diff --git a/config/hosts/daiyousei.nix b/config/hosts/daiyousei.nix index 6eb1e648..3fa88456 100644 --- a/config/hosts/daiyousei.nix +++ b/config/hosts/daiyousei.nix @@ -1,4 +1,4 @@ -{ config, tf, meta, kw, pkgs, lib, sources, ... }: with lib; { +{ config, tf, meta, kw, pkgs, lib, ... }: with lib; { imports = with meta; [ profiles.hardware.aarch64 profiles.hardware.oracle.ubuntu diff --git a/config/hosts/goliath.nix b/config/hosts/goliath.nix index c22eb996..9b14e753 100644 --- a/config/hosts/goliath.nix +++ b/config/hosts/goliath.nix @@ -1,4 +1,4 @@ -{ meta, tf, config, pkgs, lib, sources, ... }: with lib; { +{ meta, tf, config, pkgs, lib, ... }: with lib; { imports = with meta; [ profiles.hardware.ms-7b86 profiles.hardware.razer diff --git a/config/hosts/rinnosuke.nix b/config/hosts/rinnosuke.nix index d0d748ae..d24ba7f5 100644 --- a/config/hosts/rinnosuke.nix +++ b/config/hosts/rinnosuke.nix @@ -1,4 +1,4 @@ -{ config, tf, meta, kw, pkgs, lib, sources, ... }: with lib; { +{ config, tf, meta, kw, pkgs, lib, ... }: with lib; { imports = with meta; [ profiles.hardware.oracle.ubuntu profiles.network diff --git a/config/modules/meta/deploy.nix b/config/modules/meta/deploy.nix index 09e401c0..ce86bb79 100644 --- a/config/modules/meta/deploy.nix +++ b/config/modules/meta/deploy.nix @@ -1,4 +1,4 @@ -{ sources, config, pkgs, lib, ... }: +{ inputs, config, pkgs, lib, ... }: /* This module: @@ -21,7 +21,7 @@ let tfType = types.submoduleWith { modules = [ tfModule - "${toString sources.tf-nix}/modules" + "${toString inputs.tf-nix}/modules" ]; specialArgs = { meta = config; @@ -31,7 +31,7 @@ let in { imports = [ - (toString (sources.tf-nix + "/modules/run.nix")) + (toString (inputs.tf-nix + "/modules/run.nix")) ] ++ (optional (builtins.pathExists ../../tf/tf.nix) (../../tf/tf.nix)); options = { deploy = { diff --git a/config/modules/meta/network.nix b/config/modules/meta/network.nix index 455da214..9cfa8dbe 100644 --- a/config/modules/meta/network.nix +++ b/config/modules/meta/network.nix @@ -1,4 +1,4 @@ -{ pkgs, sources, lib, meta, config, ... }: +{ pkgs, inputs, lib, meta, config, ... }: /* This module: @@ -71,11 +71,11 @@ with lib; config.network = { nixos = { extraModules = [ - "${toString sources.home-manager}/nixos" + "${toString inputs.home-manager}/nixos" ] ++ lib.singleton meta.modules.nixos; specialArgs = { inherit (config.network) nodes; - inherit sources meta; + inherit inputs meta; }; }; }; diff --git a/config/profiles/base/home.nix b/config/profiles/base/home.nix index 6203410e..35b4b9c8 100644 --- a/config/profiles/base/home.nix +++ b/config/profiles/base/home.nix @@ -1,4 +1,4 @@ -{ meta, config, lib, sources, tf, ... }: +{ meta, config, lib, inputs, tf, ... }: with lib; @@ -7,7 +7,7 @@ with lib; type = types.attrsOf (types.submoduleWith { modules = singleton meta.modules.home; specialArgs = { - inherit sources tf meta; + inherit inputs tf meta; nixos = config; }; }); diff --git a/config/profiles/base/nix.nix b/config/profiles/base/nix.nix index 9b890b9f..6ac4c585 100644 --- a/config/profiles/base/nix.nix +++ b/config/profiles/base/nix.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, sources, ... }: +{ config, lib, pkgs, inputs, ... }: { boot.loader.grub.configurationLimit = 8; @@ -9,10 +9,10 @@ experimental-features = nix-command flakes ''; nixPath = [ - "nixpkgs=${sources.nixpkgs}" - "nur=${sources.nur}" - "arc=${sources.arcexprs}" - "ci=${sources.ci}" + "nixpkgs=${inputs.nixpkgs}" + "nur=${inputs.nur}" + "arc=${inputs.arcexprs}" + "ci=${inputs.ci}" ]; sandboxPaths = [ "/var/run/nscd/socket" diff --git a/config/profiles/base/secrets.nix b/config/profiles/base/secrets.nix index f468bebc..5e529deb 100644 --- a/config/profiles/base/secrets.nix +++ b/config/profiles/base/secrets.nix @@ -1,7 +1,7 @@ -{ config, meta, lib, pkgs, ... }: +{ config, meta, inputs, lib, pkgs, ... }: { - imports = lib.optional (meta.trusted ? secrets) meta.trusted.secrets; + imports = lib.optional (meta.trusted ? secrets) meta.trusted.secrets; secrets = { root = "/var/lib/kat/secrets"; diff --git a/config/profiles/hardware/hcloud-imperative.nix b/config/profiles/hardware/hcloud-imperative.nix index 4f0dbec3..06e06ed9 100644 --- a/config/profiles/hardware/hcloud-imperative.nix +++ b/config/profiles/hardware/hcloud-imperative.nix @@ -1,4 +1,4 @@ -{ config, lib, sources, ... }: +{ config, lib, inputs, ... }: /* This hardware profile corresponds with the imperatively provisioned hetzner cloud box. @@ -9,6 +9,6 @@ with lib; { deploy.profile.hardware.hcloud-imperative = true; - imports = [ (sources.nixpkgs + "/nixos/modules/profiles/qemu-guest.nix") ]; + imports = [ (inputs.nixpkgs + "/nixos/modules/profiles/qemu-guest.nix") ]; boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ]; } diff --git a/config/profiles/hardware/oracle/common.nix b/config/profiles/hardware/oracle/common.nix index b6de04ef..c48c40d7 100644 --- a/config/profiles/hardware/oracle/common.nix +++ b/config/profiles/hardware/oracle/common.nix @@ -1,4 +1,4 @@ -{ config, tf, meta, kw, pkgs, lib, sources, ... }: with lib; let +{ config, tf, meta, kw, pkgs, lib, inputs, ... }: with lib; let oci-root = meta.deploy.targets.oci-root.tf; cfg = config.kw.oci; in @@ -52,7 +52,7 @@ in default = null; }; }; - imports = with import (sources.tf-nix + "/modules"); [ + imports = with import (inputs.tf-nix + "/modules"); [ nixos.oracle ]; config = diff --git a/config/profiles/hardware/oracle/default.nix b/config/profiles/hardware/oracle/default.nix index 8258204d..c1193f74 100644 --- a/config/profiles/hardware/oracle/default.nix +++ b/config/profiles/hardware/oracle/default.nix @@ -1,4 +1,4 @@ -{ lib, sources, tree, ... }: with lib; let +{ lib, inputs, tree, ... }: with lib; let profiles = tree.prev; appendedProfiles = with profiles; { ubuntu = { config, ... }: { @@ -7,7 +7,7 @@ common = true; }; kw.oci.base = "Canonical Ubuntu"; - imports = with import (sources.tf-nix + "/modules"); [ + imports = with import (inputs.tf-nix + "/modules"); [ nixos.ubuntu-linux common ]; @@ -18,7 +18,7 @@ common = true; }; kw.oci.base = "Oracle Linux"; - imports = with import (sources.tf-nix + "/modules"); [ + imports = with import (inputs.tf-nix + "/modules"); [ nixos.oracle-linux common ]; diff --git a/config/profiles/network.nix b/config/profiles/network.nix index ca25e0bd..d6f42f4b 100644 --- a/config/profiles/network.nix +++ b/config/profiles/network.