diff --git a/nix/configurations.nix b/nix/configurations.nix index 3cae4bd..ecc9c2f 100644 --- a/nix/configurations.nix +++ b/nix/configurations.nix @@ -10,15 +10,18 @@ let inherit (lib.lists) optional; inherit (lib.attrsets) mapAttrs; inherit (cfg.lib.modules) forAllUsers'; - inherit (config.manifest) hosts; cfg = config.flake; - globalCfg = hostName: hostConfig: { + globalCfg = name: hostConfig: { useGlobalPkgs = true; useUserPackages = true; - extraSpecialArgs = { inherit hostName hostConfig; }; + extraSpecialArgs = { + inherit hostConfig; + hostName = name; + }; sharedModules = [ cfg.modules.homeManager.default ]; users = forAllUsers' (name: _: cfg.modules.homeManager.${name}); }; + hosts = cfg.manifest.hosts or { }; mkConfigurations = class: hosts: mapAttrs ( @@ -28,7 +31,6 @@ let specialArgs = { inherit (config.flake) self; hostName = name; - hostConfig = value; }; modules = [ cfg.modules.nixos.default @@ -42,7 +44,6 @@ let specialArgs = { inherit (config.flake) self; hostName = name; - hostConfig = value; }; modules = [ cfg.modules.darwin.default diff --git a/nix/files/readme.nix b/nix/files/readme.nix index 6209325..a8eccbf 100644 --- a/nix/files/readme.nix +++ b/nix/files/readme.nix @@ -24,8 +24,8 @@ parts."Structure" = # markdown '' The system configurations are defined in [`flake.manifest`](nix/manifest.nix). - `manifest.owner` provides the attributes for the administrator user, including username and pubkey. - `manifest.hosts` provides the specifications for the system configurations that should be exposed by the flake as nixosConfigurations. + `flake.manifest.owner` provides the attributes for the administrator user, including username and pubkey. + `flake.manifest.hosts` provides the specifications for the system configurations that should be exposed by the flake as nixosConfigurations. `flake.modules.nixos.*` provide NixOS options and configurations. The attribute `flake.modules.nixos.default` provides options that will be applied to every system of that class. You can use it as seen [here](nix/modules/flake/home-manager.nix): diff --git a/nix/flake-parts/manifest.nix b/nix/flake-parts/manifest.nix deleted file mode 100644 index 1d121a1..0000000 --- a/nix/flake-parts/manifest.nix +++ /dev/null @@ -1,77 +0,0 @@ -{ lib, config, ... }: -let - cfg = config.flake; - inherit (lib.options) mkOption mkEnableOption; - inherit (lib.types) - bool - str - lazyAttrsOf - deferredModule - submodule - ; - inherit (cfg.lib.options) mkStrOption; - inherit (cfg.lib.attrsets) firstAttrNameMatching; - userOpts = submodule { - options = { - primary = mkOption { type = bool; }; - username = mkOption { type = str; }; - name = mkOption { type = str; }; - email = mkOption { type = str; }; - shell = mkOption { type = str; }; - pubkey = mkOption { type = str; }; - }; - }; - monitorOpts = submodule { - options = { - id = mkStrOption ""; - resolution = mkStrOption ""; - refresh-rate = mkStrOption ""; - scale = mkStrOption ""; - }; - }; - hostOpts = submodule { - options = { - graphical = mkEnableOption ""; - machine = { - platform = mkStrOption ""; - gpu = mkStrOption ""; - root.drive = mkStrOption ""; - root.ephemeral = mkEnableOption "" // { - default = true; - }; - monitors = mkOption { - type = lazyAttrsOf monitorOpts; - default = { }; - }; - }; - extraCfg = mkOption { - type = deferredModule; - default = { }; - }; - }; - }; - username = firstAttrNameMatching (_: v: v.primary or false) config.manifest.users; -in -{ - options.manifest = { - admin = mkOption { - type = userOpts; - readOnly = true; - }; - users = mkOption { - type = lazyAttrsOf userOpts; - default = { }; - }; - hosts.nixos = mkOption { - type = lazyAttrsOf hostOpts; - default = { }; - }; - hosts.darwin = mkOption { - type = lazyAttrsOf hostOpts; - default = { }; - }; - }; - config.manifest.admin = config.manifest.users.