diff --git a/common/default.nix b/common/default.nix index 3e359ea..1285e27 100644 --- a/common/default.nix +++ b/common/default.nix @@ -1,39 +1,28 @@ -{ pkgs, ... }: { - imports = [ ./users ]; +{ pkgs, ... }: +{ ## Optimizations - # Clean /tmp - boot.tmp.cleanOnBoot = true; - # Link identical files nix.settings.auto-optimise-store = true; - # Limit journald logs - services.journald.extraConfig = '' - SystemMaxUse=100M - MaxFileSec=1month - ''; - # Garbage collection nix.gc = { automatic = true; - dates = "weekly"; options = "--delete-older-than 30d"; }; ## Other # Flakes - nix.settings.experimental-features = [ "nix-command" "flakes" ]; + nix.settings.experimental-features = [ + "nix-command" + "flakes" + ]; # Enable fish (needed for nix completions) programs.fish.enable = true; - # Fix terminfo - environment.enableAllTerminfo = true; - environment.variables.COLORTERM = "truecolor"; - # Packages used on all systems environment.systemPackages = with pkgs; [ ccase @@ -52,38 +41,6 @@ xclip ]; - # Enable the OpenSSH daemon. - services.openssh = { - enable = true; - banner = '' - Hello mistress ^,,^ - ''; - settings.PasswordAuthentication = false; - }; - # 🥺 # security.please.enable = true; - - ## Locale/Timezone - - time.timeZone = "Europe/Berlin"; - i18n.defaultLocale = "en_US.UTF-8"; - - i18n.extraLocaleSettings = { - LC_ADDRESS = "de_DE.UTF-8"; - LC_IDENTIFICATION = "de_DE.UTF-8"; - LC_MEASUREMENT = "de_DE.UTF-8"; - LC_MONETARY = "de_DE.UTF-8"; - LC_NAME = "de_DE.UTF-8"; - LC_NUMERIC = "de_DE.UTF-8"; - LC_PAPER = "de_DE.UTF-8"; - LC_TELEPHONE = "de_DE.UTF-8"; - LC_TIME = "de_DE.UTF-8"; - }; - - # Configure keymap in X11 - services.xserver = { - layout = "us"; - xkbVariant = ""; - }; } diff --git a/common/home_manager/common.nix b/common/home_manager/common.nix index 9464b05..783c8a3 100644 --- a/common/home_manager/common.nix +++ b/common/home_manager/common.nix @@ -4,8 +4,9 @@ home-manager.useGlobalPkgs = true; home-manager.users.agatha = { home.username = "agatha"; - home.homeDirectory = "/home/agatha"; - home.stateVersion = config.system.stateVersion; + home.homeDirectory = lib.mkDefault "/home/agatha"; + # Fallback for nix-darwin + home.stateVersion = if pkgs.stdenv.isLinux then config.system.stateVersion else "24.05"; home.packages = with pkgs; [ bat btop diff --git a/common/linux-specific.nix b/common/linux-specific.nix new file mode 100644 index 0000000..8cf87fb --- /dev/null +++ b/common/linux-specific.nix @@ -0,0 +1,53 @@ +{ + imports = [ ./users ]; + + ## Optimizations + + # Clean /tmp + boot.tmp.cleanOnBoot = true; + + # Garbage collection + nix.gc.dates = "weekly"; + + # Limit journald logs + services.journald.extraConfig = '' + SystemMaxUse=100M + MaxFileSec=1month + ''; + + # Fix terminfo + environment.enableAllTerminfo = true; + environment.variables.COLORTERM = "truecolor"; + + ## Locale/Timezone + + time.timeZone = "Europe/Berlin"; + i18n.defaultLocale = "en_US.