixos-21.11";
+
+    home-manager = {
+      url = "github:nix-community/home-manager/release-21.11";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
+    # Nix expressions and keys (TODO: move keys to another solution like agenix)
+    # which should be kept from the main repo for privacy reasons.
+    #
+    # Includes stuff like usernames, emails, ports, other server users, ssh hosts, etc.
+    secrets = {
+      # TODO: Push this to a remote.
+      url = "git+file:///home/h7x4/git/nix-secrets";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+  };
+
+  outputs = { self, nixpkgs, home-manager, secrets, ... }: let
+    system = "x86_64-linux";
+
+    pkgs = import nixpkgs {
+      inherit system;
+
+      config = {
+        allowUnfree = true;
+        android_sdk.accept_license = true;
+      };
+
+      overlays = [ (import ./overlays/lib) ];
+    };
+
+    specialArgs = {
+      secrets = secrets.outputs.default;
+      colorTheme = import ./common/colors.nix;
+    };
+
+  in {
+    overlays = {
+      lib = import ./overlays/lib;
+    };
+
+    homeConfigurations = {
+      h7x4 = home-manager.lib.homeManagerConfiguration {
+        inherit system;
+        inherit pkgs;
+
+        extraSpecialArgs = specialArgs;
+        username = "h7x4";
+        homeDirectory = "/home/h7x4";
+        stateVersion = "21.11";
+        configuration = {
+
+          imports = [
+            ./home.nix
+            secrets.outputs.nixosModule
+          ];
+        };
+      };
+    };
+
+    nixosConfigurations = let
+      # String -> AttrSet -> AttrSet
+      nixSys =
+        name: extraOpts:
+        nixpkgs.lib.nixosSystem {
+          inherit system;
+          inherit pkgs;
+
+          lib = pkgs.lib;
+          inherit specialArgs;
+
+          modules = [
+            ./hosts/${name}
+          ];
+        } // extraOpts;
+
+    in {
+      # Tsuki = nixSys "tsuki" {};
+      Eisei = nixSys "eisei" {};
+    };
+
+  };
+}

nixpkgs/home.nix

@@ -1,23 +1,11 @@
-{ pkgs, lib, ... } @ args:
-let
-  colorType = with lib.types; (attrsOf str);
-  colorTheme = import ./common/colors.nix;
-in
+{ pkgs, ... } @ args:
 {
-  _module.args = {
-    inherit colorTheme;
-  };
-
-  # FIXME: this isn't really working? see shellOptions
-  nixpkgs.overlays = [
-    (import ./overlays/lib)
-  ];
-
   imports = [
     ./shellOptions.nix
     ./packages.nix
 
     ./misc/mimetypes.nix
+    ./misc/ssh/hosts/pvv.nix
 
     ./programs/alacritty.nix
     ./programs/comma.nix
@@ -39,15 +27,12 @@ in
     ./services/picom.nix
     ./services/stalonetray.nix
     ./services/sxhkd.nix
-
-    ./secret
   ];
 
   home = {
-    stateVersion = "21.05";
+    stateVersion = "21.11";
     username = "h7x4";
     homeDirectory = "/home/h7x4";
-    # enableNixpkgsReleaseCheck = true;
   };
 
   news.display = "silent";

