{ description = "Malte Tammena's system configuration"; inputs = { nixpkgs.url = "nixpkgs/nixos-unstable"; nixpkgs-master.url = "github:NixOS/nixpkgs/master"; "nixpkgs-21.05".url = "github:NixOS/nixpkgs/nixos-21.05"; nixos-hardware.url = "github:NixOS/nixos-hardware"; nixpkgs-wayland.url = "github:nix-community/nixpkgs-wayland"; home-manager.url = "github:nix-community/home-manager"; emulator-2a.url = "github:MalteT/2a-emulator/develop"; mensa.url = "github:MalteT/mensa/main"; custom-udev-rules.url = "github:MalteT/custom-udev-rules"; fenix.url = "github:nix-community/fenix"; colmena.url = "github:zhaofengli/colmena"; sops-nix.url = "github:Mic92/sops-nix"; #glados.url = "git+https://git.sr.ht/~megamanmalte/GLaDOS?ref=main"; glados.url = "path:/home/malte/repos/glados"; gruvbox-material-gtk = { url = "github:sainnhe/gruvbox-material-gtk"; flake = false; }; rip = { url = "github:nivekuil/rip"; flake = false; }; sway = { url = "github:swaywm/sway"; flake = false; }; wlroots = { url = "github:swaywm/wlroots"; flake = false; }; mosh = { url = "github:mobile-shell/mosh"; flake = false; }; "2i-emulator" = { url = "github:klemens/2i-emulator"; flake = false; }; "cataclysm-dda" = { url = "github:CleverRaven/Cataclysm-DDA"; flake = false; }; "fend" = { url = "github:MalteT/fend/flake"; }; }; outputs = { self, nixpkgs, nixos-hardware, home-manager, ... }@inputs: let publicSshKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDXnYMJtwgvSNpjysKzvRCjzyyQRB4yDtzynD7c5ALDZfRHvrgGQS11vk96ExClo66ll3vrFci5mBmGJf4/+yPBb3qiiovEHobjh5nIDHXYTg7tJDHivKIMQ3w8DmZwBKSLFlsH/UZe8NJVGrGRHGofWnTY/yw/FdbAkaKqvF/V+WGP7kR+dQ1pIqXXpP3phAu0WfO+E2838XxHAxLtm35GkE40GCX9dhXmjurxCeTSaJE6OYQ4/+z73fOZc1ebV/Ze6UZsGhOtzJPBIH19Ft0v9x86KoZabqgK3KDSHn9QKcM+Mm7o3tOthfQPlg1tCoxGueDJFI/0+AyjwBmQ1CUvNXpfmL4NE+6GRwRfZNsWoW0nPmC1B/c3rWk+JXYsxGQhvVeDk+1HXCFKghdPTSgpESua03A4UqLNadERYC9s2Q5TzSYQsV/8fpg4gCxlVRl/g1aUvbaCL09jmUkDJ4i36X+g8rvux5Q2CTpskLuhHeFVcC4/c1XXF+cJTwl1GjppEL0JFKgcjIwlyE8neR4PVlOq3UQqZdZEvzZigaLxtpwZMKNGhdIqS2/qqo/LlJ66/Y7TohimhsCRyHHqbf85Cha1z0Ct+9GtTdn9hpeC6Sb2Et+iN4gxdm+SWqPybZipeBL7b+ir5Ssxq1vIf/sbqKh7Kz699dwKSeRaAmJiew== openpgp:0xC43C0C72"; in rec { colmena = { meta = { nixpkgs = import nixpkgs { system = "x86_64-linux"; }; machinesFile = ./build-machines; }; helix-texta = { name, nodes, pkgs, ... }: { imports = [ self.nixosModules.helix-texta ]; config.deployment = { allowLocalDeployment = true; targetHost = null; }; }; achatina-fulica = { ... }: { imports = [ self.nixosModules.achatina-fulica ]; config.deployment = { targetHost = "cal.tammena.rocks"; targetUser = "root"; }; }; elysia-clarki = { ... }: { imports = [ self.nixosModules.elysia-clarki ]; config.deployment = { targetHost = "elysia-clarki"; targetUser = "root"; }; }; }; nixosModules = { helix-texta = { pkgs, config, ... }: { imports = [ ./hosts/helix-texta.nix ./modules/light-actkbd.nix ./modules/scanner.nix self.nixosModules.thinkpad-p1-gen3 home-manager.nixosModules.home-manager self.nixosModules.home-manager self.nixosModules.x86_64-linux-basics ]; config = { nix = { # add binary caches binaryCachePublicKeys = [ #"elysia-clarki:aGVlotez1OXr8OHYZxgw+LH93sJEVzrKIS0aoVfKtpc=" "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" "nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA=" ]; binaryCaches = nixpkgs.lib.mkForce [ #"http://cache.home.dyn.tammena.rocks" "https://cache.nixos.org" "https://nixpkgs-wayland.cachix.org" ]; }; environment.systemPackages = [ inputs.colmena.packages.