${username} // { - inherit username; - }; -} diff --git a/nix/homes/rafiq/desktop/darwin.nix b/nix/homes/rafiq/desktop/darwin.nix index e1f598c..322bfcc 100644 --- a/nix/homes/rafiq/desktop/darwin.nix +++ b/nix/homes/rafiq/desktop/darwin.nix @@ -1,11 +1,11 @@ { config, ... }: let - inherit (config.manifest) admin; + cfg = config.flake; in { flake.modules.darwin.graphical.homebrew = { enable = true; - user = admin.username; + user = cfg.admin.username; onActivation.cleanup = "uninstall"; brews = [ "mise" diff --git a/nix/homes/rafiq/desktop/nixos.nix b/nix/homes/rafiq/desktop/nixos.nix index e7d66b4..68b4716 100644 --- a/nix/homes/rafiq/desktop/nixos.nix +++ b/nix/homes/rafiq/desktop/nixos.nix @@ -1,6 +1,6 @@ { lib, config, ... }: let - inherit (config.manifest) admin; + cfg = config.flake; in { allowedUnfreePackages = [ @@ -13,7 +13,7 @@ in { config, pkgs, ... }: { fonts.packages = [ pkgs.font-awesome ]; - services.getty.autologinUser = admin.username; + services.getty.autologinUser = cfg.admin.username; # Start Hyprland at boot only if not connecting through SSH environment.loginShellInit = # sh '' diff --git a/nix/lib/modules.nix b/nix/lib/modules.nix index ba27bfd..0d5b50b 100644 --- a/nix/lib/modules.nix +++ b/nix/lib/modules.nix @@ -1,5 +1,6 @@ { lib, config, ... }: let + cfg = config.flake; inherit (builtins) foldl' attrNames; inherit (lib.attrsets) mapAttrs; in @@ -34,7 +35,7 @@ in ::: */ - userListToAttrs = f: foldl' (acc: elem: acc // (f elem)) { } (attrNames config.manifest.users); + userListToAttrs = f: foldl' (acc: elem: acc // (f elem)) { } (attrNames cfg.manifest.users); /** Return an attribute set for use with a option that needs to be used for all users. @@ -64,7 +65,7 @@ in ::: */ - forAllUsers = attrset: mapAttrs (_: _: attrset) config.manifest.users; + forAllUsers = attrset: mapAttrs (_: _: attrset) cfg.manifest.users; /** Like forAllUsers, but passes in the name and value from the manifest. @@ -95,6 +96,6 @@ in ::: */ - forAllUsers' = f: mapAttrs f config.manifest.users; + forAllUsers' = f: mapAttrs f cfg.manifest.users; }; } diff --git a/nix/manifest.nix b/nix/manifest.nix index 4f4f42f..d781698 100644 --- a/nix/manifest.nix +++ b/nix/manifest.nix @@ -1,5 +1,5 @@ { - manifest = { + flake.manifest = { users.rafiq = { primary = true; name = "Mohammad Rafiq"; diff --git a/nix/meta.nix b/nix/meta.nix index 9b93c47..5c8f8fc 100644 --- a/nix/meta.nix +++ b/nix/meta.nix @@ -5,10 +5,54 @@ ... }: let - inherit (lib.options) mkOption; - inherit (lib.types) path lazyAttrsOf raw; + inherit (lib.options) mkOption mkEnableOption; + inherit (cfg.lib.options) mkStrOption; + inherit (lib.types) + path + lazyAttrsOf + raw + deferredModule + submodule + ; inherit (inputs.flake-parts.lib) mkSubmoduleOptions; + inherit (cfg.lib.attrsets) firstAttrNameMatching; cfg = config.flake; + monitorOpts = submodule { + options = { + id = mkStrOption ""; + resolution = mkStrOption ""; + refresh-rate = mkStrOption ""; + scale = mkStrOption ""; + }; + }; + userOpts = submodule { + options = { + username = mkStrOption ""; + primary = mkEnableOption ""; + name = mkStrOption ""; + email = mkStrOption ""; + shell = mkStrOption ""; + pubkey = mkStrOption ""; + }; + }; + hostOpts = submodule { + options = { + graphical = mkEnableOption ""; + machine = { + platform = mkStrOption ""; + gpu = mkStrOption ""; + root.drive = mkStrOption ""; + monitors = mkOption { + type = lazyAttrsOf monitorOpts; + default = { }; + }; + }; + extraCfg = mkOption { + type = deferredModule; + default = { }; + }; + }; + }; in { options.flake = mkSubmoduleOptions { @@ -24,8 +68,38 @@ in readOnly = true; }; }; + manifest = mkOption { + type = submodule { + options = { + users = mkOption { + type = lazyAttrsOf userOpts; + default = { }; + }; + hosts.nixos = mkOption { + type = lazyAttrsOf hostOpts; + default = { }; + }; + hosts.darwin = mkOption { + type = lazyAttrsOf raw; + default = { }; + }; + }; + }; + }; + # Helper Option + admin = mkOption { + type = userOpts; + default = { }; + }; }; - config.flake = { - paths.secrets = cfg.paths.root + "/secrets"; - }; + config.flake = + let + username = firstAttrNameMatching (_: v: v.primary or false) cfg.manifest.users; + in + { + paths.secrets = cfg.paths.root + "/secrets"; + admin = cfg.manifest.users.