gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: move to flakes

Browse source
This commit is contained in:
kat witch 2021-11-21 21:38:53 +00:00 committed by kat
parent 3447fa3d12
commit 7c5836558a
Signed by: kat
GPG key ID: 465E64DECEA8CF0F
31 changed files with 921 additions and 726 deletions
Download patch file Download diff file Expand all files Collapse all files

2
config/hosts/daiyousei.nix
View file

@ -1,4 +1,4 @@
{ config, tf, meta, kw, pkgs, lib, sources, ... }: with lib; { { config, tf, meta, kw, pkgs, lib, ... }: with lib; {
imports = with meta; [ imports = with meta; [
profiles.hardware.aarch64 profiles.hardware.aarch64
profiles.hardware.oracle.ubuntu profiles.hardware.oracle.ubuntu

2
config/hosts/goliath.nix
View file

@ -1,4 +1,4 @@
{ meta, tf, config, pkgs, lib, sources, ... }: with lib; { { meta, tf, config, pkgs, lib, ... }: with lib; {
imports = with meta; [ imports = with meta; [
profiles.hardware.ms-7b86 profiles.hardware.ms-7b86
profiles.hardware.razer profiles.hardware.razer

2
config/hosts/rinnosuke.nix
View file

@ -1,4 +1,4 @@
{ config, tf, meta, kw, pkgs, lib, sources, ... }: with lib; { { config, tf, meta, kw, pkgs, lib, ... }: with lib; {
imports = with meta; [ imports = with meta; [
profiles.hardware.oracle.ubuntu profiles.hardware.oracle.ubuntu
profiles.network profiles.network

6
config/modules/meta/deploy.nix
View file

@ -1,4 +1,4 @@
{ sources, config, pkgs, lib, ... }: { inputs, config, pkgs, lib, ... }:
/* /*
This module: This module:
@ -21,7 +21,7 @@ let
tfType = types.submoduleWith { tfType = types.submoduleWith {
modules = [ modules = [
tfModule tfModule
"${toString sources.tf-nix}/modules" "${toString inputs.tf-nix}/modules"
]; ];
specialArgs = { specialArgs = {
meta = config; meta = config;
@ -31,7 +31,7 @@ let
in in
{ {
imports = [ imports = [
(toString (sources.tf-nix + "/modules/run.nix")) (toString (inputs.tf-nix + "/modules/run.nix"))
] ++ (optional (builtins.pathExists ../../tf/tf.nix) (../../tf/tf.nix)); ] ++ (optional (builtins.pathExists ../../tf/tf.nix) (../../tf/tf.nix));
options = { options = {
deploy = { deploy = {

6
config/modules/meta/network.nix
View file

@ -1,4 +1,4 @@
{ pkgs, sources, lib, meta, config, ... }: { pkgs, inputs, lib, meta, config, ... }:
/* /*
This module: This module:
@ -71,11 +71,11 @@ with lib;
config.network = { config.network = {
nixos = { nixos = {
extraModules = [ extraModules = [
"${toString sources.home-manager}/nixos" "${toString inputs.home-manager}/nixos"
] ++ lib.singleton meta.modules.nixos; ] ++ lib.singleton meta.modules.nixos;
specialArgs = { specialArgs = {
inherit (config.network) nodes; inherit (config.network) nodes;
inherit sources meta; inherit inputs meta;
}; };
}; };
}; };

4
config/profiles/base/home.nix
View file

@ -1,4 +1,4 @@
{ meta, config, lib, sources, tf, ... }: { meta, config, lib, inputs, tf, ... }:
with lib; with lib;
@ -7,7 +7,7 @@ with lib;
type = types.attrsOf (types.submoduleWith { type = types.attrsOf (types.submoduleWith {
modules = singleton meta.modules.home; modules = singleton meta.modules.home;
specialArgs = { specialArgs = {
inherit sources tf meta; inherit inputs tf meta;
nixos = config; nixos = config;
}; };
}); });

10
config/profiles/base/nix.nix
View file

@ -1,4 +1,4 @@
{ config, lib, pkgs, sources, ... }: { config, lib, pkgs, inputs, ... }:
{ {
boot.loader.grub.configurationLimit = 8; boot.loader.grub.configurationLimit = 8;
@ -9,10 +9,10 @@
experimental-features = nix-command flakes experimental-features = nix-command flakes
''; '';
nixPath = [ nixPath = [
"nixpkgs=${sources.nixpkgs}" "nixpkgs=${inputs.nixpkgs}"
"nur=${sources.nur}" "nur=${inputs.nur}"
"arc=${sources.arcexprs}" "arc=${inputs.arcexprs}"
"ci=${sources.ci}" "ci=${inputs.ci}"
]; ];
sandboxPaths = [ sandboxPaths = [
"/var/run/nscd/socket" "/var/run/nscd/socket"

4
config/profiles/base/secrets.nix
View file

@ -1,7 +1,7 @@
{ config, meta, lib, pkgs, ... }: { config, meta, inputs, lib, pkgs, ... }:
{ {
imports = lib.optional (meta.trusted ? secrets) meta.trusted.secrets; imports = lib.optional (meta.trusted ? secrets) meta.trusted.secrets;
secrets = { secrets = {
root = "/var/lib/kat/secrets"; root = "/var/lib/kat/secrets";

4
config/profiles/hardware/hcloud-imperative.nix
View file

@ -1,4 +1,4 @@
{ config, lib, sources, ... }: { config, lib, inputs, ... }:
/* /*
This hardware profile corresponds with the imperatively provisioned hetzner cloud box. This hardware profile corresponds with the imperatively provisioned hetzner cloud box.
@ -9,6 +9,6 @@ with lib;
{ {
deploy.profile.hardware.hcloud-imperative = true; deploy.profile.hardware.hcloud-imperative = true;
imports = [ (sources.nixpkgs + "/nixos/modules/profiles/qemu-guest.nix") ]; imports = [ (inputs.nixpkgs + "/nixos/modules/profiles/qemu-guest.nix") ];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ]; boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ];
} }

4
config/profiles/hardware/oracle/common.nix
View file

@ -1,4 +1,4 @@
{ config, tf, meta, kw, pkgs, lib, sources, ... }: with lib; let { config, tf, meta, kw, pkgs, lib, inputs, ... }: with lib; let
oci-root = meta.deploy.targets.oci-root.tf; oci-root = meta.deploy.targets.oci-root.tf;
cfg = config.kw.oci; cfg = config.kw.oci;
in in
@ -52,7 +52,7 @@ in
default = null; default = null;
}; };
}; };
imports = with import (sources.tf-nix + "/modules"); [ imports = with import (inputs.tf-nix + "/modules"); [
nixos.oracle nixos.oracle
]; ];
config = config =

6
config/profiles/hardware/oracle/default.nix
View file

@ -1,4 +1,4 @@
{ lib, sources, tree, ... }: with lib; let { lib, inputs, tree, ... }: with lib; let
profiles = tree.prev; profiles = tree.prev;
appendedProfiles = with profiles; { appendedProfiles = with profiles; {
ubuntu = { config, ... }: { ubuntu = { config, ... }: {
@ -7,7 +7,7 @@
common = true; common = true;
}; };
kw.oci.base = "Canonical Ubuntu"; kw.oci.base = "Canonical Ubuntu";
imports = with import (sources.tf-nix + "/modules"); [ imports = with import (inputs.tf-nix + "/modules"); [
nixos.ubuntu-linux nixos.ubuntu-linux
common common
]; ];
@ -18,7 +18,7 @@
common = true; common = true;
}; };
kw.oci.base = "Oracle Linux"; kw.oci.base = "Oracle Linux";
imports = with import (sources.tf-nix + "/modules"); [ imports = with import (inputs.tf-nix + "/modules"); [
nixos.oracle-linux nixos.oracle-linux
common common
]; ];

