{ description = "flake for matt-nixos"; inputs = { ##################################################### # Desktop # ##################################################### # nixpgs desktop-nixpkgs = { url = "github:NixOS/nixpkgs/staging-next"; }; # Chaotic-nix desktop-chaotic = { url = "github:chaotic-cx/nyx/nyxpkgs-unstable"; }; # Home Manager desktop-home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "desktop-nixpkgs"; }; # Impermenance desktop-impermanence = { url = "github:nix-community/impermanence"; }; # Lanzaboote desktop-lanzaboote = { url = "github:nix-community/lanzaboote/v0.4.2"; inputs.nixpkgs.follows = "desktop-nixpkgs"; }; # Nix hardware desktop-nixos-hardware = { url = "github:NixOS/nixos-hardware/master"; }; # Sops-nix desktop-sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "desktop-nixpkgs"; }; # steam rom manager desktop-steam-rom-manager = { url = "github:mjallen18/nix-steam-rom-manager"; inputs.nixpkgs.follows = "desktop-nixpkgs"; inputs.home-manager.follows = "desktop-home-manager"; }; ##################################################### # NAS # ##################################################### # nixpgs nas-nixpkgs = { # url = "github:NixOS/nixpkgs/nixos-24.11"; url = "github:NixOS/nixpkgs/nixos-unstable"; }; nas-nixpkgs-stable = { url = "github:NixOS/nixpkgs/nixos-24.11"; }; # Authentik nas-authentik-nix = { url = "github:nix-community/authentik-nix"; inputs.nixpkgs.follows = "nas-nixpkgs"; }; # cosmic launcher nas-cosmic = { url = "github:lilyinstarlight/nixos-cosmic"; inputs.nixpkgs.follows = "nas-nixpkgs-stable"; }; # crowdsec nas-crowdsec = { url = "git+https://codeberg.org/kampka/nix-flake-crowdsec.git"; inputs.nixpkgs.follows = "nas-nixpkgs"; }; # Home Manager nas-home-manager = { # url = "github:nix-community/home-manager/release-24.11"; url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nas-nixpkgs"; }; # Impermenance nas-impermanence = { url = "github:nix-community/impermanence"; }; # Lanzaboote nas-lanzaboote = { url = "github:nix-community/lanzaboote/v0.4.2"; inputs.nixpkgs.follows = "nas-nixpkgs"; }; # Nix hardware nas-nixos-hardware = { url = "github:NixOS/nixos-hardware/master"; }; # Sops-nix nas-sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nas-nixpkgs"; }; ##################################################### # Pi5 # ##################################################### # nixpgs Pi5-nixpkgs = { url = "github:NixOS/nixpkgs/nixos-24.05"; }; # Home Manager Pi5-home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "Pi5-nixpkgs"; }; # Impermenance Pi5-impermanence = { url = "github:nix-community/impermanence"; }; # Nix hardware Pi5-nixos-hardware = { url = "github:NixOS/nixos-hardware/master"; }; # Sops-nix Pi5-sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "Pi5-nixpkgs"; }; nixos-raspberrypi.url = "github:nvmd/nixos-raspberrypi"; ##################################################### # Steamdeck # ##################################################### # nixpgs steamdeck-nixpkgs = { url = "github:NixOS/nixpkgs/nixos-unstable"; }; # Joviain for steamdeck steamdeck-jovian = { url = "github:Jovian-Experiments/Jovian-NixOS"; inputs.nixpkgs.follows = "steamdeck-nixpkgs"; }; # Chaotic-nix steamdeck-chaotic = { url = "github:chaotic-cx/nyx/nyxpkgs-unstable"; }; # Impermenance steamdeck-impermanence = { url = "github:nix-community/impermanence"; }; # Home Manager steamdeck-home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "steamdeck-nixpkgs"; }; # Lanzaboote steamdeck-lanzaboote = { url = "github:nix-community/lanzaboote/v0.4.2"; inputs.nixpkgs.follows = "steamdeck-nixpkgs"; }; # Sops-nix steamdeck-sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "steamdeck-nixpkgs"; }; # Nix hardware