andreijiroh.dev / nixops-config
NixOS + home-manager configs, mirrored from GitLab SaaS. gitlab.com/andreijiroh-dev/nixops-config
nix-flake nixos home-manager nixpkgs nix-flakes
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

nixops-config / flake.nix
at main 714 lines 22 kB view raw
Andrei Jiroh Halili chore(global): sort things out with some flake check warnings/errors on CI
10558dcf
1{ 2 description = "Andrei Jiroh's NixOS and home-manager configurations (AKA declarative dotfiles)"; 3 nixConfig = { 4 extra-trusted-public-keys = [ 5 # cache.nixos.org 6 "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" 7 8 # cache.flakehub.com 9 "cache.flakehub.com-3:hJuILl5sVK4iKm86JzgdXW12Y2Hwd5G07qKtHTOcDCM=" 10 "cache.flakehub.com-4:Asi8qIv291s0aYLyH6IOnr5Kf6+OF14WVjkE6t3xMio=" 11 "cache.flakehub.com-5:zB96CRlL7tiPtzA9/WKyPkp3A2vqxqgdgyTVNGShPDU=" 12 "cache.flakehub.com-6:W4EGFwAGgBj3he7c5fNh9NkOXw0PUVaxygCVKeuvaqU=" 13 "cache.flakehub.com-7:mvxJ2DZVHn/kRxlIaxYNMuDG1OvMckZu32um1TadOR8=" 14 "cache.flakehub.com-8:moO+OVS0mnTjBTcOUh2kYLQEd59ExzyoW1QgQ8XAARQ=" 15 "cache.flakehub.com-9:wChaSeTI6TeCuV/Sg2513ZIM9i0qJaYsF+lZCXg0J6o=" 16 "cache.flakehub.com-10:2GqeNlIp6AKp4EF2MVbE1kBOp9iBSyo0UPR9KoR0o1Y=" 17 18 # nix-community 19 "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" 20 21 # devenv.sh 22 "devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw=" 23 24 # my caches for nixos and nixpkgs related builds (including devenvs) 25 "ajhalili2006-nixos-builds.cachix.org-1:fA8HXvGR1i792D+CxL2iW/TQzUcyoW7zPUmC9Q4mQLg=" 26 27 # the main cache itself 28 "andreijiroh-dev.cachix.org-1:7Jd0STdBOLiNu5fiA+AKwcMqQD2PA1j9zLDGyDkuyBo=" 29 30 # recaptime.dev cache 31 "recaptime-dev.cachix.org-1:b0UBO1zONf6ceTIoR06AKhgid4ZOl5kxB/gOIdZ9J6g=" 32 33 # numtide 34 "niks3.numtide.com-1:DTx8wZduET09hRmMtKdQDxNNthLQETkc/yaX7M4qK0g=" 35 ]; 36 37 # also list them all too 38 extra-trusted-substituters = [ 39 "https://cache.nixos.org" 40 "https://cache.flakehub.com" 41 "https://nix-community.cachix.org" 42 "https://devenv.cachix.org" 43 "https://andreijiroh-dev.cachix.org" 44 "https://ajhalili2006-nixos-builds.cachix.org" 45 "https://recaptime-dev.cachix.org" 46 "https://cache.numtide.com" 47 ]; 48 }; 49 50 # try to be in-sync with the nix-channels 51 inputs = { 52 # nixpkgs essientials 53 lib.url = "github:nix-community/nixpkgs.lib"; 54 nixpkgs.url = "https://flakehub.com/f/DeterminateSystems/nixpkgs-weekly/*.tar.gz"; 55 flake-utils = { 56 url = "github:numtide/flake-utils"; 57 inputs = { 58 systems = { 59 follows = "systems"; 60 }; 61 }; 62 }; 63 nixos-generators = { 64 url = "github:nix-community/nixos-generators"; 65 inputs.nixpkgs.follows = "nixpkgs"; 66 }; 67 systems = { 68 url = "github:nix-systems/default"; 69 }; 70 71 # home-manager 72 home-manager = { 73 url = "https://flakehub.com/f/nix-community/home-manager/0"; 74 inputs.nixpkgs.follows = "nixpkgs"; 75 }; 76 77 # Determinate Nix 78 determinate = { 79 url = "https://flakehub.com/f/DeterminateSystems/determinate/0.1"; 80 #inputs.nixpkgs.follows = "nixpkgs"; 81 }; 82 83 # NixOS hardware stuff 84 nixos-hardware.url = "github:NixOS/nixos-hardware/master"; 85 86 # vscode-server setup 87 vscode-server = { 88 url = "github:nix-community/nixos-vscode-server"; 89 inputs = { 90 nixpkgs.follows = "nixpkgs"; 91 flake-utils.follows = "flake-utils"; 92 }; 93 }; 94 nix4vscode = { 95 url = "github:nix-community/nix4vscode"; 96 inputs.nixpkgs.follows = "nixpkgs"; 97 inputs.systems.follows = "systems"; 98 }; 99 100 # Firefox and