From a6b046e28b0405ff18655348d72631f31a53d0ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= Date: Sat, 22 Mar 2025 23:17:02 +0100 Subject: [PATCH 01/17] readme: mention youko --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index d11785b..c6dc540 100644 --- a/README.md +++ b/README.md @@ -22,6 +22,7 @@ Collection of my personal Nix configurations and opinionated NixOS, nix-darwin, - hijiri-vm - linux vm running on my macbook - ude - another linux arm server - kogata - my m1 mac mini doubling as a server + - youko - my linux x86 server - modules - options which in principle should be reusable by others - system - my opinionated nixos/nix-darwin modules - home - my opinionated home-manager modules From 678005a0ee0ce524cb8c07db00530867528b1e65 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= Date: Sat, 22 Mar 2025 23:20:03 +0100 Subject: [PATCH 02/17] hosts: remove legion it's been a good ride, but it's time to say goodbye --- README.md | 1 - assets/ssh.nix | 2 - flake.lock | 107 -------------------------- flake.nix | 4 - hosts/default.nix | 1 - hosts/legion/default.nix | 47 ------------ hosts/legion/desktop.nix | 112 --------------------------- hosts/legion/disks.nix | 14 ---- hosts/legion/hardware.nix | 90 ---------------------- hosts/legion/msmtp.nix | 36 --------- hosts/legion/nas/default.nix | 59 -------------- hosts/legion/nas/media.nix | 132 -------------------------------- modules/default.nix | 1 - secrets/alert-nrab-lol-pass.age | 13 ++-- secrets/alert-plain-pass.age | 37 ++++----- secrets/attic-creds.age | Bin 452 -> 452 bytes secrets/forgejo-token.age | Bin 479 -> 479 bytes secrets/github-token.age | Bin 693 -> 583 bytes secrets/hercules-cache.age | Bin 979 -> 869 bytes secrets/hercules-secrets.age | 26 +++---- secrets/hercules-token.age | Bin 888 -> 778 bytes secrets/leet-nrab-lol-pass.age | 12 +-- secrets/legion-niko-pass.age | Bin 395 -> 0 bytes secrets/miyagi-niko-pass.age | 14 ++-- secrets/nrab-lol-cf.age | Bin 380 -> 380 bytes secrets/ntfy-alert-pass.age | Bin 1017 -> 1017 bytes secrets/ntfy-niko-pass.age | 12 +-- secrets/rab-lol-cf.age | 15 ++-- secrets/rabulinski-com-cf.age | 12 +-- secrets/secrets.nix | 9 --- secrets/storage-box-creds.age | 12 +-- secrets/storage-box-webdav.age | 13 ++-- secrets/ude-deluge.age | 12 +-- secrets/youko-niko-pass.age | 12 +-- secrets/zitadel-master.age | Bin 354 -> 354 bytes 35 files changed, 94 insertions(+), 711 deletions(-) delete mode 100644 hosts/legion/default.nix delete mode 100644 hosts/legion/desktop.nix delete mode 100644 hosts/legion/disks.nix delete mode 100644 hosts/legion/hardware.nix delete mode 100644 hosts/legion/msmtp.nix delete mode 100644 hosts/legion/nas/default.nix delete mode 100644 hosts/legion/nas/media.nix delete mode 100644 secrets/legion-niko-pass.age diff --git a/README.md b/README.md index c6dc540..8d5da60 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,6 @@ Collection of my personal Nix configurations and opinionated NixOS, nix-darwin, - hosts - per-machine configurations - kazuki - my linux arm server - - legion - my linux x86 server - hijiri - my macbook - hijiri-vm - linux vm running on my macbook - ude - another linux arm server diff --git a/assets/ssh.nix b/assets/ssh.nix index afdc92c..c699be9 100644 --- a/assets/ssh.nix +++ b/assets/ssh.nix @@ -9,7 +9,6 @@ hijiri-vm = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP6tfXLB6xhcl3rtI5x9NXSs12U4LVy06RRlyZxiORa0 nikodem@rabulinski.com"; kazuki = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIImsFb9qRxX0n2Bmy00T8iPam+Fc3mgKkm7dfM7AQRHN nikodem@rabulinski.com"; - legion = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILHX2MNGZGSTedYAepZHgcx+KK0A6ASulwSrpf9ytb5h nikodem@rabulinski.com"; miyagi = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEIf4Ypws+1v9WL9MibW1dELpa/7YixElaBE7S71jsTy nrabulinski@antmicro.com"; ude = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEDm3M/i/4wP2BM4+9hHAOMospwvlBZ+FT+pJtVgaaMq nikodem@rabulinski.com"; kogata = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGK7H4Z29d72HJlI69Vt0YLOyuPcn9XxYjvMZfql80z0 nikodem@rabulinski.com"; @@ -20,7 +19,6 @@ system = { kazuki = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEyYhYWDNmKSrpcslD3NzWW+lQmDcLJdjLh7CSkL4hW5 root@kazuki"; - legion = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH0Ktyj0FSn8KLRwRGd0Tp/qNUPXV7+XyxAsWGWdMYp8 root@legion"; miyagi = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILbUcsZrZgGHojG+1yVyNEW5Fgr7/7qNaWxOt+lFrJaD root@miyagi"; ude = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZW15ObZ6XG776pdEvs9yqSuIiWlbGveEVA774Ri9/o root@ude"; kogata = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICPN/SXBcIB1WN8GIhYrQrqzFGuVkEP4o0E+x0uQ4f2l"; diff --git a/flake.lock b/flake.lock index 5d68e57..3cd382a 100644 --- a/flake.lock +++ b/flake.lock @@ -190,22 +190,6 @@ "type": "github" } }, - "fl-config": { - "locked": { - "lastModified": 1653159448, - "narHash": "sha256-PvB9ha0r4w6p412MBPP71kS/ZTBnOjxL0brlmyucPBA=", - "owner": "flakelib", - "repo": "fl", - "rev": "fcefb9738d5995308a24cda018a083ccb6b0f460", - "type": "github" - }, - "original": { - "owner": "flakelib", - "ref": "config", - "repo": "fl", - "type": "github" - } - }, "flake-compat": { "flake": false, "locked": { @@ -351,25 +335,6 @@ "type": "github" } }, - "flakelib": { - "inputs": { - "fl-config": "fl-config", - "std": "std" - }, - "locked": { - "lastModified": 1701802971, - "narHash": "sha256-Zo5fJpXbe+xXOTiDT4JG2rExobMJTmFZ72+3XTMMHrQ=", - "owner": "flakelib", - "repo": "fl", - "rev": "b71a91517f6b16aa5faefe8ec491d9f3062d7a20", - "type": "github" - }, - "original": { - "owner": "flakelib", - "repo": "fl", - "type": "github" - } - }, "flakey-profile": { "locked": { "lastModified": 1712898590, @@ -531,21 +496,6 @@ "type": "github" } }, - "nix-std": { - "locked": { - "lastModified": 1701658249, - "narHash": "sha256-KIt1TUuBvldhaVRta010MI5FeQlB8WadjqljybjesN0=", - "owner": "chessai", - "repo": "nix-std", - "rev": "715db541ffff4194620e48d210b76f73a74b5b5d", - "type": "github" - }, - "original": { - "owner": "chessai", - "repo": "nix-std", - "type": "github" - } - }, "nixpkgs": { "locked": { "lastModified": 1723603349, @@ -621,44 +571,6 @@ "type": "github" } }, - "nvidia-patch": { - "inputs": { - "flakelib": "flakelib", - "nixpkgs": [ - "nixpkgs" - ], - "nvidia-patch-src": "nvidia-patch-src" - }, - "locked": { - "lastModified": 1742460640, - "narHash": "sha256-Qks0TRMOiuVKjcSPkg251Q2/wdU5ooMt4b2f2numPzg=", - "owner": "arcnmx", - "repo": "nvidia-patch.nix", - "rev": "c85990250376300fe11413e22458911f408f64d0", - "type": "github" - }, - "original": { - "owner": "arcnmx", - "repo": "nvidia-patch.nix", - "type": "github" - } - }, - "nvidia-patch-src": { - "flake": false, - "locked": { - "lastModified": 1742384429, - "narHash": "sha256-5O0TXVrLsFrULXli2vB2iJ7TECUckMHKvJZYmdkcnGE=", - "owner": "keylase", - "repo": "nvidia-patch", - "rev": "07080317245ac30c38001d2149810b2dee3cce1f", - "type": "github" - }, - "original": { - "owner": "keylase", - "repo": "nvidia-patch", - "type": "github" - } - }, "racket": { "inputs": { "nixpkgs": [ @@ -697,7 +609,6 @@ "mailserver": "mailserver", "niko-nur": "niko-nur", "nixpkgs": "nixpkgs_2", - "nvidia-patch": "nvidia-patch", "racket": "racket", "treefmt": "treefmt", "wrapper-manager": "wrapper-manager", @@ -764,24 +675,6 @@ "type": "github" } }, - "std": { - "inputs": { - "nix-std": "nix-std" - }, - "locked": { - "lastModified": 1701802337, - "narHash": "sha256-JCVCyjDZ6LA0xyVoDZzRXjy0OgWOZo3OpeZEVm/U97w=", - "owner": "flakelib", - "repo": "std", - "rev": "443d1c8246b3d96a4822b02af907ca0d833e8b63", - "type": "github" - }, - "original": { - "owner": "flakelib", - "repo": "std", - "type": "github" - } - }, "systems": { "locked": { "lastModified": 1681028828, diff --git a/flake.nix b/flake.nix index 217b7cc..c49e260 100644 --- a/flake.nix +++ b/flake.nix @@ -121,10 +121,6 @@ url = "gitlab:famedly/conduit?ref=next"; flake = false; }; - nvidia-patch = { - url = "github:arcnmx/nvidia-patch.nix"; - inputs.nixpkgs.follows = "nixpkgs"; - }; fenix = { url = "github:nix-community/fenix"; inputs.nixpkgs.follows = "nixpkgs"; diff --git a/hosts/default.nix b/hosts/default.nix index 03d464d..d8ed8b3 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -9,7 +9,6 @@ ./kazuki ./hijiri-vm ./hijiri - ./legion # TODO: Custom installer ISO # ./installer ./ude diff --git a/hosts/legion/default.nix b/hosts/legion/default.nix deleted file mode 100644 index 92c95be..0000000 --- a/hosts/legion/default.