summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--default.nix93
-rw-r--r--flake.lock520
-rw-r--r--flake.nix174
-rw-r--r--flora/services/mail.nix2
-rw-r--r--home/home.nix4
-rw-r--r--home/packages-minimal.nix2
-rw-r--r--home/packages.nix2
-rw-r--r--home/unstable.nix10
-rw-r--r--inputs.nix53
-rw-r--r--modules/default.nix5
-rw-r--r--npins/default.nix64
-rw-r--r--npins/sources.json234
-rw-r--r--pkgs/default.nix11
-rw-r--r--pkgs/overlay.nix7
-rw-r--r--tests/default.nix6
15 files changed, 478 insertions, 709 deletions
diff --git a/default.nix b/default.nix
new file mode 100644
index 0000000..1d100d1
--- /dev/null
+++ b/default.nix
@@ -0,0 +1,93 @@
+{ system ? "x86_64-linux"
+, inputs ? import ./inputs.nix { inherit system; }
+}:
+
+let
+ inherit (inputs) sops-nix home-manager nixpkgs;
+
+ mkConfig = imports: config:
+ inputs.nixpkgs-flake.lib.nixosSystem rec {
+ system = "x86_64-linux";
+ modules = [ config ] ++ imports;
+ extraModules =
+ builtins.attrValues self.modules
+ ++ [ sops-nix ];
+ pkgs = nixpkgs;
+
+ specialArgs = {
+ inherit inputs system;
+ craneLib = inputs.crane.lib.${system};
+ };
+ };
+ mkDesktop = mkConfig [ ./common/desktop.nix ];
+ mkServer = mkConfig [
+ ./common/headless.nix
+ ];
+ deploy-vps = hostname: {
+ inherit hostname;
+ profiles.system = {
+ user = "root";
+ sshUser = "root";
+ path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos
+ self.nixosConfigurations.${hostname};
+ };
+ };
+
+ self = {
+
+ nixosConfigurations = {
+ chaski = mkServer ./chaski/configuration.nix;
+ flora = mkServer ./flora/configuration.nix;
+ abbenay = mkDesktop ./abbenay/configuration.nix;
+ cyberbox = mkDesktop ./cyberbox/configuration.nix;
+ ilex = mkDesktop ./ilex/configuration.nix;
+ };
+
+ deploy.nodes = {
+ chaski = deploy-vps "chaski";
+ flora = deploy-vps "flora";
+ parsons = {
+ hostname = "parsons";
+ profiles.home = {
+ user = "stuebinm";
+ sshUser = "stuebinm";
+ path = inputs.deploy-rs.lib.x86_64-linux.activate.home-manager
+ self.homeConfigurations.stuebinm-minimal;
+ };
+ };
+ abbenay = {
+ hostname = "abbenay";
+ profiles.system = {
+ user = "root";
+ sshUser = "stuebinm";
+ interactiveSudo = true;
+ path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos
+ self.nixosConfigurations.abbenay;
+ };
+ };
+ };
+
+ homeConfigurations = let
+ home = root:
+ home-manager.lib.homeManagerConfiguration rec {
+ pkgs = nixpkgs;
+ modules = [ root ];
+ extraSpecialArgs = {
+ inherit inputs;
+ system = "x86_64-linux";
+ };
+ };
+ in {
+ stuebinm = home ./home/home.nix;
+ stuebinm-minimal = home ./home/home-minimal.nix;
+ };
+
+ home = self.homeConfigurations.stuebinm.activationPackage;
+ home-minimal = self.homeConfigurations.stuebinm-minimal.activationPackage;
+
+ modules = import ./modules;
+ packages = import ./pkgs { inherit nixpkgs; };
+ tests = import ./tests { inherit nixpkgs; };
+ };
+
+in self
diff --git a/flake.lock b/flake.lock
deleted file mode 100644
index d52230b..0000000
--- a/flake.lock
+++ /dev/null
@@ -1,520 +0,0 @@
-{
- "nodes": {
- "almanac": {
- "flake": false,
- "locked": {
- "lastModified": 1679514360,
- "narHash": "sha256-sCAaGFNGzb51+v/JLBW5Rp5RaHr+3drlaw56y36YBCA=",
- "ref": "refs/heads/master",
- "rev": "cdd82b013777324f146c4961b866154a9287110b",
- "revCount": 61,
- "type": "git",
- "url": "https://stuebinm.eu/git/forks/almanac"
- },
- "original": {
- "type": "git",
- "url": "https://stuebinm.eu/git/forks/almanac"
- }
- },
- "bahnhof-name": {
- "flake": false,
- "locked": {
- "lastModified": 1705365694,
- "narHash": "sha256-D7zmuc9fz2sYZI4FvA+btOhVsZP3aV37F5L2rq/vu24=",
- "ref": "refs/heads/main",
- "rev": "0c05c14574ed301c1f80ceeb5edabc34e47feffb",
- "revCount": 24,
- "type": "git",
- "url": "https://stuebinm.eu/git/bahnhof.name"
- },
- "original": {
- "type": "git",
- "url": "https://stuebinm.eu/git/bahnhof.name"
- }
- },
- "blobs": {
- "flake": false,
- "locked": {
- "lastModified": 1604995301,
- "narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=",
- "owner": "simple-nixos-mailserver",
- "repo": "blobs",
- "rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265",
- "type": "gitlab"
- },
- "original": {
- "owner": "simple-nixos-mailserver",
- "repo": "blobs",
- "type": "gitlab"
- }
- },
- "blog": {
- "flake": false,
- "locked": {
- "lastModified": 1706402379,
- "narHash": "sha256-R67pbfZ27q67F9pweDSieYl4wEbIy2yC2cM4rxIuO4k=",
- "ref": "refs/heads/main",
- "rev": "58e380da3f6cc57bc8673067973d880c209c011c",
- "revCount": 47,
- "type": "git",
- "url": "ssh://cgit/~/blog"
- },
- "original": {
- "type": "git",
- "url": "ssh://cgit/~/blog"
- }
- },
- "deploy-rs": {
- "inputs": {
- "flake-compat": "flake-compat",
- "nixpkgs": [
- "nixpkgs"
- ],
- "utils": "utils"
- },
- "locked": {