2
config/profiles/network.nix
View file

@ -1,4 +1,4 @@
{ config, lib, pkgs, sources, meta, ... }: with lib; { config, lib, pkgs, meta, ... }: with lib;
{ {
options.network = with lib; { options.network = with lib; {

101
config/services/nixos-mailserver.nix.old
View file

@ -1,101 +0,0 @@
{ config, lib, tf, pkgs, sources, ... }:
with lib;
let
domains = [ "kittywitch" "dork" ];
users = [ "gitea" "kat" "keycloak" "vaultwarden" ];
in
{
imports = [ sources.nixos-mailserver.outPath ];
kw.secrets.variables = listToAttrs (map
(field:
nameValuePair "mail-${field}-hash" {
path = "secrets/mail-kittywitch";
field = "${field}-hash";
})
users
++ map
(domain:
nameValuePair "mail-domainkey-${domain}" {
path = "secrets/mail-${domain}";
field = "notes";
})
domains);
deploy.tf.dns.records = mkMerge (map
(domain:
let
zoneGet = domain: if domain == "dork" then "dork.dev." else config.network.dns.zone;
in
{
"services_mail_${domain}_mx" = {
zone = zoneGet domain;
mx = {
priority = 10;
target = "${config.network.addresses.public.domain}.";
};
};
"services_mail_${domain}_spf" = {
zone = zoneGet domain;
txt.value = "v=spf1 ip4:${config.network.addresses.public.nixos.ipv4.address} ip6:${config.network.addresses.public.nixos.ipv6.address} -all";
};
"services_mail_${domain}_dmarc" = {
zone = zoneGet domain;
domain = "_dmarc";
txt.value = "v=DMARC1; p=none";
};
"services_mail_${domain}_domainkey" = {
zone = zoneGet domain;
domain = "mail._domainkey";
txt.value = tf.variables."mail-domainkey-${domain}".ref;
};
})
domains);
secrets.files = listToAttrs (map
(user:
nameValuePair "mail-${user}-hash" {
text = ''
${tf.variables."mail-${user}-hash".ref}
'';
})
users);
mailserver = {
enable = true;
fqdn = config.network.addresses.public.domain;
domains = [ "kittywit.ch" "dork.dev" ];
certificateScheme = 1;
certificateFile = "/var/lib/acme/public_${config.networking.hostName}/cert.pem";
keyFile = "/var/lib/acme/public_${config.networking.hostName}/key.pem";
enableImap = true;
enablePop3 = true;
enableImapSsl = true;
enablePop3Ssl = true;
enableSubmission = false;
enableSubmissionSsl = true;
enableManageSieve = true;
virusScanning = false;
# nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2
loginAccounts = mkMerge [
(listToAttrs (map
(user:
nameValuePair "${user}@kittywit.ch" {
hashedPasswordFile = config.secrets.files."mail-${user}-hash".path;
})
users))
{
"kat@kittywit.ch" = {
aliases = [ "postmaster@kittywit.ch" ];
catchAll = [ "kittywit.ch" "dork.dev" ];
};
}
];
};
}

2
config/tf

@ -1 +1 @@
Subproject commit 51fafb2e4e5e19f8ae1ee1617b8b012dafc14443 Subproject commit 6e0d0ff4116d3d94d47e6a4ca46da71b50225b7e

2
config/trusted

@ -1 +1 @@
Subproject commit 24d253f09f223bca7d87ff3c10ded8da0e691f61 Subproject commit bc613f9528ecf35f0bfbd83ab299f88d7c44f4a0

4
config/users/kat/dev/emacs.nix
View file

@ -1,7 +1,7 @@
{ config, lib, pkgs, sources, ... }: with lib; { config, lib, pkgs, inputs, ... }: with lib;
let let
doom-emacs = pkgs.callPackage sources.nix-doom-emacs { doom-emacs = pkgs.callPackage inputs.nix-doom-emacs {
doomPrivateDir = "${./doom.d}"; doomPrivateDir = "${./doom.d}";
emacsPackages = pkgs.emacsPackagesFor pkgs.emacsPgtkGcc; emacsPackages = pkgs.emacsPackagesFor pkgs.emacsPgtkGcc;
bundledPackages = false; bundledPackages = false;

102
default.nix
View file

@ -1,101 +1 @@
let import ./outputs.nix { inputs = import ./inputs.nix; system = builtins.currentSystem; }
# we don't have lib without sources, so we need optionalAttrs
optionalAttrs = cond: as: if cond then as else { };
# Sources are from niv.
sources = import ./nix/sources.nix // optionalAttrs (builtins.pathExists ./overlays/exprs/default.nix) {
katexprs = ./overlays/exprs;
};
# We pass sources through to pkgs and get our nixpkgs + overlays.
pkgs = import ./overlays { inherit sources; };
# We want our overlaid lib.
inherit (pkgs) lib;
# This is used for caching niv sources in CI.
sourceCache = with lib; let
getSources = sources: removeAttrs sources [ "__functor" "dorkfiles" ];
source2drv = value: if isDerivation value.outPath then value.outPath else value;
sources2drvs = sources: mapAttrs (_: source2drv) (getSources sources);
in
recurseIntoAttrs rec {
local = sources2drvs sources;
hexchen = sources2drvs (import sources.hexchen { }).sources;
all = attrValues local ++ attrValues hexchen;
allStr = toString all;
};
tree = import ./tree.nix { inherit lib; } {
inherit sources;
folder = ./config;
config = {
"modules/nixos" = {
functor = {
enable = true;
external = [
(import (sources.arcexprs + "/modules")).nixos
(import (sources.katexprs + "/modules")).nixos
(import (sources.impermanence + "/nixos.nix"))
(import sources.anicca).modules.nixos
(sources.tf-nix + "/modules/nixos/secrets.nix")
(sources.tf-nix + "/modules/nixos/secrets-users.nix")
];
};
};
"modules/home" = {
functor = {
enable = true;
external = [
(import (sources.arcexprs + "/modules")).home-manager
(import (sources.katexprs + "/modules")).home
(import (sources.impermanence + "/home-manager.nix"))
(import sources.anicca).modules.home
(sources.tf-nix + "/modules/home/secrets.nix")
];
};
};
"modules/meta".functor.enable = true;
"profiles/*".functor.enable = true;
"profiles/hardware".evaluateDefault = true;
"profiles/cross".evaluateDefault = true;
"profiles/hardware/*".evaluateDefault = true;
"services/*".aliasDefault = true;
"trusted/secrets".evaluateDefault = true;
"trusted".excludes = [ "tf" ];
"users/*".evaluateDefault = true;
"users/kat/*".functor.enable = true;
"users/kat/services/mpd".functor.enable = true;
};
};
root = ./.;
metaBase = import ./meta.nix { inherit config lib pkgs root; };
xarg = tree.impure;
eval = lib.evalModules {
modules = lib.singleton metaBase
++ lib.singleton xarg.modules.meta
++ lib.attrValues xarg.targets
++ (map
(host: {
network.nodes.${host} = {
imports = config.lib.kw.nodeImport host;
networking = {
hostName = host;
};
};
})
(lib.attrNames xarg.hosts));
specialArgs = {
inherit sources root tree;
meta = self;
} // xarg;
};
inherit (eval) config;
self = config // { inherit pkgs lib sourceCache sources tree; } // xarg;
in
self