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ - configurations.nixos.legion = - { - config, - username, - ... - }: - { - imports = [ - ./hardware.nix - # ./disks.nix - ./msmtp.nix - ./desktop.nix - ]; - - nixpkgs.hostPlatform = "x86_64-linux"; - - specialisation = { - nas.configuration = ./nas; - }; - - boot = { - loader.systemd-boot.enable = true; - loader.efi.canTouchEfiVariables = true; - }; - - settei.tailscale = { - ipv4 = "100.84.112.35"; - ipv6 = "fd7a:115c:a1e0:ab12:4843:cd96:6254:7023"; - }; - - networking = { - hostName = "legion"; - hostId = builtins.substring 0 8 "524209a432724c7abaf04398cdd6eecd"; - networkmanager.enable = true; - }; - systemd.services.NetworkManager-wait-online.enable = false; - - powerManagement.cpuFreqGovernor = "performance"; - - age.secrets.niko-pass.file = ../../secrets/legion-niko-pass.age; - users.users.${username}.hashedPasswordFile = config.age.secrets.niko-pass.path; - - settei.incus.enable = true; - virtualisation.podman.enable = true; - }; -} diff --git a/hosts/legion/desktop.nix b/hosts/legion/desktop.nix deleted file mode 100644 index 7d80cd9..0000000 --- a/hosts/legion/desktop.nix +++ /dev/null @@ -1,112 +0,0 @@ -# TODO: Proper desktop module -{ - config, - pkgs, - lib, - username, - ... -}: -{ - # Needed for nvidia and steam - nixpkgs.config.allowUnfree = true; - - settei.user.config = { - settei.desktop.enable = true; - home.packages = with pkgs; [ - brightnessctl - dmenu - ]; - - xsession.windowManager.i3 = { - enable = true; - config = { - terminal = "wezterm"; - modifier = "Mod4"; - }; - }; - - home.file.".xinitrc".source = pkgs.writeShellScript "xinitrc" '' - xrandr --setprovideroutputsource modesetting NVIDIA-0 - xrandr --auto - exec dbus-run-session i3 - ''; - }; - - programs.steam = { - enable = true; - remotePlay.openFirewall = true; - dedicatedServer.openFirewall = true; - gamescopeSession = { }; - }; - - hardware.steam-hardware.enable = true; - - services.logind = lib.genAttrs [ - "lidSwitch" - "lidSwitchDocked" - "lidSwitchExternalPower" - ] (_: "ignore"); - - services.pipewire = { - enable = true; - alsa.enable = true; - pulse.enable = true; - }; - - programs.dconf.enable = true; - services.dbus.enable = true; - - users.users.${username}.extraGroups = [ - "video" - "input" - ]; - - # NVIDIA stuff - services.xserver = { - enable = true; - excludePackages = [ pkgs.xterm ]; - videoDrivers = [ "nvidia" ]; - xkb.layout = "pl"; - displayManager.startx.enable = true; - config = lib.mkForce '' - Section "OutputClass" - Identifier "intel" - MatchDriver "i915" - Driver "modesetting" - EndSection - - Section "OutputClass" - Identifier "nvidia" - MatchDriver "nvidia-drm" - Driver "nvidia" - Option "AllowEmptyInitialConfiguration" - Option "PrimaryGPU" "yes" - ModulePath "${config.hardware.nvidia.package.bin}/lib/xorg/modules" - ModulePath "${pkgs.xorg.xorgserver}/lib/xorg/modules" - EndSection - - Section "InputClass" - Identifier "touchpad" - Driver "libinput" - MatchIsTouchpad "on" - Option "Tapping" "on" - Option "TappingButtonMap" "lrm" - Option "NaturalScrolling" "true" - EndSection - ''; - exportConfiguration = true; - }; - services.libinput.enable = true; - - hardware.nvidia = { - patch.enable = true; - patch.nvidiaPackage = config.boot.kernelPackages.nvidia_x11_production; - open = false; - modesetting.enable = true; - }; - - hardware.graphics = { - enable = true; - enable32Bit = true; - }; -} diff --git a/hosts/legion/disks.nix b/hosts/legion/disks.nix deleted file mode 100644 index 74ecef9..0000000 --- a/hosts/legion/disks.nix +++ /dev/null @@ -1,14 +0,0 @@ -_args: -/* - let - bootDevice = args.bootDevice or "/dev/nvme0n1"; - in -*/ -{ - assertions = [ - { - assertion = false; - message = "Disko config TODO"; - } - ]; -} diff --git a/hosts/legion/hardware.nix b/hosts/legion/hardware.nix deleted file mode 100644 index f1b8f71..0000000 --- a/hosts/legion/hardware.nix +++ /dev/null @@ -1,90 +0,0 @@ -{ config, ... }: -{ - boot.initrd.availableKernelModules = [ - "xhci_pci" - "ahci" - "nvme" - "usbhid" - "usb_storage" - "uas" - ]; - boot.extraModulePackages = with config.boot.kernelPackages; [ acpi_call ]; - boot.kernelModules = [ - "kvm-intel" - "i2c-dev" - "acpi_call" - ]; - boot.blacklistedKernelModules = [ "nouveau" ]; - - # Needed for enableAllFirmware - nixpkgs.config.allowUnfree = true; - hardware = { - enableAllFirmware = true; - cpu.intel.updateMicrocode = true; - }; - - services.smartd.enable = true; - - # TODO: Move to disko only - # TODO: Actually set up impermanence - boot.supportedFilesystems = [ "btrfs" ]; - boot.initrd.luks.devices."enc".device = "/dev/disk/by-label/LUKS"; - - fileSystems."/" = { - device = "/dev/disk/by-label/LINUX"; - fsType = "btrfs"; - options = [ - "subvol=root" - "compress=zstd" - "noatime" - ]; - }; - - fileSystems."/home" = { - device = "/dev/disk/by-label/LINUX"; - fsType = "btrfs"; - options = [ - "subvol=home" - "compress=zstd" - "noatime" - ]; - }; - - fileSystems."/nix" = { - device = "/dev/disk/by-label/LINUX"; - fsType = "btrfs"; - options = [ - "subvol=nix" - "compress=zstd" - "noatime" - ]; - }; - - fileSystems."/persist" = { - device = "/dev/disk/by-label/LINUX"; - fsType = "btrfs"; - options = [ - "subvol=persist" - "compress=zstd" - "noatime" - ]; - }; - - fileSystems."/var/log" = { - device = "/dev/disk/by-label/LINUX"; - fsType = "btrfs"; - options = [ - "subvol=log" - "compress=zstd" - "noatime" - ]; - neededForBoot = true; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-label/BOOT"; - fsType = "vfat"; - }; - - swapDevices = [ { device = "/dev/disk/by-label/SWAP"; } ]; -} diff --git a/hosts/legion/msmtp.nix b/hosts/legion/msmtp.nix deleted file mode 100644 index dc51c15..0000000 --- a/hosts/legion/msmtp.nix +++ /dev/null @@ -1,36 +0,0 @@ -# TODO: Potentially make this a common module? -{ - pkgs, - config, - username, - ... -}: -let - mail = "alert@nrab.lol"; - aliases = pkgs.writeText "mail-aliases" '' - ${username}: nikodem@rabulinski.com - root: ${mail} - ''; -in -{ - age.secrets.alert-plaintext.file = ../../secrets/alert-plain-pass.age; - - programs.msmtp = { - enable = true; - setSendmail = true; - defaults = { - inherit aliases; - tls = "on"; - auth = "login"; - tls_starttls = "off"; - }; - accounts = { - default = { - host = "mail.nrab.lol"; - passwordeval = "cat ${config.age.secrets.alert-plaintext.path}"; - user = mail; - from = mail; - }; - }; - }; -} diff --git a/hosts/legion/nas/default.nix b/hosts/legion/nas/default.nix deleted file mode 100644 index f01145a..0000000 --- a/hosts/legion/nas/default.nix +++ /dev/null @@ -1,59 +0,0 @@ -{ - pkgs, - lib, - username, - ... -}: -{ - imports = [ ./media.nix ]; - - boot.supportedFilesystems = [ - "ext4" - "zfs" - ]; - - boot.zfs.extraPools = [ "yottapool" ]; - services.zfs = { - autoScrub.enable = true; - zed.settings = { - ZED_DEBUG_LOG = "/tmp/zed.debug.log"; - ZED_EMAIL_ADDR = [ username ]; - ZED_EMAIL_PROG = lib.getExe pkgs.msmtp; - ZED_EMAIL_OPTS = "@ADDRESS@"; - - ZED_NOTIFY_INTERVAL_SECS = 3600; - ZED_NOTIFY_VERBOSE = true; - - ZED_USE_ENCLOSURE_LEDS = true; - ZED_SCRUB_AFTER_RESILVER = true; - }; - }; - - fileSystems."