mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Files
2b2fa1bdbc3ed791ab2a3c06fcf42720360c3428
nix-config/flake.nix
mjallen18 2b2fa1bdbc merge
2025-05-08 15:40:47 -05:00

610 lines
19 KiB
Nix
Executable File
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{
description = "flake for matt-nixos";
inputs = {
#####################################################
# Desktop #
#####################################################
# nixpgs
desktop-nixpkgs = {
url = "github:NixOS/nixpkgs/staging-next";
};
# Chaotic-nix
desktop-chaotic = {
url = "github:chaotic-cx/nyx/nyxpkgs-unstable";
};
# Home Manager
desktop-home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "desktop-nixpkgs";
};
# Impermenance
desktop-impermanence = {
url = "github:nix-community/impermanence";
};
# Lanzaboote
desktop-lanzaboote = {
url = "github:nix-community/lanzaboote/v0.4.2";
inputs.nixpkgs.follows = "desktop-nixpkgs";
};
# Nix hardware
desktop-nixos-hardware = {
url = "github:NixOS/nixos-hardware/master";
};
# Sops-nix
desktop-sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "desktop-nixpkgs";
};
# steam rom manager
desktop-steam-rom-manager = {
url = "github:mjallen18/nix-steam-rom-manager";
inputs.nixpkgs.follows = "desktop-nixpkgs";
inputs.home-manager.follows = "desktop-home-manager";
};
#####################################################
# NAS #
#####################################################
# nixpgs
nas-nixpkgs = {
# url = "github:NixOS/nixpkgs/nixos-24.11";
url = "github:NixOS/nixpkgs/nixos-unstable";
};
nas-nixpkgs-stable = {
url = "github:NixOS/nixpkgs/nixos-24.11";
};
# Authentik
nas-authentik-nix = {
url = "github:nix-community/authentik-nix";
inputs.nixpkgs.follows = "nas-nixpkgs";
};
# cosmic launcher
nas-cosmic = {
url = "github:lilyinstarlight/nixos-cosmic";
inputs.nixpkgs.follows = "nas-nixpkgs-stable";
};
# crowdsec
nas-crowdsec = {
url = "git+https://codeberg.org/kampka/nix-flake-crowdsec.git";
inputs.nixpkgs.follows = "nas-nixpkgs";
};
# Home Manager
nas-home-manager = {
# url = "github:nix-community/home-manager/release-24.11";
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nas-nixpkgs";
};
# Impermenance
nas-impermanence = {
url = "github:nix-community/impermanence";
};
# Lanzaboote
nas-lanzaboote = {
url = "github:nix-community/lanzaboote/v0.4.2";
inputs.nixpkgs.follows = "nas-nixpkgs";
};
# Nix hardware
nas-nixos-hardware = {
url = "github:NixOS/nixos-hardware/master";
};
# Sops-nix
nas-sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nas-nixpkgs";
};
#####################################################
# Pi5 #
#####################################################
# nixpgs
Pi5-nixpkgs = {
url = "github:NixOS/nixpkgs/nixos-24.11";
};
# Home Manager
Pi5-home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "Pi5-nixpkgs";
};
# Impermenance
Pi5-impermanence = {
url = "github:nix-community/impermanence";
};
# Nix hardware
Pi5-nixos-hardware = {
url = "github:NixOS/nixos-hardware/master";
};
# Sops-nix
Pi5-sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "Pi5-nixpkgs";
};
raspberry-pi-nix.url = "github:nix-community/raspberry-pi-nix";
#####################################################
# Steamdeck #
#####################################################
# nixpgs
steamdeck-nixpkgs = {
url = "github:NixOS/nixpkgs/nixos-unstable";
};
# Joviain for steamdeck
steamdeck-jovian = {
