monologiq/systems
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

WIP

Browse source
This commit is contained in:
monologiq 2025-12-25 10:28:27 +01:00
parent e06b409221
commit 92f83235e0
10 changed files with 382 additions and 159 deletions
Download patch file Download diff file Expand all files Collapse all files

290
flake.nix
View file

@ -1,129 +1,176 @@
{ {
inputs = {
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-25.11";
nix-darwin.url = "github:nix-darwin/nix-darwin?ref=nix-darwin-25.11";
nix-darwin.inputs.nixpkgs.follows = "nixpkgs";
home-manager.url = "github:nix-community/home-manager?ref=release-25.11";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
lanzaboote.url = "github:nix-community/lanzaboote?ref=master";
lanzaboote.inputs.nixpkgs.follows = "nixpkgs";
};
outputs = outputs =
{ self, nixpkgs, ... }@inputs: { self, nixpkgs, ... }@inputs:
let let
supportedSystems = [ lib = import ./lib { inherit nixpkgs; };
"x86_64-linux"
"aarch64-darwin"
];
lib = import ./lib { inherit (inputs.nixpkgs) lib; }; inherit (lib) forEachSupportedSystem pkgsFor;
pkgsFor =
system: systems =
import inputs.nixpkgs { let
inherit system; inherit (inputs)
config.allowUnfree = true; home-manager
lanzaboote
nix-darwin
nixpkgs
;
inherit (nixpkgs.lib)
flatten
hasSuffix
mkAliasOptionModule
strings
;
systemFn =
system:
if hasSuffix "darwin" system then
nix-darwin.lib.darwinSystem
else if hasSuffix "linux" system then
nixpkgs.lib.nixosSystem
else
throw "System: ${system} not supported.";
homeModule =
system:
if hasSuffix "darwin" system then
home-manager.darwinModules.home-manager
else if hasSuffix "linux" system then
home-manager.nixosModules.home-manager
else
throw "System: ${system} not supported.";
in
{
mkSystem =
system:
{
profile ? "minimal",
machine ? { },
modules ? [ ],
specialArgs ? { },
}:
systemFn system {
inherit specialArgs;
modules = flatten (
modules
++ [
(
if hasSuffix "darwin" system then
home-manager.darwinModules.home-manager
else if hasSuffix "linux" system then
[
home-manager.nixosModules.home-manager
lanzaboote.nixosModules.lanzaboote
]
else
throw "System: ${system} not supported."
)
./modules/machine.nix
./profiles/${strings.concatStrings (lib.drop 1 (strings.splitString "-" system))}/${profile}.nix
./machines/${machine.hostName}/system.nix
{
imports = [
(mkAliasOptionModule
[ "hm" ]
[
"home-manager"
"users"
"${machine.mainUser}"
]
)
];
config = {
machine = machine;
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
}
// lib.optionalAttrs (lib.hasSuffix "linux" system) {
hm.home.homeDirectory = "/home/${machine.mainUser}";
}
// lib.optionalAttrs (lib.hasSuffix "darwin" system) {
users.users.${machine.mainUser}.home = "/Users/pml";
nixpkgs.config.allowUnfreePredicate =
pkg:
builtins.elem (lib.getName pkg) [
"obsidian"
];
};
}
]
);
};
}; };
forEachSupportedSystem = mkDarwinSystem =
f: {
inputs.nixpkgs.lib.genAttrs supportedSystems ( modules ? [ ],
system: machine,
f { specialArgs ? { },
inherit system; system ? { },
pkgs = pkgsFor system; home ? { },
} }:
); inputs.nix-darwin.lib.darwinSystem {
specialArgs = specialArgs // {
inherit inputs;
};
modules = [
{ system.configurationRevision = self.rev or self.dirtyRev or null; }
inputs.home-manager.darwinModules.home-manager
./modules/machine.nix
./machines/${machine.hostName}/system.nix
{ config.machine = machine; }