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, sources, meta, ... }: with lib; +{ config, lib, pkgs, meta, ... }: with lib; { options.network = with lib; { diff --git a/config/services/nixos-mailserver.nix.old b/config/services/nixos-mailserver.nix.old deleted file mode 100644 index e2f68758..00000000 --- a/config/services/nixos-mailserver.nix.old +++ /dev/null @@ -1,101 +0,0 @@ -{ config, lib, tf, pkgs, sources, ... }: - -with lib; - -let - domains = [ "kittywitch" "dork" ]; - users = [ "gitea" "kat" "keycloak" "vaultwarden" ]; -in -{ - imports = [ sources.nixos-mailserver.outPath ]; - - kw.secrets.variables = listToAttrs (map - (field: - nameValuePair "mail-${field}-hash" { - path = "secrets/mail-kittywitch"; - field = "${field}-hash"; - }) - users - ++ map - (domain: - nameValuePair "mail-domainkey-${domain}" { - path = "secrets/mail-${domain}"; - field = "notes"; - }) - domains); - - deploy.tf.dns.records = mkMerge (map - (domain: - let - zoneGet = domain: if domain == "dork" then "dork.dev." else config.network.dns.zone; - in - { - "services_mail_${domain}_mx" = { - zone = zoneGet domain; - mx = { - priority = 10; - target = "${config.network.addresses.public.domain}."; - }; - }; - - "services_mail_${domain}_spf" = { - zone = zoneGet domain; - txt.value = "v=spf1 ip4:${config.network.addresses.public.nixos.ipv4.address} ip6:${config.network.addresses.public.nixos.ipv6.address} -all"; - }; - - "services_mail_${domain}_dmarc" = { - zone = zoneGet domain; - domain = "_dmarc"; - txt.value = "v=DMARC1; p=none"; - }; - - "services_mail_${domain}_domainkey" = { - zone = zoneGet domain; - domain = "mail._domainkey"; - txt.value = tf.variables."mail-domainkey-${domain}".ref; - }; - }) - domains); - - secrets.files = listToAttrs (map - (user: - nameValuePair "mail-${user}-hash" { - text = '' - ${tf.variables."mail-${user}-hash".ref} - ''; - }) - users); - - mailserver = { - enable = true; - fqdn = config.network.addresses.public.domain; - domains = [ "kittywit.ch" "dork.dev" ]; - certificateScheme = 1; - certificateFile = "/var/lib/acme/public_${config.networking.hostName}/cert.pem"; - keyFile = "/var/lib/acme/public_${config.networking.hostName}/key.pem"; - enableImap = true; - enablePop3 = true; - enableImapSsl = true; - enablePop3Ssl = true; - enableSubmission = false; - enableSubmissionSsl = true; - enableManageSieve = true; - virusScanning = false; - - # nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2 - loginAccounts = mkMerge [ - (listToAttrs (map - (user: - nameValuePair "${user}@kittywit.ch" { - hashedPasswordFile = config.secrets.files."mail-${user}-hash".path; - }) - users)) - { - "kat@kittywit.ch" = { - aliases = [ "postmaster@kittywit.ch" ]; - catchAll = [ "kittywit.ch" "dork.dev" ]; - }; - } - ]; - }; -} diff --git a/config/tf b/config/tf index 51fafb2e..6e0d0ff4 160000 --- a/config/tf +++ b/config/tf @@ -1 +1 @@ -Subproject commit 51fafb2e4e5e19f8ae1ee1617b8b012dafc14443 +Subproject commit 6e0d0ff4116d3d94d47e6a4ca46da71b50225b7e diff --git a/config/trusted b/config/trusted index 24d253f0..bc613f95 160000 --- a/config/trusted +++ b/config/trusted @@ -1 +1 @@ -Subproject commit 24d253f09f223bca7d87ff3c10ded8da0e691f61 +Subproject commit bc613f9528ecf35f0bfbd83ab299f88d7c44f4a0 diff --git a/config/users/kat/dev/emacs.nix b/config/users/kat/dev/emacs.nix index 5b3923e0..4f9319ff 100644 --- a/config/users/kat/dev/emacs.nix +++ b/config/users/kat/dev/emacs.nix @@ -1,7 +1,7 @@ -{ config, lib, pkgs, sources, ... }: with lib; +{ config, lib, pkgs, inputs, ... }: with lib; let - doom-emacs = pkgs.callPackage sources.nix-doom-emacs { + doom-emacs = pkgs.callPackage inputs.nix-doom-emacs { doomPrivateDir = "${./doom.d}"; emacsPackages = pkgs.emacsPackagesFor pkgs.emacsPgtkGcc; bundledPackages = false; diff --git a/default.nix b/default.nix index 4bd8bad8..3b087e51 100644 --- a/default.nix +++ b/default.nix @@ -1,101 +1 @@ -let - # we don't have lib without sources, so we need optionalAttrs - optionalAttrs = cond: as: if cond then as else { }; - # Sources are from niv. - sources = import ./nix/sources.nix // optionalAttrs (builtins.pathExists ./overlays/exprs/default.nix) { - katexprs = ./overlays/exprs; - }; - - # We pass sources through to pkgs and get our nixpkgs + overlays. - pkgs = import ./overlays { inherit sources; }; - # We want our overlaid lib. - inherit (pkgs) lib; - # This is used for caching niv sources in CI. - sourceCache = with lib; let - getSources = sources: removeAttrs sources [ "__functor" "dorkfiles" ]; - source2drv = value: if isDerivation value.outPath then value.outPath else value; - sources2drvs = sources: mapAttrs (_: source2drv) (getSources sources); - in - recurseIntoAttrs rec { - local = sources2drvs sources; - hexchen = sources2drvs (import sources.hexchen { }).sources; - all = attrValues local ++ attrValues hexchen; - allStr = toString all; - }; - - tree = import ./tree.nix { inherit lib; } { - inherit sources; - folder = ./config; - config = { - "modules/nixos" = { - functor = { - enable = true; - external = [ - (import (sources.arcexprs + "/modules")).nixos - (import (sources.katexprs + "/modules")).nixos - (import (sources.impermanence + "/nixos.nix")) - (import sources.anicca).modules.nixos - (sources.tf-nix + "/modules/nixos/secrets.nix") - (sources.tf-nix + "/modules/nixos/secrets-users.nix") - ]; - }; - }; - "modules/home" = { - functor = { - enable = true; - external = [ - (import (sources.arcexprs + "/modules")).home-manager - (import (sources.katexprs + "/modules")).home - (import (sources.impermanence + "/home-manager.nix")) - (import sources.anicca).modules.home - (sources.tf-nix + "/modules/home/secrets.nix") - ]; - }; - }; - "modules/meta".functor.enable = true; - "profiles/*".functor.enable = true; - "profiles/hardware".evaluateDefault = true; - "profiles/cross".evaluateDefault = true; - "profiles/hardware/*".evaluateDefault = true; - "services/*".aliasDefault = true; - "trusted/secrets".evaluateDefault = true; - "trusted".excludes = [ "tf" ]; - "users/*".evaluateDefault = true; - "users/kat/*".functor.enable = true; - "users/kat/services/mpd".functor.enable = true; - }; - }; - - root = ./.; - - metaBase = import ./meta.nix { inherit config lib pkgs root; }; - - xarg = tree.impure; - - eval = lib.evalModules { - modules = lib.singleton metaBase - ++ lib.singleton xarg.modules.meta - ++ lib.attrValues xarg.targets - ++ (map - (host: { - network.nodes.