55
devShell.nix Normal file
View file

@ -0,0 +1,55 @@
{ inputs, system }:
let
meta = import ./outputs.nix { inherit inputs system; };
config = meta;
inherit (meta) pkgs;
inherit (pkgs) lib;
nf-actions = pkgs.writeShellScriptBin "nf-actions" ''
export START_DIR="$PWD"
cd "${toString ./.}"
export NF_CONFIG_ROOT=${toString ./.}/ci
NF_CONFIG_FILES=($NF_CONFIG_ROOT/{nodes,niv-cron}.nix)
for f in "''${NF_CONFIG_FILES[@]}"; do
echo $f
nix run --argstr config "$f" ci.run.gh-actions-generate
done
cd $START_DIR
'';
nf-actions-test = pkgs.writeShellScriptBin "nf-actions-test" ''
export START_DIR="$PWD"
cd "${toString ./.}"
export NF_CONFIG_ROOT=${toString ./.}/ci
NF_CONFIG_FILES=($NF_CONFIG_ROOT/{nodes,niv-cron}.nix)
for f in "''${NF_CONFIG_FILES[@]}"; do
echo $f
nix run --argstr config "$f" ci.test
done
cd $START_DIR
'';
in
with lib; pkgs.mkShell {
nativeBuildInputs = with pkgs; [
inetutils
nf-actions
nf-actions-test
] ++ config.runners.lazy.nativeBuildInputs
++ (map
(node: writeShellScriptBin "${node.networking.hostName}-sd-img" ''
nix build -f . network.nodes.${node.networking.hostName}.system.build.sdImage --show-trace
'')
(filter (node: node.system.build ? sdImage) (attrValues meta.network.nodes)))
++ (map
(node: writeShellScriptBin "${node.networking.hostName}-iso-img" ''
nix build -f . network.nodes.${node.networking.hostName}.system.build.isoImage --show-trace
'')
(filter (node: node.system.build ? isoImage) (attrValues meta.network.nodes)));
shellHook = ''
export HOME_HOSTNAME=$(hostname -s)
export HOME_UID=$(id -u)
export HOME_USER=$(id -un)
export CI_PLATFORM="impure"
export NIX_PATH="$NIX_PATH:home=${toString ./.}"
git pull
'';
}

662
flake.lock generated Normal file
View file

@ -0,0 +1,662 @@
{
"nodes": {
"anicca": {
"flake": false,
"locked": {
"lastModified": 1630289335,
"narHash": "sha256-4qkDeukQTwRsctM+VkQb8svxCsY03dZgBI6bHWr6xpo=",
"owner": "kittywitch",
"repo": "anicca",
"rev": "c890bd08f4e34a655ef5ff7561aa74cdc8d85a0a",
"type": "github"
},
"original": {
"owner": "kittywitch",
"ref": "main",
"repo": "anicca",
"type": "github"
}
},
"arcexprs": {
"flake": false,
"locked": {
"lastModified": 1637367152,
"narHash": "sha256-6M3dJuONcD9INaBxFlx6U/nd057PD8/NlMN1jacsJE0=",
"owner": "arcnmx",
"repo": "nixexprs",
"rev": "2e83baee2826fe6576304a1a70ada5b642abb1a9",
"type": "github"
},
"original": {
"owner": "arcnmx",
"ref": "master",
"repo": "nixexprs",
"type": "github"
}
},
"ci": {
"flake": false,
"locked": {
"lastModified": 1636843513,
"narHash": "sha256-z9KDlH61Z7zjRF1b+LUHNSjW3tqyk1Y+Isd+u491AEM=",
"owner": "arcnmx",
"repo": "ci",
"rev": "97a20953f408c2508b61f70cc81ba99ae3f97eb4",
"type": "github"
},
"original": {
"owner": "arcnmx",
"ref": "master",
"repo": "ci",
"type": "github"
}
},
"doom-emacs": {
"flake": false,
"locked": {
"lastModified": 1626604817,
"narHash": "sha256-z+dvjB02cHU+VQ5EMkzqSdX817PZar9AkmmfK27q0vo=",
"owner": "hlissner",
"repo": "doom-emacs",
"rev": "46732c0adaef147144418f9f284ca6b1183ab96f",
"type": "github"
},
"original": {
"owner": "hlissner",
"ref": "develop",
"repo": "doom-emacs",
"type": "github"
}
},
"doom-snippets": {
"flake": false,
"locked": {
"lastModified": 1625547004,
"narHash": "sha256-V+ytAjB4ZZ+5dJJAu1OY7SbnqrokX5PVBWs0AsgQ8Vs=",
"owner": "hlissner",
"repo": "doom-snippets",
"rev": "5c0eb5bd70f035cefb981c2ce64f4367498bdda6",
"type": "github"
},
"original": {
"owner": "hlissner",
"repo": "doom-snippets",
"type": "github"
}
},
"emacs-overlay": {
"locked": {
"lastModified": 1637515331,
"narHash": "sha256-fLfycI+PrBeRaP8CRdlxj3Kkqib+YlPdQIFCUAoj56w=",
"owner": "nix-community",
"repo": "emacs-overlay",
"rev": "86ceb863bc9cca9150666acce49ee2fe50e73cb0",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "master",
"repo": "emacs-overlay",
"type": "github"
}
},
"emacs-overlay_2": {
"flake": false,
"locked": {
"lastModified": 1630603742,
"narHash": "sha256-fYX5y18aHZTnYdBizeeW43NOFvCoT3iXk52dLtS43Gs=",
"owner": "nix-community",
"repo": "emacs-overlay",
"rev": "9c69c4d0ef9d8ed0c5a54697e359d7f3a51fcbb1",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "emacs-overlay",
"type": "github"
}
},
"emacs-so-long": {
"flake": false,
"locked": {
"lastModified": 1575031854,
"narHash": "sha256-xIa5zO0ZaToDrec1OFjBK6l39AbA4l/CE4LInVu2hi0=",
"owner": "hlissner",
"repo": "emacs-so-long",
"rev": "ed666b0716f60e8988c455804de24b55919e71ca",
"type": "github"
},
"original": {
"owner": "hlissner",
"repo": "emacs-so-long",
"type": "github"
}
},
"evil-markdown": {
"flake": false,
"locked": {
"lastModified": 1626852210,
"narHash": "sha256-HBBuZ1VWIn6kwK5CtGIvHM1+9eiNiKPH0GUsyvpUVN8=",
"owner": "Somelauw",
"repo": "evil-markdown",
"rev": "8e6cc68af83914b2fa9fd3a3b8472573dbcef477",
"type": "github"
},
"original": {
"owner": "Somelauw",
"repo": "evil-markdown",
"type": "github"
}
},
"evil-org-mode": {
"flake": false,
"locked": {
"lastModified": 1607203864,
"narHash": "sha256-JxwqVYDN6OIJEH15MVI6XOZAPtUWUhJQWHyzcrUvrFg=",
"owner": "hlissner",
"repo": "evil-org-mode",
"rev": "a9706da260c45b98601bcd72b1d2c0a24a017700",
"type": "github"
},
"original": {
"owner": "hlissner",
"repo": "evil-org-mode",
"type": "github"
}
},
"evil-quick-diff": {
"flake": false,
"locked": {
"lastModified": 1575189609,
"narHash": "sha256-oGzl1ayW9rIuq0haoiFS7RZsS8NFMdEA7K1BSozgnJU=",
"owner": "rgrinberg",
"repo": "evil-quick-diff",
"rev": "69c883720b30a892c63bc89f49d4f0e8b8028908",
"type": "github"
},
"original": {
"owner": "rgrinberg",
"repo": "evil-quick-diff",
"type": "github"
}
},
"explain-pause-mode": {
"flake": false,
"locked": {
"lastModified": 1595842060,
"narHash": "sha256-++znrjiDSx+cy4okFBBXUBkRFdtnE2x+trkmqjB3Njs=",
"owner": "lastquestion",
"repo": "explain-pause-mode",
"rev": "2356c8c3639cbeeb9751744dbe737267849b4b51",
"type": "github"
},
"original": {
"owner": "lastquestion",
"repo": "explain-pause-mode",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1627913399,
"narHash": "sha256-hY8g6H2KFL8ownSiFeMOjwPC8P0ueXpCVEbxgda3pko=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "12c64ca55c1014cdc1b16ed5a804aa8576601ff2",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1637014545,
"narHash": "sha256-26IZAc5yzlD9FlDT54io1oqG/bBoyka+FJk5guaX4x4=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "bba5dcc8e0b20ab664967ad83d24d64cb64ec4f4",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1614513358,
"narHash": "sha256-LakhOx3S1dRjnh0b5Dg3mbZyH0ToC9I8Y2wKSkBaTzU=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5466c5bbece17adaab2d82fae80b46e807611bf3",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_3": {
"locked": {
"lastModified": 1629481132,
"narHash": "sha256-JHgasjPR0/J1J3DRm4KxM4zTyAj4IOJY8vIl75v/kPI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "997f7efcb746a9c140ce1f13c72263189225f482",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1637481586,
"narHash": "sha256-cvgegmCRfNFuA/vPseMcSptmlNqD2nC0lLI9BQWU46A=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "1abd311eef125e7b64dff723f198d15e5aca2dd4",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "master",
"repo": "home-manager",
"type": "github"
}
},
"impermanence": {
"locked": {
"lastModified": 1637278200,
"narHash": "sha256-nwPBJpjHU8J0hhZ6l4Ytvi3qhcxXJVy4jOWurmzSv3A=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "0616c64b0ebcf08cc74db7820e74b807274246f6",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "master",
"repo": "impermanence",
"type": "github"
}
},
"katexprs": {
"flake": false,
"locked": {
"lastModified": 1637526127,
"narHash": "sha256-il4PL9sS1buJ7SSw2SgOloR6+4US92bKJEt1+gJbrOw=",
"owner": "kittywitch",
"repo": "nixexprs",
"rev": "46734151d4071718ca1ff1dda289dbb6ff17d8af",
"type": "github"
},
"original": {
"owner": "kittywitch",
"ref": "main",
"repo": "nixexprs",
"type": "github"
}
},
"nix-dns": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1635273082,
"narHash": "sha256-EHiDP2jEa7Ai5ZwIf5uld9RVFcV77+2SUxjQXwJsJa0=",
"owner": "kirelagin",
"repo": "nix-dns",
"rev": "c7b9645da9c0ddce4f9de4ef27ec01bb8108039a",
"type": "github"
},
"original": {
"owner": "kirelagin",
"ref": "master",
"repo": "nix-dns",
"type": "github"
}
},
"nix-doom-emacs": {
"inputs": {
"doom-emacs": "doom-emacs",
"doom-snippets": "doom-snippets",
"emacs-overlay": "emacs-overlay_2",
"emacs-so-long": "emacs-so-long",
"evil-markdown": "evil-markdown",
"evil-org-mode": "evil-org-mode",
"evil-quick-diff": "evil-quick-diff",
"explain-pause-mode": "explain-pause-mode",
"flake-utils": "flake-utils_3",
"nix-straight": "nix-straight",
"nixpkgs": "nixpkgs_3",
"nose": "nose",
"ob-racket": "ob-racket",
"org": "org",
"org-contrib": "org-contrib",
"org-yt": "org-yt",
"php-extras": "php-extras",
"revealjs": "revealjs",
"rotate-text": "rotate-text",
"straight": "straight"
},
"locked": {
"lastModified": 1631192516,
"narHash": "sha256-HaS2f8N7uGBz8bGAiC7y9xkWzsrtThpudcoaTsh5OkE=",
"owner": "vlaci",
"repo": "nix-doom-emacs",
"rev": "33064319607745856f488a998ca3db8ffcede865",
"type": "github"
},
"original": {
"owner": "vlaci",
"ref": "develop",
"repo": "nix-doom-emacs",
"type": "github"
}
},
"nix-straight": {
"flake": false,
"locked": {
"lastModified": 1628630968,
"narHash": "sha256-eh5QpnX3F8/0iKv1BvyU3KyZ/ksLlRegcd5c41pm/L8=",
"owner": "vlaci",
"repo": "nix-straight.el",
"rev": "e3f8aaff9ba889c6f2ee6c6d349736d21f21c685",
"type": "github"
},
"original": {
"owner": "vlaci",
"repo": "nix-straight.el",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1637523980,
"narHash": "sha256-nBbVQHJtR7a+Ctyo67aGc1lwUsoeMhK9PVTh6pB+aYk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4f871e232b8827b0b1d22bc40bc1b0dfa4473156",
"type": "github"
},
"original": {
"id": "nixpkgs",
"type": "indirect"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1616989418,
"narHash": "sha256-LcOn5wHR/1JwClfY/Ai/b+pSRY+d23QtIPQHwPAyHHI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9d8e05e088ad91b7c62886a2175f38bfa443db2c",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1630140382,
"narHash": "sha256-ntXepAHFlAEtaYIU5EzckRUODeeMgpu1u2Yug+4LFNc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "08ef0f28e3a41424b92ba1d203de64257a9fca6a",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixpkgs-unstable",
"type": "indirect"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1637155076,
"narHash": "sha256-26ZPNiuzlsnXpt55Q44+yzXvp385aNAfevzVEKbrU5Q=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "715f63411952c86c8f57ab9e3e3cb866a015b5f2",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nose": {
"flake": false,
"locked": {
"lastModified": 1400604510,
"narHash": "sha256-daEi8Kta1oGaDEmUUDDQMahTTPOpvNpDKk22rlr7cB0=",
"owner": "emacsattic",
"repo": "nose",
"rev": "f8528297519eba911696c4e68fa88892de9a7b72",
"type": "github"
},
"original": {
"owner": "emacsattic",
"repo": "nose",
"type": "github"
}
},
"nur": {
"locked": {
"lastModified": 1637520800,
"narHash": "sha256-GjX0uYY/xQcPM8YBDVJgYNNp1plFWwzAQbzBwJ0HX5g=",
"owner": "nix-community",
"repo": "nur",
"rev": "fc0758e2f8aa4dac7c4ab42860f07487b1dcadea",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "master",
"repo": "nur",
"type": "github"
}
},
"ob-racket": {
"flake": false,
"locked": {
"lastModified": 1584656173,
"narHash": "sha256-rBUYDDCXb+3D4xTPQo9UocbTPZ32kWV1Uya/1DmZknU=",
"owner": "xchrishawk",
"repo": "ob-racket",
"rev": "83457ec9e1e96a29fd2086ed19432b9d75787673",
"type": "github"
},
"original": {
"owner": "xchrishawk",
"repo": "ob-racket",
"type": "github"
}
},
"org": {
"flake": false,
"locked": {
"lastModified": 1629714870,
"narHash": "sha256-D6gUJtzZMpyJBNNn5EKWDCbDDgIXzxMx54fpcQ3DM2o=",
"owner": "emacs-straight",
"repo": "org-mode",
"rev": "a3ba79cd3a120235dae524f49945fbe99df923cf",
"type": "github"
},
"original": {
"owner": "emacs-straight",
"repo": "org-mode",
"type": "github"
}
},
"org-contrib": {
"flake": false,
"locked": {
"lastModified": 1623339452,
"narHash": "sha256-E3pioqkmAKQm5N7YsgJZil0/ozkdRE7//tE9FGbrluM=",
"ref": "master",
"rev": "fc81309cf6756607a836f93049a9393c2967c4e0",
"revCount": 2599,
"type": "git",
"url": "https://git.sr.ht/~bzg/org-contrib"
},
"original": {
"type": "git",
"url": "https://git.sr.ht/~bzg/org-contrib"
}
},
"org-yt": {
"flake": false,
"locked": {
"lastModified": 1527381913,
"narHash": "sha256-dzQ6B7ryzatHCTLyEnRSbWO0VUiX/FHYnpHTs74aVUs=",
"owner": "TobiasZawada",
"repo": "org-yt",
"rev": "40cc1ac76d741055cbefa13860d9f070a7ade001",
"type": "github"
},
"original": {
"owner": "TobiasZawada",
"repo": "org-yt",
"type": "github"
}
},
"php-extras": {
"flake": false,
"locked": {
"lastModified": 1573312690,
"narHash": "sha256-r4WyVbzvT0ra4Z6JywNBOw5RxOEYd6Qe2IpebHXkj1U=",
"owner": "arnested",
"repo": "php-extras",
"rev": "d410c5af663c30c01d461ac476d1cbfbacb49367",
"type": "github"
},
"original": {
"owner": "arnested",
"repo": "php-extras",
"type": "github"
}
},
"revealjs": {
"flake": false,
"locked": {
"lastModified": 1630050533,
"narHash": "sha256-gi+vC71xsKXN06QzwohNhFt07+7g6OqjsThXHwrZ5Q0=",
"owner": "hakimel",
"repo": "reveal.js",
"rev": "01d8d669bc2b681b595262ccbe27293eec2fcb44",
"type": "github"
},
"original": {
"owner": "hakimel",
"repo": "reveal.js",
"type": "github"
}
},
"root": {
"inputs": {
"anicca": "anicca",
"arcexprs": "arcexprs",
"ci": "ci",
"emacs-overlay": "emacs-overlay",
"flake-compat": "flake-compat",
"flake-utils": "flake-utils",
"home-manager": "home-manager",
"impermanence": "impermanence",
"katexprs": "katexprs",
"nix-dns": "nix-dns",
"nix-doom-emacs": "nix-doom-emacs",
"nixpkgs": "nixpkgs_4",
"nur": "nur",
"tf-nix": "tf-nix",
"trusted": "trusted"
}
},
"rotate-text": {
"flake": false,
"locked": {
"lastModified": 1322962747,
"narHash": "sha256-SOeOgSlcEIsKhUiYDJv0p+mLUb420s9E2BmvZQvZ0wk=",
"owner": "debug-ito",
"repo": "rotate-text.el",
"rev": "48f193697db996855aee1ad2bc99b38c6646fe76",
"type": "github"
},
"original": {
"owner": "debug-ito",
"repo": "rotate-text.el",
"type": "github"
}
},
"straight": {
"flake": false,
"locked": {
"lastModified": 1623633709,
"narHash": "sha256-taLIYnjs9sD8N8PuGO2F7l+O69u0dNPunwzFVTlXjUM=",
"owner": "raxod502",
"repo": "straight.el",
"rev": "1e27b0590df77a5d478970ca58fd6606971692f5",
"type": "github"
},
"original": {
"owner": "raxod502",
"repo": "straight.el",
"type": "github"
}
},
"tf-nix": {
"flake": false,
"locked": {
"lastModified": 1637365821,
"narHash": "sha256-wtZ8C8KdnLKku4Wu8mmff6lKJ7043YnJAipCRp860X0=",
"owner": "arcnmx",
"repo": "tf-nix",
"rev": "2e8642b7be0b63807d73a168ea880521de1e83b6",
"type": "github"
},
"original": {
"owner": "arcnmx",
"ref": "master",
"repo": "tf-nix",
"type": "github"
}
},
"trusted": {
"flake": false,
"locked": {
"lastModified": 1637526942,
"narHash": "sha256-XzWMFgRPY5sQwUO01kZLRAvfFPekp7jXJIAqNiQ8wxs=",
"ref": "main",
"rev": "bc613f9528ecf35f0bfbd83ab299f88d7c44f4a0",
"revCount": 87,
"type": "git",
"url": "ssh://git@github.com/kittywitch/nixfiles-trusted"
},
"original": {
"ref": "main",
"type": "git",
"url": "ssh://git@github.com/kittywitch/nixfiles-trusted"
}
}
},
"root": "root",
"version": 7
}