- "lastModified": 1710103703,
- "narHash": "sha256-DqHB7aQtRCqDeGW4byEQ9yBrRnRidiSOgo2GcRSmN8Y=",
- "ref": "nom-flag",
- "rev": "9001480e03ab8c957716e2bf164bbde605472399",
- "revCount": 310,
- "type": "git",
- "url": "https://stuebinm.eu/git/forks/deploy-rs"
- },
- "original": {
- "ref": "nom-flag",
- "type": "git",
- "url": "https://stuebinm.eu/git/forks/deploy-rs"
- }
- },
- "feeds": {
- "flake": false,
- "locked": {
- "lastModified": 1691005375,
- "narHash": "sha256-t/2lssXYZ2wecGp+N5T54IEKIUJLxsv5gf4AGZ0FudM=",
- "path": "/home/stuebinm/org/nonpublic.nix",
- "type": "path"
- },
- "original": {
- "path": "/home/stuebinm/org/nonpublic.nix",
- "type": "path"
- }
- },
- "flake-compat": {
- "flake": false,
- "locked": {
- "lastModified": 1696426674,
- "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
- "owner": "edolstra",
- "repo": "flake-compat",
- "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
- "type": "github"
- },
- "original": {
- "owner": "edolstra",
- "repo": "flake-compat",
- "type": "github"
- }
- },
- "flake-compat_2": {
- "flake": false,
- "locked": {
- "lastModified": 1668681692,
- "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
- "owner": "edolstra",
- "repo": "flake-compat",
- "rev": "009399224d5e398d03b22badca40a37ac85412a1",
- "type": "github"
- },
- "original": {
- "owner": "edolstra",
- "repo": "flake-compat",
- "type": "github"
- }
- },
- "flake-utils": {
- "inputs": {
- "systems": "systems_2"
- },
- "locked": {
- "lastModified": 1705309234,
- "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
- "owner": "numtide",
- "repo": "flake-utils",
- "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
- "type": "github"
- },
- "original": {
- "owner": "numtide",
- "repo": "flake-utils",
- "type": "github"
- }
- },
- "gtfsBooks": {
- "flake": false,
- "locked": {
- "lastModified": 1655157692,
- "narHash": "sha256-Uy2TdvrZjFMa2fzvFlXZ7AhPxnMM4Ss5tgxLHVWX/Rw=",
- "ref": "main",
- "rev": "2a9d4fcf48b872aef1343f71dfddf44946fd8eb5",
- "revCount": 18,
- "type": "git",
- "url": "https://stuebinm.eu/git/forks/gtfs-books"
- },
- "original": {
- "ref": "main",
- "type": "git",
- "url": "https://stuebinm.eu/git/forks/gtfs-books"
- }
- },
- "home-manager": {
- "inputs": {
- "nixpkgs": [
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1712386041,
- "narHash": "sha256-dA82pOMQNnCJMAsPG7AXG35VmCSMZsJHTFlTHizpKWQ=",
- "owner": "nix-community",
- "repo": "home-manager",
- "rev": "d6bb9f934f2870e5cbc5b94c79e9db22246141ff",
- "type": "github"
- },
- "original": {
- "owner": "nix-community",
- "ref": "release-23.11",
- "repo": "home-manager",
- "type": "github"
- }
- },
- "isabelle-utils": {
- "flake": false,
- "locked": {
- "lastModified": 1635264830,
- "narHash": "sha256-AsubIRh3QsuPzp/vs12BHuZ1FCIW3zTfp+f17f2PN4k=",
- "ref": "refs/heads/master",
- "rev": "e7427d5c67c0a90c369adecb4b0c65c043cb2e34",
- "revCount": 17,
- "type": "git",
- "url": "https://stuebinm.eu/git/isabelle-utils"
- },
- "original": {
- "type": "git",
- "url": "https://stuebinm.eu/git/isabelle-utils"
- }
- },
- "nixpkgs": {
- "locked": {
- "lastModified": 1713013257,
- "narHash": "sha256-ZEfGB3YCBVggvk0BQIqVY7J8XF/9jxQ68fCca6nib+8=",
- "owner": "NixOS",
- "repo": "nixpkgs",
- "rev": "90055d5e616bd943795d38808c94dbf0dd35abe8",
- "type": "github"
- },
- "original": {
- "owner": "NixOS",
- "ref": "nixos-23.11",
- "repo": "nixpkgs",
- "type": "github"
- }
- },
- "nixpkgs-unstable": {
- "locked": {
- "lastModified": 1713128889,
- "narHash": "sha256-aB90ZqzosyRDpBh+rILIcyP5lao8SKz8Sr2PSWvZrzk=",
- "owner": "NixOS",
- "repo": "nixpkgs",
- "rev": "2748d22b45a99fb2deafa5f11c7531c212b2cefa",
- "type": "github"
- },
- "original": {
- "owner": "NixOS",
- "ref": "nixpkgs-unstable",
- "repo": "nixpkgs",
- "type": "github"
- }
- },
- "ntfy-matrix-bot": {
- "flake": false,
- "locked": {
- "lastModified": 1711577402,
- "narHash": "sha256-O8xtbOhrXiJhteEOcYYXqXuA/edkebg0GERBcZ3mH/w=",
- "ref": "refs/heads/main",
- "rev": "bade89a506c380a7d4cab4fdd765e28686c14776",
- "revCount": 1,
- "type": "git",
- "url": "https://stuebinm.eu/git/ntfy-matrix-bot"
- },
- "original": {
- "type": "git",
- "url": "https://stuebinm.eu/git/ntfy-matrix-bot"
- }
- },
- "playground": {
- "flake": false,
- "locked": {
- "lastModified": 1682694042,
- "narHash": "sha256-c3lC31iR1CPi8A8nV8ZjMtpt0cUACz4V4LUBd4awQOs=",
- "ref": "refs/heads/master",
- "rev": "19144f12772063b1c6f00ad186dabbf53ea25985",
- "revCount": 25,
- "type": "git",
- "url": "https://stuebinm.eu/git/playground"
- },
- "original": {
- "type": "git",
- "url": "https://stuebinm.eu/git/playground"
- }
- },
- "root": {
- "inputs": {
- "almanac": "almanac",
- "bahnhof-name": "bahnhof-name",
- "blog": "blog",
- "deploy-rs": "deploy-rs",
