jordan/nix-config
1
1
Fork 0
Code Issues 10 Pull Requests Actions Projects 3 Wiki Activity

flake.nix: use flake-parts
All checks were successful
Check flake / build-amd64-linux (push) Successful in 1m28s
Details

Browse Source
This commit is contained in:
Jordan Holt
2025-08-15 19:42:45 +01:00
parent 75f1317346
commit e7145bad37
3 changed files with 264 additions and 156 deletions
Download Patch File Download Diff File Expand all files Collapse all files

175
flake.lock generated
View File

@@ -3,8 +3,12 @@
"agenix": {
"inputs": {
"darwin": "darwin",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"home-manager": [
"nixpkgs"
],
"nixpkgs": [
"nixpkgs"
],
"systems": "systems"
},
"locked": {
@@ -95,7 +99,7 @@
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": "nixpkgs_2",
"nixpkgs": "nixpkgs",
"utils": "utils"
},
"locked": {
@@ -212,7 +216,41 @@
"type": "github"
}
},
"flake-compat_5": {
"flake": false,
"locked": {
"lastModified": 1747046372,
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1754487366,
"narHash": "sha256-pHYj8gUBapuUzKV/kN/tR3Zvqc7o6gdFB9XKXIp1SQ8=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "af66ad14b28a127c5c0f3bbb298218fc63528a18",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"nixvim",
@@ -257,7 +295,7 @@
"nixos-mailserver",
"flake-compat"
],
"gitignore": "gitignore_2",
"gitignore": "gitignore_3",
"nixpkgs": [
"nixos-mailserver",
"nixpkgs"
@@ -277,6 +315,26 @@
"type": "github"
}
},
"git-hooks-nix": {
"inputs": {
"flake-compat": "flake-compat_2",
"gitignore": "gitignore",
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1754416808,
"narHash": "sha256-c6yg0EQ9xVESx6HGDOCMcyRSjaTpNJP10ef+6fRcofA=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "9c52372878df6911f9afc1e2a1391f55e4dfc864",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"gitea-github-theme": {
"flake": false,
"locked": {
@@ -295,6 +353,27 @@
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"git-hooks-nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"gitignore_2": {
"inputs": {
"nixpkgs": [
"hyprland",
@@ -316,7 +395,7 @@
"type": "github"
}
},
"gitignore_2": {
"gitignore_3": {
"inputs": {
"nixpkgs": [
"nixos-mailserver",
@@ -338,7 +417,7 @@
"type": "github"
}
},
"gitignore_3": {
"gitignore_4": {
"inputs": {
"nixpkgs": [
"pre-commit-hooks",
@@ -360,27 +439,6 @@
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1745494811,
"narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": {
"inputs": {
"nixpkgs": [
"nixpkgs"
@@ -475,11 +533,11 @@
"xdph": "xdph"
},
"locked": {
"lastModified": 1755184403,
"narHash": "sha256-VI+ZPD/uIFjzYW8IcyvBgvwyDIvUe4/xh/kOHTbITX8=",
"lastModified": 1755277479,
"narHash": "sha256-LrXtv1RIEds93j+OiSEvYFVX4fcGk2vrEzva19oxvco=",
"owner": "hyprwm",
"repo": "Hyprland",
"rev": "60d769a89908c29e19100059985db15a7b6bab6a",
"rev": "edc473e8b0c14e768445422080af9978d132bff6",
"type": "github"
},
"original": {
@@ -767,7 +825,7 @@
"nixos-mailserver": {
"inputs": {
"blobs": "blobs",