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "de_DE.UTF-8"; + LC_IDENTIFICATION = "de_DE.UTF-8"; + LC_MEASUREMENT = "de_DE.UTF-8"; + LC_MONETARY = "de_DE.UTF-8"; + LC_NAME = "de_DE.UTF-8"; + LC_NUMERIC = "de_DE.UTF-8"; + LC_PAPER = "de_DE.UTF-8"; + LC_TELEPHONE = "de_DE.UTF-8"; + LC_TIME = "de_DE.UTF-8"; + }; + + # Configure keymap in X11 + services.xserver = { + layout = "us"; + xkbVariant = ""; + }; + + # Enable the OpenSSH daemon. + services.openssh = { + enable = true; + banner = '' + Hello mistress ^,,^ + ''; + settings.PasswordAuthentication = false; + }; +} diff --git a/common/users/default.nix b/common/users/default.nix index 6a01d81..a1bdff2 100644 --- a/common/users/default.nix +++ b/common/users/default.nix @@ -1,9 +1,14 @@ -{ config, pkgs, ... }: { +{ config, pkgs, ... }: +{ users.users = { agatha = { isNormalUser = true; description = "Agatha Valentine Lovelace"; - extraGroups = [ "networkmanager" "wheel" "docker" ]; + extraGroups = [ + "networkmanager" + "wheel" + "docker" + ]; shell = pkgs.fish; openssh.authorizedKeys.keys = [ diff --git a/flake.lock b/flake.lock index 8394782..8548102 100644 --- a/flake.lock +++ b/flake.lock @@ -153,6 +153,24 @@ } }, "flake-utils_3": { + "inputs": { + "systems": "systems_5" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { "locked": { "lastModified": 1667395993, "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", @@ -167,6 +185,21 @@ "type": "github" } }, + "flakey-profile": { + "locked": { + "lastModified": 1712898590, + "narHash": "sha256-FhGIEU93VHAChKEXx905TSiPZKga69bWl1VB37FK//I=", + "owner": "lf-", + "repo": "flakey-profile", + "rev": "243c903fd8eadc0f63d205665a92d4df91d42d9d", + "type": "github" + }, + "original": { + "owner": "lf-", + "repo": "flakey-profile", + "type": "github" + } + }, "frq-friend": { "inputs": { "naersk": "naersk_2", @@ -199,11 +232,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1719881815, - "narHash": "sha256-+Vh7r/dOlEphIV5zOIKKYTNMc083lLbQcUVsiyuiiws=", + "lastModified": 1725452565, + "narHash": "sha256-kxduxKvEBSEhoxYHQbMCbxHT0t14kRF4zT6ZmWaqH6M=", "owner": "helix-editor", "repo": "helix", - "rev": "3524060ee83b23c2b741a41f57d6ecc06e3fd871", + "rev": "41db5d735eae03be9a69b1136844dac642484ed8", "type": "github" }, "original": { @@ -219,11 +252,11 @@ ] }, "locked": { - "lastModified": 1719827385, - "narHash": "sha256-qs+nU20Sm8czHg3bhGCqiH+8e13BJyRrKONW34g3i50=", + "lastModified": 1720042825, + "narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=", "owner": "nix-community", "repo": "home-manager", - "rev": "391ca6e950c2525b4f853cbe29922452c14eda82", + "rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073", "type": "github" }, "original": { @@ -233,6 +266,41 @@ "type": "github" } }, + "lix": { + "flake": false, + "locked": { + "lastModified": 1723503926, + "narHash": "sha256-Rosl9iA9MybF5Bud4BTAQ9adbY81aGmPfV8dDBGl34s=", + "rev": "bcaeb6388b8916ac6d1736e3aa2b13313e6a6bd2", + "type": "tarball", + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/bcaeb6388b8916ac6d1736e3aa2b13313e6a6bd2.tar.gz?rev=bcaeb6388b8916ac6d1736e3aa2b13313e6a6bd2" + }, + "original": { + "type": "tarball", + "url": "https://git.lix.systems/lix-project/lix/archive/2.91.0.tar.gz" + } + }, + "lix-module": { + "inputs": { + "flake-utils": "flake-utils_3", + "flakey-profile": "flakey-profile", + "lix": "lix", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1723510904, + "narHash": "sha256-zNW/rqNJwhq2lYmQf19wJerRuNimjhxHKmzrWWFJYts=", + "rev": "622a2253a071a1fb97a4d3c8103a91114acc1140", + "type": "tarball", + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/622a2253a071a1fb97a4d3c8103a91114acc1140.tar.gz?rev=622a2253a071a1fb97a4d3c8103a91114acc1140" + }, + "original": { + "type": "tarball", + "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.0.tar.gz" + } + }, "lowdown-src": { "flake": false, "locked": { @@ -274,7 +342,7 @@ "mms": { "inputs": { "flake-compat": "flake-compat_2", - "flake-utils": "flake-utils_3", + "flake-utils": "flake-utils_4", "nix": "nix", "nixpkgs": [ "nixpkgs" @@ -400,11 +468,11 @@ ] }, "locked": { - "lastModified": 1724219898, - "narHash": "sha256-7PwlnEQDIbww8+nk0CHLeYTYMA23F/CkynHsX7Mxk+s=", + "lastModified": 1725544312, + "narHash": "sha256-ETyDNLOF5YvFO2lVlKttXgdHTqSGdp9ZCRRCjv2gaoM=", "owner": "LnL7", "repo": "nix-darwin", - "rev": "d6703b988728b89456b32bac242c8689902e5a5b", + "rev": "a55b3f1ab41bb6d5025ebeebb4da5fd240b9b3b3", "type": "github" }, "original": { @@ -429,11 +497,11 @@ }, "nixpkgs-darwin": { "locked": { - "lastModified": 1724196396, - "narHash": "sha256-4GoGPErR0RM5r5x+LMnzZvxTdn11lCRO+z8wP3K3PyU=", + "lastModified": 1725140114, + "narHash": "sha256-tlRqsd84YFI7dL8Lz/Sm+M9Bm+Mh7kUs+5ArJbZsuy8=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1c5f849214c6c03c47e684622306aad181c107a4", + "rev": "4927f77b7a68615ce99678086cd3dcd0eda34fdd", "type": "github" }, "original": { @@ -461,11 +529,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1719826879, - "narHash": "sha256-xs7PlULe8O1SAcs/9e/HOjeUjBrU5FNtkAF/bSEcFto=", + "lastModified": 1725369773, + "narHash": "sha256-gT+rUDbw+TQuszQEzMUJWTW7QYtccZ5xxWmKOSrPvEw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b9014df496d5b68bf7c0145d0e9b0f529ce4f2a8", + "rev": "8b4061fd60ccc3b3f44b73faa7c983eacf7a6f7b", "type": "github" }, "original": { @@ -520,11 +588,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1719838683, - "narHash": "sha256-Zw9rQjHz1ilNIimEXFeVa1ERNRBF8DoXDhLAZq5B4pE=", + "lastModified": 1725407940, + "narHash": "sha256-tiN5Rlg/jiY0tyky+soJZoRzLKbPyIdlQ77xVgREDNM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d032c1a6dfad4eedec7e35e91986becc699d7d69", + "rev": "6f6c45b5134a8ee2e465164811e451dcb5ad86e3", "type": "github" }, "original": { @@ -557,6 +625,7 @@ "frq-friend": "frq-friend", "helix": "helix", "home-manager": "home-manager", + "lix-module": "lix-module", "matrix-ril100": "matrix-ril100", "mms": "mms", "nix-darwin": "nix-darwin", @@ -713,6 +782,21 @@ "type": "github" } }, + "systems_8": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "url-eater": { "inputs": { "naersk": "naersk_4", @@ -791,7 +875,7 @@ }, "utils_4": { "inputs": { - "systems": "systems_5" + "systems": "systems_6" }, "locked": { "lastModified": 1687709756, @@ -809,7 +893,7 @@ }, "utils_5": { "inputs": { - "systems": "systems_6" + "systems": "systems_7" }, "locked": { "lastModified": 1701680307, @@ -827,7 +911,7 @@ }, "utils_6": { "inputs": { - "systems": "systems_7" + "systems": "systems_8" }, "locked": { "lastModified": 1681202837, diff --git a/flake.nix b/flake.nix index e7016f9..42d3bfa 100644 --- a/flake.nix +++ b/flake.nix @@ -2,6 +2,12 @@ inputs = { nixpkgs.url = "nixpkgs/nixos-24.05"; nixpkgs-unstable.url = "nixpkgs/nixpkgs-unstable"; + nixpkgs-darwin.url = "github:NixOS/nixpkgs/nixpkgs-24.05-darwin"; + + lix-module = { + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.0.tar.gz"; + inputs.nixpkgs.follows = "nixpkgs"; + }; vampysite.url = "git+https://git.lain.faith/sorceress/vampysite"; @@ -10,6 +16,11 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + nix-darwin = { + url = "github:LnL7/nix-darwin"; + inputs.nixpkgs.follows = "nixpkgs-darwin"; + }; + mms = { url = "github:mkaito/nixos-modded-minecraft-servers"; inputs.nixpkgs.follows = "nixpkgs"; @@ -51,76 +62,108 @@ inputs.nixpkgs.follows = "nixpkgs-unstable"; }; }; - outputs = { nixpkgs, nixpkgs-unstable, home-manager, mms, helix, url-eater - , colorpickle, matrix-ril100, frq-friend, colmena, vampysite, ccase, ... - }: { - colmena = let - mkDesktop = hostname: { - imports = [ - ./common - ./hosts/${hostname}/configuration.nix - ./common/options.nix - (import "${home-manager}/nixos") - url-eater.nixosModules.default - colorpickle.nixosModules.default - ]; + outputs = + { + nixpkgs, + nixpkgs-unstable, + lix-module, + home-manager, + nix-darwin, + mms, + helix, + url-eater, + colorpickle, + matrix-ril100, + frq-friend, + colmena, + vampysite, + ccase, + ... + }: + let + overlays = system: config: [ + (final: prev: { + helix = + let + helix-pkgs = helix.packages.${final.system}; + in + helix-pkgs.helix.passthru.wrapper ( + helix-pkgs.helix-unwrapped.overrideAttrs { + preInstall = '' + substituteInPlace contrib/Helix.desktop \ + --replace "Exec=hx %F" "Exec=kitty hx %F" \ + --replace "Terminal=true" "Terminal=false" + ''; + } + ); + colorpickle = colorpickle.packages.${final.system}.default; + frq-friend = frq-friend.packages.${final.system}.default; + vampysite = vampysite.packages.${final.system}.default; + matrix-ril100 = matrix-ril100.packages.${final.system}.default; + ccase = ccase.packages.${final.system}.default; - deployment = { - targetUser = "root"; - targetHost = hostname; + # Unstable packages + unstable = import nixpkgs-unstable { inherit system config; }; + }) + colmena.overlay + ]; + mkDesktop = hostname: { + imports = [ + ./common + ./common/linux-specific.nix + ./hosts/${hostname}/configuration.nix + ./common/options.nix + lix-module.nixosModules.default + (import "${home-manager}/nixos") + url-eater.nixosModules.default + colorpickle.nixosModules.default + ]; - tags = [ "home" ]; + deployment = { + targetUser = "root"; + targetHost = hostname; - allowLocalDeployment = true; + tags = [ "home" ]; - keys = { - "restic-password" = { - keyCommand = [ "cat" "./secrets/restic-password" ]; - destDir = "/var/lib/secrets/"; - }; - "restic-env" = { - keyCommand = [ "cat" "./secrets/restic-env" ]; - destDir = "/var/lib/secrets/"; - }; + allowLocalDeployment = true; + + keys = { + "restic-password" = { + keyCommand = [ + "cat" + "./secrets/restic-password" + ]; + destDir = "/var/lib/secrets/"; + }; + "restic-env" = { + keyCommand = [ + "cat" + "./secrets/restic-env" + ]; + destDir = "/var/lib/secrets/"; }; }; }; - in { + }; + in + { + colmena = { network = { description = "Agatha's Nix Infra"; nixpkgs = import nixpkgs rec { system = "x86_64-linux"; config.allowUnfree = true; - overlays = [ - (final: prev: { - helix = let helix-pkgs = helix.packages.${final.system}; - in helix-pkgs.helix.passthru.wrapper - (helix-pkgs.helix-unwrapped.overrideAttrs { - preInstall = '' - substituteInPlace contrib/Helix.desktop \ - --replace "Exec=hx %F" "Exec=kitty hx %F" \ - --replace "Terminal=true" "Terminal=false" - ''; - }); - colorpickle = colorpickle.packages.${final.system}.default; - frq-friend = frq-friend.packages.${final.system}.default; - vampysite = vampysite.packages.${final.system}.default; - matrix-ril100 = matrix-ril100.packages.