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
environment.etc = {
"1password" = {
target = "1password/custom_allowed_browsers";
enable = true;
text = ''
firefox
brave
'';
# mode = "0755";
};
};
}
(
{ config, ... }:
{
users.users.pml.home = "/Users/pml";
hm.home.username = "pml";
}
)
]
++ modules;
};
in in
{ {
nixosConfigurations."persephone" = nixpkgs.lib.nixosSystem { nixosConfigurations."persephone" = systems.mkSystem "x86_64-linux" {
modules = [ profile = "desktop";
inputs.lanzaboote.nixosModules.lanzaboote machine = {
inputs.home-manager.nixosModules.home-manager hostName = "persephone";
( mainUser = "pml";
{ config, lib, ... }: filesystem.uuid = {
{ boot = "cb03cf78-715e-4030-ba82-189ff8897eaf";
imports = [ esp = "4E4C-1139";
(lib.mkAliasOptionModule [ "hm" ] [ "home-manager" "users" "${config.machine.mainUser}" ]) luks = "0cf52ea1-16d1-4dec-a69a-bdac82bbcf25";
]; cryptroot = "6fb9ce3c-c870-4eb7-8199-6536ff898701";
} };
) };
modules = [ ./home.nix ];
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
hm.programs.bat.enable = true;
hm.home.stateVersion = "25.11";
}
./machines/persephone.nix
(
{ lib, ... }:
{
options.machine = {
fs = {
bootUUID = lib.mkOption {
type = lib.types.str;
description = "The UUID of the XBOOTLDR partition.";
default = "9c2d7380-571d-4bc5-9ad2-e4888ce351be";
};
efiUUID = lib.mkOption {
type = lib.types.str;
description = "The UUID of the ESP.";
default = "71E7-7A63";
};
luuksUUID = lib.mkOption {
type = lib.types.str;
description = "The UUID of the encrypted root partition.";
default = "b0ace3a0-64f0-461e-a604-7f6788384d12";
};
cryptrootUUID = lib.mkOption {
type = lib.types.str;
description = "The UUID of the decrypted root partition.";
default = "769362f6-43d4-4b83-a12c-d006c9bd6613";
};
};
mainUser = lib.mkOption {
type = lib.types.str;
description = "The main user of the machine";
default = "pml";
};
hostName = lib.mkOption {
type = lib.types.str;
description = "The name of the machine";
default = "persephone";
};
};
}
)
];
}; };
darwinConfigurations."hermes" = inputs.nix-darwin.lib.darwinSystem { darwinConfigurations."hermes" = systems.mkSystem "aarch64-darwin" {
modules = [ profile = "desktop";
{ system.configurationRevision = self.rev or self.dirtyRev or null; } machine = {
./machines/hermes.nix hostName = "hermes";
( mainUser = "pml";
{ lib, ... }: };
{ modules = [ ./home.nix ];
options.machine = {
mainUser = lib.mkOption {
type = lib.types.str;
description = "The main user of the machine";
default = "pml";
};
hostName = lib.mkOption {
type = lib.types.str;
description = "The name of the machine";
default = "hermes";
};
};
}
)
];
}; };
devShells = forEachSupportedSystem ( devShells = forEachSupportedSystem (
@ -140,4 +187,17 @@
formatter = forEachSupportedSystem ({ pkgs, ... }: pkgs.nixfmt-rfc-style); formatter = forEachSupportedSystem ({ pkgs, ... }: pkgs.nixfmt-rfc-style);
}; };
inputs = {
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-25.11";
nix-darwin.url = "github:nix-darwin/nix-darwin?ref=nix-darwin-25.11";
nix-darwin.inputs.nixpkgs.follows = "nixpkgs";
home-manager.url = "github:nix-community/home-manager?ref=release-25.11";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
lanzaboote.url = "github:nix-community/lanzaboote?ref=master";
lanzaboote.inputs.nixpkgs.follows = "nixpkgs";
};
} }

