Personal Nix flake
nixos home-manager nix
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

feat: Refactor lib.config to vars

None of that is truly library level infomration, so treat it as
standalone and provide it as an output for easier consumption

+266 -230
+1
flake.nix
··· 41 41 schemas = 42 42 inputs.flake-schemas.schemas 43 43 // (import' ./nix/schemas); 44 + vars = import' ./vars; 44 45 }; 45 46 }); 46 47
+2 -2
nix/home/configs/lpchaim.nix
··· 1 1 { 2 - config, 3 2 lib, 4 3 osConfig ? {}, 4 + self, 5 5 ... 6 6 }: let 7 - inherit (config.my.config) name; 7 + inherit (self.vars) name; 8 8 in { 9 9 home = rec { 10 10 username = "${name.user}";
+2 -1
nix/home/modules/bars/dank-material-shell/default.nix
··· 1 1 { 2 2 config, 3 3 lib, 4 + self, 4 5 ... 5 6 }: let 6 - inherit (config.my.config) wallpaper; 7 + inherit (self.vars) wallpaper; 7 8 cfg = config.my.bars.dank-material-shell; 8 9 in { 9 10 options.my.bars.dank-material-shell.enable = lib.mkEnableOption "Dank material shell";
+2 -1
nix/home/modules/cli/essentials/default.nix
··· 2 2 config, 3 3 lib, 4 4 pkgs, 5 + self, 5 6 ... 6 7 }: let 7 - inherit (config.my.config) flake shell; 8 + inherit (self.vars) shell; 8 9 cfg = config.my.cli.essentials; 9 10 in { 10 11 options.my.cli.essentials.enable = lib.mkEnableOption "essentials";
+2 -1
nix/home/modules/cli/extras.nix
··· 2 2 config, 3 3 lib, 4 4 pkgs, 5 + self, 5 6 ... 6 7 }: let 7 - inherit (config.my.config) flake; 8 + inherit (self.vars) flake; 8 9 cfg = config.my.cli.extras; 9 10 in { 10 11 options.my.cli.extras.enable = lib.mkEnableOption "CLI extras";
+2 -1
nix/home/modules/cli/git/default.nix
··· 1 1 { 2 2 config, 3 3 lib, 4 + self, 4 5 ... 5 6 }: let 6 - inherit (config.my.config) email name; 7 + inherit (self.vars) email name; 7 8 cfg = config.my.cli.git; 8 9 in { 9 10 options.my.cli.git = {
+2 -1
nix/home/modules/de/gnome/theming/default.nix
··· 2 2 config, 3 3 lib, 4 4 pkgs, 5 + self, 5 6 ... 6 7 }: let 7 - inherit (config.my.config) wallpaper; 8 + inherit (self.vars) wallpaper; 8 9 cfg = config.my.de.gnome.theming; 9 10 in { 10 11 options.my.de.gnome.theming = {
+2 -1
nix/home/modules/de/hyprland/default.nix
··· 2 2 config, 3 3 lib, 4 4 pkgs, 5 + self, 5 6 ... 6 7 }: let 7 - inherit (config.my.config) kb; 8 + inherit (self.vars) kb; 8 9 cfg = config.my.de.hyprland; 9 10 in { 10 11 imports = [
+2 -1
nix/home/modules/development/nixd.nix
··· 3 3 lib, 4 4 osConfig ? {}, 5 5 pkgs, 6 + self, 6 7 ... 7 8 }: let 8 9 cfg = config.my.development.nixd; ··· 32 33 command = "${lib.getExe pkgs.nixd}"; 33 34 args = ["--semantic-tokens=true"]; 34 35 config.nixd = let 35 - inherit (config.my.config) flake; 36 + inherit (self.vars) flake; 36 37 inherit (pkgs.stdenv.hostPlatform) system; 37 38 inherit (config.home) username; 38 39 absoluteFlakePath = builtins.replaceStrings ["~"] [config.home.homeDirectory] flake.path;