friends 101 zen-browser = { 102 url = "github:0xc000022070/zen-browser-flake"; 103 inputs = { 104 nixpkgs.follows = "nixpkgs"; 105 home-manager.follows = "home-manager"; 106 }; 107 }; 108 firefox-addons = { 109 url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons"; 110 inputs.nixpkgs.follows = "nixpkgs"; 111 }; 112 113 # nix-ld 114 nix-ld = { 115 url = "github:Mic92/nix-ld"; 116 inputs.nixpkgs.follows = "nixpkgs"; 117 }; 118 119 # agenix and friends for SecretOps 120 agenix = { 121 url = "github:ryantm/agenix"; 122 inputs.nixpkgs.follows = "nixpkgs"; 123 inputs.systems.follows = "systems"; 124 }; 125 agenix-rekey = { 126 url = "github:oddlama/agenix-rekey"; 127 # Make sure to override the nixpkgs version to follow your flake, 128 # otherwise derivation paths can mismatch (when using storageMode = "derivation"), 129 # resulting in the rekeyed secrets not being found! 130 inputs.nixpkgs.follows = "nixpkgs"; 131 }; 132 133 chaotic = { 134 url = "https://flakehub.com/f/chaotic-cx/nyx/*.tar.gz"; 135 inputs = { 136 nixpkgs.follows = "nixpkgs"; 137 }; 138 }; 139 140 llm-agents = { 141 url = "github:numtide/llm-agents.nix"; 142 inputs.nixpkgs.follows = "nixpkgs"; 143 }; 144 }; 145 outputs = 146 inputs@{ 147 self, 148 nixpkgs, 149 home-manager, 150 nixos-hardware, 151 determinate, 152 vscode-server, 153 nix-ld, 154 flake-utils, 155 systems, 156 nixos-generators, 157 lib, 158 zen-browser, 159 nix4vscode, 160 firefox-addons, 161 agenix, 162 agenix-rekey, 163 chaotic, 164 llm-agents, 165 }: 166 let 167 dev-pkgs = import ./pkgs; 168 169 # Reusable overlay function for any system 170 overlayFor = system: final: prev: { 171 coolify-compose = prev.callPackage ./pkgs/coolify-compose.nix { }; 172 detect-vscode-for-git = prev.callPackage ./pkgs/detect-vscode-for-git.nix { }; 173 ssh-agent-loader = prev.callPackage ./pkgs/ssh-agent-loader.nix { }; 174 }; 175 in 176 flake-utils.lib.eachDefaultSystem ( 177 system: 178 let 179 pkgs = import nixpkgs { 180 inherit system; 181 overlays = [ 182 agenix-rekey.overlays.default 183 llm-agents.overlays.default 184 ]; 185 }; 186 in 187 { 188 # Packages for this system 189 packages = { 190 coolify-compose = pkgs.callPackage ./pkgs/coolify-compose.nix { }; 191 detect-vscode-for-git = pkgs.callPackage ./pkgs/detect-vscode-for-git.nix { }; 192 ssh-agent-loader = pkgs.callPackage ./pkgs/ssh-agent-loader.nix { }; 193 194 # Optionally make one the default to support `nix profile add .#` 195 default = pkgs.callPackage ./pkgs/coolify-compose.nix { }; 196 197 live-cd = 198 (nixpkgs.lib.nixosSystem { 199 inherit system; 200 modules = [ 201 nix-ld.nixosModules.nix-ld 202 determinate.nixosModules.default 203 home-manager.nixosModules.home-manager 204 vscode-server.nixosModules.default 205 chaotic.nixosModules.default 206 ./hosts/live-cd/kde-plasma.nix 207 ]; 208 specialArgs = { 209 inherit 210 self 211 nixpkgs 212 home-manager 213 nixos-hardware 214 determinate 215 vscode-server 216 nix-ld 217 flake-utils 218 systems 219 nixos-generators 220 zen-browser 221 nix4vscode 222 firefox-addons 223 agenix 224 agenix-rekey 225 chaotic 226 llm-agents 227 dev-pkgs 228 ; 229 }; 230 }).config.system.build.isoImage; 231 }; 232 233 devShells.default = pkgs.mkShell { 234 packages = with pkgs; [ 235 agenix-rekey 236 gitFull 237 nano 238 nixfmt-tree 239 nixfmt 240 nil 241 nixd 242 shellcheck 243 shfmt 244 ]; 245 }; 246 247 # If you want app-style outputs, you can also define apps here: 248 # apps.default = { 249 # type = "app"; 250 # program = "${self.packages.