b12f restructure #1

Merged
teutat3s merged 218 commits from b12f into main 2020-11-24 18:27:01 +00:00
66 changed files with 971 additions and 1512 deletions
Showing only changes of commit 9009fa4a52 - Show all commits

View file

@ -2,7 +2,7 @@ name: "Check & Cachix"
on:
push:
branches:
- core
- main
- trying
- staging
jobs:

View file

@ -3,7 +3,7 @@ name: Deploy Docs to GitHub Pages
on:
push:
branches:
- core
- main
jobs:
deploy:

3
.gitignore vendored
View file

@ -1,6 +1,4 @@
result
up
hosts/up-*
.direnv
doc/index.html
@ -12,3 +10,4 @@ doi
# PubSolarOS
tags
/owners
pkgs/_sources/.shake*

View file

@ -12,7 +12,7 @@ Make an awesome template for NixOS users, with consideration for common tools li
[devshell][devshell], and [more](./doc/integrations).
### No. Why _flakes_?
Flakes are a part of an explicit push to improve [Nix's UI](https://github.com/NixOS/nix/blob/master/doc/manual/src/contributing/cli-guideline.md), and have become an intergral part of that effort.
Flakes are a part of an explicit push to improve [Nix's UX](https://github.com/NixOS/nix/blob/master/doc/manual/src/contributing/cli-guideline.md), and have become an integral part of that effort.
They also make [Nix expressions](https://nixos.org/manual/nix/unstable/expressions/expression-syntax.html) easier to distribute and reuse with convient [flake references](https://github.com/NixOS/nix/blob/master/src/nix/flake.md#flake-references) for building or using packages, modules, and whole systems.
@ -43,6 +43,7 @@ following giants][giants]:
### :family: — like family
- [`numtide/devshell`][devshell]
- [`serokell/deploy-rs`][deploy]
- [`berberman/nvfetcher`][nvfetcher]
- [`NixOS/nixpkgs`][nixpkgs]
:heart:
@ -68,23 +69,22 @@ goals are sufficiently upstreamed into "the Nix", dissolved.
# License
DevOS is licensed under the [MIT License][mit].
[mk-flake]: https://github.com/divnix/digga/tree/master/src/mkFlake
[nixpkgs]: https://github.com/NixOS/nixpkgs
[deploy]: https://github.com/serokell/deploy-rs
[toc]: https://github.com/divnix/devos/blob/core/flake.nix
[giants]: https://en.wikipedia.org/wiki/Standing_on_the_shoulders_of_giants
[digga]: https://github.com/divnix/digga
[fup]: https://github.com/gytis-ivaskevicius/flake-utils-plus
[fu]: https://github.com/numtide/flake-utils
[devshell]: https://github.com/numtide/devshell
[nix]: https://nixos.org/manual/nix/stable
[mit]: https://mit-license.org
[nixos]: https://nixos.org/manual/nixos/stable
[home-manager]: https://nix-community.github.io/home-manager
[flakes]: https://nixos.wiki/wiki/Flakes
[flake-doc]: https://github.com/NixOS/nix/blob/master/src/nix/flake.md
[core]: https://github.com/divnix/devos
[community]: https://github.com/divnix/devos/tree/community
[core]: https://github.com/divnix/devos
[deploy]: https://github.com/serokell/deploy-rs
[devshell]: https://github.com/numtide/devshell
[digga]: https://github.com/divnix/digga
[dotfiles]: https://github.com/hlissner/dotfiles
[flake-doc]: https://github.com/NixOS/nix/blob/master/src/nix/flake.md
[flakes]: https://nixos.wiki/wiki/Flakes
[fu]: https://github.com/numtide/flake-utils
[fup]: https://github.com/gytis-ivaskevicius/flake-utils-plus
[giants]: https://en.wikipedia.org/wiki/Standing_on_the_shoulders_of_giants
[home-manager]: https://nix-community.github.io/home-manager
[mit]: https://mit-license.org
[mk-flake]: https://github.com/divnix/digga/tree/master/src/mkFlake
[nix]: https://nixos.org/manual/nix/stable
[nixos]: https://nixos.org/manual/nixos/stable
[nixpkgs]: https://github.com/NixOS/nixpkgs
[nvfetcher]: https://github.com/berberman/nvfetcher
[please]: https://github.com/nrdxp/devos/tree/nrd
[matrix]: https://matrix.to/#/#devos:nixos.org

10
bud/default.nix Normal file
View file

@ -0,0 +1,10 @@
{ pkgs, lib, budUtils, ... }: {
bud.cmds = with pkgs; {
get = {
writer = budUtils.writeBashWithPaths [ nixUnstable git coreutils ];
synopsis = "get [DEST]";
help = "Copy the desired template to DEST";
script = ./get.bash;
};
};
}

1
bud/get.bash Normal file
View file

@ -0,0 +1 @@
nix flake new -t "github:divnix/devos/core" "${2:-devos}"

View file

@ -1,25 +1,18 @@
# Pull Requests
All development is done in the `develop` branch. Only minor bug-fixes and release
PRs should target `master`.
If making a change to the template, or adding a feature, please be sure to update the
relevant docs. Each directory contains its own README.md, which will
automatically be pulled into the [mdbook](https://devos.divnix.com). The book is
rendered on every change, so the docs should always be up to date.
## TL;DR;
- **Target Branch**: `main`
- **Merge Policy**: [`bors`][bors] is alwyas right (→ `bors try`)
- **Docs**: every changeset is expected to contain doc updates
- **Commit Msg**: be a poet! Comprehensive and explanatory commit messages
should cover the motivation and use case in an easily understandable manner
even when read after a few months.
- **Test Driven Development**: please default to test driven development where possible.
We also use [BORS](https://bors.tech) to ensure that all pull requests pass the
test suite once at least one review is completed.
### Within the Devshell (`nix develop`)
- **Hooks**: please `git commit` within the devshell
- **Fail Early**: please run from within the devshell on your local machine:
- `nix flake check`
# Style
If you wish to contribute please follow these guidelines:
[bors]: https://bors.tech
* format your code with [`nixpkgs-fmt`][nixpkgs-fmt]. The default devshell
includes a pre-commit hook that does this for you.
* The commit message follows the same semantics as [nixpkgs][nixpkgs].
* You can use a `#` symbol to specify ambiguities. For example,
`develop#zsh: <rest of commit message>` would tell me that you're updating the
`zsh` subprofile living under the `develop` profile.
[nixpkgs-fmt]: https://github.com/nix-community/nixpkgs-fmt
[nixpkgs]: https://github.com/NixOS/nixpkgs

View file

@ -6,7 +6,6 @@
- [Bootstrapping](./start/bootstrapping.md)
- [From NixOS](./start/from-nixos.md)
- [Key Concepts](./concepts/index.md)
- [Extern](./concepts/extern.md)
- [Hosts](./concepts/hosts.md)
- [Overrides](./concepts/overrides.md)
- [Profiles](./concepts/profiles.md)
@ -17,19 +16,13 @@
- [Overlays](./outputs/overlays.md)
- [Packages](./outputs/pkgs.md)
- [Concerns]()
- [Lib](./lib.md)
- [Secrets](./secrets.md)
- [Tests](./tests.md)
- [Helper Script `flk`](./flk/index.md)
- [up](./flk/up.md)
- [update](./flk/update.md)
- [get](./flk/get.md)
- [doi](./flk/doi.md)
- [iso](./flk/iso.md)
- [install](./flk/install.md)
- [home](./flk/home.md)
- [Helper Script `bud`](./bud/index.md)
- [get](./bud/get.md)
- [Integrations](./integrations/index.md)
- [Cachix](./integrations/cachix.md)
- [Deploy RS](./integrations/deploy.md)
- [NvFetcher](./integrations/nvfetcher.md)
- [Hercules CI](./integrations/hercules.md)
- [Contributing](./CONTRIBUTING.md)

View file

@ -4,7 +4,7 @@ git history.
## Usage
```sh
flk get DEST-DIR
bud get DEST-DIR
```
If DEST-DIR is ommitted, it defaults to _./devos_.

