{ inputs = rec { nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-25.11"; # Fork required: openthread-border-router is not yet in nixpkgs-unstable. # Used by modules/nixos/homeassistant/services/thread/default.nix nixpkgs-otbr.url = "github:mrene/nixpkgs/openthread-border-router"; home-manager-unstable = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs-unstable"; }; nixpkgs = nixpkgs-unstable; home-manager = home-manager-unstable; # The name "snowfall-lib" is required due to how Snowfall Lib processes your # flake's inputs. Using a personal fork for custom changes. snowfall-lib = { url = "github:mjallen18/snowfall-lib"; inputs.nixpkgs.follows = "nixpkgs"; }; impermanence.url = "github:nix-community/impermanence"; lanzaboote.url = "github:nix-community/lanzaboote/v1.0.0"; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; sops-nix.url = "github:Mic92/sops-nix"; nix-cachyos-kernel.url = "github:xddxdd/nix-cachyos-kernel/release"; steam-rom-manager = { url = "github:mjallen18/nix-steam-rom-manager"; inputs.nixpkgs.follows = "nixpkgs"; inputs.home-manager.follows = "home-manager"; }; cosmic = { url = "github:lilyinstarlight/nixos-cosmic"; inputs.nixpkgs.follows = "nixpkgs"; }; nix-vscode-extensions.url = "github:nix-community/nix-vscode-extensions"; authentik-nix = { url = "github:nix-community/authentik-nix"; inputs.nixpkgs.follows = "nixpkgs-stable"; }; disko = { # the fork is needed for partition attributes support # url = "github:nvmd/disko/gpt-attrs"; url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; }; darwin.url = "github:nix-darwin/nix-darwin/master"; nix-homebrew.url = "github:zhaofengli/nix-homebrew"; homebrew-core = { url = "github:homebrew/homebrew-core"; flake = false; }; homebrew-cask = { url = "github:homebrew/homebrew-cask"; flake = false; }; nixos-apple-silicon.url = "github:nix-community/nixos-apple-silicon"; pre-commit-hooks-nix = { url = "github:cachix/pre-commit-hooks.nix"; inputs.nixpkgs.follows = "nixpkgs"; }; treefmt-nix = { url = "github:numtide/treefmt-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; nix-index-database = { url = "github:nix-community/nix-index-database"; inputs = { nixpkgs.follows = "nixpkgs"; }; }; lsfg-vk = { url = "github:pabloaul/lsfg-vk-flake"; inputs.nixpkgs.follows = "nixpkgs"; }; nix-plist-manager.url = "github:sushydev/nix-plist-manager"; nix-rosetta-builder = { url = "github:cpick/nix-rosetta-builder"; inputs.nixpkgs.follows = "nixpkgs"; }; stylix = { url = "github:nix-community/stylix"; inputs.nixpkgs.follows = "nixpkgs"; }; jovian = { url = "github:Jovian-Experiments/Jovian-NixOS"; inputs.nixpkgs.follows = "nixpkgs"; }; llama-cpp = { url = "github:ggml-org/llama.cpp"; inputs.nixpkgs.follows = "nixpkgs"; }; plasma-manager = { url = "github:nix-community/plasma-manager"; inputs.nixpkgs.follows = "nixpkgs"; inputs.home-manager.follows = "home-manager"; }; }; # We will handle this in the next section. outputs = inputs: inputs.snowfall-lib.mkFlake { # You must provide our flake inputs to Snowfall Lib. inherit inputs; # The `src` must be the root of the flake. See configuration # in the next section for information on how you can move your # Nix files to a separate directory. src = ./.; overlays = with inputs; [ nix-vscode-extensions.overlays.default nix-cachyos-kernel.overlays.default # writeShellApplication uses lib.toShellVar which generates unquoted # variable assignments for simple strings (e.g. username=admin). # shellcheck SC2209 flags this as a warning, breaking the build when # the value matches a command name. Exclude SC2209 globally. (_final: prev: { writeShellApplication = args: prev.writeShellApplication ( args // { excludeShellChecks = (args.excludeShellChecks or [ ]) ++ [ "SC2209" ]; } ); }) ]; # Add a module to a specific host. systems = { # common modules modules = { nixos = with inputs; [ authentik-nix.nixosModules.default disko.nixosModules.disko impermanence.nixosModules.impermanence lanzaboote.nixosModules.lanzaboote sops-nix.nixosModules.sops home-manager.nixosModules.home-manager