${system}.coolify-compose}/bin/coolify-compose"; 251 # }; 252 253 # Keep nixosConfigurations and homeConfigurations outside of eachDefaultSystem 254 # or gate them by `system` if needed; shown below outside the lambda. 255 } 256 ) 257 // { 258 # Top-level overlays for downstream consumers 259 overlays = { 260 # System-aware default overlay that works regardless of the system 261 default = 262 final: prev: 263 let 264 sys = final.system or prev.stdenv.system or "x86_64-linux"; 265 in 266 (overlayFor sys) final prev; 267 268 # Per-system overlays for compatibility 269 x86_64-linux = overlayFor "x86_64-linux"; 270 aarch64-linux = overlayFor "aarch64-linux"; 271 x86_64-darwin = overlayFor "x86_64-darwin"; 272 aarch64-darwin = overlayFor "aarch64-darwin"; 273 }; 274 275 nixosConfigurations = { 276 recoverykit-amd64 = nixpkgs.lib.nixosSystem { 277 system = "x86_64-linux"; 278 modules = [ 279 # nix flake modules first 280 nix-ld.nixosModules.nix-ld 281 determinate.nixosModules.default 282 home-manager.nixosModules.home-manager 283 vscode-server.nixosModules.default 284 285 # and then the configs 286 ./shared/meta.nix 287 ./hosts/recoverykit/configuration.nix 288 "${nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix" 289 ]; 290 291 specialArgs = { 292 inherit 293 self 294 nixpkgs 295 home-manager 296 nixos-hardware 297 determinate 298 vscode-server 299 nix-ld 300 flake-utils 301 systems 302 nixos-generators 303 zen-browser 304 nix4vscode 305 firefox-addons 306 agenix 307 agenix-rekey 308 chaotic 309 llm-agents 310 dev-pkgs 311 ; 312 }; 313 }; 314 315 portable-amd64-256gb = nixpkgs.lib.nixosSystem { 316 system = "x86_64-linux"; 317 modules = [ 318 # nix flake modules first 319 nix-ld.nixosModules.nix-ld 320 determinate.nixosModules.default 321 home-manager.nixosModules.home-manager 322 vscode-server.nixosModules.default 323 #agenix.nixosModules.default 324 #agenix-rekey.nixosModules.default 325 326 # and then the configs 327 ./shared/meta.nix 328 ./hosts/portable/amd64/configuration.nix 329 ]; 330 331 specialArgs = { 332 inherit 333 self 334 nixpkgs 335 home-manager 336 nixos-hardware 337 determinate 338 vscode-server 339 nix-ld 340 flake-utils 341 systems 342 nixos-generators 343 zen-browser 344 nix4vscode 345 firefox-addons 346 agenix 347 agenix-rekey 348 chaotic 349 llm-agents 350 dev-pkgs 351 ; 352 }; 353 }; 354 355 lairland = nixpkgs.lib.nixosSystem { 356 system = "x86_64-linux"; 357 modules = [ 358 # nix flake modules first 359 nix-ld.nixosModules.nix-ld 360 determinate.nixosModules.default 361 home-manager.nixosModules.home-manager 362 #agenix.nixosModules.default 363 #agenix-rekey.nixosModules.default 364 vscode-server.nixosModules.default 365 chaotic.nixosModules.default 366 367 # and then the configs 368 ./shared/meta.nix 369 ./hosts/lairland/configuration.nix 370 ]; 371 372 specialArgs = { 373 inherit 374 self 375 nixpkgs 376 home-manager 377 nixos-hardware 378 determinate 379 vscode-server 380 nix-ld 381 flake-utils 382 systems 383 nixos-generators 384 zen-browser 385 nix4vscode 386 firefox-addons 387 agenix 388 agenix-rekey 389 chaotic 390 llm-agents 391 dev-pkgs 392 ; 393 }; 394 }; 395 396 stellapent-cier = nixpkgs.lib.nixosSystem { 397 # for some reason, zen-browser needs to be imported before nixos-hardware 398 # otherwise, it fails to build with some missing dependencies 399 system = "x86_64-linux"; 400 modules = [ 401 nix-ld.nixosModules.nix-ld 402 determinate.nixosModules.default 403 home-manager.nixosModules.home-manager 