${host} = { - imports = config.lib.kw.nodeImport host; - networking = { - hostName = host; - }; - }; - }) - (lib.attrNames xarg.hosts)); - - specialArgs = { - inherit sources root tree; - meta = self; - } // xarg; - }; - - inherit (eval) config; - - - self = config // { inherit pkgs lib sourceCache sources tree; } // xarg; -in -self +import ./outputs.nix { inputs = import ./inputs.nix; system = builtins.currentSystem; } diff --git a/devShell.nix b/devShell.nix new file mode 100644 index 00000000..781e1ffb --- /dev/null +++ b/devShell.nix @@ -0,0 +1,55 @@ +{ inputs, system }: +let + meta = import ./outputs.nix { inherit inputs system; }; + config = meta; + inherit (meta) pkgs; + inherit (pkgs) lib; + nf-actions = pkgs.writeShellScriptBin "nf-actions" '' + export START_DIR="$PWD" + cd "${toString ./.}" + export NF_CONFIG_ROOT=${toString ./.}/ci + NF_CONFIG_FILES=($NF_CONFIG_ROOT/{nodes,niv-cron}.nix) + for f in "''${NF_CONFIG_FILES[@]}"; do + echo $f + nix run --argstr config "$f" ci.run.gh-actions-generate + done + cd $START_DIR + ''; + nf-actions-test = pkgs.writeShellScriptBin "nf-actions-test" '' + export START_DIR="$PWD" + cd "${toString ./.}" + export NF_CONFIG_ROOT=${toString ./.}/ci + NF_CONFIG_FILES=($NF_CONFIG_ROOT/{nodes,niv-cron}.nix) + for f in "''${NF_CONFIG_FILES[@]}"; do + echo $f + nix run --argstr config "$f" ci.test + done + cd $START_DIR + ''; +in +with lib; pkgs.mkShell { + nativeBuildInputs = with pkgs; [ + inetutils + nf-actions + nf-actions-test + ] ++ config.runners.lazy.nativeBuildInputs + ++ (map + (node: writeShellScriptBin "${node.networking.hostName}-sd-img" '' + nix build -f . network.nodes.${node.networking.hostName}.system.build.sdImage --show-trace + '') + (filter (node: node.system.build ? sdImage) (attrValues meta.network.nodes))) + ++ (map + (node: writeShellScriptBin "${node.networking.hostName}-iso-img" '' + nix build -f . network.nodes.${node.networking.hostName}.system.build.isoImage --show-trace + '') + (filter (node: node.system.build ? isoImage) (attrValues meta.network.nodes))); + shellHook = '' + export HOME_HOSTNAME=$(hostname -s) + export HOME_UID=$(id -u) + export HOME_USER=$(id -un) + export CI_PLATFORM="impure" + export NIX_PATH="$NIX_PATH:home=${toString ./.}" + git pull + ''; +} + diff --git a/flake.lock b/flake.lock new file mode 100644 index 00000000..92a177e0 --- /dev/null +++ b/flake.lock @@ -0,0 +1,662 @@ +{ + "nodes": { + "anicca": { + "flake": false, + "locked": { + "lastModified": 1630289335, + "narHash": "sha256-4qkDeukQTwRsctM+VkQb8svxCsY03dZgBI6bHWr6xpo=", + "owner": "kittywitch", + "repo": "anicca", + "rev": "c890bd08f4e34a655ef5ff7561aa74cdc8d85a0a", + "type": "github" + }, + "original": { + "owner": "kittywitch", + "ref": "main", + "repo": "anicca", + "type": "github" + } + }, + "arcexprs": { + "flake": false, + "locked": { + "lastModified": 1637367152, + "narHash": "sha256-6M3dJuONcD9INaBxFlx6U/nd057PD8/NlMN1jacsJE0=", + "owner": "arcnmx", + "repo": "nixexprs", + "rev": "2e83baee2826fe6576304a1a70ada5b642abb1a9", + "type": "github" + }, + "original": { + "owner": "arcnmx", + "ref": "master", + "repo": "nixexprs", + "type": "github" + } + }, + "ci": { + "flake": false, + "locked": { + "lastModified": 1636843513, + "narHash": "sha256-z9KDlH61Z7zjRF1b+LUHNSjW3tqyk1Y+Isd+u491AEM=", + "owner": "arcnmx", + "repo": "ci", + "rev": "97a20953f408c2508b61f70cc81ba99ae3f97eb4", + "type": "github" + }, + "original": { + "owner": "arcnmx", + "ref": "master", + "repo": "ci", + "type": "github" + } + }, + "doom-emacs": { + "flake": false, + "locked": { + "lastModified": 1626604817, + "narHash": "sha256-z+dvjB02cHU+VQ5EMkzqSdX817PZar9AkmmfK27q0vo=", + "owner": "hlissner", + "repo": "doom-emacs", + "rev": "46732c0adaef147144418f9f284ca6b1183ab96f", + "type": "github" + }, + "original": { + "owner": "hlissner", + "ref": "develop", + "repo": "doom-emacs", + "type": "github" + } + }, + "doom-snippets": { + "flake": false, + "locked": { + "lastModified": 1625547004, + "narHash": "sha256-V+ytAjB4ZZ+5dJJAu1OY7SbnqrokX5PVBWs0AsgQ8Vs=", + "owner": "hlissner", + "repo": "doom-snippets", + "rev": "5c0eb5bd70f035cefb981c2ce64f4367498bdda6", + "type": "github" + }, + "original": { + "owner": "hlissner", + "repo": "doom-snippets", + "type": "github" + } + }, + "emacs-overlay": { + "locked": { + "lastModified": 1637515331, + "narHash": "sha256-fLfycI+PrBeRaP8CRdlxj3Kkqib+YlPdQIFCUAoj56w=", + "owner": "nix-community", + "repo": "emacs-overlay", + "rev": "86ceb863bc9cca9150666acce49ee2fe50e73cb0", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "master", + "repo": "emacs-overlay", + "type": "github" + } + }, + "emacs-overlay_2": { + "flake": false, + "locked": { + "lastModified": 1630603742, + "narHash": "sha256-fYX5y18aHZTnYdBizeeW43NOFvCoT3iXk52dLtS43Gs=", + "owner": "nix-community", + "repo": "emacs-overlay", + "rev": "9c69c4d0ef9d8ed0c5a54697e359d7f3a51fcbb1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "emacs-overlay", + "type": "github" + } + }, + "emacs-so-long": { + "flake": false, + "locked": { + "lastModified": 1575031854, + "narHash": "sha256-xIa5zO0ZaToDrec1OFjBK6l39AbA4l/CE4LInVu2hi0=", + "owner": "hlissner", + "repo": "emacs-so-long", + "rev": "ed666b0716f60e8988c455804de24b55919e71ca", + "type": "github" + }, + "original": { + "owner": "hlissner", + "repo": "emacs-so-long", + "type": "github" + } + }, + "evil-markdown": { + "flake": false, + "locked": { + "lastModified": 1626852210, + "narHash": "sha256-HBBuZ1VWIn6kwK5CtGIvHM1+9eiNiKPH0GUsyvpUVN8=", + "owner": "Somelauw", + "repo": "evil-markdown", + "rev": "8e6cc68af83914b2fa9fd3a3b8472573dbcef477", + "type": "github" + }, + "original": { + "owner": "Somelauw", + "repo": "evil-markdown", + "type": "github" + } + }, + "evil-org-mode": { + "flake": false, + "locked": { + "lastModified": 1607203864, + "narHash": "sha256-JxwqVYDN6OIJEH15MVI6XOZAPtUWUhJQWHyzcrUvrFg=", + "owner": "hlissner", + "repo": "evil-org-mode", + "rev": "a9706da260c45b98601bcd72b1d2c0a24a017700", + "type": "github" + }, + "original": { + "owner": "hlissner", + "repo": "evil-org-mode", + "type": "github" + } + }, + "evil-quick-diff": { + "flake": false, + "locked": { + "lastModified": 1575189609, + "narHash": "sha256-oGzl1ayW9rIuq0haoiFS7RZsS8NFMdEA7K1BSozgnJU=", + "owner": "rgrinberg", + "repo": "evil-quick-diff", + "rev": "69c883720b30a892c63bc89f49d4f0e8b8028908", + "type": "github" + }, + "original": { + "owner": "rgrinberg", + "repo": "evil-quick-diff", + "type": "github" + } + }, + "explain-pause-mode": { + "flake": false, + "locked": { + "lastModified": 