From 92f83235e019826fa2d6b8c5f3b1fbbc2c144eeb Mon Sep 17 00:00:00 2001 From: monologiq Date: Thu, 25 Dec 2025 10:28:27 +0100 Subject: [PATCH] WIP --- flake.nix | 290 +++++++++++------- home.nix | 72 +++++ lib/default.nix | 31 +- machines/hermes/default.nix | 13 - machines/{hermes.nix => hermes/system.nix} | 5 - .../{persephone.nix => persephone/system.nix} | 6 +- modules/machine.nix | 73 +++++ .../desktop.nix} | 4 + .../{desktop.linux.nix => linux/desktop.nix} | 7 +- .../{minimal.linux.nix => linux/minimal.nix} | 40 +-- 10 files changed, 382 insertions(+), 159 deletions(-) create mode 100644 home.nix delete mode 100644 machines/hermes/default.nix rename machines/{hermes.nix => hermes/system.nix} (72%) rename machines/{persephone.nix => persephone/system.nix} (97%) create mode 100644 modules/machine.nix rename profiles/{desktop.darwin.nix => darwin/desktop.nix} (90%) rename profiles/{desktop.linux.nix => linux/desktop.nix} (96%) rename profiles/{minimal.linux.nix => linux/minimal.nix} (65%) diff --git a/flake.nix b/flake.nix index 781469b..d0c2a32 100644 --- a/flake.nix +++ b/flake.nix @@ -1,129 +1,176 @@ { - inputs = { - nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-25.11"; - - nix-darwin.url = "github:nix-darwin/nix-darwin?ref=nix-darwin-25.11"; - nix-darwin.inputs.nixpkgs.follows = "nixpkgs"; - - home-manager.url = "github:nix-community/home-manager?ref=release-25.11"; - home-manager.inputs.nixpkgs.follows = "nixpkgs"; - - lanzaboote.url = "github:nix-community/lanzaboote?ref=master"; - lanzaboote.inputs.nixpkgs.follows = "nixpkgs"; - }; - outputs = { self, nixpkgs, ... }@inputs: let - supportedSystems = [ - "x86_64-linux" - "aarch64-darwin" - ]; + lib = import ./lib { inherit nixpkgs; }; - lib = import ./lib { inherit (inputs.nixpkgs) lib; }; - pkgsFor = - system: - import inputs.nixpkgs { - inherit system; - config.allowUnfree = true; + inherit (lib) forEachSupportedSystem pkgsFor; + + systems = + let + inherit (inputs) + home-manager + lanzaboote + nix-darwin + nixpkgs + ; + inherit (nixpkgs.lib) + flatten + hasSuffix + mkAliasOptionModule + strings + ; + + systemFn = + system: + if hasSuffix "darwin" system then + nix-darwin.lib.darwinSystem + else if hasSuffix "linux" system then + nixpkgs.lib.nixosSystem + else + throw "System: ${system} not supported."; + + homeModule = + system: + if hasSuffix "darwin" system then + home-manager.darwinModules.home-manager + else if hasSuffix "linux" system then + home-manager.nixosModules.home-manager + else + throw "System: ${system} not supported."; + + in + { + mkSystem = + system: + { + profile ? "minimal", + machine ? { }, + modules ? [ ], + specialArgs ? { }, + }: + systemFn system { + inherit specialArgs; + + modules = flatten ( + modules + ++ [ + ( + if hasSuffix "darwin" system then + home-manager.darwinModules.home-manager + else if hasSuffix "linux" system then + [ + home-manager.nixosModules.home-manager + lanzaboote.nixosModules.lanzaboote + ] + else + throw "System: ${system} not supported." + ) + + ./modules/machine.nix + ./profiles/${strings.concatStrings (lib.drop 1 (strings.splitString "-" system))}/${profile}.nix + ./machines/${machine.hostName}/system.nix + { + imports = [ + (mkAliasOptionModule + [ "hm" ] + [ + "home-manager" + "users" + "${machine.mainUser}" + ] + ) + ]; + + config = { + machine = machine; + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + } + // lib.optionalAttrs (lib.hasSuffix "linux" system) { + hm.home.homeDirectory = "/home/${machine.mainUser}"; + } + // lib.optionalAttrs (lib.hasSuffix "darwin" system) { + users.users.${machine.mainUser}.home = "/Users/pml"; + nixpkgs.config.allowUnfreePredicate = + pkg: + builtins.elem (lib.getName pkg) [ + "obsidian" + ]; + }; + } + ] + ); + }; }; - forEachSupportedSystem = - f: - inputs.nixpkgs.lib.genAttrs supportedSystems ( - system: - f { - inherit system; - pkgs = pkgsFor system; - } - ); + mkDarwinSystem = + { + modules ? [ ], + machine, + specialArgs ? { }, + system ? { }, + home ? { }, + }: + inputs.nix-darwin.lib.darwinSystem { + specialArgs = specialArgs // { + inherit inputs; + }; + modules = [ + { system.configurationRevision = self.rev or self.dirtyRev or null; } + inputs.home-manager.darwinModules.home-manager + ./modules/machine.nix + ./machines/${machine.hostName}/system.nix + { config.machine = machine; } + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + environment.etc = { + "1password" = { + target = "1password/custom_allowed_browsers"; + enable = true; + text = '' + firefox + brave + ''; + # mode = "0755"; + }; + }; + } + ( + { config, ... }: + { + users.users.pml.home = "/Users/pml"; + hm.home.username = "pml"; + } + ) + ] + ++ modules; + }; in { - nixosConfigurations."persephone" = nixpkgs.lib.nixosSystem { - modules = [ - inputs.lanzaboote.nixosModules.lanzaboote - inputs.home-manager.nixosModules.home-manager - ( - { config, lib, ... }: - { - imports = [ - (lib.mkAliasOptionModule [ "hm" ] [ "home-manager" "users" "${config.machine.mainUser}" ]) - ]; - } - ) - - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - hm.programs.bat.enable = true; - hm.home.stateVersion = "25.11"; - } - - ./machines/persephone.nix - ( - { lib, ... }: - { - options.machine = { - fs = { - bootUUID = lib.mkOption { - type = lib.types.str; - description = "The UUID of the XBOOTLDR partition."; - default = "9c2d7380-571d-4bc5-9ad2-e4888ce351be"; - }; - efiUUID = lib.mkOption { - type = lib.types.str; - description = "The UUID of the ESP."; - default = "71E7-7A63"; - }; - luuksUUID = lib.mkOption { - type = lib.types.str; - description = "The UUID of the encrypted root partition."; - default = "b0ace3a0-64f0-461e-a604-7f6788384d12"; - }; - cryptrootUUID = lib.mkOption { - type = lib.types.str; - description = "The UUID of the decrypted root partition."; - default = "769362f6-43d4-4b83-a12c-d006c9bd6613"; - }; - }; - mainUser = lib.mkOption { - type = lib.types.str; - description = "The main user of the machine"; - default = "pml"; - }; - hostName = lib.mkOption { - type = lib.types.str; - description = "The name of the machine"; - default = "persephone"; - }; - }; - } - ) - ]; + nixosConfigurations."persephone" = systems.mkSystem "x86_64-linux" { + profile = "desktop"; + machine = { + hostName = "persephone"; + mainUser = "pml"; + filesystem.uuid = { + boot = "cb03cf78-715e-4030-ba82-189ff8897eaf"; + esp = "4E4C-1139"; + luks = "0cf52ea1-16d1-4dec-a69a-bdac82bbcf25"; + cryptroot = "6fb9ce3c-c870-4eb7-8199-6536ff898701"; + }; + }; + modules = [ ./home.nix ]; }; - darwinConfigurations."hermes" = inputs.nix-darwin.lib.darwinSystem { - modules = [ - { system.configurationRevision = self.rev or self.dirtyRev or null; } - ./machines/hermes.nix - ( - { lib, ... }: - { - options.machine = { - mainUser = lib.mkOption { - type = lib.types.str; - description = "The main user of the machine"; - default = "pml"; - }; - hostName = lib.mkOption { - type = lib.types.str; - description = "The name of the machine"; - default = "hermes"; - }; - }; - } - ) - ]; + darwinConfigurations."hermes" = systems.mkSystem "aarch64-darwin" { + profile = "desktop"; + machine = { + hostName = "hermes"; + mainUser = "pml"; + }; + modules = [ ./home.nix ]; }; devShells = forEachSupportedSystem ( @@ -140,4 +187,17 @@ formatter = forEachSupportedSystem ({ pkgs, ... }: pkgs.nixfmt-rfc-style); }; + + inputs = { + nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-25.11"; + + nix-darwin.url = "github:nix-darwin/nix-darwin?ref=nix-darwin-25.11"; + nix-darwin.inputs.nixpkgs.follows = "nixpkgs"; + + home-manager.url = "github:nix-community/home-manager?ref=release-25.11"; + home-manager.inputs.nixpkgs.follows = "nixpkgs"; + + lanzaboote.url = "github:nix-community/lanzaboote?ref=master"; + lanzaboote.inputs.nixpkgs.follows = "nixpkgs"; + }; } diff --git a/home.nix b/home.nix new file mode 100644 index 0000000..aec4995 --- /dev/null +++ b/home.nix @@ -0,0 +1,72 @@ +{ + config, + lib, + pkgs, + ... +}: +let + inherit (lib) mkIf; +in +{ + hm = { + programs.alacritty = { + enable = true; + }; + + programs.brave = { + enable = pkgs.stdenv.hostPlatform.isLinux; + }; + programs.direnv = { + enable = true; + enableZshIntegration = true; + }; + + programs.firefox.enable = true; + programs.fuzzel.enable = pkgs.stdenv.hostPlatform.isLinux; + + programs.git = { + enable = true; + settings = { + user = { + name = "monologiq"; + email = "git@pmlogue.me"; + }; + }; + }; + + programs.mpv.enable = true; + + programs.obsidian = { + enable = true; + + defaultSettings = { + appearance = { + theme = "native"; + }; + }; + + vaults."Notes" = { + enable = true; + target = "Documents/Notes"; + }; + }; + programs.rtorrent.enable = true; + + programs.vscode = { + enable = true; + package = pkgs.vscodium; + profiles.default.extensions = with pkgs.vscode-extensions; [ + jnoortheen.nix-ide + mkhl.direnv + yzhang.markdown-all-in-one + ]; + }; + + programs.zsh = { + enable = config.programs.zsh.enable; + enableCompletion = true; + }; + + home.stateVersion = "25.11"; + }; +} diff --git a/lib/default.nix b/lib/default.nix index 408b164..5168942 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -1,4 +1,33 @@ -{ lib, ... }: { + nixpkgs, + supportedSystems ? [ + "x86_64-linux" + "aarch64-darwin" + ], + ... +}: +let + inherit (nixpkgs.lib) genAttrs; + + forEachSupportedSystem = + f: + genAttrs supportedSystems ( + system: + f { + inherit system; + pkgs = pkgsFor system; + } + ); + pkgsFor = + system: + import nixpkgs { + inherit system; + config.allowUnfree = true; + }; + +in +nixpkgs.lib +// { + inherit forEachSupportedSystem pkgsFor; } diff --git a/machines/hermes/default.nix b/machines/hermes/default.nix deleted file mode 100644 index 918d775..0000000 --- a/machines/hermes/default.