Merge branch 'prime' of git.rrv.sh:rrvsh/pantheon into prime

feat(meta): use manifest to define system configurations
2025-07-15 21:54:06 +08:00 · 2025-07-15 21:54:00 +08:00
18 changed files with 125 additions and 131 deletions
--- a/nix/configurations.nix
+++ b/nix/configurations.nix
@ -10,18 +10,15 @@ let
  inherit (lib.lists) optional;
  inherit (lib.attrsets) mapAttrs;
  inherit (cfg.lib.modules) forAllUsers';
+  inherit (config.manifest) hosts;
  cfg = config.flake;
-  globalCfg = name: hostConfig: {
+  globalCfg = hostName: hostConfig: {
    useGlobalPkgs = true;
    useUserPackages = true;
-    extraSpecialArgs = {
-      inherit hostConfig;
-      hostName = name;
-    };
+    extraSpecialArgs = { inherit hostName hostConfig; };
    sharedModules = [ cfg.modules.homeManager.default ];
    users = forAllUsers' (name: _: cfg.modules.homeManager.${name});
  };
-  hosts = cfg.manifest.hosts or { };
  mkConfigurations =
    class: hosts:
    mapAttrs (
@ -31,6 +28,7 @@ let
          specialArgs = {
            inherit (config.flake) self;
            hostName = name;
+            hostConfig = value;
          };
          modules = [
            cfg.modules.nixos.default
@ -44,6 +42,7 @@ let
          specialArgs = {
            inherit (config.flake) self;
            hostName = name;
+            hostConfig = value;
          };
          modules = [
            cfg.modules.darwin.default
--- a/nix/files/readme.nix
+++ b/nix/files/readme.nix
@ -24,8 +24,8 @@
    parts."Structure" = # markdown
      ''
        The system configurations are defined in [`flake.manifest`](nix/manifest.nix).
-        `flake.manifest.owner` provides the attributes for the administrator user, including username and pubkey.
-        `flake.manifest.hosts` provides the specifications for the system configurations that should be exposed by the flake as nixosConfigurations.
+        `manifest.owner` provides the attributes for the administrator user, including username and pubkey.
+        `manifest.hosts` provides the specifications for the system configurations that should be exposed by the flake as nixosConfigurations.
        `flake.modules.nixos.*` provide NixOS options and configurations.
        The attribute `flake.modules.nixos.default` provides options that will be applied to every system of that class.
        You can use it as seen [here](nix/modules/flake/home-manager.nix):
--- a/nix/flake-parts/manifest.nix
+++ b/nix/flake-parts/manifest.nix
@ -0,0 +1,77 @@
+{ lib, config, ... }:
+let
+  cfg = config.flake;
+  inherit (lib.options) mkOption mkEnableOption;
+  inherit (lib.types)
+    bool
+    str
+    lazyAttrsOf
+    deferredModule
+    submodule
+    ;
+  inherit (cfg.lib.options) mkStrOption;
+  inherit (cfg.lib.attrsets) firstAttrNameMatching;
+  userOpts = submodule {
+    options = {
+      primary = mkOption { type = bool; };
+      username = mkOption { type = str; };
+      name = mkOption { type = str; };
+      email = mkOption { type = str; };
+      shell = mkOption { type = str; };
+      pubkey = mkOption { type = str; };
+    };
+  };
+  monitorOpts = submodule {
+    options = {
+      id = mkStrOption "";
+      resolution = mkStrOption "";
+      refresh-rate = mkStrOption "";
+      scale = mkStrOption "";
+    };
+  };
+  hostOpts = submodule {
+    options = {
+      graphical = mkEnableOption "";
+      machine = {
+        platform = mkStrOption "";
+        gpu = mkStrOption "";
+        root.drive = mkStrOption "";
+        root.ephemeral = mkEnableOption "" // {
+          default = true;
+        };
+        monitors = mkOption {
+          type = lazyAttrsOf monitorOpts;
+          default = { };
+        };
+      };
+      extraCfg = mkOption {
+        type = deferredModule;
+        default = { };
+      };
+    };
+  };
+  username = firstAttrNameMatching (_: v: v.primary or false) config.manifest.users;
+in
+{
+  options.manifest = {
+    admin = mkOption {
+      type = userOpts;
+      readOnly = true;
+    };
+    users = mkOption {
+      type = lazyAttrsOf userOpts;
+      default = { };
+    };
+    hosts.nixos = mkOption {
+      type = lazyAttrsOf hostOpts;
+      default = { };
+    };
+    hosts.darwin = mkOption {
+      type = lazyAttrsOf hostOpts;
+      default = { };
+    };
+  };
+  config.manifest.admin = config.manifest.users.${username} // {
+    inherit username;
+  };
+}
--- a/nix/homes/rafiq/desktop/darwin.nix
+++ b/nix/homes/rafiq/desktop/darwin.nix
@ -1,11 +1,11 @@
 { config, ... }:
 let
-  cfg = config.flake;
+  inherit (config.manifest) admin;
 in
 {
  flake.modules.darwin.graphical.homebrew = {
    enable = true;
-    user = cfg.admin.username;
+    user = admin.username;
    onActivation.cleanup = "uninstall";
    brews = [
      "mise"
--- a/nix/homes/rafiq/desktop/nixos.nix
+++ b/nix/homes/rafiq/desktop/nixos.nix
@ -1,6 +1,6 @@
 { lib, config, ... }:
 let
-  cfg = config.flake;
+  inherit (config.manifest) admin;
 in
 {
  allowedUnfreePackages = [
@ -13,7 +13,7 @@ in
    { config, pkgs, ... }:
    {
      fonts.packages = [ pkgs.font-awesome ];
-      services.getty.autologinUser = cfg.admin.username;
+      services.getty.autologinUser = admin.username;
      # Start Hyprland at boot only if not connecting through SSH
      environment.loginShellInit = # sh
        ''
--- a/nix/lib/modules.nix
+++ b/nix/lib/modules.nix
@ -1,6 +1,5 @@
 { lib, config, ... }:
 let
-  cfg = config.flake;
  inherit (builtins) foldl' attrNames;
  inherit (lib.attrsets) mapAttrs;
 in
@ -35,7 +34,7 @@ in