url = "github:Jovian-Experiments/Jovian-NixOS";
inputs.nixpkgs.follows = "steamdeck-nixpkgs";
};
# Chaotic-nix
steamdeck-chaotic = {
url = "github:chaotic-cx/nyx/nyxpkgs-unstable";
};
# Impermenance
steamdeck-impermanence = {
url = "github:nix-community/impermanence";
};
# Home Manager
steamdeck-home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "steamdeck-nixpkgs";
};
# Lanzaboote
steamdeck-lanzaboote = {
url = "github:nix-community/lanzaboote/v0.4.2";
inputs.nixpkgs.follows = "steamdeck-nixpkgs";
};
# Sops-nix
steamdeck-sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "steamdeck-nixpkgs";
};
# Nix hardware
steamdeck-nixos-hardware = {
url = "github:NixOS/nixos-hardware/master";
};
# steam rom manager
steamdeck-steam-rom-manager = {
url = "github:mjallen18/nix-steam-rom-manager";
inputs.nixpkgs.follows = "steamdeck-nixpkgs";
inputs.home-manager.follows = "steamdeck-home-manager";
};
#####################################################
# MacBook #
#####################################################
#Apple
nix-darwin = {
url = "github:LnL7/nix-darwin";
inputs.nixpkgs.follows = "desktop-nixpkgs";
};
#####################################################
# Common #
#####################################################
nixpkgs-unstable = {
url = "github:NixOS/nixpkgs/nixos-unstable";
};
nixpkgs-stable = {
url = "github:NixOS/nixpkgs/nixos-24.11";
};
};
outputs =
{
self,
# Desktop
desktop-nixpkgs,
desktop-chaotic,
desktop-home-manager,
desktop-impermanence,
desktop-lanzaboote,
desktop-nixos-hardware,
desktop-sops-nix,
desktop-steam-rom-manager,
# NAS
nas-nixpkgs,
nas-nixpkgs-stable,
nas-authentik-nix,
nas-cosmic,
nas-crowdsec,
nas-home-manager,
nas-impermanence,
nas-lanzaboote,
nas-nixos-hardware,
nas-sops-nix,
# Pi5
Pi5-nixpkgs,
Pi5-home-manager,
Pi5-impermanence,
Pi5-nixos-hardware,
Pi5-sops-nix,
raspberry-pi-nix,
# Steamdeck
steamdeck-nixpkgs,
steamdeck-chaotic,
steamdeck-home-manager,
steamdeck-impermanence,
steamdeck-jovian,
steamdeck-lanzaboote,
steamdeck-nixos-hardware,
steamdeck-sops-nix,
steamdeck-steam-rom-manager,
# MacBook
nix-darwin,
# Common
nixpkgs-unstable,
nixpkgs-stable,
}@inputs:
let
inherit (self) outputs;
in
{
overlays = import ./overlays { inherit inputs; };
nixosConfigurations = {
# Desktop
"matt-nixos" = desktop-nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs outputs;
};
modules = [
desktop-impermanence.nixosModules.impermanence
desktop-lanzaboote.nixosModules.lanzaboote
./hosts/desktop/configuration.nix
./share/impermanence
desktop-chaotic.nixosModules.default
desktop-home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.matt =
{ ... }:
{
imports = [
./hosts/desktop/home.nix
desktop-steam-rom-manager.homeManagerModules.default
desktop-sops-nix.homeManagerModules.sops
];
};
home-manager.users.root =
{ ... }:
{
imports = [
./share/root-user
desktop-sops-nix.homeManagerModules.sops
];
};
home-manager.backupFileExtension = "backup";
}
desktop-nixos-hardware.nixosModules.common-cpu-amd
desktop-nixos-hardware.nixosModules.common-gpu-amd
desktop-nixos-hardware.nixosModules.common-hidpi
desktop-nixos-hardware.nixosModules.common-pc
desktop-sops-nix.nixosModules.sops
];
};
# NAS
"jallen-nas" = nas-nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs outputs;
};
modules = [
nas-impermanence.nixosModules.impermanence
nas-lanzaboote.nixosModules.lanzaboote
nas-cosmic.nixosModules.default
./hosts/nas/configuration.nix