1595842060, + "narHash": "sha256-++znrjiDSx+cy4okFBBXUBkRFdtnE2x+trkmqjB3Njs=", + "owner": "lastquestion", + "repo": "explain-pause-mode", + "rev": "2356c8c3639cbeeb9751744dbe737267849b4b51", + "type": "github" + }, + "original": { + "owner": "lastquestion", + "repo": "explain-pause-mode", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1627913399, + "narHash": "sha256-hY8g6H2KFL8ownSiFeMOjwPC8P0ueXpCVEbxgda3pko=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "12c64ca55c1014cdc1b16ed5a804aa8576601ff2", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-utils": { + "locked": { + "lastModified": 1637014545, + "narHash": "sha256-26IZAc5yzlD9FlDT54io1oqG/bBoyka+FJk5guaX4x4=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "bba5dcc8e0b20ab664967ad83d24d64cb64ec4f4", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { + "locked": { + "lastModified": 1614513358, + "narHash": "sha256-LakhOx3S1dRjnh0b5Dg3mbZyH0ToC9I8Y2wKSkBaTzU=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5466c5bbece17adaab2d82fae80b46e807611bf3", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { + "locked": { + "lastModified": 1629481132, + "narHash": "sha256-JHgasjPR0/J1J3DRm4KxM4zTyAj4IOJY8vIl75v/kPI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "997f7efcb746a9c140ce1f13c72263189225f482", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1637481586, + "narHash": "sha256-cvgegmCRfNFuA/vPseMcSptmlNqD2nC0lLI9BQWU46A=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "1abd311eef125e7b64dff723f198d15e5aca2dd4", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "master", + "repo": "home-manager", + "type": "github" + } + }, + "impermanence": { + "locked": { + "lastModified": 1637278200, + "narHash": "sha256-nwPBJpjHU8J0hhZ6l4Ytvi3qhcxXJVy4jOWurmzSv3A=", + "owner": "nix-community", + "repo": "impermanence", + "rev": "0616c64b0ebcf08cc74db7820e74b807274246f6", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "master", + "repo": "impermanence", + "type": "github" + } + }, + "katexprs": { + "flake": false, + "locked": { + "lastModified": 1637526127, + "narHash": "sha256-il4PL9sS1buJ7SSw2SgOloR6+4US92bKJEt1+gJbrOw=", + "owner": "kittywitch", + "repo": "nixexprs", + "rev": "46734151d4071718ca1ff1dda289dbb6ff17d8af", + "type": "github" + }, + "original": { + "owner": "kittywitch", + "ref": "main", + "repo": "nixexprs", + "type": "github" + } + }, + "nix-dns": { + "inputs": { + "flake-utils": "flake-utils_2", + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1635273082, + "narHash": "sha256-EHiDP2jEa7Ai5ZwIf5uld9RVFcV77+2SUxjQXwJsJa0=", + "owner": "kirelagin", + "repo": "nix-dns", + "rev": "c7b9645da9c0ddce4f9de4ef27ec01bb8108039a", + "type": "github" + }, + "original": { + "owner": "kirelagin", + "ref": "master", + "repo": "nix-dns", + "type": "github" + } + }, + "nix-doom-emacs": { + "inputs": { + "doom-emacs": "doom-emacs", + "doom-snippets": "doom-snippets", + "emacs-overlay": "emacs-overlay_2", + "emacs-so-long": "emacs-so-long", + "evil-markdown": "evil-markdown", + "evil-org-mode": "evil-org-mode", + "evil-quick-diff": "evil-quick-diff", + "explain-pause-mode": "explain-pause-mode", + "flake-utils": "flake-utils_3", + "nix-straight": "nix-straight", + "nixpkgs": "nixpkgs_3", + "nose": "nose", + "ob-racket": "ob-racket", + "org": "org", + "org-contrib": "org-contrib", + "org-yt": "org-yt", + "php-extras": "php-extras", + "revealjs": "revealjs", + "rotate-text": "rotate-text", + "straight": "straight" + }, + "locked": { + "lastModified": 1631192516, + "narHash": "sha256-HaS2f8N7uGBz8bGAiC7y9xkWzsrtThpudcoaTsh5OkE=", + "owner": "vlaci", + "repo": "nix-doom-emacs", + "rev": "33064319607745856f488a998ca3db8ffcede865", + "type": "github" + }, + "original": { + "owner": "vlaci", + "ref": "develop", + "repo": "nix-doom-emacs", + "type": "github" + } + }, + "nix-straight": { + "flake": false, + "locked": { + "lastModified": 1628630968, + "narHash": "sha256-eh5QpnX3F8/0iKv1BvyU3KyZ/ksLlRegcd5c41pm/L8=", + "owner": "vlaci", + "repo": "nix-straight.el", + "rev": "e3f8aaff9ba889c6f2ee6c6d349736d21f21c685", + "type": "github" + }, + "original": { + "owner": "vlaci", + "repo": "nix-straight.el", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1637523980, + "narHash": "sha256-nBbVQHJtR7a+Ctyo67aGc1lwUsoeMhK9PVTh6pB+aYk=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "4f871e232b8827b0b1d22bc40bc1b0dfa4473156", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1616989418, + "narHash": "sha256-LcOn5wHR/1JwClfY/Ai/b+pSRY+d23QtIPQHwPAyHHI=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9d8e05e088ad91b7c62886a2175f38bfa443db2c", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1630140382, + "narHash": "sha256-ntXepAHFlAEtaYIU5EzckRUODeeMgpu1u2Yug+4LFNc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "08ef0f28e3a41424b92ba1d203de64257a9fca6a", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixpkgs-unstable", + "type": "indirect" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1637155076, + "narHash": "sha256-26ZPNiuzlsnXpt55Q44+yzXvp385aNAfevzVEKbrU5Q=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "715f63411952c86c8f57ab9e3e3cb866a015b5f2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nose": { + "flake": false, + "locked": { + "lastModified": 1400604510, + "narHash": "sha256-daEi8Kta1oGaDEmUUDDQMahTTPOpvNpDKk22rlr7cB0=", + "owner": "emacsattic", + "repo": "nose", + "rev": "f8528297519eba911696c4e68fa88892de9a7b72", + "type": "github" + }, + "original": { + "owner": "emacsattic", + "repo": "nose", + "type": "github" + } + }, + "nur": { + "locked": { + "lastModified": 1637520800, + "narHash": "sha256-GjX0uYY/xQcPM8YBDVJgYNNp1plFWwzAQbzBwJ0HX5g=", + "owner": "nix-community", + "repo": "nur", + "rev": "fc0758e2f8aa4dac7c4ab42860f07487b1dcadea", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "master", + "repo": "nur", + "type": "github" + } + }, + "ob-racket": { + "flake": false, + "locked": { + "lastModified": 1584656173, + "narHash": "sha256-rBUYDDCXb+3D4xTPQo9UocbTPZ32kWV1Uya/1DmZknU=", + "owner": "xchrishawk", + "repo": "ob-racket", + "rev": "83457ec9e1e96a29fd2086ed19432b9d75787673", + "type": "github" + }, + "original": { + "owner": "xchrishawk", + "repo": "ob-racket", + "type": "github" + } + }, + "org": { + "flake": false, + "locked": { + "lastModified": 1629714870, + "narHash": "sha256-D6gUJtzZMpyJBNNn5EKWDCbDDgIXzxMx54fpcQ3DM2o=", + "owner": "emacs-straight", + "repo": "org-mode", + "rev": "a3ba79cd3a120235dae524f49945fbe99df923cf", + "type": "github" + }, + "original": { + "owner": "emacs-straight", + "repo": "org-mode", + "type": "github" + } + }, + "org-contrib": { + "flake": false, + "locked": { + "lastModified": 