${config.nixpkgs.system}.colmena ]; # Overwrite basics services.openssh.enable = false; programs.mosh.enable = false; # Overlays only relevant to my primary laptop nixpkgs.overlays = [ inputs.nixpkgs-wayland.overlay inputs.fenix.overlay (import ./overlays/sane-backends.nix) (import ./overlays/logisim.nix) ]; }; }; achatina-fulica = { pkgs, ... }: { imports = [ self.nixosModules.x86_64-linux-basics inputs.glados.nixosModules.glados ./hosts/achatina-fulica.nix ./hardware/netcup-minimal.nix ./modules/nginx-reverse-proxy.nix ./modules/radicale.nix #./modules/grafana.nix ]; }; elysia-clarki = { pkgs, ... }: { imports = [ self.nixosModules.x86_64-linux-basics ./hosts/elysia-clarki.nix ./hardware/intel-nuc.nix ./modules/local-build-service.nix ./modules/nginx-reverse-proxy.nix ./modules/binary-cache.nix ./modules/ccqcraft-backups.nix ]; config = { # Override kernel version for zfs boot.kernelPackages = pkgs.linuxPackages_5_10; }; }; }; nixosModules.thinkpad-p1-gen3 = { pkgs, config, lib, ... }: { imports = [ nixos-hardware.nixosModules.common-cpu-intel nixos-hardware.nixosModules.common-gpu-nvidia nixos-hardware.nixosModules.common-pc-laptop nixos-hardware.nixosModules.common-pc-laptop-ssd nixos-hardware.nixosModules.common-pc-laptop-acpi_call ./hardware/thinkpad-p1-gen3.nix ]; }; homeManagerConfigurations.malte = home-manager.lib.homeManagerConfiguration { system = "x86_64-linux"; username = "malte"; configuration = ./malte/home.nix; homeDirectory = "/home/malte"; }; nixosModules.home-manager = { pkgs, ... }: { home-manager.verbose = true; home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.users.malte.imports = [ ./malte/home.nix ]; }; # Necessary for flakes to work nixosModules.nixUnstable = { pkgs, ... }: { nix.registry.nixpkgs.flake = nixpkgs; nix.package = pkgs.nixUnstable; nix.extraOptions = '' experimental-features = nix-command flakes ''; nixpkgs.overlays = [ (self: super: { nix = super.nixUnstable; }) ]; }; # Some basics that every machine should have nixosModules.x86_64-linux-basics = { pkgs, ... }: { imports = [ inputs.custom-udev-rules.nixosModule inputs.sops-nix.nixosModules.sops self.nixosModules.nixUnstable ./modules/neovim.nix ]; # Basic system things system.configurationRevision = pkgs.lib.mkIf (self ? rev) self.rev; nixpkgs.config = { allowUnfree = true; joypixels.acceptLicense = true; }; hardware.enableAllFirmware = true; hardware.enableRedistributableFirmware = true; # Make sure that I can log in users.users.root = { openssh.authorizedKeys.keys = [ publicSshKey ]; }; # Basic packages environment.systemPackages = with pkgs; [ git ]; # Enable mosh for some SSH superpower programs.mosh.enable = pkgs.lib.mkDefault true; services.openssh.enable = pkgs.lib.mkDefault true; # My timezone time.timeZone = "Europe/Berlin"; # Default locale on all systems i18n.defaultLocale = "en_US.UTF-8"; # Some boot defaults boot.kernelPackages = pkgs.lib.mkDefault pkgs.linuxPackages_latest; boot.loader.timeout = pkgs.lib.mkDefault 1; boot.loader.systemd-boot.configurationLimit = 100; # This is set explicitly in all configurations, let's just do it here networking.useDHCP = false; # Add some useful overlays nixpkgs.overlays = [ (self: super: { # Add a meta package containing packages from master bleeding = inputs.nixpkgs-master.legacyPackages.x86_64-linux; "nixpkgs-21.05" = inputs."nixpkgs-21.05".legacyPackages.x86_64-linux; # Add FiraCode as a package, but use NerdFonts firaCodeNerd = super.nerdfonts.override { fonts = [ "FiraCode" ]; }; # TODO: Remove once khal is fixed khal = super.bleeding.khal; # Add the emulator "2a-emulator" = inputs.emulator-2a.packages.x86_64-linux."2a-emulator"; # Add my mensa tool mensa = inputs.mensa.packages.x86_64-linux.mensa; fend = inputs.fend.packages.x86_64-linux.fend; }) # Some program adjustments (import ./overlays/cataclysm-dda.nix) ]; }; # My thinkpad P1 nixosConfigurations.helix-texta = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ self.nixosModules.helix-texta ]; }; # Currently hosted by NetCup nixosConfigurations.achatina-fulica = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ self.nixosModules.achatina-fulica ]; }; # Server @home nixosConfigurations.elysia-clarki = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ self.nixosModules.x86_64-linux-basics ./hosts/elysia-clarki.nix ./hardware/intel-nuc.nix ./modules/local-build-service.nix ./modules/nginx-reverse-proxy.nix ./modules/binary-cache.nix ./modules/ccqcraft-backups.nix ({ pkgs, ... }: { # Override kernel version for zfs boot.kernelPackages = pkgs.linuxPackages_5_10; }) ]; }; }; }