nix-index-database.nixosModules.nix-index stylix.nixosModules.stylix ]; # External HM modules injected into ALL homes — both standalone # homeConfigurations and homes embedded in nixosConfigurations. # The snowfall-lib fork patches create-systems to pass systems.modules.home # into create-home-system-modules so both paths are covered from here. # The ARM guard for steam-rom-manager is handled by that module itself. home = with inputs; [ nix-index-database.homeModules.nix-index steam-rom-manager.homeManagerModules.default sops-nix.homeManagerModules.sops stylix.homeModules.stylix plasma-manager.homeModules.plasma-manager ]; darwin = with inputs; [ nix-homebrew.darwinModules.nix-homebrew home-manager.darwinModules.home-manager nix-plist-manager.darwinModules.default nix-rosetta-builder.darwinModules.default nix-index-database.darwinModules.nix-index stylix.darwinModules.stylix ]; }; # Host config hosts = { # ###################################################### # Desktop # # ###################################################### matt-nixos = { modules = with inputs; [ nixos-hardware.nixosModules.common-cpu-amd nixos-hardware.nixosModules.common-cpu-amd-pstate # nixos-hardware.nixosModules.common-cpu-amd-zenpower nixos-hardware.nixosModules.common-gpu-amd nixos-hardware.nixosModules.common-hidpi nixos-hardware.nixosModules.common-pc lsfg-vk.nixosModules.default ]; }; # ###################################################### # NAS # # ###################################################### jallen-nas = { # home-manager is already in systems.modules.nixos above modules = with inputs; [ nixos-hardware.nixosModules.common-pc nixos-hardware.nixosModules.common-cpu-amd nixos-hardware.nixosModules.common-cpu-amd-pstate # nixos-hardware.nixosModules.common-cpu-amd-zenpower nixos-hardware.nixosModules.common-hidpi ]; }; # ###################################################### # NUC # # ###################################################### nuc-nixos = { # disko is already in systems.modules.nixos above modules = with inputs; [ nixos-hardware.nixosModules.common-cpu-amd nixos-hardware.nixosModules.common-cpu-amd-pstate # nixos-hardware.nixosModules.common-cpu-amd-zenpower nixos-hardware.nixosModules.common-gpu-amd nixos-hardware.nixosModules.common-hidpi nixos-hardware.nixosModules.common-pc ]; }; # ###################################################### # Mac # # ###################################################### macbook-pro-nixos = { modules = with inputs; [ nixos-apple-silicon.nixosModules.default lsfg-vk.nixosModules.default ]; }; # ###################################################### # AllyX # # ###################################################### allyx = { modules = with inputs; [ nixos-hardware.nixosModules.common-cpu-amd nixos-hardware.nixosModules.common-cpu-amd-pstate # nixos-hardware.nixosModules.common-cpu-amd-zenpower nixos-hardware.nixosModules.common-gpu-amd nixos-hardware.nixosModules.common-hidpi nixos-hardware.nixosModules.common-pc lsfg-vk.nixosModules.default jovian.nixosModules.jovian ]; }; }; }; # Configure Snowfall Lib, all of these settings are optional. snowfall = { # Choose a namespace to use for your flake's packages, library, # and overlays. namespace = "mjallen"; # Add flake metadata that can be processed by tools like Snowfall Frost. meta = { # A slug to use in documentation when displaying things like file paths. name = "mjallen"; # A title to show for your flake, typically the name. title = "mjallen Flake"; }; }; channels-config = { allowUnfree = true; allowUnsupportedSystem = true; permittedInsecurePackages = [ # ... # "libsoup-2.74.3" # "mbedtls-2.28.10" # ecdsa is pulled in by srp → ha-icloud3 custom component. # CVE-2024-23342 applies to timing-sensitive cryptographic use cases, # not the SRP authentication usage here. "python3.14-ecdsa-0.19.1" ]; }; outputs-builder = channels: { formatter = inputs.treefmt-nix.lib.mkWrapper channels.nixpkgs ./treefmt.nix; # mjallen-lib overlay is auto-discovered from overlays/mjallen-lib/default.nix }; }; }