1623339452, + "narHash": "sha256-E3pioqkmAKQm5N7YsgJZil0/ozkdRE7//tE9FGbrluM=", + "ref": "master", + "rev": "fc81309cf6756607a836f93049a9393c2967c4e0", + "revCount": 2599, + "type": "git", + "url": "https://git.sr.ht/~bzg/org-contrib" + }, + "original": { + "type": "git", + "url": "https://git.sr.ht/~bzg/org-contrib" + } + }, + "org-yt": { + "flake": false, + "locked": { + "lastModified": 1527381913, + "narHash": "sha256-dzQ6B7ryzatHCTLyEnRSbWO0VUiX/FHYnpHTs74aVUs=", + "owner": "TobiasZawada", + "repo": "org-yt", + "rev": "40cc1ac76d741055cbefa13860d9f070a7ade001", + "type": "github" + }, + "original": { + "owner": "TobiasZawada", + "repo": "org-yt", + "type": "github" + } + }, + "php-extras": { + "flake": false, + "locked": { + "lastModified": 1573312690, + "narHash": "sha256-r4WyVbzvT0ra4Z6JywNBOw5RxOEYd6Qe2IpebHXkj1U=", + "owner": "arnested", + "repo": "php-extras", + "rev": "d410c5af663c30c01d461ac476d1cbfbacb49367", + "type": "github" + }, + "original": { + "owner": "arnested", + "repo": "php-extras", + "type": "github" + } + }, + "revealjs": { + "flake": false, + "locked": { + "lastModified": 1630050533, + "narHash": "sha256-gi+vC71xsKXN06QzwohNhFt07+7g6OqjsThXHwrZ5Q0=", + "owner": "hakimel", + "repo": "reveal.js", + "rev": "01d8d669bc2b681b595262ccbe27293eec2fcb44", + "type": "github" + }, + "original": { + "owner": "hakimel", + "repo": "reveal.js", + "type": "github" + } + }, + "root": { + "inputs": { + "anicca": "anicca", + "arcexprs": "arcexprs", + "ci": "ci", + "emacs-overlay": "emacs-overlay", + "flake-compat": "flake-compat", + "flake-utils": "flake-utils", + "home-manager": "home-manager", + "impermanence": "impermanence", + "katexprs": "katexprs", + "nix-dns": "nix-dns", + "nix-doom-emacs": "nix-doom-emacs", + "nixpkgs": "nixpkgs_4", + "nur": "nur", + "tf-nix": "tf-nix", + "trusted": "trusted" + } + }, + "rotate-text": { + "flake": false, + "locked": { + "lastModified": 1322962747, + "narHash": "sha256-SOeOgSlcEIsKhUiYDJv0p+mLUb420s9E2BmvZQvZ0wk=", + "owner": "debug-ito", + "repo": "rotate-text.el", + "rev": "48f193697db996855aee1ad2bc99b38c6646fe76", + "type": "github" + }, + "original": { + "owner": "debug-ito", + "repo": "rotate-text.el", + "type": "github" + } + }, + "straight": { + "flake": false, + "locked": { + "lastModified": 1623633709, + "narHash": "sha256-taLIYnjs9sD8N8PuGO2F7l+O69u0dNPunwzFVTlXjUM=", + "owner": "raxod502", + "repo": "straight.el", + "rev": "1e27b0590df77a5d478970ca58fd6606971692f5", + "type": "github" + }, + "original": { + "owner": "raxod502", + "repo": "straight.el", + "type": "github" + } + }, + "tf-nix": { + "flake": false, + "locked": { + "lastModified": 1637365821, + "narHash": "sha256-wtZ8C8KdnLKku4Wu8mmff6lKJ7043YnJAipCRp860X0=", + "owner": "arcnmx", + "repo": "tf-nix", + "rev": "2e8642b7be0b63807d73a168ea880521de1e83b6", + "type": "github" + }, + "original": { + "owner": "arcnmx", + "ref": "master", + "repo": "tf-nix", + "type": "github" + } + }, + "trusted": { + "flake": false, + "locked": { + "lastModified": 1637526942, + "narHash": "sha256-XzWMFgRPY5sQwUO01kZLRAvfFPekp7jXJIAqNiQ8wxs=", + "ref": "main", + "rev": "bc613f9528ecf35f0bfbd83ab299f88d7c44f4a0", + "revCount": 87, + "type": "git", + "url": "ssh://git@github.com/kittywitch/nixfiles-trusted" + }, + "original": { + "ref": "main", + "type": "git", + "url": "ssh://git@github.com/kittywitch/nixfiles-trusted" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 00000000..84a504ec --- /dev/null +++ b/flake.nix @@ -0,0 +1,51 @@ +{ + description = "kat's nixfiles"; + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + arcexprs = { + url = "github:arcnmx/nixexprs/master"; + flake = false; + }; + ci = { + url = "github:arcnmx/ci/master"; + flake = false; + }; + home-manager.url = "github:nix-community/home-manager/master"; + impermanence.url = "github:nix-community/impermanence/master"; + katexprs = { + url = "github:kittywitch/nixexprs/main"; + flake = false; + }; + anicca = { + url = "github:kittywitch/anicca/main"; + flake = false; + }; + nix-dns.url = "github:kirelagin/nix-dns/master"; + emacs-overlay.url = "github:nix-community/emacs-overlay/master"; + nur.url = "github:nix-community/nur/master"; + nix-doom-emacs.url = "github:vlaci/nix-doom-emacs/develop"; + tf-nix = { + url = "github:arcnmx/tf-nix/master"; + flake = false; + }; + flake-utils.url = "github:numtide/flake-utils"; + trusted = { + url = "git+ssh://git@github.com/kittywitch/nixfiles-trusted?ref=main"; + flake = false; + }; + flake-compat = { + url = "github:edolstra/flake-compat"; + flake = false; + }; + }; + + outputs = { self, nixpkgs, flake-utils, ... }@inputs: + flake-utils.lib.eachDefaultSystem + (system: + let pkgs = nixpkgs.legacyPackages.${system}; in + { + devShell = import ./devShell.nix { inherit inputs system; }; + legacyPackages = import ./outputs.nix { inherit inputs system; }; + } + ); +} diff --git a/inputs.nix b/inputs.nix new file mode 100644 index 00000000..3e1a6ca4 --- /dev/null +++ b/inputs.nix @@ -0,0 +1,9 @@ +(import ( + let + lock = builtins.fromJSON (builtins.readFile ./flake.lock); + in fetchTarball { + url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz"; + sha256 = lock.nodes.flake-compat.locked.narHash; } +) { + src = ./.; +}).defaultNix.inputs diff --git a/meta.nix b/meta.nix index 5de884e0..41db74b0 100644 --- a/meta.nix +++ b/meta.nix @@ -1,7 +1,7 @@ { config, pkgs, lib, root, ... }: { runners = { lazy = { - file = root; + file = ./default.nix; args = [ "--show-trace" ]; }; }; diff --git a/nix/sources.json b/nix/sources.json deleted file mode 100644 index cddde6f0..00000000 --- a/nix/sources.json +++ /dev/null @@ -1,180 +0,0 @@ -{ - "anicca": { - "branch": "main", - "description": "A helper for transitioning to impermanence", - "homepage": "", - "owner": "kittywitch", - "repo": "anicca", - "rev": "c890bd08f4e34a655ef5ff7561aa74cdc8d85a0a", - "sha256": "16n6z9m1v6wf0ihddp9lqq5g3jzj3d25cgnkf9n08kqhx5x07ag2", - "type": "tarball", - "url": "https://github.com/kittywitch/anicca/archive/c890bd08f4e34a655ef5ff7561aa74cdc8d85a0a.tar.gz", - "url_template": "https://github.com///archive/.tar.gz" - }, - "arcexprs": { - "branch": "master", - "description": "nix stuff", - "homepage": null, - "owner": "arcnmx", - "repo": "nixexprs", - "rev": "fd8d7ea5480a616dba0777a4863e2788b569990b", - "sha256": "024y5qg98j9b9nzar3mzzgapl88brx7vsykggb5rmvc79bvpa0fm", - "type": "tarball", - "url": "https://github.com/arcnmx/nixexprs/archive/fd8d7ea5480a616dba0777a4863e2788b569990b.tar.gz", - "url_template": "https://github.com///archive/.tar.gz" - }, - "ci": { - "branch": "master", - "description": "CI