404 #agenix.nixosModules.default 405 #agenix-rekey.nixosModules.default 406 vscode-server.nixosModules.default 407 chaotic.nixosModules.default 408 ./shared/meta.nix 409 ./hosts/stellapent-cier/configuration.nix 410 ]; 411 specialArgs = { 412 inherit 413 self 414 nixpkgs 415 home-manager 416 nixos-hardware 417 determinate 418 vscode-server 419 nix-ld 420 flake-utils 421 systems 422 nixos-generators 423 zen-browser 424 nix4vscode 425 firefox-addons 426 agenix 427 agenix-rekey 428 chaotic 429 llm-agents 430 dev-pkgs 431 ; 432 }; 433 }; 434 435 live-cd-minimal = nixpkgs.lib.nixosSystem { 436 system = "x86_64-linux"; 437 modules = [ 438 nix-ld.nixosModules.nix-ld 439 determinate.nixosModules.default 440 home-manager.nixosModules.home-manager 441 vscode-server.nixosModules.default 442 chaotic.nixosModules.default 443 ./hosts/live-cd/base.nix 444 ]; 445 specialArgs = { 446 inherit 447 self 448 nixpkgs 449 home-manager 450 nixos-hardware 451 determinate 452 vscode-server 453 nix-ld 454 flake-utils 455 systems 456 nixos-generators 457 zen-browser 458 nix4vscode 459 firefox-addons 460 agenix 461 agenix-rekey 462 chaotic 463 llm-agents 464 dev-pkgs 465 ; 466 }; 467 }; 468 469 live-cd-graphical = nixpkgs.lib.nixosSystem { 470 system = "x86_64-linux"; 471 modules = [ 472 nix-ld.nixosModules.nix-ld 473 determinate.nixosModules.default 474 home-manager.nixosModules.home-manager 475 vscode-server.nixosModules.default 476 chaotic.nixosModules.default 477 ./hosts/live-cd/kde-plasma.nix 478 ]; 479 specialArgs = { 480 inherit 481 self 482 nixpkgs 483 home-manager 484 nixos-hardware 485 determinate 486 vscode-server 487 nix-ld 488 flake-utils 489 systems 490 nixos-generators 491 zen-browser 492 nix4vscode 493 firefox-addons 494 agenix 495 agenix-rekey 496 chaotic 497 llm-agents 498 dev-pkgs 499 ; 500 }; 501 }; 502 }; 503 homeConfigurations = { 504 # Usage 505 # - From GitHub: 506 # nix run home-manager/master -- switch --flake github:andreijiroh-dev/nixops-config#stellapent-cier 507 # - Locally: 508 # nix run home-manager/master -- switch --flake .#stellapent-cier 509 stellapent-cier = home-manager.lib.homeManagerConfiguration { 510 inherit lib; 511 pkgs = nixpkgs.legacyPackages.x86_64-linux; 512 extraSpecialArgs = { 513 inherit 514 self 515 nixpkgs 516 home-manager 517 nixos-hardware 518 determinate 519 vscode-server 520 nix-ld 521 flake-utils 522 systems 523 nixos-generators 524 zen-browser 525 nix4vscode 526 firefox-addons 527 agenix 528 agenix-rekey 529 chaotic 530 llm-agents 531 dev-pkgs 532 ; 533 }; 534 modules = [ 535 { 536 nixpkgs = { 537 overlays = [ 538 self.overlays.default 539 nix4vscode.overlays.default 540 ]; 541 config = { 542 allowUnfree = true; 543 # https://github.com/nix-community/home-manager/issues/2942 544 allowUnfreePredicate = (_: true); 545 }; 546 }; 547 } 548 zen-browser.homeModules.beta 549 chaotic.homeManagerModules.default 550 ./shared/home-manager/main.nix 551 { 552 home = { 553 username = "gildedguy"; 554 homeDirectory = "/home/gildedguy"; 555 }; 556 } 557 ]; 558 }; 559 560 # Usage 561 # - From GitHub: 562 # nix run home-manager/master -- switch --flake github:andreijiroh-dev/nixops-config#plain 563 # - Locally: 564 # nix run home-manager/master -- switch --flake .