nixos-config/flake.nix

{
  description = "cy's flake";

  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
    sops-nix = {
      url = "github:Mic92/sops-nix";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    home-manager = {
      url = "github:nix-community/home-manager";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    treefmt = {
      url = "github:numtide/treefmt-nix";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    disko = {
      url = "github:nix-community/disko/latest";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    lanzaboote = {
      url = "github:nix-community/lanzaboote/v0.4.1";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    attic = {
      url = "github:cything/attic/compression";
      inputs.nixpkgs.follows = "nixpkgs";
    };

    nixpkgs-borg.url = "github:cything/nixpkgs/borg"; # unmerged PR
    nixpkgs-btrbk.url = "github:cything/nixpkgs/btrbk"; # unmerged PR
  };

  nixConfig = {
    extra-substituters = [
      "https://cache.cything.io/central"
      "https://cache.cything.io/infra-ci"
      "https://cache.cything.io/attic"
    ];
    extra-trusted-public-keys = [
      "central:uWhjva6m6dhC2hqNisjn2hXGvdGBs19vPkA1dPEuwFg="
      "infra-ci:xG5f5tddUBcvToYjlpHD5OY/puYQkKmgKeIQCshNs38="
      "attic:HL3hVpqXxwcF7Q1R+IvU2i0+YxIjQA2xxKM5EJMXLLs="
    ];
    builders-use-substitutes = true;
  };

  outputs =
    {
      self,
      nixpkgs,
      home-manager,
      treefmt,
      disko,
      ...
    }@inputs:
    let
      lib = nixpkgs.lib;
      inherit (self) outputs;

      systems = [ "x86_64-linux" ];
      forEachSystem = f: lib.genAttrs systems (system: f pkgsFor.${system});

      overridePkgsFromFlake =
        pkgs: flake: pkgNames:
        let
          pkgs' = import flake { inherit (pkgs) system config; };
          pkgNames' = builtins.map (lib.splitString ".") pkgNames;
          pkgVals = builtins.map (
            path:
            let
              package = lib.getAttrFromPath path pkgs';
            in
            lib.setAttrByPath path package
          ) pkgNames';
        in
        lib.foldl' lib.recursiveUpdate { } pkgVals;
      overlayPkgsFromFlake =
        flake: pkgNames: _final: prev:
        overridePkgsFromFlake prev flake pkgNames;
      overlays = [
        (overlayPkgsFromFlake inputs.attic [
          # home-manager doesn't like these
          # "attic-server"
          # "attic-client"
        ])
      ] ++ import ./overlay;

      pkgsFor = lib.genAttrs systems (
        system:
        import nixpkgs {
          inherit system overlays;
          config = {
            allowUnfree = true;
          };
        }
      );

      treefmtEval = forEachSystem (
        pkgs:
        treefmt.lib.evalModule pkgs {
          projectRootFile = "flake.nix";
          programs.nixfmt.enable = true;
          programs.stylua.enable = true;
          programs.yamlfmt.enable = true;
          programs.typos.enable = true;
          programs.shellcheck.enable = true;
          programs.deadnix.enable = true;

          settings.global.excludes = [ "secrets/*" ];
        }
      );
    in
    {
      formatter = forEachSystem (pkgs: treefmtEval.${pkgs.system}.config.build.wrapper);
      checks = forEachSystem (pkgs: {
        formatting = treefmtEval.${pkgs.system}.config.build.check self;
      });
      # lets us build overlayed packages with `nix build .#<package>`
      packages = pkgsFor;

      nixosConfigurations =
        let
          pkgs = pkgsFor.x86_64-linux;
        in
        {
          ytnix = lib.nixosSystem {
            specialArgs = { inherit inputs outputs; };
            modules = [
              {
                nixpkgs = { inherit pkgs; };
              }
              ./hosts/ytnix
              inputs.sops-nix.nixosModules.sops
              ./modules
              inputs.lanzaboote.nixosModules.lanzaboote
            ];
          };