- "feeds": "feeds",
- "gtfsBooks": "gtfsBooks",
- "home-manager": "home-manager",
- "isabelle-utils": "isabelle-utils",
- "nixpkgs": "nixpkgs",
- "nixpkgs-unstable": "nixpkgs-unstable",
- "ntfy-matrix-bot": "ntfy-matrix-bot",
- "playground": "playground",
- "rust-overlay": "rust-overlay",
- "showrt": "showrt",
- "simple-nixos-mailserver": "simple-nixos-mailserver",
- "sops-nix": "sops-nix",
- "tracktrain": "tracktrain",
- "traveltext": "traveltext",
- "uplcg": "uplcg",
- "walint": "walint"
- }
- },
- "rust-overlay": {
- "inputs": {
- "flake-utils": "flake-utils",
- "nixpkgs": [
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1713150335,
- "narHash": "sha256-Ic7zCPfiSYc9nFFp+E44WFk3TBJ99J/uPZ4QXX+uPPw=",
- "owner": "oxalica",
- "repo": "rust-overlay",
- "rev": "b186d85e747e2b7bee220ec95839fb66c868dc47",
- "type": "github"
- },
- "original": {
- "owner": "oxalica",
- "repo": "rust-overlay",
- "type": "github"
- }
- },
- "showrt": {
- "flake": false,
- "locked": {
- "lastModified": 1670187823,
- "narHash": "sha256-po1Ef3+KiNSCLX45nUNZHyRntH5bVQTrqi+ZNFaaUCc=",
- "ref": "main",
- "rev": "7de36af3c6ffcc25832a6ff2303ba6c4c1101de5",
- "revCount": 7,
- "type": "git",
- "url": "https://stuebinm.eu/git/showrt"
- },
- "original": {
- "ref": "main",
- "type": "git",
- "url": "https://stuebinm.eu/git/showrt"
- }
- },
- "simple-nixos-mailserver": {
- "inputs": {
- "blobs": "blobs",
- "flake-compat": "flake-compat_2",
- "nixpkgs": [
- "nixpkgs-unstable"
- ],
- "nixpkgs-23_05": [
- "nixpkgs"
- ],
- "nixpkgs-23_11": [
- "nixpkgs"
- ],
- "utils": "utils_2"
- },
- "locked": {
- "lastModified": 1706219574,
- "narHash": "sha256-qO+8UErk+bXCq2ybHU4GzXG4Ejk4Tk0rnnTPNyypW4g=",
- "owner": "simple-nixos-mailserver",
- "repo": "nixos-mailserver",
- "rev": "e47f3719f1db3e0961a4358d4cb234a0acaa7baf",
- "type": "gitlab"
- },
- "original": {
- "owner": "simple-nixos-mailserver",
- "ref": "nixos-23.11",
- "repo": "nixos-mailserver",
- "type": "gitlab"
- }
- },
- "sops-nix": {
- "inputs": {
- "nixpkgs": [
- "nixpkgs-unstable"
- ],
- "nixpkgs-stable": [
- "nixpkgs"
- ]
- },
- "locked": {
- "lastModified": 1713174909,
- "narHash": "sha256-APoDs2GtzVrsE+Z9w72qpHzEtEDfuinWcNTN7zhwLxg=",
- "owner": "Mic92",
- "repo": "sops-nix",
- "rev": "cc535d07cbcdd562bcca418e475c7b1959cefa4b",
- "type": "github"
- },
- "original": {
- "owner": "Mic92",
- "repo": "sops-nix",
- "type": "github"
- }
- },
- "systems": {
- "locked": {
- "lastModified": 1681028828,
- "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
- "owner": "nix-systems",
- "repo": "default",
- "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
- "type": "github"
- },
- "original": {
- "owner": "nix-systems",
- "repo": "default",
- "type": "github"
- }
- },
- "systems_2": {
- "locked": {
- "lastModified": 1681028828,
- "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
- "owner": "nix-systems",
- "repo": "default",
- "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
- "type": "github"
- },
- "original": {
- "owner": "nix-systems",
- "repo": "default",
- "type": "github"
- }
- },
- "tracktrain": {
- "flake": false,
- "locked": {
- "lastModified": 1688154251,
- "narHash": "sha256-iv2xUUYhjIcKWs1+l7h43z7v/a9/OamBKXi/gcl4ppI=",
- "ref": "main",
- "rev": "a995dabf07574a32c1ae62ad23b96ba7d8e076ee",
- "revCount": 92,
- "type": "git",
- "url": "https://stuebinm.eu/git/tracktrain"
- },
- "original": {
- "ref": "main",
- "type": "git",
- "url": "https://stuebinm.eu/git/tracktrain"
- }
- },
- "traveltext": {
- "flake": false,
- "locked": {
- "lastModified": 1681684407,
- "narHash": "sha256-lSrfRmnFVOwlX/dvLRjFB0P6XdSX+rHnkv5IQ/Ccjmc=",
- "ref": "main",
- "rev": "b6080abc5661f9323593944f5701d7dd7597afb9",
- "revCount": 20,
- "type": "git",
- "url": "https://stuebinm.eu/git/traveltext"
- },
- "original": {
- "ref": "main",
- "type": "git",
- "url": "https://stuebinm.eu/git/traveltext"
- }
- },
- "uplcg": {
- "flake": false,
- "locked": {
- "lastModified": 1687024567,
- "narHash": "sha256-SdAnUQwHxK/8CZpjxB/s0zMeO453nZzh6JABvl/55Rg=",
- "ref": "main",
- "rev": "b61c0b191578d6ed39a6038cca7b436764a1f9f1",
- "revCount": 124,
- "type": "git",
- "url": "https://stuebinm.eu/git/forks/uplcg"
- },
- "original": {
- "ref": "main",
- "type": "git",
- "url": "https://stuebinm.eu/git/forks/uplcg"
- }
- },
- "utils": {
- "inputs": {
- "systems": "systems"
- },
- "locked": {
- "lastModified": 1701680307,
- "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
- "owner": "numtide",
- "repo": "flake-utils",
- "rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
- "type": "github"
- },
- "original": {
- "owner": "numtide",
- "repo": "flake-utils",
- "type": "github"
- }
- },
- "utils_2": {
- "locked": {
