Merge pull request #96 from ryan4yin/darwin-eval-tests

feat(tests): add eval tests for darwin systems

.github/workflows/flake_check.yml

@@ -1,24 +0,0 @@
-name: Nix Flake Check
-
-on: [push, pull_request, workflow_dispatch]
-
-jobs:
-  checks:
-    name: Check expressions
-    runs-on: ubuntu-latest
-
-    steps:
-      # - name: Checkout repository
-      #   uses: actions/checkout@v4
-      # - name: Install nix
-      #   uses: cachix/install-nix-action@v24
-      #   with:
-      #     install_url: https://nixos.org/nix/install
-      #     extra_nix_config: |
-      #       access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-      #       experimental-features = nix-command flakes
-
-      - name: Run Nix Flake Check
-        run: |
-          echo 'TODO: nix flake check'
-          # nix flake check

.github/workflows/flake_evaltests.yml

@@ -0,0 +1,40 @@
+name: Nix Flake Eval Tests
+
+on:
+  push:
+    branches:
+      - main
+    paths-ignore:
+      - "scripts/**"
+      - "**.md"
+      - "**.nu"
+      - 'Justfile'
+  pull_request:
+    branches:
+      - main
+    paths-ignore:
+      - "scripts/**"
+      - "**.md"
+      - "**.nu"
+      - 'Justfile'
+
+jobs:
+  checks:
+    name: Check expressions
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      - name: Install nix
+        uses: cachix/install-nix-action@v24
+        with:
+          install_url: https://nixos.org/nix/install
+          extra_nix_config: |
+            access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
+            experimental-features = nix-command flakes
+
+      - name: Run Nix Flake Eval Tests
+        run: |
+          echo 'Flake Eval Tests'
+          nix eval .#evalTests --show-trace --print-build-logs --verbose

.github/workflows/mirror_to_gitee.yml

@@ -1,7 +1,11 @@
 name: Mirror this repo to Gitee
 on:
-  workflow_dispatch: {}
-  push: {}
+  push:
+    branches:
+      - main
+    tags:
+      - '*'
+
 jobs:
   mirror:
     runs-on: ubuntu-latest
@@ -26,4 +30,3 @@ jobs:
           export GIT_SSH_COMMAND="ssh -v -i ~/.ssh/id_rsa -o StrictHostKeyChecking=no"
           git remote add mirror "$INPUT_TARGET_REPO_URL"
           git push --tags --force --prune mirror "refs/remotes/origin/*:refs/heads/*"
-

Justfile

@@ -11,21 +11,21 @@ set shell := ["nu", "-c"]
 
 i3 mode="default":
   use utils.nu *; \
-  nixos-switch ai_i3 {{mode}}
+  nixos-switch ai-i3 {{mode}}
 
 hypr mode="default":
   use utils.nu *; \
-  nixos-switch ai_hyprland {{mode}}
+  nixos-switch ai-hyprland {{mode}}
 
 
 s-i3 mode="default":
   use utils.nu *; \
-  nixos-switch shoukei_i3 {{mode}}
+  nixos-switch shoukei-i3 {{mode}}
 
 
 s-hypr mode="default":
   use utils.nu *; \
-  nixos-switch shoukei_hyprland {{mode}}
+  nixos-switch shoukei-hyprland {{mode}}
 
 
 up:
@@ -119,10 +119,14 @@ aqua:
 ruby:
   colmena apply --on '@ruby' --verbose --show-trace
 
+ruby-local mode="default":
+  use utils.nu *; \
+  nixos-switch ruby {{mode}}
+
 kana:
   colmena apply --on '@kana' --verbose --show-trace
 
-tsgw:
+tailscale:
   colmena apply --on '@tailscale-gw' --verbose --show-trace
 
 # pve-aqua:
@@ -138,8 +142,8 @@ tsgw:
 #   rsync -avz --progress --copy-links result root@gtr5:/var/lib/vz/dump/vzdump-qemu-kana.vma.zst
 #
 # pve-tsgw:
-#   nom build .#tailscale_gw
-#   rsync -avz --progress --copy-links result root@um560:/var/lib/vz/dump/vzdump-qemu-tailscale_gw.vma.zst
+#   nom build .#tailscale-gw
+#   rsync -avz --progress --copy-links result root@um560:/var/lib/vz/dump/vzdump-qemu-tailscale-gw.vma.zst
 #
 
 ############################################################################
@@ -148,33 +152,33 @@ tsgw:
 #
 ############################################################################
 
-k8s:
-  colmena apply --on '@k8s-*' --verbose --show-trace
+k3s:
+  colmena apply --on '@k3s-*' --verbose --show-trace
 
 master:
-  colmena apply --on '@k8s-prod-master-*' --verbose --show-trace
+  colmena apply --on '@k3s-prod-1-master-*' --verbose --show-trace
 
 worker:
-  colmena apply --on '@k8s-prod-worker-*' --verbose --show-trace
+  colmena apply --on '@k3s-prod-1-worker-*' --verbose --show-trace
 