          chunk = lib.nixosSystem {
            specialArgs = { inherit inputs outputs; };
            modules = [
              {
                nixpkgs = { inherit pkgs; };
              }
              ./hosts/chunk
              inputs.sops-nix.nixosModules.sops
              ./modules
            ];
          };

          titan = lib.nixosSystem {
            specialArgs = { inherit inputs outputs; };
            modules = [
              {
                nixpkgs = { inherit pkgs; };
              }
              ./hosts/titan
              disko.nixosModules.disko
              inputs.sops-nix.nixosModules.sops
              ./modules
            ];
          };
        };

      homeConfigurations = {
        "yt@ytnix" = home-manager.lib.homeManagerConfiguration {
          pkgs = pkgsFor.x86_64-linux;
          extraSpecialArgs = { inherit inputs outputs; };
          modules = [
            ./home/yt/ytnix.nix
          ];
        };

        "yt@chunk" = home-manager.lib.homeManagerConfiguration {
          pkgs = pkgsFor.x86_64-linux;
          extraSpecialArgs = { inherit inputs outputs; };
          modules = [
            ./home/yt/chunk.nix
          ];
        };
      };
    };
}
so many new stuff (nix and hyprland) 2024-11-22 00:58:04 -05:00			`{`
use thunar 2024-11-22 20:46:58 -05:00			`description = "cy's flake";`
so many new stuff (nix and hyprland) 2024-11-22 00:58:04 -05:00
			`inputs = {`
first attempt 2024-12-12 23:35:10 -05:00			`nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";`
better secrets management 2024-11-23 21:41:28 -05:00			`sops-nix = {`
			`url = "github:Mic92/sops-nix";`
			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
use ntfy for backup notifications override anki (successfully this time) install evolution and nix-index use home-manager to configure gtk and qt theme and update a bunch of stuff 2024-11-30 20:24:04 -05:00			`home-manager = {`
			`url = "github:nix-community/home-manager";`
			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
treefmt follow nixpkgs 2025-01-01 21:46:36 -05:00			`treefmt = {`
			`url = "github:numtide/treefmt-nix";`
			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
init titan 2024-12-28 22:16:46 -05:00			`disko = {`
			`url = "github:nix-community/disko/latest";`
			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
setup secure boot 2025-01-01 02:07:32 -05:00			`lanzaboote = {`
			`url = "github:nix-community/lanzaboote/v0.4.1";`
			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
add attic and rm tor 2025-01-05 05:42:52 -05:00			`attic = {`
flake update 2025-01-08 23:43:31 -05:00			`url = "github:cything/attic/compression";`
add attic and rm tor 2025-01-05 05:42:52 -05:00			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
init titan 2024-12-28 22:16:46 -05:00
move ntfy to titan 2024-12-30 17:50:29 -05:00			`nixpkgs-borg.url = "github:cything/nixpkgs/borg"; # unmerged PR`
			`nixpkgs-btrbk.url = "github:cything/nixpkgs/btrbk"; # unmerged PR`
so many new stuff (nix and hyprland) 2024-11-22 00:58:04 -05:00			`};`

trusted substituter 2025-01-05 06:11:02 -05:00			`nixConfig = {`
			`extra-substituters = [`
use correct binary cache path 2025-01-05 07:03:26 -05:00			`"https://cache.cything.io/central"`
flake update 2025-01-08 23:43:31 -05:00			`"https://cache.cything.io/infra-ci"`
			`"https://cache.cything.io/attic"`
trusted substituter 2025-01-05 06:11:02 -05:00			`];`
add cache trusted key 2025-01-05 13:55:25 -05:00			`extra-trusted-public-keys = [`
basically do everything all over again 2025-01-06 00:45:49 -05:00			`"central:uWhjva6m6dhC2hqNisjn2hXGvdGBs19vPkA1dPEuwFg="`
flake update 2025-01-08 23:43:31 -05:00			`"infra-ci:xG5f5tddUBcvToYjlpHD5OY/puYQkKmgKeIQCshNs38="`
			`"attic:HL3hVpqXxwcF7Q1R+IvU2i0+YxIjQA2xxKM5EJMXLLs="`
add cache trusted key 2025-01-05 13:55:25 -05:00			`];`
trusted substituter 2025-01-05 06:11:02 -05:00			`builders-use-substitutes = true;`
			`};`