steamdeck-nixos-hardware = { url = "github:NixOS/nixos-hardware/master"; }; # steam rom manager steamdeck-steam-rom-manager = { url = "github:mjallen18/nix-steam-rom-manager"; inputs.nixpkgs.follows = "steamdeck-nixpkgs"; inputs.home-manager.follows = "steamdeck-home-manager"; }; ##################################################### # MacBook # ##################################################### #Apple nix-darwin = { url = "github:LnL7/nix-darwin"; inputs.nixpkgs.follows = "desktop-nixpkgs"; }; ##################################################### # Common # ##################################################### nixpkgs-unstable = { url = "github:NixOS/nixpkgs/nixos-unstable"; }; nixpkgs-stable = { url = "github:NixOS/nixpkgs/nixos-24.11"; }; }; outputs = { self, # Desktop desktop-nixpkgs, desktop-chaotic, desktop-home-manager, desktop-impermanence, desktop-lanzaboote, desktop-nixos-hardware, desktop-sops-nix, desktop-steam-rom-manager, # NAS nas-nixpkgs, nas-nixpkgs-stable, nas-authentik-nix, nas-cosmic, nas-crowdsec, nas-home-manager, nas-impermanence, nas-lanzaboote, nas-nixos-hardware, nas-sops-nix, # Pi5 Pi5-nixpkgs, Pi5-home-manager, Pi5-impermanence, Pi5-nixos-hardware, Pi5-sops-nix, nixos-raspberrypi, # Steamdeck steamdeck-nixpkgs, steamdeck-chaotic, steamdeck-home-manager, steamdeck-impermanence, steamdeck-jovian, steamdeck-lanzaboote, steamdeck-nixos-hardware, steamdeck-sops-nix, steamdeck-steam-rom-manager, # MacBook nix-darwin, # Common nixpkgs-unstable, nixpkgs-stable, }@inputs: let inherit (self) outputs; in { overlays = import ./overlays { inherit inputs; }; nixosConfigurations = { # Desktop "matt-nixos" = desktop-nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit inputs outputs; }; modules = [ desktop-impermanence.nixosModules.impermanence desktop-lanzaboote.nixosModules.lanzaboote ./hosts/desktop/configuration.nix ./share/impermanence desktop-chaotic.nixosModules.default desktop-home-manager.nixosModules.home-manager { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.users.matt = { ... }: { imports = [ ./hosts/desktop/home.nix desktop-steam-rom-manager.homeManagerModules.default desktop-sops-nix.homeManagerModules.sops ]; }; home-manager.users.root = { ... }: { imports = [ ./share/root-user desktop-sops-nix.homeManagerModules.sops ]; }; home-manager.backupFileExtension = "backup"; } desktop-nixos-hardware.nixosModules.common-cpu-amd desktop-nixos-hardware.nixosModules.common-gpu-amd desktop-nixos-hardware.nixosModules.common-hidpi desktop-nixos-hardware.nixosModules.common-pc desktop-sops-nix.nixosModules.sops ]; }; # NAS "jallen-nas" = nas-nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit inputs outputs; }; modules = [ nas-impermanence.nixosModules.impermanence nas-lanzaboote.nixosModules.lanzaboote nas-cosmic.nixosModules.default ./hosts/nas/configuration.nix ./hosts/nas/impermanence.nix nas-home-manager.nixosModules.home-manager { home-manager.useGlobalPkgs = false; home-manager.useUserPackages = true; home-manager.users.admin = { ... }: { imports = [ ./hosts/nas/home.nix nas-sops-nix.homeManagerModules.sops ]; }; home-manager.users.root = { ... }: { imports = [ ./share/root-user nas-sops-nix.homeManagerModules.sops ]; }; home-manager.backupFileExtension = "backup"; } nas-authentik-nix.nixosModules.default nas-sops-nix.nixosModules.sops nas-crowdsec.nixosModules.crowdsec nas-crowdsec.nixosModules.crowdsec-firewall-bouncer ( { ... }: { nixpkgs.overlays = [ nas-crowdsec.overlays.default ]; } ) nas-nixos-hardware.nixosModules.common-pc nas-nixos-hardware.nixosModules.common-cpu-amd nas-nixos-hardware.nixosModules.common-hidpi ]; }; # Pi5 "pi5" = nixos-raspberrypi.lib.nixosSystem { specialArgs = inputs; modules = [ Pi5-impermanence.nixosModules.impermanence ./hosts/pi5/configuration.nix { # Hardware specific configuration, see section below for a more complete # list of modules imports = with nixos-raspberrypi.nixosModules; [ raspberry-pi-5.base raspberry-pi-5.display-vc4 raspberry-pi-5.bluetooth ]; } ({ config, pkgs, lib, ... }: let kernelBundle = pkgs.linuxAndFirmware.v6_6_31; in { boot = { loader.raspberryPi.firmwarePackage = kernelBundle.raspberrypifw; kernelPackages = kernelBundle.linuxPackages_rpi5; }; nixpkgs.overlays = lib.mkAfter [ (self: super: { # This is used in (modulesPath + "/hardware/all-firmware.nix") when at least # enableRedistributableFirmware is enabled # I know no easier way to override this package inherit (kernelBundle) raspberrypiWirelessFirmware; # Some derivations want to use it as an input, # e.g. raspberrypi-dtbs, omxplayer, sd-image-* modules inherit (kernelBundle) raspberrypifw; }) ]; networking.hostName = "pi5"; system.nixos.tags = let cfg = config.boot.loader.raspberryPi; in [ "raspberry-pi-${cfg.variant}" cfg.bootloader config.boot.kernelPackages.kernel.version ]; }) # ... ]; }; # "pi5" = Pi5-nixpkgs.lib.nixosSystem { # system = "aarch64-linux"; # modules = [ # Pi5-nixos-hardware.nixosModules.raspberry-pi-4 # Pi5-impermanence.nixosModules.impermanence # ./hosts/pi5/configuration.nix # Pi5-sops-nix.nixosModules.sops # Pi5-home-manager.nixosModules.home-manager # { # home-manager.useGlobalPkgs = true; # home-manager.useUserPackages = true; # home-manager.users.matt = # { ... }: # { # imports = [ # ./hosts/pi5/home.nix # Pi5-sops-nix.homeManagerModules.sops # ]; # }; # } # ]; # }; "steamdeck" = steamdeck-nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit inputs outputs; }; modules = [ steamdeck-impermanence.nixosModules.impermanence steamdeck-lanzaboote.nixosModules.lanzaboote ./hosts/deck/configuration.nix ./share/impermanence steamdeck-home-manager.nixosModules.home-manager { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.users.deck = { ... }: { imports = [ ./hosts/deck/home.nix steamdeck-steam-rom-manager.homeManagerModules.default ]; }; home-manager.backupFileExtension = "backup"; } steamdeck-nixos-hardware.nixosModules.common-cpu-amd steamdeck-nixos-hardware.nixosModules.common-gpu-amd steamdeck-nixos-hardware.nixosModules.common-hidpi steamdeck-nixos-hardware.nixosModules.common-pc steamdeck-sops-nix.nixosModules.sops steamdeck-jovian.nixosModules.jovian steamdeck-chaotic.nixosModules.default ]; }; # home assistant # "jallen-hass" = nixpkgs-unstable.lib.nixosSystem { # system = "x86_64-linux"; # modules = [ # impermanence.nixosModules.impermanence # ./hosts/homeassistant/configuration.nix # sops-nix.nixosModules.sops # home-manager.nixosModules.home-manager # { # home-manager.useGlobalPkgs = true; # home-manager.useUserPackages = true; # home-manager.users.hass-admin = import ./hosts/homeassistant/home.nix; # } # ]; # }; }; darwinConfigurations = { "MacBook-Pro" = nix-darwin.lib.darwinSystem { system = "aarch64-darwin"; modules = [ ./hosts/mac/configuration.nix desktop-home-manager.darwinModules.home-manager { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.users.mattjallen = import ./hosts/mac/home.nix; } ]; }; }; # Improved build-all app apps.x86_64-linux.build-all = let pkgs = nas-nixpkgs.legacyPackages.x86_64-linux; in { type = "app"; program = toString ( pkgs.writeShellScript "build-all" '' #!/usr/bin/env bash set -euo pipefail # Get the list of system names directly from flake.nix # This avoids JSON serialization issues systems=($(grep -o '"[^"]*"[[:space:]]*=' flake.nix | grep -v '_\|#\|"\.