starred/nix-config-ryan4yin
1
0
Fork 0
mirror of https://github.com/ryan4yin/nix-config.git synced 2026-01-11 22:30:25 +01:00
Code Issues Packages Projects Releases 10 Wiki Activity

feat: refactor flake.nix

Browse Source
This commit is contained in:
Ryan Yin
2023-12-20 00:48:30 +08:00
parent 809a68fa27
commit 29511fa574
28 changed files with 416 additions and 422 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
constants.nix Normal file
View File

@@ -0,0 +1,15 @@
rec {
# user information
username = "ryan";
userfullname = "Ryan Yin";
useremail = "xiaoyin_c@qq.com";
# linux systems
x64_system = "x86_64-linux";
riscv64_system = "riscv64-linux";
aarch64_system = "aarch64-linux";
# darwin systems
x64_darwin = "x86_64-darwin";
aarch64_darwin = "aarch64-darwin";
allSystems = [x64_system riscv64_system aarch64_system x64_darwin aarch64_darwin];
}

345
flake.nix
View File

@@ -16,284 +16,73 @@
outputs = inputs @ {
self,
nixpkgs,
nixpkgs-unstable,
nixpkgs-darwin,
pre-commit-hooks,
nix-darwin,
home-manager,
nixos-generators,
nixos-licheepi4a,
nixos-rk3588,
...
}: let
username = "ryan";
userfullname = "Ryan Yin";
useremail = "xiaoyin_c@qq.com";
constants = import ./constants.nix;
x64_system = "x86_64-linux";
x64_darwin = "x86_64-darwin";
riscv64_system = "riscv64-linux";
aarch64_system = "aarch64-linux";
allSystems = [x64_system x64_darwin riscv64_system aarch64_system];
# FYI: `lib.genAttrs [ "foo" "bar" ] (name: "x_" + name)` => `{ foo = "x_foo"; bar = "x_bar"; }`
forEachSystem = func: (nixpkgs.lib.genAttrs constants.allSystems func);
nixosSystem = import ./lib/nixosSystem.nix;
macosSystem = import ./lib/macosSystem.nix;
colmenaSystem = import ./lib/colmenaSystem.nix;
# 星野 アイ, Hoshino Ai
idol_ai_modules_i3 = {
nixos-modules = [
./hosts/idols/ai
./modules/nixos/i3.nix
];
home-module = import ./home/linux/desktop-i3.nix;
};
idol_ai_modules_hyprland = {
nixos-modules = [
./hosts/idols/ai
./modules/nixos/hyprland.nix
];
home-module = import ./home/linux/desktop-hyprland.nix;
};
# 星野 愛久愛海, Hoshino Akuamarin
idol_aquamarine_modules = {
nixos-modules = [
./hosts/idols/aquamarine
];
home-module = import ./home/linux/server.nix;
};
idol_aquamarine_tags = ["dist-build" "aqua"];
# 星野 瑠美衣, Hoshino Rubii
idol_ruby_modules = {
nixos-modules = [
./hosts/idols/ruby
];
home-module = import ./home/linux/server.nix;
};
idol_ruby_tags = ["dist-build" "ruby"];
# 有馬 かな, Arima Kana
idol_kana_modules = {
nixos-modules = [
./hosts/idols/kana
];
home-module = import ./home/linux/server.nix;
};
idol_kana_tags = ["dist-build" "kana"];
# 森友 望未, Moritomo Nozomi
rolling_nozomi_modules = {
nixos-modules = [
./hosts/rolling_girls/nozomi
];
# home-module = import ./home/linux/server-riscv64.nix;
};
rolling_nozomi_tags = ["riscv" "nozomi"];
# 小坂 結季奈, Kosaka Yukina
rolling_yukina_modules = {
nixos-modules = [
./hosts/rolling_girls/yukina
];
# home-module = import ./home/linux/server-riscv64.nix;
};
rolling_yukina_tags = ["riscv" "yukina"];
# 大木 鈴, Ōki Suzu
_12kingdoms_suzu_modules = {
nixos-modules = [
./hosts/12kingdoms/suzu
];
# home-module = import ./home/linux/server.nix;
};
_12kingdoms_suzu_tags = ["aarch" "suzu"];
x64_specialArgs =
{
inherit username userfullname useremail;
# use unstable branch for some packages to get the latest updates
pkgs-unstable = import nixpkgs-unstable {
system = x64_system; # refer the `system` parameter form outer scope recursively
# To use chrome, we need to allow the installation of non-free software
config.allowUnfree = true;
};
}
// inputs;
in {
nixosConfigurations = let
base_args = {
inherit home-manager nixos-generators;