helpers", - "homepage": "https://arcnmx.github.io/ci", - "owner": "arcnmx", - "repo": "ci", - "rev": "97a20953f408c2508b61f70cc81ba99ae3f97eb4", - "sha256": "0hq0fn7vnzn748z5d4xjvbgdca1m0yszhnsx8kivqrxmgsa87lng", - "type": "tarball", - "url": "https://github.com/arcnmx/ci/archive/97a20953f408c2508b61f70cc81ba99ae3f97eb4.tar.gz", - "url_template": "https://github.com///archive/.tar.gz" - }, - "emacs-overlay": { - "branch": "master", - "description": "Bleeding edge emacs overlay [maintainer=@adisbladis] ", - "homepage": "", - "owner": "nix-community", - "repo": "emacs-overlay", - "rev": "f9f4ac6a871d19bcd99a386d4555d8464817f272", - "sha256": "076f89hvfxj6ibcay7zylf553ccg31v5nlxg52c51nn6ay35km14", - "type": "tarball", - "url": "https://github.com/nix-community/emacs-overlay/archive/f9f4ac6a871d19bcd99a386d4555d8464817f272.tar.gz", - "url_template": "https://github.com///archive/.tar.gz" - }, - "hexchen": { - "branch": "main", - "description": "A cutie's nixfiles", - "homepage": "", - "ref": "main", - "repo": "https://gitlab.com/hexchen/nixfiles", - "rev": "c26f4cc18649b6eba69035f4e5edc189e938412a", - "sha256": "1qwj1aw86l1m1f4x14kqlwavj3d0vqllm4ppdjyj9dbap8y5d1z7", - "type": "tarball", - "url": "https://gitlab.com/hexchen/nixfiles/-/archive/c26f4cc18649b6eba69035f4e5edc189e938412a.tar.gz", - "url_template": "/-/archive/.tar.gz" - }, - "home-manager": { - "branch": "master", - "description": "Manage a user environment using Nix [maintainer=@rycee] ", - "homepage": "https://nix-community.github.io/home-manager/", - "owner": "nix-community", - "repo": "home-manager", - "rev": "2452979efe92128b03e3c27567267066c2825fab", - "sha256": "0g3sxm407m7qfk6r2hp2jh4bp0samn9y2kcs74cspfiyhh8ss9j4", - "type": "tarball", - "url": "https://github.com/nix-community/home-manager/archive/2452979efe92128b03e3c27567267066c2825fab.tar.gz", - "url_template": "https://github.com///archive/.tar.gz" - }, - "impermanence": { - "branch": "master", - "description": "Modules to help you handle persistent state on systems with ephemeral root storage [maintainer=@talyz]", - "homepage": "", - "owner": "nix-community", - "repo": "impermanence", - "rev": "0616c64b0ebcf08cc74db7820e74b807274246f6", - "sha256": "0w5zs9naxbp5ijw5q9aprj2ylbdy5n39fyhnhrsc4ly7k0kc20wz", - "type": "tarball", - "url": "https://github.com/nix-community/impermanence/archive/0616c64b0ebcf08cc74db7820e74b807274246f6.tar.gz", - "url_template": "https://github.com///archive/.tar.gz" - }, - "katexprs": { - "branch": "main", - "description": null, - "homepage": null, - "owner": "kittywitch", - "repo": "nixexprs", - "rev": "c5bd2b5f1bd8d08bf691abd6a1cb84fc4da300d7", - "sha256": "1x5wkw5h0a03klh91h2wfg9qxf22fyg2144pccjlhsxqy1jzfqxw", - "type": "tarball", - "url": "https://github.com/kittywitch/nixexprs/archive/c5bd2b5f1bd8d08bf691abd6a1cb84fc4da300d7.tar.gz", - "url_template": "https://github.com///archive/.tar.gz" - }, - "niv": { - "branch": "master", - "description": "Easy dependency management for Nix projects", - "homepage": "https://github.com/nmattia/niv", - "owner": "nmattia", - "repo": "niv", - "rev": "5830a4dd348d77e39a0f3c4c762ff2663b602d4c", - "sha256": "1d3lsrqvci4qz2hwjrcnd8h5vfkg8aypq3sjd4g3izbc8frwz5sm", - "type": "tarball", - "url": "https://github.com/nmattia/niv/archive/5830a4dd348d77e39a0f3c4c762ff2663b602d4c.tar.gz", - "url_template": "https://github.com///archive/.tar.gz" - }, - "nix-dns": { - "branch": "master", - "description": "A Nix DSL for DNS zone files", - "homepage": "", - "owner": "kirelagin", - "repo": "nix-dns", - "rev": "c7b9645da9c0ddce4f9de4ef27ec01bb8108039a", - "sha256": "1b95dh15zl0qaf9fvvvvqlambm3plndpy24wwlib0sy4d0zq6y0h", - "type": "tarball", - "url": "https://github.com/kirelagin/nix-dns/archive/c7b9645da9c0ddce4f9de4ef27ec01bb8108039a.tar.gz", - "url_template": "https://github.com///archive/.tar.gz" - }, - "nix-doom-emacs": { - "branch": "develop", - "description": "doom-emacs packaged for Nix", - "homepage": "", - "owner": "vlaci", - "repo": "nix-doom-emacs", - "rev": "33064319607745856f488a998ca3db8ffcede865", - "sha256": "0h9sg744w6nafmp1lkpdrb71c6gpy8p8i05iy5rn1f3vqdzvd90x", - "type": "tarball", - "url": "https://github.com/vlaci/nix-doom-emacs/archive/33064319607745856f488a998ca3db8ffcede865.tar.gz", - "url_template": "https://github.com///archive/.tar.gz" - }, - "nixos-mailserver": { - "branch": "master", - "ref": "master", - "repo": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver", - "rev": "6e8142862f23ab99e1cc57838c02b733361e8d50", - "sha256": "19qzp8131pid4m3llb6w2v4ayxh25016fpv8yw6wnqng9yvigcw5", - "type": "tarball", - "url": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/6e8142862f23ab99e1cc57838c02b733361e8d50.tar.gz", - "url_template": "/-/archive/.tar.gz" - }, - "nixpkgs": { - "branch": "nixos-unstable", - "description": "Nix Packages collection", - "homepage": "", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "715f63411952c86c8f57ab9e3e3cb866a015b5f2", - "sha256": "152kxfk11mgwg8gx0s1rgykyydfb7s746yfylvbwk5mk5cv4z9nv", - "type": "tarball", - "url": "https://github.com/nixos/nixpkgs/archive/715f63411952c86c8f57ab9e3e3cb866a015b5f2.tar.gz", - "url_template": "https://github.com///archive/.tar.gz" - }, - "nur": { - "branch": "master", - "description": "Nix User Repository: User contributed nix packages [maintainer=@Mic92]", - "homepage": "https://nur.nix-community.org/", - "owner": "nix-community", - "repo": "NUR", - "rev": "85a757b585c94a205c40c64f420d986791e57f1b", - "sha256": "1nm4sjlhx01dgnnjb7lg8pwxnrfb9xsl63g1h5nldn9asra5cf0c", - "type": "tarball", - "url": "https://github.com/nix-community/NUR/archive/85a757b585c94a205c40c64f420d986791e57f1b.tar.gz", - "url_template": "https://github.com///archive/.tar.gz" - }, - "tf-nix": { - "branch": "master", - "description": "terraform meets nix", - "homepage": null, - "owner": "arcnmx", - "repo": "tf-nix", - "rev": "2e8642b7be0b63807d73a168ea880521de1e83b6", - "sha256": "0zfi7aglchia0b4qkp9qplklmabzkxlz5bl5pfjb574xq85prmn2", - "type": "tarball", - "url": "https://github.com/arcnmx/tf-nix/archive/2e8642b7be0b63807d73a168ea880521de1e83b6.tar.gz", - "url_template": "https://github.com///archive/.tar.gz" - } -} diff --git a/nix/sources.nix b/nix/sources.nix deleted file mode 100644 index ff4b630f..00000000 --- a/nix/sources.nix +++ /dev/null @@ -1,223 +0,0 @@ -# This file has been generated by Niv. - -let - - # - # The fetchers. fetch_ fetches specs of type . - # - - fetch_file = pkgs: name: spec: - let name' = sanitizeName name + "-src"; - in - if spec.builtin or true then - builtins_fetchurl - { - inherit (spec) url sha256; - name = name'; - } - else - pkgs.fetchurl { - inherit (spec) url sha256; - name = name'; - }; - - fetch_tarball = pkgs: name: spec: - let name' = sanitizeName name + "-src"; - in - if spec.builtin or true then - builtins_fetchTarball - { - name = name'; - inherit (spec) url sha256; - } - else - pkgs.fetchzip { - name = name'; - inherit (spec) url sha256; - }; - - fetch_git = name: spec: - let - ref = - if spec ? ref then - spec.ref - else if spec ? branch then - "refs/heads/${spec.branch}" - else if spec ? tag then - "refs/tags/${spec.tag}" - else - abort - "In git source '${name}': Please specify `ref`, `tag` or `branch`!"; - in - builtins.fetchGit { - url = spec.repo; - inherit (spec) rev; - inherit ref; - }; - - fetch_local = spec: spec.path; - - fetch_builtin-tarball = name: - throw '' - [${name}] The niv type "builtin-tarball" is deprecated. You should instead use `builtin = true`. - $ niv modify ${name} -a type=tarball -a builtin=true''; - - fetch_builtin-url = name: - throw '' - [${name}] The niv type "builtin-url" will soon be deprecated. You should instead use `builtin = true`. - $ niv modify ${name} -a type=file -a builtin=true''; - - # - # Various helpers - # - - # https://github.com/NixOS/nixpkgs/pull/83241/files#diff-c6f540a4f3bfa4b0e8b6bafd4cd54e8bR695 - sanitizeName = name: - (concatMapStrings (s: if builtins.isList s then "-" else s) - (builtins.split "[^[:alnum:]+._?=-]+" - ((x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0) name))); - - # The set of packages used when specs are fetched using non-builtins. - mkPkgs = sources: system: - let - sourcesNixpkgs = import - (builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; }) - { - inherit system; - }; - hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath; - hasThisAsNixpkgsPath = == ./.; - in - if builtins.hasAttr "nixpkgs" sources then - sourcesNixpkgs - else if hasNixpkgsPath && !hasThisAsNixpkgsPath then - import { } - else - abort '' - Please specify either (through -I or NIX_PATH=nixpkgs=...) or - add a package called "nixpkgs" to your sources.json. - ''; - - # The actual fetching function. - fetch = pkgs: name: spec: - - if !builtins.hasAttr "type" spec then - abort "ERROR: niv spec ${name} does not have a 'type' attribute" - else if spec.type == "file" then - fetch_file pkgs name spec - else if spec.type == "tarball" then - fetch_tarball pkgs name spec - else if spec.type == "git" then - fetch_git name spec - else if spec.type == "local" then - fetch_local spec - else if spec.type == "builtin-tarball" then - fetch_builtin-tarball name - else if spec.type == "builtin-url" then - fetch_builtin-url name - else - abort - "ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}"; - - # If the environment variable NIV_OVERRIDE_${name} is set, then use - # the path directly as opposed to the fetched source. - replace = name: drv: - let - saneName = stringAsChars - (c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c) - name; - ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}"; - in - if ersatz == "" then - drv - else - # this turns the string into an actual Nix path (for both absolute and - # relative paths) - if builtins.substring 0 1 ersatz == "/" then - /. + ersatz - else - /. + builtins.getEnv "PWD" + "/${ersatz}"; - - # Ports of functions for older nix versions - - # a Nix version of mapAttrs if the built-in doesn't exist - mapAttrs = builtins.mapAttrs or (f: set: - with builtins; - listToAttrs (map - (attr: { - name = attr; - value = f attr set.${attr}; - }) - (attrNames set))); - - # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295 - range = first: last: - if first > last then - [ ] - else - builtins.genList (n: first + n) (last - first + 1); - - # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257 - stringToCharacters = s: - map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1)); - - # https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L269 - stringAsChars = f: s: concatStrings (map f (stringToCharacters s)); - concatMapStrings = f: list: concatStrings (map f list); - concatStrings = builtins.concatStringsSep ""; - - # https://github.com/NixOS/nixpkgs/blob/8a9f58a375c401b96da862d969f66429def1d118/lib/attrsets.nix#L331 - optionalAttrs = cond: as: if cond then as else { }; - - # fetchTarball version that is compatible between all the versions of Nix - builtins_fetchTarball = { url, name ? null, sha256 }@attrs: - let inherit (builtins) lessThan nixVersion fetchTarball; - in - if lessThan nixVersion "1.12" then - fetchTarball - ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; })) - else - fetchTarball attrs; - - # fetchurl version that is compatible between all the versions of Nix - builtins_fetchurl = { url, name ? null, sha256 }@attrs: - let inherit (builtins) lessThan nixVersion fetchurl; - in - if lessThan nixVersion "1.12" then - fetchurl - ({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; })) - else - fetchurl attrs; - - # Create the final "sources" from the config - mkSources = config: - mapAttrs - (name: spec: - if builtins.hasAttr "outPath" spec then - abort - "The values in sources.json should not have an 'outPath' attribute" - else - spec // { outPath = replace name (fetch config.pkgs name spec); }) - config.sources; - - # The "config" used by the fetchers - mkConfig = - { sourcesFile ? if builtins.pathExists ./sources.json then ./sources.json else null - , sources ? if isNull sourcesFile then - { } - else - builtins.fromJSON (builtins.readFile sourcesFile) - , system ? builtins.currentSystem - , pkgs ? mkPkgs sources system - }: rec { - # The sources, i.e. the attribute set of spec name to spec - inherit sources; - - # The "pkgs" (evaluated nixpkgs) to use for e.g. non-builtin fetchers - inherit pkgs; - }; - -in -mkSources (mkConfig { }) // { - __functor = _: settings: mkSources (mkConfig settings); -} diff --git a/outputs.nix b/outputs.nix new file mode 100644 index 00000000..b0976c90 --- /dev/null +++ b/outputs.nix @@ -0,0 +1,97 @@ +{ inputs, system, ... }: let + optionalAttrs = cond: as: if cond then as else { }; + + pkgs = import ./overlays { inherit inputs system; }; + inherit (pkgs) lib; + + mkTree = import ./tree.nix { inherit lib; }; + localTree = mkTree { + inherit inputs; + folder = ./config; + config = { + "modules/nixos" = { + functor = { + enable = true; + external = [ + (import (inputs.arcexprs + "/modules")).nixos + (import (inputs.katexprs + "/modules")).nixos + (import (inputs.impermanence + "/nixos.nix")) + (import inputs.anicca).modules.nixos + (inputs.tf-nix + "/modules/nixos/secrets.nix") + (inputs.tf-nix + "/modules/nixos/secrets-users.nix") + ]; + }; + }; + "modules/home" = { + functor = { + enable = true; + external = [ + (import (inputs.arcexprs + "/modules")).home-manager + (import (inputs.katexprs + "/modules")).home + (import (inputs.impermanence + "/home-manager.nix")) + (import inputs.anicca).modules.home + (inputs.tf-nix + "/modules/home/secrets.nix") + ]; + }; + }; + "modules/meta".functor.enable = true; + "profiles/*".functor.enable = true; + "profiles/hardware".evaluateDefault = true; + "profiles/cross".evaluateDefault = true; + "profiles/hardware/*".evaluateDefault = true; + "services/*".aliasDefault = true; + "users/*".evaluateDefault = true; + "users/kat/*".functor.enable = true; + "users/kat/services/mpd".functor.enable = true; + }; + }; + trustedTree = mkTree { + inherit inputs; + folder = inputs.trusted; + config = { + "secrets".evaluateDefault = true; + }; + }; + + tree = localTree // { + pure = localTree.pure // { + trusted = trustedTree.pure; + }; + impure = localTree.impure // { + trusted = trustedTree.impure; + }; + }; + + root = ./.; + + metaBase = import ./meta.nix { inherit config lib pkgs root; }; + + xarg = tree.impure; + + eval = lib.evalModules { + modules = lib.singleton metaBase + ++ lib.singleton xarg.modules.meta + ++ lib.attrValues xarg.targets + ++ (map + (host: { + network.nodes.${host} = { + imports = config.lib.kw.nodeImport host; + networking = { + hostName = host; + }; + }; + }) + (lib.attrNames xarg.hosts)); + + specialArgs = { + inherit inputs root tree; + meta = self; + } // xarg; + }; + + inherit (eval) config; + + + self = config // { inherit pkgs lib inputs tree; } // xarg; +in +self diff --git a/overlays/default.nix b/overlays/default.nix index 933e4a1a..5166ef4f 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,16 +1,17 @@ -{ sources, system ? builtins.currentSystem, ... }@args: +{ inputs, system ? builtins.currentSystem, ... }@args: let - pkgs = import sources.nixpkgs { + pkgs = import inputs.nixpkgs { + inherit system; overlays = [ - (import ./nur { inherit sources; }) - (import sources.emacs-overlay) + (import ./nur { inherit inputs; }) + (import inputs.emacs-overlay) (import ./rustfmt) - (import ./dns { inherit sources; }) + (import ./dns { inherit inputs; }) ] ++ (map (path: import "${path}/overlay.nix") [ - sources.arcexprs - sources.katexprs - sources.anicca + inputs.arcexprs + inputs.katexprs + inputs.anicca ]); config = { allowUnfree = true; diff --git a/overlays/dns/default.nix b/overlays/dns/default.nix index e8680600..7cd26cb9 100644 --- a/overlays/dns/default.nix +++ b/overlays/dns/default.nix @@ -1,3 +1,3 @@ -{ sources, ... }: final: prev: { - dns = import sources.nix-dns; +{ inputs, ... }: final: prev: { + dns = import inputs.nix-dns; } diff --git a/overlays/exprs b/overlays/exprs deleted file mode 160000 index c5bd2b5f..00000000 --- a/overlays/exprs +++ /dev/null @@ -1 +0,0 @@ -Subproject commit c5bd2b5f1bd8d08bf691abd6a1cb84fc4da300d7 diff --git a/overlays/nur/default.nix b/overlays/nur/default.nix index 85f74cbb..8b6fc8b3 100644 --- a/overlays/nur/default.nix +++ b/overlays/nur/default.nix @@ -1,5 +1,5 @@ -{ sources }: final: prev: { - nur = import sources.nur { +{ inputs }: final: prev: { + nur = import inputs.nur { nurpkgs = final; pkgs = final; }; diff --git a/shell.nix b/shell.nix index bc668419..28bf91f1 100644 --- a/shell.nix +++ b/shell.nix @@ -1,76 +1 @@ -{}: -let - meta = import ./default.nix; - config = meta; - inherit (meta) pkgs; - inherit (pkgs) lib; - fixedSources = removeAttrs config.sources [ "__functor" ]; - nf-update = pkgs.writeShellScriptBin "nf-update" '' - TEMP=$(mktemp -d) - git init -q $TEMP - ${pkgs.lib.concatStringsSep "\n" (pkgs.lib.mapAttrsToList (source: spec: let - update = "niv update ${source}"; - fetch = "timeout 30 git -C $TEMP fetch -q --depth 1 ${spec.repo} ${spec.branch}:source-${source}"; - revision = "$(git -C $TEMP show-ref -s source-${source})"; - isGit = pkgs.lib.hasPrefix "https://" spec.repo or ""; - git = '' - if ${fetch}; then - echo "${source}:${spec.branch} HEAD at ${revision}" >&2 - ${update} -r ${revision} || true - else - echo "failed to fetch latest revision from ${spec.repo}" >&2 - fi - ''; - auto = "${update} || true"; - in if isGit then git else auto) fixedSources)} - ''; - nf-actions = pkgs.writeShellScriptBin "nf-actions" '' - export START_DIR="$PWD" - cd "${toString ./.}" - export NF_CONFIG_ROOT=${toString ./.}/ci - NF_CONFIG_FILES=($NF_CONFIG_ROOT/{nodes,niv-cron}.nix) - for f in "''${NF_CONFIG_FILES[@]}"; do - echo $f - nix run --argstr config "$f" ci.run.gh-actions-generate - done - cd $START_DIR - ''; - nf-actions-test = pkgs.writeShellScriptBin "nf-actions-test" '' - export START_DIR="$PWD" - cd "${toString ./.}" - export NF_CONFIG_ROOT=${toString ./.}/ci - NF_CONFIG_FILES=($NF_CONFIG_ROOT/{nodes,niv-cron}.nix) - for f in "''${NF_CONFIG_FILES[@]}"; do - echo $f - nix run --argstr config "$f" ci.test - done - cd $START_DIR - ''; -in -with lib; pkgs.mkShell { - nativeBuildInputs = with pkgs; [ - inetutils - nf-update - nf-actions - nf-actions-test - ] ++ config.runners.lazy.nativeBuildInputs - ++ (map - (node: writeShellScriptBin "${node.networking.hostName}-sd-img" '' - nix build -f . network.nodes.${node.networking.hostName}.system.build.sdImage --show-trace - '') - (filter (node: node.system.build ? sdImage) (attrValues meta.network.nodes))) - ++ (map - (node: writeShellScriptBin "${node.networking.hostName}-iso-img" '' - nix build -f . network.nodes.${node.networking.hostName}.system.build.isoImage --show-trace - '') - (filter (node: node.system.build ? isoImage) (attrValues meta.network.nodes))); - shellHook = '' - export HOME_HOSTNAME=$(hostname -s) - export HOME_UID=$(id -u) - export HOME_USER=$(id -un) - export CI_PLATFORM="impure" - export NIX_PATH="$NIX_PATH:home=${toString ./.}" - git pull - ''; -} - +import ./devShell.nix { inputs = import ./inputs.nix; system = builtins.currentSystem; } diff --git a/tree.nix b/tree.nix index 960540fe..02684154 100644 --- a/tree.nix +++ b/tree.nix @@ -1,4 +1,4 @@ -{ lib }: { config, folder, sources, ... }@args: with lib; let +{ lib }: { config, folder, inputs, ... }@args: with lib; let pureTreeGrab = { base, path }: let realPath = toString path; dirContents = builtins.readDir path;