]> Git — Sourcephile - julm/julm-nix.git/blob - flake.nix
sourcephile / git / julm / julm-nix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
compat(nix): do not require to build with flake
[julm/julm-nix.git] / flake.nix
1 {
2 description = "julm's Nix configurations for hosts (NixOS) and homes (home-manager)";
3 /*
4 nixConfig = {
5 extra-substituters = [
6 "https://nix-community.cachix.org"
7 ];
8 extra-trusted-public-keys = [
9 "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
10 ];
11 };
12 */
13
14 nixConfig = {
15 # Explanation: required due to the applyPatches on nixpkgs below.
16 allow-import-from-derivation = true;
17 };
18
19 # https://status.nixos.org
20 # nix flake update nixpkgs --override-flake nixpkgs github:NixOS/nixpkgs/2c3e5ec5df46d3aeee2a1da0bfedd74e21f4bf3a --allow-dirty-locks
21 inputs = {
22 azaharPlus = {
23 url = "github:AzaharPlus/AzaharPlus?submodules=1";
24 flake = false;
25 };
26 flake-compat = {
27 url = "github:NixOS/flake-compat";
28 flake = false;
29 };
30 jjui = {
31 url = "github:idursun/jjui";
32 flake = false;
33 };
34 /*
35 doom-emacs.flake = false;
36 doom-emacs.url = "github:hlissner/doom-emacs";
37 */
38 jj-fugitive = {
39 url = "github:martintrojer/jj-fugitive";
40 flake = false;
41 };
42 sivansh11-jj-nvim = {
43 url = "github:sivansh11/jj";
44 flake = false;
45 };
46 eagle-nvim = {
47 url = "github:soulis-1256/eagle.nvim";
48 flake = false;
49 };
50 bufstack = {
51 url = "github:BibekBhusal0/bufstack.nvim";
52 flake = false;
53 };
54 jj-diffconflicts = {
55 url = "github:rafikdraoui/jj-diffconflicts";
56 flake = false;
57 };
58 NicolasGB-jj-nvim = {
59 url = "github:NicolasGB/jj.nvim";
60 #url = "git+file:///home/julm/src/lua/jj.nvim";
61 flake = false;
62 };
63 git-hooks.inputs.nixpkgs.follows = "nixpkgs";
64 git-hooks.url = "github:cachix/git-hooks.nix";
65 home-manager.inputs.nixpkgs.follows = "nixpkgs";
66 home-manager.url = "github:nix-community/home-manager/release-25.11";
67 #home-manager.url = "git+file:///home/julm/src/nix/home-manager";
68 nixos-hardware.url = "github:NixOS/nixos-hardware/master";
69 #nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
70 nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
71 nixpkgs-unstable.url = "github:NixOS/nixpkgs/master";
72 nixpkgs-unstable-latest.url = "github:NixOS/nixpkgs";
73 lanzaboote = {
74 url = "github:nix-community/lanzaboote/v1.0.0";
75 inputs.nixpkgs.follows = "nixpkgs";
76 inputs.pre-commit.follows = "git-hooks";
77 };
78 };
79
80 outputs =
81 inputs:
82 let
83 remoteNixpkgsPatches = import nixpkgs/patches.nix;
84 localNixpkgsPatches = [
85 nixpkgs/patches/openvpn/openvpn-netns.patch
86 nixpkgs/patches/openvpn/0001-nixos-netns-init-module-to-manage-network-namespaces.patch
87 ];
88 originPkgs = inputs.nixpkgs.legacyPackages."x86_64-linux";
89 nixpkgsPath = originPkgs.applyPatches {
90 name = "nixpkgs-patched";
91 src = inputs.nixpkgs.outPath;
92 patches = map originPkgs.fetchpatch remoteNixpkgsPatches ++ localNixpkgsPatches;
93 postPatch = ''
94 patch=$(printf '%s\n' ${
95 builtins.concatStringsSep " " (map (p: p.sha256) remoteNixpkgsPatches ++ localNixpkgsPatches)
96 } |
97 sort | sha256sum | cut -c -7)
98 echo "-patch-$patch" >.version-suffix
99 '';
100 };
101 profile = "/nix/var/nix/profiles/system";
102 inherit (inputs.nixpkgs) lib;
103 overlays = import nixpkgs/overlays.nix;
104 #nixosSystem = lib.nixosSystem;
105 nixosSystem = import (nixpkgsPath + "/nixos/lib/eval-config.nix");
106 forAllSystems =
107 f:
108 lib.genAttrs lib.systems.flakeExposed (
109 system:
110 f rec {
111 inherit system;
112 #pkgs = inputs.nixpkgs.legacyPackages.${system};
113 pkgs = import nixpkgsPath {
114 inherit system;
115 overlays = overlays { inherit inputs system; };
116 };
117 }
118 );
119 self =
120 with lib.fileset;
121 toSource {
122 root = ./.;
123 fileset =
124 let
125 exts = [
126 "clear"
127 "conf"
128 "cred"
129 "crt"
130 "css"
131 "el"
132 "hs"
133 "inc"
134 "json"
135 "lua"
136 "nft"
137 "nix"
138 "patch"
139 "pem"
