{ description = "NixOS configuration with flakes"; outputs = { self, flake-utils, flake-compat, home-manager , nixpkgs-nixos-unstable, nixpkgs-master, nixpkgs-stable, darwin , nixos-hardware, nur, sops, nil, helix }@inputs: let mkServer = pkgs: system: hostname: pkgs.lib.nixosSystem { inherit system; modules = [ (./. + "/nixos/boxes/${hostname}") (import ./nixos/server-common.nix) sops.nixosModules.sops ]; specialArgs = { inherit inputs; }; }; mkRaspi = pkgs: hostname: pkgs.lib.nixosSystem { system = "aarch64-linux"; modules = [ (./. + "/nixos/boxes/${hostname}") ]; specialArgs = { inherit inputs; }; }; mkKiosk = pkgs: system: hostname: pkgs.lib.nixosSystem { inherit system; modules = [ (./. + "/nixos/boxes/${hostname}") sops.nixosModules.sops home-manager.nixosModules.home-manager { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.users.cyryl = { imports = [ ./nixos/home-manager ./nixos/home-manager/linux.nix ]; _module.args.inputs = inputs; _module.args.system = system; }; } ]; specialArgs = { inherit inputs system; }; }; mkWorkstation = pkgs: system: hostname: pkgs.lib.nixosSystem { inherit system; modules = [ (./. + "/nixos/boxes/${hostname}") (import ./nixos/email-accounts.nix) (import ./nixos/common.nix) sops.nixosModules.sops home-manager.nixosModules.home-manager { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.users.cyryl = { imports = [ ./nixos/home-manager ./nixos/home-manager/linux.nix ]; _module.args.inputs = inputs; _module.args.system = system; }; } ]; specialArgs = { inherit inputs system; nixpkgs-nixos-stable-and-unfree = import nixpkgs-stable { inherit system; config = { allowUnfree = true; }; }; nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable { inherit system; config = { allowUnfree = true; }; }; }; }; mkShell = packageSet: system: let pkgs = packageSet.legacyPackages.${system}; in pkgs.mkShell { packages = with pkgs; [ cacert git git-lfs nixpkgs-fmt openssh openssl pkg-config statix ]; }; in { devShells = { "x86_64-darwin".default = mkShell nixpkgs-stable "x86_64-darwin"; "x86_64-linux".default = mkShell nixpkgs-stable "x86_64-linux"; }; darwinConfigurations = { "FORM3-CYRYLPLOTN" = darwin.lib.darwinSystem rec { system = "x86_64-darwin"; modules = [ (./. + "/nixos/boxes/form3") home-manager.darwinModules.home-manager { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.users.cyryl = { imports = [ ./nixos/home-manager ]; _module.args.inputs = inputs; _module.args.system = system; }; } ]; }; }; nixosConfigurations = { foureighty = mkWorkstation nixpkgs-stable "x86_64-linux" "foureighty"; skinnyv = mkWorkstation nixpkgs-stable "x86_64-linux" "skinnyv"; thinky = mkWorkstation nixpkgs-stable "x86_64-linux" "thinky"; bolty = mkServer nixpkgs-stable "x86_64-linux" "bolty"; vpsfree1 = mkServer nixpkgs-stable "x86_64-linux" "vpsfree1"; yoga = mkKiosk nixpkgs-stable "x86_64-linux" "yoga"; homescreen = mkRaspi nixpkgs-stable "homescreen"; bootstrap = nixpkgs-stable.lib.nixosSystem rec { system = "x86_64-linux"; modules = [ (./. + "/nixos/boxes/bootstrap") sops.nixosModules.sops ]; specialArgs = { inherit inputs system; nixpkgs-nixos-unstable-and-unfree = import nixpkgs-nixos-unstable { inherit system; config = { allowUnfree = true; }; }; }; }; # nix build .#nixosConfigurations.raspiimage.config.system.build.sdImage # sudo dd if=result/sd-image/nixos-sd-image-21.11.20211201.a640d83-aarch64-linux.img of=/dev/sda bs=4M conv=fsync status=progress # make sure to update eeprom https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4#Board-specific_installation_notes raspiimage = nixpkgs-stable.lib.nixosSystem { system = "aarch64-linux"; modules = [ (import "${inputs.nixpkgs-nixos-unstable}/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix") { environment.systemPackages = with nixpkgs-nixos-unstable.legacyPackages."aarch64-linux"; [ neovim htop btop atop ]; networking.networkmanager.enable = false; hardware.enableRedistributableFirmware = true; networking.wireless.enable = true; services.openssh = { enable = true; permitRootLogin = nixpkgs-stable.lib.mkForce "prohibit-password"; passwordAuthentication = false; }; services.xserver = { enable = true; displayManager.lightdm.enable = true; desktopManager.gnome.enable = true; libinput.enable = true; }; users.extraUsers.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty" ]; sdImage.compressImage = false; console.earlySetup = true; } ]; specialArgs = { inherit inputs; }; }; }; }; inputs = { nixpkgs-master = { type = "github"; owner = "NixOS"; repo = "nixpkgs"; ref = "master"; }; nixpkgs-nixos-unstable = { type = "github"; owner = "NixOS"; repo = "nixpkgs"; ref = "nixos-unstable"; }; nixpkgs-stable = { type = "github"; owner = "NixOS"; repo = "nixpkgs"; ref = "nixos-22.11"; }; nixos-hardware = { type = "github"; owner = "NixOS"; repo = "nixos-hardware"; ref = "master"; }; darwin = { url = "github:lnl7/nix-darwin/master"; inputs.nixpkgs.follows = "nixpkgs-stable"; }; home-manager = { type = "github"; owner = "nix-community"; repo = "home-manager"; ref = "release-22.11"; inputs.nixpkgs.follows = "nixpkgs-stable"; }; flake-utils = { type = "github"; owner = "numtide"; repo = "flake-utils"; ref = "master"; }; nur = { type = "github"; owner = "nix-community"; repo = "NUR"; ref = "master"; }; nil = { type = "github"; owner = "oxalica"; repo = "nil"; ref = "main"; inputs.nixpkgs.follows = "nixpkgs-nixos-unstable"; inputs.flake-utils.follows = "flake-utils"; }; helix = { type = "github"; owner = "helix-editor"; repo = "helix"; ref = "22.12"; inputs.nixpkgs.follows = "nixpkgs-nixos-unstable"; }; sops = { type = "github"; owner = "Mic92"; repo = "sops-nix"; ref = "master"; inputs.nixpkgs.follows = "nixpkgs-stable"; }; flake-compat = { url = "github:edolstra/flake-compat"; flake = false; }; }; }