diff --git a/flake.lock b/flake.lock index 9d72b1b..fb9b627 100644 --- a/flake.lock +++ b/flake.lock @@ -337,42 +337,6 @@ "type": "github" } }, - "manifest": { - "locked": { - "lastModified": 1752588656, - "narHash": "sha256-clKPzQ43eDpukeiGHzXmd1hGb2s4N+MWXAzQ5u5+pHQ=", - "owner": "rrvsh", - "repo": "manifest", - "rev": "365902fba994f30469298dee0c98a5fc0f41ec38", - "type": "github" - }, - "original": { - "owner": "rrvsh", - "repo": "manifest", - "type": "github" - } - }, - "nix-darwin": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1751313918, - "narHash": "sha256-HsJM3XLa43WpG+665aGEh8iS8AfEwOIQWk3Mke3e7nk=", - "owner": "nix-darwin", - "repo": "nix-darwin", - "rev": "e04a388232d9a6ba56967ce5b53a8a6f713cdfcf", - "type": "github" - }, - "original": { - "owner": "nix-darwin", - "ref": "master", - "repo": "nix-darwin", - "type": "github" - } - }, "nix-index-database": { "inputs": { "nixpkgs": [ @@ -503,8 +467,6 @@ "impermanence": "impermanence", "import-tree": "import-tree", "make-shell": "make-shell", - "manifest": "manifest", - "nix-darwin": "nix-darwin", "nix-index-database": "nix-index-database", "nixpkgs": "nixpkgs", "nur": "nur", diff --git a/flake.nix b/flake.nix index dcb6882..86b2997 100644 --- a/flake.nix +++ b/flake.nix @@ -1,14 +1,11 @@ { outputs = - { self, ... }@inputs: + inputs: inputs.flake-parts.lib.mkFlake { inherit inputs; } ( (inputs.import-tree ./nix) // { systems = import inputs.systems; - flake = { - inherit self; - paths.root = ./.; - }; + flake.paths.root = ./.; } ); inputs = { @@ -25,11 +22,6 @@ url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; - # nix darwin provides declarative mac configuration - nix-darwin = { - url = "github:nix-darwin/nix-darwin/master"; - inputs.nixpkgs.follows = "nixpkgs"; - }; # the nix user repository for mainly firefox extensions nur = { url = "github:nix-community/NUR"; @@ -71,8 +63,6 @@ files.url = "github:mightyiam/files"; # text.nix lets us easily define markdown text to pass to files text.url = "github:rrvsh/text.nix"; - # manifest lets us define all hosts in one file - manifest.url = "github:rrvsh/manifest"; # make-shells. creates devShells and checks make-shell = { url = "github:nicknovitski/make-shell"; diff --git a/nix/configurations.nix b/nix/configurations.nix index 3cae4bd..1d27ceb 100644 --- a/nix/configurations.nix +++ b/nix/configurations.nix @@ -6,30 +6,28 @@ }: let inherit (lib) nixosSystem; - inherit (inputs.nix-darwin.lib) darwinSystem; inherit (lib.lists) optional; inherit (lib.attrsets) mapAttrs; inherit (cfg.lib.modules) forAllUsers'; - inherit (config.manifest) hosts; cfg = config.flake; - globalCfg = hostName: hostConfig: { + globalCfg = name: hostConfig: { useGlobalPkgs = true; useUserPackages = true; - extraSpecialArgs = { inherit hostName hostConfig; }; + extraSpecialArgs = { + inherit hostConfig; + hostName = name; + }; sharedModules = [ cfg.modules.homeManager.default ]; users = forAllUsers' (name: _: cfg.modules.homeManager.${name}); }; + hosts = cfg.manifest.hosts or { }; mkConfigurations = class: hosts: mapAttrs ( name: value: if class == "nixos" then nixosSystem { - specialArgs = { - inherit (config.flake) self; - hostName = name; - hostConfig = value; - }; + specialArgs.hostName = name; modules = [ cfg.modules.nixos.default inputs.home-manager.nixosModules.home-manager @@ -37,20 +35,6 @@ let (value.extraCfg or { }) ] ++ optional value.graphical cfg.modules.nixos.graphical; } - else if class == "darwin" then - darwinSystem { - specialArgs = { - inherit (config.flake) self; - hostName = name; - hostConfig = value; - }; - modules = [ - cfg.modules.darwin.default - inputs.home-manager.darwinModules.home-manager - { home-manager = globalCfg name value; } - (value.extraCfg or { }) - ] ++ optional value.graphical cfg.modules.darwin.graphical; - } else { } ) hosts; @@ -58,5 +42,4 @@ in { imports = [ inputs.home-manager.flakeModules.home-manager ]; flake.nixosConfigurations = mkConfigurations "nixos" hosts.nixos; - flake.darwinConfigurations = mkConfigurations "darwin" hosts.darwin; } diff --git a/nix/files/readme.nix b/nix/files/readme.nix index 6209325..a8eccbf 100644 --- a/nix/files/readme.nix +++ b/nix/files/readme.nix @@ -24,8 +24,8 @@ parts."Structure" = # markdown '' The system configurations are defined in [`flake.manifest`](nix/manifest.nix). - `manifest.owner` provides the attributes for the administrator user, including username and pubkey. - `manifest.hosts` provides the specifications for the system configurations that should be exposed by the flake as nixosConfigurations. + `flake.manifest.owner` provides the attributes for the administrator user, including username and pubkey. + `flake.manifest.hosts` provides the specifications for the system configurations that should be exposed by the flake as nixosConfigurations. `flake.modules.nixos.