72
home.nix Normal file
View file

@ -0,0 +1,72 @@
{
config,
lib,
pkgs,
...
}:
let
inherit (lib) mkIf;
in
{
hm = {
programs.alacritty = {
enable = true;
};
programs.brave = {
enable = pkgs.stdenv.hostPlatform.isLinux;
};
programs.direnv = {
enable = true;
enableZshIntegration = true;
};
programs.firefox.enable = true;
programs.fuzzel.enable = pkgs.stdenv.hostPlatform.isLinux;
programs.git = {
enable = true;
settings = {
user = {
name = "monologiq";
email = "git@pmlogue.me";
};
};
};
programs.mpv.enable = true;
programs.obsidian = {
enable = true;
defaultSettings = {
appearance = {
theme = "native";
};
};
vaults."Notes" = {
enable = true;
target = "Documents/Notes";
};
};
programs.rtorrent.enable = true;
programs.vscode = {
enable = true;
package = pkgs.vscodium;
profiles.default.extensions = with pkgs.vscode-extensions; [
jnoortheen.nix-ide
mkhl.direnv
yzhang.markdown-all-in-one
];
};
programs.zsh = {
enable = config.programs.zsh.enable;
enableCompletion = true;
};
home.stateVersion = "25.11";
};
}

31
lib/default.nix
View file

@ -1,4 +1,33 @@
{ lib, ... }:
{ {
nixpkgs,
supportedSystems ? [
"x86_64-linux"
"aarch64-darwin"
],
...
}:
let
inherit (nixpkgs.lib) genAttrs;
forEachSupportedSystem =
f:
genAttrs supportedSystems (
system:
f {
inherit system;
pkgs = pkgsFor system;
}
);
pkgsFor =
system:
import nixpkgs {
inherit system;
config.allowUnfree = true;
};
in
nixpkgs.lib
// {
inherit forEachSupportedSystem pkgsFor;
} }

13
machines/hermes/default.nix
View file

@ -1,13 +0,0 @@
{ self, pkgs, ... }:
{
environment.systemPackages = [
pkgs.vim
];
nix.settings.experimental-features = "nix-command flakes";
system.stateVersion = 6;
nixpkgs.hostPlatform = "aarch64-darwin";
}

5
machines/hermes.nix → machines/hermes/system.nix
View file

@ -1,11 +1,6 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
imports = [
../profiles/minimal.nix
../profiles/desktop.darwin.nix
];
environment.darwinConfig = "/Users/${config.system.primaryUser}/Development/systems"; environment.darwinConfig = "/Users/${config.system.primaryUser}/Development/systems";
system.primaryUser = "pml"; system.primaryUser = "pml";

6
machines/persephone.nix → machines/persephone/system.nix
View file

@ -6,11 +6,6 @@
}: }:
{ {
imports = [
../profiles/minimal.linux.nix
../profiles/desktop.linux.nix
];
boot = { boot = {
blacklistedKernelModules = [ blacklistedKernelModules = [
"spd5118" "spd5118"
@ -133,6 +128,7 @@
"1password-cli" "1password-cli"
"nvidia-x11" "nvidia-x11"
"nvidia-settings" "nvidia-settings"
"obsidian"
]; ];
programs._1password.enable = true; programs._1password.enable = true;

73
modules/machine.nix Normal file
View file

@ -0,0 +1,73 @@
{
config,
lib,
pkgs,
...
}:
let
inherit (lib)
mkAliasOptionModule
mkOption
types
;
in
{
options.machine = {
mainUser = mkOption {
type = types.str;
description = "The main user of the machine";
};
hostName = mkOption {
type = types.str;
description = "The name of the machine";
};
filesystem.uuid = {
boot = mkOption {
type = types.nullOr types.str;
description = "The UUID of the XBOOTLDR partition.";
default = null;
};
esp = mkOption {
type = types.nullOr types.str;
description = "The UUID of the ESP.";
default = null;
};
luks = mkOption {
type = types.nullOr types.str;
description = "The UUID of the encrypted root partition.";
default = null;
};
cryptroot = mkOption {
type = types.nullOr types.str;
description = "The UUID of the decrypted root partition.";
default = null;
};
};
};
config = lib.mkIf pkgs.stdenv.hostPlatform.isLinux {
assertions = [
{
assertion = config.machine.filesystem.uuid.boot != null;
message = "machine.filesystem.uuid.boot must be set on Linux systems";
}
{
assertion = config.machine.filesystem.uuid.esp != null;
message = "machine.filesystem.uuid.esp must be set on Linux systems";
}
{
assertion = config.machine.filesystem.uuid.luks != null;
message = "machine.filesystem.uuid.luks must be set on Linux systems";
}
{
assertion = config.machine.filesystem.uuid.cryptroot != null;
message = "machine.filesystem.cryptroot.esp must be set on Linux systems";
}
];
};
}

4
profiles/desktop.darwin.nix → profiles/darwin/desktop.nix
View file

@ -1,6 +1,10 @@
{ ... }: { ... }:
{ {
imports = [
../minimal.nix
];
homebrew = { homebrew = {
enable = true; enable = true;

7
profiles/desktop.linux.nix → profiles/linux/desktop.nix
View file

@ -8,6 +8,10 @@ let
inherit (lib) mkForce mkIf; inherit (lib) mkForce mkIf;
in in
{ {
imports = [
./minimal.nix
];
environment = { environment = {
sessionVariables = { sessionVariables = {
NIXOS_OZONE_WL = "1"; NIXOS_OZONE_WL = "1";
@ -18,6 +22,7 @@ in
ddcutil ddcutil
gsettings-desktop-schemas gsettings-desktop-schemas
libva-utils libva-utils
loupe
sbctl sbctl
vdpauinfo vdpauinfo
]; ];
@ -140,7 +145,7 @@ in
mkIf (config.services.hardware.openrgb.startupProfile == "off") mkIf (config.services.hardware.openrgb.startupProfile == "off")
'' ''
mkdir -p /var/lib/OpenRGB mkdir -p /var/lib/OpenRGB
cp ${../config/openrgb/off.orp} /var/lib/OpenRGB/off.orp cp ${../../config/openrgb/off.orp} /var/lib/OpenRGB/off.orp
chmod 0644 /var/lib/OpenRGB/off.orp chmod 0644 /var/lib/OpenRGB/off.orp
''; '';
} }