 # pve-k8s:
-#   nom build .#k3s_prod_1_master_1
-#   rsync -avz --progress --copy-links result root@um560:/var/lib/vz/dump/vzdump-qemu-k3s_prod_1_master_1.vma.zst
+#   nom build .#k3s-prod-1-master-1
+#   rsync -avz --progress --copy-links result root@um560:/var/lib/vz/dump/vzdump-qemu-k3s-prod-1-master-1.vma.zst
 #
-#   nom build .#k3s_prod_1_master_2
-#   rsync -avz --progress --copy-links result root@gtr5:/var/lib/vz/dump/vzdump-qemu-k3s_prod_1_master_2.vma.zst
+#   nom build .#k3s-prod-1-master-2
+#   rsync -avz --progress --copy-links result root@gtr5:/var/lib/vz/dump/vzdump-qemu-k3s-prod-1-master-2.vma.zst
 #
-#   nom build .#k3s_prod_1_master_3
-#   rsync -avz --progress --copy-links result root@s500plus:/var/lib/vz/dump/vzdump-qemu-k3s_prod_1_master_3.vma.zst
+#   nom build .#k3s-prod-1-master-3
+#   rsync -avz --progress --copy-links result root@s500plus:/var/lib/vz/dump/vzdump-qemu-k3s-prod-1-master-3.vma.zst
 #
-#   nom build .#k3s_prod_1_worker_1
-#   rsync -avz --progress --copy-links result root@gtr5:/var/lib/vz/dump/vzdump-qemu-k3s_prod_1_worker_1.vma.zst
+#   nom build .#k3s-prod-1-worker-1
+#   rsync -avz --progress --copy-links result root@gtr5:/var/lib/vz/dump/vzdump-qemu-k3s-prod-1-worker-1.vma.zst
 #
-#   nom build .#k3s_prod_1_worker_2
-#   rsync -avz --progress --copy-links result root@s500plus:/var/lib/vz/dump/vzdump-qemu-k3s_prod_1_worker_2.vma.zst
+#   nom build .#k3s-prod-1-worker-2
+#   rsync -avz --progress --copy-links result root@s500plus:/var/lib/vz/dump/vzdump-qemu-k3s-prod-1-worker-2.vma.zst
 #
-#   nom build .#k3s_prod_1_worker_3
-#   rsync -avz --progress --copy-links result root@s500plus:/var/lib/vz/dump/vzdump-qemu-k3s_prod_1_worker_3.vma.zst
+#   nom build .#k3s-prod-1-worker-3
+#   rsync -avz --progress --copy-links result root@s500plus:/var/lib/vz/dump/vzdump-qemu-k3s-prod-1-worker-3.vma.zst
 #
 
 ############################################################################

README.md

@@ -91,7 +91,7 @@ See [./secrets](./secrets) for details.
 ## How to Deploy this Flake?
 
 > :red_circle: **IMPORTANT**: **You should NOT deploy this flake directly on your machine :exclamation: It will not succeed.** 
-> This flake contains my hardware configuration(such as [hardware-configuration.nix](hosts/idols_ai/hardware-configuration.nix), [cifs-mount.nix](https://github.com/ryan4yin/nix-config/blob/v0.1.1/hosts/idols_ai/cifs-mount.nix), [Nvidia Support](https://github.com/ryan4yin/nix-config/blob/v0.1.1/hosts/idols_ai/default.nix#L77-L91), etc.) which is not suitable for your hardwares,
+> This flake contains my hardware configuration(such as [hardware-configuration.nix](hosts/idols-ai/hardware-configuration.nix), [cifs-mount.nix](https://github.com/ryan4yin/nix-config/blob/v0.1.1/hosts/idols_ai/cifs-mount.nix), [Nvidia Support](https://github.com/ryan4yin/nix-config/blob/v0.1.1/hosts/idols-ai/default.nix#L77-L91), etc.) which is not suitable for your hardwares,
 > and requires my private secrets repository [ryan4yin/nix-secrets](https://github.com/ryan4yin/nix-config/tree/main/secrets) to deploy.
 > You may use this repo as a reference to build your own configuration.
 