      :::
    */
-    userListToAttrs = f: foldl' (acc: elem: acc // (f elem)) { } (attrNames cfg.manifest.users);
+    userListToAttrs = f: foldl' (acc: elem: acc // (f elem)) { } (attrNames config.manifest.users);
    /**
      Return an attribute set for use with a option that needs to be used for all users.

@ -65,7 +64,7 @@ in

      :::
    */
-    forAllUsers = attrset: mapAttrs (_: _: attrset) cfg.manifest.users;
+    forAllUsers = attrset: mapAttrs (_: _: attrset) config.manifest.users;

    /**
      Like forAllUsers, but passes in the name and value from the manifest.
@ -96,6 +95,6 @@ in

      :::
    */
-    forAllUsers' = f: mapAttrs f cfg.manifest.users;
+    forAllUsers' = f: mapAttrs f config.manifest.users;
  };
 }
--- a/nix/manifest.nix
+++ b/nix/manifest.nix
@ -1,5 +1,5 @@
 {
-  flake.manifest = {
+  manifest = {
    users.rafiq = {
      primary = true;
      name = "Mohammad Rafiq";
--- a/nix/meta.nix
+++ b/nix/meta.nix
@ -5,54 +5,10 @@
  ...
 }:
 let
-  inherit (lib.options) mkOption mkEnableOption;
-  inherit (cfg.lib.options) mkStrOption;
-  inherit (lib.types)
-    path
-    lazyAttrsOf
-    raw
-    deferredModule
-    submodule
-    ;
+  inherit (lib.options) mkOption;
+  inherit (lib.types) path lazyAttrsOf raw;
  inherit (inputs.flake-parts.lib) mkSubmoduleOptions;
-  inherit (cfg.lib.attrsets) firstAttrNameMatching;
  cfg = config.flake;
-  monitorOpts = submodule {
-    options = {
-      id = mkStrOption "";
-      resolution = mkStrOption "";
-      refresh-rate = mkStrOption "";
-      scale = mkStrOption "";
-    };
-  };
-  userOpts = submodule {
-    options = {
-      username = mkStrOption "";
-      primary = mkEnableOption "";
-      name = mkStrOption "";
-      email = mkStrOption "";
-      shell = mkStrOption "";
-      pubkey = mkStrOption "";
-    };
-  };
-  hostOpts = submodule {
-    options = {
-      graphical = mkEnableOption "";
-      machine = {
-        platform = mkStrOption "";
-        gpu = mkStrOption "";
-        root.drive = mkStrOption "";
-        monitors = mkOption {
-          type = lazyAttrsOf monitorOpts;
-          default = { };
-        };
-      };
-      extraCfg = mkOption {
-        type = deferredModule;
-        default = { };
-      };
-    };
-  };
 in
 {
  options.flake = mkSubmoduleOptions {
@ -68,38 +24,8 @@ in
        readOnly = true;
      };
    };
-    manifest = mkOption {
-      type = submodule {
-        options = {
-          users = mkOption {
-            type = lazyAttrsOf userOpts;
-            default = { };
-          };
-          hosts.nixos = mkOption {
-            type = lazyAttrsOf hostOpts;
-            default = { };
-          };
-          hosts.darwin = mkOption {
-            type = lazyAttrsOf raw;
-            default = { };
-          };
-        };
-      };
-    };
-    # Helper Option
-    admin = mkOption {
-      type = userOpts;
-      default = { };
-    };
  };
-  config.flake =
-    let
