From c6eac8a549fd9f55d5da908dbe49da9301e264f0 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Thu, 31 Dec 2020 14:26:32 +0100 Subject: Set up template --- .gitignore | 2 ++ accounts/.keep | 0 flake.nix | 94 ++++++++++++++++++++++++++++++++++++++++++++++++ hosts/.keep | 0 modules/.keep | 0 overlays/.keep | 0 pkgs/default.nix | 3 ++ shell.nix | 16 +++++++++ system-profiles/.keep | 0 system-profiles/core.nix | 47 ++++++++++++++++++++++++ user-profiles/.keep | 0 users/.keep | 0 utils/default.nix | 57 +++++++++++++++++++++++++++++ 13 files changed, 219 insertions(+) create mode 100644 .gitignore create mode 100644 accounts/.keep create mode 100644 flake.nix create mode 100644 hosts/.keep create mode 100644 modules/.keep create mode 100644 overlays/.keep create mode 100644 pkgs/default.nix create mode 100644 shell.nix create mode 100644 system-profiles/.keep create mode 100644 system-profiles/core.nix create mode 100644 user-profiles/.keep create mode 100644 users/.keep create mode 100644 utils/default.nix diff --git a/.gitignore b/.gitignore new file mode 100644 index 00000000..f295f429 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +result +result-* \ No newline at end of file diff --git a/accounts/.keep b/accounts/.keep new file mode 100644 index 00000000..e69de29b diff --git a/flake.nix b/flake.nix new file mode 100644 index 00000000..fa1e81d6 --- /dev/null +++ b/flake.nix @@ -0,0 +1,94 @@ +{ + description = "gkleen's machines"; + + inputs = { + nixpkgs = { + type = "github"; + owner = "NixOS"; + repo = "nixpkgs"; + ref = "master"; + }; + home-manager = { + type = "github"; + owner = "nix-community"; + repo = "home-manager"; + ref = "master"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + }; + + outputs = { self, nixpkgs, home-manager }@inputs: + let + inherit (builtins) attrNames attrValues elemAt; + inherit (nixpkgs) lib; + utils = import ./utils { inherit lib; }; + inherit (utils) recImport overrideModule; + inherit (lib) nixosSystem mkIf splitString filterAttrs listToAttrs mapAttrsToList nameValuePair concatMap composeManyExtensions mapAttrs mapAttrs' recursiveUpdate; + + mkNixosConfiguration = dir: path: hostName: nixosSystem rec { + specialArgs = { + flake = self; + flakeInputs = inputs; + path = toString ./.; + }; + modules = + let + defaultProfiles = with self.nixosModules.systemProfiles; [core]; + local = "${toString dir}/${path}"; + global._module.args = { + customUtils = utils; + inherit hostName; + }; + accountModules = attrValues (filterAttrs accountMatchesHost self.nixosModules.accounts); + accountMatchesHost = n: _v: + let + accountName' = splitString "@" n; + hostName' = elemAt accountName' 1; + in hostName' == hostName; + in [ home-manager.nixosModules.home-manager global ] ++ defaultProfiles ++ [ local ] ++ accountModules; + }; + + mkSystemProfile = dir: path: profileName: { + imports = [ "${toString dir}/${path}" ]; + config = { + system.profiles = [profileName]; + }; + }; + + mkUserModule = dir: path: userName: overrideModule (import "${toString dir}/${path}") (inputs: inputs // { inherit userName; }) (outputs: { _file = "${toString dir}/${path}"; } // outputs); + + mkAccountModule = dir: path: accountName: + let + accountName' = splitString "@" accountName; + userName = elemAt accountName' 0; + in overrideModule (import "${toString dir}/${path}") (inputs: inputs // { inherit userName; }) (outputs: { _file = "${toString dir}/${path}"; } // outputs // { imports = [self.nixosModules.users.${userName}] ++ (outputs.imports or []); }); + + forAllSystems = f: mapAttrs f nixpkgs.legacyPackages; + + activateHomeManagerConfigurations = forAllSystems (system: _pkgs: mapAttrs' (configName: hmConfig: nameValuePair "${configName}-activate" { type = "app"; program = "${hmConfig.activationPackage}/bin/activate"; }) self.homeManagerConfigurations); + activateNixosConfigurations = forAllSystems (system: _pkgs: mapAttrs' (hostName: nixosConfig: nameValuePair "${hostName}-activate" { type = "app"; program = "${nixosConfig.config.system.build.toplevel}/bin/switch-to-configuration"; }) self.nixosConfigurations); + in + { + nixosModules = + let modulesAttrs = recImport { dir = ./modules; }; + systemProfiles = recImport rec { dir = ./system-profiles; _import = mkSystemProfile dir; }; + userProfiles = recImport rec { dir = ./user-profiles; }; + users = recImport rec { dir = ./users; _import = mkUserModule dir; }; + accounts = recImport rec { dir = ./accounts; _import = mkAccountModule dir; }; + in modulesAttrs // { inherit systemProfiles userProfiles users accounts; }; + nixosConfigurations = recImport rec { dir = ./hosts; _import = mkNixosConfiguration dir; }; + + homeManagerConfigurations = listToAttrs (concatMap ({hostName, users}: mapAttrsToList (userName: homeConfig: nameValuePair "${userName}@${hostName}" homeConfig) users) (mapAttrsToList (hostName: nixosConfig: { inherit hostName; users = nixosConfig.config.home-manager.users; }) (self.nixosConfigurations))); + + overlay = import ./pkgs; + overlays = recImport { dir = ./overlays; } // { pkgs = self.overlay; }; + + packages = forAllSystems (system: systemPkgs: composeManyExtensions (attrValues self.overlays) (self.legacyPackages.