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ self, pkgs, ... }: - -{ - environment.systemPackages = [ - pkgs.vim - ]; - - nix.settings.experimental-features = "nix-command flakes"; - - system.stateVersion = 6; - - nixpkgs.hostPlatform = "aarch64-darwin"; -} diff --git a/machines/hermes.nix b/machines/hermes/system.nix similarity index 72% rename from machines/hermes.nix rename to machines/hermes/system.nix index 7290392..7a20466 100644 --- a/machines/hermes.nix +++ b/machines/hermes/system.nix @@ -1,11 +1,6 @@ { config, pkgs, ... }: { - imports = [ - ../profiles/minimal.nix - ../profiles/desktop.darwin.nix - ]; - environment.darwinConfig = "/Users/${config.system.primaryUser}/Development/systems"; system.primaryUser = "pml"; diff --git a/machines/persephone.nix b/machines/persephone/system.nix similarity index 97% rename from machines/persephone.nix rename to machines/persephone/system.nix index 4a1dd15..366ce52 100644 --- a/machines/persephone.nix +++ b/machines/persephone/system.nix @@ -6,11 +6,6 @@ }: { - imports = [ - ../profiles/minimal.linux.nix - ../profiles/desktop.linux.nix - ]; - boot = { blacklistedKernelModules = [ "spd5118" @@ -133,6 +128,7 @@ "1password-cli" "nvidia-x11" "nvidia-settings" + "obsidian" ]; programs._1password.enable = true; diff --git a/modules/machine.nix b/modules/machine.nix new file mode 100644 index 0000000..12e9e32 --- /dev/null +++ b/modules/machine.nix @@ -0,0 +1,73 @@ +{ + config, + lib, + pkgs, + ... +}: +let + inherit (lib) + mkAliasOptionModule + mkOption + types + ; +in +{ + options.machine = { + mainUser = mkOption { + type = types.str; + description = "The main user of the machine"; + }; + + hostName = mkOption { + type = types.str; + description = "The name of the machine"; + }; + + filesystem.uuid = { + boot = mkOption { + type = types.nullOr types.str; + description = "The UUID of the XBOOTLDR partition."; + default = null; + }; + + esp = mkOption { + type = types.nullOr types.str; + description = "The UUID of the ESP."; + default = null; + }; + + luks = mkOption { + type = types.nullOr types.str; + description = "The UUID of the encrypted root partition."; + default = null; + }; + + cryptroot = mkOption { + type = types.nullOr types.str; + description = "The UUID of the decrypted root partition."; + default = null; + }; + }; + }; + + config = lib.mkIf pkgs.stdenv.hostPlatform.isLinux { + assertions = [ + { + assertion = config.machine.filesystem.uuid.boot != null; + message = "machine.filesystem.uuid.boot must be set on Linux systems"; + } + { + assertion = config.machine.filesystem.uuid.esp != null; + message = "machine.filesystem.uuid.esp must be set on Linux systems"; + } + { + assertion = config.machine.filesystem.uuid.luks != null; + message = "machine.filesystem.uuid.luks must be set on Linux systems"; + } + { + assertion = config.machine.filesystem.uuid.cryptroot != null; + message = "machine.filesystem.cryptroot.esp must be set on Linux systems"; + } + ]; + }; +} diff --git a/profiles/desktop.darwin.nix b/profiles/darwin/desktop.nix similarity index 90% rename from profiles/desktop.darwin.nix rename to profiles/darwin/desktop.nix index d273bd0..49fe369 100644 --- a/profiles/desktop.darwin.nix +++ b/profiles/darwin/desktop.nix @@ -1,6 +1,10 @@ { ... }: { + imports = [ + ../minimal.nix + ]; + homebrew = { enable = true; diff --git a/profiles/desktop.linux.nix b/profiles/linux/desktop.nix similarity index 96% rename from profiles/desktop.linux.nix rename to profiles/linux/desktop.nix index 1e4d046..33e9aed 100644 --- a/profiles/desktop.linux.nix +++ b/profiles/linux/desktop.nix @@ -8,6 +8,10 @@ let inherit (lib) mkForce mkIf; in { + imports = [ + ./minimal.nix + ]; + environment = { sessionVariables = { NIXOS_OZONE_WL = "1"; @@ -18,6 +22,7 @@ in ddcutil gsettings-desktop-schemas libva-utils + loupe sbctl vdpauinfo ]; @@ -140,7 +145,7 @@ in mkIf (config.services.hardware.openrgb.startupProfile == "off") '' mkdir -p /var/lib/OpenRGB - cp ${../config/openrgb/off.orp} /var/lib/OpenRGB/off.orp + cp ${../../config/openrgb/off.orp} /var/lib/OpenRGB/off.orp chmod 0644 /var/lib/OpenRGB/off.orp ''; } diff --git a/profiles/minimal.linux.nix b/profiles/linux/minimal.nix similarity index 65% rename from profiles/minimal.linux.nix rename to profiles/linux/minimal.nix index 13a9ac9..08797cb 100644 --- a/profiles/minimal.linux.nix +++ b/profiles/linux/minimal.nix @@ -8,21 +8,23 @@ let inherit (lib) mkDefault; - bootUUID = config.machine.fs.bootUUID; - efiUUID = config.machine.fs.efiUUID; - luuksUUID = config.machine.fs.luuksUUID; - cryptrootUUID = config.machine.fs.cryptrootUUID; + inherit (config.machine.filesystem.uuid) + boot + esp + luks + cryptroot + ; in { imports = [ (modulesPath + "/installer/scan/not-detected.nix") - ./minimal.nix + ../minimal.nix ]; boot.bootspec.enable = true; boot.initrd = { kernelModules = [ ]; - luks.devices."cryptroot".device = "/dev/disk/by-uuid/${luuksUUID}"; + luks.devices."cryptroot".device = "/dev/disk/by-uuid/${luks}"; systemd.enable = true; }; @@ -47,12 +49,12 @@ in }; fileSystems."/boot" = { - device = "/dev/disk/by-uuid/${bootUUID}"; + device = "/dev/disk/by-uuid/${boot}"; fsType = "ext4"; }; fileSystems."/efi" = { - device = "/dev/disk/by-uuid/${efiUUID}"; + device = "/dev/disk/by-uuid/${esp}"; fsType = "vfat"; options = [ "fmask=0137" @@ -61,55 +63,55 @@ in }; fileSystems."/" = { - device = "/dev/disk/by-uuid/${cryptrootUUID}"; + device = "/dev/disk/by-uuid/${cryptroot}"; fsType = "btrfs"; options = [ "subvol=@root" ]; }; fileSystems."/home" = { - device = "/dev/disk/by-uuid/${cryptrootUUID}"; + device = "/dev/disk/by-uuid/${cryptroot}"; fsType = "btrfs"; options = [ "subvol=@home" ]; }; fileSystems."/nix" = { - device = "/dev/disk/by-uuid/${cryptrootUUID}"; + device = "/dev/disk/by-uuid/${cryptroot}"; fsType = "btrfs"; options = [ "subvol=@nix" ]; }; fileSystems."/var/cache" = { - device = "/dev/disk/by-uuid/${cryptrootUUID}"; + device = "/dev/disk/by-uuid/${cryptroot}"; fsType = "btrfs"; options = [ "subvol=@var_cache" ]; }; fileSystems."/var/log" = { - device = "/dev/disk/by-uuid/${cryptrootUUID}"; + device = "/dev/disk/by-uuid/${cryptroot}"; fsType = "btrfs"; options = [ "subvol=@var_log" ]; }; fileSystems."/var/spool" = { - device = "/dev/disk/by-uuid/${cryptrootUUID}"; + device = "/dev/disk/by-uuid/${cryptroot}"; fsType = "btrfs"; options = [ "subvol=@var_spool" ]; }; fileSystems."/var/tmp" = { - device = "/dev/disk/by-uuid/${cryptrootUUID}"; + device = "/dev/disk/by-uuid/${cryptroot}"; fsType = "btrfs"; options = [ "subvol=@var_tmp" ]; }; fileSystems."/var/lib/machines" = { - device = "/dev/disk/by-uuid/${cryptrootUUID}"; + device = "/dev/disk/by-uuid/${cryptroot}"; fsType = "btrfs"; options = [ "subvol=@var_lib_machines" ]; }; fileSystems."/var/lib/portables" = { - device = "/dev/disk/by-uuid/${cryptrootUUID}"; + device = "/dev/disk/by-uuid/${cryptroot}"; fsType = "btrfs"; options = [ "subvol=@var_lib_portables" ]; }; @@ -121,7 +123,7 @@ in swapDevices = [ ]; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.intel.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + nixpkgs.hostPlatform = mkDefault "x86_64-linux"; }