- "lastModified": 1605370193,
- "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=",
- "owner": "numtide",
- "repo": "flake-utils",
- "rev": "5021eac20303a61fafe17224c087f5519baed54d",
- "type": "github"
- },
- "original": {
- "owner": "numtide",
- "repo": "flake-utils",
- "type": "github"
- }
- },
- "walint": {
- "flake": false,
- "locked": {
- "lastModified": 1646586788,
- "narHash": "sha256-33qvc6ZIJzBb7NUz7FHLAzAZ9rg/hGnLqKMjIXgUqdM=",
- "ref": "playground",
- "rev": "6b71528e72458bcb5e0a0089033b9367c887967f",
- "revCount": 265,
- "type": "git",
- "url": "https://stuebinm.eu/git/walint"
- },
- "original": {
- "ref": "playground",
- "type": "git",
- "url": "https://stuebinm.eu/git/walint"
- }
- }
- },
- "root": "root",
- "version": 7
-}
diff --git a/flake.nix b/flake.nix
deleted file mode 100644
index b83de7a..0000000
--- a/flake.nix
+++ /dev/null
@@ -1,174 +0,0 @@
-{
- description = ''
- stuebinm's flake stuff. feel free to reuse parts you find useful, but
- I suggest you don't depend on any of them actually working.
- '';
-
- inputs = {
- nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11";
- nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
-
- home-manager.url = "github:nix-community/home-manager/release-23.11";
- home-manager.inputs.nixpkgs.follows = "nixpkgs";
- deploy-rs.url = "git+https://stuebinm.eu/git/forks/deploy-rs?ref=nom-flag";
- deploy-rs.inputs.nixpkgs.follows = "nixpkgs";
- simple-nixos-mailserver.url =
- "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-23.11";
- simple-nixos-mailserver.inputs.nixpkgs.follows = "nixpkgs-unstable";
- simple-nixos-mailserver.inputs.nixpkgs-23_05.follows = "nixpkgs";
- simple-nixos-mailserver.inputs.nixpkgs-23_11.follows = "nixpkgs";
- rust-overlay.url = "github:oxalica/rust-overlay";
- rust-overlay.inputs.nixpkgs.follows = "nixpkgs";
- sops-nix.url = "github:Mic92/sops-nix";
- sops-nix.inputs.nixpkgs.follows = "nixpkgs-unstable";
- sops-nix.inputs.nixpkgs-stable.follows = "nixpkgs";
-
- uplcg.url = "git+https://stuebinm.eu/git/forks/uplcg?ref=main";
- uplcg.flake = false;
- tracktrain.url = "git+https://stuebinm.eu/git/tracktrain?ref=main";
- tracktrain.flake = false;
- blog.url = "git+ssh://cgit/~/blog";
- blog.flake = false;
- playground.url = "git+https://stuebinm.eu/git/playground";
- playground.flake = false;
- traveltext.url = "git+https://stuebinm.eu/git/traveltext?ref=main";
- traveltext.flake = false;
- showrt.url = "git+https://stuebinm.eu/git/showrt?ref=main";
- showrt.flake = false;
- almanac.url = "git+https://stuebinm.eu/git/forks/almanac";
- almanac.flake = false;
- feeds.url = "path:/home/stuebinm/org/nonpublic.nix";
- feeds.flake = false;
- isabelle-utils.url = "git+https://stuebinm.eu/git/isabelle-utils";
- isabelle-utils.flake = false;
- bahnhof-name.url = "git+https://stuebinm.eu/git/bahnhof.name";
- bahnhof-name.flake = false;
- ntfy-matrix-bot.url = "git+https://stuebinm.eu/git/ntfy-matrix-bot";
- ntfy-matrix-bot.flake = false;
-
- gtfsBooks.url = "git+https://stuebinm.eu/git/forks/gtfs-books?ref=main";
- gtfsBooks.flake = false;
- walint.url = "git+https://stuebinm.eu/git/walint?ref=playground";
- walint.flake = false;
- };
-
- outputs = { self, deploy-rs, sops-nix, ... }@inputs:
- let
- nixpkgs = import inputs.nixpkgs {
- system = "x86_64-linux";
- overlays = [
- inputs.rust-overlay.overlays.default
- self.overlays.default
- ];
- config.permittedInsecurePackages = [
- "schildichat-web-1.11.30-sc.2"
- ];
- };
- mkConfig = imports: config:
- inputs.nixpkgs.lib.nixosSystem rec {
- system = "x86_64-linux";
- modules = [ config ] ++ imports;
- extraModules =
- builtins.attrValues self.nixosModules
- ++ [ sops-nix.nixosModules.sops ];
- pkgs = nixpkgs;
-
- specialArgs = {
- inherit inputs system;
- craneLib = inputs.crane.lib.${system};
- };
- };
- mkDesktop = mkConfig [ ./common/desktop.nix ];
- mkServer = mkConfig [
- ./common/headless.nix
- ];
- deploy-vps = hostname: {
- inherit hostname;
- profiles.system = {
- user = "root";
- sshUser = "root";
- path = deploy-rs.lib.x86_64-linux.activate.nixos
- self.nixosConfigurations.${hostname};
- };
- };
- in {
-
- nixosConfigurations = {
- chaski = mkServer ./chaski/configuration.nix;
- flora = mkServer ./flora/configuration.nix;
- abbenay = mkDesktop ./abbenay/configuration.nix;
- cyberbox = mkDesktop ./cyberbox/configuration.nix;
- ilex = mkDesktop ./ilex/configuration.nix;
- };
-
- deploy.nodes = {
- chaski = deploy-vps "chaski";
- flora = deploy-vps "flora";
- parsons = {
- hostname = "parsons";
- profiles.home = {
- user = "stuebinm";
- sshUser = "stuebinm";
- path = deploy-rs.lib.x86_64-linux.activate.home-manager
- self.homeConfigurations.stuebinm-minimal;
- };
- };
- abbenay = {
- hostname = "abbenay";
- profiles.system = {
- user = "root";
- sshUser = "stuebinm";
- interactiveSudo = true;
- path = deploy-rs.lib.x86_64-linux.activate.nixos
- self.nixosConfigurations.abbenay;
- };
- };
- };
-
- checks = builtins.mapAttrs
- (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
-
- homeConfigurations = let
- home = root:
- inputs.home-manager.lib.homeManagerConfiguration rec {
- pkgs = nixpkgs;
- modules = [ root ];
- extraSpecialArgs = {
- inherit inputs;
- system = "x86_64-linux";
- };
- };
- in {
- stuebinm = home ./home/home.nix;
- stuebinm-minimal = home ./home/home-minimal.nix;
- };
-
- home = self.homeConfigurations.stuebinm.activationPackage;
- home-minimal = self.homeConfigurations.stuebinm-minimal.activationPackage;
-
- overlays.default = final: prev:
- import ./pkgs/overlay.nix { inherit inputs; } final prev;
- packages.x86_64-linux = {
- inherit (nixpkgs)
- galmon-core galmon-full almanac rustex
- kijetesantakaluotokieni showrt isabelle-utils isabat
- travelynx crs-tracker crs-php bahnhof-name matrix-to
- hikari_unstable heartwood radicle-interface radicle-tui
- inweb nomsring bookwyrm mollysocket git-annex-remote-remarkable2
- ntfy-matrix-bot transport_validator;
-
- tests.bookwyrm = nixpkgs.nixosTest ./tests/bookwyrm.nix;
- tests.travelynx = nixpkgs.nixosTest ./tests/travelynx.nix;
- };
-
- nixosModules = {
- # glitchtip = import ./modules/glitchtip.nix;
- bookwyrm = import ./modules/bookwyrm.nix;
- mollysocket = import ./modules/mollysocket.nix;
- };
-
- hydraJobs = {
- inherit (self) packages home;
- };
- };
-}
diff --git a/flora/services/mail.nix b/flora/services/mail.nix
index 2e1179a..3987a49 100644
--- a/flora/services/mail.nix
+++ b/flora/services/mail.nix
@@ -1,7 +1,7 @@
{ config, lib, pkgs, inputs, ... }:
{
- imports = [ inputs.simple-nixos-mailserver.nixosModule ];
+ imports = [ inputs.simple-nixos-mailserver ];
sops.secrets."mail/hashedPassword" = {};
diff --git a/home/home.nix b/home/home.nix
index 1e49983..d00c1db 100644
--- a/home/home.nix
+++ b/home/home.nix
@@ -215,7 +215,7 @@
};
systemd.user.services.syncical = let
- feeds = (import inputs.feeds).ical; in {
+ feeds = inputs.feeds.ical; in {
Unit.Description = "syncs ical feeds for almanac agenda";
Service = {
ExecStart = (pkgs.writeShellScript "syncical" ''
@@ -239,7 +239,7 @@
programs.newsboat = {
enable = true;
- urls = (import ./newsboat-public.nix) ++ (import inputs.feeds).rss;
+ urls = (import ./newsboat-public.nix) ++ inputs.feeds.rss;
browser = lib.getExe' pkgs.offpunk "offpunk";
reloadThreads = 300;
queries = {
diff --git a/home/packages-minimal.nix b/home/packages-minimal.nix
index c024654..3b5ede1 100644
--- a/home/packages-minimal.nix
+++ b/home/packages-minimal.nix
@@ -28,6 +28,6 @@
jq html-tidy nodePackages.stylelint nodePackages.js-beautify zola
lowdown
# nix things
- nixfmt niv inputs.deploy-rs.defaultPackage.${system}
+ nixfmt niv deploy-rs.deploy-rs
];
}
diff --git a/home/packages.nix b/home/packages.nix
index 1f5e8cf..165cc59 100644
--- a/home/packages.nix
+++ b/home/packages.nix
@@ -70,7 +70,7 @@ in
# others
julia python39 inweb
# nix things
- nixfmt niv inputs.deploy-rs.defaultPackage.${system}
+ nixfmt niv
#haskellPackages.nix-serve-ng
nix-doc nix-output-monitor
direnv
diff --git a/home/unstable.nix b/home/unstable.nix
index 0adb0ba..9592af7 100644
--- a/home/unstable.nix
+++ b/home/unstable.nix
@@ -1,6 +1,6 @@
-{config, pkgs, inputs, system, ...}:
+{config, pkgs, inputs, ...}:
-with inputs.nixpkgs-unstable.legacyPackages.${system};
+with inputs.nixpkgs-unstable;
{
home.packages = [
dino
@@ -15,11 +15,7 @@ with inputs.nixpkgs-unstable.legacyPackages.${system};
})
gleam
yazi
-
- # hikari development
- pkgs.pandoc # pkgs.xorg.xcbutilwm.dev
- pkgs.bmake pkgs.pkg-config
- ]; #++ hikari.buildInputs;
+ ];
xdg.desktopEntries."Signal" = {
name = "Signal";
diff --git a/inputs.nix b/inputs.nix
new file mode 100644
index 0000000..50c4deb
--- /dev/null
+++ b/inputs.nix
@@ -0,0 +1,53 @@
+{ system ? "x86_64-linux", sources ? import ./npins }:
+
+let
+
+ # some of my dependencies are only usable as flakes. this is just enough
+ # nonsense to import these
+ callFlake = name: inputs:
+ let
+ self = (import "${sources.${name}}/flake.nix").outputs
+ ({ inherit self; } // inputs);
+ in
+ self // { outPath = sources.${name}.outPath; };
+
+ inputs = sources // rec {
+
+ flake-utils = callFlake "flake-utils" { };
+
+ deploy-rs = callFlake "deploy-rs" {
+ # there's an implicit contract here that the module deploy-rs produces
+ # will not depend on the nixpkgs it is given, but that works out
+ inherit nixpkgs;
+ utils = flake-utils;
+ };
+
+ # both copies of nixpkgs get // { outPath = }'d, so that the nixPath
+ # override can use these paths.
+ nixpkgs = import sources.nixpkgs {
+ inherit system;
+ overlays = [
+ (import sources.rust-overlay)
+ deploy-rs.overlay
+ (import ./pkgs/overlay.nix { inherit inputs; })
+ ];
+ } // { outPath = sources.nixpkgs.outPath; };
+
+ nixpkgs-unstable =
+ import sources.nixpkgs-unstable { inherit system; }
+ // { outPath = sources.nixpkgs-unstable.outPath; };
+
+ # this absurd third copy only exists because non-flake nixpkgs does not
+ # as easily expose the evalConfig function ..
+ nixpkgs-flake =
+ (import "${sources.nixpkgs}/flake.nix").outputs { self = nixpkgs-flake; };
+
+ home-manager = callFlake "home-manager" { inherit nixpkgs; };
+
+ feeds = import /home/stuebinm/org/nonpublic.nix;
+
+ sops-nix = import "${sources.sops-nix}/modules/sops";
+
+ simple-nixos-mailserver = import sources.simple-nixos-mailserver;
+ };
+in inputs
diff --git a/modules/default.nix b/modules/default.nix
new file mode 100644
index 0000000..c5430f8
--- /dev/null
+++ b/modules/default.nix
@@ -0,0 +1,5 @@
+{
+ # glitchtip = import ./glitchtip.nix;
+ bookwyrm = import ./bookwyrm.nix;
+ mollysocket = import ./mollysocket.nix;
+}
diff --git a/npins/default.nix b/npins/default.nix
new file mode 100644
index 0000000..891db57
--- /dev/null
+++ b/npins/default.nix
@@ -0,0 +1,64 @@
+# Generated by npins. Do not modify; will be overwritten regularly
+let
+ requireFile = { sha256, hashMode ? "recursive" }:
+ builtins.derivation {
+ name = "source";
+ outputHashMode = hashMode;
+ outputHashAlgo = "sha256";
+ outputHash = sha256;
+ preferLocalBuild = true;
+ allowSubstitutes = false;
+ builder = "builtins:fetchurl";
+ system = "builtin"; # builtins.currentSystem;
+ };
+
+ data = builtins.fromJSON (builtins.readFile ./sources.json);
+ version = data.version;
+
+ mkSource = spec:
+ assert spec ? type; let
+ path =
+ if spec.type == "Git" then mkGitSource spec
+ else if spec.type == "GitRelease" then mkGitSource spec
+ else if spec.type == "PyPi" then mkPyPiSource spec
+ else if spec.type == "Channel" then mkChannelSource spec
+ else builtins.throw "Unknown source type ${spec.type}";
+ in
+ spec // { outPath = path; };
+
+ mkGitSource = { repository, revision, url ? null, hash, ... }:
+ assert repository ? type;
+ # At the moment, either it is a plain git repository (which has an url), or it is a GitHub/GitLab repository
+ # In the latter case, there we will always be an url to the tarball
+ if url != null then
+ (builtins.fetchTarball {
+ inherit url;
+ sha256 = hash; # FIXME: check nix version & use SRI hashes
+ })
+ else assert repository.type == "Git";
+ let
+ cached = requireFile { sha256 = hash; };
+ fetched = builtins.fetchGit {
+ url = repository.url;
+ rev = revision;
+ };
+ in if builtins.pathExists (builtins.unsafeDiscardStringContext cached.outPath)
+ then cached.outPath
+ else builtins.trace "npins: re-fetching source ${repository.url}" fetched.outPath;
+
+ mkPyPiSource = { url, hash, ... }:
+ builtins.fetchurl {
+ inherit url;
+ sha256 = hash;
+ };
+
+ mkChannelSource = { url, hash, ... }:
+ builtins.fetchTarball {
+ inherit url;
+ sha256 = hash;
+ };
+in
+if version == 3 then
+ builtins.mapAttrs (_: mkSource) data.pins
+else
+ throw "Unsupported format version ${toString version} in sources.json. Try running `npins upgrade`"
diff --git a/npins/sources.json b/npins/sources.json
new file mode 100644
index 0000000..ee51261
--- /dev/null
+++ b/npins/sources.json
@@ -0,0 +1,234 @@
+{
+ "pins": {
+ "almanac": {
+ "type": "Git",
+ "repository": {
+ "type": "Git",
+ "url": "https://stuebinm.eu/git/forks/almanac"
+ },
+ "branch": "master",
+ "revision": "cdd82b013777324f146c4961b866154a9287110b",
+ "url": null,
+ "hash": "0804k1zcnyhfdgjxmpgyg9l537j6p4ajrjgzz9svxka6acc1l85h"
+ },
+ "bahnhof-name": {
+ "type": "Git",
+ "repository": {
+ "type": "Git",
+ "url": "https://stuebinm.eu/git/bahnhof.name"
+ },