${system}) systemPkgs); + + legacyPackages = forAllSystems (system: systemPkgs: recursiveUpdate systemPkgs self.packages.${system}); + + apps = recursiveUpdate activateNixosConfigurations activateHomeManagerConfigurations; + + devShell = forAllSystems (system: systemPkgs: import ./shell.nix { pkgs = self.legacyPackages.${system}; }); + }; +} diff --git a/hosts/.keep b/hosts/.keep new file mode 100644 index 00000000..e69de29b diff --git a/modules/.keep b/modules/.keep new file mode 100644 index 00000000..e69de29b diff --git a/overlays/.keep b/overlays/.keep new file mode 100644 index 00000000..e69de29b diff --git a/pkgs/default.nix b/pkgs/default.nix new file mode 100644 index 00000000..b5d83487 --- /dev/null +++ b/pkgs/default.nix @@ -0,0 +1,3 @@ +self: super: +{ +} diff --git a/shell.nix b/shell.nix new file mode 100644 index 00000000..2820eb1a --- /dev/null +++ b/shell.nix @@ -0,0 +1,16 @@ +{ pkgs ? import {} }: +let + nixWithFlakes = pkgs.symlinkJoin { + name = "nix-with-flakes"; + paths = [ pkgs.nixFlakes ]; + buildInputs = [ pkgs.makeWrapper ]; + postBuild = '' + wrapProgram $out/bin/nix --add-flags '--option experimental-features "nix-command flakes ca-references"' + ''; + }; +in pkgs.mkShell { + name = "nixos"; + nativeBuildInputs = with pkgs; [ + nixWithFlakes + ]; +} diff --git a/system-profiles/.keep b/system-profiles/.keep new file mode 100644 index 00000000..e69de29b diff --git a/system-profiles/core.nix b/system-profiles/core.nix new file mode 100644 index 00000000..2af82703 --- /dev/null +++ b/system-profiles/core.nix @@ -0,0 +1,47 @@ +{ flake, flakeInputs, path, hostName, config, lib, pkgs, customUtils, ... }: +let + profileSet = customUtils.types.attrNameSet flake.nixosModules.systemProfiles; +in { + options = { + # See mkSystemProfile in ../flake.nix + system.profiles = lib.mkOption { + type = profileSet; + default = []; + description = '' + Set (list without duplicates) of ‘systemProfiles’ enabled for this host + ''; + }; + }; + + config = { + networking.hostName = hostName; + system.configurationRevision = lib.mkIf (flake ? rev) flake.rev; + + nixpkgs.pkgs = flakeInputs.nixpkgs.legacyPackages.${config.nixpkgs.system}; + nixpkgs.overlays = lib.attrValues flake.overlays; + + nix = { + package = pkgs.nixUnstable; + useSandbox = true; + allowedUsers = [ "@wheel" ]; + trustedUsers = [ "root" "@wheel" ]; + extraOptions = '' + experimental-features = nix-command flakes ca-references + ''; + nixPath = [ + "nixpkgs=${path}" + ]; + registry = { + nixpkgs.flake = flakeInputs.nixpkgs; + home-manager.flake = flakeInputs.home-manager; + machines.flake = flake; + }; + }; + + users.mutableUsers = false; + + # documentation.nixos.includeAllModules = true; # incompatible with home-manager (build fails) + + home-manager.useGlobalPkgs = true; # Otherwise home-manager would only work impurely + }; +} diff --git a/user-profiles/.keep b/user-profiles/.keep new file mode 100644 index 00000000..e69de29b diff --git a/users/.keep b/users/.keep new file mode 100644 index 00000000..e69de29b diff --git a/utils/default.nix b/utils/default.nix new file mode 100644 index 00000000..d00357af --- /dev/null +++ b/utils/default.nix @@ -0,0 +1,57 @@ +{ lib }: +rec { + inherit (builtins) readDir; + inherit (lib) filterAttrs hasSuffix removeSuffix mapAttrs' nameValuePair isFunction functionArgs setFunctionArgs id; + mapFilterAttrs = seive: f: attrs: filterAttrs seive (mapAttrs' f attrs); + recImport = { dir, _import ? name: _base: import "${toString dir}/${name}" }: + mapFilterAttrs + (_: v: v != null) + (n: v: + if n != "default.nix" && hasSuffix ".nix" n && v == "regular" + then + let name = removeSuffix ".nix" n; in nameValuePair (name) (_import n name) + else + if v == "directory" + then + nameValuePair n (_import n n) + else + nameValuePair ("") (null)) + (readDir dir); + + types.attrNameSet = attr: + let + elemType = lib.types.enum (builtins.attrNames attr); + in lib.types.mkOptionType rec { + name = "attrNameSet"; + description = "set of names taken from an attribute set"; + check = lib.isList; + emptyValue = { value = {}; }; + getSubOptions = prefix: elemType.getSubOptions (prefix ++ ["*"]); + getSubModules = elemType.getSubModules; + substSubModules = m: lib.types.listOf (elemType.substSubModules m); + functor = (lib.types.defaultFunctor name) // { wrapped = elemType; }; + merge = loc: defs: map (x: x.value) (lib.lists.filter (x: x ? value) (lib.lists.unique (lib.lists.concatLists (lib.lists.imap1 (n: def: + lib.lists.imap1 (m: def': + (lib.modules.mergeDefinitions + (loc ++ ["[definition ${toString n}-entry ${toString m}]"]) + elemType + [{ inherit (def) file; value = def'; }] + ).optionalValue + ) def.value + ) defs)))); + }; + + overrideModuleArgs = + let + overrideModuleArgs = module: appOverride: if isFunction module then overrideModuleArgs' module appOverride else module; + overrideModuleArgs' = module: appOverride: setFunctionArgs (inputs: overrideModuleArgs (module (appOverride inputs)) id) (functionArgs module); + in overrideModuleArgs; + + overrideModuleOutput = + let + overrideModuleOutput = module: appOverride: if isFunction module then overrideModuleOutput' module appOverride else appOverride module; + overrideModuleOutput' = module: appOverride: setFunctionArgs (inputs: overrideModuleOutput (module inputs) appOverride) (functionArgs module); + in overrideModuleOutput; + + overrideModule = module: appInput: appOutput: overrideModuleOutput (overrideModuleArgs module appInput) appOutput; +} -- cgit v1.2.3 From 055dd32001bdc96fcee3ba0159ae9bb7c922d4b6 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Thu, 31 Dec 2020 14:32:30 +0100 Subject: Support for sops --- flake.nix | 15 +++++++++++++-- shell.nix | 1 + 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index fa1e81d6..1b2758e7 100644 --- a/flake.nix +++ b/flake.nix @@ -15,9 +15,16 @@ ref = "master"; inputs.nixpkgs.follows = "nixpkgs"; }; + sops-nix = { + type = "github"; + owner = "Mic92"; + repo = "sops-nix"; + ref = "master"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; - outputs = { self, nixpkgs, home-manager }@inputs: + outputs = { self, nixpkgs, home-manager, sops-nix }@inputs: let inherit (builtins) attrNames attrValues elemAt; inherit (nixpkgs) lib; @@ -33,6 +40,10 @@ }; modules = let + extraModules = [ + sops-nix.nixosModules.sops + home-manager.nixosModules.home-manager + ]; defaultProfiles = with self.nixosModules.systemProfiles; [core]; local = "${toString dir}/${path}"; global._module.args = { @@ -45,7 +56,7 @@ accountName' = splitString "@" n; hostName' = elemAt accountName' 1; in hostName' == hostName; - in [ home-manager.nixosModules.home-manager global ] ++ defaultProfiles ++ [ local ] ++ accountModules; + in extraModules ++ [ global ] ++ defaultProfiles ++ [ local ] ++ accountModules; }; mkSystemProfile = dir: path: profileName: { diff --git a/shell.nix b/shell.nix index 2820eb1a..2840bec7 100644 --- a/shell.nix +++ b/shell.nix @@ -12,5 +12,6 @@ in pkgs.mkShell { name = "nixos"; nativeBuildInputs = with pkgs; [ nixWithFlakes + sops ]; } -- cgit v1.2.3 From 226b82e61352cb1c68d2a68bfb557c13941b050c Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Thu, 31 Dec 2020 14:45:11 +0100 Subject: Move extra modules to core profile --- flake.nix | 13 ++++++------- system-profiles/core.nix | 5 +++++ 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/flake.nix b/flake.nix index 1b2758e7..5ade9e1e 100644 --- a/flake.nix +++ b/flake.nix @@ -40,13 +40,12 @@ }; modules = let - extraModules = [ - sops-nix.nixosModules.sops - home-manager.nixosModules.home-manager - ]; - defaultProfiles = with self.nixosModules.systemProfiles; [core]; + defaultProfiles = with self.nixosModules.systemProfiles; + [ core + ]; + local = "${toString dir}/${path}"; - global._module.args = { + argsModule._module.args = { customUtils = utils; inherit hostName; }; @@ -56,7 +55,7 @@ accountName' = splitString "@" n; hostName' = elemAt accountName' 1; in hostName' == hostName; - in extraModules ++ [ global ] ++ defaultProfiles ++ [ local ] ++ accountModules; + in [ argsModule ] ++ defaultProfiles ++ [ local ] ++ accountModules; }; mkSystemProfile = dir: path: profileName: { diff --git a/system-profiles/core.nix b/system-profiles/core.nix index 2af82703..f009c178 100644 --- a/system-profiles/core.nix +++ b/system-profiles/core.nix @@ -2,6 +2,11 @@ let profileSet = customUtils.types.attrNameSet flake.nixosModules.systemProfiles; in { + imports = with flakeInputs; + [ sops-nix.nixosModules.sops + home-manager.nixosModules.home-manager + ]; + options = { # See mkSystemProfile in ../flake.nix system.profiles = lib.mkOption { -- cgit v1.2.3 From 0f1b6e9710f2a5f13128bb896014936b908b50c6 Mon Sep 17 00:00:00 2001 From: Viktor Kleen Date: Thu, 31 Dec 2020 13:50:14 +0000 Subject: add defaultTemplate output --- flake.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/flake.nix b/flake.nix index 5ade9e1e..b1f676d2 100644 --- a/flake.nix +++ b/flake.nix @@ -100,5 +100,10 @@ apps = recursiveUpdate activateNixosConfigurations activateHomeManagerConfigurations; devShell = forAllSystems (system: systemPkgs: import ./shell.nix { pkgs = self.legacyPackages.