{ description = "A flake for all my stuff"; inputs = { # Where we get most of our software. Giant mono repo with recipes # called derivations that say how to build software. nixpkgs.url = "github:nixos/nixpkgs/release-23.11"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable"; # Manages things in home directory home-manager = { url = "github:nix-community/home-manager/release-23.11"; inputs.nixpkgs.follows = "nixpkgs"; }; # Controls system level software and settings including fonts on macOS nix-darwin = { url = "github:lnl7/nix-darwin"; inputs.nixpkgs.follows = "nixpkgs"; }; # Manage Homebrew itself nix-homebrew.url = "github:zhaofengli-wip/nix-homebrew"; # Manage flatpaks nix-flatpak.url = "github:gmodena/nix-flatpak"; # unstable branch. Use github:gmodena/nix-flatpak/?ref= to pin releases. # Format disks with nix-config disko = { url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; }; # Secrets managemnt sops-nix = { url = "github:mic92/sops-nix"; inputs.nixpkgs.follows ="nixpkgs"; }; flox-flake = { url = "github:flox/flox"; # Setting the line below seems to break things... :( # inputs.nixpkgs.follows ="nixpkgs"; }; # My oh-my-posh theme genebean-omp-themes = { url = "github:genebean/my-oh-my-posh-themes"; flake = false; }; microvm = { url = "github:astro/microvm.nix"; inputs.nixpkgs.follows = "nixpkgs"; }; }; # end inputs outputs = inputs@{ self, nixpkgs, nixpkgs-unstable, nix-darwin, home-manager, nix-homebrew, nix-flatpak, disko, sops-nix, flox-flake, microvm, genebean-omp-themes, ... }: let # creates a macOS system config darwinHostConfig = system: hostname: username: nix-darwin.lib.darwinSystem { pkgs = import nixpkgs { inherit system; config = { allowUnfree = true; permittedInsecurePackages = [ "python-2.7.18.7" ]; }; }; specialArgs = { inherit inputs username hostname flox-flake; }; modules = [ nix-homebrew.darwinModules.nix-homebrew { nix-homebrew = { enable = true; # Install Homebrew under the default prefix user = "${username}"; # User owning the Homebrew prefix autoMigrate = true; # Automatically migrate existing Homebrew installations }; } home-manager.darwinModules.home-manager { home-manager = { extraSpecialArgs = { inherit genebean-omp-themes username; }; useGlobalPkgs = true; useUserPackages = true; users.${username}.imports = [ sops-nix.homeManagerModule # user-level secrets management ./modules/home-manager/hosts/${hostname}/${username}.nix ]; }; } ./modules/system/common/all-darwin.nix # system-wide stuff ./modules/hosts/darwin/${hostname} # host specific stuff ]; # end modules }; # end darwinSystem # creates a nixos system config nixosHostConfig = system: hostname: username: nixpkgs.lib.nixosSystem { specialArgs = { inherit inputs username hostname flox-flake; pkgs = import nixpkgs { inherit system; config = { allowUnfree = true; permittedInsecurePackages = [ "electron-21.4.4" ]; }; }; pkgs-unstable = import nixpkgs-unstable { inherit system; config = { allowUnfree = true; permittedInsecurePackages = [ "electron-21.4.4" ]; }; }; }; modules = [ disko.nixosModules.disko home-manager.nixosModules.home-manager { home-manager = { extraSpecialArgs = { inherit genebean-omp-themes hostname username; }; useGlobalPkgs = true; useUserPackages = true; users.${username}.imports = [ ./modules/home-manager/hosts/${hostname}/${username}.nix ]; }; } nix-flatpak.nixosModules.nix-flatpak sops-nix.nixosModules.sops # system wide secrets management ./modules/system/common/all-nixos.nix # system-wide stuff ./modules/hosts/nixos/${hostname} # host specific stuff ]; }; # end nixosSystem nixosMicrovmConfig = system: hostname: username: nixpkgs.lib.nixosSystem { inherit system; modules = [ microvm.nixosModules.microvm { networking.hostName = "${hostname}"; users.users.${username} = { initialHashedPassword = "$6$FH6xo/OzM9mIAXqx$GTqSEDahPGyxLiDOEY77uxaApdd3xJKOkvddV6X4wplTCxsbuoyXwuOuQjMODS7dhfRs.HwL3VQgUjmok3QM60"; isNormalUser = true; }; } ./modules/hosts/nixos/microvms/${hostname} # host specific stuff ]; }; # end nixosMicrovmConfig linuxHomeConfig = system: hostname: username: home-manager.lib.homeManagerConfiguration { extraSpecialArgs = { inherit genebean-omp-themes hostname username; pkgs = import nixpkgs { inherit system; config = { allowUnfree = true; permittedInsecurePackages = [ "electron-21.4.4" ]; }; }; pkgs-unstable = import nixpkgs-unstable { inherit system; config = { allowUnfree = true; permittedInsecurePackages = [ "electron-21.4.4" ]; }; }; }; modules = [ ./modules/home-manager/hosts/${hostname}/${username}.nix { home = { username = "${username}"; homeDirectory = "/home/${username}"; }; } sops-nix.homeManagerModules.sops ]; }; # end homeManagerConfiguration in { darwinConfigurations = { AirPuppet = darwinHostConfig "x86_64-darwin" "AirPuppet" "gene"; Blue-Rock = darwinHostConfig "x86_64-darwin" "Blue-Rock" "gene.liverman"; mightymac = darwinHostConfig "aarch64-darwin" "mightymac" "gene.liverman"; }; nixosConfigurations = { hetznix01 = nixosHostConfig "aarch64-linux" "hetznix01" "gene"; nixnuc = nixosHostConfig "x86_64-linux" "nixnuc" "gene"; rainbow-planet = nixosHostConfig "x86_64-linux" "rainbow-planet" "gene"; # VMs nginx-proxy = nixosMicrovmConfig "x86_64-linux" "nginx-proxy" "gene"; }; homeConfigurations = { gene = linuxHomeConfig "x86_64-linux" "mini-watcher" "gene"; }; }; }