24
doc/bud/index.md Normal file
View file

@ -0,0 +1,24 @@
# [`bud`][bud] command
The template incudes a convenient script for managing your system called [`bud`][bud].
It is a portable and highly composable system control tool that work anywhere on your host
or in the flake's devshell.
Although it comes with some predefined standard helpers,
it is very extensible and you are encouraged to write your own script snippets
to ease your workflows. An example is the bud module for a `get` command that
comes included with `devos`.
While writing scripts you can convenientely access smart environment variables
that can tell the current architecture, user or host name, among others, regardless
wether you invoke `bud` within the devshell or as the system-wide installed `bud`.
For details, please review the [bud repo][bud].
## Usage
```sh
bud help
```
[bud]: https://github.com/divnix/bud

View file

@ -1,42 +0,0 @@
# External Art
When you need to use a module, overlay, or pass a value from one of your inputs
to the rest of your NixOS configuration, you can make use of a couple arguments.
It is encouraged to add external art directly in your `flake.nix` so the file
represents a complete dependency overview of your flake.
## Overlays
External overlays can directly be added to a channel's `overlays` list.
flake.nix:
```nix
{
channels.nixos.overlays = [ inputs.agenix.overlay ];
}
```
Upon exporting overlays, these overlays will be automatically filtered out by inspecting the `inputs` argument.
## Modules
There is a dedicated `nixos.hostDefaults.externalModules` argument for external
modules.
flake.nix:
```nix
{
nixos.hostDefaults.externalModules = [ inputs.agenix.nixosModules.age ];
}
```
## Home Manager
Since there isn't a `hosts` concept for home-manager, externalModules is just a
top-level argument in the `home` namespace.
flake.nix:
```nix
{
home.externalModules = [ doom-emacs = doom-emacs.hmModule ];
}
```
> ##### Note:
> To avoid declaring "external" modules separately, which is obvious since they come from `inputs`, the optimal solution would be to automatically export modules that were created in
> your flake. But this is not possible due to NixOS/nix#4740.

View file

@ -1,4 +1,10 @@
# Key Concepts
There are few idioms unique to DevOS. This section is dedicated to helping you
understand them.
Key concepts are derived from [digga][digga]. Please refer to its
[docs][digga-docs] for more details.
This section is dedicated to helping you develop a more hands on
understanding of them them.
[digga-docs]: https://digga.divnix.com
[digga]: https://github.com/divnix/digga

View file

@ -1,3 +1,8 @@
> ##### _Note:_
> This section and its semantics need a conceptiual rework.
> Since recently [portable home configurations][portableuser]
> that are not bound to any specific host are a thing.
# Users
Users are a special case of [profiles](profiles.md) that define system
@ -69,3 +74,4 @@ nix build "github:divnix/devos#homeConfigurations.nixos@NixOS.home.activationPac
[home-manager]: https://nix-community.github.io/home-manager
[modules-list]: https://github.com/divnix/devos/tree/core/users/modules/module-list.nix
[portableuser]: https://digga.divnix.com/api-reference-home.html#homeusers

View file

@ -1,10 +0,0 @@
# DigitalOcean
Now you can [create a droplet](https://cloud.digitalocean.com/droplets/new) using your custom image.
Making a DigitalOcean compatible image for `hosts/NixOS.nix` is as simple as:
```sh
flk doi NixOS
```
This works for any file matching `hosts/*.nix` excluding `default.nix`.

View file

@ -1,8 +0,0 @@
# home
The `home` subcommand is for using your home-manager configurations outside of
NixOS, providing an awesome mechanism for keeping your environments
synchronized, even when using other systems.
## Usage
The [users](../concepts/users.md#external-usage) page contains a good usage
example.

View file

@ -1,20 +0,0 @@
# flk command
The devshell for the project incudes a convenient script for managing your
system called `flk`. Each of the following chapters is a reference for one of
its subcommands.
## Rebuild
Without any of the subcommands, `flk` acts as a convenient shortcut for
`nixos-rebuild`:
```sh
flk NixOS build
```
Will build _hosts/NixOS.nix_. You can change out `build` for `switch`, `test`,
etc. Any additional arguments are passed through to the call to
`nixos-rebuild`.
## Usage
```sh
flk help
```

View file

@ -1,12 +0,0 @@
# install
The `install` subcommand is a simple convenience for `nixos-install`, similar
to the shortcut for `nixos-rebuild`, all additional arguments are passed
through.
## Example
```sh
flk install NixOS
```
This will install _hosts/NixOS.nix_ to /mnt. You can override this directory
using standard `nixos-install` args.

View file

@ -1 +0,0 @@
../start/iso.md

View file

@ -1,4 +0,0 @@
# up
The `up` subcommand is a simple shortcut for `nixos-generate-config` that is
compatible with devos. There is a short explanation in the the getting started
[guide](../start/from-nixos.md#generate-configuration).

View file

@ -1,22 +0,0 @@
# update
The `update` subcommand is a simple alias for:
```sh
nix flake update
```
As it sounds, this will update your lock file.
## Updating Package Sources
If you pass directory name then it will update that input if the directory
contains a flake.nix, with an optional arguement to update only a specific
input in the subflake.
For example, you can update any
[package sources](../outputs/pkgs.md#automatic-source-updates) you may have
declared in _pkgs/flake.nix_:
```sh
flk update pkgs
```
or just its _nixpkgs_:
```sh
flk update pkgs nixpkgs
```

View file

@ -0,0 +1,43 @@
# nvfetcher
[NvFetcher][nvf] is a workflow companion for updating nix sources.
You can specify an origin source and an update configuration, and
nvfetcher can for example track updates to a specific branch and
automatically update your nix sources configuration on each run
to the tip of that branch.
All package source declaration is done in [sources.toml][sources.toml].
From within the devshell of this repo, run `nvfetcher`, a wrapped
version of `nvfetcher` that knows where to find and place its files
and commit the results.
## Usage
Statically fetching (not tracking) a particular tag from a github repo:
```toml
[manix]
src.manual = "v0.6.3"
fetch.github = "mlvzk/manix"
```
Tracking the latest github _release_ from a github repo:
```toml
[manix]
src.github = "mlvzk/manix" # responsible for tracking
fetch.github = "mlvzk/manix" # responsible for fetching
```
Tracking the latest commit of a git repository and fetch from a git repo:
```toml
[manix]
src.git = "https://github.com/mlvzk/manix.git" # responsible for tracking
fetch.git = "https://github.com/mlvzk/manix.git" # responsible for fetching
```
> ##### _Note:_
> Please refer to the [NvFetcher Readme][nvf-readme] for more options.
[nvf]: https://github.com/berberman/nvfetcher
[nvf-readme]: https://github.com/berberman/nvfetcher#readme
[sources.toml]: https://github.com/divnix/devos/tree/core/pkgs/sources.toml