${system}; }); + + defaultTemplate = { + path = ./.; + description = "A flakey nixos configuration."; + }; }; } -- cgit v1.2.3 From c6e4166a48f9456df028428fd38d16b48fd55029 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Thu, 31 Dec 2020 17:33:45 +0100 Subject: fix build --- flake.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index b1f676d2..302a322c 100644 --- a/flake.nix +++ b/flake.nix @@ -1,5 +1,5 @@ { - description = "gkleen's machines"; + description = "GKleen's flakey nixos configuration"; inputs = { nixpkgs = { @@ -103,7 +103,7 @@ defaultTemplate = { path = ./.; - description = "A flakey nixos configuration."; + description = "GKleen's flakey nixos configuration"; }; }; } -- cgit v1.2.3 From 05bc32c1b78c983f11e63dbf01924262e7af42ca Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Fri, 1 Jan 2021 18:36:25 +0100 Subject: .gitignore: ignore emacs temporary & more results --- .gitignore | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index f295f429..bc527922 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ -result -result-* \ No newline at end of file +**/result +**/result-* +**/#*# \ No newline at end of file -- cgit v1.2.3 From 5f683a4e264c64b838e6244cf72e9d08d84be26e Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Fri, 1 Jan 2021 22:16:57 +0100 Subject: implement user profiles --- .gitignore | 3 +- flake.nix | 77 ++++++++++++++++++++++++++++++++++++------------ system-profiles/core.nix | 8 ++--- user-profiles/core.nix | 26 ++++++++++++++++ 4 files changed, 90 insertions(+), 24 deletions(-) create mode 100644 user-profiles/core.nix diff --git a/.gitignore b/.gitignore index bc527922..2c9847e1 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ **/result **/result-* -**/#*# \ No newline at end of file +**/#*# +**/.#* \ No newline at end of file diff --git a/flake.nix b/flake.nix index 302a322c..7a3b61bc 100644 --- a/flake.nix +++ b/flake.nix @@ -26,17 +26,26 @@ outputs = { self, nixpkgs, home-manager, sops-nix }@inputs: let - inherit (builtins) attrNames attrValues elemAt; + inherit (builtins) attrNames attrValues elemAt toJSON; inherit (nixpkgs) lib; utils = import ./utils { inherit lib; }; inherit (utils) recImport overrideModule; - inherit (lib) nixosSystem mkIf splitString filterAttrs listToAttrs mapAttrsToList nameValuePair concatMap composeManyExtensions mapAttrs mapAttrs' recursiveUpdate; + inherit (lib) nixosSystem mkIf splitString filterAttrs listToAttrs mapAttrsToList nameValuePair concatMap composeManyExtensions mapAttrs mapAttrs' recursiveUpdate genAttrs unique; + + accountUserName = accountName: + let + accountName' = splitString "@" accountName; + in elemAt accountName' 0; + accountHostName = accountName: + let + accountName' = splitString "@" accountName; + in elemAt accountName' 1; mkNixosConfiguration = dir: path: hostName: nixosSystem rec { specialArgs = { flake = self; flakeInputs = inputs; - path = toString ./.; + path = ./.; }; modules = let @@ -44,54 +53,84 @@ [ core ]; - local = "${toString dir}/${path}"; + local = dir + "/${path}"; argsModule._module.args = { customUtils = utils; inherit hostName; }; accountModules = attrValues (filterAttrs accountMatchesHost self.nixosModules.accounts); - accountMatchesHost = n: _v: - let - accountName' = splitString "@" n; - hostName' = elemAt accountName' 1; - in hostName' == hostName; + accountMatchesHost = n: _v: accountHostName n == hostName; in [ argsModule ] ++ defaultProfiles ++ [ local ] ++ accountModules; }; mkSystemProfile = dir: path: profileName: { - imports = [ "${toString dir}/${path}" ]; + imports = [ (dir + "/${path}") ]; config = { system.profiles = [profileName]; }; }; - mkUserModule = dir: path: userName: overrideModule (import "${toString dir}/${path}") (inputs: inputs // { inherit userName; }) (outputs: { _file = "${toString dir}/${path}"; } // outputs); + defaultUserProfiles = userName: with self.nixosModules.userProfiles.${userName}; + [ core + ]; + + mkUserModule = dir: path: userName: + overrideModule (import (dir + "/${path}")) + (inputs: inputs // { inherit userName; }) + (outputs: { _file = dir + "/${path}"; } + // outputs + // { imports = [self.nixosModules.userProfiles.${userName}.core] ++ (outputs.imports or []); }); + + mkUserProfile = userName: dir: path: profileName: + let + profileModule = overrideModule (import (dir + "/${path}")) + (inputs: inputs // { inherit userName; }) + (outputs: { _file = dir + "/${path}"; } + // outputs); + in { + imports = [profileModule]; + config = { + users.users.${userName}.profiles = [profileName]; + }; + }; mkAccountModule = dir: path: accountName: let - accountName' = splitString "@" accountName; - userName = elemAt accountName' 0; - in overrideModule (import "${toString dir}/${path}") (inputs: inputs // { inherit userName; }) (outputs: { _file = "${toString dir}/${path}"; } // outputs // { imports = [self.nixosModules.users.