use rfc-style formatter 2024-12-19 02:32:58 -05:00			`outputs =`
			`{`
			`self,`
			`nixpkgs,`
			`home-manager,`
use treemft and also enable stylua works well with CI 2024-12-28 10:59:57 -05:00			`treefmt,`
init titan 2024-12-28 22:16:46 -05:00			`disko,`
use rfc-style formatter 2024-12-19 02:32:58 -05:00			`...`
			`}@inputs:`
			`let`
			`lib = nixpkgs.lib;`
			`inherit (self) outputs;`
some restructuring 2024-12-13 11:27:01 -05:00
use rfc-style formatter 2024-12-19 02:32:58 -05:00			`systems = [ "x86_64-linux" ];`
			`forEachSystem = f: lib.genAttrs systems (system: f pkgsFor.${system});`
overlay zsh-fzf-tab and evolution to fix build failure 2024-12-28 10:40:35 -05:00
			`overridePkgsFromFlake =`
			`pkgs: flake: pkgNames:`
			`let`
			`pkgs' = import flake { inherit (pkgs) system config; };`
			`pkgNames' = builtins.map (lib.splitString ".") pkgNames;`
			`pkgVals = builtins.map (`
			`path:`
			`let`
			`package = lib.getAttrFromPath path pkgs';`
			`in`
			`lib.setAttrByPath path package`
			`) pkgNames';`
			`in`
			`lib.foldl' lib.recursiveUpdate { } pkgVals;`
			`overlayPkgsFromFlake =`
use treefmt for a lot more stuff also make changes to comply with all the laws that come with those stuff 2025-01-01 03:43:02 -05:00			`flake: pkgNames: _final: prev:`
overlay zsh-fzf-tab and evolution to fix build failure 2024-12-28 10:40:35 -05:00			`overridePkgsFromFlake prev flake pkgNames;`
			`overlays = [`
use my fork for attic 2025-01-06 22:06:36 -05:00			`(overlayPkgsFromFlake inputs.attic [`
update attic rev 2025-01-07 04:58:15 -05:00			`# home-manager doesn't like these`
			`# "attic-server"`
			`# "attic-client"`
make grafana work again by overlaying from small 2024-12-30 17:27:24 -05:00			`])`
patch over main to fix conduwuit 2025-01-05 16:45:18 -05:00			`] ++ import ./overlay;`
overlay zsh-fzf-tab and evolution to fix build failure 2024-12-28 10:40:35 -05:00
use rfc-style formatter 2024-12-19 02:32:58 -05:00			`pkgsFor = lib.genAttrs systems (`
			`system:`
nix fmt 2024-12-13 11:28:27 -05:00			`import nixpkgs {`
overlay zsh-fzf-tab and evolution to fix build failure 2024-12-28 10:40:35 -05:00			`inherit system overlays;`
home-manager use flake.nix nixpkgs config 2024-12-13 11:44:22 -05:00			`config = {`
			`allowUnfree = true;`
			`};`
nix fmt 2024-12-13 11:28:27 -05:00			`}`
use rfc-style formatter 2024-12-19 02:32:58 -05:00			`);`
use treemft and also enable stylua works well with CI 2024-12-28 10:59:57 -05:00
			`treefmtEval = forEachSystem (`
			`pkgs:`
			`treefmt.lib.evalModule pkgs {`
			`projectRootFile = "flake.nix";`
			`programs.nixfmt.enable = true;`
			`programs.stylua.enable = true;`
treefmt: also check for yaml files 2024-12-28 12:03:07 -05:00			`programs.yamlfmt.enable = true;`
use treefmt for a lot more stuff also make changes to comply with all the laws that come with those stuff 2025-01-01 03:43:02 -05:00			`programs.typos.enable = true;`
			`programs.shellcheck.enable = true;`
			`programs.deadnix.enable = true;`

