diff --git a/flake.lock b/flake.lock index cfc2f38d..50753bb2 100644 --- a/flake.lock +++ b/flake.lock @@ -425,9 +425,6 @@ "nixos-mailserver": "nixos-mailserver", "nixos-stable": "nixos-stable", "nixos-unstable": "nixos-unstable", - "nixpkgs": [ - "nixos-unstable" - ], "pre-commit-hooks": "pre-commit-hooks", "secrets": "secrets" } diff --git a/flake.nix b/flake.nix index 84e97731..2b947a2f 100644 --- a/flake.nix +++ b/flake.nix @@ -36,7 +36,6 @@ url = "git+https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git"; }; nixos-stable.url = "nixpkgs/nixos-22.11"; - nixpkgs.follows = "nixos-unstable"; flake-parts.inputs.nixpkgs-lib.follows = "nixos-unstable"; home-manager = { url = "home-manager/release-22.11"; @@ -58,21 +57,26 @@ }; }; - outputs = inputs @ {nixos-hardware, ...}: + outputs = inputs @ { + nixos-hardware, + self, + ... + }: inputs.flake-parts.lib.mkFlake {inherit inputs;} { imports = [ inputs.pre-commit-hooks.flakeModule ./nixos/flake-parts.nix ./home-manager/flake-parts.nix ./packages/flake-parts.nix + ./overlays/flake-parts.nix ]; systems = ["x86_64-linux"]; perSystem = { self', inputs', - pkgs, config, lib, + pkgs, ... }: { devShells = { @@ -81,14 +85,14 @@ }; }; checks = { - system-checks = pkgs.runCommand "system-checks" {} '' - mkdir -p $out - ${lib.concatMapStringsSep "\n" (x: x) (lib.mapAttrsToList (name: x: "ln -s ${x.config.system.build.toplevel} $out/${name}-system") inputs.self.nixosConfigurations)} - ${lib.concatMapStringsSep "\n" (x: x) (lib.mapAttrsToList (name: x: "ln -s ${x} $out/${name}-home") inputs.self.homeModes)} - ''; + system-checks = pkgs.recursiveLinkFarm "all-configs" { + nixos-configurations = lib.mapAttrs (_: config: config.config.system.build.toplevel) self.nixosConfigurations; + home-manager-configurations = self.homeModes; + }; }; pre-commit = { + pkgs = inputs'.nixos-unstable.legacyPackages; check.enable = true; settings = { settings.ormolu.defaultExtensions = [ diff --git a/home-manager/flake-parts.nix b/home-manager/flake-parts.nix index 3c3b1aa4..f37c2e14 100644 --- a/home-manager/flake-parts.nix +++ b/home-manager/flake-parts.nix @@ -4,8 +4,11 @@ inputs, ... }: { - flake = withSystem "x86_64-linux" ({inputs', ...}: let - pkgs = inputs'.nixos-stable.legacyPackages; + flake = withSystem "x86_64-linux" ({ + self', + pkgs, + ... + }: let flattenAttrs = attrs: lib.listToAttrs (lib.flatten (lib.mapAttrsToList ( @@ -22,14 +25,14 @@ inherit pkgs; modules = [ config - inputs.self.nixosModules.insertOverlays inputs.emanote.homeManagerModule ]; }); buildModesForHost = host: modes: - pkgs.runCommandLocal "${host}-modes" {} '' - mkdir $out - ${lib.concatStringsSep "\n" (lib.mapAttrsToList (mode: config: "ln -s ${(buildHomeManager config).activationPackage} $out/${mode}") modes)}''; + pkgs.recursiveLinkFarm "${host}-modes" + (lib.mapAttrs + (_: config: (buildHomeManager config).activationPackage) + modes); in { homeConfigurations = lib.mapAttrs (_: buildHomeManager) (flattenAttrs machines); homeModes = lib.mapAttrs buildModesForHost machines; diff --git a/home-manager/roles/gnome.nix b/home-manager/roles/gnome.nix index 8d45d9c5..0d5c9a72 100644 --- a/home-manager/roles/gnome.nix +++ b/home-manager/roles/gnome.nix @@ -55,6 +55,7 @@ in { move-to-monitor-up = []; move-to-workspace-left = []; move-to-workspace-right = []; + toggle-fullscreen = ["f"]; }; "org/gnome/mutter/keybindings" = { diff --git a/home-manager/roles/mpd.nix b/home-manager/roles/mpd.nix index bca9bc25..ebca6669 100644 --- a/home-manager/roles/mpd.nix +++ b/home-manager/roles/mpd.nix @@ -8,7 +8,7 @@ playlist_dir = "${audio_dir}/playlists"; in { home.file."media/audio/playlists" = { - source = pkgs.setToDirectories (lib.mapAttrs' (name: content: lib.nameValuePair "${name}.m3u" (builtins.toFile "${name}.m3u" content)) { + source = pkgs.recursiveLinkFarm "mpd-playlists" (lib.mapAttrs' (name: content: lib.nameValuePair "${name}.m3u" (builtins.toFile "${name}.m3u" content)) { "radio-swiss-classic" = "https://stream.srg-ssr.ch/m/rsc_de/aacp_96"; "radio-swiss-jazz" = "https://stream.srg-ssr.ch/m/rsj/aacp_96"; "br-klassik" = "http://dispatcher.rndfnk.com/br/brklassik/live/mp3/high"; diff --git a/home-manager/roles/taskwarrior.nix b/home-manager/roles/taskwarrior.nix index 379becc2..55e5a306 100644 --- a/home-manager/roles/taskwarrior.nix +++ b/home-manager/roles/taskwarrior.nix @@ -1,7 +1,6 @@ { pkgs, config, - flake-inputs, ... }: let fix-tasks = pkgs.writeShellScriptBin "fix-tasks" '' @@ -76,10 +75,10 @@ in { dataLocation = "${config.home.homeDirectory}/.task"; config = { taskd = { - certificate = "${flake-inputs.secrets}/taskwarrior/public.cert"; + certificate = "${pkgs.flake-inputs.secrets}/taskwarrior/public.cert"; credentials = pkgs.privateValue "" "taskwarrior/credentials"; - ca = "${flake-inputs.secrets}/taskwarrior/ca.cert"; - key = "${flake-inputs.secrets}/taskwarrior/private.key"; + ca = "${pkgs.flake-inputs.secrets}/taskwarrior/ca.cert"; + key = "${pkgs.flake-inputs.secrets}/taskwarrior/private.key"; server = "hera.m-0.eu:53589"; }; }; diff --git a/nixos/flake-parts.nix b/nixos/flake-parts.nix index 48861391..69b7bd7c 100644 --- a/nixos/flake-parts.nix +++ b/nixos/flake-parts.nix @@ -4,72 +4,46 @@ inputs, ... }: { - flake = withSystem "x86_64-linux" ({ - inputs', - system, - ... - }: let - networkingModule = name: "${inputs.nixos-unstable}/nixos/modules/services/networking/${name}.nix"; - modules = [ - # nftables using module not available in 22.11. - (networkingModule "firewall-iptables") - (networkingModule "firewall-nftables") - (networkingModule "firewall") - (networkingModule "nat-iptables") - (networkingModule "nat-nftables") - (networkingModule "nat") - (networkingModule "nftables") - (_: { - disabledModules = [ - "services/networking/firewall.nix" - "services/networking/nftables.nix" - "services/networking/nat.nix" - "services/networking/redsocks.nix" - "services/networking/miniupnpd.nix" - "services/audio/roon-server.nix" - "services/audio/roon-bridge.nix" - ]; - }) - ]; - makeSystem = name: - inputs'.nixos-stable.legacyPackages.nixos { - imports = - [ + flake = { + nixosConfigurations = withSystem "x86_64-linux" ({ + system, + self', + pkgs, + ... + }: let + machines = builtins.attrNames (builtins.readDir ./machines); + makeSystem = name: + pkgs.nixos { + imports = [ (import (./. + "/machines/${name}/configuration.nix") inputs) inputs.secrets.nixosModules.default - inputs.self.nixosModules.insertOverlays - ] - ++ modules; - }; - in { - nixosModules.insertOverlays = _: { - _module.args = { - flake-inputs = inputs // {inherit modules;}; - flake-inputs' = inputs'; - }; - nixpkgs.overlays = - [ - (_: _: - { - nix-output-monitor = inputs'.nix-output-monitor.packages.default; - unstable = inputs'.nixos-unstable.legacyPackages; - unfree = import inputs.nixos-stable { - inherit system; - config = { - allowUnfree = true; - android_sdk.accept_license = true; - }; - }; - unstableUnfree = import inputs.nixos-unstable { - config.allowUnfree = true; - inherit system; - }; - } - // inputs.secrets.private) - inputs.self.overlays.addMyHaskellPackages - ] - ++ import ../overlays {inherit lib;}; + inputs.self.nixosModules.unstableNFTables + ]; + }; + in + lib.genAttrs machines makeSystem); + nixosModules.unstableNFTables = _: { + disabledModules = [ + "services/networking/firewall.nix" + "services/networking/nftables.nix" + "services/networking/nat.nix" + "services/networking/redsocks.nix" + "services/networking/miniupnpd.nix" + "services/audio/roon-server.nix" + "services/audio/roon-bridge.nix" + ]; + imports = let + networkingModule = name: "${inputs.nixos-unstable}/nixos/modules/services/networking/${name}.nix"; + in [ + # nftables using module not available in 22.11. + (networkingModule "firewall-iptables") + (networkingModule "firewall-nftables") + (networkingModule "firewall") + (networkingModule "nat-iptables") + (networkingModule "nat-nftables") + (networkingModule "nat") + (networkingModule "nftables") + ]; }; - nixosConfigurations = lib.genAttrs (builtins.attrNames (builtins.readDir ./machines)) makeSystem; - }); + }; } diff --git a/nixos/machines/hera/cloud.nix b/nixos/machines/hera/cloud.nix index 61636e20..ee326467 100644 --- a/nixos/machines/hera/cloud.nix +++ b/nixos/machines/hera/cloud.nix @@ -2,7 +2,6 @@ pkgs, config, lib, - flake-inputs, ... }: let adminCreds = @@ -77,13 +76,12 @@ autoStart = true; privateNetwork = true; hostBridge = "bridge"; - config = {pkgs, ...}: { - imports = - [ - ../../roles - flake-inputs.self.nixosModules.insertOverlays - ] - ++ flake-inputs.modules; + config = _: { + imports = [ + ../../roles + pkgs.flake-inputs.self.nixosModules.unstableNFTables + ]; + nixpkgs = {inherit pkgs;}; networking = { interfaces.eth0 = { diff --git a/nixos/roles/git.nix b/nixos/roles/git.nix index 39c1ef65..57f3c6e5 100644 --- a/nixos/roles/git.nix +++ b/nixos/roles/git.nix @@ -2,7 +2,6 @@ config, pkgs, lib, - flake-inputs, ... }: let gitoliteCfg = config.services.gitolite; @@ -110,7 +109,7 @@ in { cd $dir git clone git@localhost:gitolite-admin cd gitolite-admin - cp -r ${flake-inputs.secrets}/gitolite/* . + cp -r ${pkgs.flake-inputs.secrets}/gitolite/* . if [[ "$(git status --porcelain)" != "" ]]; then git "config" "user.email" "git@hera.m-0.eu" git "config" "user.name" "git user" diff --git a/nixos/roles/home-assistant/hexa-cards.nix b/nixos/roles/home-assistant/hexa-cards.nix index 1cfd07b6..2d88885f 100644 --- a/nixos/roles/home-assistant/hexa-cards.nix +++ b/nixos/roles/home-assistant/hexa-cards.nix @@ -1,9 +1,5 @@ -{ - pkgs, - flake-inputs, - ... -}: let - nur = flake-inputs.hexa-nur-packages.packages.x86_64-linux; +{pkgs, ...