Convert nix config into a flake

This commit is contained in:
Oystein Kristoffer Tveit 2021-12-23 05:00:44 +01:00
parent 1a0ea27fcd
commit 9feae67e9d
18 changed files with 521 additions and 140 deletions

View File

@ -1,5 +0,0 @@
{ ... }:
{
allowUnfree = true;
android_sdk.accept_license = true;
}

69
nixpkgs/flake.lock generated Normal file
View File

@ -0,0 +1,69 @@
{
"nodes": {
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1639871969,
"narHash": "sha256-6feWUnMygRzA9tzkrfAzpA5/NBYg75bkFxnqb1DtD7E=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "697cc8c68ed6a606296efbbe9614c32537078756",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-21.11",
"repo": "home-manager",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1640077788,
"narHash": "sha256-YMSDk3hlucJTTARaHNOeQEF6zEW3A/x4sXgrz94VbS0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9ab7d12287ced0e1b4c03b61c781901f178d9d77",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-21.11",
"type": "indirect"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"secrets": "secrets"
}
},
"secrets": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1640231944,
"narHash": "sha256-nb743xTN5n7LRmiTzfKgknTe+R68FKXIQX/8ERU5JS4=",
"ref": "main",
"rev": "a489b4a3b5ec636da65886226102a8372c40dcc4",
"revCount": 1,
"type": "git",
"url": "file:///home/h7x4/git/nix-secrets"
},
"original": {
"type": "git",
"url": "file:///home/h7x4/git/nix-secrets"
}
}
},
"root": "root",
"version": 7
}

88
nixpkgs/flake.nix Normal file
View File

@ -0,0 +1,88 @@
{
description = "Mmmmmh, Spaghetti";
inputs = {
nixpkgs.url = "nixpkgs/nixos-21.11";
home-manager = {
url = "github:nix-community/home-manager/release-21.11";
inputs.nixpkgs.follows = "nixpkgs";
};
# Nix expressions and keys (TODO: move keys to another solution like agenix)
# which should be kept from the main repo for privacy reasons.
#
# Includes stuff like usernames, emails, ports, other server users, ssh hosts, etc.
secrets = {
# TODO: Push this to a remote.
url = "git+file:///home/h7x4/git/nix-secrets";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { self, nixpkgs, home-manager, secrets, ... }: let
system = "x86_64-linux";
pkgs = import nixpkgs {
inherit system;
config = {
allowUnfree = true;
android_sdk.accept_license = true;
};
overlays = [ (import ./overlays/lib) ];
};
specialArgs = {
secrets = secrets.outputs.default;
colorTheme = import ./common/colors.nix;
};
in {
overlays = {
lib = import ./overlays/lib;
};
homeConfigurations = {
h7x4 = home-manager.lib.homeManagerConfiguration {
inherit system;
inherit pkgs;
extraSpecialArgs = specialArgs;
username = "h7x4";
homeDirectory = "/home/h7x4";
stateVersion = "21.11";
configuration = {
imports = [
./home.nix
secrets.outputs.nixosModule
];
};
};
};
nixosConfigurations = let
# String -> AttrSet -> AttrSet
nixSys =
name: extraOpts:
nixpkgs.lib.nixosSystem {
inherit system;
inherit pkgs;
lib = pkgs.lib;
inherit specialArgs;
modules = [
./hosts/${name}
];
} // extraOpts;
in {
# Tsuki = nixSys "tsuki" {};
Eisei = nixSys "eisei" {};
};
};
}

View File

@ -1,23 +1,11 @@
{ pkgs, lib, ... } @ args:
let
colorType = with lib.types; (attrsOf str);
colorTheme = import ./common/colors.nix;
in
{ pkgs, ... } @ args:
{
_module.args = {
inherit colorTheme;
};
# FIXME: this isn't really working? see shellOptions
nixpkgs.overlays = [
(import ./overlays/lib)
];
imports = [
./shellOptions.nix
./packages.nix
./misc/mimetypes.nix
./misc/ssh/hosts/pvv.nix
./programs/alacritty.nix
./programs/comma.nix
@ -39,15 +27,12 @@ in
./services/picom.nix
./services/stalonetray.nix
./services/sxhkd.nix
./secret
];
home = {
stateVersion = "21.05";
stateVersion = "21.11";
username = "h7x4";
homeDirectory = "/home/h7x4";
# enableNixpkgsReleaseCheck = true;
};
news.display = "silent";