+2 -1
nix/home/modules/gui/default.nix
··· 3 3 pkgs, 4 4 lib, 5 5 osConfig ? {}, 6 + self, 6 7 ... 7 8 }: let 8 9 cfg = config.my.gui; ··· 41 42 ]; 42 43 43 44 home.file = let 44 - inherit (config.my.config) profilePicture wallpaper; 45 + inherit (self.vars) profilePicture wallpaper; 45 46 in { 46 47 "${config.home.homeDirectory}/.face".source = profilePicture; 47 48 "${config.xdg.userDirs.pictures}/Wallpapers/${baseNameOf wallpaper}".source = wallpaper;
+3 -3
nix/home/modules/nix/default.nix
··· 1 1 { 2 2 config, 3 - inputs, 4 3 lib, 5 4 osConfig ? {}, 5 + self, 6 6 ... 7 7 }: let 8 - inherit (config.my.config) nix; 9 - inherit (inputs.self.lib.secrets.helpers) mkSecret; 8 + inherit (self.lib.secrets.helpers) mkSecret; 9 + inherit (self.vars) nix; 10 10 cfg = config.my.nix; 11 11 in { 12 12 options.my.nix.enable = lib.mkEnableOption "nix";
+14
nix/home/modules/ssh/default.nix
··· 2 2 config, 3 3 lib, 4 4 osConfig ? {}, 5 + pkgs, 6 + self, 5 7 ... 6 8 }: let 7 9 inherit (config.my.secret.helpers) mkSecret mkHostSecret; 10 + inherit (pkgs.stdenv.hostPlatform) system; 8 11 cfg = config.my.ssh; 9 12 in { 10 13 options.my.ssh.enable = ··· 27 30 "*" = { 28 31 addKeysToAgent = "yes"; 29 32 compression = false; 33 + controlMaster = "no"; 34 + controlPath = "~/.ssh/master-%r@%n:%p"; 35 + controlPersist = "no"; 30 36 forwardAgent = false; 37 + hashKnownHosts = false; 31 38 identitiesOnly = true; 32 39 identityFile = [ 33 40 config.my.secrets.ssh.path 34 41 config.my.secrets.ssh-yubikey-25388788.path 35 42 config.my.secrets.ssh-yubikey-26583315.path 36 43 ]; 44 + serverAliveCountMax = 3; 45 + serverAliveInterval = 0; 37 46 setEnv.TERM = "xterm-256color"; 47 + userKnownHostsFile = "~/.ssh/known_hosts ~/.ssh/known_hosts_generated"; 38 48 }; 39 49 "*github.com".identityFile = config.my.secrets.ssh-github.path; 40 50 "*tangled.org".identityFile = config.my.secrets.ssh-tangled.path; ··· 44 54 45 55 services.ssh-agent = { 46 56 enable = true; 57 + }; 58 + 59 + home.file = { 60 + ".ssh/known_hosts_generated".source = self.legacyPackages.${system}.knownHosts; 47 61 }; 48 62 }; 49 63 }
+12 -2
nix/legacyPackages/default.nix
··· 1 - {inputs, ...} @ args: let 1 + { 2 + inputs, 3 + lib, 4 + self, 5 + ... 6 + }: let 2 7 inherit (inputs.self.lib) callPackageWith callPackageRecursiveWith; 3 8 in { 4 9 perSystem = { ··· 10 15 callPackageRecursive = callPackageRecursiveWith pkgs; 11 16 in { 12 17 legacyPackages = { 13 - ci.matrix = callPackage ./ciMatrix.nix {inherit (args.inputs) self;}; 18 + ci.matrix = callPackage ./ciMatrix.nix {inherit self;}; 14 19 scripts = callPackageRecursive ./scripts {inherit (self'.legacyPackages.pkgs) writeNuScriptStdinBin;}; 15 20 vimPlugins = callPackageRecursive ./vimPlugins {}; 21 + knownHosts = 22 + self.vars.hosts 23 + |> lib.mapAttrsToList (host: cfg: "${host} ${cfg.pubKey}") 24 + |> lib.concatStringsSep "\n" 25 + |> pkgs.writeText "known-hosts"; 16 26 }; 17 27 }; 18 28 }