+ "branch": "main",
+ "revision": "0c05c14574ed301c1f80ceeb5edabc34e47feffb",
+ "url": null,
+ "hash": "0vmvxypsxxlj2zxmssgpjfqmbs5lkc7vq1cfchc6pkszrywydg0g"
+ },
+ "blog": {
+ "type": "Git",
+ "repository": {
+ "type": "Git",
+ "url": "ssh://cgit/~/blog"
+ },
+ "branch": "main",
+ "revision": "58e380da3f6cc57bc8673067973d880c209c011c",
+ "url": null,
+ "hash": "129v5q9ayf63v616rjy88v07i2brl8s7hw6s2yxsxvknyrnykbj7"
+ },
+ "deploy-rs": {
+ "type": "Git",
+ "repository": {
+ "type": "Git",
+ "url": "https://stuebinm.eu/git/forks/deploy-rs"
+ },
+ "branch": "nom-flag",
+ "revision": "9001480e03ab8c957716e2bf164bbde605472399",
+ "url": null,
+ "hash": "1iiplqa731ldha728xk2fi36n87p20hnzf35g21jli1dlknw388f"
+ },
+ "flake-utils": {
+ "type": "GitRelease",
+ "repository": {
+ "type": "GitHub",
+ "owner": "numtide",
+ "repo": "flake-utils"
+ },
+ "pre_releases": false,
+ "version_upper_bound": null,
+ "version": "v1.0.0",
+ "revision": "04c1b180862888302ddfb2e3ad9eaa63afc60cf8",
+ "url": "https://api.github.com/repos/numtide/flake-utils/tarball/v1.0.0",
+ "hash": "0hynd4rbkbplxzl2a8wb3r8z0h17z2alhhdsam78g3vgzpzg0d43"
+ },
+ "gtfsBooks": {
+ "type": "Git",
+ "repository": {
+ "type": "Git",
+ "url": "https://stuebinm.eu/git/forks/gtfs-books"
+ },
+ "branch": "main",
+ "revision": "2a9d4fcf48b872aef1343f71dfddf44946fd8eb5",
+ "url": null,
+ "hash": "077xjxaisjqcnqwjpq8cfg34y27cv5aidvzwv4d5736rz9v96bak"
+ },
+ "home-manager": {
+ "type": "Git",
+ "repository": {
+ "type": "GitHub",
+ "owner": "nix-community",
+ "repo": "home-manager"
+ },
+ "branch": "release-23.11",
+ "revision": "86853e31dc1b62c6eeed11c667e8cdd0285d4411",
+ "url": "https://github.com/nix-community/home-manager/archive/86853e31dc1b62c6eeed11c667e8cdd0285d4411.tar.gz",
+ "hash": "1hw53llinnqj61138bh0iwv31b73h9h6lvzrphq3prgxkg8anzay"
+ },
+ "isabelle-utils": {
+ "type": "Git",
+ "repository": {
+ "type": "Git",
+ "url": "https://stuebinm.eu/git/isabelle-utils"
+ },
+ "branch": "master",
+ "revision": "e7427d5c67c0a90c369adecb4b0c65c043cb2e34",
+ "url": null,
+ "hash": "129pizyyvxg7lzgk9pqn48a7brhyh5fv7vwzrs7wnhkp30hrpjq2"
+ },
+ "nixpkgs": {
+ "type": "Git",
+ "repository": {
+ "type": "GitHub",
+ "owner": "NixOS",
+ "repo": "nixpkgs"
+ },
+ "branch": "nixos-23.11",
+ "revision": "12430e43bd9b81a6b4e79e64f87c624ade701eaf",
+ "url": "https://github.com/NixOS/nixpkgs/archive/12430e43bd9b81a6b4e79e64f87c624ade701eaf.tar.gz",
+ "hash": "1ry06nhk8ayfb7wjmkacz8zqk0hwvp9phyachbkxsyxgc0hj3y6z"
+ },
+ "nixpkgs-unstable": {
+ "type": "Git",
+ "repository": {
+ "type": "GitHub",
+ "owner": "NixOS",
+ "repo": "nixpkgs"
+ },
+ "branch": "nixpkgs-unstable",
+ "revision": "2b1f64b358f2cab62617f26b3870fd0ee375d848",
+ "url": "https://github.com/NixOS/nixpkgs/archive/2b1f64b358f2cab62617f26b3870fd0ee375d848.tar.gz",
+ "hash": "1iy5vigbw2dx7rhzmsszc7d87sw545f0vw4kcwxk3mazxg9qrzgl"
+ },
+ "ntfy-matrix-bot": {
+ "type": "Git",
+ "repository": {
+ "type": "Git",
+ "url": "https://stuebinm.eu/git/ntfy-matrix-bot"
+ },
+ "branch": "main",
+ "revision": "c4bedb1756c96db3f7d01feedc6587f7b0c3dc0f",
+ "url": null,
+ "hash": "1kq34zk7k6rg9k8frvx51hl1ldqqbfgvhm9f827b5a4c0rx28dah"
+ },
+ "playground": {
+ "type": "Git",
+ "repository": {
+ "type": "Git",
+ "url": "https://stuebinm.eu/git/playground"
+ },
+ "branch": "master",
+ "revision": "19144f12772063b1c6f00ad186dabbf53ea25985",
+ "url": null,
+ "hash": "1ss0n237f0dmw0akw2q0qp8nvnijcg35f9qgy3i27m4ib3gl4ybk"
+ },
+ "rust-overlay": {
+ "type": "Git",
+ "repository": {
+ "type": "GitHub",
+ "owner": "oxalica",
+ "repo": "rust-overlay"
+ },
+ "branch": "master",
+ "revision": "44f8738f4b9805f7c60118c48f85da835839311a",
+ "url": "https://github.com/oxalica/rust-overlay/archive/44f8738f4b9805f7c60118c48f85da835839311a.tar.gz",
+ "hash": "10nm617bmlw9ialhhc9qix3fij6s5ggpwgcq8sldqqx99dhg9bxj"