			`settings.global.excludes = [ "secrets/*" ];`
use treemft and also enable stylua works well with CI 2024-12-28 10:59:57 -05:00			`}`
			`);`
use rfc-style formatter 2024-12-19 02:32:58 -05:00			`in`
			`{`
use treemft and also enable stylua works well with CI 2024-12-28 10:59:57 -05:00			`formatter = forEachSystem (pkgs: treefmtEval.${pkgs.system}.config.build.wrapper);`
			`checks = forEachSystem (pkgs: {`
			`formatting = treefmtEval.${pkgs.system}.config.build.check self;`
			`});`
workflow: use overlays 2025-01-08 23:43:42 -05:00			# lets us build overlayed packages with `nix build .#<package>`
			`packages = pkgsFor;`
first attempt 2024-12-12 23:35:10 -05:00
use rfc-style formatter 2024-12-19 02:32:58 -05:00			`nixosConfigurations =`
			`let`
			`pkgs = pkgsFor.x86_64-linux;`
			`in`
			`{`
			`ytnix = lib.nixosSystem {`
			`specialArgs = { inherit inputs outputs; };`
			`modules = [`
			`{`
			`nixpkgs = { inherit pkgs; };`
			`}`
			`./hosts/ytnix`
			`inputs.sops-nix.nixosModules.sops`
implement backup module and use on ytnix 2024-12-30 21:54:25 -05:00			`./modules`
setup secure boot 2025-01-01 02:07:32 -05:00			`inputs.lanzaboote.nixosModules.lanzaboote`
use rfc-style formatter 2024-12-19 02:32:58 -05:00			`];`
			`};`
nixossystem for chunk 2024-12-13 21:57:30 -05:00
use rfc-style formatter 2024-12-19 02:32:58 -05:00			`chunk = lib.nixosSystem {`
			`specialArgs = { inherit inputs outputs; };`
			`modules = [`
			`{`
			`nixpkgs = { inherit pkgs; };`
			`}`
			`./hosts/chunk`
			`inputs.sops-nix.nixosModules.sops`
implement backup module and use on ytnix 2024-12-30 21:54:25 -05:00			`./modules`
use rfc-style formatter 2024-12-19 02:32:58 -05:00			`];`
			`};`
init titan 2024-12-28 22:16:46 -05:00
			`titan = lib.nixosSystem {`
			`specialArgs = { inherit inputs outputs; };`
			`modules = [`
			`{`
			`nixpkgs = { inherit pkgs; };`
			`}`
			`./hosts/titan`
			`disko.nixosModules.disko`
make ghost work 2024-12-28 23:20:41 -05:00			`inputs.sops-nix.nixosModules.sops`
implement backup module and use on ytnix 2024-12-30 21:54:25 -05:00			`./modules`
init titan 2024-12-28 22:16:46 -05:00			`];`
			`};`
use rfc-style formatter 2024-12-19 02:32:58 -05:00			`};`
first attempt 2024-12-12 23:35:10 -05:00
use rfc-style formatter 2024-12-19 02:32:58 -05:00			`homeConfigurations = {`
			`"yt@ytnix" = home-manager.lib.homeManagerConfiguration {`
			`pkgs = pkgsFor.x86_64-linux;`
			`extraSpecialArgs = { inherit inputs outputs; };`
			`modules = [`
			`./home/yt/ytnix.nix`
			`];`
			`};`
forgot that again 2024-12-13 22:13:25 -05:00
use rfc-style formatter 2024-12-19 02:32:58 -05:00			`"yt@chunk" = home-manager.lib.homeManagerConfiguration {`
			`pkgs = pkgsFor.x86_64-linux;`
			`extraSpecialArgs = { inherit inputs outputs; };`
			`modules = [`
			`./home/yt/chunk.nix`
			`];`
			`};`
forgot that again 2024-12-13 22:13:25 -05:00			`};`
so many new stuff (nix and hyprland) 2024-11-22 00:58:04 -05:00			`};`
			`}`