*` provide NixOS options and configurations. The attribute `flake.modules.nixos.default` provides options that will be applied to every system of that class. You can use it as seen [here](nix/modules/flake/home-manager.nix): diff --git a/nix/flake-parts/debug.nix b/nix/flake-parts/debug.nix new file mode 100644 index 0000000..38e2cb3 --- /dev/null +++ b/nix/flake-parts/debug.nix @@ -0,0 +1,3 @@ +{ + debug = true; +} diff --git a/nix/flake-parts/flake-parts.nix b/nix/flake-parts/flake-parts.nix deleted file mode 100644 index 4f0d093..0000000 --- a/nix/flake-parts/flake-parts.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ inputs, ... }: -{ - debug = true; - imports = [ - inputs.make-shell.flakeModules.default - inputs.manifest.flakeModules.default - inputs.flake-parts.flakeModules.modules - inputs.text.flakeModules.default - ]; -} diff --git a/nix/flake-parts/make-shell.nix b/nix/flake-parts/make-shell.nix new file mode 100644 index 0000000..66ca600 --- /dev/null +++ b/nix/flake-parts/make-shell.nix @@ -0,0 +1,5 @@ +{ inputs, ... }: +{ + #TODO: add to readme + imports = [ inputs.make-shell.flakeModules.default ]; +} diff --git a/nix/flake-parts/modules.nix b/nix/flake-parts/modules.nix new file mode 100644 index 0000000..1c75663 --- /dev/null +++ b/nix/flake-parts/modules.nix @@ -0,0 +1,4 @@ +{ inputs, ... }: +{ + imports = [ inputs.flake-parts.flakeModules.modules ]; +} diff --git a/nix/flake-parts/text.nix b/nix/flake-parts/text.nix new file mode 100644 index 0000000..81b2f51 --- /dev/null +++ b/nix/flake-parts/text.nix @@ -0,0 +1,4 @@ +{ inputs, ... }: +{ + imports = [ inputs.text.flakeModules.default ]; +} diff --git a/nix/homes/rafiq/_nvf/languages.nix b/nix/homes/rafiq/_nvf/languages.nix index fbeaf85..cc3dd8c 100644 --- a/nix/homes/rafiq/_nvf/languages.nix +++ b/nix/homes/rafiq/_nvf/languages.nix @@ -4,8 +4,7 @@ enableTreesitter = true; bash.enable = true; clang.enable = true; - # broken on macos - # csharp.enable = true; + csharp.enable = true; css.enable = true; go.enable = true; html.enable = true; @@ -27,7 +26,6 @@ }; rust.enable = true; rust.crates.enable = true; - tailwind.enable = true; ts.enable = true; ts.extensions.ts-error-translator.enable = true; typst.enable = true; diff --git a/nix/homes/rafiq/darwin.nix b/nix/homes/rafiq/darwin.nix deleted file mode 100644 index 873dbcd..0000000 --- a/nix/homes/rafiq/darwin.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ lib, ... }: -let - inherit (lib.modules) mkIf; -in -{ - flake.modules.homeManager.rafiq = - { - pkgs, - config, - hostName, - hostConfig, - ... - }: - mkIf (pkgs.system == "aarch64-darwin" || pkgs.system == "x86_64-darwin") { - home.file."Library/Application Support/aichat/config.yaml".text = '' - model: gemini:gemini-2.0-flash - clients: - - type: gemini - ''; - }; -} diff --git a/nix/homes/rafiq/default.nix b/nix/homes/rafiq/default.nix index 86b4733..ed01690 100644 --- a/nix/homes/rafiq/default.nix +++ b/nix/homes/rafiq/default.nix @@ -45,7 +45,6 @@ in ]; }; programs = { - mise.enable = true; nvf.enable = true; nvf.settings.vim = { syntaxHighlighting = true; diff --git a/nix/homes/rafiq/desktop/darwin.nix b/nix/homes/rafiq/desktop/darwin.nix deleted file mode 100644 index 892031c..0000000 --- a/nix/homes/rafiq/desktop/darwin.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ - flake.modules.darwin.graphical.homebrew = { - brews = [ - "mise" - "docker" - ]; - casks = [ - "ghostty" - "slack" - "gitify" - "telegram" - "vial" - "linear-linear" - "chatgpt" - "spotify" - ]; - }; - flake.modules.homeManager.rafiq = { - # make sure brew is on the path for M1 - programs.zsh.initContent = '' - if [[ $(uname -m) == 'arm64' ]]; then - eval "$(/opt/homebrew/bin/brew shellenv)" - fi - ''; - programs.fish.shellInit = '' - if test (uname -m) = "arm64" - eval (/opt/homebrew/bin/brew shellenv) - end - ''; - }; -} diff --git a/nix/homes/rafiq/desktop/default.nix b/nix/homes/rafiq/desktop/default.nix index 277d445..9eb1fc4 100644 --- a/nix/homes/rafiq/desktop/default.nix +++ b/nix/homes/rafiq/desktop/default.nix @@ -1,9 +1,75 @@ -{ lib, inputs, ... }: { + lib, + inputs, + config, + ... +}: +let + cfg = config.flake; +in +{ + allowedUnfreePackages = [ + "stremio-shell" + "stremio-server" + "steam" + "steam-unwrapped" + ]; + flake.modules.nixos.graphical = + { config, pkgs, ... }: + { + fonts.packages = [ pkgs.font-awesome ]; + services.getty.autologinUser = cfg.admin.username; + # Start Hyprland at boot only if not connecting through SSH + environment.loginShellInit = # sh + '' + if [[ -z "$SSH_CLIENT" && -z "$SSH_CONNECTION" ]]; then + if uwsm check may-start; then + exec uwsm start hyprland-uwsm.desktop + fi + fi + ''; + environment.variables = { + # Get Electron apps to use Wayland + ELECTRON_OZONE_PLATFORM_HINT = "auto"; + NIXOS_OZONE_WL = "1"; + }; + programs = { + hyprland = { + enable = true; + # Use UWSM to have each process controlled by systemd init + withUWSM = true; + }; + steam = { + enable = true; + gamescopeSession.enable = true; + }; + }; + security.pam.services.hyprlock = { }; + services.sunshine = { + enable = true; + capSysAdmin = true; + openFirewall = true; + settings = { + sunshine_name = config.networking.hostName; + origin_pin_allowed = "wan"; + origin_web_ui_allowed = "wan"; + }; + applications = { }; + }; + # spotifyd + networking.firewall.allowedTCPPorts = [ 5353 ]; + networking.firewall.allowedUDPPorts = [ 5353 ]; + }; flake.modules.homeManager.rafiq = - { pkgs, config, ... }: + { + pkgs, + config, + hostName, + hostConfig, + ... + }: let - inherit (lib.modules) mkIf; + inherit (lib.modules) mkMerge mkIf; inherit (builtins) map listToAttrs; inherit (lib.lists) findFirstIndex; inherit (inputs.nur.legacyPackages.