@@ -104,7 +104,7 @@ For NixOS:
 ```bash
 # deploy one of the configuration based on the hostname
 sudo nixos-rebuild switch --flake .#ai_i3
-# sudo nixos-rebuild switch --flake .#ai_hyprland
+# sudo nixos-rebuild switch --flake .#ai-hyprland
 
 # deploy via `just`(a command runner with similar syntax to make) & Justfile
 just i3    # deploy my pc with i3 window manager

constants.nix

@@ -1,17 +0,0 @@
-rec {
-  # user information
-  username = "ryan";
-  userfullname = "Ryan Yin";
-  useremail = "xiaoyin_c@qq.com";
-
-  allSystemAttrs = {
-    # linux systems
-    x64_system = "x86_64-linux";
-    riscv64_system = "riscv64-linux";
-    aarch64_system = "aarch64-linux";
-    #darwin systems
-    x64_darwin = "x86_64-darwin";
-    aarch64_darwin = "aarch64-darwin";
-  };
-  allSystems = builtins.attrValues allSystemAttrs;
-}

flake.lock

@@ -568,6 +568,27 @@
         "type": "github"
       }
     },
+    "haumea": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1685133229,
+        "narHash": "sha256-FePm/Gi9PBSNwiDFq3N+DWdfxFq0UKsVVTJS3cQPn94=",
+        "owner": "nix-community",
+        "repo": "haumea",
+        "rev": "34dd58385092a23018748b50f9b23de6266dffc2",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "ref": "v0.2.2",
+        "repo": "haumea",
+        "type": "github"
+      }
+    },
     "home-manager": {
       "inputs": {
         "nixpkgs": [
@@ -1357,6 +1378,7 @@
         "daeuniverse": "daeuniverse",
         "disko": "disko",
         "doomemacs": "doomemacs",
+        "haumea": "haumea",
         "home-manager": "home-manager_2",
         "hyprland": "hyprland",
         "impermanence": "impermanence",

flake.nix

@@ -8,68 +8,7 @@
   #
   ##################################################################################################################
 
-  # The `outputs` function will return all the build results of the flake.
-  # A flake can have many use cases and different types of outputs,
-  # parameters in `outputs` are defined in `inputs` and can be referenced by their names.
-  # However, `self` is an exception, this special parameter points to the `outputs` itself (self-reference)
-  # The `@` syntax here is used to alias the attribute set of the inputs's parameter, making it convenient to use inside the function.
-  outputs = inputs @ {
-    self,
-    nixpkgs,
-    pre-commit-hooks,
-    ...
-  }: let
-    constants = import ./constants.nix;
-
-    # `lib.genAttrs [ "foo" "bar" ] (name: "x_" + name)` => `{ foo = "x_foo"; bar = "x_bar"; }`
-    forEachSystem = func: (nixpkgs.lib.genAttrs constants.allSystems func);
-
-    allSystemConfigurations = import ./systems {inherit self inputs constants;};
-  in
-    allSystemConfigurations
-    // {
-      # format the nix code in this flake
-      # alejandra is a nix formatter with a beautiful output
-      formatter = forEachSystem (
-        system: nixpkgs.legacyPackages.${system}.alejandra
-      );
-
-      # pre-commit hooks for nix code
-      checks = forEachSystem (
-        system: {
-          pre-commit-check = pre-commit-hooks.lib.${system}.run {
-            src = ./.;
-            hooks = {
-              alejandra.enable = true; # formatter
-              # deadnix.enable = true; # detect unused variable bindings in `*.nix`
-              # statix.enable = true; # lints and suggestions for Nix code(auto suggestions)
-              # prettier = {
-              #   enable = true;
-              #   excludes = [".js" ".md" ".ts"];
-              # };
-            };
-          };
-        }
-      );
-      devShells = forEachSystem (
-        system: let
-          pkgs = nixpkgs.legacyPackages.${system};
-        in {
-          default = pkgs.mkShell {
-            packages = with pkgs; [
-              # fix https://discourse.nixos.org/t/non-interactive-bash-errors-from-flake-nix-mkshell/33310
-              bashInteractive
-              # fix `cc` replaced by clang, which causes nvim-treesitter compilation error
-              gcc
-            ];
-            name = "dots";
-            shellHook = ''
-              ${self.checks.${system}.pre-commit-check.shellHook}
-            '';
-          };
-        }
-      );
-    };
+  outputs = inputs: import ./outputs inputs;
 
   # the nixConfig here only affects the flake itself, not the system configuration!
   # for more information, see:
@@ -174,6 +113,11 @@
 
     attic.url = "github:zhaofengli/attic";
 
+    haumea = {
+      url = "github:nix-community/haumea/v0.2.2";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
     ########################  Some non-flake repositories  #########################################
 
     # AstroNvim is an aesthetic and feature-rich neovim config.

home/base/core/core.nix

@@ -4,59 +4,58 @@
   nur-ryan4yin,
   ...
 }: {
-  home.packages = with pkgs;
-    [
-      # Misc
-      tldr
-      cowsay
-      gnupg
-      gnumake
+  home.packages = with pkgs; [
+    # Misc
+    tldr
+    cowsay
+    gnupg
+    gnumake
 
-      # Morden cli tools, replacement of grep/sed/...
+    # Morden cli tools, replacement of grep/sed/...
 
-      # Interactively filter its input using fuzzy searching, not limit to filenames.
-      fzf
-      # search for files by name, faster than find
-      fd
-      # search for files by its content, replacement of grep
-      (ripgrep.override {withPCRE2 = true;})
+    # Interactively filter its input using fuzzy searching, not limit to filenames.
+    fzf
+    # search for files by name, faster than find
+    fd
+    # search for files by its content, replacement of grep
+    (ripgrep.override {withPCRE2 = true;})
 