51
flake.nix Normal file
View file

@ -0,0 +1,51 @@
{
description = "kat's nixfiles";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
arcexprs = {
url = "github:arcnmx/nixexprs/master";
flake = false;
};
ci = {
url = "github:arcnmx/ci/master";
flake = false;
};
home-manager.url = "github:nix-community/home-manager/master";
impermanence.url = "github:nix-community/impermanence/master";
katexprs = {
url = "github:kittywitch/nixexprs/main";
flake = false;
};
anicca = {
url = "github:kittywitch/anicca/main";
flake = false;
};
nix-dns.url = "github:kirelagin/nix-dns/master";
emacs-overlay.url = "github:nix-community/emacs-overlay/master";
nur.url = "github:nix-community/nur/master";
nix-doom-emacs.url = "github:vlaci/nix-doom-emacs/develop";
tf-nix = {
url = "github:arcnmx/tf-nix/master";
flake = false;
};
flake-utils.url = "github:numtide/flake-utils";
trusted = {
url = "git+ssh://git@github.com/kittywitch/nixfiles-trusted?ref=main";
flake = false;
};
flake-compat = {
url = "github:edolstra/flake-compat";
flake = false;
};
};
outputs = { self, nixpkgs, flake-utils, ... }@inputs:
flake-utils.lib.eachDefaultSystem
(system:
let pkgs = nixpkgs.legacyPackages.${system}; in
{
devShell = import ./devShell.nix { inherit inputs system; };
legacyPackages = import ./outputs.nix { inherit inputs system; };
}
);
}

9
inputs.nix Normal file
View file

@ -0,0 +1,9 @@
(import (
let
lock = builtins.fromJSON (builtins.readFile ./flake.lock);
in fetchTarball {
url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
sha256 = lock.nodes.flake-compat.locked.narHash; }
) {
src = ./.;
}).defaultNix.inputs

2
meta.nix
View file

@ -1,7 +1,7 @@
{ config, pkgs, lib, root, ... }: { { config, pkgs, lib, root, ... }: {
runners = { runners = {
lazy = { lazy = {
file = root; file = ./default.nix;
args = [ "--show-trace" ]; args = [ "--show-trace" ];
}; };
}; };