}: let + nur = pkgs.flake-inputs'.hexa-nur-packages.packages; mkLovelaceModule = name: { url = "custom/${name}.js?${nur.hassLovelaceModules."${name}".version}"; diff --git a/nixos/roles/laminar/default.nix b/nixos/roles/laminar/default.nix index 09a65f5e..55e98b1e 100644 --- a/nixos/roles/laminar/default.nix +++ b/nixos/roles/laminar/default.nix @@ -70,7 +70,7 @@ in { LimitNOFILE = "1024000"; }; after = ["network.target"]; - preStart = "ln -sfT ${pkgs.setToDirectories (addTimeouts cfg.cfgFiles)} ${cfgDir}"; + preStart = "ln -sfT ${pkgs.recursiveLinkFarm "laminar-config-dir" (addTimeouts cfg.cfgFiles)} ${cfgDir}"; }; services = { nginx = { diff --git a/nixos/roles/mailman.nix b/nixos/roles/mailman.nix index 34bcca02..f73288af 100644 --- a/nixos/roles/mailman.nix +++ b/nixos/roles/mailman.nix @@ -38,7 +38,7 @@ in { "paths.fhs".template_dir = lib.mkForce ( - pkgs.setToDirectories { + pkgs.recursiveLinkFarm "mailman-templates" { site.de = { "list:user:notice:goodbye.txt" = builtins.toFile "goodbye" '' Du erhältst nun keine E-Mails mehr über diese Mailingliste. diff --git a/overlays/20-unfree.nix b/overlays/20-unfree.nix deleted file mode 100644 index c7f54b8f..00000000 --- a/overlays/20-unfree.nix +++ /dev/null @@ -1,4 +0,0 @@ -self: super: { - inherit (super.unfree) discord zoom-us minecraft teamviewer steam androidsdk_9_0; - inherit (super.unstableUnfree) minecraft-server; -} diff --git a/overlays/30-ghc/default.nix b/overlays/30-ghc/default.nix deleted file mode 100644 index a5422de8..00000000 --- a/overlays/30-ghc/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -final: prev: let - myPkgs = import ./packages.nix; -in { - myHaskellPackages = myPkgs.makeHaskellPackages prev.unstableHaskellPackages; - myHaskellScriptPackages = myPkgs.makeHaskellScriptPackages prev.haskellPackages; - ghcWithPackages = prev.unstableGhc.withHoogle (p: builtins.attrValues (myPkgs.makeHaskellPackages p)); -} diff --git a/overlays/default.nix b/overlays/default.nix deleted file mode 100644 index 1ffc9403..00000000 --- a/overlays/default.nix +++ /dev/null @@ -1,12 +0,0 @@ -{lib}: let - overlayPath = ./.; - candidates = lib.attrNames (builtins.readDir overlayPath); - pathToOverlay = n: overlayPath + ("/" + n); - isNixFile = n: builtins.match ".*\\.nix" n != null; - isNixDir = n: builtins.pathExists (pathToOverlay n + "/default.nix"); - notDefault = n: n != "default.nix"; - isOverlay = n: (isNixDir n || isNixFile n) && notDefault n; - overlays = builtins.filter isOverlay candidates; - importOverlay = n: import (pathToOverlay n); -in - map importOverlay overlays diff --git a/overlays/file-tree.nix b/overlays/file-tree.nix index f1cf6f2a..e5a81bef 100644 --- a/overlays/file-tree.nix +++ b/overlays/file-tree.nix @@ -1,18 +1,20 @@ -_: prev: let - inherit (prev) lib; +final: _: let + inherit (final) lib; linkToPath = path: fileOrDir: ( - if prev.lib.types.path.check fileOrDir - then ["ln -sT ${fileOrDir} ${path}"] + if final.lib.types.path.check fileOrDir + then [ + { + name = lib.concatStringsSep "/" path; + path = fileOrDir; + } + ] else - ["mkdir -p ${path}"] - ++ lib.concatLists ( + lib.concatLists ( lib.mapAttrsToList - (dirName: linkToPath "${path}/${dirName}") + (dirName: linkToPath (path ++ [dirName])) fileOrDir ) ); in { - setToDirectories = files: - prev.runCommand "set-to-directories" {} - (lib.concatStringsSep "\n" (linkToPath "$out" files)); + recursiveLinkFarm = name: files: final.linkFarm name (linkToPath [] files); } diff --git a/overlays/flake-parts.nix b/overlays/flake-parts.nix new file mode 100644 index 00000000..4ef4003f --- /dev/null +++ b/overlays/flake-parts.nix @@ -0,0 +1,33 @@ +{ + lib, + inputs, + ... +}: { + perSystem = { + inputs', + system, + ... + }: { + _module.args.pkgs = inputs'.nixos-stable.legacyPackages.appendOverlays ( + [ + (_: _: { + flake-inputs = inputs; + flake-inputs' = inputs'; + }) + inputs.self.overlays.addMyHaskellPackages + ] + ++ (let + overlayPath = ./.; + candidates = lib.attrNames (builtins.readDir overlayPath); + pathToOverlay = n: overlayPath + ("/" + n); + isNixFile = n: builtins.match ".*\\.nix" n != null; + isNixDir = n: builtins.pathExists (pathToOverlay n + "/default.nix"); + notDefault = n: n != "flake-parts.nix"; + isOverlay = n: (isNixDir n || isNixFile n) && notDefault n; + overlays = builtins.filter isOverlay candidates; + importOverlay = n: import (pathToOverlay n); + in + map importOverlay overlays) + ); + }; +} diff --git a/overlays/ghc/default.nix b/overlays/ghc/default.nix new file mode 100644 index 00000000..67c9dbd8 --- /dev/null +++ b/overlays/ghc/default.nix @@ -0,0 +1,7 @@ +final: _: let + myPkgs = import ./packages.nix; +in { + myHaskellPackages = myPkgs.makeHaskellPackages final.unstableHaskellPackages; + myHaskellScriptPackages = myPkgs.makeHaskellScriptPackages final.haskellPackages; + ghcWithPackages = final.unstableGhc.withHoogle (p: builtins.attrValues (myPkgs.makeHaskellPackages p)); +} diff --git a/overlays/30-ghc/packages.nix b/overlays/ghc/packages.nix similarity index 100% rename from overlays/30-ghc/packages.nix rename to overlays/ghc/packages.nix diff --git a/overlays/10-previews.nix b/overlays/previews.nix similarity index 61% rename from overlays/10-previews.nix rename to overlays/previews.nix index 115bc112..b81837a5 100644 --- a/overlays/10-previews.nix +++ b/overlays/previews.nix @@ -1,4 +1,6 @@ self: super: { + nix-output-monitor = self.flake-inputs'.nix-output-monitor.packages.default; + unstable = self.flake-inputs'.nixos-unstable.legacyPackages; unstableHaskellPackages = self.unstable.haskellPackages; unstableGhc = self.unstable.ghc; inherit diff --git a/overlays/private.nix b/overlays/private.nix new file mode 100644 index 00000000..4ee0b0dd --- /dev/null +++ b/overlays/private.nix @@ -0,0 +1 @@ +_: prev: prev.flake-inputs.secrets.private diff --git a/overlays/unfree.nix b/overlays/unfree.nix new file mode 100644 index 00000000..931da30b --- /dev/null +++ b/overlays/unfree.nix @@ -0,0 +1,16 @@ +self: super: let + unfree = import self.flake-inputs.nixos-stable { + inherit (self) system; + config = { + allowUnfree = true; + android_sdk.accept_license = true; + }; + }; + unstableUnfree = import self.flake-inputs.nixos-unstable { + config.allowUnfree = true; + inherit (self) system; + }; +in { + inherit (unfree) discord zoom-us minecraft teamviewer steam androidsdk_9_0; + inherit (unstableUnfree) minecraft-server; +}