+ },
+ "showrt": {
+ "type": "Git",
+ "repository": {
+ "type": "Git",
+ "url": "https://stuebinm.eu/git/showrt"
+ },
+ "branch": "main",
+ "revision": "7de36af3c6ffcc25832a6ff2303ba6c4c1101de5",
+ "url": null,
+ "hash": "09shk9b3969gmbmh8mavgss6f90zb51rsfby5n1d924agxzl93d6"
+ },
+ "simple-nixos-mailserver": {
+ "type": "Git",
+ "repository": {
+ "type": "GitLab",
+ "repo_path": "simple-nixos-mailserver/nixos-mailserver",
+ "server": "https://gitlab.com/"
+ },
+ "branch": "nixos-23.11",
+ "revision": "e47f3719f1db3e0961a4358d4cb234a0acaa7baf",
+ "url": "https://gitlab.com/api/v4/projects/simple-nixos-mailserver%2Fnixos-mailserver/repository/archive.tar.gz?sha=e47f3719f1db3e0961a4358d4cb234a0acaa7baf",
+ "hash": "122vm4n3gkvlkqmlskiq749bhwfd0r71v6vcmg1bbyg4998brvx8"
+ },
+ "sops-nix": {
+ "type": "Git",
+ "repository": {
+ "type": "GitHub",
+ "owner": "Mic92",
+ "repo": "sops-nix"
+ },
+ "branch": "master",
+ "revision": "f1b0adc27265274e3b0c9b872a8f476a098679bd",
+ "url": "https://github.com/Mic92/sops-nix/archive/f1b0adc27265274e3b0c9b872a8f476a098679bd.tar.gz",
+ "hash": "048rwfxmmrx5z5kika5d7lamdwg1jraighj42kampqvadh1sd0dq"
+ },
+ "tracktrain": {
+ "type": "Git",
+ "repository": {
+ "type": "Git",
+ "url": "https://stuebinm.eu/git/tracktrain"
+ },
+ "branch": "main",
+ "revision": "d4f4208fe66d3813b65312dac0bf895c4cdc53d6",
+ "url": null,
+ "hash": "0wf5x8pcls7w08kwl24l70bjyp1dmqzbkab71dvmkazs4vxvanvm"
+ },
+ "traveltext": {
+ "type": "Git",
+ "repository": {
+ "type": "Git",
+ "url": "https://stuebinm.eu/git/traveltext"
+ },
+ "branch": "main",
+ "revision": "b6080abc5661f9323593944f5701d7dd7597afb9",
+ "url": null,
+ "hash": "0rwfkkq46j7yjbkv3ylpsifzlhq7qlc2svzpbwjyqm65d53dyalm"
+ },
+ "uplcg": {
+ "type": "Git",
+ "repository": {
+ "type": "Git",
+ "url": "https://stuebinm.eu/git/forks/uplcg"
+ },
+ "branch": "main",
+ "revision": "b61c0b191578d6ed39a6038cca7b436764a1f9f1",
+ "url": null,
+ "hash": "0675z5gvw0chx3hrr7bpiqxiwcykxhgw8qws17yazi071i8jgl29"
+ },
+ "walint": {
+ "type": "Git",
+ "repository": {
+ "type": "Git",
+ "url": "https://stuebinm.eu/git/walint"
+ },
+ "branch": "playground",
+ "revision": "6b71528e72458bcb5e0a0089033b9367c887967f",
+ "url": null,
+ "hash": "1lx92iw228x3m35nk11zp3v1jc03rd8yqcymxidk09s8lrrsyynz"
+ }
+ },
+ "version": 3
+} \ No newline at end of file
diff --git a/pkgs/default.nix b/pkgs/default.nix
new file mode 100644
index 0000000..d028af2
--- /dev/null
+++ b/pkgs/default.nix
@@ -0,0 +1,11 @@
+{ nixpkgs ? (import ./../inputs.nix {}).nixpkgs }:
+
+{
+ inherit (nixpkgs)
+ galmon-core galmon-full almanac rustex
+ kijetesantakaluotokieni showrt isabelle-utils isabat
+ travelynx crs-tracker crs-php bahnhof-name matrix-to
+ hikari_unstable heartwood radicle-interface radicle-tui
+ inweb nomsring bookwyrm mollysocket git-annex-remote-remarkable2
+ ntfy-matrix-bot transport_validator;
+}
diff --git a/pkgs/overlay.nix b/pkgs/overlay.nix
index 4d1d55d..f7e4c5f 100644
--- a/pkgs/overlay.nix
+++ b/pkgs/overlay.nix
@@ -1,8 +1,9 @@
-{ inputs, ... }:
+{ inputs ? import ../inputs.nix }:
+
self: super:
let
- unstable = inputs.nixpkgs-unstable.legacyPackages.${self.system};
+ unstable = inputs.nixpkgs-unstable;
crs-tools = self.callPackage ./crs-tools.nix {};
rustPlatform = self.makeRustPlatform {
cargo = self.rust-bin.stable.latest.minimal;
@@ -55,7 +56,7 @@ in
almanac = self.rustPlatform.buildRustPackage rec {
pname = "almanac";
version = "git";
- src = inputs.almanac.outPath;
+ src = inputs.almanac;
cargoLock.lockFile = "${src}/Cargo.lock";
};
diff --git a/tests/default.nix b/tests/default.nix
new file mode 100644
index 0000000..5c165db
--- /dev/null
+++ b/tests/default.nix
@@ -0,0 +1,6 @@
+{ nixpkgs ? (import ../inputs.nix { }).nixpkgs }:
+
+{
+ bookwyrm = nixpkgs.nixosTest ./bookwyrm.nix;
+ travelynx = nixpkgs.nixosTest ./travelynx.nix;
+}