nixpkgs/hosts/eisei/default.nix

@@ -0,0 +1,312 @@
+{ pkgs, config, ... }: let
+  # FIXME: lib should be imported directly as a module argument.
+  inherit (pkgs) lib;
+in {
+  imports = [
+    ./hardware-configuration.nix
+  ];
+
+  systemd.targets = {
+    sleep.enable = false;
+    suspend.enable = false;
+    hibernate.enable = false;
+    hybrid-sleep.enable = false;
+  };
+
+  boot.loader = {
+    efi.canTouchEfiVariables = false;
+    grub = {
+      enable = true;
+      device = "/dev/sda";
+      version = 2;
+    };
+  };
+
+  time.timeZone = "Europe/Oslo";
+
+  networking = {
+    hostName = "Eisei";
+    networkmanager.enable = true;
+    useDHCP = false;
+
+    interfaces = {
+      eno1.useDHCP = true;
+      wlo1.useDHCP = true;
+    };
+
+    # firewall = {
+    #   enable = false;
+    #   allowedTCPPorts = [ ... ];
+    #   allowedUDPPorts = [ ... ];
+    # };
+  };
+
+  i18n = {
+    defaultLocale = "en_US.UTF-8";
+
+    inputMethod = {
+      enabled = "fcitx";
+      fcitx.engines = with pkgs.fcitx-engines; [ mozc ];
+    };
+
+    # inputMethod = {
+    #   enabled = "fcitx5";
+    #   fcitx5.addons = with pkgs; [
+    #     fcitx5-mozc
+    #     fcitx5-gtk
+    #   ];
+    # };
+  };
+
+  console = {
+    font = "Lat2-Terminus16";
+    keyMap = "us";
+  };
+
+  services = {
+    openssh.enable = true;
+    gnome.gnome-keyring.enable = true;
+    printing.enable = true;
+    dbus = {
+      enable = true;
+      packages = with pkgs; [
+        gcr
+        gnome3.dconf
+      ];
+    };
+    cron = {
+      enable = true;
+      systemCronJobs = [
+    #     "*/5 * * * *      root    date >> /tmp/cron.log"
+      ];
+    };
+
+    xserver = {
+      enable = true;
+      layout = "us";
+      xkbOptions = "caps:escape";
+
+      libinput = {
+        enable = true;
+        touchpad.disableWhileTyping = true;
+      };
+
+      windowManager.xmonad = {
+        enable = true;
+        enableContribAndExtras = true;
+      };
+    };
+  };
+
+  sound.enable = true;
+  hardware.pulseaudio.enable = true;
+
+  hardware.bluetooth.enable = true;
+
+  nixpkgs.config = {
+    allowUnfree = true;
+  };
+
+  nix = {
+    distributedBuilds = true;
+    package = pkgs.nixFlakes;
+    binaryCaches = [
+      "https://cache.nixos.org/"
+    ];
+    extraOptions = ''
+      experimental-features = nix-command flakes
+	    builders-use-substitutes = true
+    '';
+
+    buildMachines = [
+      {
+        hostName = "Tsuki";
+        system = "x86_64-linux";
+        maxJobs = 1;
+        speedFactor = 3;
+        supportedFeatures = [
+          "nixos-test"
+          "benchmark"
+          "big-paralell"
+          "kvm"
+        ];
+        mandatoryFeatures = [];
+      }
+    ];
+
+  };
+
+  users.users.h7x4 = {
+    isNormalUser = true;
+    extraGroups = [
+      "wheel"
+      "networkmanager"
+      "docker"
+      "disk"
+      "audio"
+      "video"
+      "libvirtd"
+      "input"
+    ];
+    shell = pkgs.zsh;
+  };
+
+  system.extraDependencies = with pkgs; [
+    asciidoc
+    asciidoctor
+    cabal2nix
+    clang
+    dart
+    dotnet-sdk
+    dotnet-sdk_3
+    dotnet-sdk_5
+    dotnetPackages.Nuget
+    elm2nix
+    elmPackages.elm
+    flutter
+    gcc
+    ghc
+    ghcid
+    haskellPackages.Cabal_3_6_2_0
+    maven
+    nodePackages.node2nix
+    nodePackages.npm
+    nodePackages.sass
+    nodePackages.typescript
+    nodePackages.yarn
+    nodejs
+    plantuml
+    python3
+    rustc
+    rustc
+    rustup
+  ];
+
+  environment = {
+    variables = {
+      EDITOR = "nvim";
+      VISUAL = "nvim";
+    };
+
+    systemPackages = with pkgs; [
+      wget
+      haskellPackages.xmobar
+    ];
+
+    shells = with pkgs; [
+      bashInteractive
+      zsh
+      dash
+    ];
+
+    etc = {
+      # TODO: move this out of etc, and reference it directly in sudo config.
+      sudoLecture = {
+        target = "sudo.lecture";
+        text = lib.termColors.front.red "Be careful or something, idk...\n";
+      };
+
+      currentSystemPackages = {
+        target = "current-system-packages";
+        text = let
+          inherit (lib.strings) concatStringsSep;
+          inherit (lib.lists) sort;
+          inherit (lib.trivial) lessThan;
+          packages = map (p: "${p.name}") config.environment.systemPackages;
+          sortedUnique = sort lessThan (lib.unique packages);
+        in concatStringsSep "\n" sortedUnique;
+      };
+    };
+  };
+
+  fonts = {
+    enableDefaultFonts = true;
+
+    fonts = with pkgs; [
+      cm_unicode
+      dejavu_fonts
+      fira-code
+      fira-code-symbols
+      powerline-fonts
+      iosevka
+      symbola
+      corefonts
+      ipaexfont
+      ipafont
+      liberation_ttf
+      migmix
+      noto-fonts
+      noto-fonts-cjk
+      noto-fonts-emoji
+      open-sans
+      source-han-sans
+      source-sans
+      ubuntu_font_family
+      victor-mono
+      (nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" ]; })
+    ];
+
+    fontconfig = {
+      defaultFonts = {
+        serif = [ "Droid Sans Serif" "Ubuntu" ];
+        sansSerif = [ "Droid Sans" "Ubuntu" ];
+        monospace = [ "Fira Code" "Ubuntu" ];
+        emoji = [ "Noto Sans Emoji" ];
+      };
+    };
+  };
+
+  programs = {
+    dconf.enable = true;
+    git.enable = true;
+    light.enable = true;
+    npm.enable = true;
+    tmux.enable = true;
+    neovim = {
+      enable = true;
+      defaultEditor = true;
+      viAlias = true;
+      vimAlias = true;
+      configure = {
+        packages.myVimPackage = with pkgs.vimPlugins; {
+          start = [
+            direnv-vim
+            vim-nix
+            vim-polyglot
+          ];
+
+          opt = [
+            vim-monokai
+          ];
+        };
+
+        customRC = ''
+          set number relativenumber
+          set undofile
+          set undodir=~/.cache/vim/undodir
+
+          packadd! vim-monokai
+          colorscheme monokai
+        '';
+      };
+    };
+
+    gnupg.agent = {
+      enable = true;
+      enableSSHSupport = true;
+    };
+  };
+
+  security.sudo.extraConfig = ''
+    Defaults    lecture = always
+    Defaults    lecture_file = /etc/${config.environment.etc.sudoLecture.target}
+  '';
+
+  virtualisation = {
+    docker.enable = true;
+    libvirtd.enable = true;
+  };
+
+  system.stateVersion = "21.11";
+}
+

nixpkgs/hosts/eisei/hardware-configuration.nix

@@ -0,0 +1,37 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/59d56b94-29f0-45be-81cc-16050c712902";
+      fsType = "ext4";
+    };
+
+  fileSystems."/home" =
+    { device = "/dev/disk/by-uuid/e66ad6d8-28d5-4411-8289-5ec47d60858b";
+      fsType = "ext4";
+    };
+
+  fileSystems."/home/h7x4/Dropbox" =
+    { device = "/dev/disk/by-uuid/b6b244ab-fdb2-4d90-8a38-b21b0932027b";
+      fsType = "ext4";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/62738962-4764-4136-bdd3-348de09400d0"; }
+    ];
+
+  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

nixpkgs/misc/ssh/hosts/pvv.nix

@@ -1,12 +1,7 @@
-{ ... }:
+{ pkgs, secrets, ... }:
 let
-
-  # TODO: Fix overlay in home.nix
-  pkgs = import <nixos> { overlays = [(import ../../../overlays/lib)]; };
-  lib = pkgs.lib;
-
-  users = import ./users.nix;
-  inherit (users.pvv) normalUser adminUser;
+  inherit (pkgs) lib;
+  inherit (secrets.ssh.users.pvv) normalUser adminUser;
 
   # http://www.pvv.ntnu.no/pvv/Maskiner
   normalMachines = [

nixpkgs/programs/comma.nix

@@ -8,7 +8,9 @@ let
   }) {};
 in
 {
-  home.packages = with pkgs; [
-    comma
-  ];
+  # FIXME: this projects default.nix imports <nixpkgs>, which makes it very much not kosher
+
+  # home.packages = with pkgs; [
+  #   comma
+  # ];
 }

nixpkgs/secret/.gitignore

@@ -1,17 +0,0 @@
-
-# Ignore everything
-*
-
-# Sincde it's not possible to re-include a file if a
-# parent directory of that file is excluded, we need to
-# reinclude all directories.
-!/**/
-
-# Root level exceptions
-!/**/default.nix
-!.gitignore
-!update.sh
-!README.md
-
-# Other exceptions
-!ssh/hosts/pvv.nix

nixpkgs/secret/README.md

@@ -1,36 +0,0 @@
-# Secrets
-
-
-
-## Structure
-
-<!-- tree-output -->
-```
-.
-├── common
-│  ├── browser-bookmarks.nix
-│  └── browser-engines.nix
-├── programs
-│  ├── chromium
-│  │  ├── bookmarks.nix
-│  │  ├── default.nix
-│  │  └── engines.nix
-│  ├── newsboat
-│  │  ├── default.nix
-│  │  └── sources.nix
-│  ├── qutebrowser
-│  │  ├── bookmarks.nix
-│  │  ├── default.nix
-│  │  └── engines.nix
-│  └── default.nix
-├── ssh
-│  └── hosts
-│     ├── default.nix
-│     ├── home.nix
-│     ├── ntnu.nix
-│     ├── pvv.nix
-│     └── users.nix
-├── default.nix
-├── README.md
-└── update.sh
-```

nixpkgs/secret/default.nix

@@ -1,8 +0,0 @@
-{ ... }:
-{
-  imports = [
-    ./programs
-    ./ssh/hosts
-    ./gtk/bookmarks.nix
-  ];
-}

nixpkgs/secret/programs/chromium/default.nix

@@ -1,7 +0,0 @@
-{ ... }:
-{
-  imports = [
-    ./bookmarks.nix
-    ./engines.nix
-  ];
-}

nixpkgs/secret/programs/default.nix

@@ -1,8 +0,0 @@
-{ ... }:
-{
-  imports = [
-    ./chromium
-    ./newsboat
-    ./qutebrowser
-  ];
-}

nixpkgs/secret/programs/newsboat/default.nix

@@ -1,6 +0,0 @@
-{ ... }:
-{
-  imports = [
-    ./sources.nix
-  ];
-}

nixpkgs/secret/programs/qutebrowser/default.nix

@@ -1,7 +0,0 @@
-{ ... }:
-{
-  imports = [
-    ./bookmarks.nix
-    ./engines.nix
-  ];
-}

nixpkgs/secret/ssh/hosts/default.nix

@@ -1,8 +0,0 @@
-{ ... }:
-{
-  imports =  [
-    ./pvv.nix
-    ./ntnu.nix
-    ./home.nix
-  ];
-}

nixpkgs/secret/update.sh

@@ -1,2 +0,0 @@
-#!/usr/bin/env sh
-perl -0777 -pi -e '$tree=`exa -I XX* --tree --group-directories-first`; s/<!-- tree-output -->\n```\n(?:.|\n)+```/<!-- tree-output -->\n```\n$tree```/' README.md

nixpkgs/shellOptions.nix

@@ -1,10 +1,7 @@
-{ config, ... }:
-let
-  # TODO: These should really be inputs in the main function, and the
-  #       overlaying should be happening in home.nix. I wasn't able to
-  #       make it work though.
-  pkgs = import <nixos> { overlays = [(import ./overlays/lib)]; };
-  lib = pkgs.lib;
+{ pkgs, config, ... }: let
+
+  # FIXME: lib should be imported directly as a module argument.
+  inherit (pkgs) lib;
 
   sedColor =
     color: