From 4917cfc1eb25ab2da48aa1a48ab1f0318610b5c0 Mon Sep 17 00:00:00 2001 From: TheWanderingCrow Date: Tue, 20 May 2025 11:45:17 -0400 Subject: [PATCH] updates --- README.md | 98 +++++---- devshells/default/default.nix | 9 + flake.lock | 380 ++++++++++++++++++++++++++++++++++ flake.nix | 99 ++++++++- hosts/nixos/tmp | 0 lib/default.nix | 54 ----- 6 files changed, 537 insertions(+), 103 deletions(-) create mode 100644 devshells/default/default.nix create mode 100644 flake.lock create mode 100644 hosts/nixos/tmp delete mode 100644 lib/default.nix diff --git a/README.md b/README.md index 6da2bdc..9e7fe05 100644 --- a/README.md +++ b/README.md @@ -1,51 +1,57 @@ -# Crow's NixOS configuration project +# CrOS (Crow's NixOS Configuration Repo) -## Proxmox/LXC target +## Directory Structure -`nix run github:nix-community/nixos-generators -- --format proxmox-lxc` +- `flake.nix` - Entrypoint for hosts and user home configurations. Also exposes + a devshell for manual bootstrapping tasks (`nix develop` or `nix-shell`). +- `hosts` - NixOS configurations accessible via + `sudo nixos-rebuild switch --flake .#`. + - `common` - Shared configurations consumed by the machine specific ones. + - `core` - Configurations present across all hosts. This is a hard rule! If + something isn't core, it is optional. + - `disks` - Declarative disk partition and format specifications via disko. + - `optional` - Optional configurations present across more than one host. + - `users` - Host level user configurations present across at least one host. + - `/keys` - Public keys for the user that are symlinked to ~/.ssh + - `dariwn` - machine specific configurations for darwin-based hosts + - Currently not using any darwin hosts + - `nixos` - machine specific configurations for NixOS-based hosts + - `Parzival` - Primary Box - Ryzen 5 7600 - 32GB DDR5 - RX 7800 XT +- `home/` - Home-manager configurations, built automatically during host + rebuilds. + - `common` - Shared home-manager configurations consumed the user's machine + specific ones. + - `core` - Home-manager configurations present for user across all machines. + This is a hard rule! If something isn't core, it is optional. + - `optional` - Optional home-manager configurations that can be added for + specific machines. These can be added by category (e.g. options/media) or + individually (e.g. options/media/vlc.nix) as needed. The home-manager core + and options are defined in host-specific .nix files housed in + `home/`. +- `lib` - Custom library used throughout the nix-config to make import paths + more readable. Accessible via `lib.custom`. + - Currently am not extending lib. +- `modules` - Custom modules to enable special functionality and options. + - `common` - Custom modules that will work on either nixos or dariwn but that + aren't specific to home-manager + - `darwin` - Custom modules specific to dariwn-based hosts + - `home-manager` - Custom modules to home-manager + - `nixos` - Custom modules specific to nixos-based hosts +- `nixos-installer` - A stripped down version of the main nix-config flake used + exclusively during installation of NixOS and nix-config on hosts. +- `overlays` - Custom modifications to upstream packages. + - Currently not using overlays. +- `pkgs` - Custom packages meant to be shared or upstreamed. + - `common` - Custom packages that will work on either nixos or dariwn + - `darwin` - Custom packages specific to dariwn-based hosts + - `nixos` - Custom packages specific to nixos-based hosts +- `devshells` - Custom development shells and environments -## Building the Live ISO +# Credits -`nixos-generate --format install-iso --flake .