/bulk" = { - device = "/dev/disk/by-label/BULK"; - fsType = "ext4"; - }; - - systemd.mounts = [ - { - type = "none"; - options = "bind"; - what = "/media/data"; - where = "/export/yotta-data"; - requires = [ "zfs-mount.service" ]; - after = [ "zfs-mount.service" ]; - wantedBy = [ "multi-user.target" ]; - before = [ "nfs-server.service" ]; - requiredBy = [ "nfs-server.service" ]; - } - ]; - - services.nfs.server = { - enable = true; - hostName = "100.84.112.35"; - exports = '' - /export *(insecure,rw,crossmnt,fsid=0) - /export/yotta-data *(insecure,rw,nohide) - ''; - }; -} diff --git a/hosts/legion/nas/media.nix b/hosts/legion/nas/media.nix deleted file mode 100644 index 501e811..0000000 --- a/hosts/legion/nas/media.nix +++ /dev/null @@ -1,132 +0,0 @@ -{ - config, - username, - lib, - ... -}: -{ - age.secrets.rab-lol-cf = { - file = ../../../secrets/rab-lol-cf.age; - owner = config.services.nginx.user; - }; - - services.jellyfin = { - enable = true; - openFirewall = true; - }; - services.radarr.enable = true; - # TODO: Remove once https://github.com/Sonarr/Sonarr/pull/7443 is merged - nixpkgs.config.permittedInsecurePackages = [ - "dotnet-sdk-6.0.428" - "aspnetcore-runtime-6.0.36" - ]; - services.sonarr.enable = true; - services.prowlarr.enable = true; - services.jellyseerr.enable = true; - services.deluge = { - enable = true; - web.enable = true; - config.download_location = "/media/deluge"; - }; - - services.restic.server = { - enable = true; - dataDir = "/media/restic"; - extraFlags = [ "--no-auth" ]; - }; - - users.users = { - jellyfin.extraGroups = [ - "radarr" - "sonarr" - ]; - radarr.extraGroups = [ "deluge" ]; - sonarr.extraGroups = [ "deluge" ]; - ${username}.extraGroups = [ "deluge" ]; - }; - - systemd.services = lib.mkMerge [ - (lib.genAttrs - [ - "jellyfin" - "radarr" - "sonarr" - "prowlarr" - "deluged" - "restic-rest-server" - ] - (_: { - requires = [ "zfs-mount.service" ]; - after = [ "zfs-mount.service" ]; - }) - ) - { - jellyseerr.requires = [ - "jellyfin.service" - "radarr.service" - "sonarr.service" - ]; - - radarr.requires = [ "deluged.service" ]; - sonarr.requires = [ "deluged.service" ]; - } - ]; - - services.nginx = { - enable = true; - recommendedProxySettings = true; - virtualHosts = - let - services = [ - "jellyfin" - "jellyseerr" - "deluge" - "prowlarr" - "sonarr" - "radarr" - ]; - mkService = name: { - forceSSL = true; - useACMEHost = "_wildcard.legion.rab.lol"; - listen = lib.flatten ( - map - (port: [ - (port // { addr = config.settei.tailscale.ipv4; }) - (port // { addr = "[${config.settei.tailscale.ipv6}]"; }) - ]) - [ - { port = 80; } - { - port = 443; - ssl = true; - } - ] - ); - - locations."/".proxyPass = "http://${name}"; - }; - services' = map (service: { - name = "${service}.legion.rab.lol"; - value = mkService service; - }) services; - in - lib.listToAttrs services'; - upstreams = { - jellyfin.servers."localhost:8096" = { }; - jellyseerr.servers."localhost:5055" = { }; - deluge.servers."localhost:8112" = { }; - prowlarr.servers."localhost:9696" = { }; - radarr.servers."localhost:7878" = { }; - sonarr.servers."localhost:8989" = { }; - }; - }; - - users.users.nginx.extraGroups = [ "acme" ]; - security.acme.acceptTerms = true; - security.acme.certs."_wildcard.legion.rab.lol" = { - domain = "*.legion.rab.lol"; - dnsProvider = "cloudflare"; - credentialsFile = config.age.secrets.rab-lol-cf.path; - email = "nikodem@rabulinski.com"; - }; -} diff --git a/modules/default.nix b/modules/default.nix index 32f8e5f..24a8f46 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -33,7 +33,6 @@ in inputs.disko.nixosModules.disko inputs.mailserver.nixosModules.default inputs.home-manager.nixosModules.home-manager - inputs.nvidia-patch.nixosModules.nvidia-patch inputs.attic.nixosModules.atticd inputs.lix-module.nixosModules.default { diff --git a/secrets/alert-nrab-lol-pass.age b/secrets/alert-nrab-lol-pass.age index 85d17ab..a5e31ca 100644 --- a/secrets/alert-nrab-lol-pass.age +++ b/secrets/alert-nrab-lol-pass.age @@ -1,7 +1,8 @@ age-encryption.org/v1 --> ssh-ed25519 84j9mw XYwseCo1fgFTMZ4IL13orBFdnWo0is7fujpJ5vDEIXo -5L2q/5umRSXrK1YGUXeUS3rpUlaGGwCKqzvUpQ5nk8s --> ssh-ed25519 GKhvwg 2fSKj5gtCn8oj35oOgL3o8TxkkZNBlp+xy/W4mYghm8 -fNse8uiLWps7zSIY8826MRAY1PyO++G3+7tT6TDQeag ---- /1Qqdeo1Tvw3EQDGKc5D85eXTnJ/vmdtwfHf/WuvGwQ -ZQr.KG;1W9>GjE(~]3"i )1[m;ܺWqn)vsEY,0X3I1P` \ No newline at end of file +-> ssh-ed25519 84j9mw Uex/8V7Wq/9Bz9nvJRwfl5F6/QexinaDIhe14gAqWng +/lvX7cziXcohWI8FS8eybbdAaWDgN2Nvv2/3/DDaCFg +-> ssh-ed25519 GKhvwg JmC8WUB4SkpEy9nYGo9sfoNPx1pOAqvq0YDqd4l4vWw +F7KRZaLxCs7eYlPvv+yLovyFAxkahr/p5apcL+Bilfk +--- k5tZFrWFA+pUvgN2TYuIXzHBII2bLhB308qm5LFGJVg +g0ZTJJ)]>p +?LM>wПuYx "/"$L Y1T׸m֑s~ \ No newline at end of file diff --git a/secrets/alert-plain-pass.age b/secrets/alert-plain-pass.age index 032dbb2..4c3882d 100644 --- a/secrets/alert-plain-pass.age +++ b/secrets/alert-plain-pass.age @@ -1,19 +1,20 @@ age-encryption.org/v1 --> ssh-ed25519 GKhvwg 5euhetVuCUsVmzsFBVQr0U709Ogv6j1m+rhaS1ZXQhw -p9dTjCsqwXRFgY1qvZOmlpJGYIz+hj286sP/oaX15H4 --> ssh-ed25519 H0Rg/A MrlNR2XgW04Csdhpd1s2Tfr3gsD8l1YWj5l/5EJEtGI -+3RiO5GHLJOstxEKvNvAlZ1ycWHLUun0K7raJ/86a/M --> ssh-ed25519 84j9mw 2wIXF94Zbo3fB7fRzQWGv5mCwdiomYVoFU8p25olt1k -S2A2AP8clxTkJBtqRTTSeHeKCkcveEYaaU41di0v9kM --> ssh-ed25519 5A7peQ G+MxkpWskys34yRKVC9CEXdfqujMUG/v4Vp9WvPYRw0 -BA+l5LIAIX0/KeSRcxLRybQ42OZV/ZX9pLCHhvkI1gc --> ssh-ed25519 ioPMHA EXnV+gYXCwuE9kL8HJDxwGTWRqfJQt4gO4IxDXNXCDM -s2Ji8kJ+hl+3vy/kIIHyngIw6BGouXjLTbIK/AQYfNI --> ssh-ed25519 g2vRWw Ir+r+/jelVmGjtahgKwTkiwZUWSxkCHJrYFkm+GqTDQ -GsDZu3gaQArHOEFQH4qoJSQw1mflKWvWNYpI+RZgI/0 --> ssh-ed25519 IFuY+w tWgf0Nelr0ji9Kr9fBt+2rdr0alagGG960uzW8RL9yE -FW5Wt5OMD887sClsLF/q4AlTDocImI72az465K/qZPs --> ssh-ed25519 rA7dkQ 9apitDrmj/hY9bCHadtYFZmjGUwqXtFZiUypjt9Z1BQ -l+4ZTzw1rAYQV9dWn2sAr6Q1UtwunbelGr+UqMwetsE ---- dmVol02/2xV9zEOzA8+n5fyyjEk5Tsq/3W1yZa07ntg -P`nHmXD`7{3P}vTb \ No newline at end of file +-> ssh-ed25519 GKhvwg ZvzKWT14nrdbiVRJf4hK3Gmb7pkLA1YrzIAXi7GqUm0 +OqGUgm/4oefj+J6JrIM42FPq/2tH/evQfKYQGCSMIc4 +-> ssh-ed25519 H0Rg/A ucyXgt869tI6HWLjrsg5o65HBBHnjiAyJ2T7aCps7iQ +h58tIKkuHEFM+7VRl6u+3vvV3XQ0r+XqvUo7OdLuKEg +-> ssh-ed25519 84j9mw 2a5d7xIwqwF9MuAKv490mGUMYiDvZWK8+sLDjShpnmk +7CH1AzJQD7nrq7aKZJy54+74awO2MHO6RySq29/MH18 +-> ssh-ed25519 5A7peQ 8h1pfClbTdBZuSZyw1LcntL6QIDXukYkJ+SBmcZMYAE +d8gix1GBYjqe8nYc/gdOxEvsYNo7+W+vhQZq/RFPeRw +-> ssh-ed25519 g2vRWw E4b+U5rVKsurdddkOSeDKmhIQW5iK4hdoRePQjohM2w ++WlMZ6Yd9iCqcm/WIrzRSRU9fmqdtc2Lb79wgB945Kg +-> ssh-ed25519 B2veVw 4APxbmXkGw6O319hX1rPpgCz2BNXs1fa71eopRvgsFI +AQ3FsW+H7qYg90JG8904/N0FjxjH4S70S1Gyer1BiXI +-> ssh-ed25519 IFuY+w +W4IMgBS9ihPCEGWQw8DrsTkF8Ih5H1+ZjhmGdPimQE +qlMFMVpw6uvH/OqGx/fIBFcP41RlXxyXKJ3//1N7mcQ +-> ssh-ed25519 rA7dkQ 1XI21LILuaiYGHbdgCllU+H8N+/YPq9FyrOUTp0AXCI +vklhN/5KOmbB0MaQ4F/iIuj5ReLiBrmFQunPtJu0o7w +--- 5T2/adM9me57EcbMcLPba1MIisFzJnXLC+inc57bJdk +Ji'6&&o +k4-hu}2|1DIl9ܦY \ No newline at end of file diff --git a/secrets/attic-creds.age b/secrets/attic-creds.age index 6d72b95d8a061682a14d8cee73b541ab275eef8f..e901eb77e21b8f47a9b512855b2011f6c334488f 100644 GIT binary patch delta 417 zcmX@Ye1v&|ZoQXdNu<76W{HbYx_*XpP*#O^QJ7&=c%WyMuYP2@x4U1WsdI?AVWd+s zSFW#nfnijZQ-wjHYiYW#V_s%Oc37T;g-2nEUumX(dZky1etvd&kV}9Cm#&>cadC!j zYKoDmsiCEUyLU!edAfpEQdvr=b6UA$q?w^Xctt^GNqw?=PH=LhrA3l^s$Zl_p?7J8 zM|M$RluIa=Nusl3flF#so~yojg`=@oRYjqTX<~U`nWdj;exgxGvPYnQRE4&)Q-Ld& zuCA^^o_m!=j#F`zxn)p5aYklHh+9r@NLX=HfO$?@qMx@@l$*18NJ*4YS!yxYoajI5 z%$qigE7rHKe=YEBX6p0rS007(g#_JmKeIr<@KcIsb>f@ztF+ba4=(<@b&|N!sjX_i z`7TNNRb(G&oV_UM{Pbg*`#F~OGPBNzX-VAEEYw@KW^)%`enQ5x9Y0SpFW>gM{r5hCzU*Htv&Q;0|1xsqZ$AJ delta 417 zcmX@Ye1v&|Zhdx?QDUVcadC!j zYKoDmsiCEUyLU!edAfpQfT_1}TB>hynMIVFQB-PiKz)R1YLG!uQbl5vZ)9Giwoz$C zRC+*^qhUT*T2P3eXH{{SNpNYYw^^j8NtRQNM__TOd3HpYQ)xk9MN&$Ur%|eti=ii% zuCA_vX=;&MXjo)mMrB4tT24x4u%(w-Rd{k_xW0C9nrVTnWrTNWxN(VNZcaYe2PMC2 ztj~{q`BdNhSKzCR(}6o2G5411IBV5!wA=K1&gDNECtgQ-ioW0!nj3gbFjIO*bmVE} zEyCuEOIOdH^fIM-AMcKwy9O_>`79A+@O`4-#*nl^tm=QlsgQ7w;|;0xlJ-5I`xYBS0Z8+ Qgf^V{%@TKa_ngum0LK`hasU7T diff --git a/secrets/forgejo-token.age b/secrets/forgejo-token.age index 13f30a6df5f61458036e2b88da5733517ad52dca..f16f8e1c0958e8ab2e39d408d457a5771b041714 100644 GIT binary patch delta 425 zcmcc5e4lxOPQ7bRab$^;uZf#~Qf6hLrCC^!cSKc|YlW+Eq+3{!L5N3Qdaz-5j!~7f z30J6dQI2t*M^><#cZFAEhFfJ?xQBLuu~$Y;R#I|!MUuW_dQ!4!PM&{-374*&LUD11 zZfc5=si~o*f~Q+)q;|PNfU8kSNM*84siKDTx)SrfDfzpqUT)X4TP2YX9ms{ld>fNVl zTI+U7o;ELVWH?;9?_t1c^_oo|ml^b^t(fHb)#<`|i`LLBI-0vaYH+Rg{~@`>vh|p9 V=#TwVrUbNnwx=Fs6|O|u3NadXiIE1G9v-QlE@io9PM(owCfNZ2q3PaPQF(r)rRC*?`HtmWZe>xf zsh)*-#cqySsAIJzE#E%WiG`P9_b6 diff --git a/secrets/github-token.age b/secrets/github-token.age index 03ad19efe076c613adab0adc8939799c046be4a2..58d43ca2221a7897a93d333ee54d69df5e9c9949 100644 GIT binary patch delta 510 zcmdnWdYol~PQ8zLl}Axog=a)rfLoB8ep!)oXr_;aSy4)|zKda+f1*WVa%q{LWtd4$ zK9_;HQB`_wSeZwGTcMM0RgzW2&}iSVo|scX?uFq-&0od!}nvNM2S%aB_NjxQXZF zI7W%^6T?HyB9lE0gPmQI!gI??^0I@&avixG4P2eG(h^I33qlezwX=%D zD=VVPEK?JUa}B-Il8Su7!iq}VUGojiLh`wEb#)ag{F8$%(^E|x-K$KUs~k-{ok~1i zoJ+HeJpH}h3SA;A^+Q7fBZE9$BcmL-ET(O*^i(?fob&nAL(CJ+=Tw(CGnnPK9@<~% zwEbqoyv6&qU48$4-lDn5Ddxw8!Y3aS+a}~SJ~?)VZPhLHbAd^&S7+oMcz67}FgE~G C6}5T* delta 620 zcmX@kvXym$PJKpET9{LXn`fp=NLf;@xxa5@Qf{h|wxxNvr*U3kMPyQzlV4CoP_U(k z30H8UcUnnqu%otxPi9F(UUp$(xtV!Ixv{xLv0titvA(NcMXqnLe^^RcAeXM4LUD11 zZfc5=si~o*f`v(zWp24bet~;Lj(MW7X-IK!mXW@rOMQAuQm|=KftkLmOGt63OLnln zXO?GrR;ZIBmvgzPzgc;SWm#3Bb9z#EMTK)wRc?e=pog};W2#|!d8LPQvWHJvfopO$ zx^~qqF8ba%5y6gL>4u?!k;PuFRZ+f``sL0ZY2~>lWrmi?N#Q}2 zfn5F>E{Xo;rrDMit|`v02JR`9US^rzW=@8NnW_3YCY8=(6dPW(T z7ian<8fIr3c$9c#WICDn1ttZ12by?C6uWr2yQjELj%SppPc$v@PYDmrakVTgHY^E9 zGB43Kh$`{$voK0D3(EEN2rw+Ea!=I{3r^=M_X&4ObPLT6&vr7+@pbi%Fz^g^4GeLw z&<}D6aWgDSDl2u*w=A~^%r)WC)zwv~3`;h%tTOaB4E6Wbwlq%3%L+3n&rU5&G6^mT zH}Obzip(?!G^o-xNbwBh`k*8_yUWD#^%Sw4Ka;}yP0KiEgl83p-rBV5ZN7h_%+bF> u%E78Jj|%hFJ&xY|A!F|s$AuTOTu)`Zob$Ku%DqJ`mrHgoo}Bf+$r%7gSJx~6 diff --git a/secrets/hercules-cache.age b/secrets/hercules-cache.age index 783c7f309280746233edec2a94fa38d3831fa709..48de2e92d78f71dc7278119e66b146191eada756 100644 GIT binary patch delta 779 zcmcc2{*-NkPIy*jYH(6$wp)OqnPp13zkX7hTasIGT263Aaao2zep;@vgE*#DMHZI%MLwo!hQ1c&rip$QX?Z5)sTE<4T;*v|UPi}EryHLxu6N_Gh`a}Dt=$}vjMOARzn zG7rh~(f0KZEy;5U3lGWW%5qDxa106w^2{r@2r|!!bggjr3r$Z8$}-PMOU?F)@^mT- zh{&x7_KHmA($&>f$jLS`Ely4@$SqGZ@yhf`^$1T3_AE0tvAiA zOfyMyHXSbDH|iNzrYEC&CW8td^|LGTHR`n=#*llHXr#I&5_}&-?s%>&TF*qO=Un*wN%{-`9A`kS delta 909 zcmaFLcA0&GPQ6D;WnPMRc1l@sl}CATWPpc-OQ^Ytev)y4e?X!|ZfH=tS9(!cN^*&@ zFPCvrc1~eYX^~H{k&mx-Xo*QmNq9TRAF|6OSqF)y1%PQRj^-ja(!}eP)?##uyIC?pQCfAerZl= zNoq=FWQd_Bmt%!TRk(MycW_o%W>us|rmKmUk+z4idts4lk&{PAR%xofX+VUrbEuyM zx^ys#oC$Keg;YY*-nynZ{|6j{5GUiAKeyLHQoq7U8C$ zu3RQYu1R^hrIAqvC0Uih;o4#OVNq^n=6QZOiTUB)DW>ja7Cwc!IT?kfffGN9hew!I zn0T67hFEy{hX-pXg?X8kmb-aIdS`gM8ad^q7&zvaW#pNsho>2Pa=E5Eo9CE>yE_Ml z7G=6Sx))}p`MY}tMEQ7Uxn*PqmPb`&2IQBPg?SYuPmX7lsE-N=b&Co%iO4C;FOKwf z3iYsvEGaF@P7ibo^pEh%tO!jnHjYfrPIgV^^7l)3EG&%7tSoX&Psf$V@Jd3=XMu3(YmjOE&Sz^tKF3G|kHMbj?XK z5A@5gbgQf~s`m*`^-Rond%`cT9e{G%GsrvbL4H)uW}ZQy0YZJbq$Glri|?~|BG2({x8L)n|>;kZKn6lv)ekC zH7M@-Yj7t#rt^U9;?|-EzHqS!J!pO`gguhVo^T~tvjcz&Jzq4fi;w=iLb+0FBRCCD~?=(2J z=H>_8s+DRw>51E=mkMgFvh68MV2|4ucyj*!cVZ1(jA7ULTCOiFNZEGB_I_f)5=E)_ z&06aLM2|0bxsY<}MjjnkSc7O(H@xpR7=!je}j^>p}7xA<$gzKPR1#cYzK7jmWB n({TOf+|XOXVyAmpbnegG%F1cJFm(E&Lx$?yjj1~(&y@uLNoHQ@ diff --git a/secrets/hercules-secrets.age b/secrets/hercules-secrets.age index 8b55761..b192321 100644 --- a/secrets/hercules-secrets.age +++ b/secrets/hercules-secrets.age @@ -1,16 +1,12 @@ age-encryption.org/v1 --> ssh-ed25519 84j9mw qVTbaORT1Ouwq1uA0cWQ3Q85tLYcq6xuZ9UhcMOTTSk -PE0VZp1P9K4IAnm/BIDusGsp4dtLvaN0/m9q9gNnfx4 --> ssh-ed25519 ioPMHA +m127XNN1vH6Tg6XGuHDbND0giQgGsMLE7YUKagZbXk -tKyYRNLt1UgnQR//64yAunpHjE7JyB/Mkdmc4gkMTWw --> ssh-ed25519 IFuY+w x4WynTbStig1Ay9gyaplDcNlLQT0kMOFOJwVvcco1i0 -i8M7n2tfBJoFNmQHs5jEaZdfKc1UmjL5y6oBCos1mDk --> ssh-ed25519 5A7peQ +XJDHQntGS+FcrFgy9X/9RDOrBMNCI8rHsicV4Z5sBo -i6xfceBN4DE9EYF8Q4PaJjX7qbELJaJ5dxMGoAIE8xU --> ssh-ed25519 GKhvwg fzJcotOtNhVeNwOdMQIwPT9GmgbE13HYmCkwbFlCCkQ -mNtYtoX8IUDgHKAQRA5e7HLZgYVI9wCF8QMm530eFEo ---- EIWU+anFU1NSYiu3O+xncDnVvJVrwHzwaAX1YhsaOj4 -%DJ#0AD -qz,3sHVbTުˇ8[ ?VgNVd -ĝȗL=̵g%ι[md6oqE4ŏF3@P\(MDM;%^ܫpxp):O9,iBT -sǚ-JWE\0£y>0;yL{t.g%W,X} JJdg3\#) 0h=lhBBXb$^ BM[~u? hlc;zk \ No newline at end of file +-> ssh-ed25519 84j9mw bwa+uUxySjFDjOaCzRiZyYVKl4po1YDaOoDQLqqObSI +ayXv7BKF5lkzM3ai3rHL8irPetF2Nlwoji2VHpRsD5c +-> ssh-ed25519 IFuY+w k98+p1XfAR7f7kbahEwTzZVA45ulV4t3INkOQMsU3D8 +1QbRrGvE5cMMKzSNXK5LfBndDBJITd6gTBg9dJWir9E +-> ssh-ed25519 5A7peQ NyqKUm+8hfHcJ760y3EttpxygXxQXKFXURU8pHg1bAw +Rh7EqnDagUFvmIEsFkjkE2tVzlhWrGgANKy9UQM0D7M +-> ssh-ed25519 GKhvwg J3b+gGMaemGwSb7jfeCug9bcjXUJbU8BBGRoTXw2lw4 +tmMZY+0SSYVxZSMDQEBWCYzKUHTVbFH1iuybHyBvor8 +--- Uh1N32VLTQ2mxhsxu40FbIv0dQkqPdfBk+q3nJ/xPZ4 +;tضl̙RyhٖQBXzi%JN@֧FDv8.D,_J(<p-<Afl)FQf+6mHݲſ~yN5؊Ñb#]y{MSx9XO3`R<|O4(K@wdMq s%XdGrWm6 1NQGJ~݃xkgRCv뚑&v޶NSf6,`K ъk1Z!T%[,a6X־NL5k^V +g}C>m5rd7Mn= \ No newline at end of file diff --git a/secrets/hercules-token.age b/secrets/hercules-token.age index 54dd108e0526d2c42e8ea042ba4d575c947948c5..a7a66a7668c205a2f884bf56be0a0aac9004575e 100644 GIT binary patch delta 689 zcmeyt*2OkKC)~>{Rlg)F&B?FKSKA{f%RIm-x5(Y6#IV>surR{1D#Izb%-uUbud>83 zkSn;vDXrAdH#pQg#m_jcFex+HJIKt)&8gDKFCs%bF(}kKAj2oEDmTqEed0&)a6?PO z%qk=8VCSgZ0GA+RHf`R-Z1 zA(c5szJ|d8t_A7ZC5Bl!?pdK39*)`tjzz}#ToJy;`L0I372baOWjP++iQ(Dl5uWMJ z1zzb9l^&@jd3ipWJ}wa%o}n(qlg~1W*Jt>;YI`ObdQ_xqS9q3$XO!e*1!rc41nL*K zmAm?e1XMY>q(=t3xaNeWb9tBK>w9H~1sIxC6q$vkxE2|j88{XMm1U>pxklwW=DB4j zM_S}L21gnAa_Q>oDwI}L|w{t1SqQcoTFhr9q(N*S>)B-ZJyd4NDDb{#mX5 zyCgMZo>9S-xzpa{?Ela&9vrypR7Pr&rTqENRptAzxN84K#`Ei* z?qucK%lDUC6GrTW+NEsv+ORlPpdo~FLx%``ax0RItx delta 819 zcmeBT`@uFrr`{sbEi^qO+q^u?!rizyG&``+GB`gmI4iU$Fe1&k($Og=O+Pgy&nz#) zlglj8+|$=WJ1f#ZuPisiIm$qcq1Uz^Obr z)hSp%J2TgWOWVNN!y>f8G~7M0G^oNk#5FUjD#ENFKiw^&%rne5BHhQNwAeAXD$>vq z-8xUV(n#%c1;?yZ_pH?LypnV$(v_f;6Y1EKhx>!k}yyPwza|L9$xtsa8>4$oSm4pWvWLG*GCgznC z=T({~8ixcLM0xua8igksdRk^DbLr~pDipY-2PRe;R2byu1vxsEr4?BC>xZSf7`uc; zq@=kQS2-3|)R!k`8f9h`mUFeo9SK|if9+${|Gko_OLaIbUw?hPSahaAd1P0t@=2M? z9~Ny7v`D?BFe%uCNx*K24xy?i0`h~*)4I9b%E%Zcw?HgXHJSpCNZa;(2Css2~^}_mDaR;^n0MMW~g8%>k diff --git a/secrets/leet-nrab-lol-pass.age b/secrets/leet-nrab-lol-pass.age index fbf07ad..4145d0d 100644 --- a/secrets/leet-nrab-lol-pass.age +++ b/secrets/leet-nrab-lol-pass.age @@ -1,7 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 84j9mw qRlII1WyhanH2pNwSnl01iMlPWQ7tsyiNNOHPLNMflo -ZMtYsPCDsgcbN1qoAYWTBQtfBWGHzi4WKbGtpJSzKRA --> ssh-ed25519 GKhvwg Fck+71BDUxko70r43pDKCYaa5OKZipR4iNveNrJaiC0 -uZZhlsckmE+mi7Oq8+gtisDFmLEoy0Pm/9BKgRi9VHo ---- i/jgJHw3pEnMDGSjdK47mOkt87oI8szIHiIqimXVyXY -ߵSAѶBzwg@"PY^+E[',K[X~Xg{2c4 \ No newline at end of file +-> ssh-ed25519 84j9mw 9ygN4fWQWX889zSTchiwqVwxTzHzl+3PSelEpeGx6yA +v1GTvSMdbwC6U0QZtaD7/b5QbJ9j4J3F10eCUaT5COY +-> ssh-ed25519 GKhvwg 9I2sycYPtBMPZenbWLueANm46TTPzbgCa//4oKojGEQ +aEX3TQpWRAcrtJaiTMxB08L8OY/O/4JR+/zoNPl7Kxc +--- 6EB80pdWxmL1yVM+klouel5E59m2C88Dz0SH2DiT6nE +hkdJw|g~v^jq\ ' yIcdWYF?N/0+h=85# \bm~1y"qAT \ No newline at end of file diff --git a/secrets/legion-niko-pass.age b/secrets/legion-niko-pass.age deleted file mode 100644 index 455628db805bf50b05111f41424a8b93b8b241b7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 395 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!+RO))YxHMCU7%n$JOa8z(f)-NoH z^wQ4{$Z$6fFG$n(3C}X}uF4N`3p6tbvosI$%*abD%P&lI%;(BVEpsjjO!f7v%5)AX z^EV65i86MM@GZ^BFEX!63d+^at4PZWO3e+|4n()j-8-YKJY69;z|kwPywJk3D$3HW z%EQ&T&^gZ_sU*|QB*{4}J=irOxWJ&$Ex;%{ER?IrEj_ZzsIbs0OW!jmxzyar#HA{t z*fdSsBiPI!%P_w*#jwyM+%HVq+=5G2S69K*DFUA5o_HDcYOV dEnEB}ug<>Xa!PXT@!sFxud2Vg ssh-ed25519 g2vRWw Pdv9mU1heeteeLbLFVUAIyZxmCWHNmhnw0TphSVMczg -xks6yrF0BziJFp1QHSJdv5Svo1bCu9DF6s3wa2h0Xmg --> ssh-ed25519 GKhvwg H2DeS0HP/vWKRrBszwCffNgIZo8nVymGSkWEH26Y/2k -2y9DCIwpFsFXpgOwOrrD9+HpRzEuno1fW2upd2FLbZc ---- LNHsLxE4XBziNhnXmARcxB7UWhcKNvon1sDdX6mfZaw --1dm -fR,[#[-;M}vi4x~=)oN^n"XB}W583惍fv:uZ ɶ \ No newline at end of file +-> ssh-ed25519 g2vRWw 8FCO/eYVK3KfOvdyk5Va3R9jXaSNzV+ArFVhJwJPDDk +zRBpyAtdJxg4TSsgUep66Yv2CMUUAI8IF3pL5+MI/88 +-> ssh-ed25519 GKhvwg eMLyDK82QCKJrVjtfuy5DKTNFOc39zdJxJNFEXCO1Ac +6AamgzEBeT1018cy7N5GcvgjypGPLqF+2P14h//jTtA +--- jhq8ZEIoUjMq5PH7tktWMKQuCLMKifY/UfjjM1Qn7UE +Q8cV2 ƈ4$h+ey +0#aJ`ng{@.sIgϞc*Q'&k,CuIwɘ +rENշ@FPI?ђ \ No newline at end of file diff --git a/secrets/nrab-lol-cf.age b/secrets/nrab-lol-cf.age index d3b901588a4989d08f60b9d04d047819a807653d..bf3032b5b9c19ee0cdf3dbbb19a21c51e7570d32 100644 GIT binary patch delta 345 zcmeyv^oMDJPJN(3QB-b(iFb-cMTB8cQHiIQNu@!Waiw{3g}<3aN@jLSijP^Dua8e| zGMAUDt693fn@@Rgl22}`TX|q{lu1QUPIz)buyar z$x7)v|ANZG!#(P@&HNmv6mun}=(hWAt(%?v3gTtzw|``FzpAsJ9aKNRyGg2Wk=p;G sw&B^yC*)4|D=;ulXK7(H^-gT}oRFS&)IsTPRMITZrqm0M4|$mb06H&wvH$=8 delta 345 zcmeyv^oMDJPJLp5iC*sM3GZiO161oxMP`DQE`@~V^xNuX>wU)uyILV zI+uTrQ)WO_eoml^kF!%ys*g)Sd9JosX1cy#N}_gXaA~EVx1URJzNu$OGMBEMLUD11 zZfc5=si~o*g1dJ{S$VobRhp%KP;jMlR(g7gNm7MpQoUoIc43BFc|@pJsgp^Occ4*$ zkzZh8o?)N?mw8cWUYMhkc6y{iuAgaudq|jpcUW3(Qh1L-SEi2v zm#(g^g0q`ha*=;xP+_@+SxRX|x}m3EXo_iZxka(5TWGjhR$x>{aj}7`k&|I0SBGr* zx`}R5aY62@gv=f@X9*iS-G6#YddBQSA#r;aJ2p-CeXX)z<+NC-N^{ERO>%d$4f2k6 t+`hfiGv=`8)c+nTAtX zGf6Eo@JLTf4E4{kD6uql@ii{=%quQRbILObD@V7@!X(Qww_G8@DaqV0r?NC6+ta-w z*hf3eqs$~E-^`>i%e~CFq|n{nH__C~#L%SF)qpFzG%PpC$IB$D(%Gyi*Do~6-!&qw zDAFU>!ZI@=sIWZ1$i2)oC(I-w*cIJ2Q%CcH)If!(q)IctkTQcp3;#gN!m@mGmoirq z|1kf8;EXVDR|{|R!0?db{5%5}=X|bI-;lI$pU_ax+zi*Wh#aRJi}c8RN5e>OgY>il zCyTJk@I)gY;~-~8Lkz#A8`iIxpEnJnfSYwm4qawrR4>A1g4}_x%>NBJu$`1C(tyhBEwI+xES3w zPq)%Y?Q(_UDhp%xa>tw~7mKI@qihdt^Mdj`*N_13;Is&rp!DE~D!-CcM@RPvHv=vc zr^?izh{})xOYMjP|I8wnvH-_4m%_A)%D{+-!W7q%kl;dn=R)rQ0}Q_vIhvaAd2$))X9c)<=Y^L! zmnUm`XIiF*ds!4Gxu=$Rn3%al`DUB@R955`2In}YTA=&Q-8-YKJYB)iqaxI}GTF#C zEiv58Pru4P-83r5MLRRs*U>Y>GsWAvz|<`=$j~VwE0W76CpS4fBs(i9*U~fHw8+&t z#XB?AwKyp^AS%->H7_d9C(5M2A~Gp7$&*W0S69Kp)z~mU+sC*py*wwfBqO}CQoFb~ zBgMfE#`6#OH0a$^3KdN2~W=Q z2sNuR_74ipsn8ECbuZD@c1jO34Js=xN;65zwm`Sd!X(Qww_G8rtT?qiEjvHVOFzh@ z*xw@3J=7>Dpe!jr*f}Gt+^x#e!?!FmvMkco(S*xUKRqow%-AO_J-{!xsyII)Kd`{a zEFz*J*{3o)G2gh*IX%F<*d;6_&llY`Q%CcH)If!lz(P+Cf8SiE)Rbb2h@42T%t(`z zESF;M>|!5B0~bfb(9k63@L+GBtVphO?JQGY<0vx^6DPwe3y*xyfKsR6kUaee_ex9S z^lZa2cOT;-(~8PaA5V1KGV=p`JscI%jf>M$O0&blJxncqiW1YaeG3Xgax04ygCojK zJzaw;4bAjTT#XFeGP1dHoXP@AvQu-*ER70$Oe2!g0!vFwjNOw%atvJx(!z7{wDZhz z3JQvhvQ5x!OE)SD3NKek3o|p!Dvxrt$PTSC_j4^YF!b>%@=1@3G>S0G4Gb&`4~gM z&C{(kQoCHi-^nc9FRLQ5GS}SL-967EJSd{n)i5%m*vloaAkfR-JAJlBNF zBH1*%!rafTJfk4fC@HugC)dK=tJ2u5IK(%{$v-zSKitSI)F3}OKhP1~wjxLKlRAEOY;|!b%L=+`Ti(%F`9h&611qT~mD` zJdH!Wsv-+R1IsIm&9ah8vc1!iQrz;wQoTKl3mmo6Jo34+Et2&;s{DLXEHhHvtGtr3 zEj(N@bAw&dEYggt5|f-lN`eACi+l==k{r2ob#)cA!^48J-I9}Xja{|#!#s`MtD*vv zLPC5!Ou~$dy~;d`OFcaG(=tmUD^0j|h}hIUx-T1<{(;qCp=^6;&(+1!#-S7b^-Q_H uaCXsh`IwuX=a!uA7O~j7Q_ArH=Vi9*e;Ih$`fWQtE4+yRJkKR%<9-0&{!*g= diff --git a/secrets/ntfy-niko-pass.age b/secrets/ntfy-niko-pass.age index 276c72f..c42dcd5 100644 --- a/secrets/ntfy-niko-pass.age +++ b/secrets/ntfy-niko-pass.age @@ -1,7 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 84j9mw VodL+EHOjoXj8R/F0vMQzEcnnCFzzes0QByGCDCgVQw -tZLaDA1FLFwbK0AGo8lpTJjMUnPhJh1czYVLIYjkcEc --> ssh-ed25519 GKhvwg gHaR4I4l0I+/XrbjTMp/mevEzxPJXNLB1eHs33WKwGw -GTAzrhyyDylZgExteDGpGbcS/TFX1q+NhF1FWHzNV0s ---- QS1dAgdS96KwIprDjzz6OD4qSIZs4/m9JEIsi3+kgPk -zPCSxf -žic7_2~jA \ No newline at end of file +-> ssh-ed25519 84j9mw 5fEqoBEGZ6AZRfWuU6mej6XNl6hDrxMIMMlccp9CVzg +QvontdV2/amh/i1Ldmzup8TB+lN4b0+YuoT+UFWiPw8 +-> ssh-ed25519 GKhvwg 5Qm1FPvbv0ZsJiJ0Rjm0CPm6eWKvfQ4XHAOmEUWWCiA +eu1MXEWfo425lbnq5tAOnGqpLgRVIOCkZKegTQQjw/I +--- s1g2UCKwlew0wCJSxGosBzn1K0TEbPlrIl09iZ58bMg +P$N{LrxS:=Wxc(J|48S \ No newline at end of file diff --git a/secrets/rab-lol-cf.age b/secrets/rab-lol-cf.age index 4b5734a..3ed93fe 100644 --- a/secrets/rab-lol-cf.age +++ b/secrets/rab-lol-cf.age @@ -1,9 +1,8 @@ age-encryption.org/v1 --> ssh-ed25519 ioPMHA ftS+6CMGsySkp/KbDBLPKeWNDK83bZ2VB8ZKMRijkkY -U+2wopG3G2AvI4KUD9tZGIrHZSM3UdyDdYmbbkllWPo --> ssh-ed25519 84j9mw xek41MX1ETVgRZa24I7n5U/XkJOqItQWK3Qz1FfkDCc -40CWzCUmxsjgmiObbqKuSieifZ2vNo965jOeTrZ8hT8 --> ssh-ed25519 GKhvwg X2YSREIPjoaWaku9qrVu04hOlZjUF3LFEUZaIMgg02s -jbjT6qoIFGXRv2wrkzf2GHx3tcku/tgWfK6Sns3uFVc ---- B/FIIz8dDg9YXbtDxfAQFZj9PCLHwI/mboBJQBuFmJg -4L7H3F ̈́"fU(L~%sbԀ~Z}Z>2KO'Q\W[όe1^I‘ \ No newline at end of file +-> ssh-ed25519 84j9mw qUAkkpjjETyLa0IZfbm8yJ2opDBBsngbrrNjwu02G0s +kpEKDzWIfskgnZYR+0lgtCKqv0KwfpxRTq9crCsjvto +-> ssh-ed25519 GKhvwg FKrEGsx5mPhWnq5vNgFgxM816v6ZAG16pmdukuBWDDU +qmPRvA2bd0W3QlR6h8BLC/O+XjTp00vYXnp+tXakXDY +--- 7FE7FzsRmCKPvjr3yOlot32FV0lod38Hec/JRaxP+8g +xA}~ H]TLزոl]0>C}J:0nCEaVb "dV!Rv z 9jO + \ No newline at end of file diff --git a/secrets/rabulinski-com-cf.age b/secrets/rabulinski-com-cf.age index 6e80a30..ad35e32 100644 --- a/secrets/rabulinski-com-cf.age +++ b/secrets/rabulinski-com-cf.age @@ -1,7 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 84j9mw d9KZV9S1hRXBvVcFe40S0NqWKlQ/AdRgAqdYXKicXR8 -SgTn9MXrft+sRr4I96fqQHzAdm0b21Bd0eSoYFfq7/4 --> ssh-ed25519 GKhvwg B9qTfegTwDH/X0nQMGvTKCsK2GyzJ7yWgFIo+nKhsGc -Is4Hi8B2/9s0pz/quvNER2hTkabPbr7qeILL4PhQO1c ---- 1BhfbNEwYq0ra5slik651qbC8jffR2FmnDHV3FDtom0 --oSԐ-?{r]5;+0 GoE9tHXjqj2@3@ mmkyQ;_W϶Q~ \ No newline at end of file +-> ssh-ed25519 84j9mw O57uksGzyC2Obzy7AYk86DnEFQNXt43g5CqM4Vp69jU +1fW8YTn28ju1O3tX62A6AtvfzsmKzmhe79c3DmGUPrY +-> ssh-ed25519 GKhvwg s3WZPik8t204g4BlxpHeSpnL4/IgM+JdekXJYx7EFVo +N0Pyre1DwiLFo4HUE8SFDmNnkE4XJtcyHfn63cMlQJo +--- WPllwfNX5iXFmVC0pGCNrH4T9EGRhmRwGayE3bY/YC0 +d p/ݩ3+dvv& R xdSy8 ES e}Nb#6w.wE0Q%? \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 57943fa..b04e231 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -13,21 +13,18 @@ in # "bitwarden-env-file.age".publicKeys = [keys.system.kazuki keys.other.bootstrap]; "hercules-token.age".publicKeys = [ keys.system.kazuki - keys.system.legion keys.system.ude keys.system.kogata keys.other.bootstrap ]; "hercules-cache.age".publicKeys = [ keys.system.kazuki - keys.system.legion keys.system.ude keys.system.kogata keys.other.bootstrap ]; "hercules-secrets.age".publicKeys = [ keys.system.kazuki - keys.system.legion keys.system.ude keys.system.kogata keys.other.bootstrap @@ -35,10 +32,6 @@ in "alert-plain-pass.age".publicKeys = [ keys.other.bootstrap ] ++ builtins.attrValues keys.system; - "legion-niko-pass.age".publicKeys = [ - keys.system.legion - keys.other.bootstrap - ]; "storage-box-creds.age".publicKeys = [ keys.system.kazuki keys.other.bootstrap @@ -54,7 +47,6 @@ in "github-token.age".publicKeys = [ keys.system.ude keys.system.kazuki - keys.system.legion keys.system.kogata keys.other.bootstrap ]; @@ -72,7 +64,6 @@ in keys.other.bootstrap ]; "rab-lol-cf.age".publicKeys = [ - keys.system.legion keys.system.kazuki keys.other.bootstrap ]; diff --git a/secrets/storage-box-creds.age b/secrets/storage-box-creds.age index 8b0a272..31a18e7 100644 --- a/secrets/storage-box-creds.age +++ b/secrets/storage-box-creds.age @@ -1,7 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 84j9mw auP2WgwsaWjyocQkSzoYShO2kSLjn2UArvAVEhKgDiY -4Uh423ZjS7/Xo6TxLJzWqXgHZAu0xouH0UvFZuJuEz4 --> ssh-ed25519 GKhvwg JHtyTS12OXspSKP9r/a61cfp+ubYbsAXFmEijMTex3Q -wZYrJ8yIZ3v5cdBzpiI9ocaTpHbtmebEpbr59Bz3rhc ---- koWJ57H+ErMJDxW6JDNL2ImmZb6o9v2BJtaFi2OL+dc -Io5q&CU*[T.HɊʺkkpOYs,g49ʼn$^l-A/QX \ No newline at end of file +-> ssh-ed25519 84j9mw tKQQB/cd6JHCLQLrix2WGW5hHBUNC+pqDZXvTmOlOkw +lnx4olU3W8dgMwigYga/NYcjJ/C59J/uVdYNOfWmN2I +-> ssh-ed25519 GKhvwg iWTl/jvU1aBd78yAZUsOgcG6JaK+vO8Dpx61dYMjmhc +2Iu6OHlLlhJLy/cxI/zSuqRhBnoeGLXINbDyMIvDZD8 +--- eOl0sze0EOvfcAarBav7mb4B3jdBvOE+fF166oukbrk +!lxq*T,.Xk6^ ssh-ed25519 84j9mw 8RHYGSsbQG4F+mKMbXJu9aFv6xN3ZyxRBBhFJ3H8EFY -sRQonxjyqPLnL3AbfugdmraHzVK7RE3LjhuzLirImGM --> ssh-ed25519 GKhvwg aEEIBlvZ//KmEqkX1pkZrT7QK9sopwKKiD6YUa9lA3k -srUtd+v0kDfbCsZ7OwPvzRVIualWm8CA4mhgdNAJm+A ---- yWhOlkbF9GUT7OsMu3R0/Dc+nP7DrUetuPLZJFySPpE -70P`TsT=*=sp>mtY{򑷅-;M0zCm}gO TGjˇN \ No newline at end of file +-> ssh-ed25519 84j9mw C3TpEZsxJIYJ3d5vsQkCcCTity80nLsyxm5zCBZOMzk +56z54taf+KUJjDugfCGKlcbeRZfDzi3+eeanKPINS6E +-> ssh-ed25519 GKhvwg uUXJkGw54Q7dCnYobwV1zihOPa4R1FydJZehlFc5MA4 +6Zbym9jLykqsYjmb6rKIa6GExAKVVvEkvCQrzl6HB/M +--- QICnyH0PORBpoNgT3pjuhP1p8AHn9gD2OIae/9G23x8 +(}{Ԝ2˓i]UmiLmv>ke'6A̯Xi<:fU)~&Aˡj# +D?_E-H \ No newline at end of file diff --git a/secrets/ude-deluge.age b/secrets/ude-deluge.age index f9cdd04..f398be0 100644 --- a/secrets/ude-deluge.age +++ b/secrets/ude-deluge.age @@ -1,7 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 IFuY+w EOJQpXxn+NL/BJjpdo8mIGfOYxcMElkVIiGx7KftrQ4 -OcglvGhSgb1mxH8M19ZMf3m6lSF0clzH7Mjikf7cilM --> ssh-ed25519 GKhvwg cr+0J59wCjYBONBcDulN8lpvZiCvULHqnwDu+eKQRAo -9q87PSfr4kq8lCDrw5Od3D1xJjSSmVv2/TXBWEBtBpU ---- FmVR9tb8wjYFb/FBTrblXMCUAMw5KQ7sX8WojcxCrbk -C<\}Jf|6G@WXc-"ϐAGZ'x_Ԡz,@n" 3[? Lb@e \ No newline at end of file +-> ssh-ed25519 IFuY+w ZigoLhwVERGG/r7uYI3DKX7jijKt+4tsiTWpbIdUTXE +k4jmQIJXr7yJOY3pkc1VnoqDgWkNr84k1AgYF7jNjRs +-> ssh-ed25519 GKhvwg FMZOLDeE2Yw1Kd8V7NTL2oQtWo4IKDUoHu/Z8Su2hHI +QF+L/Qf35wkOcgGWWRGANMJCG5Vz80epjQuwa4IdYQM +--- ZUTRNDrgxdsZsNSP1Z3BLxw4EYexr873aJrbUvIgE2I +yZͪ MXd塸*5j"*ZU ф|ݕ]a8 "Zb][9SU . \ No newline at end of file diff --git a/secrets/youko-niko-pass.age b/secrets/youko-niko-pass.age index 4c85947..6e910ff 100644 --- a/secrets/youko-niko-pass.age +++ b/secrets/youko-niko-pass.age @@ -1,7 +1,7 @@ age-encryption.org/v1 --> ssh-ed25519 rA7dkQ etmPKjKz102knTx/qQAihC9bFvRENB0Q1DtnaQyjfm4 -GPt9OCIwT+/Q/UUDtkHB8d7T6znHy1y1NEUeI+SCeMg --> ssh-ed25519 GKhvwg qdCxGyXrdD+WQa/il8fIlV7OKdREqd40Qk0PKITHxlk -OBJ9gg+KBHi2s1HYLazy3K+yh8tvnUvmuH+riWU7K8c ---- V3FRy0/TcUdUaBDUK+93r5rH26Is/KVuNJC+1vFMsOI -wO.➌aA&ޝz [ oXĂu,ajxGƜu/eL̛/6S[SU \ No newline at end of file +-> ssh-ed25519 rA7dkQ ucrMqUlwttyHHFkJ/c5tYpHohefNYe6aJnxHMUjkUxU +RgsGaMLmtziGu/n6MiDJmkTZORTh2yYWoSS0eu9i6PA +-> ssh-ed25519 GKhvwg u7Fjda07e17aJGV0ZFK/Mt2ZbF/3b38MLydE8WKs2gY +gO2rNP64Nkhr5GShWP8zhxeT2YUKEkqN1Oc6/3l6PKU +--- H9oqwkU/uI5fZAdy+qkCW5vw1PBaahe28FTUxhEFsds +xSmL69ʎG3<4[Z t}<OdcY}>XQ^]Ki|BwDmqHX]FeRt%`Ҥ0IV \ No newline at end of file diff --git a/secrets/zitadel-master.age b/secrets/zitadel-master.age index 6dbbbf435a30fa5c1bf6a6683046c43dc7c5762e..9740ab25e8143a7f5355d32ed78bfddbcd176746 100644 GIT binary patch delta 319 zcmaFF^oVJKPJKzPzrJgcab%!(VxG2HUW&hGc|cOJe}!3Tc5Y!*NP2Esa$%UGe^f?b zD3^aliIclWRhe^gmP@&xuWxx(xPe7^x^rb&Nls{vd3t(TXqbU>X{dQ=GMBEMLUD11 zZfc5=si~o*g1dJ{S$VpGlV3rlk-tSmiEma!Vs>^~cD<#cQ>sBpVo*SiW3XjPRfcv! zrk7)Zt52RMS4m`WhDDy4WoBeWYG|=`o=KodqPKr)po?*oS$Rrox|6?=d7yh}k!i3a zm#(g^g12FEVT6HWWtEwCu192fS%9BwVMUgkez|r*ZfLq&mZ`HrQJICWMTTE77iWlC z7>{@UTnp_p%q!T%OJv#SrLdi5o*z4Z{|5$<-OujFl&3bfTz%7j*UD0Ow%%@+(}|3G ROJy&FEIO^e&du+_T>$^^aMJ() delta 319 zcmaFF^oVJKPJNg~YNfw%h(%RsSz)M2MV4i7NTPFInX`{+QhrpfpIeBNXOgpve`1#X^>I6o3TksqP^v|KK9{bYLUD11 zZfc5=si~o*g1dJ{S$VpGn^$&*VP?2tQBZ|Tu!V7+Q+=daZg7crxVDqNZ>B-HTeeAJ zaZ0duK}238SEheadPH$@o^eU4i@AGQK~7P*rAL6Tab$R2aAUrO^6r+7YI^ypOKlEZg}m&*zibRR`Uh SbIRsgP2Jj3dSt)NO$7j44RiMZ From 702fab32dc7bdf54718bc43e69939176b293cd3d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= Date: Sun, 23 Mar 2025 11:43:37 +0100 Subject: [PATCH 03/17] nilla: init --- flake.lock | 34 ++++++++++++++++++++++++++++++++++ flake.nix | 8 ++++++++ inputs.nix | 10 ++++++++++ nilla.nix | 37 +++++++++++++++++++++++++++++++++++++ shell.nix | 1 + 5 files changed, 90 insertions(+) create mode 100644 inputs.nix create mode 100644 nilla.nix create mode 100644 shell.nix diff --git a/flake.lock b/flake.lock index 3cd382a..eb64358 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,21 @@ { "nodes": { + "__flake-compat": { + "flake": false, + "locked": { + "lastModified": 1742412704, + "narHash": "sha256-mhazLo8DuZ3c6r5I7hDxxag8ftAM4W0aUjFjQuw8q5c=", + "ref": "refs/heads/main", + "rev": "f7a7752f237bbc59b868058f70cffd3e436b49b7", + "revCount": 69, + "type": "git", + "url": "https://git.lix.systems/lix-project/flake-compat.git" + }, + "original": { + "type": "git", + "url": "https://git.lix.systems/lix-project/flake-compat.git" + } + }, "agenix": { "inputs": { "darwin": [ @@ -475,6 +491,22 @@ "type": "github" } }, + "nilla": { + "flake": false, + "locked": { + "lastModified": 1742722370, + "narHash": "sha256-MqdseA78bo2M3zfb0mjcBPYU2Qn9CF/KH5LZivWRtB0=", + "owner": "nilla-nix", + "repo": "nilla", + "rev": "b30b5a225843ab649a9b140eb3cbbcc8030a7eaf", + "type": "github" + }, + "original": { + "owner": "nilla-nix", + "repo": "nilla", + "type": "github" + } + }, "nix-github-actions": { "inputs": { "nixpkgs": [ @@ -593,6 +625,7 @@ }, "root": { "inputs": { + "__flake-compat": "__flake-compat", "agenix": "agenix", "attic": "attic", "conduit-src": "conduit-src", @@ -608,6 +641,7 @@ "lix-module": "lix-module", "mailserver": "mailserver", "niko-nur": "niko-nur", + "nilla": "nilla", "nixpkgs": "nixpkgs_2", "racket": "racket", "treefmt": "treefmt", diff --git a/flake.nix b/flake.nix index c49e260..e2891c5 100644 --- a/flake.nix +++ b/flake.nix @@ -164,6 +164,14 @@ url = "github:numtide/treefmt-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; + __flake-compat = { + url = "git+https://git.lix.systems/lix-project/flake-compat.git"; + flake = false; + }; + nilla = { + url = "github:nilla-nix/nilla"; + flake = false; + }; }; /* diff --git a/inputs.nix b/inputs.nix new file mode 100644 index 0000000..27826d6 --- /dev/null +++ b/inputs.nix @@ -0,0 +1,10 @@ +let + lock = builtins.fromJSON (builtins.readFile ./flake.lock); + inherit (lock.nodes.__flake-compat.locked) narHash rev url; + flake-compat = builtins.fetchTarball { + url = "${url}/archive/${rev}.tar.gz"; + sha256 = narHash; + }; + flake = import flake-compat { src = ./.; }; +in +flake.inputs diff --git a/nilla.nix b/nilla.nix new file mode 100644 index 0000000..48729f7 --- /dev/null +++ b/nilla.nix @@ -0,0 +1,37 @@ +{ + inputs ? import ./inputs.nix, +}: +(import inputs.nilla).create ( + { lib }: + { + config.inputs = builtins.mapAttrs (_: src: { + inherit src; + loader = "raw"; + }) inputs; + + config.builders.nixpkgs-flake = { + settings.type = lib.types.submodule { + options.args = lib.options.create { + type = lib.types.any; + default.value = { }; + }; + }; + settings.default = { }; + build = + pkg: + lib.attrs.generate pkg.systems ( + system: inputs.nixpkgs.legacyPackages.${system}.callPackage pkg.package pkg.settings.args + ); + }; + + config.shells.default = { + systems = [ "x86_64-linux" ]; + builder = "nixpkgs-flake"; + shell = + { mkShell, hello }: + mkShell { + packages = [ hello ]; + }; + }; + } +) diff --git a/shell.nix b/shell.nix new file mode 100644 index 0000000..0cb2ef7 --- /dev/null +++ b/shell.nix @@ -0,0 +1 @@ +(import ./nilla.nix { }).shells.default.result.${builtins.currentSystem} From 8e4cbdf40b3ccd112c82fe27bbc16718124c397c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= Date: Sun, 23 Mar 2025 12:15:58 +0100 Subject: [PATCH 04/17] nilla: migrate devshells --- flake.nix | 13 ++++----- nilla.nix | 82 +++++++++++++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 81 insertions(+), 14 deletions(-) diff --git a/flake.nix b/flake.nix index e2891c5..ef4b3a8 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,9 @@ { outputs = inputs@{ flake-parts, ... }: + let + nilla = import ./nilla.nix { inherit inputs; }; + in flake-parts.lib.mkFlake { inherit inputs; } { systems = [ "x86_64-linux" @@ -24,17 +27,11 @@ inputs', self', pkgs, + system, ... }: { - devShells.default = pkgs.mkShellNoCC { - packages = [ - inputs'.agenix.packages.agenix - self'.packages.attic-client - # TODO: Contribute darwin support to nh - pkgs.nh - ]; - }; + devShells = builtins.mapAttrs (_: shell: shell.result.${system}) nilla.shells; packages = { # Re-export it for convenience and for caching diff --git a/nilla.nix b/nilla.nix index 48729f7..eb7bf6c 100644 --- a/nilla.nix +++ b/nilla.nix @@ -2,7 +2,7 @@ inputs ? import ./inputs.nix, }: (import inputs.nilla).create ( - { lib }: + { config, lib }: { config.inputs = builtins.mapAttrs (_: src: { inherit src; @@ -20,17 +20,87 @@ build = pkg: lib.attrs.generate pkg.systems ( - system: inputs.nixpkgs.legacyPackages.${system}.callPackage pkg.package pkg.settings.args + system: + inputs.nixpkgs.legacyPackages.${system}.callPackage pkg.package ( + { + self' = builtins.mapAttrs (_: pkg: pkg.result.${system}) config.packages; + } + // pkg.settings.args + ) ); }; + config.builders.custom-load = { + settings.type = lib.types.submodule { + options.args = lib.options.create { + type = lib.types.null; + default.value = null; + }; + }; + settings.default = { }; + build = pkg: lib.attrs.generate pkg.systems (system: pkg.package { inherit system; }); + }; + + config.packages = + let + systems = [ + "x86_64-linux" + "aarch64-linux" + "aarch64-darwin" + ]; + mkPackage = package: { + builder = "nixpkgs-flake"; + inherit systems package; + }; + mkPackageFlakeOutput = + { + input, + output ? input, + }: + { + inherit systems; + builder = "custom-load"; + package = { system }: inputs.${input}.packages.${system}.${output}; + }; + in + { + attic-client = mkPackageFlakeOutput { + input = "attic"; + output = "attic-client"; + }; + attic-server = mkPackageFlakeOutput { + input = "attic"; + output = "attic-server"; + }; + agenix = mkPackageFlakeOutput { input = "agenix"; }; + base-packages = mkPackage ( + { symlinkJoin }: + symlinkJoin { + name = "settei-base"; + paths = [ ]; + } + ); + }; + config.shells.default = { - systems = [ "x86_64-linux" ]; + systems = [ + "x86_64-linux" + "aarch64-linux" + "aarch64-darwin" + ]; builder = "nixpkgs-flake"; shell = - { mkShell, hello }: - mkShell { - packages = [ hello ]; + { + mkShellNoCC, + nh, + self', + }: + mkShellNoCC { + packages = [ + self'.agenix + self'.attic-client + nh + ]; }; }; } From f1acd21647fa9cfe6a825043057badf551f3d00e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= Date: Sun, 23 Mar 2025 12:58:53 +0100 Subject: [PATCH 05/17] nilla: modularize --- modules/nilla/builders/custom-load.nix | 13 +++++++++ modules/nilla/builders/default.nix | 6 +++++ modules/nilla/builders/nixpkgs-flake.nix | 26 ++++++++++++++++++ modules/nilla/default.nix | 3 +++ nilla.nix | 34 ++---------------------- 5 files changed, 50 insertions(+), 32 deletions(-) create mode 100644 modules/nilla/builders/custom-load.nix create mode 100644 modules/nilla/builders/default.nix create mode 100644 modules/nilla/builders/nixpkgs-flake.nix create mode 100644 modules/nilla/default.nix diff --git a/modules/nilla/builders/custom-load.nix b/modules/nilla/builders/custom-load.nix new file mode 100644 index 0000000..b89bc36 --- /dev/null +++ b/modules/nilla/builders/custom-load.nix @@ -0,0 +1,13 @@ +{ lib }: +{ + config.builders.custom-load = { + settings.type = lib.types.submodule { + options.args = lib.options.create { + type = lib.types.null; + default.value = null; + }; + }; + settings.default = { }; + build = pkg: lib.attrs.generate pkg.systems (system: pkg.package { inherit system; }); + }; +} diff --git a/modules/nilla/builders/default.nix b/modules/nilla/builders/default.nix new file mode 100644 index 0000000..fa73437 --- /dev/null +++ b/modules/nilla/builders/default.nix @@ -0,0 +1,6 @@ +{ + includes = [ + ./nixpkgs-flake.nix + ./custom-load.nix + ]; +} diff --git a/modules/nilla/builders/nixpkgs-flake.nix b/modules/nilla/builders/nixpkgs-flake.nix new file mode 100644 index 0000000..a57b0e7 --- /dev/null +++ b/modules/nilla/builders/nixpkgs-flake.nix @@ -0,0 +1,26 @@ +{ + config, + lib, +}: +{ + config.builders.nixpkgs-flake = { + settings.type = lib.types.submodule { + options.args = lib.options.create { + type = lib.types.any; + default.value = { }; + }; + }; + settings.default = { }; + build = + pkg: + lib.attrs.generate pkg.systems ( + system: + config.inputs.nixpkgs.result.legacyPackages.${system}.callPackage pkg.package ( + { + self' = builtins.mapAttrs (_: pkg: pkg.result.${system}) config.packages; + } + // pkg.settings.args + ) + ); + }; +} diff --git a/modules/nilla/default.nix b/modules/nilla/default.nix new file mode 100644 index 0000000..f9e4319 --- /dev/null +++ b/modules/nilla/default.nix @@ -0,0 +1,3 @@ +{ + includes = [ ./builders ]; +} diff --git a/nilla.nix b/nilla.nix index eb7bf6c..7fa2127 100644 --- a/nilla.nix +++ b/nilla.nix @@ -4,43 +4,13 @@ (import inputs.nilla).create ( { config, lib }: { + includes = [ ./modules/nilla ]; + config.inputs = builtins.mapAttrs (_: src: { inherit src; loader = "raw"; }) inputs; - config.builders.nixpkgs-flake = { - settings.type = lib.types.submodule { - options.args = lib.options.create { - type = lib.types.any; - default.value = { }; - }; - }; - settings.default = { }; - build = - pkg: - lib.attrs.generate pkg.systems ( - system: - inputs.nixpkgs.legacyPackages.${system}.callPackage pkg.package ( - { - self' = builtins.mapAttrs (_: pkg: pkg.result.${system}) config.packages; - } - // pkg.settings.args - ) - ); - }; - - config.builders.custom-load = { - settings.type = lib.types.submodule { - options.args = lib.options.create { - type = lib.types.null; - default.value = null; - }; - }; - settings.default = { }; - build = pkg: lib.attrs.generate pkg.systems (system: pkg.package { inherit system; }); - }; - config.packages = let systems = [ From 3249aaad9bc955ef5f0e7841a89e41867eb0a79d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= Date: Sun, 23 Mar 2025 12:59:03 +0100 Subject: [PATCH 06/17] flake: start moving away from flake-parts --- flake.nix | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/flake.nix b/flake.nix index ef4b3a8..781a0c0 100644 --- a/flake.nix +++ b/flake.nix @@ -3,6 +3,23 @@ inputs@{ flake-parts, ... }: let nilla = import ./nilla.nix { inherit inputs; }; + transpose = + attrs: + let + inherit (inputs.nixpkgs) lib; + # maps an attrset of systems to packages to list of [ {name; system; value;} ] + pkgToListAll = + name: pkg: + map (system: { + inherit name system; + value = pkg.${system}; + }) (builtins.attrNames pkg); + pkgsToListAll = pkgs: map (name: pkgToListAll name pkgs.