-95
nix/lib/config.nix
··· 1 - { 2 - inputs, 3 - lib, 4 - ... 5 - }: let 6 - assets = ../../assets; 7 - filter = prefix: (name: type: type == "regular" && lib.strings.hasPrefix prefix name); 8 - assetWithPrefix = prefix: 9 - (builtins.readDir assets) 10 - |> lib.filterAttrs (filter prefix) 11 - |> builtins.attrNames 12 - |> builtins.head 13 - |> (x: assets + /${x}); 14 - in { 15 - name.user = "lpchaim"; 16 - name.full = "Luna Perroni"; 17 - email.main = "lpchaim@proton.me"; 18 - flake.path = "~/.config/nixos"; 19 - repo.main = "https://github.com/lpchaim/nixos"; 20 - shell = "fish"; 21 - wallpaper = assetWithPrefix "wallpaper"; 22 - profilePicture = assetWithPrefix "profile-picture"; 23 - ssh.publicKeys = { 24 - github = ../../keys/github.pub; 25 - tangled = ../../keys/tangled.pub; 26 - perHost = 27 - ../../secrets/perHost 28 - |> lib.filesystem.listFilesRecursive 29 - |> builtins.filter (lib.hasSuffix "ssh.pub") 30 - |> map (value: { 31 - inherit value; 32 - name = 33 - value 34 - |> toString 35 - |> lib.splitString "/" 36 - |> lib.reverseList 37 - |> (list: lib.elemAt list 1); 38 - }) 39 - |> builtins.listToAttrs; 40 - perYubikey = { 41 - "25388788" = ../../keys/yubikey-25388788.pub; 42 - "26583315" = ../../keys/yubikey-26583315.pub; 43 - }; 44 - }; 45 - nix = { 46 - pkgs = { 47 - config = { 48 - allowUnfree = true; 49 - }; 50 - overlays = builtins.attrValues inputs.self.overlays; 51 - }; 52 - settings = { 53 - accept-flake-config = true; 54 - builders-use-substitutes = true; 55 - auto-optimise-store = true; 56 - extra-experimental-features = "flakes nix-command pipe-operator"; 57 - extra-substituters = [ 58 - # cache.nixos.org is set by default 59 - "https://lpchaim.cachix.org" 60 - "https://nix-comunity.cachix.org" 61 - "https://nix-gaming.cachix.org" 62 - ]; 63 - extra-trusted-public-keys = [ 64 - "lpchaim.cachix.org-1:2xOuvojcUDNhJRzCpvgewQ2DdNZz3QzGVV4Z/7C+Lio=" 65 - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" 66 - "nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4=" 67 - ]; 68 - http-connections = 100; 69 - keep-derivations = true; 70 - keep-outputs = true; 71 - max-jobs = "auto"; 72 - max-substitution-jobs = 100; 73 - trusted-users = ["root" "@wheel"]; 74 - }; 75 - }; 76 - kb = rec { 77 - br = { 78 - inherit (default) options; 79 - layout = "br"; 80 - variant = "nodeadkeys"; 81 - }; 82 - us = { 83 - inherit (default) options; 84 - layout = "us"; 85 - variant = "altgr-intl"; 86 - }; 87 - default = let 88 - mkMerge = builtins.concatStringsSep ","; 89 - in { 90 - layout = mkMerge [br.layout us.layout]; 91 - variant = mkMerge [br.variant us.variant]; 92 - options = "grp:alt_space_toggle"; 93 - }; 94 - }; 95 - }
-1
nix/lib/default.nix
··· 4 4 self, 5 5 ... 6 6 } @ args: { 7 - config = import ./config.nix args; 8 7 flake = import ./flake.nix args; 9 8 packages = import ./packages.nix args; 10 9 secrets = import ./secrets.nix args;
+2 -3
nix/nixos/configs/desktop/default.nix
··· 1 - {config, ...}: let 2 - inherit (config.my.config) name; 1 + {self, ...}: let 2 + inherit (self.vars) name; 3 3 in { 4 4 imports = [ 5 5 ./hardware-configuration.nix ··· 24 24 25 25 networking.interfaces.enp6s0.wakeOnLan.enable = true; 26 26 27 - age.rekey.hostPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMNf+oynlWr+Xq3UYKpCy8ih/w9sT6IuIKAtYjo6sfJr"; 28 27 system.stateVersion = "23.11"; 29 28 home-manager.users.${name.user}.home.stateVersion = "24.11"; 30 29 }
+3 -4
nix/nixos/configs/desktop/storage.nix
··· 1 1 { 2 - config, 3 - inputs, 4 2 lib, 3 + self, 5 4 ... 6 5 }: let 7 - inherit (inputs.self.lib.storage.btrfs) mkSecondaryStorage mkStorage; 8 - inherit (config.my.config) name; 6 + inherit (self.lib.storage.btrfs) mkSecondaryStorage mkStorage; 7 + inherit (self.vars) name; 9 8 in 10 9 lib.mkMerge [ 11 10 (mkStorage {
+2 -3
nix/nixos/configs/laptop/default.nix
··· 1 - {config, ...}: let 2 - inherit (config.my.config) name; 1 + {self, ...}: let 2 + inherit (self.vars) name; 3 3 in { 4 4 imports = [ 5 5 ./hardware-configuration.nix ··· 20 20 }; 21 21 }; 22 22 23 - age.rekey.hostPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHh5IZnZipti8mCt0NPCVrJ5XTU2z+nb7d2hgMG4/B3C"; 24 23 system.stateVersion = "23.11"; 25 24 home-manager.users.${name.user}.home.stateVersion = "23.05"; 26 25 }
+2 -4
nix/nixos/configs/raspberrypi/default.nix
··· 1 1 { 2 - config, 3 2 pkgs, 3 + self, 4 4 ... 5 5 }: let 6 - inherit (config.my.config) name; 6 + inherit (self.vars) name; 7 7 in { 8 8 imports = [ 9 9 ./hardware-configuration.nix ··· 21 21 }; 22 22 23 23 boot.kernelPackages = pkgs.linuxPackages_latest; 24 - nixpkgs.hostPlatform = "aarch64-linux"; 25 24 26 - age.rekey.hostPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILr9pl4qaL/+DV//lhE5y6V7xJ2eh1BSlwNYD9L9a2sQ"; 27 25 system.stateVersion = "24.05"; 28 26 home-manager.users.${name.user}.home.stateVersion = "24.05"; 29 27 }
+2 -2
nix/nixos/configs/steamdeck/default.nix
··· 1 1 { 2 - config, 3 2 inputs, 4 3 ezModules, 4 + self, 5 5 ... 6 6 }: let 7 - inherit (config.my.config) name; 7 + inherit (self.vars) name; 8 8 in { 9 9 imports = [ 10 10 inputs.jovian.nixosModules.default
+3 -4
nix/nixos/configs/steamdeck/storage.nix
··· 1 1 { 2 - config, 3 - inputs, 4 2 lib, 3 + self, 5 4 ... 6 5 }: let 7 - inherit (inputs.self.lib.storage.btrfs) mkStorage; 8 - inherit (config.my.config) name; 6 + inherit (self.lib.storage.btrfs) mkStorage; 7 + inherit (self.vars) name; 9 8 in 10 9 lib.mkMerge [ 11 10 (mkStorage {
+2
nix/nixos/modules/default.nix
··· 1 1 { 2 + config, 2 3 inputs, 3 4 lib, 4 5 pkgs, ··· 74 75 useGlobalPkgs = true; 75 76 useUserPackages = true; 76 77 }; 78 + nixpkgs.hostPlatform = config.my.hostVars.system or "x86_64-linux"; 77 79 systemd = { 78 80 targets.network-online.wantedBy = pkgs.lib.mkForce []; 79 81 services.NetworkManager-wait-online.wantedBy = pkgs.lib.mkForce [];
-1
nix/nixos/modules/gaming/default.nix
··· 4 4 pkgs, 5 5 ... 6 6 }: let 7 - inherit (config.my.config) name; 8 7 cfg = config.my.gaming; 9 8 in { 10 9 imports = [
+2 -2
nix/nixos/modules/locale/default.nix
··· 1 - {config, ...}: { 1 + {self, ...}: { 2 2 time = { 3 3 timeZone = "America/Sao_Paulo"; 4 4 hardwareClockInLocalTime = true; ··· 12 12 }; 13 13 console.useXkbConfig = true; # use xkb.options in tty. 14 14 services.xserver.xkb = { 15 - inherit (config.my.config.kb.default) layout options variant; 15 + inherit (self.vars.kb.default) layout options variant; 16 16 }; 17 17 }
+13 -2
nix/nixos/modules/misc/default.nix
··· 1 - {lib, ...}: { 2 - options.my.deprecated = lib.mkEnableOption "deprecation marker"; 1 + { 2 + config, 3 + lib, 4 + self, 5 + ... 6 + }: { 7 + options.my = { 8 + deprecated = lib.mkEnableOption "deprecation marker"; 9 + hostVars = lib.mkOption { 10 + description = "Current host's variables"; 11 + default = self.vars.hosts.${config.networking.hostName} or {}; 12 + }; 13 + }; 3 14 }
+2 -1
nix/nixos/modules/nix/default.nix
··· 1 1 { 2 2 config, 3 3 lib, 4 + self, 4 5 ... 5 6 }: let 6 - inherit (config.my.config) nix; 7 7 cfg = config.my.nix; 8 + inherit (self.vars) nix; 8 9 in { 9 10 options.my.nix.enable = lib.mkEnableOption "nix"; 10 11 config = lib.mkIf (cfg.enable) {
+1
nix/nixos/modules/secrets/default.nix
··· 25 25 in 26 26 osSecrets // homeSecrets; 27 27 rekey = { 28 + hostPubkey = lib.mkIf (config.my.hostVars ? pubKey) config.my.hostVars.pubKey; 28 29 localStorageDir = root + /.rekeyed/${config.networking.hostName}; 29 30 forceRekeyOnSystem = "x86_64-linux"; 30 31 };
+2 -1
nix/nixos/modules/steamos.nix
··· 1 1 { 2 2 config, 3 3 lib, 4 + self, 4 5 ... 5 6 }: let 6 - inherit (config.my.config) name; 7 + inherit (self.vars) name; 7 8 cfg = config.my.steamos; 8 9 in { 9 10 options.my.steamos.enable = lib.mkEnableOption "SteamOS";
+3 -3
nix/nixos/modules/tailscale/default.nix
··· 1 1 { 2 2 config, 3 - inputs, 4 3 lib, 5 4 options, 5 + self, 6 6 ... 7 7 }: let 8 - inherit (config.my.config) name; 9 - inherit (inputs.self.lib.secrets.helpers) mkSecret; 8 + inherit (self.lib.secrets.helpers) mkSecret; 9 + inherit (self.vars) name; 10 10 cfg = config.my.networking.tailscale; 11 11 in { 12 12 options.my.networking.tailscale = {
+4 -4
nix/nixos/modules/users/lpchaim.nix
··· 1 1 { 2 2 config, 3 - inputs, 4 3 lib, 5 4 pkgs, 5 + self, 6 6 ... 7 7 }: let 8 - inherit (config.my.config) name shell; 9 - inherit (config.my.config.ssh.publicKeys) perHost perYubikey; 10 - inherit (inputs.self.lib.secrets.helpers) mkUserSecret; 8 + inherit (self.lib.secrets.helpers) mkUserSecret; 9 + inherit (self.vars) name shell; 10 + inherit (self.vars.ssh.publicKeys) perHost perYubikey; 11 11 userName = name.user; 12 12 cfg = config.my.users.lpchaim; 13 13 in {