"flake-compat": "flake-compat_3",
"flake-compat": "flake-compat_4",
"git-hooks": "git-hooks",
"nixpkgs": [
"nixpkgs"
@@ -791,16 +849,16 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1754028485,
"narHash": "sha256-IiiXB3BDTi6UqzAZcf2S797hWEPCRZOwyNThJIYhUfk=",
"lastModified": 1743014863,
"narHash": "sha256-jAIUqsiN2r3hCuHji80U7NNEafpIMBXiwKlSrjWMlpg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "59e69648d345d6e8fef86158c555730fa12af9de",
"rev": "bd3bac8bfb542dbde7ffffb6987a1a1f9d41699f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
@@ -821,13 +879,28 @@
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1753579242,
"narHash": "sha256-zvaMGVn14/Zz8hnp4VWT9xVnhc8vuL3TStRqwk22biA=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "0f36c44e01a6129be94e3ade315a5883f0228a6e",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1755027561,
"narHash": "sha256-IVft239Bc8p8Dtvf7UAACMG5P3ZV+3/aO28gXpGtMXI=",
"lastModified": 1755186698,
"narHash": "sha256-wNO3+Ks2jZJ4nTHMuks+cxAiVBGNuEBXsT29Bz6HASo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "005433b926e16227259a1843015b5b2b7f7d1fc3",
"rev": "fbcf476f790d8a217c3eab4e12033dc4a0f6d23c",
"type": "github"
},
"original": {
@@ -838,11 +911,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1743014863,
"narHash": "sha256-jAIUqsiN2r3hCuHji80U7NNEafpIMBXiwKlSrjWMlpg=",
"lastModified": 1754340878,
"narHash": "sha256-lgmUyVQL9tSnvvIvBp7x1euhkkCho7n3TMzgjdvgPoU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "bd3bac8bfb542dbde7ffffb6987a1a1f9d41699f",
"rev": "cab778239e705082fe97bb4990e0d24c50924c04",
"type": "github"
},
"original": {
@@ -870,11 +943,11 @@
},
"nixpkgs_4": {
"locked": {
"lastModified": 1754937576,
"narHash": "sha256-3sWA5WJybUE16kIMZ3+uxcxKZY/JRR4DFBqLdSLBo7w=",
"lastModified": 1755078291,
"narHash": "sha256-Hu/gTDoi4uy6TAKISPHQusSMy8U6xUbLSDjKBYdhDIY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ddae11e58c0c345bf66efbddbf2192ed0e58f896",
"rev": "3385ca0cd7e14c1a1eb80401fe011705ff012323",
"type": "github"
},
"original": {
@@ -885,7 +958,7 @@
},
"nixvim": {
"inputs": {
"flake-parts": "flake-parts",
"flake-parts": "flake-parts_2",
"nixpkgs": [
"nixpkgs"
],
@@ -932,8 +1005,8 @@
},
"pre-commit-hooks": {
"inputs": {
"flake-compat": "flake-compat_2",
"gitignore": "gitignore",
"flake-compat": "flake-compat_3",
"gitignore": "gitignore_2",
"nixpkgs": [
"hyprland",
"nixpkgs"
@@ -955,8 +1028,8 @@
},
"pre-commit-hooks_2": {
"inputs": {
"flake-compat": "flake-compat_4",
"gitignore": "gitignore_3",
"flake-compat": "flake-compat_5",
"gitignore": "gitignore_4",
"nixpkgs": [
"nixpkgs"
]
@@ -981,8 +1054,10 @@
"deploy-rs": "deploy-rs",
"disko": "disko",
"firefox-gnome-theme": "firefox-gnome-theme",
"flake-parts": "flake-parts",
"git-hooks-nix": "git-hooks-nix",
"gitea-github-theme": "gitea-github-theme",
"home-manager": "home-manager_2",
"home-manager": "home-manager",
"hyprland": "hyprland",
"hyprland-plugins": "hyprland-plugins",
"impermanence": "impermanence",