${username} // { + inherit username; + }; + }; } diff --git a/nix/modules/cli/git.nix b/nix/modules/cli/git.nix index 0571ca3..c609a1a 100644 --- a/nix/modules/cli/git.nix +++ b/nix/modules/cli/git.nix @@ -1,6 +1,6 @@ { config, ... }: let - inherit (config.manifest) users; + inherit (config.flake) manifest; in { flake.modules.homeManager.default = @@ -9,8 +9,8 @@ in home.sessionVariables.GIT_CONFIG_GLOBAL = "$HOME/.config/git/config"; programs.git = { enable = true; - userName = users.${config.home.username}.name; - userEmail = users.${config.home.username}.email; + userName = manifest.users.${config.home.username}.name; + userEmail = manifest.users.${config.home.username}.email; signing.key = "~/.ssh/id_ed25519.pub"; }; }; diff --git a/nix/modules/cli/shell.nix b/nix/modules/cli/shell.nix index ac1617d..0e081a1 100644 --- a/nix/modules/cli/shell.nix +++ b/nix/modules/cli/shell.nix @@ -1,7 +1,6 @@ { config, lib, ... }: let cfg = config.flake; - inherit (config.manifest) users; inherit (cfg.lib.modules) forAllUsers'; inherit (lib.attrsets) mapAttrs'; in @@ -13,7 +12,7 @@ in programs = mapAttrs' (name: value: { name = value.shell; value.enable = true; - }) users; + }) cfg.manifest.users; users.users = forAllUsers' (_: value: { shell = pkgs.${value.shell}; }); }; darwin.default = @@ -22,14 +21,14 @@ in programs = mapAttrs' (name: value: { name = value.shell; value.enable = true; - }) users; + }) cfg.manifest.users; users.users = forAllUsers' (_: value: { shell = pkgs.${value.shell}; }); environment.shells = [ pkgs.fish ]; }; homeManager.default = { config, ... }: { - programs.${users.${config.home.username}.shell}.enable = true; + programs.${cfg.manifest.users.${config.home.username}.shell}.enable = true; home.shell.enableShellIntegration = true; }; }; diff --git a/nix/modules/machine/gpu.nix b/nix/modules/machine/gpu.nix index 8517036..00c56cd 100644 --- a/nix/modules/machine/gpu.nix +++ b/nix/modules/machine/gpu.nix @@ -1,3 +1,7 @@ +{ config, ... }: +let + cfg = config.flake; +in { allowedUnfreePackages = [ "nvidia-x11" @@ -7,11 +11,11 @@ { config, pkgs, - hostConfig, + hostName, ... }: let - inherit (hostConfig.machine) gpu; + gpu = cfg.manifest.hosts.nixos.${hostName}.machine.gpu or ""; in if gpu == "nvidia" then { diff --git a/nix/modules/machine/platform.nix b/nix/modules/machine/platform.nix index 62943b4..19b2fdf 100644 --- a/nix/modules/machine/platform.nix +++ b/nix/modules/machine/platform.nix @@ -1,8 +1,9 @@ +{ config, ... }: { flake.modules.nixos.default = - { hostConfig, ... }: + { hostName, ... }: let - inherit (hostConfig.machine) platform; + inherit (config.flake.manifest.hosts.nixos.${hostName}.machine) platform; arch = if platform == "amd" || platform == "intel" then "x86_64" else "aarch64"; in { @@ -12,9 +13,9 @@ }; flake.modules.darwin.default = - { hostConfig, ... }: + { hostName, ... }: let - inherit (hostConfig.machine) platform; + inherit (config.flake.manifest.hosts.darwin.${hostName}.machine) platform; arch = if platform == "intel" then "x86_64" else "aarch64"; in { diff --git a/nix/modules/machine/root.nix b/nix/modules/machine/root.nix index 9c7d4ea..98c1120 100644 --- a/nix/modules/machine/root.nix +++ b/nix/modules/machine/root.nix @@ -1,12 +1,17 @@ -{ lib, inputs, ... }: +{ + config, + lib, + inputs, + ... +}: let inherit (lib.modules) mkMerge mkIf mkAfter; in { flake.modules.nixos.default = - { hostConfig, ... }: + { hostName, ... }: let - inherit (hostConfig.machine) root; + inherit (config.flake.manifest.hosts.nixos.