\|\*' | sed 's/"//g' | sed 's/=//g' | xargs)) echo "Found systems: ''${systems[@]}" echo "Building all compatible systems..." # Track success/failure success=() failure=() for system in "''${systems[@]}"; do echo "Attempting to build $system..." # Detect system type without JSON evaluation if nix eval --raw ".#nixosConfigurations.$system.pkgs.stdenv.hostPlatform.system" 2>/dev/null; then system_type=$(nix eval --raw ".#nixosConfigurations.$system.pkgs.stdenv.hostPlatform.system" 2>/dev/null || echo "unknown") # Only build if we're on the same system type or can cross-compile if [ "$system_type" = "x86_64-linux" ]; then echo "Building $system (x86_64-linux)..." if nix build ".#nixosConfigurations.$system.config.system.build.toplevel" --out-link "./result-$system" --no-link; then echo "✅ Successfully built $system" # Copy to the binary cache echo "Copying $system to binary cache..." nix copy --to "https://cache.mjallen.dev?secret-key=/etc/nix/cache-priv-key.pem" ".#nixosConfigurations.$system.config.system.build.toplevel" success+=("$system") else echo "❌ Failed to build $system" failure+=("$system") fi elif [ "$system_type" = "aarch64-linux" ] && command -v qemu-aarch64-static >/dev/null 2>&1; then echo "Cross-building $system (aarch64-linux)..." if nix build ".#nixosConfigurations.$system.config.system.build.toplevel" --system aarch64-linux --out-link "./result-$system" --no-link; then echo "✅ Successfully built $system" nix copy --to "https://cache.mjallen.dev?secret-key=/etc/nix/cache-priv-key.pem" ".#nixosConfigurations.$system.config.system.build.toplevel" success+=("$system") else echo "❌ Failed to build $system" failure+=("$system") fi else echo "⚠️ Skipping $system ($system_type) - incompatible with this host" failure+=("$system (incompatible)") fi elif nix eval --raw ".#darwinConfigurations.$system.system" 2>/dev/null; then echo "Found Darwin system $system, attempting to build packages..." if nix build ".#darwinConfigurations.$system.system" --out-link "./result-darwin-$system" --no-link; then echo "✅ Successfully built $system packages" nix copy --to "https://cache.mjallen.dev?secret-key=/etc/nix/cache-priv-key.pem" ".#darwinConfigurations.$system.system" success+=("$system (darwin)") else echo "❌ Failed to build $system packages" failure+=("$system (darwin)") fi else echo "⚠️ Skipping $system - could not determine system type" failure+=("$system (unknown)") fi done # Summary echo "" echo "===== Build Summary =====" echo "✅ Successfully built: ''${success[*]:-none}" echo "❌ Failed to build: ''${failure[*]:-none}" # Return error code if any builds failed if [ ''${#failure[@]} -gt 0 ]; then exit 1 fi '' ); }; # You could also provide a separate script that only lists systems apps.x86_64-linux.list-systems = let pkgs = nas-nixpkgs.legacyPackages.x86_64-linux; in { type = "app"; program = toString ( pkgs.writeShellScript "list-systems" '' #!/usr/bin/env bash set -euo pipefail # Get systems from flake.nix systems=($(grep -o '"[^"]*"[[:space:]]*=' flake.nix | grep -v '_\|#\|"\.\|\*' | sed 's/"//g' | sed 's/=//g' | xargs)) echo "Found systems in flake.nix:" for system in "''${systems[@]}"; do # Try to determine if it's a NixOS or Darwin system if nix eval --raw ".#nixosConfigurations.$system.pkgs.stdenv.hostPlatform.system" 2>/dev/null; then system_type=$(nix eval --raw ".#nixosConfigurations.$system.pkgs.stdenv.hostPlatform.system" 2>/dev/null) echo " - $system (NixOS, $system_type)" elif nix eval --raw ".#darwinConfigurations.$system.system" 2>/dev/null; then echo " - $system (Darwin)" else echo " - $system (unknown type)" fi done '' ); }; # Expose the package set, including overlays, for convenience. darwinPackages = self.darwinConfigurations."MacBook-Pro".pkgs; # Set Git commit hash for darwin-version. system.configurationRevision = self.rev or self.dirtyRev or null; }; }