-      username = firstAttrNameMatching (_: v: v.primary or false) cfg.manifest.users;
-    in
-    {
-      paths.secrets = cfg.paths.root + "/secrets";
-      admin = cfg.manifest.users.${username} // {
-        inherit username;
-      };
-    };
+  config.flake = {
+    paths.secrets = cfg.paths.root + "/secrets";
+  };
 }
--- a/nix/modules/cli/git.nix
+++ b/nix/modules/cli/git.nix
@ -1,6 +1,6 @@
 { config, ... }:
 let
-  inherit (config.flake) manifest;
+  inherit (config.manifest) users;
 in
 {
  flake.modules.homeManager.default =
@ -9,8 +9,8 @@ in
      home.sessionVariables.GIT_CONFIG_GLOBAL = "$HOME/.config/git/config";
      programs.git = {
        enable = true;
-        userName = manifest.users.${config.home.username}.name;
-        userEmail = manifest.users.${config.home.username}.email;
+        userName = users.${config.home.username}.name;
+        userEmail = users.${config.home.username}.email;
        signing.key = "~/.ssh/id_ed25519.pub";
      };
    };
--- a/nix/modules/cli/shell.nix
+++ b/nix/modules/cli/shell.nix
@ -1,6 +1,7 @@
 { config, lib, ... }:
 let
  cfg = config.flake;
+  inherit (config.manifest) users;
  inherit (cfg.lib.modules) forAllUsers';
  inherit (lib.attrsets) mapAttrs';
 in
@ -12,7 +13,7 @@ in
        programs = mapAttrs' (name: value: {
          name = value.shell;
          value.enable = true;
-        }) cfg.manifest.users;
+        }) users;
        users.users = forAllUsers' (_: value: { shell = pkgs.${value.shell}; });
      };
    darwin.default =
@ -21,14 +22,14 @@ in
        programs = mapAttrs' (name: value: {
          name = value.shell;
          value.enable = true;
-        }) cfg.manifest.users;
+        }) users;
        users.users = forAllUsers' (_: value: { shell = pkgs.${value.shell}; });
        environment.shells = [ pkgs.fish ];
      };
    homeManager.default =
      { config, ... }:
      {
-        programs.${cfg.manifest.users.${config.home.username}.shell}.enable = true;
+        programs.${users.${config.home.username}.shell}.enable = true;
        home.shell.enableShellIntegration = true;
      };
  };
--- a/nix/modules/machine/gpu.nix
+++ b/nix/modules/machine/gpu.nix
@ -1,7 +1,3 @@
-{ config, ... }:
-let
-  cfg = config.flake;
-in
 {
  allowedUnfreePackages = [
    "nvidia-x11"
@ -11,11 +7,11 @@ in
    {
      config,
      pkgs,
-      hostName,
+      hostConfig,
      ...
    }:
    let
-      gpu = cfg.manifest.hosts.nixos.${hostName}.machine.gpu or "";
+      inherit (hostConfig.machine) gpu;
    in
    if gpu == "nvidia" then
      {
--- a/nix/modules/machine/platform.nix
+++ b/nix/modules/machine/platform.nix
@ -1,9 +1,8 @@
-{ config, ... }:
 {
  flake.modules.nixos.default =
-    { hostName, ... }:
+    { hostConfig, ... }:
    let
-      inherit (config.flake.manifest.hosts.nixos.${hostName}.machine) platform;
+      inherit (hostConfig.machine) platform;
      arch = if platform == "amd" || platform == "intel" then "x86_64" else "aarch64";
    in
    {
@ -13,9 +12,9 @@
    };

