forked from rattboi/dotfiles
/
flake.nix
165 lines (156 loc) · 5.78 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
# This was generated by home-manager running with a flake installation.
{
description = "Nix configuration of logan";
inputs = {
agenix = {
url = "github:ryantm/agenix";
inputs.nixpkgs.follows = "nixpkgs";
};
# https://github.com/oddlama/agenix-rekey
# Allows re-keying and bootstrapping of secrets used by agenix.
agenix-rekey = {
url = "github:LoganBarnett/agenix-rekey/parameterize-generators";
# There is a documented gotcha in the readme if this must change. Review
# agenix-rekey's README for details.
inputs.nixpkgs.follows = "nixpkgs";
};
nix-darwin = {
url = "github:LnL7/nix-darwin/master";
# rev = "72dd60bfc98c128149d84213b17d1b8a68863055";
# Leaving this present breaks things and nix-darwin will not load or
# otherwise will not be present. It is not understood why, even though
# documentation typically recommends this step.
inputs.nixpkgs.follows = "nixpkgs";
};
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
# emacs-overlay = {
# url = "github:nix-community/emacs-overlay/master";
# inputs.nixpkgs.follows = "nixpkgs";
# };
nixos-anywhere = {
url = "github:numtide/nixos-anywhere";
inputs = {
nixpkgs.follows = "nixpkgs";
disko.follows = "disko";
};
};
nixos-hardware = {
url = "github:NixOS/nixos-hardware/master";
# nixos-hardware doesn't actually use nixpkgs.
# inputs.nixpkgs.follows = "nixpkgs";
};
# Specify the source of Home Manager and Nixpkgs.
# nixpkgs.url = "github:nixos/nixpkgs/master";
nixpkgs.url = "github:LoganBarnett/nixpkgs/comfyui-fetch-model-hide-rebase";
# See if we can nix this (get it?!) because
# https://github.com/NixOS/nixpkgs/pull/296249 is now merged with a hopeful
# fix.
# nixpkgs-comfyui.url = "github:LoganBarnett/nixpkgs/comfyui-fetch-mode-hide-rebase";
# nix-doom-emacs.url = "github:nix-community/nix-doom-emacs";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = {
agenix,
agenix-rekey,
nix-darwin,
disko,
# emacs-overlay,
nixpkgs,
nixos-anywhere,
nixos-hardware,
# nixos-generators,
home-manager,
self,
...
}@flake-inputs:
let
aarch64-darwin-system = "aarch64-darwin";
aarch64-darwin-pkgs = import nixpkgs {
system = aarch64-darwin-system;
# Based on observations from running `home-manager switch` I believe
# that this has no effect. At one point it did. This is probably a
# breaking change.
overlays = (import ./overlays/default.nix);
# Some packages are not "free". We need to specifically bless those.
# I had trouble using a real function because the depended functions are
# hard/impossible to reach from this place. It cannot exist later
# because setting nixpkgs.config is ignored if pkgs is set. I found some
# of those functions declared here:
# https://github.com/NixOS/nixpkgs/blob/d84cc41f8babd418c295fcbfbd41a1fd4e2adaec/lib/strings.nix#L699
# This ticket https://github.com/nix-community/home-manager/issues/2954
# talks about the issue directly, but never comes to a workable
# resolution for the allowUnfreePredicate value, which needs "lib" to
# work. I'm not familiar enough with nix's structure to really move
# forward here. What we have now is the equivalent of what's commented
# below:
# config.allowUnfree = true;
config.allowUnfreePredicate = (pkg: true);
# This has been needed to individually bless some older packages, such
# as packages depending upon an older OpenSSL.
config.permittedInsecurePackages = [];
# nixpkgs.legacyPackages.${system};
};
in {
darwinConfigurations."M-CL64PK702X" =
nix-darwin.lib.darwinSystem (import ./hosts/M-CL64PK702X.nix {
inherit flake-inputs;
});
darwinConfigurations."scandium" =
nix-darwin.lib.darwinSystem (import ./hosts/scandium.nix {
inherit flake-inputs;
});
nixosConfigurations.lithium = let
system = "x86_64-linux";
pkgs = import nixpkgs {
inherit system;
overlays = (import ./overlays/default.nix);
specialArgs = {
inherit flake-inputs;
};
};
in
nixpkgs.lib.nixosSystem (import ./hosts/lithium.nix {
diskoProper = disko;
inherit flake-inputs;
});
# Unsure if we need this, but if we do, it serves as a shortcut
# essentially.
packages.x86_64-linux.lithium = self.nixosConfigurations.lithium;
nixosConfigurations.nucleus-installer = (let
pkgs = import nixpkgs {
system = "x86_64-linux";
# _module.args is an idiom for populating the arguments available to
# callPackge, but I don't understand its nuances so it's repeated
# below.
_module.args = {
buildPlatform = "aarch64-linux";
destinationPlatform = "x86_64-linux";
};
};
in
nixpkgs.lib.nixosSystem (import ./hosts/nucleus.nix {
buildPlatform = "aarch64-linux";
destinationHostname = "lithium";
destinationPlatform = "x86_64-linux";
inherit flake-inputs nixpkgs pkgs;
}));
packages.aarch64-darwin.nucleus-installer = self
.nixosConfigurations
.nucleus-installer
.config
.system
.build
.isoImage
;
agenix-rekey = agenix-rekey.configure {
userFlake = self;
nodes = self.nixosConfigurations // self.darwinConfigurations;
};
};
}