./hosts/nas/impermanence.nix
nas-home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = false;
home-manager.useUserPackages = true;
home-manager.users.admin =
{ ... }:
{
imports = [
./hosts/nas/home.nix
nas-sops-nix.homeManagerModules.sops
];
};
home-manager.users.root =
{ ... }:
{
imports = [
./share/root-user
nas-sops-nix.homeManagerModules.sops
];
};
home-manager.backupFileExtension = "backup";
}
nas-authentik-nix.nixosModules.default
nas-sops-nix.nixosModules.sops
nas-crowdsec.nixosModules.crowdsec
nas-crowdsec.nixosModules.crowdsec-firewall-bouncer
(
{ ... }:
{
nixpkgs.overlays = [ nas-crowdsec.overlays.default ];
}
)
nas-nixos-hardware.nixosModules.common-pc
nas-nixos-hardware.nixosModules.common-cpu-amd
nas-nixos-hardware.nixosModules.common-hidpi
];
};
# Pi5
"pi5" = Pi5-nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [
Pi5-nixos-hardware.nixosModules.raspberry-pi-4
Pi5-impermanence.nixosModules.impermanence
./hosts/pi5/configuration.nix
Pi5-sops-nix.nixosModules.sops
raspberry-pi-nix.nixosModules.raspberry-pi
raspberry-pi-nix.nixosModules.sd-image
Pi5-home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.matt =
{ ... }:
{
imports = [
./hosts/pi5/home.nix
Pi5-sops-nix.homeManagerModules.sops
];
};
}
];
};
"steamdeck" = steamdeck-nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs outputs;
};
modules = [
steamdeck-impermanence.nixosModules.impermanence
steamdeck-lanzaboote.nixosModules.lanzaboote
./hosts/deck/configuration.nix
./share/impermanence
steamdeck-home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.deck =
{ ... }:
{
imports = [
./hosts/deck/home.nix
steamdeck-steam-rom-manager.homeManagerModules.default
];
};
home-manager.backupFileExtension = "backup";
}
steamdeck-nixos-hardware.nixosModules.common-cpu-amd
steamdeck-nixos-hardware.nixosModules.common-gpu-amd
steamdeck-nixos-hardware.nixosModules.common-hidpi
steamdeck-nixos-hardware.nixosModules.common-pc
steamdeck-sops-nix.nixosModules.sops
steamdeck-jovian.nixosModules.jovian
steamdeck-chaotic.nixosModules.default
];
};
# home assistant
# "jallen-hass" = nixpkgs-unstable.lib.nixosSystem {
# system = "x86_64-linux";
# modules = [
# impermanence.nixosModules.impermanence
# ./hosts/homeassistant/configuration.nix
# sops-nix.nixosModules.sops
# home-manager.nixosModules.home-manager
# {
# home-manager.useGlobalPkgs = true;
# home-manager.useUserPackages = true;
# home-manager.users.hass-admin = import ./hosts/homeassistant/home.nix;
# }
# ];
# };
};
darwinConfigurations = {
"MacBook-Pro" = nix-darwin.lib.darwinSystem {
system = "aarch64-darwin";
modules = [
./hosts/mac/configuration.nix
desktop-home-manager.darwinModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.mattjallen = import ./hosts/mac/home.nix;
}
];
};
};
# Improved build-all app
apps.x86_64-linux.build-all =
let
pkgs = nas-nixpkgs.legacyPackages.x86_64-linux;
in
{
type = "app";
program = toString (
pkgs.writeShellScript "build-all" ''
#!/usr/bin/env bash
set -euo pipefail
# Get the list of system names directly from flake.nix
# This avoids JSON serialization issues
systems=($(grep -o '"[^"]*"[[:space:]]*=' flake.nix | grep -v '_\|#\|"\.\|\*' | sed 's/"//g' | sed 's/=//g' | xargs))
echo "Found systems: ''${systems[@]}"
echo "Building all compatible systems..."
# Track success/failure
success=()
failure=()
for system in "''${systems[@]}"; do
echo "Attempting to build $system..."