-      # A fast and polyglot tool for code searching, linting, rewriting at large scale
-      # supported languages: only some mainstream languages currently(do not support nix/nginx/yaml/toml/...)
-      ast-grep
+    # A fast and polyglot tool for code searching, linting, rewriting at large scale
+    # supported languages: only some mainstream languages currently(do not support nix/nginx/yaml/toml/...)
+    ast-grep
 
-      sad # CLI search and replace, just like sed, but with diff preview.
-      yq-go # yaml processer https://github.com/mikefarah/yq
-      just # a command runner like make, but simpler
-      delta # A viewer for git and diff output
-      lazygit # Git terminal UI.
-      hyperfine # command-line benchmarking tool
-      gping # ping, but with a graph(TUI)
-      doggo # DNS client for humans
-      duf # Disk Usage/Free Utility - a better 'df' alternative
-      du-dust # A more intuitive version of `du` in rust
-      ncdu # analyzer your disk usage Interactively, via TUI(replacement of `du`)
-      gdu # disk usage analyzer(replacement of `du`)
+    sad # CLI search and replace, just like sed, but with diff preview.
+    yq-go # yaml processer https://github.com/mikefarah/yq
+    just # a command runner like make, but simpler
+    delta # A viewer for git and diff output
+    lazygit # Git terminal UI.
+    hyperfine # command-line benchmarking tool
+    gping # ping, but with a graph(TUI)
+    doggo # DNS client for humans
+    duf # Disk Usage/Free Utility - a better 'df' alternative
+    du-dust # A more intuitive version of `du` in rust
+    gdu # disk usage analyzer(replacement of `du`)
 
-      # nix related
-      #
-      # it provides the command `nom` works just like `nix
-      # with more details log output
-      nix-output-monitor
-      hydra-check # check hydra(nix's build farm) for the build status of a package
-      nix-index # A small utility to index nix store paths
-      nix-init # generate nix derivation from url
-      # https://github.com/nix-community/nix-melt
-      nix-melt # A TUI flake.lock viewer
-      # https://github.com/utdemir/nix-tree
-      nix-tree # A TUI to visualize the dependency graph of a nix derivation
+    # nix related
+    #
+    # it provides the command `nom` works just like `nix
+    # with more details log output
+    nix-output-monitor
+    hydra-check # check hydra(nix's build farm) for the build status of a package
+    nix-index # A small utility to index nix store paths
+    nix-init # generate nix derivation from url
+    # https://github.com/nix-community/nix-melt
+    nix-melt # A TUI flake.lock viewer
+    # https://github.com/utdemir/nix-tree
+    nix-tree # A TUI to visualize the dependency graph of a nix derivation
 
-      # productivity
-      caddy # A webserver with automatic HTTPS via Let's Encrypt(replacement of nginx)
-      croc # File transfer between computers securely and easily
-    ]
+    # productivity
+    caddy # A webserver with automatic HTTPS via Let's Encrypt(replacement of nginx)
+    croc # File transfer between computers securely and easily
     # self-hosted nix cache server
-    ++ lib.optionals pkgs.stdenv.isLinux [attic.packages.${pkgs.system}.attic-client];
+    attic.packages.${pkgs.system}.attic-client
+    ncdu # analyzer your disk usage Interactively, via TUI(replacement of `du`)
+  ];
 
   programs = {
     # A modern replacement for ‘ls’

home/base/core/git.nix

@@ -2,8 +2,7 @@
   config,
   lib,
   pkgs,
-  userfullname,
-  useremail,
+  myvars,
   ...
 }: {
   # `programs.git` will generate the config file: ~/.config/git/config
@@ -21,8 +20,8 @@
     enable = true;
     lfs.enable = true;
 
-    userName = userfullname;
-    userEmail = useremail;
+    userName = myvars.userfullname;
+    userEmail = myvars.useremail;
 
     includes = [
       {

home/base/desktop/cloud/default.nix

@@ -1,39 +0,0 @@
-{
-  lib,
-  pkgs,
-  ...
-}: {
-  home.packages = with pkgs;
-    [
-      # general tools
-      packer # machine image builder
-
-      # infrastructure as code
-      pulumi
-      pulumictl
-      tf2pulumi
-      crd2pulumi
-      pulumiPackages.pulumi-random
-      pulumiPackages.pulumi-command
-      pulumiPackages.pulumi-aws-native
-      pulumiPackages.pulumi-language-go
-      pulumiPackages.pulumi-language-python
-      pulumiPackages.pulumi-language-nodejs
-
-      # aws
-      awscli2
-      ssm-session-manager-plugin # Amazon SSM Session Manager Plugin
-      aws-iam-authenticator
-      eksctl
-
-      # aliyun
-      aliyun-cli
-    ]
-    ++ (
-      lib.optionals pkgs.stdenv.isLinux [
-        # cloud tools that nix do not have cache for.
-        terraform
-        terraformer # generate terraform configs from existing cloud resources
-      ]
-    );
-}

home/base/desktop/dev-tools.nix

@@ -1,71 +0,0 @@
-{
-  pkgs,
-  pkgs-unstable,
-  ...
-}: {
-  #############################################################
-  #
-  #  Basic settings for development environment
-  #
-  #  Please avoid to install language specific packages here(globally),
-  #  instead, install them:
-  #     1. per IDE, such as `programs.neovim.extraPackages`
-  #     2. per-project, using https://github.com/the-nix-way/dev-templates
-  #
-  #############################################################
-
-  home.packages = with pkgs;
-    [
-      colmena # nixos's remote deployment tool
-
-      # db related
-      dbeaver
-      mycli
-      pgcli
-      mongosh
-      sqlite
-
-      # embedded development
-      minicom
-
-      # ai related
-      python311Packages.huggingface-hub # huggingface-cli