#Parzival-Live -o result` +Inspired by many others, but especially: -## Formatting disks with disko - -`sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/latest -- --mode destroy,format,mount ` - -## Pushing systems to the binary cache - -`nix path-info -r .#nixosConfigurations..config.system.build.toplevel | attic push --stdin` - -## Deploying to the remote - -Note: If you need to specify the ssh key, you may inject extra cli options to -the ssh command via the NIX_SSHOPTS environment variable - -- Anywhere from local: - `nixos-rebuild switch --flake .# --target-host root@ --use-remote-sudo` - -## Generating Topology Files - -`nix build .#topology.x86_64-linux.config.output` - -## Vendor Specific Idiosyncrasies - -### Digital Ocean - -You will need to import the following module to be able to build NixOS on DO: -`"${nixpkgs}/nixos/modules/virtualisation/digital-ocean-image.nix"` - -Digital Ocean assigns IPs through cloud init so we need to not use DHCP - -``` -networking.useDHCP = nixpkgs.lib.mkForce false; -services.cloud-init = { - enable = true; - network.enable = true; -}; -``` - -### AWS - -You will need to import the following module to be able to build NixOS on EC2: -`"${nixpkgs}/nixos/modules/virtualisation/amazon-image.nix"` +- https://github.com/EmergentMind/ +- https://github.com/vimjoyer/ +- https://github.com/Misterio77/nix-starter-configs +- https://github.com/numtide/blueprint diff --git a/devshells/default/default.nix b/devshells/default/default.nix new file mode 100644 index 0000000..04a8208 --- /dev/null +++ b/devshells/default/default.nix @@ -0,0 +1,9 @@ +{pkgs, ...}: +pkgs.mkShell { + name = "default"; + + buildInputs = with pkgs; [ + git + vim + ]; +} diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..d94e44e --- /dev/null +++ b/flake.lock @@ -0,0 +1,380 @@ +{ + "nodes": { + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1747742835, + "narHash": "sha256-kYL4GCwwznsypvsnA20oyvW8zB/Dvn6K5G/tgMjVMT4=", + "owner": "nix-community", + "repo": "disko", + "rev": "df522e787fdffc4f32ed3e1fca9ed0968a384d62", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1741352980, + "narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "mnw": { + "locked": { + "lastModified": 1742255973, + "narHash": "sha256-XfEGVKatTgEMMOVb4SNp1LYLQOSzzrFTDMVDTZFyMVE=", + "owner": "Gerg-L", + "repo": "mnw", + "rev": "b982dbd5e6d55d4438832b3567c09bc2a129649d", + "type": "github" + }, + "original": { + "owner": "Gerg-L", + "repo": "mnw", + "type": "github" + } + }, + "nil": { + "inputs": { + "flake-utils": [ + "nvix", + "nvf", + "flake-utils" + ], + "nixpkgs": [ + "nvix", + "nvf", + "nixpkgs" + ], + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1741118843, + "narHash": "sha256-ggXU3RHv6NgWw+vc+HO4/9n0GPufhTIUjVuLci8Za8c=", + "owner": "oxalica", + "repo": "nil", + "rev": "577d160da311cc7f5042038456a0713e9863d09e", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "nil", + "type": "github" + } + }, + "nix-darwin": { + "inputs": { + "nixpkgs": [ + "nixpkgs-darwin" + ] + }, + "locked": { + "lastModified": 1747521943, + "narHash": "sha256-GMAJcB8oB9cC+TbYTE7QDfw9fwHZyloxUWnUpHnQRko=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "b9b927dd1f24094b271e8ec5277a672dc4fc860d", + "type": "github" + }, + "original": { + "owner": "lnl7", + "repo": "nix-darwin", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1747485343, + "narHash": "sha256-YbsZyuRE1tobO9sv0PUwg81QryYo3L1F3R3rF9bcG38=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "9b5ac7ad45298d58640540d0323ca217f32a6762", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-darwin": { + "locked": { + "lastModified": 1747514354, + "narHash": "sha256-ohO4Uox8WzonwEtxNvr1SsDbvnZLilxrqco1u0bEWHU=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "a3552bafe05e3c2f24e6bc6482135837984f7073", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixpkgs-24.11-darwin", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-lib": { + "locked": { + "lastModified": 1740877520, + "narHash": "sha256-oiwv/ZK/2FhGxrCkQkB83i7GnWXPPLzoqFHpDD3uYpk=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "147dee35aab2193b174e4c0868bd80ead5ce755c", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1747485343, + "narHash": "sha256-YbsZyuRE1tobO9sv0PUwg81QryYo3L1F3R3rF9bcG38=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "9b5ac7ad45298d58640540d0323ca217f32a6762", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1747542820, + "narHash": "sha256-GaOZntlJ6gPPbbkTLjbd8BMWaDYafhuuYRNrxCGnPJw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "292fa7d4f6519c074f0a50394dbbe69859bb6043", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1742288794, + "narHash": "sha256-Txwa5uO+qpQXrNG4eumPSD+hHzzYi/CdaM80M9XRLCo=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b6eaf97c6960d97350c584de1b6dcff03c9daf42", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1741865919, + "narHash": "sha256-4thdbnP6dlbdq+qZWTsm4ffAwoS8Tiq1YResB+RP6WE=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "573c650e8a14b2faa0041645ab18aed7e60f0c9a", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nmd": { + "flake": false, + "locked": { + "lastModified": 1705050560, + "narHash": "sha256-x3zzcdvhJpodsmdjqB4t5mkVW22V3wqHLOun0KRBzUI=", + "owner": "~rycee", + "repo": "nmd", + "rev": "66d9334933119c36f91a78d565c152a4fdc8d3d3", + "type": "sourcehut" + }, + "original": { + "owner": "~rycee", + "repo": "nmd", + "type": "sourcehut" + } + }, + "nvf": { + "inputs": { + "flake-parts": "flake-parts", + "flake-utils": "flake-utils", + "mnw": "mnw", + "nil": "nil", + "nixpkgs": "nixpkgs_3", + "nmd": "nmd", + "systems": "systems_2" + }, + "locked": { + "lastModified": 1742471089, + "narHash": "sha256-wiGkhJcDdg2/wy4QxaudNsU98y7CzzZpB6pnjUrNNDQ=", + "owner": "notashelf", + "repo": "nvf", + "rev": "3a28d05684f7f4e314eb4e56a5af624b648ab278", + "type": "github" + }, + "original": { + "owner": "notashelf", + "repo": "nvf", + "type": "github" + } + }, + "nvix": { + "inputs": { + "nixpkgs": "nixpkgs_2", + "nvf": "nvf" + }, + "locked": { + "lastModified": 1743793029, + "narHash": "sha256-Bc1PGjBv8qUXimCaBFN0OmpWpu6JF2ku+NlN5Am6gH0=", + "owner": "TheWanderingCrow", + "repo": "nvix", + "rev": "1c204563ef9bff09c8b1571e038185d2f38fdf36", + "type": "github" + }, + "original": { + "owner": "TheWanderingCrow", + "repo": "nvix", + "type": "github" + } + }, + "root": { + "inputs": { + "disko": "disko", + "nix-darwin": "nix-darwin", + "nixpkgs": "nixpkgs", + "nixpkgs-darwin": "nixpkgs-darwin", + "nixpkgs-stable": "nixpkgs-stable", + "nixpkgs-unstable": "nixpkgs-unstable", + "nvix": "nvix", + "sops-nix": "sops-nix" + } + }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "nvix", + "nvf", + "nil", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1741055476, + "narHash": "sha256-52vwEV0oS2lCnx3c/alOFGglujZTLmObit7K8VblnS8=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "aefb7017d710f150970299685e8d8b549d653649", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + }, + "sops-nix": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1747603214, + "narHash": "sha256-lAblXm0VwifYCJ/ILPXJwlz0qNY07DDYdLD+9H+Wc8o=", + "owner": "mic92", + "repo": "sops-nix", + "rev": "8d215e1c981be3aa37e47aeabd4e61bb069548fd", + "type": "github" + }, + "original": { + "owner": "mic92", + "repo": "sops-nix", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix index b670b0f..7c417a3 100644 --- a/flake.nix +++ b/flake.nix @@ -1,15 +1,108 @@ { description = "CrOS Ecosystem"; + outputs = { + self, + nixpkgs, + ... + } @ inputs: let + inherit (self) outputs; + + # Architectures + forAllSystems = nixpkgs.lib.genAttrs [ + "x86_64-linux" + ]; + # Extend lib with lib.custom + #lib = nixpkgs.lib.extend (self: super: {custom = import ./lib {inherit (nixpkgs) lib;};}); + in { + # Overlays + # overlays = import ./overlays {inherit inputs;}; + + # Host Configurations + nixosConfigurations = builtins.listToAttrs ( + map (host: { + name = host; + value = nixpkgs.lib.nixosSystem { + specialArgs = { + inherit inputs outputs lib; + isDarwin = false; + }; + modules = [./hosts/nixos/${host}]; + }; + }) (builtins.attrNames (builtins.readDir ./hosts/nixos)) + ); + + # For later, to enable if we get any darwin hosts + # darwinConfigurations = builtins.listToAttrs ( + # map (host: { + # name = host; + # value = nix-darwin.lib.darwinSystem { + # specialArgs = { + # inherit inputs outputs lib; + # isDarwin = true; + # }; + # modules = [ ./hosts/darwin/${host} ]; + # }; + # }) (builtins.attrNames (builtins.readDir ./hosts/darwin)) + # ); + + #packages = forAllSystems ( + # system: let + # pkgs = import nixpkgs { + # inherit system; + # overlays = [self.overlays.default]; + # }; + # in + # nixpkgs.lib.packagesFromDirectoryRecursive { + # callPackage = nixpkgs.lib.callPackageWith pkgs; + # directory = ./pkgs/common; + # } + #); + + devShells = forAllSystems ( + system: let + pkgs = import nixpkgs { + inherit system; + #overlays = [self.overlays.default]; + }; + in + builtins.listToAttrs ( + map (name: { + inherit name; + value = import ./devshells/${name} { + inherit pkgs inputs outputs; + }; + }) (builtins.attrNames (builtins.readDir ./devshells)) + ) + ); + }; + inputs = { # Official inputs nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; - unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-24.11"; + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + + nixpkgs-darwin.url = "github:nixos/nixpkgs/nixpkgs-24.11-darwin"; + nix-darwin = { + url = "github:lnl7/nix-darwin"; + inputs.nixpkgs.follows = "nixpkgs-darwin"; + }; # 3rd party inputs - sops-nix.url = "github:Mic92/sops-nix"; + disko = { + # Declarative partitioning + url = "github:nix-community/disko"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + sops-nix = { + url = "github:mic92/sops-nix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; # CrOS inputs - nix-secrets.url = "github:TheWanderingCrow/nix-secrets"; + #nix-secrets.url = "github:TheWanderingCrow/nix-secrets"; + nvix.url = "github:TheWanderingCrow/nvix"; }; } diff --git a/hosts/nixos/tmp b/hosts/nixos/tmp new file mode 100644 index 0000000..e69de29 diff --git a/lib/default.nix b/lib/default.nix deleted file mode 100644 index 17e034b..0000000 --- a/lib/default.nix +++ /dev/null @@ -1,54 +0,0 @@ -{lib, ...}: -# Credit: @JakeHamilton -# https://github.com/jakehamilton/config/blob/bf8411ec6b636f887dac45970864e09ba3ebf816/lib/module/default.nix -with lib; { - ## Create a NixOS module option. - ## - ## ```nix - ## lib.mkOpt nixpkgs.lib.types.str "My default" "Description of my option." - ## ``` - ## - #@ Type -> Any -> String - mkOpt = type: default: description: - mkOption {inherit type default description;}; - - ## Create a NixOS module option without a description. - ## - ## ```nix - ## lib.mkOpt' nixpkgs.lib.types.str "My default" - ## ``` - ## - #@ Type -> Any -> String - mkOpt' = type: default: mkOpt type default null; - - ## Create a NixOS module option with no default - ## - ## ```nix - ## lib.mkOpt_ types.path "Description of my option" - ## ``` - ## - #@ Type -> Any -> String - mkOpt_ = type: description: mkOption {inherit type description;}; - - enabled = { - ## Quickly enable an option. - ## - ## ```nix - ## services.nginx = enabled; - ## ``` - ## - #@ true - enable = true; - }; - - disabled = { - ## Quickly disable an option. - ## - ## ```nix - ## services.nginx = disabled; - ## ``` - ## - #@ false - enable = false; - }; -}