180
nix/sources.json
View file

@ -1,180 +0,0 @@
{
"anicca": {
"branch": "main",
"description": "A helper for transitioning to impermanence",
"homepage": "",
"owner": "kittywitch",
"repo": "anicca",
"rev": "c890bd08f4e34a655ef5ff7561aa74cdc8d85a0a",
"sha256": "16n6z9m1v6wf0ihddp9lqq5g3jzj3d25cgnkf9n08kqhx5x07ag2",
"type": "tarball",
"url": "https://github.com/kittywitch/anicca/archive/c890bd08f4e34a655ef5ff7561aa74cdc8d85a0a.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"arcexprs": {
"branch": "master",
"description": "nix stuff",
"homepage": null,
"owner": "arcnmx",
"repo": "nixexprs",
"rev": "fd8d7ea5480a616dba0777a4863e2788b569990b",
"sha256": "024y5qg98j9b9nzar3mzzgapl88brx7vsykggb5rmvc79bvpa0fm",
"type": "tarball",
"url": "https://github.com/arcnmx/nixexprs/archive/fd8d7ea5480a616dba0777a4863e2788b569990b.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"ci": {
"branch": "master",
"description": "CI helpers",
"homepage": "https://arcnmx.github.io/ci",
"owner": "arcnmx",
"repo": "ci",
"rev": "97a20953f408c2508b61f70cc81ba99ae3f97eb4",
"sha256": "0hq0fn7vnzn748z5d4xjvbgdca1m0yszhnsx8kivqrxmgsa87lng",
"type": "tarball",
"url": "https://github.com/arcnmx/ci/archive/97a20953f408c2508b61f70cc81ba99ae3f97eb4.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"emacs-overlay": {
"branch": "master",
"description": "Bleeding edge emacs overlay [maintainer=@adisbladis] ",
"homepage": "",
"owner": "nix-community",
"repo": "emacs-overlay",
"rev": "f9f4ac6a871d19bcd99a386d4555d8464817f272",
"sha256": "076f89hvfxj6ibcay7zylf553ccg31v5nlxg52c51nn6ay35km14",
"type": "tarball",
"url": "https://github.com/nix-community/emacs-overlay/archive/f9f4ac6a871d19bcd99a386d4555d8464817f272.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"hexchen": {
"branch": "main",
"description": "A cutie's nixfiles",
"homepage": "",
"ref": "main",
"repo": "https://gitlab.com/hexchen/nixfiles",
"rev": "c26f4cc18649b6eba69035f4e5edc189e938412a",
"sha256": "1qwj1aw86l1m1f4x14kqlwavj3d0vqllm4ppdjyj9dbap8y5d1z7",
"type": "tarball",
"url": "https://gitlab.com/hexchen/nixfiles/-/archive/c26f4cc18649b6eba69035f4e5edc189e938412a.tar.gz",
"url_template": "<repo>/-/archive/<rev>.tar.gz"
},
"home-manager": {
"branch": "master",
"description": "Manage a user environment using Nix [maintainer=@rycee] ",
"homepage": "https://nix-community.github.io/home-manager/",
"owner": "nix-community",
"repo": "home-manager",
"rev": "2452979efe92128b03e3c27567267066c2825fab",
"sha256": "0g3sxm407m7qfk6r2hp2jh4bp0samn9y2kcs74cspfiyhh8ss9j4",
"type": "tarball",
"url": "https://github.com/nix-community/home-manager/archive/2452979efe92128b03e3c27567267066c2825fab.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"impermanence": {
"branch": "master",
"description": "Modules to help you handle persistent state on systems with ephemeral root storage [maintainer=@talyz]",
"homepage": "",
"owner": "nix-community",
"repo": "impermanence",
"rev": "0616c64b0ebcf08cc74db7820e74b807274246f6",
"sha256": "0w5zs9naxbp5ijw5q9aprj2ylbdy5n39fyhnhrsc4ly7k0kc20wz",
"type": "tarball",
"url": "https://github.com/nix-community/impermanence/archive/0616c64b0ebcf08cc74db7820e74b807274246f6.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"katexprs": {
"branch": "main",
"description": null,
"homepage": null,
"owner": "kittywitch",
"repo": "nixexprs",
"rev": "c5bd2b5f1bd8d08bf691abd6a1cb84fc4da300d7",
"sha256": "1x5wkw5h0a03klh91h2wfg9qxf22fyg2144pccjlhsxqy1jzfqxw",
"type": "tarball",
"url": "https://github.com/kittywitch/nixexprs/archive/c5bd2b5f1bd8d08bf691abd6a1cb84fc4da300d7.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"niv": {
"branch": "master",
"description": "Easy dependency management for Nix projects",
"homepage": "https://github.com/nmattia/niv",
"owner": "nmattia",
"repo": "niv",
"rev": "5830a4dd348d77e39a0f3c4c762ff2663b602d4c",
"sha256": "1d3lsrqvci4qz2hwjrcnd8h5vfkg8aypq3sjd4g3izbc8frwz5sm",
"type": "tarball",
"url": "https://github.com/nmattia/niv/archive/5830a4dd348d77e39a0f3c4c762ff2663b602d4c.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"nix-dns": {
"branch": "master",
"description": "A Nix DSL for DNS zone files",
"homepage": "",
"owner": "kirelagin",
"repo": "nix-dns",
"rev": "c7b9645da9c0ddce4f9de4ef27ec01bb8108039a",
"sha256": "1b95dh15zl0qaf9fvvvvqlambm3plndpy24wwlib0sy4d0zq6y0h",
"type": "tarball",
"url": "https://github.com/kirelagin/nix-dns/archive/c7b9645da9c0ddce4f9de4ef27ec01bb8108039a.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"nix-doom-emacs": {
"branch": "develop",
"description": "doom-emacs packaged for Nix",
"homepage": "",
"owner": "vlaci",
"repo": "nix-doom-emacs",
"rev": "33064319607745856f488a998ca3db8ffcede865",
"sha256": "0h9sg744w6nafmp1lkpdrb71c6gpy8p8i05iy5rn1f3vqdzvd90x",
"type": "tarball",
"url": "https://github.com/vlaci/nix-doom-emacs/archive/33064319607745856f488a998ca3db8ffcede865.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"nixos-mailserver": {
"branch": "master",
"ref": "master",
"repo": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver",
"rev": "6e8142862f23ab99e1cc57838c02b733361e8d50",
"sha256": "19qzp8131pid4m3llb6w2v4ayxh25016fpv8yw6wnqng9yvigcw5",
"type": "tarball",
"url": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/6e8142862f23ab99e1cc57838c02b733361e8d50.tar.gz",
"url_template": "<repo>/-/archive/<rev>.tar.gz"
},
"nixpkgs": {
"branch": "nixos-unstable",
"description": "Nix Packages collection",
"homepage": "",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "715f63411952c86c8f57ab9e3e3cb866a015b5f2",
"sha256": "152kxfk11mgwg8gx0s1rgykyydfb7s746yfylvbwk5mk5cv4z9nv",
"type": "tarball",
"url": "https://github.com/nixos/nixpkgs/archive/715f63411952c86c8f57ab9e3e3cb866a015b5f2.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"nur": {
"branch": "master",
"description": "Nix User Repository: User contributed nix packages [maintainer=@Mic92]",
"homepage": "https://nur.nix-community.org/",
"owner": "nix-community",
"repo": "NUR",
"rev": "85a757b585c94a205c40c64f420d986791e57f1b",
"sha256": "1nm4sjlhx01dgnnjb7lg8pwxnrfb9xsl63g1h5nldn9asra5cf0c",
"type": "tarball",
"url": "https://github.com/nix-community/NUR/archive/85a757b585c94a205c40c64f420d986791e57f1b.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"tf-nix": {
"branch": "master",
"description": "terraform meets nix",
"homepage": null,
"owner": "arcnmx",
"repo": "tf-nix",
"rev": "2e8642b7be0b63807d73a168ea880521de1e83b6",
"sha256": "0zfi7aglchia0b4qkp9qplklmabzkxlz5bl5pfjb574xq85prmn2",
"type": "tarball",
"url": "https://github.com/arcnmx/tf-nix/archive/2e8642b7be0b63807d73a168ea880521de1e83b6.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
}
}