-
-      # misc
-      pkgs-unstable.devbox
-      bfg-repo-cleaner # remove large files from git history
-      k6 # load testing tool
-      protobuf # protocol buffer compiler
-
-      # solve coding extercises - learn by doing
-      exercism
-    ]
-    ++ (
-      lib.optionals pkgs.stdenv.isLinux [
-        # Automatically trims your branches whose tracking remote refs are merged or gone
-        # It's really useful when you work on a project for a long time.
-        git-trim
-
-        # need to run `conda-install` before using it
-        # need to run `conda-shell` before using command `conda`
-        # conda is not available for MacOS
-        conda
-
-        mitmproxy # http/https proxy tool
-        insomnia # REST client
-        wireshark # network analyzer
-        ventoy # create bootable usb
-      ]
-    );
-
-  programs = {
-    direnv = {
-      enable = true;
-      nix-direnv.enable = true;
-
-      enableZshIntegration = true;
-      enableBashIntegration = true;
-      enableNushellIntegration = true;
-    };
-  };
-}

home/base/desktop/editors/packages.nix

@@ -1,138 +0,0 @@
-{pkgs, ...}: {
-  nixpkgs.config = {
-    programs.npm.npmrc = ''
-      prefix = ''${HOME}/.npm-global
-    '';
-  };
-
-  home.packages = with pkgs;
-    [
-      #-- c/c++
-      cmake
-      cmake-language-server
-      gnumake
-      checkmake
-      # c/c++ compiler, required by nvim-treesitter!
-      gcc
-      # c/c++ tools with clang-tools, the unwrapped version won't
-      # add alias like `cc` and `c++`, so that it won't conflict with gcc
-      llvmPackages.clang-unwrapped
-      lldb
-
-      #-- python
-      nodePackages.pyright # python language server
-      (python311.withPackages (
-        ps:
-          with ps; [
-            ruff-lsp
-            black # python formatter
-
-            jupyter
-            ipython
-            pandas
-            requests
-            pyquery
-            pyyaml
-
-            ## emacs's lsp-bridge dependenciesge
-            epc
-            orjson
-            sexpdata
-            six
-            setuptools
-            paramiko
-            rapidfuzz
-          ]
-      ))
-
-      #-- rust
-      rust-analyzer
-      cargo # rust package manager
-      rustfmt
-
-      #-- zig
-      zls
-
-      #-- nix
-      nil
-      rnix-lsp
-      # nixd
-      statix # Lints and suggestions for the nix programming language
-      deadnix # Find and remove unused code in .nix source files
-      alejandra # Nix Code Formatter
-
-      #-- golang
-      go
-      gomodifytags
-      iferr # generate error handling code for go
-      impl # generate function implementation for go
-      gotools # contains tools like: godoc, goimports, etc.
-      gopls # go language server
-      delve # go debugger
-
-      # -- java
-      jdk17
-      gradle
-      maven
-      spring-boot-cli
-
-      #-- lua
-      stylua
-      lua-language-server
-
-      #-- bash
-      nodePackages.bash-language-server
-      shellcheck
-      shfmt
-
-      #-- javascript/typescript --#
-      nodePackages.nodejs
-      nodePackages.typescript
-      nodePackages.typescript-language-server
-      # HTML/CSS/JSON/ESLint language servers extracted from vscode
-      nodePackages.vscode-langservers-extracted
-      nodePackages."@tailwindcss/language-server"
-      emmet-ls
-
-      #-- CloudNative
-      nodePackages.dockerfile-language-server-nodejs
-      # terraform  # install via brew on macOS
-      terraform-ls
-      jsonnet
-      jsonnet-language-server
-      hadolint # Dockerfile linter
-
-      # -- Lisp like Languages
-      guile
-      racket-minimal
-      fnlfmt # fennel
-
-      #-- Others
-      taplo # TOML language server / formatter / validator
-      nodePackages.yaml-language-server
-      sqlfluff # SQL linter
-      actionlint # GitHub Actions linter
-      buf # protoc plugin for linting and formatting
-      proselint # English prose linter
-
-      #-- Misc
-      tree-sitter # common language parser/highlighter
-      nodePackages.prettier # common code formatter
-      marksman # language server for markdown
-      glow # markdown previewer
-      fzf
-      pandoc # document converter
-      hugo # static site generator
-
-      #-- Optional Requirements:
-      gdu # disk usage analyzer, required by AstroNvim
-      (ripgrep.override {withPCRE2 = true;}) # recursively searches directories for a regex pattern
-    ]
-    ++ (
-      lib.optionals pkgs.stdenv.isLinux [
-        #-- verilog / systemverilog
-        verible
-        gdb
-      ]
-    );
-}

home/base/gui/dev-tools.nix

@@ -0,0 +1,14 @@
+{
+  pkgs,
+  ...
+}: {
+  home.packages = with pkgs; [
+    # db related
+    dbeaver
+
+    mitmproxy # http/https proxy tool
+    insomnia # REST client
+    wireshark # network analyzer
+    ventoy # create bootable usb
+  ];
+}

home/base/home.nix

@@ -1,8 +1,8 @@
-{username, ...}: {
+{myvars, ...}: {
   # Home Manager needs a bit of information about you and the
   # paths it should manage.
   home = {
-    inherit username;
+    inherit (myvars) username;
 
     # This value determines the Home Manager release that your
     # configuration is compatible with. This helps avoid breakage

home/base/tui/cloud/default.nix

@@ -0,0 +1,32 @@
+{
+  lib,
+  pkgs,
+  ...
+}: {
+  home.packages = with pkgs; [
+    # infrastructure as code
+    # pulumi
+    # pulumictl
+    # tf2pulumi
+    # crd2pulumi
+    # pulumiPackages.pulumi-random
+    # pulumiPackages.pulumi-command
+    # pulumiPackages.pulumi-aws-native
+    # pulumiPackages.pulumi-language-go