#plain 565 plain = home-manager.lib.homeManagerConfiguration { 566 pkgs = nixpkgs.legacyPackages.x86_64-linux; 567 extraSpecialArgs = { 568 inherit 569 self 570 nixpkgs 571 home-manager 572 nixos-hardware 573 determinate 574 vscode-server 575 nix-ld 576 flake-utils 577 systems 578 nixos-generators 579 zen-browser 580 nix4vscode 581 firefox-addons 582 agenix 583 agenix-rekey 584 chaotic 585 llm-agents 586 dev-pkgs 587 ; 588 }; 589 modules = [ 590 { 591 nixpkgs = { 592 overlays = [ 593 self.overlays.default 594 nix4vscode.overlays.default 595 llm-agents.overlays.default 596 ]; 597 config = { 598 allowUnfree = true; 599 # https://github.com/nix-community/home-manager/issues/2942 600 allowUnfreePredicate = (_: true); 601 }; 602 }; 603 } 604 zen-browser.homeModules.beta 605 chaotic.homeManagerModules.default 606 ./shared/home-manager/nogui.nix 607 { 608 home.username = "ajhalili2006"; 609 home.homeDirectory = "/home/ajhalili2006"; 610 } 611 ]; 612 }; 613 614 # Usage 615 # - From GitHub: 616 # nix run home-manager/master -- switch --flake github:andreijiroh-dev/nixops-config#arm64-plain 617 # - Locally: 618 # nix run home-manager/master -- switch --flake .#arm64-plain 619 arm64-plain = home-manager.lib.homeManagerConfiguration { 620 pkgs = nixpkgs.legacyPackages.aarch64-linux; 621 extraSpecialArgs = { 622 inherit 623 self 624 nixpkgs 625 home-manager 626 nixos-hardware 627 determinate 628 vscode-server 629 nix-ld 630 flake-utils 631 systems 632 nixos-generators 633 zen-browser 634 nix4vscode 635 firefox-addons 636 agenix 637 agenix-rekey 638 chaotic 639 llm-agents 640 dev-pkgs 641 ; 642 }; 643 modules = [ 644 { 645 nixpkgs = { 646 overlays = [ 647 self.overlays.default 648 nix4vscode.overlays.default 649 llm-agents.overlays.default 650 ]; 651 config = { 652 allowUnfree = true; 653 # https://github.com/nix-community/home-manager/issues/2942 654 allowUnfreePredicate = (_: true); 655 }; 656 }; 657 } 658 zen-browser.homeModules.beta 659 chaotic.homeManagerModules.default 660 ./shared/home-manager/nogui.nix 661 { 662 home.username = "ajhalili2006"; 663 home.homeDirectory = "/home/ajhalili2006"; 664 } 665 ]; 666 }; 667 }; 668 669 # Expose the necessary information in your flake so agenix-rekey 670 # knows where it has to look for secrets and paths. 671 # 672 # Make sure that the pkgs passed here comes from the same nixpkgs version as 673 # the pkgs used on your hosts in `nixosConfigurations`/`darwinConfigurations`, otherwise the rekeyed 674 # derivations will not be found! 675 agenix-rekey = agenix-rekey.configure { 676 userFlake = self; 677 nixosConfigurations = self.nixosConfigurations; 678 #darwinConfigurations = self.darwinConfigurations or { }; 679 # Example for colmena: 680 # nixosConfigurations = ((colmena.lib.makeHive self.colmena).introspect (x: x)).nodes; 681 }; 682 683 # This is for external users who want to reproduce my configs as needed 684 exportedConfigs = { 685 meta = ./shared/meta.nix; 686 base = { 687 sshKeys = ./shared/ssh-keys.nix; 688 hostsFile = ./shared/hosts-file.nix; 689 systemd = ./shared/systemd.nix; 690 networking = ./shared/networking.nix; 691 locale = ./shared/locale.nix; 692 gnupg = ./shared/gnupg.nix; 693 metaConfigs = ./shared/nix.nix; 694 shells = { 695 bash = ./shared/shells/bash.nix; 696 customPrompts = ./shared/shells/custom-prompts.nix; 697 }; 698 }; 699 desktop = { 700 kdePlasma = ./shared/desktop/kde-plasma.nix; 701 base = ./shared/desktop/base.nix; 702 flatpak = ./shared/desktop/flatpak.nix; 703 _1password = ./shared/desktop/1password.nix; 704 }; 705 server = { 706 devenv = ./shared/server/devenv.nix; 707 ssh = ./shared/server/ssh.nix; 708 firewall = ./shared/server/firewall.nix; 709 tailscale = ./shared/server/tailscale.nix; 710 cockpit = ./shared/server/cockpit.nix; 711 }; 712 }; 713 }; 714}