  flake.modules.darwin.default =
-    { hostName, ... }:
+    { hostConfig, ... }:
    let
-      inherit (config.flake.manifest.hosts.darwin.${hostName}.machine) platform;
+      inherit (hostConfig.machine) platform;
      arch = if platform == "intel" then "x86_64" else "aarch64";
    in
    {
--- a/nix/modules/machine/root.nix
+++ b/nix/modules/machine/root.nix
@ -1,17 +1,12 @@
-{
-  config,
-  lib,
-  inputs,
-  ...
-}:
+{ lib, inputs, ... }:
 let
  inherit (lib.modules) mkMerge mkIf mkAfter;
 in
 {
  flake.modules.nixos.default =
-    { hostName, ... }:
+    { hostConfig, ... }:
    let
-      inherit (config.flake.manifest.hosts.nixos.${hostName}.machine) root;
+      inherit (hostConfig.machine) root;
    in
    {
      imports = [ inputs.disko.nixosModules.disko ];
@ -85,7 +80,7 @@ in
          };
        }
        # Ephemeral by default - assumes btrfs
-        (mkIf (config.flake.manifest.hosts.nixos.${hostName}.machine.root.ephemeral or true) {
+        (mkIf root.ephemeral {
          boot.initrd.postDeviceCommands = mkAfter ''
            mkdir /btrfs_tmp
            mount /dev/root_vg/root /btrfs_tmp
--- a/nix/modules/networking/ssh.nix
+++ b/nix/modules/networking/ssh.nix
@ -1,6 +1,7 @@
 { config, lib, ... }:
 let
  cfg = config.flake;
+  inherit (config.manifest) admin;
  inherit (lib.modules) mkMerge;
  inherit (cfg.lib.modules) forAllUsers';
 in
@ -16,7 +17,7 @@ in
        "/etc/ssh/ssh_host_rsa_key.pub"
      ];
    }
-    { users.users.root.openssh.authorizedKeys.keys = [ cfg.admin.pubkey ]; }
+    { users.users.root.openssh.authorizedKeys.keys = [ admin.pubkey ]; }
  ];
  flake.modules.homeManager.default = {
    persistDirs = [ ".ssh" ];
--- a/nix/modules/server/web-servers.nix
+++ b/nix/modules/server/web-servers.nix
@ -4,7 +4,7 @@ let
  inherit (config.flake.lib.options) mkStrOption mkPathOption;
  inherit (config.flake.lib.services) mkRootDomain;
  inherit (config.flake.paths) secrets;
-  inherit (config.flake.admin) email;
+  inherit (config.manifest.admin) email;
  inherit (lib.types) listOf submodule attrs;
  inherit (lib.options) mkOption mkEnableOption;
  inherit (lib.modules) mkMerge mkIf;
--- a/nix/modules/system/secrets.nix
+++ b/nix/modules/system/secrets.nix
@ -6,11 +6,11 @@
 }:
 let
  cfg = config.flake;
+  inherit (cfg.paths) secrets;
  inherit (builtins) readFile;
  inherit (lib.meta) getExe;
  inherit (lib.strings) trim;
-  inherit (cfg.admin) username pubkey;
-  inherit (cfg.paths) secrets;
+  inherit (config.manifest.admin) username pubkey;
 in
 {
  flake.modules = {
--- a/nix/modules/system/sudo.nix
+++ b/nix/modules/system/sudo.nix
@ -1,12 +1,12 @@
 { config, ... }:
 let
-  cfg = config.flake;
+  inherit (config.manifest) admin;
 in
 {
  flake.modules.nixos.default = {
    security.sudo.wheelNeedsPassword = false;
    nix.settings.trusted-users = [ "@wheel" ];
-    users.users.${cfg.admin.username}.extraGroups = [ "wheel" ];
+    users.users.${admin.username}.extraGroups = [ "wheel" ];
  };
  flake.modules.darwin.default.security = {
    sudo.extraConfig = "%admin          ALL = (ALL) NOPASSWD: ALL";
--- a/nix/modules/system/users.nix
+++ b/nix/modules/system/users.nix
@ -1,6 +1,7 @@
 { config, lib, ... }:
 let
  cfg = config.flake;
+  inherit (config.manifest) users admin;
  inherit (cfg.lib.modules) userListToAttrs forAllUsers';
  inherit (lib.lists) findFirstIndex;
  inherit (builtins) attrNames;
@ -36,12 +37,12 @@ in
  flake.modules.darwin.default =
    { config, ... }:
    {
-      system.primaryUser = cfg.admin.username;
-      users.knownUsers = attrNames cfg.manifest.users;
+      system.primaryUser = admin.username;
+      users.knownUsers = attrNames users;
      users.users = forAllUsers' (
        name: _: {
          home = "/Users/${name}";
-          uid = 501 + (findFirstIndex (x: x == name) null (attrNames cfg.manifest.users));
+          uid = 501 + (findFirstIndex (x: x == name) null (attrNames users));
        }
      );
      home-manager.users = forAllUsers' (
Author	SHA1	Message	Date
Mohammad Rafiq	021dadfed8	Merge branch 'prime' of git.rrv.sh:rrvsh/pantheon into prime	2025-07-15 21:54:06 +08:00
Mohammad Rafiq	084caa727b	feat(meta): use manifest to define system configurations	2025-07-15 21:54:00 +08:00