${final.system}.default; - ccase = ccase.packages.${final.system}.default; - - # Unstable packages - unstable = import nixpkgs-unstable { inherit system config; }; - }) - colmena.overlay - ]; + overlays = overlays system config; }; }; bloodletting = { imports = [ ./common + ./common/linux-specific.nix ./hosts/bloodletting/configuration.nix + lix-module.nixosModules.default (import "${home-manager}/nixos") mms.module ]; @@ -133,23 +176,38 @@ keys = { "nyandroid-token" = { - keyCommand = [ "cat" "./secrets/nyandroid-token" ]; + keyCommand = [ + "cat" + "./secrets/nyandroid-token" + ]; destDir = "/var/lib/secrets/"; }; "hurricane-tokens" = { - keyCommand = [ "cat" "./secrets/hurricane-tokens" ]; + keyCommand = [ + "cat" + "./secrets/hurricane-tokens" + ]; destDir = "/var/lib/secrets/"; }; "mc-status-bot-env" = { - keyCommand = [ "cat" "./secrets/mc-status-bot-env" ]; + keyCommand = [ + "cat" + "./secrets/mc-status-bot-env" + ]; destDir = "/var/lib/secrets"; }; "fedi-data.toml" = { - keyCommand = [ "cat" "./secrets/frq-friend-fedi-data.toml" ]; + keyCommand = [ + "cat" + "./secrets/frq-friend-fedi-data.toml" + ]; destDir = "/var/lib/frq-friend"; }; "ril100-bot-secrets" = { - keyCommand = [ "cat" "./secrets/ril100-bot-secrets" ]; + keyCommand = [ + "cat" + "./secrets/ril100-bot-secrets" + ]; destDir = "/var/lib/matrix-ril100"; name = ".env"; }; @@ -162,6 +220,7 @@ ./common ./common/linux-specific.nix ./hosts/watchtower/configuration.nix + lix-module.nixosModules.default (import "${home-manager}/nixos") ]; @@ -176,14 +235,28 @@ ritual = mkDesktop "ritual"; tears = mkDesktop "tears"; }; + darwinConfigurations."Agathas-Mac-mini" = nix-darwin.lib.darwinSystem { + modules = [ + ./common + ./hosts/Agathas-Mac-mini/configuration.nix + lix-module.nixosModules.default + (import "${home-manager}/nix-darwin") + ( + { config, ... }: + { + nixpkgs.overlays = overlays nixpkgs.system config; + } + ) + ]; + }; devShells."x86_64-linux".default = - let pkgs = import nixpkgs { system = "x86_64-linux"; }; - in pkgs.mkShell { + let + pkgs = import nixpkgs { system = "x86_64-linux"; }; + in + pkgs.mkShell { buildInputs = [ (pkgs.writeShellScriptBin "colmena" '' - ${ - colmena.defaultPackage.${pkgs.system} - }/bin/colmena --disable-emoji $@ + ${colmena.defaultPackage.${pkgs.system}}/bin/colmena --disable-emoji $@ '') ]; }; diff --git a/hosts/Agathas-Mac-mini/configuration.nix b/hosts/Agathas-Mac-mini/configuration.nix new file mode 100644 index 0000000..db62bb7 --- /dev/null +++ b/hosts/Agathas-Mac-mini/configuration.nix @@ -0,0 +1,43 @@ +{ pkgs, lib, ... }: +{ + imports = [ + ../../common/home_manager/common.nix + ../../common/fragments/graphical/iosevka.nix + ]; + + nixpkgs.hostPlatform = "aarch64-darwin"; + services.nix-daemon.enable = true; + nix.settings = { + extra-nix-path = "nixpkgs=flake:nixpkgs"; + substituters = [ + "https://cache.nixos.org" + "https://cache.lix.systems" + ]; + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" + ]; + }; + + # Needed for the nix-darwin environment even if zsh is not used. + programs.zsh.enable = true; + + users.users.agatha = { + name = "agatha"; + home = lib.mkForce "/Users/agatha"; + }; + + fonts.packages = with pkgs; [ + (nerdfonts.override { + fonts = [ + "DaddyTimeMono" + "NerdFontsSymbolsOnly" + ]; + }) + fira-code + fira-code-symbols + font-awesome_5 + iosevka + siji + ]; +}