View file

@ -1,541 +0,0 @@
## channels
nixpkgs channels to create
*_Type_*:
attribute set of submodules
*_Default_*
```
{}
```
## channels.\<name\>.config
nixpkgs config for this channel
*_Type_*:
attribute set or path convertible to it
*_Default_*
```
{}
```
## channels.\<name\>.input
nixpkgs flake input to use for this channel
*_Type_*:
nix flake
*_Default_*
```
"self.inputs.<name>"
```
## channels.\<name\>.overlays
overlays to apply to this channel
these will get exported under the 'overlays' flake output
as \<channel\>/\<name\> and any overlay pulled from ${inputs}
will be filtered out
*_Type_*:
list of valid Nixpkgs overlay or path convertible to its or anything convertible to it
*_Default_*
```
[]
```
## channelsConfig
nixpkgs config for all channels
*_Type_*:
attribute set or path convertible to it
*_Default_*
```
{}
```
## devshell
Modules to include in your devos shell. the `modules` argument
will be exported under the `devshellModules` output
*_Type_*:
submodule
*_Default_*
```
{}
```
## devshell.externalModules
modules to include that won't be exported
meant importing modules from external flakes
*_Type_*:
list of valid module or path convertible to its or anything convertible to it
*_Default_*
```
[]
```
## devshell.modules
modules to include in all hosts and export to devshellModules output
*_Type_*:
list of path to a modules or anything convertible to it or path convertible to it
*_Default_*
```
[]
```
## home
hosts, modules, suites, and profiles for home-manager
*_Type_*:
submodule
*_Default_*
```
{}
```
## home.externalModules
modules to include that won't be exported
meant importing modules from external flakes
*_Type_*:
list of valid module or path convertible to its or anything convertible to it
*_Default_*
```
[]
```
## home.importables
Packages of paths to be passed to modules as `specialArgs`.
*_Type_*:
attribute set
*_Default_*
```
{}
```
## home.importables.suites
collections of profiles
*_Type_*:
attribute set of list of paths or anything convertible to its
## home.modules
modules to include in all hosts and export to homeModules output
*_Type_*:
list of path to a modules or anything convertible to it or path convertible to it
*_Default_*
```
[]
```
## home.profiles
WARNING: The 'suites' and `profiles` options have been deprecated, you can now create
both with the importables option. `rakeLeaves` can be used to create profiles and
by passing a module or `rec` set to `importables`, suites can access profiles.
Example:
```
importables = rec {
profiles = digga.lib.importers.rakeLeaves ./profiles;
suites = with profiles; { };
}
```
See https://github.com/divnix/digga/pull/30 for more details
*_Type_*:
list of paths
*_Default_*
```
[]
```
## home.suites
WARNING: The 'suites' and `profiles` options have been deprecated, you can now create
both with the importables option. `rakeLeaves` can be used to create profiles and
by passing a module or `rec` set to `importables`, suites can access profiles.
Example:
```
importables = rec {
profiles = digga.lib.importers.rakeLeaves ./profiles;
suites = with profiles; { };
}
```
See https://github.com/divnix/digga/pull/30 for more details
*_Type_*:
function that evaluates to a(n) attrs or path convertible to it
## nixos
hosts, modules, suites, and profiles for nixos
*_Type_*:
submodule
*_Default_*
```
{}
```
## nixos.hostDefaults
Defaults for all hosts.
the modules passed under hostDefaults will be exported
to the 'nixosModules' flake output.
They will also be added to all hosts.
*_Type_*:
submodule
*_Default_*
```
{}
```
## nixos.hostDefaults.channelName
Channel this host should follow
*_Type_*:
a channel defined in `channels`
*_Default_*
```
null
```
## nixos.hostDefaults.externalModules
modules to include that won't be exported
meant importing modules from external flakes
*_Type_*:
list of valid module or path convertible to its or anything convertible to it
*_Default_*
```
[]
```
## nixos.hostDefaults.modules
modules to include in all hosts and export to nixosModules output
*_Type_*:
list of path to a modules or anything convertible to it or path convertible to it
*_Default_*
```
[]
```
## nixos.hostDefaults.system
system for this host
*_Type_*:
system defined in `supportedSystems`
*_Default_*
```
null
```
## nixos.hosts
configurations to include in the nixosConfigurations output
*_Type_*:
attribute set of submodules
*_Default_*
```
{}
```
## nixos.hosts.\<name\>.channelName
Channel this host should follow
*_Type_*:
a channel defined in `channels`
*_Default_*
```
null
```
## nixos.hosts.\<name\>.modules
modules to include
*_Type_*:
list of valid module or path convertible to its or anything convertible to it
*_Default_*
```
[]
```
## nixos.hosts.\<name\>.system
system for this host
*_Type_*:
system defined in `supportedSystems`
*_Default_*
```
null
```
## nixos.importables
Packages of paths to be passed to modules as `specialArgs`.
*_Type_*:
attribute set
*_Default_*
```
{}
```
## nixos.importables.suites
collections of profiles
*_Type_*:
attribute set of list of paths or anything convertible to its
## nixos.profiles
WARNING: The 'suites' and `profiles` options have been deprecated, you can now create
both with the importables option. `rakeLeaves` can be used to create profiles and
by passing a module or `rec` set to `importables`, suites can access profiles.
Example:
```
importables = rec {
profiles = digga.lib.importers.rakeLeaves ./profiles;
suites = with profiles; { };
}
```
See https://github.com/divnix/digga/pull/30 for more details
*_Type_*:
list of paths
*_Default_*
```
[]
```
## nixos.suites
WARNING: The 'suites' and `profiles` options have been deprecated, you can now create
both with the importables option. `rakeLeaves` can be used to create profiles and
by passing a module or `rec` set to `importables`, suites can access profiles.
Example:
```
importables = rec {
profiles = digga.lib.importers.rakeLeaves ./profiles;
suites = with profiles; { };
}
```
See https://github.com/divnix/digga/pull/30 for more details
*_Type_*:
function that evaluates to a(n) attrs or path convertible to it
## outputsBuilder
builder for flake system-spaced outputs
The builder gets passed an attrset of all channels
*_Type_*:
function that evaluates to a(n) attrs
*_Default_*
```
"channels: { }"
```
## self
The flake to create the devos outputs for
*_Type_*:
nix flake
## supportedSystems
The systems supported by this flake
*_Type_*:
list of strings
*_Default_*
```
["aarch64-linux","i686-linux","x86_64-darwin","x86_64-linux"]
```