${userName}] ++ (outputs.imports or []); }); + userName = accountUserName accountName; + in overrideModule + (import (dir + "/${path}")) + (inputs: inputs // { inherit userName; }) + (outputs: { _file = dir + "/${path}"; } + // outputs + // { imports = defaultUserProfiles userName ++ (outputs.imports or []); }); forAllSystems = f: mapAttrs f nixpkgs.legacyPackages; + forAllUsers = genAttrs (unique (map accountUserName (attrNames self.nixosModules.accounts))); activateHomeManagerConfigurations = forAllSystems (system: _pkgs: mapAttrs' (configName: hmConfig: nameValuePair "${configName}-activate" { type = "app"; program = "${hmConfig.activationPackage}/bin/activate"; }) self.homeManagerConfigurations); activateNixosConfigurations = forAllSystems (system: _pkgs: mapAttrs' (hostName: nixosConfig: nameValuePair "${hostName}-activate" { type = "app"; program = "${nixosConfig.config.system.build.toplevel}/bin/switch-to-configuration"; }) self.nixosConfigurations); + + overlayPaths = recImport rec { dir = ./overlays; _import = (path: _name: dir + "/${path}"); } // { pkgs = ./pkgs; }; in { nixosModules = let modulesAttrs = recImport { dir = ./modules; }; systemProfiles = recImport rec { dir = ./system-profiles; _import = mkSystemProfile dir; }; - userProfiles = recImport rec { dir = ./user-profiles; }; users = recImport rec { dir = ./users; _import = mkUserModule dir; }; - accounts = recImport rec { dir = ./accounts; _import = mkAccountModule dir; }; - in modulesAttrs // { inherit systemProfiles userProfiles users accounts; }; + userProfiles = forAllUsers (userName: recImport rec { dir = ./user-profiles; _import = mkUserProfile userName dir; }); + accounts = recursiveUpdate rootAccounts (recImport rec { dir = ./accounts; _import = mkAccountModule dir; }); + rootAccounts = mapAttrs' (hostName: _value: nameValuePair "root@${hostName}" ({...}: { imports = [ self.nixosModules.users.root or ({...}: { imports = defaultUserProfiles "root"; }) ]; })) self.nixosConfigurations; + in modulesAttrs // { inherit systemProfiles users userProfiles accounts; }; nixosConfigurations = recImport rec { dir = ./hosts; _import = mkNixosConfiguration dir; }; + homeManagerModules = recImport rec { dir = ./user-profiles; }; homeManagerConfigurations = listToAttrs (concatMap ({hostName, users}: mapAttrsToList (userName: homeConfig: nameValuePair "${userName}@${hostName}" homeConfig) users) (mapAttrsToList (hostName: nixosConfig: { inherit hostName; users = nixosConfig.config.home-manager.users; }) (self.nixosConfigurations))); - overlay = import ./pkgs; - overlays = recImport { dir = ./overlays; } // { pkgs = self.overlay; }; + overlay = import overlayPaths.pkgs; + overlays = mapAttrs (_name: path: import path) overlayPaths; + overlays-path = forAllSystems (system: _: self.legacyPackages.${system}.writeText "overlays.nix" '' + map import (builtins.attrValues (builtins.fromJSON ${self.legacyPackages.${system}.writeText "overlays.json" (toJSON overlayPaths)})); + ''); packages = forAllSystems (system: systemPkgs: composeManyExtensions (attrValues self.overlays) (self.legacyPackages.${system}) systemPkgs); diff --git a/system-profiles/core.nix b/system-profiles/core.nix index f009c178..bd2004df 100644 --- a/system-profiles/core.nix +++ b/system-profiles/core.nix @@ -22,8 +22,7 @@ in { networking.hostName = hostName; system.configurationRevision = lib.mkIf (flake ? rev) flake.rev; - nixpkgs.pkgs = flakeInputs.nixpkgs.legacyPackages.${config.nixpkgs.system}; - nixpkgs.overlays = lib.attrValues flake.overlays; + nixpkgs.pkgs = flake.legacyPackages.${config.nixpkgs.system}; nix = { package = pkgs.nixUnstable; @@ -34,12 +33,13 @@ in { experimental-features = nix-command flakes ca-references ''; nixPath = [ - "nixpkgs=${path}" + "nixpkgs=${flakeInputs.nixpkgs.legacyPackages.${config.nixpkgs.system}.path}" + "nixpkgs-overlays=${flake.overlays-path.${config.nixpkgs.system}}" ]; registry = { nixpkgs.flake = flakeInputs.nixpkgs; home-manager.flake = flakeInputs.home-manager; - machines.flake = flake; + nixos.flake = flake; }; }; diff --git a/user-profiles/core.nix b/user-profiles/core.nix new file mode 100644 index 00000000..6f473b1a --- /dev/null +++ b/user-profiles/core.nix @@ -0,0 +1,26 @@ +{ flake, userName, lib, customUtils, ... }: +let + userProfileSet = customUtils.types.attrNameSet (lib.zipAttrs (lib.attrValues flake.nixosModules.userProfiles)); +in { + options = { + users.users = lib.mkOption { + type = lib.types.attrsOf (lib.types.submodule { + options.profiles = lib.mkOption { + type = userProfileSet; + default = []; + description = '' + Set (list without duplicates) of ‘userProfiles’ enabled for this user + ''; + }; + }); + }; + }; + + config = { + users.users.