View File

@ -0,0 +1,312 @@
{ pkgs, config, ... }: let
# FIXME: lib should be imported directly as a module argument.
inherit (pkgs) lib;
in {
imports = [
./hardware-configuration.nix
];
systemd.targets = {
sleep.enable = false;
suspend.enable = false;
hibernate.enable = false;
hybrid-sleep.enable = false;
};
boot.loader = {
efi.canTouchEfiVariables = false;
grub = {
enable = true;
device = "/dev/sda";
version = 2;
};
};
time.timeZone = "Europe/Oslo";
networking = {
hostName = "Eisei";
networkmanager.enable = true;
useDHCP = false;
interfaces = {
eno1.useDHCP = true;
wlo1.useDHCP = true;
};
# firewall = {
# enable = false;
# allowedTCPPorts = [ ... ];
# allowedUDPPorts = [ ... ];
# };
};
i18n = {
defaultLocale = "en_US.UTF-8";
inputMethod = {
enabled = "fcitx";
fcitx.engines = with pkgs.fcitx-engines; [ mozc ];
};
# inputMethod = {
# enabled = "fcitx5";
# fcitx5.addons = with pkgs; [
# fcitx5-mozc
# fcitx5-gtk
# ];
# };
};
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
services = {
openssh.enable = true;
gnome.gnome-keyring.enable = true;
printing.enable = true;
dbus = {
enable = true;
packages = with pkgs; [
gcr
gnome3.dconf
];
};
cron = {
enable = true;
systemCronJobs = [
# "*/5 * * * * root date >> /tmp/cron.log"
];
};
xserver = {
enable = true;
layout = "us";
xkbOptions = "caps:escape";
libinput = {
enable = true;
touchpad.disableWhileTyping = true;
};
windowManager.xmonad = {
enable = true;
enableContribAndExtras = true;
};
};
};
sound.enable = true;
hardware.pulseaudio.enable = true;
hardware.bluetooth.enable = true;
nixpkgs.config = {
allowUnfree = true;
};
nix = {
distributedBuilds = true;
package = pkgs.nixFlakes;
binaryCaches = [
"https://cache.nixos.org/"
];
extraOptions = ''
experimental-features = nix-command flakes
builders-use-substitutes = true
'';
buildMachines = [
{
hostName = "Tsuki";
system = "x86_64-linux";
maxJobs = 1;
speedFactor = 3;
supportedFeatures = [
"nixos-test"
"benchmark"
"big-paralell"
"kvm"
];
mandatoryFeatures = [];
}
];
};
users.users.h7x4 = {
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"docker"
"disk"
"audio"
"video"
"libvirtd"
"input"
];
shell = pkgs.zsh;
};
system.extraDependencies = with pkgs; [
asciidoc
asciidoctor
cabal2nix
clang
dart
dotnet-sdk
dotnet-sdk_3
dotnet-sdk_5
dotnetPackages.Nuget
elm2nix
elmPackages.elm
flutter
gcc
ghc
ghcid
haskellPackages.Cabal_3_6_2_0
maven
nodePackages.node2nix
nodePackages.npm
nodePackages.sass
nodePackages.typescript
nodePackages.yarn
nodejs
plantuml
python3
rustc
rustc
rustup
];
environment = {
variables = {
EDITOR = "nvim";
VISUAL = "nvim";
};
systemPackages = with pkgs; [
wget
haskellPackages.xmobar
];
shells = with pkgs; [
bashInteractive
zsh
dash
];
etc = {
# TODO: move this out of etc, and reference it directly in sudo config.
sudoLecture = {
target = "sudo.lecture";
text = lib.termColors.front.red "Be careful or something, idk...\n";
};
currentSystemPackages = {
target = "current-system-packages";
text = let
inherit (lib.strings) concatStringsSep;
inherit (lib.lists) sort;
inherit (lib.trivial) lessThan;
packages = map (p: "${p.name}") config.environment.systemPackages;
sortedUnique = sort lessThan (lib.unique packages);
in concatStringsSep "\n" sortedUnique;
};
};
};
fonts = {
enableDefaultFonts = true;
fonts = with pkgs; [
cm_unicode
dejavu_fonts
fira-code
fira-code-symbols
powerline-fonts
iosevka
symbola
corefonts
ipaexfont
ipafont
liberation_ttf
migmix
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
open-sans
source-han-sans
source-sans
ubuntu_font_family
victor-mono
(nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" ]; })
];
fontconfig = {
defaultFonts = {
serif = [ "Droid Sans Serif" "Ubuntu" ];
sansSerif = [ "Droid Sans" "Ubuntu" ];
monospace = [ "Fira Code" "Ubuntu" ];
emoji = [ "Noto Sans Emoji" ];
};
};
};
programs = {
dconf.enable = true;
git.enable = true;
light.enable = true;
npm.enable = true;
tmux.enable = true;
neovim = {
enable = true;
defaultEditor = true;
viAlias = true;
vimAlias = true;
configure = {
packages.myVimPackage = with pkgs.vimPlugins; {
start = [
direnv-vim
vim-nix
vim-polyglot
];
opt = [
vim-monokai
];
};
customRC = ''
set number relativenumber
set undofile
set undodir=~/.cache/vim/undodir
packadd! vim-monokai
colorscheme monokai
'';
};
};
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
};
security.sudo.extraConfig = ''
Defaults lecture = always
Defaults lecture_file = /etc/${config.environment.etc.sudoLecture.target}
'';
virtualisation = {
docker.enable = true;
libvirtd.enable = true;
};
system.stateVersion = "21.11";
}