40
profiles/minimal.linux.nix → profiles/linux/minimal.nix
View file

@ -8,21 +8,23 @@
let let
inherit (lib) mkDefault; inherit (lib) mkDefault;
bootUUID = config.machine.fs.bootUUID; inherit (config.machine.filesystem.uuid)
efiUUID = config.machine.fs.efiUUID; boot
luuksUUID = config.machine.fs.luuksUUID; esp
cryptrootUUID = config.machine.fs.cryptrootUUID; luks
cryptroot
;
in in
{ {
imports = [ imports = [
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
./minimal.nix ../minimal.nix
]; ];
boot.bootspec.enable = true; boot.bootspec.enable = true;
boot.initrd = { boot.initrd = {
kernelModules = [ ]; kernelModules = [ ];
luks.devices."cryptroot".device = "/dev/disk/by-uuid/${luuksUUID}"; luks.devices."cryptroot".device = "/dev/disk/by-uuid/${luks}";
systemd.enable = true; systemd.enable = true;
}; };
@ -47,12 +49,12 @@ in
}; };
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/${bootUUID}"; device = "/dev/disk/by-uuid/${boot}";
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/efi" = { fileSystems."/efi" = {
device = "/dev/disk/by-uuid/${efiUUID}"; device = "/dev/disk/by-uuid/${esp}";
fsType = "vfat"; fsType = "vfat";
options = [ options = [
"fmask=0137" "fmask=0137"
@ -61,55 +63,55 @@ in
}; };
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/${cryptrootUUID}"; device = "/dev/disk/by-uuid/${cryptroot}";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@root" ]; options = [ "subvol=@root" ];
}; };
fileSystems."/home" = { fileSystems."/home" = {
device = "/dev/disk/by-uuid/${cryptrootUUID}"; device = "/dev/disk/by-uuid/${cryptroot}";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@home" ]; options = [ "subvol=@home" ];
}; };
fileSystems."/nix" = { fileSystems."/nix" = {
device = "/dev/disk/by-uuid/${cryptrootUUID}"; device = "/dev/disk/by-uuid/${cryptroot}";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@nix" ]; options = [ "subvol=@nix" ];
}; };
fileSystems."/var/cache" = { fileSystems."/var/cache" = {
device = "/dev/disk/by-uuid/${cryptrootUUID}"; device = "/dev/disk/by-uuid/${cryptroot}";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@var_cache" ]; options = [ "subvol=@var_cache" ];
}; };
fileSystems."/var/log" = { fileSystems."/var/log" = {
device = "/dev/disk/by-uuid/${cryptrootUUID}"; device = "/dev/disk/by-uuid/${cryptroot}";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@var_log" ]; options = [ "subvol=@var_log" ];
}; };
fileSystems."/var/spool" = { fileSystems."/var/spool" = {
device = "/dev/disk/by-uuid/${cryptrootUUID}"; device = "/dev/disk/by-uuid/${cryptroot}";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@var_spool" ]; options = [ "subvol=@var_spool" ];
}; };
fileSystems."/var/tmp" = { fileSystems."/var/tmp" = {
device = "/dev/disk/by-uuid/${cryptrootUUID}"; device = "/dev/disk/by-uuid/${cryptroot}";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@var_tmp" ]; options = [ "subvol=@var_tmp" ];
}; };
fileSystems."/var/lib/machines" = { fileSystems."/var/lib/machines" = {
device = "/dev/disk/by-uuid/${cryptrootUUID}"; device = "/dev/disk/by-uuid/${cryptroot}";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@var_lib_machines" ]; options = [ "subvol=@var_lib_machines" ];
}; };
fileSystems."/var/lib/portables" = { fileSystems."/var/lib/portables" = {
device = "/dev/disk/by-uuid/${cryptrootUUID}"; device = "/dev/disk/by-uuid/${cryptroot}";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@var_lib_portables" ]; options = [ "subvol=@var_lib_portables" ];
}; };
@ -121,7 +123,7 @@ in
swapDevices = [ ]; swapDevices = [ ];
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.intel.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = mkDefault "x86_64-linux";
} }