+2 -2
nix/overlays/packages.nix
··· 1 - {self, ...}: final: prev: let 1 + {inputs, ...}: final: prev: let 2 2 inherit (prev.stdenv.hostPlatform) system; 3 3 in 4 - self.packages.${system} or {} 4 + inputs.self.packages.${system} or {}
+2 -2
nix/overlays/vimPlugins.nix
··· 1 - {self, ...}: final: prev: let 1 + {inputs, ...}: final: prev: let 2 2 inherit (prev.stdenv.hostPlatform) system; 3 3 in { 4 4 vimPlugins = 5 5 prev.vimPlugins 6 - // self.legacyPackages.${system}.vimPlugins or {}; 6 + // inputs.self.legacyPackages.${system}.vimPlugins or {}; 7 7 }
-10
nix/shared/default.nix
··· 1 1 { 2 - inputs, 3 - lib, 4 - ... 5 - }: let 6 - inherit (inputs) self; 7 - in { 8 2 imports = [ 9 3 ./flatpak.nix 10 4 ./nix.nix 11 5 ./secrets.nix 12 6 ./theming.nix 13 7 ]; 14 - 15 - options = { 16 - my.config = lib.mkOption {default = self.lib.config;}; 17 - }; 18 8 }
+1 -1
nix/shared/nix.nix
··· 4 4 pkgs, 5 5 ... 6 6 }: let 7 - inherit (inputs.self.lib.config.nix) settings; 7 + inherit (inputs.self.vars.nix) settings; 8 8 in { 9 9 nix = { 10 10 inherit settings;
+1 -2
nix/shared/theming.nix
··· 1 1 { 2 - config, 3 2 inputs, 4 3 lib, 5 4 pkgs, 6 5 ... 7 6 }: let 8 - inherit (inputs.self.lib.config) wallpaper; 7 + inherit (inputs.self.vars) wallpaper; 9 8 base16 = pkgs.base16-schemes + /share/themes; 10 9 in { 11 10 stylix = {
+1 -1
nix/shells/deploy.nix
··· 1 1 {inputs, ...}: { 2 2 perSystem = {self', ...}: let 3 - inherit (inputs.self.lib.config) flake repo; 3 + inherit (inputs.self.vars) flake repo; 4 4 inherit (self'.legacyPackages) pkgs; 5 5 in { 6 6 make-shells.deploy = {
+3 -67
nix/tests/default.nix
··· 1 - { 2 - inputs, 3 - lib, 4 - self, 5 - ... 6 - }: { 1 + {inputs, ...}: { 7 2 imports = [ 8 3 inputs.nixtest.flakeModule 4 + ./nixos.nix 5 + ./nixosSnapshots.nix 9 6 ]; 10 - 11 - perSystem = { 12 - nixtest = { 13 - skip = ""; 14 - suites = { 15 - "Age pubkeys snapshot" = { 16 - pos = __curPos; 17 - tests = 18 - self.nixosConfigurations 19 - |> lib.mapAttrsToList (name: os: { 20 - name = "pubkey-${name}"; 21 - type = "snapshot"; 22 - actual = os.config.age.rekey.hostPubkey; 23 - }); 24 - }; 25 - "Filesystems snapshot" = { 26 - pos = __curPos; 27 - tests = 28 - self.nixosConfigurations 29 - |> lib.mapAttrsToList (name: os: { 30 - name = "filesystems-${name}"; 31 - type = "snapshot"; 32 - actual = 33 - os.config.fileSystems 34 - |> lib.filterAttrs (_: cfg: cfg.enable) 35 - |> lib.mapAttrs (_: cfg: {inherit (cfg) device fsType options;}); 36 - }); 37 - }; 38 - "Profiles snapshot" = { 39 - pos = __curPos; 40 - tests = 41 - self.nixosConfigurations 42 - |> lib.mapAttrsToList (name: os: { 43 - name = "profiles-${name}"; 44 - type = "snapshot"; 45 - actual = let 46 - filterEnabled = lib.filterAttrsRecursive (_: node: node == true || (builtins.isAttrs node && node != {})); 47 - attrsToString = lib.mapAttrsToListRecursive (path: _: lib.concatStringsSep "." path); 48 - in { 49 - nixos = os.config.my.profiles |> filterEnabled |> attrsToString; 50 - home = os.config.home-manager.users.lpchaim.my.profiles |> filterEnabled |> attrsToString; 51 - }; 52 - }); 53 - }; 54 - "Servers have authorized keys" = { 55 - pos = __curPos; 56 - tests = 57 - self.nixosConfigurations 58 - |> lib.filterAttrs (_: os: os.config.my.profiles.server) 59 - |> lib.mapAttrsToList (name: os: { 60 - name = "authorizedkeys-${name}"; 61 - actual = let 62 - inherit (os.config.users.users.lpchaim.openssh.authorizedKeys) keys keyFiles; 63 - in 64 - (builtins.length (keys ++ keyFiles)) > 0; 65 - expected = true; 66 - }); 67 - }; 68 - }; 69 - }; 70 - }; 71 7 }
+36
nix/tests/nixos.nix
··· 1 + { 2 + lib, 3 + self, 4 + ... 5 + }: let 6 + activeNixosConfigurations = 7 + self.nixosConfigurations 8 + |> lib.filterAttrs (_: os: !os.config.my.deprecated); 9 + in { 10 + perSystem.nixtest.suites = { 11 + "Active hosts have vars" = { 12 + pos = __curPos; 13 + tests = 14 + activeNixosConfigurations 15 + |> lib.mapAttrsToList (name: os: { 16 + name = "vars-${name}"; 17 + actual = os.config.my.hostVars != {}; 18 + expected = true; 19 + }); 20 + }; 21 + "Active servers have authorized keys" = { 22 + pos = __curPos; 23 + tests = 24 + activeNixosConfigurations 25 + |> lib.filterAttrs (_: os: os.config.my.profiles.server) 26 + |> lib.mapAttrsToList (name: os: { 27 + name = "authorizedkeys-${name}"; 28 + actual = let 29 + inherit (os.config.users.users.lpchaim.openssh.authorizedKeys) keys keyFiles; 30 + in 31 + (builtins.length (keys ++ keyFiles)) > 0; 32 + expected = true; 33 + }); 34 + }; 35 + }; 36 + }
+47
nix/tests/nixosSnapshots.nix
··· 1 + { 2 + lib, 3 + self, 4 + ... 5 + }: { 6 + perSystem.nixtest.suites = { 7 + "Age pubkeys snapshot" = { 8 + pos = __curPos; 9 + tests = 10 + self.nixosConfigurations 11 + |> lib.mapAttrsToList (name: os: { 12 + name = "pubkey-${name}"; 13 + type = "snapshot"; 14 + actual = os.config.age.rekey.hostPubkey; 15 + }); 16 + }; 17 + "Filesystems snapshot" = { 18 + pos = __curPos; 19 + tests = 20 + self.nixosConfigurations 21 + |> lib.mapAttrsToList (name: os: { 22 + name = "filesystems-${name}"; 23 + type = "snapshot"; 24 + actual = 25 + os.config.fileSystems 26 + |> lib.filterAttrs (_: cfg: cfg.enable) 27 + |> lib.mapAttrs (_: cfg: {inherit (cfg) device fsType options;}); 28 + }); 29 + }; 30 + "Profiles snapshot" = { 31 + pos = __curPos; 32 + tests = 33 + self.nixosConfigurations 34 + |> lib.mapAttrsToList (name: os: { 35 + name = "profiles-${name}"; 36 + type = "snapshot"; 37 + actual = let 38 + filterEnabled = lib.filterAttrsRecursive (_: node: node == true || (builtins.isAttrs node && node != {})); 39 + attrsToString = lib.mapAttrsToListRecursive (path: _: lib.concatStringsSep "." path); 40 + in { 41 + nixos = os.config.my.profiles |> filterEnabled |> attrsToString; 42 + home = os.config.home-manager.users.lpchaim.my.profiles |> filterEnabled |> attrsToString; 43 + }; 44 + }); 45 + }; 46 + }; 47 + }