View File

@ -0,0 +1,37 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/59d56b94-29f0-45be-81cc-16050c712902";
fsType = "ext4";
};
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/e66ad6d8-28d5-4411-8289-5ec47d60858b";
fsType = "ext4";
};
fileSystems."/home/h7x4/Dropbox" =
{ device = "/dev/disk/by-uuid/b6b244ab-fdb2-4d90-8a38-b21b0932027b";
fsType = "ext4";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/62738962-4764-4136-bdd3-348de09400d0"; }
];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

View File

@ -1,12 +1,7 @@
{ ... }:
{ pkgs, secrets, ... }:
let
# TODO: Fix overlay in home.nix
pkgs = import <nixos> { overlays = [(import ../../../overlays/lib)]; };
lib = pkgs.lib;
users = import ./users.nix;
inherit (users.pvv) normalUser adminUser;
inherit (pkgs) lib;
inherit (secrets.ssh.users.pvv) normalUser adminUser;
# http://www.pvv.ntnu.no/pvv/Maskiner
normalMachines = [

View File

@ -8,7 +8,9 @@ let
}) {};
in
{
home.packages = with pkgs; [
comma
];
# FIXME: this projects default.nix imports <nixpkgs>, which makes it very much not kosher
# home.packages = with pkgs; [
# comma
# ];
}

View File

@ -1,17 +0,0 @@
# Ignore everything
*
# Sincde it's not possible to re-include a file if a
# parent directory of that file is excluded, we need to
# reinclude all directories.
!/**/
# Root level exceptions
!/**/default.nix
!.gitignore
!update.sh
!README.md
# Other exceptions
!ssh/hosts/pvv.nix

View File

@ -1,36 +0,0 @@
# Secrets
## Structure
<!-- tree-output -->
```
.
├── common
│ ├── browser-bookmarks.nix
│ └── browser-engines.nix
├── programs
│ ├── chromium
│ │ ├── bookmarks.nix
│ │ ├── default.nix
│ │ └── engines.nix
│ ├── newsboat
│ │ ├── default.nix
│ │ └── sources.nix
│ ├── qutebrowser
│ │ ├── bookmarks.nix
│ │ ├── default.nix
│ │ └── engines.nix
│ └── default.nix
├── ssh
│ └── hosts
│ ├── default.nix
│ ├── home.nix
│ ├── ntnu.nix
│ ├── pvv.nix
│ └── users.nix
├── default.nix
├── README.md
└── update.sh
```

View File

@ -1,8 +0,0 @@
{ ... }:
{
imports = [
./programs
./ssh/hosts
./gtk/bookmarks.nix
];
}

View File

@ -1,7 +0,0 @@
{ ... }:
{
imports = [
./bookmarks.nix
./engines.nix
];
}

View File

@ -1,8 +0,0 @@
{ ... }:
{
imports = [
./chromium
./newsboat
./qutebrowser
];
}

View File

@ -1,6 +0,0 @@
{ ... }:
{
imports = [
./sources.nix
];
}

View File

@ -1,7 +0,0 @@
{ ... }:
{
imports = [
./bookmarks.nix
./engines.nix
];
}

View File

@ -1,8 +0,0 @@
{ ... }:
{
imports = [
./pvv.nix
./ntnu.nix
./home.nix
];
}

View File

@ -1,2 +0,0 @@
#!/usr/bin/env sh
perl -0777 -pi -e '$tree=`exa -I XX* --tree --group-directories-first`; s/<!-- tree-output -->\n```\n(?:.|\n)+```/<!-- tree-output -->\n```\n$tree```/' README.md

View File

@ -1,10 +1,7 @@
{ config, ... }:
let
# TODO: These should really be inputs in the main function, and the
# overlaying should be happening in home.nix. I wasn't able to
# make it work though.
pkgs = import <nixos> { overlays = [(import ./overlays/lib)]; };
lib = pkgs.lib;
{ pkgs, config, ... }: let
# FIXME: lib should be imported directly as a module argument.
inherit (pkgs) lib;
sedColor =
color: