142 lines
4.3 KiB
Nix
142 lines
4.3 KiB
Nix
{
|
|
description = "xyno doin nixos";
|
|
|
|
inputs = {
|
|
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable";
|
|
nixpkgs-master.url = "github:nixos/nixpkgs?ref=master";
|
|
mobile-nixos.url = "github:mobile-nixos/mobile-nixos";
|
|
mobile-nixos.flake = false;
|
|
nix-flatpak.url = "github:gmodena/nix-flatpak?ref=latest";
|
|
home-manager.url = "github:nix-community/home-manager";
|
|
home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
|
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
|
|
sops-nix.url = "github:Mic92/sops-nix";
|
|
sops-nix.inputs.nixpkgs.follows = "nixpkgs";
|
|
impermanence.url = "github:nix-community/impermanence";
|
|
|
|
# software
|
|
lanzaboote = {
|
|
url = "github:nix-community/lanzaboote/v0.4.2";
|
|
|
|
# Optional but recommended to limit the size of your system closure.
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
lix-module = {
|
|
url = "git+https://git.lix.systems/lix-project/nixos-module.git?ref=release-2.93";
|
|
inputs.nixpkgs.follows = "nixpkgs-master";
|
|
};
|
|
|
|
polkit.url = "github:polkit-org/polkit";
|
|
polkit.flake = false;
|
|
|
|
zen-browser.url = "github:0xc000022070/zen-browser-flake";
|
|
zen-browser.inputs.nixpkgs.follows = "nixpkgs-master";
|
|
kmonad = {
|
|
url = "git+https://github.com/jokesper/kmonad?dir=nix&ref=feat-tap-overlap";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
niri.url = "github:YaLTeR/niri";
|
|
niri.inputs.nixpkgs.follows = "nixpkgs-master";
|
|
xwayland-satellite.url = "github:Supreeeme/xwayland-satellite";
|
|
xwayland-satellite.inputs.nixpkgs.follows = "nixpkgs-master";
|
|
nheko.url = "github:Nheko-Reborn/nheko";
|
|
nheko.flake = false;
|
|
mtxclient.url = "github:Nheko-Reborn/mtxclient";
|
|
mtxclient.flake = false;
|
|
|
|
# helix
|
|
helix.url = "github:sofusa/helix-pull-diagnostics";
|
|
helix.inputs.nixpkgs.follows = "nixpkgs-master";
|
|
csharp-language-server.url = "github:sofusa/csharp-language-server";
|
|
csharp-language-server.inputs.nixpkgs.follows = "nixpkgs-master";
|
|
|
|
# authentik
|
|
|
|
authentik.url = "github:nix-community/authentik-nix";
|
|
authentik.inputs.nixpkgs.follows = "nixpkgs";
|
|
terranix.url = "github:terranix/terranix";
|
|
terranix.inputs.nixpkgs.follows = "nixpkgs";
|
|
|
|
};
|
|
|
|
outputs =
|
|
inputs@{
|
|
self,
|
|
nixpkgs,
|
|
nixpkgs-master,
|
|
...
|
|
}:
|
|
let
|
|
lib = nixpkgs.lib.extend (
|
|
s: super: {
|
|
xyno = import ./lib {
|
|
inherit inputs nixpkgs self;
|
|
lib = s;
|
|
};
|
|
}
|
|
);
|
|
overlays = [
|
|
self.overlays.default
|
|
# inputs.lix-module.overlays.default
|
|
];
|
|
genPkgs =
|
|
system:
|
|
import nixpkgs {
|
|
inherit system overlays;
|
|
config.allowUnfree = true;
|
|
};
|
|
modules = [
|
|
inputs.kmonad.nixosModules.default
|
|
inputs.home-manager.nixosModules.default
|
|
inputs.lanzaboote.nixosModules.lanzaboote
|
|
inputs.sops-nix.nixosModules.sops
|
|
inputs.impermanence.nixosModules.impermanence
|
|
inputs.lix-module.nixosModules.lixFromNixpkgs
|
|
inputs.authentik.nixosModules.default
|
|
]
|
|
++ (import ./modules/module-list.nix);
|
|
in
|
|
{
|
|
overlays.default =
|
|
final: prev:
|
|
(
|
|
{
|
|
unstable = import nixpkgs-master {
|
|
system = prev.system;
|
|
config.allowUnfree = true;
|
|
};
|
|
}
|
|
// (import ./overlays inputs final prev)
|
|
);
|
|
|
|
nixosConfigurations = lib.xyno.loadInstances ./instances (modules);
|
|
devShell."x86_64-linux" =
|
|
let
|
|
pkgs = genPkgs "x86_64-linux";
|
|
in
|
|
pkgs.mkShell {
|
|
packages = [
|
|
pkgs.nixfmt-rfc-style
|
|
pkgs.nil
|
|
pkgs.sops
|
|
(pkgs.runCommand "nix-config-bin" {} ''
|
|
mkdir -p $out/bin
|
|
cp ${./bin}/* $out/bin
|
|
'')
|
|
];
|
|
SOPS_CONFIG = (pkgs.callPackage ./sops.nix { instanceConfigs = lib.xyno.getDirs ./instances; });
|
|
|
|
};
|
|
checks."x86_64-linux"."nixos" =
|
|
let
|
|
pkgs = genPkgs "x86_64-linux";
|
|
in
|
|
pkgs.testers.runNixOSTest {
|
|
imports = (import ./modules/test-list.nix);
|
|
node.specialArgs = { inherit inputs; };
|
|
extraBaseModules.imports = modules;
|
|
extraBaseModules.services.openssh.enable = true;
|
|
node.pkgsReadOnly = false;
|
|
};
|
|
};
|
|
}
|