${userName} = {}; # Just make sure the user is created + + home-manager.users.${userName} = { + manual.manpages.enable = true; + }; + }; +} -- cgit v1.2.3 From f487e082cd68e4b9798f5632a6bee80b6576eeee Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Fri, 1 Jan 2021 22:19:20 +0100 Subject: fix typo wrt. home-modules --- flake.nix | 2 +- home-modules/.keep | 0 2 files changed, 1 insertion(+), 1 deletion(-) create mode 100644 home-modules/.keep diff --git a/flake.nix b/flake.nix index 7a3b61bc..0740732c 100644 --- a/flake.nix +++ b/flake.nix @@ -123,7 +123,7 @@ in modulesAttrs // { inherit systemProfiles users userProfiles accounts; }; nixosConfigurations = recImport rec { dir = ./hosts; _import = mkNixosConfiguration dir; }; - homeManagerModules = recImport rec { dir = ./user-profiles; }; + homeManagerModules = recImport rec { dir = ./home-modules; }; homeManagerConfigurations = listToAttrs (concatMap ({hostName, users}: mapAttrsToList (userName: homeConfig: nameValuePair "${userName}@${hostName}" homeConfig) users) (mapAttrsToList (hostName: nixosConfig: { inherit hostName; users = nixosConfig.config.home-manager.users; }) (self.nixosConfigurations))); overlay = import overlayPaths.pkgs; diff --git a/home-modules/.keep b/home-modules/.keep new file mode 100644 index 00000000..e69de29b -- cgit v1.2.3 From 609836e1390de77eb4bb2f7c32a47646d794eff0 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Sat, 2 Jan 2021 14:13:20 +0100 Subject: fix overlays-path --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 0740732c..83f92ac6 100644 --- a/flake.nix +++ b/flake.nix @@ -129,7 +129,7 @@ overlay = import overlayPaths.pkgs; overlays = mapAttrs (_name: path: import path) overlayPaths; overlays-path = forAllSystems (system: _: self.legacyPackages.${system}.writeText "overlays.nix" '' - map import (builtins.attrValues (builtins.fromJSON ${self.legacyPackages.${system}.writeText "overlays.json" (toJSON overlayPaths)})); + map import (builtins.attrValues (builtins.fromJSON (builtins.readFile ${self.legacyPackages.${system}.writeText "overlays.json" (toJSON overlayPaths)}))); ''); packages = forAllSystems (system: systemPkgs: composeManyExtensions (attrValues self.overlays) (self.legacyPackages.${system}) systemPkgs); -- cgit v1.2.3 From b6e44495b2a271ff8514ff5448e1c164ab59762e Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Sat, 2 Jan 2021 15:13:01 +0100 Subject: put sops-nix in flake registry --- system-profiles/core.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/system-profiles/core.nix b/system-profiles/core.nix index bd2004df..79c2fe82 100644 --- a/system-profiles/core.nix +++ b/system-profiles/core.nix @@ -39,6 +39,7 @@ in { registry = { nixpkgs.flake = flakeInputs.nixpkgs; home-manager.flake = flakeInputs.home-manager; + sops-nix.flake = flakeInputs.sops-nix; nixos.flake = flake; }; }; -- cgit v1.2.3 From 3058034f82ba38314b9f4ce0f9b0055522c44f47 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Sat, 2 Jan 2021 16:21:34 +0100 Subject: fix user-profiles --- flake.nix | 4 ++-- system-profiles/core.nix | 21 ++++++++++++++++++++- user-profiles/core.nix | 28 +++++----------------------- 3 files changed, 27 insertions(+), 26 deletions(-) diff --git a/flake.nix b/flake.nix index 83f92ac6..52d4026d 100644 --- a/flake.nix +++ b/flake.nix @@ -79,7 +79,7 @@ (inputs: inputs // { inherit userName; }) (outputs: { _file = dir + "/${path}"; } // outputs - // { imports = [self.nixosModules.userProfiles.${userName}.core] ++ (outputs.imports or []); }); + // { imports = defaultUserProfiles userName ++ (outputs.imports or []); }); mkUserProfile = userName: dir: path: profileName: let @@ -102,7 +102,7 @@ (inputs: inputs // { inherit userName; }) (outputs: { _file = dir + "/${path}"; } // outputs - // { imports = defaultUserProfiles userName ++ (outputs.imports or []); }); + // { imports = [self.nixosModules.users.${userName} or ({...}: { imports = defaultUserProfiles userName; })] ++ (outputs.imports or []); }); forAllSystems = f: mapAttrs f nixpkgs.legacyPackages; forAllUsers = genAttrs (unique (map accountUserName (attrNames self.nixosModules.accounts))); diff --git a/system-profiles/core.nix b/system-profiles/core.nix index 79c2fe82..5f2433bb 100644 --- a/system-profiles/core.nix +++ b/system-profiles/core.nix @@ -1,6 +1,8 @@ { flake, flakeInputs, path, hostName, config, lib, pkgs, customUtils, ... }: let profileSet = customUtils.types.attrNameSet flake.nixosModules.systemProfiles; + userProfileSet = customUtils.types.attrNameSet (lib.zipAttrs (lib.attrValues flake.nixosModules.userProfiles)); + hasSops = config.sops.secrets != {}; in { imports = with flakeInputs; [ sops-nix.nixosModules.sops @@ -16,6 +18,18 @@ in { Set (list without duplicates) of ‘systemProfiles’ enabled for