${pkgs.stdenv.hostPlatform.system}.repos.rycee) firefox-addons; @@ -38,24 +104,185 @@ targets = { firefox.colorTheme.enable = true; firefox.profileNames = syncedProfiles; + waybar.addCss = false; }; }; + persistDirs = [ + "docs" + "repos" + "vids" + "tmp" + ".cache/Smart Code ltd/Stremio" + ".local/share/Smart Code ltd/Stremio" + ".mozilla/firefox" + ".tor project" + ".local/share/Steam" + ".local/share/PrismLauncher" + ".config/sunshine" + ]; home = { + packages = with pkgs; [ + prismlauncher + stremio + tor-browser + vlc + wl-clipboard-rs + ]; sessionVariables = { BROWSER = "firefox"; + LAUNCHER = "fuzzel"; + LOCKSCREEN = "hyprlock"; + NOTIFICATION_DAEMON = "mako"; TERMINAL = "ghostty"; + STATUS_BAR = "waybar"; }; }; programs = { + fuzzel.enable = true; + obs-studio.enable = true; vesktop.enable = true; thunderbird.enable = true; thunderbird.profiles.rafiq.isDefault = true; - # ghostty is broken on nix-darwin - ghostty.settings.confirm-close-surface = false; firefox = { enable = true; inherit profiles; }; + hyprlock = { + enable = true; + settings = { + general.hide_cursor = true; + general.ignore_empty_input = true; + background.blur_passes = 5; + background.blur_size = 5; + label = { + text = ''hi, $USER.''; + font_size = 32; + position = "0, 0"; + halign = "center"; + valign = "center"; + zindex = 1; + shadow_passes = 5; + shadow_size = 5; + }; + input-field = { + placeholder_text = ""; + fade_on_empty = true; + size = "200, 45"; + position = "0, -5%"; + halign = "center"; + valign = "center"; + zindex = 1; + shadow_passes = 5; + shadow_size = 5; + }; + }; + }; + ghostty = { + enable = true; + settings = { + confirm-close-surface = false; + }; + }; + waybar = { + enable = true; + settings = [ + { + layer = "top"; + modules-left = [ + "pulseaudio" + ]; + modules-right = [ + "battery" + "clock" + ]; + "pulseaudio" = { + format = "{icon} {volume}%"; + format-muted = ""; + format-icons.default = [ + "" + "" + ]; + on-click = "${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle"; + }; + "clock" = { + interval = 1; + format = "{:%F %T}"; + }; + "battery" = { + interval = 1; + bat-compatibility = true; + }; + } + ]; + style = # css + '' + window#waybar { + background-color: rgba(0, 0, 0, 0); + } + + #pulseaudio, + #battery, + #clock { + padding-top: 5px; + padding-bottom: 5px; + padding-right: 5px; + color: #ffffff; + } + ''; + }; + }; + services = { + spotifyd.enable = true; + spotifyd.settings.global = { + device_name = "${hostName}"; + device_type = "computer"; + zeroconf_port = 5353; + }; + + mako.enable = true; + mako.settings.default-timeout = 10000; + + }; + wayland.windowManager.hyprland = { + enable = true; + # This is needed for UWSM + systemd.enable = false; + # Null the packages since we use them system wide + package = null; + portalPackage = null; + settings = mkMerge [ + (import ./_hyprland/decoration.nix) + (import ./_hyprland/keybinds.nix { inherit pkgs; }) + { + ecosystem.no_update_news = true; + xwayland.force_zero_scaling = true; + monitor = + let + mainMonitor = hostConfig.machine.monitors.main; + in + [ + "${mainMonitor.id}, ${mainMonitor.resolution}@${mainMonitor.refresh-rate}, auto, ${mainMonitor.scale}" + ", preferred, auto, 1" + ]; + exec-once = [ + "uwsm app -- $LOCKSCREEN" + "uwsm app -- $NOTIFICATION_DAEMON" + "uwsm app -- $STATUS_BAR" + ]; + } + ]; + }; + # xdg.configFile."uwsm/env".text = # sh + # '' + # # Force apps to scale right with Wayland + # export GDK_SCALE=${mainMonitor.scale} + # export STEAM_FORCE_DESKTOPUI_SCALING=${mainMonitor.scale} + # ''; + # xdg.configFile."uwsm/env-hyprland".text = # sh + # '' + # export GDK_SCALE=${mainMonitor.scale} + # export STEAM_FORCE_DESKTOPUI_SCALING=${mainMonitor.scale} + # ''; }; } diff --git a/nix/homes/rafiq/desktop/nixos.nix b/nix/homes/rafiq/desktop/nixos.nix deleted file mode 100644 index e7d66b4..0000000 --- a/nix/homes/rafiq/desktop/nixos.nix +++ /dev/null @@ -1,232 +0,0 @@ -{ lib, config, ... }: -let - inherit (config.manifest) admin; -in -{ - allowedUnfreePackages = [ - "stremio-shell" - "stremio-server" - "steam" - "steam-unwrapped" - ]; - flake.modules.nixos.graphical = - { config, pkgs, ... }: - { - fonts.packages = [ pkgs.font-awesome ]; - services.getty.autologinUser = admin.username; - # Start Hyprland at boot only if not connecting through SSH - environment.loginShellInit = # sh - '' - if [[ -z "$SSH_CLIENT" && -z "$SSH_CONNECTION" ]]; then - if uwsm check may-start; then - exec uwsm start hyprland-uwsm.desktop - fi - fi - ''; - environment.variables = { - # Get Electron apps to use Wayland - ELECTRON_OZONE_PLATFORM_HINT = "auto"; - NIXOS_OZONE_WL = "1"; - }; - programs = { - hyprland = { - enable = true; - # Use UWSM to have each process controlled by systemd init - withUWSM = true; - }; - steam = { - enable = true; - gamescopeSession.enable = true; - }; - }; - security.pam.services.hyprlock = { }; - services.sunshine = { - enable = true; - capSysAdmin = true; - openFirewall = true; - settings = { - sunshine_name = config.networking.hostName; - origin_pin_allowed = "wan"; - origin_web_ui_allowed = "wan"; - }; - applications = { }; - }; - # spotifyd - networking.firewall.allowedTCPPorts = [ 5353 ]; - networking.firewall.allowedUDPPorts = [ 5353 ]; - }; - flake.modules.homeManager.rafiq = - { - pkgs, - config, - hostName, - hostConfig, - ... - }: - let - inherit (lib.modules) mkMerge mkIf; - in - mkIf (config.graphical && pkgs.system == "x86_64-linux") { - stylix.targets.waybar.addCss = false; - persistDirs = [ - "docs" - "repos" - "vids" - "tmp" - ".cache/Smart Code ltd/Stremio" - ".local/share/Smart Code ltd/Stremio" - ".mozilla/firefox" - ".tor project" - ".local/share/Steam" - ".local/share/PrismLauncher" - ".config/sunshine" - ]; - home = { - packages = with pkgs; [ - wl-clipboard-rs - stremio - tor-browser - vlc - prismlauncher - ]; - sessionVariables = { - LAUNCHER = "fuzzel"; - LOCKSCREEN = "hyprlock"; - NOTIFICATION_DAEMON = "mako"; - STATUS_BAR = "waybar"; - }; - }; - # xdg.configFile."uwsm/env".text = # sh - # '' - # # Force apps to scale right with Wayland - # export GDK_SCALE=${mainMonitor.scale} - # export STEAM_FORCE_DESKTOPUI_SCALING=${mainMonitor.scale} - # ''; - # xdg.configFile."uwsm/env-hyprland".text = # sh - # '' - # export GDK_SCALE=${mainMonitor.scale} - # export STEAM_FORCE_DESKTOPUI_SCALING=${mainMonitor.scale} - # ''; - wayland.windowManager.hyprland = { - enable = true; - # This is needed for UWSM - systemd.enable = false; - # Null the packages since we use them system wide - package = null; - portalPackage = null; - settings = mkMerge [ - (import ./_hyprland/decoration.nix) - (import ./_hyprland/keybinds.nix { inherit pkgs; }) - { - ecosystem.no_update_news = true; - xwayland.force_zero_scaling = true; - monitor = - let - mainMonitor = hostConfig.machine.monitors.main; - in - [ - "${mainMonitor.id}, ${mainMonitor.resolution}@${mainMonitor.refresh-rate}, auto, ${mainMonitor.scale}" - ", preferred, auto, 1" - ]; - exec-once = [ - "uwsm app -- $LOCKSCREEN" - "uwsm app -- $NOTIFICATION_DAEMON" - "uwsm app -- $STATUS_BAR" - ]; - } - ]; - }; - services = { - spotifyd.enable = true; - spotifyd.settings.global = { - device_name = "${hostName}"; - device_type = "computer"; - zeroconf_port = 5353; - }; - mako.enable = true; - mako.settings.default-timeout = 10000; - }; - programs = { - obs-studio.enable = true; - fuzzel.enable = true; - ghostty.enable = true; - waybar = { - enable = true; - settings = [ - { - layer = "top"; - modules-left = [ - "pulseaudio" - ]; - modules-right = [ - "battery" - "clock" - ]; - "pulseaudio" = { - format = "{icon} {volume}%"; - format-muted = ""; - format-icons.default = [ - "" - "" - ]; - on-click = "${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle"; - }; - "clock" = { - interval = 1; - format = "{:%F %T}"; - }; - "battery" = { - interval = 1; - bat-compatibility = true; - }; - } - ]; - style = # css - '' - window#waybar { - background-color: rgba(0, 0, 0, 0); - } - - #pulseaudio, - #battery, - #clock { - padding-top: 5px; - padding-bottom: 5px; - padding-right: 5px; - color: #ffffff; - } - ''; - }; - hyprlock = { - enable = true; - settings = { - general.hide_cursor = true; - general.ignore_empty_input = true; - background.blur_passes = 5; - background.blur_size = 5; - label = { - text = ''hi, $USER.''; - font_size = 32; - position = "0, 0"; - halign = "center"; - valign = "center"; - zindex = 1; - shadow_passes = 5; - shadow_size = 5; - }; - input-field = { - placeholder_text = ""; - fade_on_empty = true; - size = "200, 45"; - position = "0, -5%"; - halign = "center"; - valign = "center"; - zindex = 1; - shadow_passes = 5; - shadow_size = 5; - }; - }; - }; - }; - }; -} diff --git a/nix/lib/modules.nix b/nix/lib/modules.nix index ba27bfd..0d5b50b 100644 --- a/nix/lib/modules.nix +++ b/nix/lib/modules.nix @@ -1,5 +1,6 @@ { lib, config, ... }: let + cfg = config.flake; inherit (builtins) foldl' attrNames; inherit (lib.attrsets) mapAttrs; in @@ -34,7 +35,7 @@ in ::: */ - userListToAttrs = f: foldl' (acc: elem: acc // (f elem)) { } (attrNames config.manifest.users); + userListToAttrs = f: foldl' (acc: elem: acc // (f elem)) { } (attrNames cfg.manifest.users); /** Return an attribute set for use with a option that needs to be used for all users. @@ -64,7 +65,7 @@ in ::: */ - forAllUsers = attrset: mapAttrs (_: _: attrset) config.manifest.users; + forAllUsers = attrset: mapAttrs (_: _: attrset) cfg.manifest.users; /** Like forAllUsers, but passes in the name and value from the manifest. @@ -95,6 +96,6 @@ in ::: */ - forAllUsers' = f: mapAttrs f config.manifest.users; + forAllUsers' = f: mapAttrs f cfg.manifest.users; }; } diff --git a/nix/manifest.nix b/nix/manifest.nix index 4f4f42f..0643eb8 100644 --- a/nix/manifest.nix +++ b/nix/manifest.nix @@ -1,5 +1,5 @@ { - manifest = { + flake.manifest = { users.rafiq = { primary = true; name = "Mohammad Rafiq"; @@ -7,95 +7,83 @@ shell = "fish"; pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILdsZyY3gu8IGB8MzMnLdh+ClDxQQ2RYG9rkeetIKq8n rafiq"; }; - hosts = { - darwin = { - venus = { - graphical = true; - machine.platform = "intel"; + hosts.nixos = { + nemesis = { + graphical = true; + machine = { + platform = "amd"; + gpu = "nvidia"; + root.drive = "/dev/disk/by-id/nvme-CT2000P3SSD8_2325E6E77434"; + monitors.main = { + id = "desc:OOO AN-270W04K"; + resolution = "3840x2160"; + refresh-rate = "60"; + scale = "2"; + }; }; - hephaestus = { - graphical = true; - machine.platform = "apple-silicon"; + extraCfg = { + services.fwupd.enable = true; # FIXME: remove + machine = { + bluetooth.enable = true; + usb.automount = true; + virtualisation = { + podman.enable = true; + podman.distrobox.enable = true; + }; + }; + server.web-apps = { + comfy-ui.enable = true; + sd-webui-forge.enable = true; + }; }; }; - nixos = { - nemesis = { - graphical = true; - machine = { - platform = "amd"; - gpu = "nvidia"; - root.drive = "/dev/disk/by-id/nvme-CT2000P3SSD8_2325E6E77434"; - monitors.main = { - id = "desc:OOO AN-270W04K"; - resolution = "3840x2160"; - refresh-rate = "60"; - scale = "2"; - }; - }; - extraCfg = { - machine = { - bluetooth.enable = true; - usb.automount = true; - usb.qmk.enable = true; - virtualisation = { - podman.enable = true; - podman.distrobox.enable = true; - }; - }; - server.web-apps = { - comfy-ui.enable = true; - sd-webui-forge.enable = true; - }; - }; + apollo = { + graphical = false; + machine = { + platform = "intel"; + root.drive = "/dev/disk/by-id/nvme-eui.002538d221b47b01"; }; - apollo = { - graphical = false; - machine = { - platform = "intel"; - root.drive = "/dev/disk/by-id/nvme-eui.002538d221b47b01"; + extraCfg.server = { + ddns = { + enable = true; + domains = [ + "aenyrathia.wiki" + "slayment.com" + ]; }; - extraCfg.server = { - ddns = { + web-servers = { + enableSSL = true; + nginx = { enable = true; - domains = [ - "aenyrathia.wiki" - "slayment.com" + proxies = [ + { + source = "aenyrathia.wiki"; + target = "http://helios:5896"; + } + { + source = "il.bwfiq.com"; + target = "http://helios:2283"; + } ]; }; - web-servers = { - enableSSL = true; - nginx = { - enable = true; - proxies = [ - { - source = "aenyrathia.wiki"; - target = "http://helios:5896"; - } - { - source = "il.bwfiq.com"; - target = "http://helios:2283"; - } - ]; - }; + }; + databases = { + mongodb.enable = true; + mysql.enable = true; + postgresql.enable = true; + }; + web-apps = { + librechat = { + enable = true; + domain = "chat.bwfiq.com"; }; - databases = { - mongodb.enable = true; - mysql.enable = true; - postgresql.enable = true; - }; - web-apps = { - librechat = { - enable = true; - domain = "chat.bwfiq.com"; - }; - forgejo = { - enable = true; - domain = "git.rrv.sh"; - openFirewall = true; - }; - rrv-sh.enable = true; - rrv-sh.domain = "rrv.sh"; + forgejo = { + enable = true; + domain = "git.rrv.sh"; + openFirewall = true; }; + rrv-sh.enable = true; + rrv-sh.domain = "rrv.sh"; }; }; }; diff --git a/nix/meta.nix b/nix/meta.nix index 9b93c47..0d95bd7 100644 --- a/nix/meta.nix +++ b/nix/meta.nix @@ -5,14 +5,57 @@ ... }: let - inherit (lib.options) mkOption; - inherit (lib.types) path lazyAttrsOf raw; + inherit (lib.options) mkOption mkEnableOption; + inherit (cfg.lib.options) mkStrOption; + inherit (lib.types) + path + lazyAttrsOf + raw + deferredModule + submodule + ; inherit (inputs.flake-parts.lib) mkSubmoduleOptions; + inherit (cfg.lib.attrsets) firstAttrNameMatching; cfg = config.flake; + monitorOpts = submodule { + options = { + id = mkStrOption ""; + resolution = mkStrOption ""; + refresh-rate = mkStrOption ""; + scale = mkStrOption ""; + }; + }; + userOpts = submodule { + options = { + username = mkStrOption ""; + primary = mkEnableOption ""; + name = mkStrOption ""; + email = mkStrOption ""; + shell = mkStrOption ""; + pubkey = mkStrOption ""; + }; + }; + hostOpts = submodule { + options = { + graphical = mkEnableOption ""; + machine = { + platform = mkStrOption ""; + gpu = mkStrOption ""; + root.drive = mkStrOption ""; + monitors = mkOption { + type = lazyAttrsOf monitorOpts; + default = { }; + }; + }; + extraCfg = mkOption { + type = deferredModule; + default = { }; + }; + }; + }; in { options.flake = mkSubmoduleOptions { - self = mkOption { type = raw; }; lib = mkOption { type = lazyAttrsOf raw; default = { }; @@ -24,8 +67,35 @@ in readOnly = true; }; }; + manifest = mkOption { + type = submodule { + options = { + users = mkOption { + type = lazyAttrsOf userOpts; + default = { }; + }; + hosts = mkOption { + # hosts.nixos, hosts.darwin, etc. + type = lazyAttrsOf (lazyAttrsOf hostOpts); + default = { }; + }; + }; + }; + }; + # Helper Option + admin = mkOption { + type = userOpts; + default = { }; + }; }; - config.flake = { - paths.secrets = cfg.paths.root + "/secrets"; - }; + config.flake = + let + username = firstAttrNameMatching (_: v: v.primary or false) cfg.manifest.users; + in + { + paths.secrets = cfg.paths.root + "/secrets"; + admin = cfg.manifest.users.