View file

@ -13,16 +13,6 @@ the supported systems listed in the package's `meta.platforms` attribute.
And, as usual, every package in the overlay is also available to any NixOS
[host](../concepts/hosts.md).
## Automatic Source Updates
There is the added, but optional, convenience of declaring your sources in
_pkgs/flake.nix_ as an input. You can then access them from the `srcs` package.
This allows updates to be managed automatically by simply
[updating](../flk/update.md#updating-package-sources) the lock file. No
more manually entering sha256 hashes!
As an added bonus, version strings are also generated automatically from either
the flake ref, or the date and git revision of the source.
## Example
pkgs/development/libraries/libinih/default.nix:
```nix

View file

@ -20,29 +20,32 @@ partition to `/mnt/boot`:
```console
$ mount /dev/disk/by-label/nixos /mnt
$ mkdir -p /mnt/boot && mount /dev/disk/by-label/boot /mnt/boot # UEFI only
$ swapon /dev/$your_swap_partition
$ swapon /dev/disk/by-label/swap
```
Add some extra space to the store. In the iso, it's running on a tmpfs
off your RAM:
```console
$ mkdir -p /mnt/tmpstore/{work,store}
$ mount -t overlay overlay -olowerdir=/nix/store,upperdir=/mnt/tmpstore/store,workdir=/mnt/tmpstore/work /nix/store
```
## Install
Install using the `flk` wrapper baked into the iso off of a copy of devos
from the time the iso was built:
Install off of a copy of devos from the time the iso was built:
```console
$ cd /iso/devos
$ nix develop
$ flk install NixOS --impure # use same host as above
$ nixos-install --flake .#NixOS
```
<!-- TODO: find out why --impure is necesary / PRs welcome! -->
## Notes of interest
### Remote access to the live installer
The iso live installer comes preconfigured with a network configuration
which announces it's hostname via [MulticastDNS][mDNS] as `hostname.local`,
that is `NixOS.local` in the [iso example](./iso).
that is `bootstrap.local` in the [iso example](./iso).
In the rare case that [MulticastDNS][mDNS] is not availabe or turned off
in your network, there is a static link-local IPv6 address configured to
@ -66,7 +69,7 @@ You can then ssh into the live installer through one of the
following options:
```console
ssh root@NixOS.local
ssh root@bootstrap.local
ssh root@fe80::47%eno1 # where eno1 is your network interface on which you are linked to the target
```

View file

@ -1,14 +1,12 @@
# ISO
Making and writing an installable iso for `hosts/NixOS.nix` is as simple as:
Making and writing an installable iso for `hosts/bootstrap.nix` is as simple as:
```sh
flk iso NixOS
dd bs=4M if=result/iso/*.iso of=/dev/$your_installation_device \
status=progress oflag=sync
bud build bootstrap bootstrapIso
sudo -E $(which bud) burn
```
This works for any file matching `hosts/*.nix` excluding `default.nix`.
This works for any host.
## ISO image nix store & cache

View file

@ -22,7 +22,9 @@
},
"b12f-nix-fonts": {
"inputs": {
"nixpkgs": "nixpkgs"
"nixpkgs": [
"latest"
]
},
"locked": {
"lastModified": 1622501268,
@ -39,31 +41,42 @@
"url": "https://git.b12f.io/b12f/nix-fonts"
}
},
"ci-agent": {
"inputs": {
"flake-compat": "flake-compat",
"nix-darwin": [
"darwin"
],
"nixos-20_09": [
"nixos"
],
"nixos-unstable": [
"latest"
],
"pre-commit-hooks-nix": "pre-commit-hooks-nix"
},
"blank": {
"locked": {
"lastModified": 1626066948,
"narHash": "sha256-rBo4nCPyAHb1e/9ysYGH7tW1FV0N2XNvRcJR+g8gugA=",
"owner": "hercules-ci",
"repo": "hercules-ci-agent",
"rev": "7f3265cc42d5f364066c145939ee2812938b991c",
"lastModified": 1625557891,
"narHash": "sha256-O8/MWsPBGhhyPoPLHZAuoZiiHo9q6FLlEeIDEXuj6T4=",
"owner": "divnix",
"repo": "blank",
"rev": "5a5d2684073d9f563072ed07c871d577a6c614a8",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "hercules-ci-agent",
"owner": "divnix",
"repo": "blank",
"type": "github"
}
},
"bud": {
"inputs": {
"devshell": [
"digga",
"devshell"
],
"nixpkgs": [
"nixos"
]
},
"locked": {
"lastModified": 1627855680,
"narHash": "sha256-snDOrUp8nth2Vs3GeEXr7Xji+HaHy25htZLNvid/U3I=",
"owner": "divnix",
"repo": "bud",
"rev": "612228a68d404d559405225427a5d8b3cef9d27c",
"type": "github"
},
"original": {
"owner": "divnix",
"repo": "bud",
"type": "github"
}
},
@ -89,17 +102,23 @@
},
"deploy": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-compat": "flake-compat",
"naersk": "naersk",
"nixpkgs": "nixpkgs_2",
"utils": "utils"
"nixpkgs": [
"digga",
"nixpkgs"
],
"utils": [
"digga",
"flake-utils"
]
},
"locked": {
"lastModified": 1616406726,
"narHash": "sha256-n9zmgxR03QNrvs9/fHewqE0j3SjL7Y+cglBCFu3U3rg=",
"lastModified": 1628752686,
"narHash": "sha256-Lzh9MYUJDsjgif+YEyOErXtj1IH+ci8J1C30g1ms69s=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "9e405fbc5ab5bacbd271fd78c6b6b6877c4d9f8d",
"rev": "e5546f9c2503c26d175f08a81fc0a0f330be4cbe",
"type": "github"
},
"original": {
@ -110,11 +129,11 @@
},
"devshell": {
"locked": {
"lastModified": 1622013274,
"narHash": "sha256-mK/Lv0lCbl07dI5s7tR/7nb79HunKnJik3KyR6yeI2k=",
"lastModified": 1629275356,
"narHash": "sha256-R17M69EKXP6q8/mNHaK53ECwjFo1pdF+XaJC9Qq8zjg=",
"owner": "numtide",
"repo": "devshell",
"rev": "e7faf69e6bf8546517cc936c7f6d31c7eb3abcb2",
"rev": "26f25a12265f030917358a9632cd600b51af1d97",
"type": "github"
},
"original": {
@ -125,23 +144,33 @@
},
"digga": {
"inputs": {
"blank": "blank",
"deploy": "deploy",
"devshell": "devshell",
"nixlib": "nixlib",
"nixpkgs": "nixpkgs_3",
"utils": "utils_2"
"flake-utils": "flake-utils",
"flake-utils-plus": "flake-utils-plus",
"home-manager": [
"home"
],
"nix": "nix",
"nixlib": [
"nixos"
],
"nixos-generators": "nixos-generators",
"nixpkgs": [
"nixos"
]
},
"locked": {
"lastModified": 1623197477,
"narHash": "sha256-2Qk/uIHb1nXre2rRlGonAJmpuamBs7RRfgXhMmS5JkU=",
"lastModified": 1629419320,
"narHash": "sha256-ktoQQnRi/27juWC9YRNBj2RBG7lJU5h/kG8/KYFQt6M=",
"owner": "divnix",
"repo": "digga",
"rev": "f69703abc33f221b676966a8435c4f09ef70ff49",
"rev": "50f10e12156a08f71a189cca98498161fae9c952",
"type": "github"
},
"original": {
"owner": "divnix",
"ref": "master",
"repo": "digga",
"type": "github"
}
@ -162,44 +191,50 @@
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"flake-utils": {
"locked": {
"lastModified": 1606424373,
"narHash": "sha256-oq8d4//CJOrVj+EcOaSXvMebvuTkmBJuT5tzlfewUnQ=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "99f1c2157fba4bfe6211a321fd0ee43199025dbf",
"lastModified": 1623875721,
"narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "f7e004a55b120c02ecb6219596820fcd32ca8772",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils": {
"flake-utils-plus": {
"inputs": {
"flake-utils": [
"digga",
"flake-utils"
]
},
"locked": {
"lastModified": 1620759905,