140 "pub"
141 "sh"
142 "theme"
143 "toml"
144 "vim"
145 ];
146 in
147 unions [
148 (fileFilter (file: lib.any file.hasExt exts) ./domains)
149 (fileFilter (file: lib.any file.hasExt exts) ./home-manager)
150 (fileFilter (file: lib.any file.hasExt exts) ./homes)
151 (fileFilter (file: lib.any file.hasExt exts) ./hosts)
152 (fileFilter (file: lib.any file.hasExt exts) ./nixos)
153 (fileFilter (file: lib.any file.hasExt exts) ./nixpkgs)
154 (fileFilter (file: lib.any file.hasExt exts) ./users)
155 ./shell.nix
156 ];
157 };
158 in
159 rec {
160 # nix -L build .#hello
161 packages = forAllSystems ({ pkgs, ... }: pkgs);
162
163 # nix -L build .#nixosConfigurations.oignon.config.system.build.toplevel
164 # nix -L build .#nixosConfigurations.oignon.config.boot.kernelPackages.kernel.configfile
165 # nix -L build .#nixosConfigurations.oignon.pkgs.hello
166 # nix eval --raw .#nixosConfigurations.oignon.config.networking.nftables.ruleset
167 nixosConfigurations =
168 lib.genAttrs
169 (builtins.attrNames (
170 lib.filterAttrs (_n: v: v == "directory") (builtins.readDir (self + "/hosts"))
171 ))
172 (
173 hostName:
174 nixosSystem {
175 system = null;
176 specialArgs = {
177 # Required to avoid infinite recursion
178 # when `inputs` is used in `imports`.
179 inherit inputs;
180 };
181 modules = [
182 nixos/default.nix
183 ./hosts.nix
184 (import (self + "/hosts/${hostName}.nix"))
185 inputs.lanzaboote.nixosModules.lanzaboote
186 inputs.home-manager.nixosModules.home-manager
187 (
188 { config, ... }:
189 let
190 inherit (config.nixpkgs.hostPlatform) system;
191 pkgs-unstable = import inputs.nixpkgs-unstable.outPath {
192 inherit system;
193 overlays = overlays { inherit inputs system; };
194 };
195 pkgs-unstable-latest = import inputs.nixpkgs-unstable-latest.outPath {
196 inherit system;
197 overlays = overlays { inherit inputs system; };
198 };
199 in
200 {
201 _module.args = {
202 inherit hostName pkgs-unstable pkgs-unstable-latest;
203 hosts = nixosConfigurations;
204 host = nixosConfigurations.${hostName}._module.args;
205 };
206 nixpkgs = {
207 overlays = overlays {
208 inherit inputs;
209 inherit (config.nixpkgs.hostPlatform) system;
210 };
211 config.permittedInsecurePackages = [
212 # Still needed for chatty
213 # See https://github.com/NixOS/nixpkgs/pull/334638#issuecomment-2289025802%3E
214 # and https://gitlab.gnome.org/World/Chatty/-/issues/932
215 "olm-3.2.16"
216 ];
217 config.allowUnfreePredicate =
218 pkg:
219 builtins.elem (lib.getName pkg) [
220 "anydesk"
221 "canon-cups-ufr2"
222 "cudatoolkit"
223 "geogebra"
224 "hplip"
225 "memtest86-efi"
226 "nvidia-settings"
227 "nvidia-x11"
228 ];
229 };
230 home-manager = {
231 useGlobalPkgs = true;
232 useUserPackages = true;
233 verbose = true;
234 #force = true;
235 backupFileExtension = "old";
236 extraSpecialArgs = {
237 inherit
238 inputs
239 hostName
240 pkgs-unstable
241 pkgs-unstable-latest
242 ;
243 };
244 };
245 }
246 )
247 ];
248 }
249 );
250
251 # nix -L develop or direnv allow
252 devShells = forAllSystems (
253 { pkgs, system, ... }:
254 {
255 default = pkgs.callPackage flake/devShells/default.nix {
256 inherit
257 pkgs
258 inputs
259 system
260 nixpkgsPath
261 ;
262 inherit (checks.${system}.git-hooks-check) shellHook;
263 };
264 }
265 );
266
267 # nix -L run .#oignon.switch
268 apps = forAllSystems (
269 { pkgs, system, ... }:
270 with builtins;
271 mapAttrs (
272 hostName:
273 { config, ... }:
274 {
275 # Example: nix run .#aubergine.switch
276 "switch" = {
277 type = "app";
278 program =
279 (pkgs.callPackage flake/apps/switch.nix {
280 inherit
281 config
282 hostName
283 nixpkgsPath
284 profile
285 ;
286 inherit (config.system) build;
287 }).outPath;
288 };
289 }
290 ) nixosConfigurations
291 );
292
293 # nix flake check
294 checks = forAllSystems (
295 args: with args; {
296 git-hooks-check = inputs.git-hooks.lib.${system}.run {
297 src = self;
298 hooks = {
299 nixfmt-rfc-style.enable = true;
300 };
301 };
302 }
303 );
304 };
305 }
julm's NixOS and home-manager configs