this host ''; }; + + users.users = lib.mkOption { + type = lib.types.attrsOf (lib.types.submodule { + options.profiles = lib.mkOption { + type = userProfileSet; + default = []; + description = '' + Set (list without duplicates) of ‘userProfiles’ enabled for this user + ''; + }; + }); + }; }; config = { @@ -48,6 +62,11 @@ in { # documentation.nixos.includeAllModules = true; # incompatible with home-manager (build fails) - home-manager.useGlobalPkgs = true; # Otherwise home-manager would only work impurely + home-manager = { + useGlobalPkgs = true; # Otherwise home-manager would only work impurely + useUserPackages = true; + }; + + sops.gnupgHome = lib.mkIf hasSops "/root/.gnupg"; }; } diff --git a/user-profiles/core.nix b/user-profiles/core.nix index 6f473b1a..91685611 100644 --- a/user-profiles/core.nix +++ b/user-profiles/core.nix @@ -1,26 +1,8 @@ -{ flake, userName, lib, customUtils, ... }: -let - userProfileSet = customUtils.types.attrNameSet (lib.zipAttrs (lib.attrValues flake.nixosModules.userProfiles)); -in { - options = { - users.users = lib.mkOption { - type = lib.types.attrsOf (lib.types.submodule { - options.profiles = lib.mkOption { - type = userProfileSet; - default = []; - description = '' - Set (list without duplicates) of ‘userProfiles’ enabled for this user - ''; - }; - }); - }; - }; - - config = { - users.users.${userName} = {}; # Just make sure the user is created +{ userName, ... }: +{ + users.users.${userName} = {}; # Just make sure the user is created - home-manager.users.${userName} = { - manual.manpages.enable = true; - }; + home-manager.users.${userName} = { + manual.manpages.enable = true; }; } -- cgit v1.2.3 From 7f7d02a3f03435d455c3373d4f655d0d5aa8369e Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Sat, 2 Jan 2021 16:51:29 +0100 Subject: import all modules by default --- flake.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index 52d4026d..a17c22fc 100644 --- a/flake.nix +++ b/flake.nix @@ -30,7 +30,7 @@ inherit (nixpkgs) lib; utils = import ./utils { inherit lib; }; inherit (utils) recImport overrideModule; - inherit (lib) nixosSystem mkIf splitString filterAttrs listToAttrs mapAttrsToList nameValuePair concatMap composeManyExtensions mapAttrs mapAttrs' recursiveUpdate genAttrs unique; + inherit (lib) nixosSystem mkIf splitString filterAttrs listToAttrs mapAttrsToList nameValuePair concatMap composeManyExtensions mapAttrs mapAttrs' recursiveUpdate genAttrs unique elem; accountUserName = accountName: let @@ -60,7 +60,7 @@ }; accountModules = attrValues (filterAttrs accountMatchesHost self.nixosModules.accounts); accountMatchesHost = n: _v: accountHostName n == hostName; - in [ argsModule ] ++ defaultProfiles ++ [ local ] ++ accountModules; + in attrValues (filterAttrs (n: _v: !(elem n ["systemProfiles" "users" "userProfiles" "accounts"])) self.nixosModules) ++ [ argsModule ] ++ defaultProfiles ++ [ local ] ++ accountModules; }; mkSystemProfile = dir: path: profileName: { -- cgit v1.2.3 From a3eccb33fc973012255af4590af008ce68fa12f1 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Sat, 2 Jan 2021 19:16:56 +0100 Subject: construct nixpkgs with overridable config --- system-profiles/core.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/system-profiles/core.nix b/system-profiles/core.nix index 5f2433bb..0ff3a9f4 100644 --- a/system-profiles/core.nix +++ b/system-profiles/core.nix @@ -36,7 +36,10 @@ in { networking.hostName = hostName; system.configurationRevision = lib.mkIf (flake ? rev) flake.rev; - nixpkgs.pkgs = flake.legacyPackages.${config.nixpkgs.system}; + nixpkgs.pkgs = import flake.legacyPackages.${config.nixpkgs.system}.path { + inherit (config.nixpkgs) system config; + overlays = lib.attrValues flake.overlays; + }; nix = { package = pkgs.nixUnstable; @@ -68,5 +71,7 @@ in { }; sops.gnupgHome = lib.mkIf hasSops "/root/.gnupg"; + + environment.systemPackages = [ pkgs.git ] ++ lib.optional hasSops pkgs.gnupg; }; } -- cgit v1.2.3 From 4fd2ec43662ffa51759960b34185c6ca38be0b8b Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Sat, 2 Jan 2021 22:27:57 +0100 Subject: Explicitly disable sops.sshKeyPaths --- system-profiles/core.