-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathflake.nix
120 lines (111 loc) · 3.37 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
colmena = {
url = "github:zhaofengli/colmena";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager/master";
inputs.nixpkgs.follows = "nixpkgs";
};
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
poetry2nix = {
url = "github:nix-community/poetry2nix";
inputs.nixpkgs.follows = "nixpkgs";
};
nur = {
url = "github:nix-community/NUR";
};
};
outputs = { self, nixpkgs, ... } @ inputs: rec {
# Custom packages
packages.x86_64-linux = import ./pkgs rec {
pkgs = nixpkgs.legacyPackages.x86_64-linux;
poetry2nix = inputs.poetry2nix.lib.mkPoetry2Nix { inherit pkgs; };
};
# Colmena hive output
colmena =
let
machines = import ./machines;
in
{
meta = {
nixpkgs = import nixpkgs {
system = "x86_64-linux";
};
};
defaults = { pkgs, ... }: {
imports = [
inputs.home-manager.nixosModules.home-manager
inputs.sops-nix.nixosModules.sops
inputs.nur.nixosModules.nur
];
nixpkgs.overlays = [
(final: prev: self.packages.x86_64-linux)
];
home-manager.sharedModules = [
inputs.sops-nix.homeManagerModules.sops
{
config = {
news.display = "silent";
news.json = pkgs.lib.mkForce { };
news.entries = pkgs.lib.mkForce [ ];
};
}
];
# deployment.replaceUnknownProfiles = true;
deployment.allowLocalDeployment = true;
home-manager.useUserPackages = true;
home-manager.useGlobalPkgs = true;
system.stateVersion = "22.11";
};
} // machines;
nixosConfigurations = (inputs.colmena.lib.makeHive self.colmena).nodes;
images = builtins.mapAttrs
(name: value: value.config.system.build.sdImage)
(nixpkgs.lib.attrsets.filterAttrs (n: v: v ? config.system.build.sdImage)
nixosConfigurations);
homeConfigurations = {
"seirl" = inputs.home-manager.lib.homeManagerConfiguration rec {
pkgs = nixpkgs.legacyPackages.x86_64-linux;
modules = [
{
imports = [ ./home inputs.sops-nix.homeManagerModules.sops ];
config = {
my.home.graphical.enable = true;
my.home.laptop.enable = true;
targets.genericLinux.enable = true;
nixpkgs.config.allowUnfree = true;
};
}
];
};
};
formatter.x86_64-linux = nixpkgs.legacyPackages.x86_64-linux.nixpkgs-fmt;
devShell.x86_64-linux =
let
pkgs = import nixpkgs {
system = "x86_64-linux";
};
in
pkgs.mkShell {
packages = with pkgs; [
pkgs.colmena
ssh-to-age
home-manager
sops
(writeShellScriptBin "setup-age-private-key" ''
mkdir -p ~/.config/sops/age
echo -n "SSH passphrase: "
read -s SSH_TO_AGE_PASSPHRASE
export SSH_TO_AGE_PASSPHRASE
ssh-to-age -private-key -i ~/.ssh/id_ed25519 > ~/.config/sops/age/keys.txt
'')
];
};
};
}