"narHash": "sha256-WiyWawrgmyN0EdmiHyG2V+fqReiVi8bM9cRdMaKQOFg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "b543720b25df6ffdfcf9227afafc5b8c1fabfae8",
"lastModified": 1628855985,
"narHash": "sha256-OqhVFoCCA6GfGuMhZXQ5CrmZUYsumCJTwI72FOMf82I=",
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "a79a0b86e59dc087df6704f9b13b1ed951ef5c5f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"owner": "gytis-ivaskevicius",
"ref": "staging",
"repo": "flake-utils-plus",
"type": "github"
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1619345332,
"narHash": "sha256-qHnQkEp1uklKTpx3MvKtY6xzgcqXDsz5nLilbbuL+3A=",
"lastModified": 1623875721,
"narHash": "sha256-A8BU7bjS5GirpAUv4QA+QnJ4CceLHkcXdRp4xITDB0s=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "2ebf2558e5bf978c7fb8ea927dfaed8fefab2e28",
"rev": "f7e004a55b120c02ecb6219596820fcd32ca8772",
"type": "github"
},
"original": {
@ -215,44 +250,67 @@
]
},
"locked": {
"lastModified": 1626073055,
"narHash": "sha256-vocByfpVu6m9zvtJugDvmd6/9iT2HJuG4tmDICKd0lI=",
"lastModified": 1630076227,
"narHash": "sha256-p3YdtqSPLnMudWsLMgd6XMEhQKB2oz1hvDkHtOlz5/Q=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "775cb20bd4af7781fbf336fb201df02ee3d544bb",
"rev": "f5adb9be829f487f99bcc0f1884f74ddb85f70c8",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-21.05",
"repo": "home-manager",
"type": "github"
}
},
"latest": {
"locked": {
"lastModified": 1626195678,
"narHash": "sha256-fPjSHiZ0JqkmhWiPDPEqbs/fEjZukFCU80YMocg/MRg=",
"path": "/nix/store/nnzn6zsmdi6ass7yd6krvc2rdkxxp8nh-source",
"rev": "e223f84cd8c279b892c53f5d779d6e63eb4277eb",
"type": "path"
"lastModified": 1627942574,
"narHash": "sha256-guUcGRWvY2mfiVSet2x/zeHIyflm2wgglj0ldg0mMio=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "c464dc811babfe316ed4ab7bbc12351122e69dd7",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"lowdown-src": {
"flake": false,
"locked": {
"lastModified": 1617481909,
"narHash": "sha256-SqnfOFuLuVRRNeVJr1yeEPJue/qWoCp5N6o5Kr///p4=",
"owner": "kristapsdz",
"repo": "lowdown",
"rev": "148f9b2f586c41b7e36e73009db43ea68c7a1a4d",
"type": "github"
},
"original": {
"owner": "kristapsdz",
"ref": "VERSION_0_8_4",
"repo": "lowdown",
"type": "github"
}
},
"naersk": {
"inputs": {
"nixpkgs": [
"latest"
"digga",
"deploy",
"nixpkgs"
]
},
"locked": {
"lastModified": 1610392286,
"narHash": "sha256-3wFl5y+4YZO4SgRYK8WE7JIS3p0sxbgrGaQ6RMw+d98=",
"lastModified": 1622810282,
"narHash": "sha256-4wmvM3/xfD0hCdNDIXVzRMfL4yB1J+DjH6Zte2xbAxk=",
"owner": "nmattia",
"repo": "naersk",
"rev": "d7bfbad3304fd768c0f93a4c3b50976275e6d4be",
"rev": "e8061169e1495871b56be97c5c51d310fae01374",
"type": "github"
},
"original": {
@ -269,11 +327,11 @@
]
},
"locked": {
"lastModified": 1623927034,
"lastModified": 1629707199,
"narHash": "sha256-sGxlmfp5eXL5sAMNqHSb04Zq6gPl+JeltIZ226OYN0w=",
"owner": "nmattia",
"repo": "naersk",
"rev": "e09c320446c5c2516d430803f7b19f5833781337",
"rev": "df71f5e4babda41cd919a8684b72218e2e809fa9",
"type": "github"
},
"original": {
@ -282,17 +340,39 @@
"type": "github"
}
},
"nix": {
"inputs": {
"lowdown-src": "lowdown-src",
"nixpkgs": [
"digga",
"nixpkgs"
]
},
"locked": {
"lastModified": 1629360796,
"narHash": "sha256-KAcvr8eEhEqOQweDAsHurO9ECmfdptbU1UT7smcpyBs=",
"owner": "nixos",
"repo": "nix",
"rev": "ffa629b2c0ea6368deca700afdac53a6e14557aa",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nix",
"type": "github"
}
},
"nix-dram": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_4"
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1620663773,
"narHash": "sha256-Nfc2g9xUCPYBFKE5O7OdrDpCVspwk64S8EbsDYoY38c=",
"lastModified": 1628492639,
"narHash": "sha256-ffF/oEhLs/stAsXXobruKHyH9jnMC2rt/SM3ASrs2U8=",
"owner": "dramforever",
"repo": "nix-dram",
"rev": "86485e22621b17bcc4472889eedbd562498bb5a2",
"rev": "fba426108ea6bdeb1e362bac9da06cbd33726f41",
"type": "github"
},
"original": {
@ -301,34 +381,45 @@
"type": "github"
}
},
"nixlib": {
"locked": {
"lastModified": 1620519687,
"narHash": "sha256-+6Dd72b2CASuXm2W7KRxZIE7AOy/dj4mU28vaF+zxcs=",
"owner": "divnix",
"repo": "nixpkgs.lib",
"rev": "c7b6169809c5f74dd0c34f3d69e9d12ba4d448de",
"type": "github"
},
"original": {
"owner": "divnix",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixos": {
"locked": {
"lastModified": 1626046891,
"narHash": "sha256-Zt8saH+hAehXskW0iFAzk+iMillYoFBxvLReYNqGT9E=",
"owner": "NixOS",
"lastModified": 1630598110,
"narHash": "sha256-FD1xIDoKMOjBE8tHHp95aa5HfxKDCa+3kf5T7AA47tY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "d8f8f31af9d77a48220e4e8a301d1e79774cb7d2",
"rev": "6bfe71f2a4e2e425dee26b25d2309f341ff1600d",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-unstable",
"type": "indirect"
"owner": "nixos",
"ref": "release-21.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixos-generators": {
"inputs": {
"nixlib": [
"digga",
"nixlib"
],
"nixpkgs": [
"digga",
"blank"
]
},
"locked": {
"lastModified": 1624973746,
"narHash": "sha256-11JbJRduNwyf556gndGErR5/12ceyHOHBfEuha5Vws4=",
"owner": "nix-community",
"repo": "nixos-generators",
"rev": "022ef440af8dc237ab1f59fa363cb1e25783ec3e",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixos-generators",
"type": "github"
}
},
"nixos-hardware": {
@ -348,57 +439,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1622059058,
"narHash": "sha256-t1/ZMtyxClVSfcV4Pt5C1YpkeJ/UwFF3oitLD7Ch/UA=",
"lastModified": 1626556499,
"narHash": "sha256-c2ueMT7fi/yvCNq3nGLEC2v5GklS7eHpB1240LRSW9Y=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "84aa23742f6c72501f9cc209f29c438766f5352d",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixpkgs-unstable",
"type": "indirect"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1610942247,
"narHash": "sha256-PKo1ATAlC6BmfYSRmX0TVmNoFbrec+A5OKcabGEu2yU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "7d71001b796340b219d1bfa8552c81995017544a",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1620962350,
"narHash": "sha256-9ASW4d4/Z8HmRvuJI8rxbEOTbXTBpQ8y+CmFYBwtXzE=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "5d4a430472cafada97888cc80672fab255231f57",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1620340338,
"narHash": "sha256-Op/4K0+Z9Sp5jtFH0s/zMM4H7VFZxrekcAmjQ6JpQ4w=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "63586475587d7e0e078291ad4b49b6f6a6885100",
"rev": "b59c06dc92f8d03660eb4155754d93a6c34cda83",
"type": "github"
},
"original": {
@ -408,35 +453,47 @@
"type": "github"
}
},
"pkgs": {
"inputs": {
"nixpkgs": [
"nixos"
]
},
"nur": {
"locked": {
"narHash": "sha256-G+qmA0vMRMgEd0Wp+jMjbOe5Yz+5/Imh+wn6mTWit1o=",
"path": "./pkgs",
"type": "path"
},
"original": {
"path": "./pkgs",
"type": "path"
}
},
"pre-commit-hooks-nix": {
"flake": false,
"locked": {
"lastModified": 1622650193,