${username} // { + inherit username; + }; + }; } diff --git a/nix/modules/cli/git.nix b/nix/modules/cli/git.nix index 0571ca3..c609a1a 100644 --- a/nix/modules/cli/git.nix +++ b/nix/modules/cli/git.nix @@ -1,6 +1,6 @@ { config, ... }: let - inherit (config.manifest) users; + inherit (config.flake) manifest; in { flake.modules.homeManager.default = @@ -9,8 +9,8 @@ in home.sessionVariables.GIT_CONFIG_GLOBAL = "$HOME/.config/git/config"; programs.git = { enable = true; - userName = users.${config.home.username}.name; - userEmail = users.${config.home.username}.email; + userName = manifest.users.${config.home.username}.name; + userEmail = manifest.users.${config.home.username}.email; signing.key = "~/.ssh/id_ed25519.pub"; }; }; diff --git a/nix/modules/cli/nix.nix b/nix/modules/cli/nix.nix index a69b1d6..ad97ee5 100644 --- a/nix/modules/cli/nix.nix +++ b/nix/modules/cli/nix.nix @@ -3,11 +3,4 @@ "nix-command" "flakes" ]; - flake.modules.darwin.default = { - nix.enable = false; - nix.settings.experimental-features = [ - "nix-command" - "flakes" - ]; - }; } diff --git a/nix/modules/cli/shell.nix b/nix/modules/cli/shell.nix index ac1617d..c28f00b 100644 --- a/nix/modules/cli/shell.nix +++ b/nix/modules/cli/shell.nix @@ -1,36 +1,23 @@ { config, lib, ... }: let cfg = config.flake; - inherit (config.manifest) users; inherit (cfg.lib.modules) forAllUsers'; inherit (lib.attrsets) mapAttrs'; in { - flake.modules = { - nixos.default = - { pkgs, ... }: - { - programs = mapAttrs' (name: value: { - name = value.shell; - value.enable = true; - }) users; - users.users = forAllUsers' (_: value: { shell = pkgs.${value.shell}; }); - }; - darwin.default = - { pkgs, ... }: - { - programs = mapAttrs' (name: value: { - name = value.shell; - value.enable = true; - }) users; - users.users = forAllUsers' (_: value: { shell = pkgs.${value.shell}; }); - environment.shells = [ pkgs.fish ]; - }; - homeManager.default = - { config, ... }: - { - programs.${users.${config.home.username}.shell}.enable = true; - home.shell.enableShellIntegration = true; - }; - }; + flake.modules.nixos.default = + { pkgs, ... }: + { + programs = mapAttrs' (name: value: { + name = value.shell; + value.enable = true; + }) cfg.manifest.users; + users.users = forAllUsers' (_: value: { shell = pkgs.${value.shell}; }); + }; + flake.modules.homeManager.default = + { config, ... }: + { + programs.${cfg.manifest.users.${config.home.username}.shell}.enable = true; + home.shell.enableShellIntegration = true; + }; } diff --git a/nix/modules/graphical/default.nix b/nix/modules/graphical/default.nix index 0ba55ca..c714a2d 100644 --- a/nix/modules/graphical/default.nix +++ b/nix/modules/graphical/default.nix @@ -3,15 +3,12 @@ let inherit (lib.options) mkEnableOption; in { - flake.modules = { - nixos.graphical = { - home-manager.sharedModules = [ { graphical = true; } ]; - services.pipewire = { - enable = true; - pulse.enable = true; - }; + flake.modules.nixos.graphical = { + home-manager.sharedModules = [ { graphical = true; } ]; + services.pipewire = { + enable = true; + pulse.enable = true; }; - homeManager.default.options.graphical = mkEnableOption ""; - darwin.graphical.home-manager.sharedModules = [ { graphical = true; } ]; }; + flake.modules.homeManager.default.options.graphical = mkEnableOption ""; } diff --git a/nix/modules/graphical/stylix.nix b/nix/modules/graphical/stylix.nix index c347b6a..c4b3c65 100644 --- a/nix/modules/graphical/stylix.nix +++ b/nix/modules/graphical/stylix.nix @@ -9,12 +9,4 @@ stylix.enable = true; stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-dark-hard.yaml"; }; - flake.modules.darwin.default = - { pkgs, ... }: - { - imports = [ inputs.stylix.darwinModules.stylix ]; - stylix.enable = true; - #TODO: move into manifest - stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-dark-hard.yaml"; - }; } diff --git a/nix/modules/machine/default.nix b/nix/modules/machine/default.nix index ce8c615..8ad3f7a 100644 --- a/nix/modules/machine/default.nix +++ b/nix/modules/machine/default.nix @@ -5,12 +5,7 @@ let in { flake.modules.nixos.default = - { - config, - modulesPath, - pkgs, - ... - }: + { config, modulesPath, ... }: let cfg = config.machine; in @@ -19,7 +14,6 @@ in options.machine = { bluetooth.enable = mkEnableOption ""; usb.automount = mkEnableOption ""; - usb.qmk.enable = mkEnableOption ""; }; config = mkMerge [ (mkIf cfg.usb.automount { @@ -34,18 +28,6 @@ in } ]; }) - (mkIf cfg.usb.qmk.enable { - hardware.keyboard.qmk.enable = true; - services.udev = { - packages = with pkgs; [ - vial - qmk - qmk-udev-rules - qmk_hid - ]; - }; - - }) (mkIf cfg.bluetooth.enable { persistDirs = [ "/var/lib/bluetooth" ]; hardware.bluetooth = { diff --git a/nix/modules/machine/gpu.nix b/nix/modules/machine/gpu.nix index 8517036..00c56cd 100644 --- a/nix/modules/machine/gpu.nix +++ b/nix/modules/machine/gpu.nix @@ -1,3 +1,7 @@ +{ config, ... }: +let + cfg = config.flake; +in { allowedUnfreePackages = [ "nvidia-x11" @@ -7,11 +11,11 @@ { config, pkgs, - hostConfig, + hostName, ... }: let - inherit (hostConfig.machine) gpu; + gpu = cfg.manifest.hosts.nixos.