185
flake.nix
View File

@@ -2,54 +2,80 @@
description = "NixOS system configuration";
inputs = {
nixpkgs.url = "nixpkgs/nixos-25.05";
nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
# nixpkgs-master.url = "nixpkgs";
agenix.url = "github:ryantm/agenix";
agenix = {
url = "github:ryantm/agenix";
inputs.home-manager.follows = "nixpkgs";
inputs.nixpkgs.follows = "nixpkgs";
};
deploy-rs.url = "github:serokell/deploy-rs";
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager/release-25.05";
inputs.nixpkgs.follows = "nixpkgs";
};
hyprland.url = "github:hyprwm/Hyprland";
hyprland-plugins = {
url = "github:hyprwm/hyprland-plugins";
inputs.hyprland.follows = "hyprland";
};
firefox-gnome-theme = {
url = "github:rafaelmardojai/firefox-gnome-theme";
flake = false;
};
flake-parts.url = "github:hercules-ci/flake-parts";
git-hooks-nix.url = "github:cachix/git-hooks.nix";
gitea-github-theme = {
url = "git+ssh://git@git.vimium.com/jordan/gitea-github-theme.git?ref=main";
flake = false;
};
impermanence.url = "github:nix-community/impermanence";
kvlibadwaita = {
url = "github:GabePoel/KvLibadwaita";
flake = false;
};
nixos-hardware.url = "github:NixOS/nixos-hardware";
nixos-mailserver = {
url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-25.05";
inputs.nixpkgs.follows = "nixpkgs";
};
nixpkgs.url = "nixpkgs/nixos-25.05";
nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
# nixpkgs-master.url = "nixpkgs";
nixvim = {
url = "github:nix-community/nixvim/nixos-25.05";
inputs.nixpkgs.follows = "nixpkgs";
};
pre-commit-hooks = {
url = "github:cachix/git-hooks.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
secrets = {
url = "git+ssh://git@git.vimium.com/jordan/nix-secrets.git";
flake = false;
};
thunderbird-gnome-theme = {
url = "github:rafaelmardojai/thunderbird-gnome-theme";
flake = false;
@@ -57,114 +83,61 @@
};
outputs =
inputs@{ self, nixpkgs, ... }:
let
inherit (nixpkgs) lib;
inputs@{
nixpkgs,
flake-parts,
...
}:
flake-parts.lib.mkFlake { inherit inputs; } {
imports = [
inputs.git-hooks-nix.flakeModule
./nix/hosts.nix
];
domain = "mesh.vimium.net";
forEachSystem = lib.genAttrs [
"x86_64-linux"
flake = {
overlays = nixpkgs.lib.packagesFromDirectoryRecursive {
callPackage = path: overrides: import path;
directory = ./overlays;
};
};
systems = [
"aarch64-linux"
];
mkDeployNode = hostName: {
hostname = "${hostName}.${domain}";
profiles.system = {
user = "root";
path =
inputs.deploy-rs.lib.${
self.nixosConfigurations.${hostName}.config.system.build.toplevel.system
}.activate.nixos
self.nixosConfigurations.${hostName};
};
};
in
{
overlays = lib.packagesFromDirectoryRecursive {
callPackage = path: overrides: import path;
directory = ./overlays;
};
legacyPackages = forEachSystem (
system:
lib.packagesFromDirectoryRecursive {
callPackage = nixpkgs.legacyPackages.${system}.callPackage;
directory = ./pkgs;
}
);
nixosConfigurations = lib.pipe ./hosts [
builtins.readDir
(lib.filterAttrs (name: value: value == "directory"))
(lib.mapAttrs (
name: value:
lib.nixosSystem {
specialArgs = { inherit inputs; };
modules = [
{
networking = {
inherit domain;
hostName = name;
};
}
./hosts/${name}
];
}
))
"x86_64-linux"
];
checks =
builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) inputs.deploy-rs.lib
// (forEachSystem (system: {
pre-commit-check = inputs.pre-commit-hooks.lib.${system}.run {
src = ./.;
hooks = {
check-case-conflicts.enable = true;
check-executables-have-shebangs.enable = true;
check-merge-conflicts.enable = true;
deadnix = {
enable = true;
settings = {
noLambdaArg = true;
};
};
detect-private-keys.enable = true;
end-of-file-fixer.enable = true;
fix-byte-order-marker.enable = true;
mixed-line-endings.enable = true;
nixfmt-rfc-style.enable = true;
trim-trailing-whitespace.enable = true;
};
excludes = [ "pkgs/libcamera-rpi/libcamera-rpi-ipa-priv-key.pem" ];
perSystem =
{ pkgs, ... }:
{
formatter = pkgs.nixfmt-rfc-style;
legacyPackages = pkgs.lib.packagesFromDirectoryRecursive {
callPackage = pkgs.callPackage;
directory = ./pkgs;
};
}));
formatter = forEachSystem (system: nixpkgs.legacyPackages.${system}.nixfmt-rfc-style);
devShells = forEachSystem (system: {
default = nixpkgs.legacyPackages.${system}.mkShell {
inherit (self.checks.${system}.pre-commit-check) shellHook;
buildInputs = [
inputs.agenix.packages.${system}.agenix
inputs.deploy-rs.packages.${system}.deploy-rs
]
++ self.checks.${system}.pre-commit-check.enabledPackages;
pre-commit = {
settings = {
excludes = [ "pkgs/libcamera-rpi/libcamera-rpi-ipa-priv-key.pem" ];
hooks = {
check-case-conflicts.enable = true;
check-executables-have-shebangs.enable = true;
check-merge-conflicts.enable = true;
deadnix = {
enable = true;
settings = {
noLambdaArg = true;
};
};
detect-private-keys.enable = true;
end-of-file-fixer.enable = true;
fix-byte-order-marker.enable = true;
mixed-line-endings.enable = true;
nixfmt-rfc-style.enable = true;
trim-trailing-whitespace.enable = true;
};
};
};
};
});
deploy = {
magicRollback = true;
autoRollback = true;
sshUser = "root";
nodes = lib.genAttrs [
"artemis"
"mail"
"pi"
"skycam"
"vps1"
"vps2"
] mkDeployNode;
};
};
}

60
nix/hosts.nix Normal file
View File

@@ -0,0 +1,60 @@
{
inputs,
...
}:
{
flake =
{ config, lib, ... }:
let
domain = "mesh.vimium.net";
mkDeployNode = hostName: {
hostname = "${hostName}.${domain}";
profiles.system = {
user = "root";
path =
inputs.deploy-rs.lib.${
config.nixosConfigurations.${hostName}.config.system.build.toplevel.system
}.activate.nixos
config.nixosConfigurations.${hostName};
};
};
in
{
nixosConfigurations = lib.pipe ../hosts [
builtins.readDir
(lib.filterAttrs (name: value: value == "directory"))
(lib.mapAttrs (
name: value:
inputs.nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs; };
modules = [
{
networking = {
inherit domain;
hostName = name;
};
}
../hosts/${name}
];
}
))
];
deploy = {
magicRollback = true;
autoRollback = true;
sshUser = "root";
nodes = lib.genAttrs [
"artemis"
"mail"
"pi"
"skycam"
"vps1"
"vps2"
] mkDeployNode;
};
};
}