inherit nixpkgs; # or nixpkgs-unstable
system = x64_system;
specialArgs = x64_specialArgs;
};
in {
# ai with i3 window manager
ai_i3 = nixosSystem (idol_ai_modules_i3 // base_args);
# ai with hyprland compositor
ai_hyprland = nixosSystem (idol_ai_modules_hyprland // base_args);
# three virtual machines without desktop environment.
aquamarine = nixosSystem (idol_aquamarine_modules // base_args);
ruby = nixosSystem (idol_ruby_modules // base_args);
kana = nixosSystem (idol_kana_modules // base_args);
};
# colmena - remote deployment via SSH
colmena = let
# x86_64 related
x64_base_args = {
inherit home-manager;
inherit nixpkgs; # or nixpkgs-unstable
specialArgs = x64_specialArgs;
};
# riscv64 related
# using the same nixpkgs as nixos-licheepi4a to utilize the cross-compilation cache.
lpi4a_pkgs = import nixos-licheepi4a.inputs.nixpkgs {system = x64_system;};
lpi4a_specialArgs =
{
inherit username userfullname useremail;
pkgsKernel = nixos-licheepi4a.packages.${x64_system}.pkgsKernelCross;
}
// inputs;
lpi4a_base_args = {
inherit home-manager;
inherit (nixos-licheepi4a.inputs) nixpkgs; # or nixpkgs-unstable
specialArgs = lpi4a_specialArgs;
targetUser = "root";
};
# aarch64 related
# using the same nixpkgs as nixos-rk3588 to utilize the cross-compilation cache.
rk3588_pkgs = import nixos-rk3588.inputs.nixpkgs {system = x64_system;};
rk3588_specialArgs =
{
inherit username userfullname useremail;
}
// nixos-rk3588.inputs;
rk3588_base_args = {
inherit home-manager;
inherit (nixos-rk3588.inputs) nixpkgs; # or nixpkgs-unstable
specialArgs = rk3588_specialArgs;
targetUser = "root";
};
in {
meta = {
nixpkgs = import nixpkgs {system = x64_system;};
specialArgs = x64_specialArgs;
nodeSpecialArgs = {
# riscv64 SBCs
nozomi = lpi4a_specialArgs;
yukina = lpi4a_specialArgs;
# aarch64 SBCs
suzu = rk3588_specialArgs;
};
nodeNixpkgs = {
nozomi = lpi4a_pkgs;
yukina = lpi4a_pkgs;
# aarch64 SBCs
suzu = rk3588_pkgs;
};
};
# proxmox virtual machines(x86_64)
aquamarine = colmenaSystem (idol_aquamarine_modules // x64_base_args // {host_tags = idol_aquamarine_tags;});
ruby = colmenaSystem (idol_ruby_modules // x64_base_args // {host_tags = idol_ruby_tags;});
kana = colmenaSystem (idol_kana_modules // x64_base_args // {host_tags = idol_kana_tags;});
# riscv64 SBCs
nozomi = colmenaSystem (rolling_nozomi_modules // lpi4a_base_args // {host_tags = rolling_nozomi_tags;});
yukina = colmenaSystem (rolling_yukina_modules // lpi4a_base_args // {host_tags = rolling_yukina_tags;});
# aarch64 SBCs
suzu = colmenaSystem (_12kingdoms_suzu_modules // rk3588_base_args // {host_tags = _12kingdoms_suzu_tags;});
};
# take system images for idols
# https://github.com/nix-community/nixos-generators
packages."${x64_system}" =
# genAttrs returns an attribute set with the given keys and values(host => image).
nixpkgs.lib.genAttrs [
"ai_i3"
"ai_hyprland"
]
(
# generate iso image for hosts with desktop environment
host:
self.nixosConfigurations.${host}.config.formats.iso
)
// nixpkgs.lib.genAttrs [
"aquamarine"
"ruby"
"kana"
]
(
# generate proxmox image for virtual machines without desktop environment
host:
self.nixosConfigurations.${host}.config.formats.proxmox
allSystemConfigurations = import ./systems {inherit self inputs constants;};
in
allSystemConfigurations
// {
# format the nix code in this flake
# alejandra is a nix formatter with a beautiful output
formatter = forEachSystem (
system: nixpkgs.legacyPackages.${system}.alejandra
);
# macOS's configuration, for work.
darwinConfigurations = let
system = x64_darwin;
specialArgs =
{
inherit username userfullname useremail;
# use unstable branch for some packages to get the latest updates
pkgs-unstable = import nixpkgs-unstable {
inherit system; # refer the `system` parameter form outer scope recursively
# To use chrome, we need to allow the installation of non-free software
config.allowUnfree = true;
# pre-commit hooks for nix code
checks = forEachSystem (
system: {
pre-commit-check = pre-commit-hooks.lib.${system}.run {
src = ./.;
hooks = {
alejandra.enable = true; # formatter
# deadnix.enable = true; # detect unused variable bindings in `*.nix`
statix.enable = true; # lints and suggestions for Nix code(auto suggestions)
prettier = {
enable = true;
excludes = [".js" ".md" ".ts"];
};
};
};
}
// inputs;
base_args = {
inherit nix-darwin home-manager system specialArgs;
nixpkgs = nixpkgs-darwin;
};
in {
harmonica = macosSystem (base_args
// {
darwin-modules = [
./hosts/harmonica
];
home-module = import ./home/darwin;
});
);
devShells = forEachSystem (
system: {
default = nixpkgs.legacyPackages.${system}.mkShell {
name = "dots";
shellHook = ''
${self.checks.${system}.pre-commit-check.shellHook}
'';
};
}
);
};
# format the nix code in this flake
# alejandra is a nix formatter with a beautiful output
formatter = nixpkgs.lib.genAttrs allSystems (
system:
nixpkgs.legacyPackages.${system}.alejandra
);
# pre-commit hooks for nix code
checks = nixpkgs.lib.genAttrs allSystems (
system: {
pre-commit-check = pre-commit-hooks.lib.${system}.run {
src = ./.;
hooks = {
alejandra.enable = true; # formatter
# deadnix.enable = true; # detect unused variable bindings in `*.nix`
statix.enable = true; # lints and suggestions for Nix code(auto suggestions)
};
};
}
);
devShells = nixpkgs.lib.genAttrs allSystems (
system: {
default = nixpkgs.legacyPackages.${system}.mkShell {
inherit (self.checks.${system}.pre-commit-check) shellHook;
};
}
);
# the nixConfig here only affects the flake itself, not the system configuration!
# for more information, see:
# https://nixos-and-flakes.thiscute.world/nixos-with-flakes/add-custom-cache-servers
nixConfig = {
# substituers will be appended to the default substituters when fetching packages
extra-substituters = [
"https://nix-community.cachix.org"
# my own cache server
"https://ryan4yin.cachix.org"
"https://anyrun.cachix.org"
"https://hyprland.cachix.org"
# "https://nixpkgs-wayland.cachix.org"
];
extra-trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"ryan4yin.cachix.org-1:Gbk27ZU5AYpGS9i3ssoLlwdvMIh0NxG0w8it/cv9kbU="
"anyrun.cachix.org-1:pqBobmOjI7nKlsUMV25u9QHa9btJK65/C8vnO3p346s="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
# "nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
];
};
# This is the standard format for flake.nix. `inputs` are the dependencies of the flake,
@@ -444,26 +233,4 @@
flake = false;
};
};
# the nixConfig here only affects the flake itself, not the system configuration!
# for more information, see:
# https://nixos-and-flakes.thiscute.world/nixos-with-flakes/add-custom-cache-servers
nixConfig = {
# substituers will be appended to the default substituters when fetching packages
extra-substituters = [
"https://nix-community.cachix.org"
# my own cache server
"https://ryan4yin.cachix.org"
"https://anyrun.cachix.org"
"https://hyprland.cachix.org"
# "https://nixpkgs-wayland.cachix.org"
];
extra-trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"ryan4yin.cachix.org-1:Gbk27ZU5AYpGS9i3ssoLlwdvMIh0NxG0w8it/cv9kbU="
"anyrun.cachix.org-1:pqBobmOjI7nKlsUMV25u9QHa9btJK65/C8vnO3p346s="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
# "nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
];
};
}

2
home/base/server/core.nix
View File

@@ -61,7 +61,7 @@
# useful in bash/zsh prompt, not in nushell.
eza = {
enable = true;
enableAliases = false; # do not enable aliases in nushell!
enableAliases = false; # do not enable aliases in nushell!
git = true;
icons = true;
};

7
hosts/12kingdoms/suzu/default.nix
View File

@@ -11,16 +11,9 @@
#############################################################
{
imports = [
{
nixpkgs.crossSystem = {
config = "aarch64-unknown-linux-gnu";
};
}
# import the rk3588 module, which contains the configuration for bootloader/kernel/firmware
(nixos-rk3588 + "/modules/boards/orangepi5.nix")
../../../modules/nixos/server-riscv64.nix
];
users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;

8
hosts/harmonica/default.nix
View File

@@ -7,14 +7,6 @@
let
hostname = "harmonica";
in {
imports = [
../../modules/darwin
../../secrets/darwin.nix
];
nixpkgs.overlays = import ../../overlays args;
networking.hostName = hostname;
networking.computerName = hostname;
system.defaults.smb.NetBIOSName = hostname;

1
hosts/idols/ai/cifs-mount.nix
View File

@@ -1,6 +1,5 @@
{
config,
pkgs,
username,
...
}: {

5
hosts/idols/ai/default.nix
View File

@@ -1,4 +1,3 @@
{lanzaboote, ...} @ args:
#############################################################
#
# Ai - my main computer, with NixOS + I5-13600KF + RTX 4090 GPU, for gaming & daily use.
@@ -12,12 +11,8 @@
./impermanence.nix
./secureboot.nix
../../../secrets/nixos.nix
];
nixpkgs.overlays = import ../../../overlays args;
networking = {
hostName = "ai";
wireless.enable = false; # Enables wireless support via wpa_supplicant.

9
hosts/idols/aquamarine/default.nix
View File

@@ -1,18 +1,9 @@
args:
#############################################################
#
# Aquamarine - A NixOS VM running on Proxmox
#
#############################################################
{
imports = [
../../../modules/nixos/proxmox-hardware-configuration.nix
../../../modules/nixos/server.nix
];
nixpkgs.overlays = import ../../../overlays args;
# Enable binfmt emulation of aarch64-linux, this is required for cross compilation.
boot.binfmt.emulatedSystems = ["aarch64-linux" "riscv64-linux"];
# supported fil systems, so we can mount any removable disks with these filesystems

9
hosts/idols/kana/default.nix
View File

@@ -1,18 +1,9 @@
args:
#############################################################
#
# Kana - a NixOS VM running on Proxmox
#
#############################################################
{
imports = [
../../../modules/nixos/proxmox-hardware-configuration.nix
../../../modules/nixos/server.nix
];
nixpkgs.overlays = import ../../../overlays args;
# Enable binfmt emulation of aarch64-linux, this is required for cross compilation.
boot.binfmt.emulatedSystems = ["aarch64-linux" "riscv64-linux"];
# supported fil systems, so we can mount any removable disks with these filesystems

9
hosts/idols/ruby/default.nix
View File

@@ -1,18 +1,9 @@
args:
#############################################################
#
# Ruby - a NixOS VM running on Proxmox
#
#############################################################
{
imports = [
../../../modules/nixos/proxmox-hardware-configuration.nix
../../../modules/nixos/server.nix
];
nixpkgs.overlays = import ../../../overlays args;
# Enable binfmt emulation of aarch64-linux, this is required for cross compilation.
boot.binfmt.emulatedSystems = ["aarch64-linux" "riscv64-linux"];
# supported fil systems, so we can mount any removable disks with these filesystems

18
hosts/rolling_girls/chiaya/default.nix
View File

@@ -1,9 +1,7 @@
{
config,
username,
# nixos-jh7110,
...
} @ args:
}:
#############################################################
#
# Chiaya - NixOS Configuration for Milk-V Mars
@@ -13,20 +11,8 @@
#############################################################
{
imports = [
{
# cross-compilation this flake.
nixpkgs.crossSystem = {
system = "riscv64-linux";
};
}
# TODO
../../../modules/nixos/server-riscv64.nix
];
users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
# Set static IP address / gateway / DNS servers.
networking = {
hostName = "chiaya"; # Define your hostname.
@@ -64,5 +50,5 @@
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.11"; # Did you read the comment?
system.stateVersion = "23.05"; # Did you read the comment?
}