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/system-profiles/core.nix b/system-profiles/core.nix index 0ff3a9f4..49869e60 100644 --- a/system-profiles/core.nix +++ b/system-profiles/core.nix @@ -70,7 +70,10 @@ in { useUserPackages = true; }; - sops.gnupgHome = lib.mkIf hasSops "/root/.gnupg"; + sops = lib.mkIf hasSops { + gnupgHome = "/root/.gnupg"; + sshKeyPaths = []; + }; environment.systemPackages = [ pkgs.git ] ++ lib.optional hasSops pkgs.gnupg; }; -- cgit v1.2.3 From ccc22d94f88fdff18dfb5758c1974148e32770db Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Sun, 3 Jan 2021 00:54:12 +0100 Subject: fix homeManagerModules & activation --- flake.nix | 2 +- user-profiles/core.nix | 8 ++++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/flake.nix b/flake.nix index a17c22fc..8faa9aa9 100644 --- a/flake.nix +++ b/flake.nix @@ -107,7 +107,7 @@ forAllSystems = f: mapAttrs f nixpkgs.legacyPackages; forAllUsers = genAttrs (unique (map accountUserName (attrNames self.nixosModules.accounts))); - activateHomeManagerConfigurations = forAllSystems (system: _pkgs: mapAttrs' (configName: hmConfig: nameValuePair "${configName}-activate" { type = "app"; program = "${hmConfig.activationPackage}/bin/activate"; }) self.homeManagerConfigurations); + activateHomeManagerConfigurations = forAllSystems (system: _pkgs: mapAttrs' (configName: hmConfig: nameValuePair "${configName}-activate" { type = "app"; program = "${hmConfig.home.activationPackage}/activate"; }) self.homeManagerConfigurations); activateNixosConfigurations = forAllSystems (system: _pkgs: mapAttrs' (hostName: nixosConfig: nameValuePair "${hostName}-activate" { type = "app"; program = "${nixosConfig.config.system.build.toplevel}/bin/switch-to-configuration"; }) self.nixosConfigurations); overlayPaths = recImport rec { dir = ./overlays; _import = (path: _name: dir + "/${path}"); } // { pkgs = ./pkgs; }; diff --git a/user-profiles/core.nix b/user-profiles/core.nix index 91685611..8611a0bd 100644 --- a/user-profiles/core.nix +++ b/user-profiles/core.nix @@ -1,8 +1,12 @@ -{ userName, ... }: +{ flake, userName, lib, ... }: { users.users.${userName} = {}; # Just make sure the user is created home-manager.users.${userName} = { - manual.manpages.enable = true; + imports = lib.attrValues flake.homeManagerModules; + + config = { + manual.manpages.enable = true; + }; }; } -- cgit v1.2.3 From 20ea49851dfd6e37d40d8a8a924676b95bf0d98d Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Sun, 3 Jan 2021 14:41:45 +0100 Subject: remove broken home-manager activation --- flake.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/flake.nix b/flake.nix index 8faa9aa9..fd139d63 100644 --- a/flake.nix +++ b/flake.nix @@ -107,7 +107,6 @@ forAllSystems = f: mapAttrs f nixpkgs.legacyPackages; forAllUsers = genAttrs (unique (map accountUserName (attrNames self.nixosModules.accounts))); - activateHomeManagerConfigurations = forAllSystems (system: _pkgs: mapAttrs' (configName: hmConfig: nameValuePair "${configName}-activate" { type = "app"; program = "${hmConfig.home.activationPackage}/activate"; }) self.homeManagerConfigurations); activateNixosConfigurations = forAllSystems (system: _pkgs: mapAttrs' (hostName: nixosConfig: nameValuePair "${hostName}-activate" { type = "app"; program = "${nixosConfig.config.system.build.toplevel}/bin/switch-to-configuration"; }) self.nixosConfigurations); overlayPaths = recImport rec { dir = ./overlays; _import = (path: _name: dir + "/${path}"); } // { pkgs = ./pkgs; }; @@ -124,7 +123,6 @@ nixosConfigurations = recImport rec { dir = ./hosts; _import = mkNixosConfiguration dir; }; homeManagerModules = recImport rec { dir = ./home-modules; }; - homeManagerConfigurations = listToAttrs (concatMap ({hostName, users}: mapAttrsToList (userName: homeConfig: nameValuePair "${userName}@${hostName}" homeConfig) users) (mapAttrsToList (hostName: nixosConfig: { inherit hostName; users = nixosConfig.config.home-manager.users; }) (self.nixosConfigurations))); overlay = import overlayPaths.pkgs; overlays = mapAttrs (_name: path: import path) overlayPaths; @@ -136,7 +134,7 @@ legacyPackages = forAllSystems (system: systemPkgs: recursiveUpdate systemPkgs self.packages.${system}); - apps = recursiveUpdate activateNixosConfigurations activateHomeManagerConfigurations; + apps = activateNixosConfigurations; devShell = forAllSystems (system: systemPkgs: import ./shell.nix { pkgs = self.legacyPackages.${system}; }); -- cgit v1.2.3 From 63a687c8c50ba8fcd2d6130d5a2e0d33dcce1525 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Sun, 3 Jan 2021 15:23:46 +0100 Subject: fix overlays-path --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index fd139d63..3c1507dd 100644 --- a/flake.nix +++ b/flake.nix @@ -127,7 +127,7 @@ overlay = import overlayPaths.pkgs; overlays = mapAttrs (_name: path: import path) overlayPaths; overlays-path = forAllSystems (system: _: self.legacyPackages.${system}.writeText "overlays.nix" '' - map import (builtins.attrValues (builtins.fromJSON (builtins.readFile ${self.legacyPackages.${system}.writeText "overlays.json" (toJSON overlayPaths)}))); + map import (builtins.attrValues (builtins.fromJSON (builtins.readFile ${self.legacyPackages.${system}.writeText "overlays.json" (toJSON overlayPaths)}))) ''); packages = forAllSystems (system: systemPkgs: composeManyExtensions (attrValues self.overlays) (self.legacyPackages.${system}) systemPkgs); -- cgit v1.2.3