${hostName}.machine.gpu or ""; in if gpu == "nvidia" then { diff --git a/nix/modules/machine/platform.nix b/nix/modules/machine/platform.nix index 62943b4..ae8ab61 100644 --- a/nix/modules/machine/platform.nix +++ b/nix/modules/machine/platform.nix @@ -1,8 +1,9 @@ +{ config, ... }: { flake.modules.nixos.default = - { hostConfig, ... }: + { hostName, ... }: let - inherit (hostConfig.machine) platform; + inherit (config.flake.manifest.hosts.nixos.${hostName}.machine) platform; arch = if platform == "amd" || platform == "intel" then "x86_64" else "aarch64"; in { @@ -10,14 +11,4 @@ boot.kernelModules = [ "kvm-${platform}" ]; nixpkgs.hostPlatform = "${arch}-linux"; }; - - flake.modules.darwin.default = - { hostConfig, ... }: - let - inherit (hostConfig.machine) platform; - arch = if platform == "intel" then "x86_64" else "aarch64"; - in - { - nixpkgs.hostPlatform = "${arch}-darwin"; - }; } diff --git a/nix/modules/machine/root.nix b/nix/modules/machine/root.nix index 9c7d4ea..98c1120 100644 --- a/nix/modules/machine/root.nix +++ b/nix/modules/machine/root.nix @@ -1,12 +1,17 @@ -{ lib, inputs, ... }: +{ + config, + lib, + inputs, + ... +}: let inherit (lib.modules) mkMerge mkIf mkAfter; in { flake.modules.nixos.default = - { hostConfig, ... }: + { hostName, ... }: let - inherit (hostConfig.machine) root; + inherit (config.flake.manifest.hosts.nixos.${hostName}.machine) root; in { imports = [ inputs.disko.nixosModules.disko ]; @@ -80,7 +85,7 @@ in }; } # Ephemeral by default - assumes btrfs - (mkIf root.ephemeral { + (mkIf (config.flake.manifest.hosts.nixos.${hostName}.machine.root.ephemeral or true) { boot.initrd.postDeviceCommands = mkAfter '' mkdir /btrfs_tmp mount /dev/root_vg/root /btrfs_tmp diff --git a/nix/modules/networking/ssh.nix b/nix/modules/networking/ssh.nix index 2238b7e..d721746 100644 --- a/nix/modules/networking/ssh.nix +++ b/nix/modules/networking/ssh.nix @@ -1,7 +1,6 @@ { config, lib, ... }: let cfg = config.flake; - inherit (config.manifest) admin; inherit (lib.modules) mkMerge; inherit (cfg.lib.modules) forAllUsers'; in @@ -17,7 +16,7 @@ in "/etc/ssh/ssh_host_rsa_key.pub" ]; } - { users.users.root.openssh.authorizedKeys.keys = [ admin.pubkey ]; } + { users.users.root.openssh.authorizedKeys.keys = [ cfg.admin.pubkey ]; } ]; flake.modules.homeManager.default = { persistDirs = [ ".ssh" ]; diff --git a/nix/modules/networking/tailscale.nix b/nix/modules/networking/tailscale.nix index e1ad04c..ddf1b9a 100644 --- a/nix/modules/networking/tailscale.nix +++ b/nix/modules/networking/tailscale.nix @@ -14,12 +14,4 @@ in persistDirs = [ "/var/lib/tailscale" ]; sops.secrets."tailscale/client-secret".sopsFile = secrets + "/tailscale.yaml"; }; - flake.modules.darwin.default = - { pkgs, ... }: - { - services.tailscale = { - enable = true; - package = pkgs.tailscale.overrideAttrs { doCheck = false; }; - }; - }; } diff --git a/nix/modules/server/web-servers.nix b/nix/modules/server/web-servers.nix index 9b0cf75..1967268 100644 --- a/nix/modules/server/web-servers.nix +++ b/nix/modules/server/web-servers.nix @@ -4,7 +4,7 @@ let inherit (config.flake.lib.options) mkStrOption mkPathOption; inherit (config.flake.lib.services) mkRootDomain; inherit (config.flake.paths) secrets; - inherit (config.manifest.admin) email; + inherit (config.flake.admin) email; inherit (lib.types) listOf submodule attrs; inherit (lib.options) mkOption mkEnableOption; inherit (lib.modules) mkMerge mkIf; diff --git a/nix/modules/system/homebrew.nix b/nix/modules/system/homebrew.nix deleted file mode 100644 index 312a26b..0000000 --- a/nix/modules/system/homebrew.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ config, ... }: -let - inherit (config.manifest) admin; -in -{ - flake.modules.darwin.graphical.homebrew = { - enable = true; - user = admin.username; - onActivation.cleanup = "uninstall"; - }; -} diff --git a/nix/modules/system/persist.nix b/nix/modules/system/persist.nix index 917440b..4e298c0 100644 --- a/nix/modules/system/persist.nix +++ b/nix/modules/system/persist.nix @@ -5,7 +5,6 @@ ... }: let - inherit (lib.modules) mkIf; inherit (lib.options) mkOption; inherit (config.flake.lib.options) mkStrOption; inherit (lib.types) @@ -50,17 +49,15 @@ in }; }; flake.modules.homeManager.default = - { config, pkgs, ... }: + { config, ... }: { imports = [ inputs.impermanence.homeManagerModules.impermanence ]; options.persistDirs = mkOpts "directory" { }; options.persistFiles = mkOpts "file" { }; - config = mkIf (pkgs.system == "x86_64-linux") { - home.persistence."