+    # pulumiPackages.pulumi-language-python
+    # pulumiPackages.pulumi-language-nodejs
+
+    # aws
+    awscli2
+    ssm-session-manager-plugin # Amazon SSM Session Manager Plugin
+    aws-iam-authenticator
+    eksctl
+
+    # aliyun
+    aliyun-cli
+    # cloud tools that nix do not have cache for.
+    terraform
+    terraformer # generate terraform configs from existing cloud resources
+    packer # machine image builder
+  ];
+}

home/base/tui/dev-tools.nix

@@ -0,0 +1,61 @@
+{
+  pkgs,
+  pkgs-unstable,
+  ...
+}: {
+  #############################################################
+  #
+  #  Basic settings for development environment
+  #
+  #  Please avoid to install language specific packages here(globally),
+  #  instead, install them:
+  #     1. per IDE, such as `programs.neovim.extraPackages`
+  #     2. per-project, using https://github.com/the-nix-way/dev-templates
+  #
+  #############################################################
+
+  home.packages = with pkgs; [
+    colmena # nixos's remote deployment tool
+
+    # db related
+    mycli
+    pgcli
+    mongosh
+    sqlite
+
+    # embedded development
+    minicom
+
+    # ai related
+    python311Packages.huggingface-hub # huggingface-cli
+
+    # misc
+    pkgs-unstable.devbox
+    bfg-repo-cleaner # remove large files from git history
+    k6 # load testing tool
+    protobuf # protocol buffer compiler
+
+    # solve coding extercises - learn by doing
+    exercism
+
+    # Automatically trims your branches whose tracking remote refs are merged or gone
+    # It's really useful when you work on a project for a long time.
+    git-trim
+
+    # need to run `conda-install` before using it
+    # need to run `conda-shell` before using command `conda`
+    # conda is not available for MacOS
+    conda
+  ];
+
+  programs = {
+    direnv = {
+      enable = true;
+      nix-direnv.enable = true;
+
+      enableZshIntegration = true;
+      enableBashIntegration = true;
+      enableNushellIntegration = true;
+    };
+  };
+}

home/base/tui/editors/emacs/default.nix

@@ -57,7 +57,7 @@ in {
         # :tools lookup & :lang org +roam
         sqlite
         # :lang latex & :lang org (latex previews)
-        texlive.combined.scheme-medium
+        # texlive.combined.scheme-medium
       ];
 
       programs.bash.bashrcExtra = envExtra;

home/base/tui/editors/packages.nix

@@ -0,0 +1,133 @@
+{pkgs, ...}: {
+  nixpkgs.config = {
+    programs.npm.npmrc = ''
+      prefix = ''${HOME}/.npm-global
+    '';
+  };
+
+  home.packages = with pkgs; [
+    #-- c/c++
+    cmake
+    cmake-language-server
+    gnumake
+    checkmake
+    # c/c++ compiler, required by nvim-treesitter!
+    gcc
+    # c/c++ tools with clang-tools, the unwrapped version won't
+    # add alias like `cc` and `c++`, so that it won't conflict with gcc
+    llvmPackages.clang-unwrapped
+    lldb
+
+    #-- python
+    nodePackages.pyright # python language server
+    (python311.withPackages (
+      ps:
+        with ps; [
+          ruff-lsp
+          black # python formatter
+
+          jupyter
+          ipython
+          pandas
+          requests
+          pyquery
+          pyyaml
+
+          ## emacs's lsp-bridge dependenciesge
+          epc
+          orjson
+          sexpdata
+          six
+          setuptools
+          paramiko
+          rapidfuzz
+        ]
+    ))
+
+    #-- rust
+    rust-analyzer
+    cargo # rust package manager
+    rustfmt
+
+    #-- nix
+    nil
+    rnix-lsp
+    # nixd
+    statix # Lints and suggestions for the nix programming language
+    deadnix # Find and remove unused code in .nix source files
+    alejandra # Nix Code Formatter
+
+    #-- golang
+    go
+    gomodifytags
+    iferr # generate error handling code for go
+    impl # generate function implementation for go
+    gotools # contains tools like: godoc, goimports, etc.
+    gopls # go language server
+    delve # go debugger
+
+    # -- java
+    jdk17
+    gradle
+    maven
+    spring-boot-cli
+
+    #-- lua
+    stylua
+    lua-language-server
+
+    #-- bash
+    nodePackages.bash-language-server
+    shellcheck
+    shfmt
+
+    #-- javascript/typescript --#
+    nodePackages.nodejs
+    nodePackages.typescript
+    nodePackages.typescript-language-server
+    # HTML/CSS/JSON/ESLint language servers extracted from vscode
+    nodePackages.vscode-langservers-extracted
+    nodePackages."@tailwindcss/language-server"
+    emmet-ls
+
+    # -- Lisp like Languages
+    guile
+    racket-minimal
+    fnlfmt # fennel
+
+    #-- Others
+    taplo # TOML language server / formatter / validator
+    nodePackages.yaml-language-server
+    sqlfluff # SQL linter
+    actionlint # GitHub Actions linter
+    buf # protoc plugin for linting and formatting
+    proselint # English prose linter
+
+    #-- Misc
+    tree-sitter # common language parser/highlighter
+    nodePackages.prettier # common code formatter
+    marksman # language server for markdown
+    glow # markdown previewer
+    fzf
+    pandoc # document converter
+    hugo # static site generator
+
+    #-- Optional Requirements:
+    gdu # disk usage analyzer, required by AstroNvim
+    (ripgrep.override {withPCRE2 = true;}) # recursively searches directories for a regex pattern
+
+    #-- CloudNative
+    nodePackages.dockerfile-language-server-nodejs
+    # terraform  # install via brew on macOS
+    terraform-ls
+    jsonnet
+    jsonnet-language-server
+    hadolint # Dockerfile linter
+
+    #-- zig
+    zls
+    #-- verilog / systemverilog
+    verible
+    gdb
+  ];
+}

home/darwin/core.nix