# Detect system type without JSON evaluation
if nix eval --raw ".#nixosConfigurations.$system.pkgs.stdenv.hostPlatform.system" 2>/dev/null; then
system_type=$(nix eval --raw ".#nixosConfigurations.$system.pkgs.stdenv.hostPlatform.system" 2>/dev/null || echo "unknown")
# Only build if we're on the same system type or can cross-compile
if [ "$system_type" = "x86_64-linux" ]; then
echo "Building $system (x86_64-linux)..."
if nix build ".#nixosConfigurations.$system.config.system.build.toplevel" --out-link "./result-$system" --no-link; then
echo " Successfully built $system"
# Copy to the binary cache
echo "Copying $system to binary cache..."
nix copy --to "https://cache.mjallen.dev?secret-key=/etc/nix/cache-priv-key.pem" ".#nixosConfigurations.$system.config.system.build.toplevel"
success+=("$system")
else
echo " Failed to build $system"
failure+=("$system")
fi
elif [ "$system_type" = "aarch64-linux" ] && command -v qemu-aarch64-static >/dev/null 2>&1; then
echo "Cross-building $system (aarch64-linux)..."
if nix build ".#nixosConfigurations.$system.config.system.build.toplevel" --system aarch64-linux --out-link "./result-$system" --no-link; then
echo " Successfully built $system"
nix copy --to "https://cache.mjallen.dev?secret-key=/etc/nix/cache-priv-key.pem" ".#nixosConfigurations.$system.config.system.build.toplevel"
success+=("$system")
else
echo " Failed to build $system"
failure+=("$system")
fi
else
echo " Skipping $system ($system_type) - incompatible with this host"
failure+=("$system (incompatible)")
fi
elif nix eval --raw ".#darwinConfigurations.$system.system" 2>/dev/null; then
echo "Found Darwin system $system, attempting to build packages..."
if nix build ".#darwinConfigurations.$system.system" --out-link "./result-darwin-$system" --no-link; then
echo " Successfully built $system packages"
nix copy --to "https://cache.mjallen.dev?secret-key=/etc/nix/cache-priv-key.pem" ".#darwinConfigurations.$system.system"
success+=("$system (darwin)")
else
echo " Failed to build $system packages"
failure+=("$system (darwin)")
fi
else
echo " Skipping $system - could not determine system type"
failure+=("$system (unknown)")
fi
done
# Summary
echo ""
echo "===== Build Summary ====="
echo " Successfully built: ''${success[*]:-none}"
echo " Failed to build: ''${failure[*]:-none}"
# Return error code if any builds failed
if [ ''${#failure[@]} -gt 0 ]; then
exit 1
fi
''
);
};
# You could also provide a separate script that only lists systems
apps.x86_64-linux.list-systems =
let
pkgs = nas-nixpkgs.legacyPackages.x86_64-linux;
in
{
type = "app";
program = toString (
pkgs.writeShellScript "list-systems" ''
#!/usr/bin/env bash
set -euo pipefail
# Get systems from flake.nix
systems=($(grep -o '"[^"]*"[[:space:]]*=' flake.nix | grep -v '_\|#\|"\.\|\*' | sed 's/"//g' | sed 's/=//g' | xargs))
echo "Found systems in flake.nix:"
for system in "''${systems[@]}"; do
# Try to determine if it's a NixOS or Darwin system
if nix eval --raw ".#nixosConfigurations.$system.pkgs.stdenv.hostPlatform.system" 2>/dev/null; then
system_type=$(nix eval --raw ".#nixosConfigurations.$system.pkgs.stdenv.hostPlatform.system" 2>/dev/null)
echo " - $system (NixOS, $system_type)"
elif nix eval --raw ".#darwinConfigurations.$system.system" 2>/dev/null; then
echo " - $system (Darwin)"
else
echo " - $system (unknown type)"
fi
done
''
);
};
# Expose the package set, including overlays, for convenience.
darwinPackages = self.darwinConfigurations."MacBook-Pro".pkgs;
# Set Git commit hash for darwin-version.
system.configurationRevision = self.rev or self.dirtyRev or null;
};
}
Reference in New Issue View Git Blame Copy Permalink