"narHash": "sha256-qSzUpJDv04ajS9FXoCq6NjVF3qOt9IiGIiGh0P8amyw=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "0398f0649e0a741660ac5e8216760bae5cc78579",
"lastModified": 1626378135,
"narHash": "sha256-koC6DBYmLCrgXA+AMHVaODf1uHYPmvcFygHfy3eg6vI=",
"owner": "nix-community",
"repo": "NUR",
"rev": "00c2ec8f0bbdf0cfb2135bde55fbae5d6b64aa6d",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"id": "nur",
"type": "indirect"
}
},
"nvfetcher": {
"inputs": {
"flake-compat": [
"digga",
"deploy",
"flake-compat"
],
"flake-utils": [
"digga",
"flake-utils-plus",
"flake-utils"
],
"nixpkgs": [
"latest"
]
},
"locked": {
"lastModified": 1627523399,
"narHash": "sha256-j9CgnUQpWcb8OB4LRzPW8BdxvmoROJptgptDlPA8Heo=",
"owner": "berberman",
"repo": "nvfetcher",
"rev": "fb8f2cc770ad3dd3e29d7ba3004692d4d53fba9b",
"type": "github"
},
"original": {
"owner": "berberman",
"repo": "nvfetcher",
"type": "github"
}
},
@ -444,50 +501,40 @@
"inputs": {
"agenix": "agenix",
"b12f-nix-fonts": "b12f-nix-fonts",
"ci-agent": "ci-agent",
"blank": [
"digga",
"blank"
],
"bud": "bud",
"darwin": "darwin",
"deploy": [
"digga",
"deploy"
],
"digga": "digga",
"flake-utils": [
"digga",
"flake-utils"
],
"flake-utils-plus": [
"digga",
"flake-utils-plus"
],
"home": "home",
"latest": "latest",
"naersk": "naersk_2",
"nix-dram": "nix-dram",
"nixlib": [
"digga",
"nixlib"
],
"nixos": "nixos",
"nixos-hardware": "nixos-hardware",
"pkgs": "pkgs"
}
},
"utils": {
"locked": {
"lastModified": 1610051610,
"narHash": "sha256-U9rPz/usA1/Aohhk7Cmc2gBrEEKRzcW4nwPWMPwja4Y=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "3982c9903e93927c2164caa727cd3f6a0e6d14cc",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"utils_2": {
"inputs": {
"flake-utils": "flake-utils"
},
"locked": {
"lastModified": 1622583383,
"narHash": "sha256-2DFx619SNfjzYwqx1ryae8zHnTh+N7VsZkbtAbrYIIA=",
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "6b2ea4b02cad77fac581c6a9ec4f822ba87dce5c",
"type": "github"
},
"original": {
"owner": "gytis-ivaskevicius",
"ref": "staging",
"repo": "flake-utils-plus",
"type": "github"
"nixpkgs": [
"nixos"
],
"nur": "nur",
"nvfetcher": "nvfetcher"
}
}
},

113
flake.nix
View file

@ -1,62 +1,95 @@
{
description = "A highly structured configuration database.";
nixConfig.extra-experimental-features = "nix-command flakes ca-references";
nixConfig.extra-substituters = "https://nrdxp.cachix.org https://nix-community.cachix.org";
nixConfig.extra-trusted-public-keys = "nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=";
inputs =
{
nixos.url = "nixpkgs/nixos-unstable";
latest.url = "nixpkgs";
digga.url = "github:divnix/digga/master";
nixos.url = "github:nixos/nixpkgs/release-21.05";
latest.url = "github:nixos/nixpkgs/nixos-unstable";
digga.url = "github:divnix/digga";
digga.inputs.nixpkgs.follows = "nixos";
digga.inputs.nixlib.follows = "nixos";
digga.inputs.home-manager.follows = "home";
bud.url = "github:divnix/bud";
bud.inputs.nixpkgs.follows = "nixos";
bud.inputs.devshell.follows = "digga/devshell";
home.url = "github:nix-community/home-manager/release-21.05";
home.inputs.nixpkgs.follows = "nixos";
ci-agent = {
url = "github:hercules-ci/hercules-ci-agent";
inputs = { nix-darwin.follows = "darwin"; nixos-20_09.follows = "nixos"; nixos-unstable.follows = "latest"; };
};
darwin.url = "github:LnL7/nix-darwin";
darwin.inputs.nixpkgs.follows = "latest";
home.url = "github:nix-community/home-manager";
home.inputs.nixpkgs.follows = "nixos";
naersk.url = "github:nmattia/naersk";
naersk.inputs.nixpkgs.follows = "latest";
deploy.follows = "digga/deploy";
agenix.url = "github:ryantm/agenix";
agenix.inputs.nixpkgs.follows = "latest";
nvfetcher.url = "github:berberman/nvfetcher";
nvfetcher.inputs.nixpkgs.follows = "latest";
nvfetcher.inputs.flake-compat.follows = "digga/deploy/flake-compat";
nvfetcher.inputs.flake-utils.follows = "digga/flake-utils-plus/flake-utils";
naersk.url = "github:nmattia/naersk";
naersk.inputs.nixpkgs.follows = "latest";
nixos-hardware.url = "github:nixos/nixos-hardware";
pkgs.url = "path:./pkgs";
pkgs.inputs.nixpkgs.follows = "nixos";
# start ANTI CORRUPTION LAYER
# remove after https://github.com/NixOS/nix/pull/4641
nixpkgs.follows = "nixos";
nixlib.follows = "digga/nixlib";
blank.follows = "digga/blank";
flake-utils-plus.follows = "digga/flake-utils-plus";
flake-utils.follows = "digga/flake-utils";
# end ANTI CORRUPTION LAYER
# PubSolarOS additions
nix-dram.url = "github:dramforever/nix-dram";
# b12f additions
b12f-nix-fonts.url = "git+https://git.b12f.io/b12f/nix-fonts?ref=main";
b12f-nix-fonts.inputs.nixpkgs.follows = "latest";
};
outputs =
inputs@{ self
, pkgs
{ self
, digga
, bud
, nixos
, ci-agent
, home
, nixos-hardware
, nur
, agenix
, nvfetcher
, deploy
, nix-dram
, b12f-nix-fonts
, ...
}: digga.lib.mkFlake {
} @ inputs:
digga.lib.mkFlake
{
inherit self inputs;
channelsConfig = { allowUnfree = true; };
channels = {
nixos = {
imports = [ (digga.lib.importers.overlays ./overlays) ];
imports = [ (digga.lib.importOverlays ./overlays) ];
overlays = [
./pkgs/default.nix
pkgs.overlay # for `srcs`
digga.overlays.patchedNix
nur.overlay
agenix.overlay
nvfetcher.overlay
deploy.overlay
nix-dram.overlay
b12f-nix-fonts.overlay
./pkgs/default.nix
];
};
latest = { };
@ -66,6 +99,7 @@
sharedOverlays = [
(final: prev: {
__dontExport = true;
lib = prev.lib.extend (lfinal: lprev: {
our = self.lib;
});
@ -76,24 +110,25 @@
hostDefaults = {
system = "x86_64-linux";
channelName = "nixos";
modules = ./modules/module-list.nix;
imports = [ (digga.lib.importModules ./modules) ];
externalModules = [
{ _module.args.ourLib = self.lib; }
ci-agent.nixosModules.agent-profile
{ lib.our = self.lib; }
digga.nixosModules.bootstrapIso
digga.nixosModules.nixConfig
home.nixosModules.home-manager
agenix.nixosModules.age
./modules/customBuilds.nix
bud.nixosModules.bud
];
};
imports = [ (digga.lib.importers.hosts ./hosts) ];
imports = [ (digga.lib.importHosts ./hosts) ];
hosts = {
/* set host specific properties here */
NixOS = { };
};
importables = rec {
profiles = digga.lib.importers.rakeLeaves ./profiles // {
users = digga.lib.importers.rakeLeaves ./users;
profiles = digga.lib.rakeLeaves ./profiles // {
users = digga.lib.rakeLeaves ./users;
};
suites = with profiles; rec {
base = [ core users.nixos users.root ];
@ -101,33 +136,39 @@
anonymous = pubsolaros ++ [ users.nixos ];
b12f = pubsolaros ++ [ users.ben ];
biolimo = b12f ++ [ graphical ];
chocolatebar = b12f ++ [ graphical virtualisation ];
chocolatebar = b12f ++ [ graphical ];
};
};
};
home = {
modules = ./users/modules/module-list.nix;
imports = [ (digga.lib.importModules ./users/modules) ];
externalModules = [ ];
importables = rec {
profiles = digga.lib.importers.rakeLeaves ./users/profiles;