${hostName}.machine) root; in { imports = [ inputs.disko.nixosModules.disko ]; @@ -80,7 +85,7 @@ in }; } # Ephemeral by default - assumes btrfs - (mkIf root.ephemeral { + (mkIf (config.flake.manifest.hosts.nixos.${hostName}.machine.root.ephemeral or true) { boot.initrd.postDeviceCommands = mkAfter '' mkdir /btrfs_tmp mount /dev/root_vg/root /btrfs_tmp diff --git a/nix/modules/networking/ssh.nix b/nix/modules/networking/ssh.nix index 2238b7e..d721746 100644 --- a/nix/modules/networking/ssh.nix +++ b/nix/modules/networking/ssh.nix @@ -1,7 +1,6 @@ { config, lib, ... }: let cfg = config.flake; - inherit (config.manifest) admin; inherit (lib.modules) mkMerge; inherit (cfg.lib.modules) forAllUsers'; in @@ -17,7 +16,7 @@ in "/etc/ssh/ssh_host_rsa_key.pub" ]; } - { users.users.root.openssh.authorizedKeys.keys = [ admin.pubkey ]; } + { users.users.root.openssh.authorizedKeys.keys = [ cfg.admin.pubkey ]; } ]; flake.modules.homeManager.default = { persistDirs = [ ".ssh" ]; diff --git a/nix/modules/server/web-servers.nix b/nix/modules/server/web-servers.nix index 9b0cf75..1967268 100644 --- a/nix/modules/server/web-servers.nix +++ b/nix/modules/server/web-servers.nix @@ -4,7 +4,7 @@ let inherit (config.flake.lib.options) mkStrOption mkPathOption; inherit (config.flake.lib.services) mkRootDomain; inherit (config.flake.paths) secrets; - inherit (config.manifest.admin) email; + inherit (config.flake.admin) email; inherit (lib.types) listOf submodule attrs; inherit (lib.options) mkOption mkEnableOption; inherit (lib.modules) mkMerge mkIf; diff --git a/nix/modules/system/secrets.nix b/nix/modules/system/secrets.nix index e71989d..7e5400d 100644 --- a/nix/modules/system/secrets.nix +++ b/nix/modules/system/secrets.nix @@ -6,11 +6,11 @@ }: let cfg = config.flake; - inherit (cfg.paths) secrets; inherit (builtins) readFile; inherit (lib.meta) getExe; inherit (lib.strings) trim; - inherit (config.manifest.admin) username pubkey; + inherit (cfg.admin) username pubkey; + inherit (cfg.paths) secrets; in { flake.modules = { diff --git a/nix/modules/system/sudo.nix b/nix/modules/system/sudo.nix index fa7724c..ec974cc 100644 --- a/nix/modules/system/sudo.nix +++ b/nix/modules/system/sudo.nix @@ -1,12 +1,12 @@ { config, ... }: let - inherit (config.manifest) admin; + cfg = config.flake; in { flake.modules.nixos.default = { security.sudo.wheelNeedsPassword = false; nix.settings.trusted-users = [ "@wheel" ]; - users.users.${admin.username}.extraGroups = [ "wheel" ]; + users.users.${cfg.admin.username}.extraGroups = [ "wheel" ]; }; flake.modules.darwin.default.security = { sudo.extraConfig = "%admin ALL = (ALL) NOPASSWD: ALL"; diff --git a/nix/modules/system/users.nix b/nix/modules/system/users.nix index dc80b0b..35b199b 100644 --- a/nix/modules/system/users.nix +++ b/nix/modules/system/users.nix @@ -1,7 +1,6 @@ { config, lib, ... }: let cfg = config.flake; - inherit (config.manifest) users admin; inherit (cfg.lib.modules) userListToAttrs forAllUsers'; inherit (lib.lists) findFirstIndex; inherit (builtins) attrNames; @@ -37,12 +36,12 @@ in flake.modules.darwin.default = { config, ... }: { - system.primaryUser = admin.username; - users.knownUsers = attrNames users; + system.primaryUser = cfg.admin.username; + users.knownUsers = attrNames cfg.manifest.users; users.users = forAllUsers' ( name: _: { home = "/Users/${name}"; - uid = 501 + (findFirstIndex (x: x == name) null (attrNames users)); + uid = 501 + (findFirstIndex (x: x == name) null (attrNames cfg.manifest.users)); } ); home-manager.users = forAllUsers' (