20
hosts/rolling_girls/nozomi/default.nix
View File

@@ -1,9 +1,4 @@
{
config,
username,
nixos-licheepi4a,
...
} @ args:
{nixos-licheepi4a, ...}:
#############################################################
#
# Nozomi - NixOS configuration for Lichee Pi 4A
@@ -11,23 +6,12 @@
#############################################################
{
imports = [
{
# cross-compilation this flake.
nixpkgs.crossSystem = {
system = "riscv64-linux";
};
}
# import the licheepi4a module, which contains the configuration for bootloader/kernel/firmware
(nixos-licheepi4a + "/modules/licheepi4a.nix")
# import the sd-image module, which contains the fileSystems & kernel parameters for booting from sd card.
(nixos-licheepi4a + "/modules/sd-image/sd-image-lp4a.nix")
../../../modules/nixos/server-riscv64.nix
];
users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
# Set static IP address / gateway / DNS servers.
networking = {
hostName = "nozomi"; # Define your hostname.
@@ -97,5 +81,5 @@
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.11"; # Did you read the comment?
system.stateVersion = "23.05"; # Did you read the comment?
}

20
hosts/rolling_girls/yukina/default.nix
View File

@@ -1,9 +1,4 @@
{
config,
username,
nixos-licheepi4a,
...
} @ args:
{nixos-licheepi4a, ...}:
#############################################################
#
# Yukina - NixOS configuration for Lichee Pi 4A
@@ -11,23 +6,12 @@
#############################################################
{
imports = [
{
# cross-compilation this flake.
nixpkgs.crossSystem = {
system = "riscv64-linux";
};
}
# import the licheepi4a module, which contains the configuration for bootloader/kernel/firmware
(nixos-licheepi4a + "/modules/licheepi4a.nix")
# import the sd-image module, which contains the fileSystems & kernel parameters for booting from sd card.
(nixos-licheepi4a + "/modules/sd-image/sd-image-lp4a.nix")
../../../modules/nixos/server-riscv64.nix
];
users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
# Set static IP address / gateway / DNS servers.
networking = {
hostName = "yukina"; # Define your hostname.
@@ -97,5 +81,5 @@
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.11"; # Did you read the comment?
system.stateVersion = "23.05"; # Did you read the comment?
}

7
lib/colmenaSystem.nix
View File

@@ -10,10 +10,7 @@
}: let
inherit (specialArgs) username;
in
{
name,
...
}: {
{name, ...}: {
deployment = {
inherit targetUser;
targetHost = name; # hostName or IP address
@@ -27,6 +24,8 @@ in
# make `nix run nixpkgs#nixpkgs` use the same nixpkgs as the one used by this flake.
nix.registry.nixpkgs.flake = nixpkgs;
nix.channel.enable = false; # disable nix-channel, we use flakes instead.
nixpkgs.overlays = import ../overlays specialArgs;
}
]
++ (

2
lib/macosSystem.nix
View File

@@ -23,6 +23,8 @@ in
# make `nix repl '<nixpkgs>'` use the same nixpkgs as the one used by this flake.
# discard all the default paths, and only use the one from this flake.
nix.nixPath = lib.mkForce ["/etc/nix/inputs"];
nixpkgs.overlays = import ../overlays specialArgs;
})
home-manager.darwinModules.home-manager

2
lib/nixosSystem.nix
View File

@@ -18,6 +18,8 @@ in
# make `nix run nixpkgs#nixpkgs` use the same nixpkgs as the one used by this flake.
nix.registry.nixpkgs.flake = nixpkgs;
nix.channel.enable = false; # disable nix-channel, we use flakes instead.
nixpkgs.overlays = import ../overlays specialArgs;
}
nixos-generators.nixosModules.all-formats

5
modules/darwin/nix-core.nix
View File

@@ -1,7 +1,4 @@
{
pkgs,
...
}: {
{pkgs, ...}: {
###################################################################################
#
# Core configuration for nix-darwin

3
modules/nixos/base/misc.nix
View File

@@ -2,7 +2,8 @@
lib,
pkgs,
...
}: {
}:
{
###################################################################################
#
# NixOS's core configuration suitable for all my machines