profiles = digga.lib.rakeLeaves ./users/profiles;
suites = with profiles; rec {
base = [ direnv git ];
};
};
users = {
nixos = { suites, ... }: { imports = suites.base; };
}; # digga.lib.importers.rakeLeaves ./users/hm;
};
devshell.externalModules = { pkgs, ... }: {
packages = [ pkgs.agenix ];
};
devshell = ./shell;
homeConfigurations = digga.lib.mkHomeConfigurations self.nixosConfigurations;
deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations { };
defaultTemplate = self.templates.flk;
templates.flk.path = ./.;
templates.flk.description = "flk template";
defaultTemplate = self.templates.bud;
templates.bud.path = ./.;
templates.bud.description = "bud template";
}
//
{
budModules = { devos = import ./bud; };
}
;
}

26
hosts/biolimo/biolimo.nix Normal file
View file

@ -0,0 +1,26 @@
{ config, pkgs, lib, ... }:
with lib;
let
psCfg = config.pub-solar;
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
in
{
imports = [
./configuration.nix
];
config = {
pub-solar.x-os.keyfile = "/etc/nixos/hosts/biolimo/secrets/keyfile.bin";
hardware.cpu.intel.updateMicrocode = true;
networking.firewall.allowedTCPPorts = [ 5000 ];
home-manager.users."${psCfg.user.name}".xdg.configFile = mkIf psCfg.sway.enable {
"sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf;
"sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf;
"sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
"sway/config.d/10-custom-keybindings.conf".source = ./.config/sway/config.d/custom-keybindings.conf;
};
};
}

View file

@ -15,82 +15,12 @@
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
# networking.hostName = "nixos"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Set your time zone.
# time.timeZone = "Europe/Amsterdam";
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# };
# Enable the X11 windowing system.
# services.xserver.enable = true;
# Configure keymap in X11
# services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e";
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# sound.enable = true;
# hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
# users.users.jane = {
# isNormalUser = true;
# extraGroups = [ "wheel" ]; # Enable sudo for the user.
# };
# List packages installed in system profile. To search, run:
# $ nix search wget
# environment.systemPackages = with pkgs; [
# wget vim
# firefox
# ];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "21.05"; # Did you read the comment?
system.stateVersion = "20.09"; # Did you read the comment?
}

View file

@ -1,6 +1,6 @@
{ suites, ... }:
{
imports = [
./base.nix
./biolimo.nix
] ++ suites.biolimo;
}

18
hosts/bootstrap.nix Normal file
View file

@ -0,0 +1,18 @@
{ profiles, ... }:
{
# build with: `bud build bootstrap bootstrapIso`
# reachable on the local link via ssh root@fe80::47%eno1
# where 'eno1' is replaced by your own machine's network
# interface that has the local link to the target machine
imports = [
# profiles.networking
profiles.core
profiles.users.root # make sure to configure ssh keys
profiles.users.nixos
];
boot.loader.systemd-boot.enable = true;
# will be overridden by the bootstrapIso instrumentation
fileSystems."/" = { device = "/dev/disk/by-label/nixos"; };
}

View file

@ -0,0 +1,31 @@
{ config, pkgs, lib, ... }:
with lib;
let
psCfg = config.pub-solar;
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
in
{
imports = [
./configuration.nix
./virtualisation
];
config = {
pub-solar.x-os.keyfile = "/etc/nixos/hosts/chocolatebar/secrets/keyfile.bin";
pub-solar.virtualisation.isolateGPU = "rx550x";
hardware.cpu.amd.updateMicrocode = true;
hardware.opengl.extraPackages = with pkgs; [
rocm-opencl-icd
rocm-opencl-runtime
];
home-manager.users."${psCfg.user.name}".xdg.configFile = mkIf psCfg.sway.enable {
"sway/config.d/10-autostart.conf".source = ./.config/sway/config.d/autostart.conf;
"sway/config.d/10-input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf;
"sway/config.d/10-screens.conf".source = ./.config/sway/config.d/screens.conf;
};
};
}

View file

@ -15,81 +15,11 @@
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
# networking.hostName = "nixos"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Set your time zone.
# time.timeZone = "Europe/Amsterdam";
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# };
# Enable the X11 windowing system.
# services.xserver.enable = true;
# Configure keymap in X11
# services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e";
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# sound.enable = true;
# hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
# users.users.jane = {
# isNormalUser = true;
# extraGroups = [ "wheel" ]; # Enable sudo for the user.
# };
# List packages installed in system profile. To search, run:
# $ nix search wget
# environment.systemPackages = with pkgs; [
# wget vim
# firefox
# ];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "21.05"; # Did you read the comment?
system.stateVersion = "20.09"; # Did you read the comment?
}

View file

@ -1,6 +1,6 @@
{ suites, ... }:
{
imports = [
./base.nix
./chocolatebar.nix
] ++ suites.chocolatebar;
}

View file

@ -1,33 +0,0 @@
{ lib, self, diggaLib, config, modules, channel, ... }:
let
mkBuild = buildModule:
# TODO: get specialArgs as a module argument and drop builderArgs usage
channel.input.lib.nixosSystem (diggaLib.mergeAny config.lib.builderArgs {
modules = [ buildModule ];
});
in
{
system.build = {
iso = (mkBuild (diggaLib.modules.isoConfig {
inherit self;
fullHostConfig = config;
})).config.system.build.isoImage;
homes = (mkBuild ({ config, ... }: {
home-manager.useUserPackages = lib.mkForce false;
home-manager.sharedModules = [
{
home.sessionVariables = {
inherit (config.environment.sessionVariables) NIX_PATH;
};
xdg.configFile."nix/registry.json".text =
config.environment.etc."nix/registry.json".text;
}
];
})).config.home-manager.users;
digitalOcean = (mkBuild ({ modulesPath, ... }: {
imports = [ "${modulesPath}/virtualisation/digital-ocean-image.nix" ];
})).config.system.build.digitalOceanImage;
};
}

View file

@ -0,0 +1,11 @@
{ config, ... }: {
home-manager.sharedModules = [
{
home.sessionVariables = {
inherit (config.environment.sessionVariables) NIX_PATH;
};
xdg.configFile."nix/registry.json".text =
config.environment.etc."nix/registry.json".text;
}
];
}

View file

@ -1,21 +0,0 @@
[
# ./compat
./user
./x-os
./sway
./graphical
./docker
./audio
./email
./crypto
./nextcloud
./gaming
./virtualisation
./social
./devops
./terminal-life
./server
./printing
./office
./uhk
]

7
modules/nix-path.nix Normal file
View file

@ -0,0 +1,7 @@
{ channel, inputs, ... }: {
nix.nixPath = [
"nixpkgs=${channel.input}"
"nixos-config=${../lib/compat/nixos}"
"home-manager=${inputs.home}"
];
}

5