@@ -1,3 +1,3 @@
-{username, ...}: {
-  home.homeDirectory = "/Users/${username}";
+{myvars, ...}: {
+  home.homeDirectory = "/Users/${myvars.username}";
 }

home/darwin/default.nix

@@ -2,8 +2,9 @@
   imports =
     (mylib.scanPaths ./.)
     ++ [
-      ../base/server
-      ../base/desktop
-      ../base/core.nix
+      ../base/core
+      ../base/tui
+      ../base/gui
+      ../base/home.nix
     ];
 }

home/darwin/ssh.nix

@@ -1,3 +1,3 @@
-{vars_networking, ...}: {
-  programs.ssh.extraConfig = vars_networking.ssh.extraConfig;
+{myvars, ...}: {
+  programs.ssh.extraConfig = myvars.networking.ssh.extraConfig;
 }

home/linux/base/shell.nix

@@ -1,13 +1,13 @@
 {
   config,
-  username,
+  myvars,
   ...
 }: let
   d = config.xdg.dataHome;
   c = config.xdg.configHome;
   cache = config.xdg.cacheHome;
 in rec {
-  home.homeDirectory = "/home/${username}";
+  home.homeDirectory = "/home/${myvars.username}";
 
   # environment variables that always set at login
   home.sessionVariables = {

home/linux/core.nix

@@ -0,0 +1,8 @@
+{
+  imports = [
+    ../base/core
+    ../base/home.nix
+
+    ./base
+  ];
+}

home/linux/desktop.nix

@@ -1,10 +0,0 @@
-{
-  imports = [
-    ../base/server
-    ../base/desktop
-    ../base/core.nix
-
-    ./base
-    ./desktop
-  ];
-}

home/linux/desktop/base/dev-tools.nix

@@ -0,0 +1,5 @@
+{pkgs, ...}: {
+  home.packages = with pkgs; [
+    android-tools
+  ];
+}

home/linux/gui.nix

@@ -0,0 +1,11 @@
+{
+  imports = [
+    ../base/core
+    ../base/tui
+    ../base/gui
+    ../base/home.nix
+
+    ./base
+    ./desktop
+  ];
+}

home/linux/server.nix

@@ -1,8 +0,0 @@
-{
-  imports = [
-    ../base/server
-    ../base/core.nix
-
-    ./base
-  ];
-}

home/linux/tui.nix

@@ -0,0 +1,10 @@
+{
+  imports = [
+    ../base/core
+    ../base/tui
+    ../base/home.nix
+
+    ./base
+    ./desktop
+  ];
+}

hosts/12kingdoms-rakushun/caddy.nix

@@ -0,0 +1,28 @@
+{myvars, ...}: {
+  services.caddy = {
+    enable = true;
+    # Reload Caddy instead of restarting it when configuration file changes.
+    enableReload = true;
+    user = "caddy"; # User account under which caddy runs.
+    dataDir = "/var/lib/caddy";
+    logDir = "/var/log/caddy";
+
+    # Additional lines of configuration appended to the global config section of the Caddyfile.
+    # Refer to https://caddyserver.com/docs/caddyfile/options#global-options for details on supported values.
+    globalConfig = ''
+      http_port    80
+      https_port   443
+      auto_https   off
+    '';
+
+    # ACME related settings.
+    # email = myvars.useremail;
+    # acmeCA = "https://acme-v02.api.letsencrypt.org/directory";
+
+    virtualHosts."http://git.writefor.fun".extraConfig = ''
+      encode zstd gzip
+      reverse_proxy http://localhost:3000
+    '';
+  };
+  networking.firewall.allowedTCPPorts = [80 443];
+}

hosts/12kingdoms-rakushun/default.nix

@@ -1,7 +1,7 @@
 {
   disko,
   nixos-rk3588,
-  vars_networking,
+  myvars,
   ...
 }:
 #############################################################
@@ -11,7 +11,7 @@
 #############################################################
 let
   hostName = "rakushun"; # Define your hostname.
-  hostAddress = vars_networking.hostAddress.${hostName};
+  hostAddress = myvars.networking.hostAddress.${hostName};
 in {
   imports = [
     # import the rk3588 module, which contains the configuration for bootloader/kernel/firmware
@@ -20,11 +20,14 @@ in {
     ./hardware-configuration.nix
     ./disko-fs.nix
     ./impermanence.nix
+
+    ./gitea.nix
+    ./caddy.nix
   ];
 
   networking = {
     inherit hostName;
-    inherit (vars_networking) defaultGateway nameservers;
+    inherit (myvars.networking) defaultGateway nameservers;
 
     networkmanager.enable = false;
     # RJ45 port 1

hosts/12kingdoms-rakushun/gitea.nix

@@ -0,0 +1,88 @@
+{pkgs, ...}: let
+in {
+  # https://github.com/NixOS/nixpkgs/blob/nixos-23.11/nixos/modules/services/misc/gitea.nix
+  services.gitea = {
+    enable = true;
+    user = "gitea";
+    group = "gitea";
+    stateDir = "/var/lib/gitea";
+    appName = "Ryan Yin's Gitea Service";
+    lfs.enable = true;
+    # Enable a timer that runs gitea dump to generate backup-files of the current gitea database and repositories.
+    dump = {
+      enable = false;
+      interval = "hourly";
+      file = "gitea-dump";
+      type = "tar.zst";
+    };
+    # Path to a file containing the SMTP password.
+    # mailerPasswordFile = "";
+    settings = {
+      server = {
+        SSH_PORT = 2222;
+        PROTOCOL = "http";
+        HTTP_PORT = 3000;
+        HTTP_ADDR = "127.0.0.1";
+        DOMAIN = "git.writefor.fun";
+      };
+      # one of "Trace", "Debug", "Info", "Warn", "Error", "Critical"
+      log.LEVEL = "Info";
+      session.COOKIE_SECURE = false;
+      service.DISABLE_REGISTRATION = true;
+
+      # "cron.sync_external_users" = {
+      #   RUN_AT_START = true;
+      #   SCHEDULE = "@every 24h";
+      #   UPDATE_EXISTING = true;
+      # };
+      mailer = {
+        ENABLED = true;
+        MAILER_TYPE = "sendmail";
+        FROM = "do-not-reply@writefor.fun";
+        SENDMAIL_PATH = "${pkgs.system-sendmail}/bin/sendmail";
+      };
+      other = {
+        SHOW_FOOTER_VERSION = false;
+      };
+    };
+    database = {
+      type = "sqlite3";
+      # create a local database automatically.
+      createDatabase = true;
+    };
+  };
+
+  # services.gitea-actions-runner.instances."default" = {
+  #   enable = true;
+  #   name = "default";
+  #   labels = [
+  #     # provide a debian base with nodejs for actions
+  #     "debian-latest:docker://node:18-bullseye"