223
nix/sources.nix
View file

@ -1,223 +0,0 @@
# This file has been generated by Niv.
let
#
# The fetchers. fetch_<type> fetches specs of type <type>.
#
fetch_file = pkgs: name: spec:
let name' = sanitizeName name + "-src";
in
if spec.builtin or true then
builtins_fetchurl
{
inherit (spec) url sha256;
name = name';
}
else
pkgs.fetchurl {
inherit (spec) url sha256;
name = name';
};
fetch_tarball = pkgs: name: spec:
let name' = sanitizeName name + "-src";
in
if spec.builtin or true then
builtins_fetchTarball
{
name = name';
inherit (spec) url sha256;
}
else
pkgs.fetchzip {
name = name';
inherit (spec) url sha256;
};
fetch_git = name: spec:
let
ref =
if spec ? ref then
spec.ref
else if spec ? branch then
"refs/heads/${spec.branch}"
else if spec ? tag then
"refs/tags/${spec.tag}"
else
abort
"In git source '${name}': Please specify `ref`, `tag` or `branch`!";
in
builtins.fetchGit {
url = spec.repo;
inherit (spec) rev;
inherit ref;
};
fetch_local = spec: spec.path;
fetch_builtin-tarball = name:
throw ''
[${name}] The niv type "builtin-tarball" is deprecated. You should instead use `builtin = true`.
$ niv modify ${name} -a type=tarball -a builtin=true'';
fetch_builtin-url = name:
throw ''
[${name}] The niv type "builtin-url" will soon be deprecated. You should instead use `builtin = true`.
$ niv modify ${name} -a type=file -a builtin=true'';
#
# Various helpers
#
# https://github.com/NixOS/nixpkgs/pull/83241/files#diff-c6f540a4f3bfa4b0e8b6bafd4cd54e8bR695
sanitizeName = name:
(concatMapStrings (s: if builtins.isList s then "-" else s)
(builtins.split "[^[:alnum:]+._?=-]+"
((x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0) name)));
# The set of packages used when specs are fetched using non-builtins.
mkPkgs = sources: system:
let
sourcesNixpkgs = import
(builtins_fetchTarball { inherit (sources.nixpkgs) url sha256; })
{
inherit system;
};
hasNixpkgsPath = builtins.any (x: x.prefix == "nixpkgs") builtins.nixPath;
hasThisAsNixpkgsPath = <nixpkgs> == ./.;
in
if builtins.hasAttr "nixpkgs" sources then
sourcesNixpkgs
else if hasNixpkgsPath && !hasThisAsNixpkgsPath then
import <nixpkgs> { }
else
abort ''
Please specify either <nixpkgs> (through -I or NIX_PATH=nixpkgs=...) or
add a package called "nixpkgs" to your sources.json.
'';
# The actual fetching function.
fetch = pkgs: name: spec:
if !builtins.hasAttr "type" spec then
abort "ERROR: niv spec ${name} does not have a 'type' attribute"
else if spec.type == "file" then
fetch_file pkgs name spec
else if spec.type == "tarball" then
fetch_tarball pkgs name spec
else if spec.type == "git" then
fetch_git name spec
else if spec.type == "local" then
fetch_local spec
else if spec.type == "builtin-tarball" then
fetch_builtin-tarball name
else if spec.type == "builtin-url" then
fetch_builtin-url name
else
abort
"ERROR: niv spec ${name} has unknown type ${builtins.toJSON spec.type}";
# If the environment variable NIV_OVERRIDE_${name} is set, then use
# the path directly as opposed to the fetched source.
replace = name: drv:
let
saneName = stringAsChars
(c: if isNull (builtins.match "[a-zA-Z0-9]" c) then "_" else c)
name;
ersatz = builtins.getEnv "NIV_OVERRIDE_${saneName}";
in
if ersatz == "" then
drv
else
# this turns the string into an actual Nix path (for both absolute and
# relative paths)
if builtins.substring 0 1 ersatz == "/" then
/. + ersatz
else
/. + builtins.getEnv "PWD" + "/${ersatz}";
# Ports of functions for older nix versions
# a Nix version of mapAttrs if the built-in doesn't exist
mapAttrs = builtins.mapAttrs or (f: set:
with builtins;
listToAttrs (map
(attr: {
name = attr;
value = f attr set.${attr};
})
(attrNames set)));
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/lists.nix#L295
range = first: last:
if first > last then
[ ]
else
builtins.genList (n: first + n) (last - first + 1);
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L257
stringToCharacters = s:
map (p: builtins.substring p 1 s) (range 0 (builtins.stringLength s - 1));
# https://github.com/NixOS/nixpkgs/blob/0258808f5744ca980b9a1f24fe0b1e6f0fecee9c/lib/strings.nix#L269
stringAsChars = f: s: concatStrings (map f (stringToCharacters s));
concatMapStrings = f: list: concatStrings (map f list);
concatStrings = builtins.concatStringsSep "";
# https://github.com/NixOS/nixpkgs/blob/8a9f58a375c401b96da862d969f66429def1d118/lib/attrsets.nix#L331
optionalAttrs = cond: as: if cond then as else { };
# fetchTarball version that is compatible between all the versions of Nix
builtins_fetchTarball = { url, name ? null, sha256 }@attrs:
let inherit (builtins) lessThan nixVersion fetchTarball;
in
if lessThan nixVersion "1.12" then
fetchTarball
({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; }))
else
fetchTarball attrs;
# fetchurl version that is compatible between all the versions of Nix
builtins_fetchurl = { url, name ? null, sha256 }@attrs:
let inherit (builtins) lessThan nixVersion fetchurl;
in
if lessThan nixVersion "1.12" then
fetchurl
({ inherit url; } // (optionalAttrs (!isNull name) { inherit name; }))
else
fetchurl attrs;
# Create the final "sources" from the config
mkSources = config:
mapAttrs
(name: spec:
if builtins.hasAttr "outPath" spec then
abort
"The values in sources.json should not have an 'outPath' attribute"
else
spec // { outPath = replace name (fetch config.pkgs name spec); })
config.sources;
# The "config" used by the fetchers
mkConfig =
{ sourcesFile ? if builtins.pathExists ./sources.json then ./sources.json else null
, sources ? if isNull sourcesFile then
{ }
else
builtins.fromJSON (builtins.readFile sourcesFile)
, system ? builtins.currentSystem
, pkgs ? mkPkgs sources system
}: rec {
# The sources, i.e. the attribute set of spec name to spec
inherit sources;
# The "pkgs" (evaluated nixpkgs) to use for e.g. non-builtin fetchers
inherit pkgs;
};
in
mkSources (mkConfig { }) // {
__functor = _: settings: mkSources (mkConfig settings);
}