overlays/manix.nix Normal file
View file

@ -0,0 +1,5 @@
final: prev: {
manix = prev.manix.overrideAttrs (o: rec{
inherit (prev.sources.manix) pname version src;
});
}

View file

@ -7,8 +7,8 @@ channels: final: prev: {
dhall
discord
element-desktop
manix
rage
docker-compose
neovim-unwrapped
nixpkgs-fmt
qutebrowser
@ -16,15 +16,15 @@ channels: final: prev: {
starship;
haskellPackages = prev.haskellPackages.override {
overrides = hfinal: hprev:
haskellPackages = prev.haskellPackages.override
(old: {
overrides = prev.lib.composeExtensions (old.overrides or (_: _: { })) (hfinal: hprev:
let version = prev.lib.replaceChars [ "." ] [ "" ] prev.ghc.version;
in
{
# same for haskell packages, matching ghc versions
inherit (channels.latest.haskell.packages."ghc${version}")
haskell-language-server;
};
};
});
});
}

View file

@ -0,0 +1,11 @@
final: prev: {
# Since: https://github.com/NixOS/nixpkgs/pull/126137
nix-direnv =
if builtins.hasAttr "enableFlakes" prev.nix-direnv.override.__functionArgs
then
prev.nix-direnv.override
{
enableFlakes = true;
}
else prev.nix-direnv;
}

View file

@ -0,0 +1,16 @@
# This file was generated by nvfetcher, please do not modify it manually.
{ fetchgit, fetchurl }:
{
manix = {
pname = "manix";
version = "d08e7ca185445b929f097f8bfb1243a8ef3e10e4";
src = fetchgit {
url = "https://github.com/mlvzk/manix";
rev = "d08e7ca185445b929f097f8bfb1243a8ef3e10e4";
fetchSubmodules = false;
deepClone = false;
leaveDotGit = false;
sha256 = "1b7xi8c2drbwzfz70czddc4j33s7g1alirv12dwl91hbqxifx8qs";
};
};
}

View file

@ -1,5 +1,8 @@
final: prev:
with final; {
with final; {
# keep sources this first
sources = prev.callPackage (import ./_sources/generated.nix) { };
# then, call packages with `final.callPackage`
import-gtk-settings = writeShellScriptBin "import-gtk-settings" (import ./import-gtk-settings.nix final);
mailto-mutt = writeShellScriptBin "mailto-mutt" (import ./mailto-mutt.nix final);
mopidy-jellyfin = import ./mopidy-jellyfin.nix final;

View file

@ -1,25 +0,0 @@
{
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1615926763,
"narHash": "sha256-yeq8A3EPNuQVlsxlEQrIRsklfJwJK0Us6jtcG/u8wNs=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b702a56d417647de4090ac56c0f18bdc7e646610",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}

View file

@ -1,52 +0,0 @@
{
description = "Package Sources";
inputs = { };
outputs = { self, nixpkgs, ... }: {
overlay = final: prev: {
inherit (self) srcs;
};
srcs =
let
inherit (nixpkgs) lib;
mkVersion = name: input:
let
inputs = (builtins.fromJSON
(builtins.readFile ./flake.lock)).nodes;
ref =
if lib.hasAttrByPath [ name "original" "ref" ] inputs
then inputs.${name}.original.ref
else "";
version =
let version' = builtins.match
"[[:alpha:]]*[-._]?([0-9]+(\.[0-9]+)*)+"
ref;
in
if lib.isList version'
then lib.head version'
else if input ? lastModifiedDate && input ? shortRev
then "${lib.substring 0 8 input.lastModifiedDate}_${input.shortRev}"
else null;
in
version;
in
lib.mapAttrs
(pname: input:
let
version = mkVersion pname input;
in
input // { inherit pname; }
// lib.optionalAttrs (! isNull version)
{
inherit version;
}
)
(lib.filterAttrs (n: _: n != "nixpkgs")
self.inputs);
};
}

4
pkgs/sources.toml Normal file
View file

@ -0,0 +1,4 @@
# nvfetcher.toml
[manix]
src.git = "https://github.com/mlvzk/manix"
fetch.github = "mlvzk/manix"

View file

@ -116,7 +116,7 @@ EXEC 01;32
#.sh 01;32
#.csh 01;32
# archives or compressed (bright red)
# archives or compressed (bright red)
.tar 01;31
.tgz 01;31
.arc 01;31

View file

@ -4,7 +4,7 @@
# Format is XDG_xxx_DIR="$HOME/yyy", where yyy is a shell-escaped
# homedir-relative path, or XDG_xxx_DIR="/yyy", where /yyy is an
# absolute path. No other format is supported.
#
XDG_DESKTOP_DIR="$HOME/"
XDG_DOWNLOAD_DIR="$HOME/Downloads"
XDG_TEMPLATES_DIR="$HOME/Templates"

10
shell/default.nix Normal file
View file

@ -0,0 +1,10 @@
{ self, inputs, ... }:
{
externalModules = with inputs; [
bud.devshellModules.bud
];
modules = [
./devos.nix
];
}

61
shell/devos.nix Normal file
View file

@ -0,0 +1,61 @@
{ pkgs, extraModulesPath, ... }:
let
hooks = import ./hooks;
pkgWithCategory = category: package: { inherit package category; };
linter = pkgWithCategory "linter";
docs = pkgWithCategory "docs";
devos = pkgWithCategory "devos";
in
{
_file = toString ./.;
imports = [ "${extraModulesPath}/git/hooks.nix" ];
git = { inherit hooks; };
# tempfix: remove when merged https://github.com/numtide/devshell/pull/123
devshell.startup.load_profiles = pkgs.lib.mkForce (pkgs.lib.noDepEntry ''
# PATH is devshell's exorbitant privilige:
# fence against its pollution
_PATH=''${PATH}
# Load installed profiles
for file in "$DEVSHELL_DIR/etc/profile.d/"*.sh; do
# If that folder doesn't exist, bash loves to return the whole glob
[[ -f "$file" ]] && source "$file"
done
# Exert exorbitant privilige and leave no trace
export PATH=''${_PATH}
unset _PATH
'');
packages = with pkgs; [
git-crypt
];
commands = with pkgs; [
(devos nixUnstable)
(devos agenix)
{
category = "devos";
name = pkgs.nvfetcher-bin.pname;
help = pkgs.nvfetcher-bin.meta.description;
command = "cd $DEVSHELL_ROOT/pkgs; ${pkgs.nvfetcher-bin}/bin/nvfetcher -c ./sources.toml --no-output $@";
}
(linter nixpkgs-fmt)
(linter editorconfig-checker)
# (docs python3Packages.grip) too many deps
(docs mdbook)
]
++ lib.optional
(pkgs ? deploy-rs)
(devos deploy-rs.deploy-rs)
++ lib.optional
(system != "i686-linux")
(devos cachix)
;
}

4
shell/hooks/default.nix Normal file
View file

@ -0,0 +1,4 @@
{
enable = true;
pre-commit.text = builtins.readFile ./pre-commit.sh;
}

29
shell/hooks/pre-commit.sh Executable file
View file

@ -0,0 +1,29 @@
#!/usr/bin/env bash
if git rev-parse --verify HEAD >/dev/null 2>&1
then
against=HEAD
else
# Initial commit: diff against an empty tree object
against=$(${git}/bin/git hash-object -t tree /dev/null)
fi
diff="git diff-index --name-only --cached $against --diff-filter d"
nix_files=($($diff -- '*.nix'))
all_files=($($diff))
# Format staged nix files.
if [[ -n "${nix_files[@]}" ]]; then
nixpkgs-fmt "${nix_files[@]}" \
&& git add "${nix_files[@]}"
fi
# check editorconfig
editorconfig-checker -- "${all_files[@]}"
if [[ $? != '0' ]]; then
printf "%b\n" \
"\nCode is not aligned with .editorconfig" \
"Review the output and commit your fixes" >&2
exit 1
fi

View file

View file

@ -1 +0,0 @@
[ ]

View file

@ -1,8 +1,6 @@
{ ... }:
{ hmUsers, ... }:
{
home-manager.users.nixos = { suites, ... }: {
imports = suites.base;
};
home-manager.users = { inherit (hmUsers) nixos; };
users.users.nixos = {
uid = 1000;

View file

@ -1,6 +1,9 @@
{
programs.direnv = {
enable = true;
enableNixDirenvIntegration = true;
nix-direnv = {
enable = true;
enableFlakes = true;
};
};
}