+  #     # fake the ubuntu name, because node provides no ubuntu builds
+  #     "ubuntu-latest:docker://node:18-bullseye"
+  #     # provide native execution on the host
+  #     "native:host"
+  #   ];
+  #   gitea = "http://git.writefor.fun";
+  #   # Path to an environment file,
+  #   # containing the TOKEN environment variable,
+  #   # that holds a token to register at the configured Gitea instance.
+  #   tokenFile = "xxx"; # use agenix for secrets.
+  #   # Configuration for act_runner daemon.
+  #   # For an example configuration, see:
+  #   #  https://gitea.com/gitea/act_runner/src/branch/main/internal/pkg/config/config.example.yaml
+  #   settings = {};
+  #   # List of packages, that are available to actions,
+  #   # when the runner is configured with a host execution label.
+  #   hostPackages = with pkgs; [
+  #     bash
+  #     coreutils
+  #     curl
+  #     gawk
+  #     gitMinimal
+  #     gnused
+  #     nodejs
+  #     wget
+  #   ];
+  # };
+}

hosts/12kingdoms-shoukei/default.nix

@@ -1,6 +1,6 @@
 {
   nixos-hardware,
-  vars_networking,
+  myvars,
   ...
 }:
 #############################################################
@@ -18,7 +18,7 @@ in {
     {hardware.myapple-t2.enableAppleSetOsLoader = true;}
 
     ./hardware-configuration.nix
-    ../idols_ai/impermanence.nix
+    ../idols-ai/impermanence.nix
   ];
 
   boot.kernelModules = ["kvm-amd"];
@@ -26,7 +26,7 @@ in {
 
   networking = {
     inherit hostName;
-    inherit (vars_networking) defaultGateway nameservers;
+    inherit (myvars.networking) defaultGateway nameservers;
 
     # configures the network interface(include wireless) via `nmcli` & `nmtui`
     networkmanager.enable = true;

hosts/12kingdoms-shoukei/hardware-configuration.nix

@@ -53,11 +53,10 @@
       # whether to allow TRIM requests to the underlying device.
       # it's less secure, but faster.
       allowDiscards = true;
-      # Whether to bypass dm-crypt’s internal read and write workqueues. 
-      # Enabling this should improve performance on SSDs; 
+      # Whether to bypass dm-crypt’s internal read and write workqueues.
+      # Enabling this should improve performance on SSDs;
       # https://wiki.archlinux.org/index.php/Dm-crypt/Specialties#Disable_workqueue_for_increased_solid_state_drive_(SSD)_performance
       bypassWorkqueues = true;
-
     };
   };
 

hosts/12kingdoms-suzu/default.nix

@@ -1,7 +1,7 @@
 {
   disko,
   nixos-rk3588,
-  vars_networking,
+  myvars,
   ...
 }:
 #############################################################
@@ -11,7 +11,7 @@
 #############################################################
 let
   hostName = "suzu"; # Define your hostname.
-  hostAddress = vars_networking.hostAddress.${hostName};
+  hostAddress = myvars.networking.hostAddress.${hostName};
 in {
   imports = [
     # import the rk3588 module, which contains the configuration for bootloader/kernel/firmware
@@ -24,7 +24,7 @@ in {
 
   networking = {
     inherit hostName;
-    inherit (vars_networking) defaultGateway nameservers;
+    inherit (myvars.networking) defaultGateway nameservers;
 
     networkmanager.enable = false;
     interfaces.end1 = {

hosts/README.md

@@ -9,16 +9,28 @@
    3. `ruby`: Another NixOS VM running operation and maintenance related services, such as prometheus, grafana, restic, etc.
    4. `kana`: Yet another NixOS VM running some common applications, such as hompage, file browser, torrent downloader, etc.
 3. Homelab:
-   1. `tailscale_gw`: A tailscale subnet router(gateway) for accessing my homelab remotely. NixOS VM running on Proxmox.
+   1. `tailscale-gw`: A tailscale subnet router(gateway) for accessing my homelab remotely. NixOS VM running on Proxmox.
 4. `rolling_girls`: My RISCV64 hosts.
-   1. `nozomi`: Lichee Pi 4A, TH1520(4xC910@2.0G), 8GB RAM + 32G eMMC + 64G SD Card.
-   2. `yukina`: Lichee Pi 4A(Internal Test Version), TH1520(4xC910@2.0G), 8GB RAM + 8G eMMC + 128G SD Card.
-   3. `chiaya`: Milk-V Mars, JH7110(4xU74@1.5 GHz), 4G RAM + No eMMC + 64G SD Card.
+   1. `nozomi`: Lichee Pi 4A, TH1520(4xC910@2.0G), 16GB RAM + 32G eMMC + 128G SD Card.
+   2. `yukina`: Milk-V Mars, JH7110(4xU74@1.5 GHz), 4G RAM + No eMMC + 64G SD Card.
 5. `12kingdoms`:
    1. `shoukei`: NixOS on Macbook Pro 2020 Intel i5, 13.3-inch, 16G RAM + 512G SSD.
    1. `suzu`: Orange Pi 5, RK3588s(4xA76 + 4xA55), GPU(4Cores, Mail-G610), NPU(6Tops@int8), 8G RAM + 256G SSD.
    1. `rakushun`: Orange Pi 5 Plus, RK3588(4xA76 + 4xA55), GPU(4Cores, Mail-G610), NPU(6Tops@int8), 16G RAM + 2T SSD.
-6. `kubernetes`: My Kubernetes Cluster
+6. `k8s`: My Kubernetes Clusters
+
+## How to add a new host
+
+1. Under `hosts/`
+   1. Create a new folder under `hosts/` with the name of the new host.
+   2. Create & add the new host's `hardware-configuration.nix` to the new folder, and add the new host's `configuration.nix` to `hosts/<name>/default.nix`.
+   3. If the new host need to use home-manager, add its custom config into `hosts/<name>/home.nix`.
+1. Under `outputs/`
+   1. Add a new nix file named `outputs/<system-architecture>/src/<name>.nix`.
+   2. Copy the content from one of the existing similar host, and modify it to fit the new host.
+      1. Usually, you only need to modify the `name` and `tags` fields.
+   3. [Optional] Add a new unit test file under `outputs/<system-architecture>/tests/<name>.nix` to test the new host's nix file.
+   4. [Optional] Add a new integration test file under `outputs/<system-architecture>/integration-tests/<name>.nix` to test whether the new host's nix config can be built and deployed correctly.
 
 ## idols - Oshi no Ko