2
modules/nixos/base/networking.nix
View File

@@ -14,4 +14,6 @@
};
openFirewall = true;
};
}

10
modules/nixos/base/user-group.nix
View File

@@ -1,4 +1,4 @@
{username, ...}: {
{username, config, ...}: {
# Don't allow mutation of users outside the config.
users.mutableUsers = false;
@@ -37,10 +37,10 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII7PTkP3ixXTZlrJNSHnXgkmHNT+QslFi9wNYXOpVwGB ryan@harmonica"
];
};
users.users.root.initialHashedPassword = "$7$CU..../....X6uvZYnFD.i1CqqFFNl4./$4vgqzIPyw5XBr0aCDFbY/UIRRJr7h5SMGoQ/ZvX3FP2";
# fix for `sudo xxx` in kitty/wezterm and other modern terminal emulators
security.sudo.keepTerminfo = true;
users.users.root = {
initialHashedPassword = "$7$CU..../....X6uvZYnFD.i1CqqFFNl4./$4vgqzIPyw5XBr0aCDFbY/UIRRJr7h5SMGoQ/ZvX3FP2";
openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
};
# DO NOT promote the specified user to input password for `nix-store` and `nix-copy-closure`
security.sudo.extraRules = [

3
modules/nixos/desktop/misc.nix
View File

@@ -12,6 +12,9 @@
# set user's default shell system-wide
users.defaultUserShell = pkgs.nushell;
# fix for `sudo xxx` in kitty/wezterm and other modern terminal emulators
security.sudo.keepTerminfo = true;
environment.variables = {
# fix https://github.com/NixOS/nixpkgs/issues/238025
TZ = "${config.time.timeZone}";

22
modules/nixos/server-riscv64.nix
View File

@@ -3,20 +3,13 @@
# Base NixOS Configuration
# =========================================================================
# Set your time zone.
time.timeZone = "Asia/Shanghai";
imports = [
./base/i18n.nix
./base/misc.nix
./base/user-group.nix
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
nix.settings = {
# Manual optimise storage: nix-store --optimise
# https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-auto-optimise-store
auto-optimise-store = true;
builders-use-substitutes = true;
# enable flakes globally
experimental-features = ["nix-command" "flakes"];
};
../base.nix
];
# List packages installed in system profile. To search, run:
# $ nix search wget
@@ -51,9 +44,6 @@
docker-compose
];
# replace default editor with neovim
environment.variables.EDITOR = "nvim";
virtualisation.docker = {
enable = true;
# start dockerd on boot.

4
secrets/nixos.nix
View File

@@ -58,11 +58,11 @@
# So we need to make then readable by the user
"agenix/alias-for-work.nushell" = {
source = config.age.secrets."alias-for-work.nushell".path;
mode = "0644"; # both the original file and the symlink should be readable and executable by the user
mode = "0644"; # both the original file and the symlink should be readable and executable by the user
};
"agenix/alias-for-work.bash" = {
source = config.age.secrets."alias-for-work.bash".path;
mode = "0644"; # both the original file and the symlink should be readable and executable by the user
mode = "0644"; # both the original file and the symlink should be readable and executable by the user
};
};
}

