{ description = "System config"; inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; flake-utils.url = "github:numtide/flake-utils"; flake-parts = { url = "github:hercules-ci/flake-parts"; }; nixos-hardware.url = "github:NixOS/nixos-hardware"; pre-commit-hooks = { url = "github:cachix/pre-commit-hooks.nix"; inputs.flake-utils.follows = "flake-utils"; inputs.nixpkgs.follows = "nixpkgs"; }; nixinate = { url = "github:MatthewCroughan/nixinate"; inputs.nixpkgs.follows = "nixpkgs"; }; naersk = { url = "github:nix-community/naersk"; inputs.nixpkgs.follows = "nixpkgs"; }; rust-overlay = { url = "github:oxalica/rust-overlay"; inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "flake-utils"; }; microvm = { url = "github:astro/microvm.nix"; inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "flake-utils"; }; sops = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; emacs-overlay = { url = "github:nix-community/emacs-overlay"; inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "flake-utils"; }; nil = { url = "github:oxalica/nil"; inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "flake-utils"; inputs.rust-overlay.follows = "rust-overlay"; }; disko = { url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; }; nomachine = { url = "github:rytec-nl/nixpkgs/submit/add-nomachine-server"; }; ha-now-playing = { url = "git+https://git.datarift.nl/erwin/ha-now-playing.git?ref=main"; inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "flake-utils"; inputs.naersk.follows = "naersk"; inputs.rust-overlay.follows = "rust-overlay"; inputs.pre-commit-hooks.follows = "pre-commit-hooks"; }; pamedia = { url = "git+https://git.datarift.nl/erwin/pamedia-rs.git?ref=main"; inputs.nixpkgs.follows = "nixpkgs"; inputs.utils.follows = "flake-utils"; inputs.naersk.follows = "naersk"; }; sunshine = { url = "git+https://git@git.datarift.nl/erwin/sunshine.git?ref=main"; inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "flake-utils"; }; }; outputs = { self , sops , ha-now-playing , pamedia , nixinate , flake-parts , ... } @ inputs: with inputs; let machines = import ./machines inputs; defSystem = system: baseConfig: deployConfig: nixpkgs.lib.nixosSystem { system = "${system}"; modules = [ { _module.args.inputs = inputs; } { _module.args.self-overlay = self.overlays.default; } ({ ... }: { imports = builtins.attrValues self.nixosModules ++ [ { nix.nixPath = [ "nixpkgs=${nixpkgs}" ]; nixpkgs = let nomachine-pkgs = import nomachine { inherit system; config.allowUnfree = true; }; in { overlays = [ self.overlays.default ha-now-playing.overlays.${system} pamedia.overlays.${system} emacs-overlay.overlay nil.overlays.default (_final: _prev: { nomachine = nomachine-pkgs.nomachine; }) ] ++ nixpkgs.lib.optional (system == "aarch64-linux") (_final: super: { makeModulesClosure = x: super.makeModulesClosure (x // { allowMissing = true; }); }); config = { permittedInsecurePackages = [ # *Exceptionally*, those packages will be cached with their *secure* dependents # because they will reach EOL in the middle of the 23.05 release # and it will be too much painful for our users to recompile them # for no real reason. # Remove them for 23.11. "nodejs-16.20.0" "openssl-1.1.1t" ]; allowUnfree = true; }; }; } baseConfig home-manager.nixosModules.home-manager { home-manager = { useUserPackages = true; useGlobalPkgs = true; }; } ]; system.configurationRevision = nixpkgs.lib.mkIf (self ? rev) self.rev; nix.registry.nixpkgs.flake = nixpkgs; }) sops.nixosModules.sops sunshine.nixosModules.sunshine ] ++ (nixpkgs.lib.optional (deployConfig != null) { _module.args.nixinate = deployConfig; }) ; }; in flake-parts.lib.mkFlake { inherit inputs; } { systems = [ "x86_64-linux" "aarch64-linux" ]; flake = { overlays.default = import ./overlays; nixosModules = builtins.listToAttrs (map (x: { name = x; value = import (./modules + "/${x}"); }) (builtins.attrNames (builtins.readDir ./modules))); nixosConfigurations = builtins.listToAttrs (map (machine: { name = machine; value = defSystem (machines.${machine}.system or "x86_64-linux") { imports = [ machines.${machine}.config ]; } (machines.${machine}.deploy or null); }) (builtins.attrNames machines)); apps = nixinate.nixinate.x86_64-linux self; }; perSystem = { self', pkgs, system, lib, ... }: # let # pkgs = import nixpkgs { # inherit system; # overlays = [ # self.overlays.default # ha-now-playing.overlays.${system} # pamedia.overlays.${system} # ]; # config = { # allowUnsupportedSystem = true; # allowUnfree = true; # }; # }; # # pkgs = nixpkgs.legacyPackages.${system}; # in { packages = { rofi-wayland = pkgs.rofi-wayland; nix-plugins = pkgs.nix-plugins; backscrub = pkgs.backscrub; bl3auto = pkgs.bl3auto; obs-backgroundremoval = pkgs.obs-backgroundremoval; }; checks = { pre-commit-check = pre-commit-hooks.lib.${system}.run { src = ./.; hooks = { nixpkgs-fmt.enable = true; deadnix.enable = true; statix.enable = true; black.enable = true; shellcheck = { enable = true; types_or = [ "executable" ]; }; shfmt.enable = true; }; }; }; devShells.default = with pkgs; mkShell { inherit (self'.checks.pre-commit-check) shellHook; name = "dotfiles"; packages = [ pkgs.sops ssh-to-age age nodejs nodePackages.typescript-language-server nodePackages.yaml-language-server nodePackages.vscode-css-languageserver-bin multimarkdown nix-diff nix-prefetch nix-prefetch-scripts nix-prefetch-github nix-prefetch-docker nix-top nix-tree popsicle terraform terraform-ls taplo just disko.packages.${system}.disko eww-wayland ]; }; devShells.install = with pkgs; mkShell { name = "install"; packages = [ disko.packages.${system}.disko ]; }; formatter = pkgs.nixpkgs-fmt; }; }; }