+18
vars/default.nix
··· 1 + args: { 2 + name.user = "lpchaim"; 3 + name.full = "Luna Perroni"; 4 + email.main = "lpchaim@proton.me"; 5 + flake.path = "~/.config/nixos"; 6 + repo = rec { 7 + main = github; 8 + github = "https://github.com/lpchaim/nixos"; 9 + tangled = "https://tangled.org/lpchaim/nix"; 10 + }; 11 + shell = "fish"; 12 + wallpaper = ../assets/wallpaper.jpg; 13 + profilePicture = ../assets/profile-picture.png; 14 + ssh = import ./ssh.nix args; 15 + hosts = import ./hosts.nix; 16 + nix = import ./nix.nix args; 17 + kb = import ./kb.nix; 18 + }
+6
vars/hosts.nix
··· 1 + { 2 + desktop.pubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMNf+oynlWr+Xq3UYKpCy8ih/w9sT6IuIKAtYjo6sfJr"; 3 + laptop.pubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHh5IZnZipti8mCt0NPCVrJ5XTU2z+nb7d2hgMG4/B3C"; 4 + raspberrypi.pubKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILr9pl4qaL/+DV//lhE5y6V7xJ2eh1BSlwNYD9L9a2sQ"; 5 + raspberrypi.system = "aarch64-linux"; 6 + }
+17
vars/kb.nix
··· 1 + rec { 2 + br = { 3 + inherit (default) options; 4 + layout = "br"; 5 + variant = "nodeadkeys"; 6 + }; 7 + us = { 8 + inherit (default) options; 9 + layout = "us"; 10 + variant = "altgr-intl"; 11 + }; 12 + default = { 13 + layout = builtins.concatStringsSep "," [br.layout us.layout]; 14 + variant = builtins.concatStringsSep "," [br.variant us.variant]; 15 + options = "grp:alt_space_toggle"; 16 + }; 17 + }
+28
vars/nix.nix
··· 1 + {inputs, ...}: { 2 + pkgs = { 3 + config.allowUnfree = true; 4 + overlays = builtins.attrValues inputs.self.overlays; 5 + }; 6 + settings = { 7 + accept-flake-config = true; 8 + builders-use-substitutes = true; 9 + auto-optimise-store = true; 10 + extra-experimental-features = "flakes nix-command pipe-operator"; 11 + extra-substituters = [ 12 + "https://lpchaim.cachix.org" 13 + "https://nix-comunity.cachix.org" 14 + "https://nix-gaming.cachix.org" 15 + ]; 16 + extra-trusted-public-keys = [ 17 + "lpchaim.cachix.org-1:2xOuvojcUDNhJRzCpvgewQ2DdNZz3QzGVV4Z/7C+Lio=" 18 + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" 19 + "nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4=" 20 + ]; 21 + http-connections = 100; 22 + keep-derivations = true; 23 + keep-outputs = true; 24 + max-jobs = "auto"; 25 + max-substitution-jobs = 100; 26 + trusted-users = ["root" "@wheel"]; 27 + }; 28 + }
+13
vars/ssh.nix
··· 1 + {inputs, ...}: let 2 + inherit (inputs.nixpkgs) lib; 3 + in { 4 + publicKeys = { 5 + github = ../keys/github.pub; 6 + tangled = ../keys/tangled.pub; 7 + perHost = lib.mapAttrs (_: host: host.pubKey) inputs.self.vars.hosts; 8 + perYubikey = { 9 + "25388788" = ../keys/yubikey-25388788.pub; 10 + "26583315" = ../keys/yubikey-26583315.pub; 11 + }; 12 + }; 13 + }