102
systems/colmena.nix Normal file
View File

@@ -0,0 +1,102 @@
args:
with args; let
lib = nixpkgs.lib;
colmenaSystem = import ../lib/colmenaSystem.nix;
# x86_64 related
x64_base_args = {
inherit home-manager;
inherit nixpkgs; # or nixpkgs-unstable
specialArgs = x64_system_specialArgs;
};
# riscv64 related
# using the same nixpkgs as nixos-licheepi4a to utilize the cross-compilation cache.
lpi4a_pkgs = import nixos-licheepi4a.inputs.nixpkgs {system = x64_system;};
lpi4a_specialArgs =
{
inherit username userfullname useremail;
pkgsKernel = nixos-licheepi4a.packages.${x64_system}.pkgsKernelCross;
}
// args;
lpi4a_base_args = {
inherit home-manager;
inherit (nixos-licheepi4a.inputs) nixpkgs; # or nixpkgs-unstable
specialArgs = lpi4a_specialArgs;
targetUser = "root";
};
# aarch64 related
# using the same nixpkgs as nixos-rk3588 to utilize the cross-compilation cache.
rk3588_pkgs = import nixos-rk3588.inputs.nixpkgs {system = x64_system;};
rk3588_specialArgs =
{
inherit username userfullname useremail;
}
// nixos-rk3588.inputs;
rk3588_base_args = {
inherit home-manager;
inherit (nixos-rk3588.inputs) nixpkgs; # or nixpkgs-unstable
specialArgs = rk3588_specialArgs;
targetUser = "root";
};
in {
# colmena - remote deployment via SSH
colmena = {
meta = {
nixpkgs = import nixpkgs {system = x64_system;};
specialArgs = x64_system_specialArgs;
nodeSpecialArgs = {
# riscv64 SBCs
nozomi = lpi4a_specialArgs;
yukina = lpi4a_specialArgs;
# aarch64 SBCs
suzu = rk3588_specialArgs;
};
nodeNixpkgs = {
nozomi = lpi4a_pkgs;
yukina = lpi4a_pkgs;
# aarch64 SBCs
suzu = rk3588_pkgs;
};
};
# proxmox virtual machines(x86_64)
aquamarine = colmenaSystem (lib.attrsets.mergeAttrsList [
x64_base_args
idol_aquamarine_modules
{host_tags = idol_aquamarine_tags;}
]);
ruby = colmenaSystem (lib.attrsets.mergeAttrsList [
x64_base_args
idol_ruby_modules
{host_tags = idol_ruby_tags;}
]);
kana = colmenaSystem (lib.attrsets.mergeAttrsList [
x64_base_args
idol_kana_modules
{host_tags = idol_kana_tags;}
]);
# riscv64 SBCs
nozomi = colmenaSystem (lib.attrsets.mergeAttrsList [
lpi4a_base_args
rolling_nozomi_modules
{host_tags = rolling_nozomi_tags;}
]);
yukina = colmenaSystem (lib.attrsets.mergeAttrsList [
lpi4a_base_args
rolling_yukina_modules
{host_tags = rolling_yukina_tags;}
]);
# aarch64 SBCs
suzu = colmenaSystem (lib.attrsets.mergeAttrsList [
rk3588_base_args
_12kingdoms_suzu_modules
{host_tags = _12kingdoms_suzu_tags;}
]);
};
}

17
systems/darwin.nix Normal file
View File

@@ -0,0 +1,17 @@
args:
with args; let
macosSystem = import ../lib/macosSystem.nix;
system = x64_darwin;
base_args = {
inherit nix-darwin home-manager system;
specialArgs = x64_darwin_specialArgs;
nixpkgs = nixpkgs-darwin;
};
in {
# macOS's configuration, for work.
darwinConfigurations = {
harmonica =
macosSystem (base_args
// darwin_harmonica_modules);
};
}

42
systems/default.nix Normal file
View File

@@ -0,0 +1,42 @@
{
self,
inputs,
constants,
}: let
lib = inputs.nixpkgs.lib;
vars = import ./vars.nix;
specialArgsForSystem = system:
{
inherit (constants) username userfullname useremail;
# use unstable branch for some packages to get the latest updates
pkgs-unstable = import inputs.nixpkgs-unstable {
inherit system; # refer the `system` parameter form outer scope recursively
# To use chrome, we need to allow the installation of non-free software
config.allowUnfree = true;
};
}
// inputs;
allSystemSpecialArgs = with constants; {
x64_system_specialArgs = specialArgsForSystem x64_system;
aarch64_system_specialArgs = specialArgsForSystem aarch64_system;
riscv64_system_specialArgs = specialArgsForSystem riscv64_system;
x64_darwin_specialArgs = specialArgsForSystem x64_darwin;
aarch64_darwin_specialArgs = specialArgsForSystem aarch64_darwin;
};
args = lib.attrsets.mergeAttrsList [
inputs
constants
vars
allSystemSpecialArgs
{inherit self;}
];
in
lib.attrsets.mergeAttrsList [
(import ./nixos.nix args)
(import ./darwin.nix args)
(import ./colmena.nix args)
]