97
outputs.nix Normal file
View file

@ -0,0 +1,97 @@
{ inputs, system, ... }: let
optionalAttrs = cond: as: if cond then as else { };
pkgs = import ./overlays { inherit inputs system; };
inherit (pkgs) lib;
mkTree = import ./tree.nix { inherit lib; };
localTree = mkTree {
inherit inputs;
folder = ./config;
config = {
"modules/nixos" = {
functor = {
enable = true;
external = [
(import (inputs.arcexprs + "/modules")).nixos
(import (inputs.katexprs + "/modules")).nixos
(import (inputs.impermanence + "/nixos.nix"))
(import inputs.anicca).modules.nixos
(inputs.tf-nix + "/modules/nixos/secrets.nix")
(inputs.tf-nix + "/modules/nixos/secrets-users.nix")
];
};
};
"modules/home" = {
functor = {
enable = true;
external = [
(import (inputs.arcexprs + "/modules")).home-manager
(import (inputs.katexprs + "/modules")).home
(import (inputs.impermanence + "/home-manager.nix"))
(import inputs.anicca).modules.home
(inputs.tf-nix + "/modules/home/secrets.nix")
];
};
};
"modules/meta".functor.enable = true;
"profiles/*".functor.enable = true;
"profiles/hardware".evaluateDefault = true;
"profiles/cross".evaluateDefault = true;
"profiles/hardware/*".evaluateDefault = true;
"services/*".aliasDefault = true;
"users/*".evaluateDefault = true;
"users/kat/*".functor.enable = true;
"users/kat/services/mpd".functor.enable = true;
};
};
trustedTree = mkTree {
inherit inputs;
folder = inputs.trusted;
config = {
"secrets".evaluateDefault = true;
};
};
tree = localTree // {
pure = localTree.pure // {
trusted = trustedTree.pure;
};
impure = localTree.impure // {
trusted = trustedTree.impure;
};
};
root = ./.;
metaBase = import ./meta.nix { inherit config lib pkgs root; };
xarg = tree.impure;
eval = lib.evalModules {
modules = lib.singleton metaBase
++ lib.singleton xarg.modules.meta
++ lib.attrValues xarg.targets
++ (map
(host: {
network.nodes.${host} = {
imports = config.lib.kw.nodeImport host;
networking = {
hostName = host;
};
};
})
(lib.attrNames xarg.hosts));
specialArgs = {
inherit inputs root tree;
meta = self;
} // xarg;
};
inherit (eval) config;
self = config // { inherit pkgs lib inputs tree; } // xarg;
in
self

17
overlays/default.nix
View file

@ -1,16 +1,17 @@
{ sources, system ? builtins.currentSystem, ... }@args: { inputs, system ? builtins.currentSystem, ... }@args:
let let
pkgs = import sources.nixpkgs { pkgs = import inputs.nixpkgs {
inherit system;
overlays = [ overlays = [
(import ./nur { inherit sources; }) (import ./nur { inherit inputs; })
(import sources.emacs-overlay) (import inputs.emacs-overlay)
(import ./rustfmt) (import ./rustfmt)
(import ./dns { inherit sources; }) (import ./dns { inherit inputs; })
] ++ (map (path: import "${path}/overlay.nix") [ ] ++ (map (path: import "${path}/overlay.nix") [
sources.arcexprs inputs.arcexprs
sources.katexprs inputs.katexprs
sources.anicca inputs.anicca
]); ]);
config = { config = {
allowUnfree = true; allowUnfree = true;

4
overlays/dns/default.nix
View file

@ -1,3 +1,3 @@
{ sources, ... }: final: prev: { { inputs, ... }: final: prev: {
dns = import sources.nix-dns; dns = import inputs.nix-dns;
} }

1
overlays/exprs

@ -1 +0,0 @@
Subproject commit c5bd2b5f1bd8d08bf691abd6a1cb84fc4da300d7

4
overlays/nur/default.nix
View file

@ -1,5 +1,5 @@
{ sources }: final: prev: { { inputs }: final: prev: {
nur = import sources.nur { nur = import inputs.nur {
nurpkgs = final; nurpkgs = final;
pkgs = final; pkgs = final;
}; };

77
shell.nix
View file

@ -1,76 +1 @@
{}: import ./devShell.nix { inputs = import ./inputs.nix; system = builtins.currentSystem; }
let
meta = import ./default.nix;
config = meta;
inherit (meta) pkgs;
inherit (pkgs) lib;
fixedSources = removeAttrs config.sources [ "__functor" ];
nf-update = pkgs.writeShellScriptBin "nf-update" ''
TEMP=$(mktemp -d)
git init -q $TEMP
${pkgs.lib.concatStringsSep "\n" (pkgs.lib.mapAttrsToList (source: spec: let
update = "niv update ${source}";
fetch = "timeout 30 git -C $TEMP fetch -q --depth 1 ${spec.repo} ${spec.branch}:source-${source}";
revision = "$(git -C $TEMP show-ref -s source-${source})";
isGit = pkgs.lib.hasPrefix "https://" spec.repo or "";
git = ''
if ${fetch}; then
echo "${source}:${spec.branch} HEAD at ${revision}" >&2
${update} -r ${revision} || true
else
echo "failed to fetch latest revision from ${spec.repo}" >&2
fi
'';
auto = "${update} || true";
in if isGit then git else auto) fixedSources)}
'';
nf-actions = pkgs.writeShellScriptBin "nf-actions" ''
export START_DIR="$PWD"
cd "${toString ./.}"
export NF_CONFIG_ROOT=${toString ./.}/ci
NF_CONFIG_FILES=($NF_CONFIG_ROOT/{nodes,niv-cron}.nix)
for f in "''${NF_CONFIG_FILES[@]}"; do
echo $f
nix run --argstr config "$f" ci.run.gh-actions-generate
done
cd $START_DIR
'';
nf-actions-test = pkgs.writeShellScriptBin "nf-actions-test" ''
export START_DIR="$PWD"
cd "${toString ./.}"
export NF_CONFIG_ROOT=${toString ./.}/ci
NF_CONFIG_FILES=($NF_CONFIG_ROOT/{nodes,niv-cron}.nix)
for f in "''${NF_CONFIG_FILES[@]}"; do
echo $f
nix run --argstr config "$f" ci.test
done
cd $START_DIR
'';
in
with lib; pkgs.mkShell {
nativeBuildInputs = with pkgs; [
inetutils
nf-update
nf-actions
nf-actions-test
] ++ config.runners.lazy.nativeBuildInputs
++ (map
(node: writeShellScriptBin "${node.networking.hostName}-sd-img" ''
nix build -f . network.nodes.${node.networking.hostName}.system.build.sdImage --show-trace
'')
(filter (node: node.system.build ? sdImage) (attrValues meta.network.nodes)))
++ (map
(node: writeShellScriptBin "${node.networking.hostName}-iso-img" ''
nix build -f . network.nodes.${node.networking.hostName}.system.build.isoImage --show-trace
'')
(filter (node: node.system.build ? isoImage) (attrValues meta.network.nodes)));
shellHook = ''
export HOME_HOSTNAME=$(hostname -s)
export HOME_UID=$(id -u)
export HOME_USER=$(id -un)
export CI_PLATFORM="impure"
export NIX_PATH="$NIX_PATH:home=${toString ./.}"
git pull
'';
}

2
tree.nix
View file

@ -1,4 +1,4 @@
{ lib }: { config, folder, sources, ... }@args: with lib; let { lib }: { config, folder, inputs, ... }@args: with lib; let
pureTreeGrab = { base, path }: let pureTreeGrab = { base, path }: let
realPath = toString path; realPath = toString path;
dirContents = builtins.readDir path; dirContents = builtins.readDir path;