/persist${config.home.homeDirectory}" = { - allowOther = true; - directories = config.persistDirs; - files = config.persistFiles; - }; + config.home.persistence."/persist${config.home.homeDirectory}" = { + allowOther = true; + directories = config.persistDirs; + files = config.persistFiles; }; }; } diff --git a/nix/modules/system/secrets.nix b/nix/modules/system/secrets.nix index e71989d..ff90532 100644 --- a/nix/modules/system/secrets.nix +++ b/nix/modules/system/secrets.nix @@ -6,48 +6,21 @@ }: let cfg = config.flake; - inherit (cfg.paths) secrets; inherit (builtins) readFile; inherit (lib.meta) getExe; inherit (lib.strings) trim; - inherit (config.manifest.admin) username pubkey; + inherit (cfg.admin) username pubkey; in { - flake.modules = { - nixos.default = - { config, ... }: - { - imports = [ inputs.sops-nix.nixosModules.sops ]; - config = { - sops = { - age.sshKeyPaths = [ - "/persist${config.users.defaultUserHome}/${username}/.ssh/id_ed25519" - ]; - secrets."keys/gemini".sopsFile = secrets + "/keys.yaml"; - }; - environment.shellInit = # sh - '' - export GEMINI_API_KEY=$(sudo cat ${config.sops.secrets."keys/gemini".path}) - ''; - }; - }; - darwin.default = - { config, ... }: - { - imports = [ inputs.sops-nix.darwinModules.sops ]; - config = { - sops = { - age.sshKeyPaths = [ "${config.users.users.${username}.home}/.ssh/id_ed25519" ]; - secrets."keys/gemini".sopsFile = secrets + "/keys.yaml"; - }; - environment.shellInit = # sh - '' - export GEMINI_API_KEY=$(sudo cat ${config.sops.secrets."keys/gemini".path}) - ''; - }; - }; - homeManager.default.persistDirs = [ ".config/sops/age" ]; - }; + flake.modules.nixos.default = + { config, ... }: + { + imports = [ inputs.sops-nix.nixosModules.sops ]; + config.sops.age.sshKeyPaths = [ + "/persist${config.users.defaultUserHome}/${username}/.ssh/id_ed25519" + ]; + }; + flake.modules.homeManager.default.persistDirs = [ ".config/sops/age" ]; perSystem = { pkgs, ... }: { diff --git a/nix/modules/system/sudo.nix b/nix/modules/system/sudo.nix index fa7724c..1c9b560 100644 --- a/nix/modules/system/sudo.nix +++ b/nix/modules/system/sudo.nix @@ -1,19 +1,11 @@ { config, ... }: let - inherit (config.manifest) admin; + cfg = config.flake; in { flake.modules.nixos.default = { security.sudo.wheelNeedsPassword = false; nix.settings.trusted-users = [ "@wheel" ]; - users.users.${admin.username}.extraGroups = [ "wheel" ]; - }; - flake.modules.darwin.default.security = { - sudo.extraConfig = "%admin ALL = (ALL) NOPASSWD: ALL"; - pam.services.sudo_local = { - enable = true; - reattach = true; - touchIdAuth = true; - }; + users.users.${cfg.admin.username}.extraGroups = [ "wheel" ]; }; } diff --git a/nix/modules/system/system.nix b/nix/modules/system/system.nix index cee1df3..15342b1 100644 --- a/nix/modules/system/system.nix +++ b/nix/modules/system/system.nix @@ -1,18 +1,14 @@ { - flake.modules = { - nixos.default = { - persistFiles = [ "/etc/machine-id" ]; - persistDirs = [ "/var/lib/systemd" ]; - time.timeZone = "Asia/Singapore"; - i18n.defaultLocale = "en_US.UTF-8"; - system.stateVersion = "25.11"; - }; - homeManager.default.home.stateVersion = "25.11"; - darwin.default = - { self, ... }: - { - system.configurationRevision = self.rev or self.dirtyRev or null; - system.stateVersion = 6; - }; + flake.modules.nixos.default = { + persistFiles = [ "/etc/machine-id" ]; + persistDirs = [ "/var/lib/systemd" ]; + time.timeZone = "Asia/Singapore"; + i18n.defaultLocale = "en_US.UTF-8"; + system.stateVersion = "25.11"; }; + flake.modules.homeManager.default = + { osConfig, ... }: + { + home.stateVersion = osConfig.system.stateVersion; + }; } diff --git a/nix/modules/system/users.nix b/nix/modules/system/users.nix index dc80b0b..5815089 100644 --- a/nix/modules/system/users.nix +++ b/nix/modules/system/users.nix @@ -1,10 +1,7 @@ -{ config, lib, ... }: +{ config, ... }: let cfg = config.flake; - inherit (config.manifest) users admin; inherit (cfg.lib.modules) userListToAttrs forAllUsers'; - inherit (lib.lists) findFirstIndex; - inherit (builtins) attrNames; in { flake.modules.nixos.default = @@ -34,22 +31,4 @@ in } ); }; - flake.modules.darwin.default = - { config, ... }: - { - system.primaryUser = admin.username; - users.knownUsers = attrNames users; - users.users = forAllUsers' ( - name: _: { - home = "/Users/${name}"; - uid = 501 + (findFirstIndex (x: x == name) null (attrNames users)); - } - ); - home-manager.users = forAllUsers' ( - name: _: { - home.username = name; - home.homeDirectory = config.users.users.${name}.home; - } - ); - }; } diff --git a/nix/modules/unfree-packages.nix b/nix/modules/unfree-packages.nix index d444024..b74984e 100644 --- a/nix/modules/unfree-packages.nix +++ b/nix/modules/unfree-packages.nix @@ -11,8 +11,7 @@ in type = listOf str; default = [ ]; }; - config.flake.modules = { - nixos.default.nixpkgs.config.allowUnfreePredicate = predicate; - darwin.default.nixpkgs.config.allowUnfreePredicate = predicate; + config.flake.modules.nixos.default = { + nixpkgs.config.allowUnfreePredicate = predicate; }; }