47
systems/nixos.nix Normal file
View File

@@ -0,0 +1,47 @@
args:
with args; let
nixosSystem = import ../lib/nixosSystem.nix;
base_args = {
inherit home-manager nixos-generators;
inherit nixpkgs; # or nixpkgs-unstable
system = x64_system;
specialArgs = x64_system_specialArgs;
};
in {
nixosConfigurations = {
# ai with i3 window manager
ai_i3 = nixosSystem (idol_ai_modules_i3 // base_args);
# ai with hyprland compositor
ai_hyprland = nixosSystem (idol_ai_modules_hyprland // base_args);
# three virtual machines without desktop environment.
aquamarine = nixosSystem (idol_aquamarine_modules // base_args);
ruby = nixosSystem (idol_ruby_modules // base_args);
kana = nixosSystem (idol_kana_modules // base_args);
};
# take system images for idols
# https://github.com/nix-community/nixos-generators
packages."${x64_system}" =
# genAttrs returns an attribute set with the given keys and values(host => image).
nixpkgs.lib.genAttrs [
"ai_i3"
"ai_hyprland"
]
(
# generate iso image for hosts with desktop environment
host:
self.nixosConfigurations.${host}.config.formats.iso
)
// nixpkgs.lib.genAttrs [
"aquamarine"
"ruby"
"kana"
]
(
# generate proxmox image for virtual machines without desktop environment
host:
self.nixosConfigurations.${host}.config.formats.proxmox
);
}

102
systems/vars.nix Normal file
View File

@@ -0,0 +1,102 @@
{
# 星野 アイ, Hoshino Ai
idol_ai_modules_i3 = {
nixos-modules = [
../hosts/idols/ai
../secrets/nixos.nix
../modules/nixos/i3.nix
];
home-module = import ../home/linux/desktop-i3.nix;
};
idol_ai_modules_hyprland = {
nixos-modules = [
../hosts/idols/ai
../secrets/nixos.nix
../modules/nixos/hyprland.nix
];
home-module = import ../home/linux/desktop-hyprland.nix;
};
# 星野 愛久愛海, Hoshino Akuamarin
idol_aquamarine_modules = {
nixos-modules = [
../hosts/idols/aquamarine
../modules/nixos/server.nix
../modules/nixos/proxmox-hardware-configuration.nix
];
home-module = import ../home/linux/server.nix;
};
idol_aquamarine_tags = ["dist-build" "aqua"];
# 星野 瑠美衣, Hoshino Rubii
idol_ruby_modules = {
nixos-modules = [
../hosts/idols/ruby
../modules/nixos/server.nix
../modules/nixos/proxmox-hardware-configuration.nix
];
home-module = import ../home/linux/server.nix;
};
idol_ruby_tags = ["dist-build" "ruby"];
# 有馬 かな, Arima Kana
idol_kana_modules = {
nixos-modules = [
../hosts/idols/kana
../modules/nixos/server.nix
../modules/nixos/proxmox-hardware-configuration.nix
];
home-module = import ../home/linux/server.nix;
};
idol_kana_tags = ["dist-build" "kana"];
# 森友 望未, Moritomo Nozomi
rolling_nozomi_modules = {
nixos-modules = [
../hosts/rolling_girls/nozomi
../modules/nixos/server-riscv64.nix
# cross-compilation this flake.
{nixpkgs.crossSystem.system = "riscv64-linux";}
];
# home-module = import ../home/linux/server-riscv64.nix;
};
rolling_nozomi_tags = ["riscv" "nozomi"];
# 小坂 結季奈, Kosaka Yukina
rolling_yukina_modules = {
nixos-modules = [
../hosts/rolling_girls/yukina
../modules/nixos/server-riscv64.nix
# cross-compilation this flake.
{nixpkgs.crossSystem.system = "riscv64-linux";}
];
# home-module = import ../home/linux/server-riscv64.nix;
};
rolling_yukina_tags = ["riscv" "yukina"];
# 大木 鈴, Ōki Suzu
_12kingdoms_suzu_modules = {
nixos-modules = [
../hosts/12kingdoms/suzu
../modules/nixos/server-riscv64.nix
# cross-compilation this flake.
{nixpkgs.crossSystem.config = "aarch64-unknown-linux-gnu";}
];
# home-module = import ../home/linux/server.nix;
};
_12kingdoms_suzu_tags = ["aarch" "suzu"];
# darwin systems
darwin_harmonica_modules = {
darwin-modules = [
../hosts/harmonica
../modules/darwin
../secrets/darwin.nix
];
home-module = import ../home/darwin;
};
}