${name}) (builtins.attrNames pkgs); + # list of all packages in format [ {name; system; value;} ] + allPkgs = lib.flatten (pkgsToListAll attrs); + systems = builtins.groupBy (pkg: pkg.system) allPkgs; + in + builtins.mapAttrs (_: pkgs: lib.listToAttrs pkgs) systems; in flake-parts.lib.mkFlake { inherit inputs; } { systems = [ @@ -22,17 +39,16 @@ ./services ]; + flake.devShells = transpose (builtins.mapAttrs (_: shell: shell.result) nilla.shells); + perSystem = { inputs', self', pkgs, - system, ... }: { - devShells = builtins.mapAttrs (_: shell: shell.result.${system}) nilla.shells; - packages = { # Re-export it for convenience and for caching inherit (inputs'.attic.packages) attic-client attic-server; From affba3963e37b821520437e12d61e80e80cf7159 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= Date: Sun, 23 Mar 2025 13:17:56 +0100 Subject: [PATCH 07/17] pkgs: migrate to nilla --- flake.nix | 59 ++++++----------- modules/nilla/builders/nixpkgs-flake.nix | 7 +- nilla.nix | 23 +++++-- pkgs/conduit/default.nix | 6 +- pkgs/default.nix | 81 ++++++++++++++---------- 5 files changed, 90 insertions(+), 86 deletions(-) diff --git a/flake.nix b/flake.nix index 781a0c0..faa2810 100644 --- a/flake.nix +++ b/flake.nix @@ -35,53 +35,32 @@ ./hosts ./modules ./wrappers - ./pkgs ./services ]; flake.devShells = transpose (builtins.mapAttrs (_: shell: shell.result) nilla.shells); + flake.packages = transpose (builtins.mapAttrs (_: pkg: pkg.result) nilla.packages); - perSystem = - { - inputs', - self', - pkgs, - ... - }: - { - packages = { - # Re-export it for convenience and for caching - inherit (inputs'.attic.packages) attic-client attic-server; - base-packages = pkgs.symlinkJoin { - name = "settei-base"; - paths = with self'.packages; [ - helix - fish - git-commit-last - git-fixup - ]; - }; - }; + perSystem = { + treefmt = { + programs.deadnix.enable = true; + programs.nixfmt.enable = true; + programs.statix.enable = true; + programs.fish_indent.enable = true; + programs.deno.enable = true; + programs.stylua.enable = true; + programs.shfmt.enable = true; + settings.global.excludes = [ + # agenix + "*.age" - treefmt = { - programs.deadnix.enable = true; - programs.nixfmt.enable = true; - programs.statix.enable = true; - programs.fish_indent.enable = true; - programs.deno.enable = true; - programs.stylua.enable = true; - programs.shfmt.enable = true; - settings.global.excludes = [ - # agenix - "*.age" - - # racket - "*.rkt" - "**/rashrc" - ]; - settings.on-unmatched = "fatal"; - }; + # racket + "*.rkt" + "**/rashrc" + ]; + settings.on-unmatched = "fatal"; }; + }; }; inputs = { diff --git a/modules/nilla/builders/nixpkgs-flake.nix b/modules/nilla/builders/nixpkgs-flake.nix index a57b0e7..4b0115f 100644 --- a/modules/nilla/builders/nixpkgs-flake.nix +++ b/modules/nilla/builders/nixpkgs-flake.nix @@ -15,12 +15,7 @@ pkg: lib.attrs.generate pkg.systems ( system: - config.inputs.nixpkgs.result.legacyPackages.${system}.callPackage pkg.package ( - { - self' = builtins.mapAttrs (_: pkg: pkg.result.${system}) config.packages; - } - // pkg.settings.args - ) + config.inputs.nixpkgs.result.legacyPackages.${system}.callPackage pkg.package pkg.settings.args ); }; } diff --git a/nilla.nix b/nilla.nix index 7fa2127..7a72441 100644 --- a/nilla.nix +++ b/nilla.nix @@ -4,7 +4,10 @@ (import inputs.nilla).create ( { config, lib }: { - includes = [ ./modules/nilla ]; + includes = [ + ./modules/nilla + ./pkgs + ]; config.inputs = builtins.mapAttrs (_: src: { inherit src; @@ -32,8 +35,10 @@ builder = "custom-load"; package = { system }: inputs.${input}.packages.${system}.${output}; }; + getPkgs = system: builtins.mapAttrs (_: pkg: pkg.result.${system}) config.packages; in { + # Re-export for convenience and for caching attic-client = mkPackageFlakeOutput { input = "attic"; output = "attic-client"; @@ -44,10 +49,16 @@ }; agenix = mkPackageFlakeOutput { input = "agenix"; }; base-packages = mkPackage ( - { symlinkJoin }: + { symlinkJoin, system }: symlinkJoin { name = "settei-base"; - paths = [ ]; + paths = with (getPkgs system); [ + # TODO: wrappers + # helix + # fish + git-commit-last + git-fixup + ]; } ); }; @@ -62,13 +73,13 @@ shell = { mkShellNoCC, + system, nh, - self', }: mkShellNoCC { packages = [ - self'.agenix - self'.attic-client + config.packages.agenix.result.${system} + config.packages.attic-client.result.${system} nh ]; }; diff --git a/pkgs/conduit/default.nix b/pkgs/conduit/default.nix index c2c44b4..2f1ccdd 100644 --- a/pkgs/conduit/default.nix +++ b/pkgs/conduit/default.nix @@ -1,6 +1,8 @@ { lib, stdenv, + pkgs, + system, fenix, crane, src, @@ -11,12 +13,12 @@ }: let rust = - with fenix; + with fenix.${system}; combine [ stable.cargo stable.rustc ]; - crane' = crane.overrideToolchain rust; + crane' = (crane pkgs).overrideToolchain rust; rocksdb' = rocksdb.overrideAttrs ( final: prev: { version = "9.1.1"; diff --git a/pkgs/default.nix b/pkgs/default.nix index 71a2d48..395dc2c 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,35 +1,52 @@ -{ inputs, ... }: +let + systems = [ + "x86_64-linux" + "aarch64-linux" + "aarch64-darwin" + ]; + builder = "nixpkgs-flake"; + mkPackage = package: { + inherit systems package builder; + }; + +in +{ config }: { - perSystem = - { - pkgs, - lib, - inputs', - ... - }: - { - packages.conduit-next = pkgs.callPackage ./conduit { - src = inputs.conduit-src; - crane = inputs.crane.mkLib pkgs; - fenix = inputs'.fenix.packages; - }; - - packages.git-commit-last = pkgs.writeShellApplication { - name = "git-commit-last"; - text = '' - GITDIR="$(git rev-parse --git-dir)" - git commit -eF "$GITDIR/COMMIT_EDITMSG" - ''; - }; - - packages.git-fixup = pkgs.writeShellApplication { - name = "git-fixup"; - text = '' - git log -n 50 --pretty=format:'%h %s' --no-merges | \ - ${lib.getExe pkgs.fzf} | \ - cut -c -7 | \ - xargs -o git commit --fixup - ''; - }; + config.packages.conduit-next = { + inherit systems builder; + package = import ./conduit; + settings.args = { + src = config.inputs.conduit-src.result; + crane = config.inputs.crane.result.mkLib; + fenix = config.inputs.fenix.result.packages; }; + }; + + config.packages.git-commit-last = mkPackage ( + { writeShellApplication }: + writeShellApplication { + name = "git-commit-last"; + text = '' + GITDIR="$(git rev-parse --git-dir)" + git commit -eF "$GITDIR/COMMIT_EDITMSG" + ''; + } + ); + + config.packages.git-fixup = mkPackage ( + { + lib, + writeShellApplication, + fzf, + }: + writeShellApplication { + name = "git-fixup"; + text = '' + git log -n 50 --pretty=format:'%h %s' --no-merges | \ + ${lib.getExe fzf} | \ + cut -c -7 | \ + xargs -o git commit --fixup + ''; + } + ); } From 8bfc85516062500461d741325d32e72d2a478761 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= Date: Sun, 23 Mar 2025 13:35:24 +0100 Subject: [PATCH 08/17] wrappers: migrate to nilla --- flake.nix | 1 - nilla.nix | 1 + pkgs/default.nix | 2 +- wrappers/default.nix | 53 +++++++++++++++++++++----------------- wrappers/helix/default.nix | 4 +-- wrappers/rash/default.nix | 4 +-- 6 files changed, 36 insertions(+), 29 deletions(-) diff --git a/flake.nix b/flake.nix index faa2810..17ff3f2 100644 --- a/flake.nix +++ b/flake.nix @@ -34,7 +34,6 @@ ./assets ./hosts ./modules - ./wrappers ./services ]; diff --git a/nilla.nix b/nilla.nix index 7a72441..302900a 100644 --- a/nilla.nix +++ b/nilla.nix @@ -7,6 +7,7 @@ includes = [ ./modules/nilla ./pkgs + ./wrappers ]; config.inputs = builtins.mapAttrs (_: src: { diff --git a/pkgs/default.nix b/pkgs/default.nix index 395dc2c..f5009d6 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,3 +1,4 @@ +{ config }: let systems = [ "x86_64-linux" @@ -10,7 +11,6 @@ let }; in -{ config }: { config.packages.conduit-next = { inherit systems builder; diff --git a/wrappers/default.nix b/wrappers/default.nix index 95040ca..7701749 100644 --- a/wrappers/default.nix +++ b/wrappers/default.nix @@ -1,25 +1,32 @@ -{ inputs, ... }: +{ lib, config }: +let + systems = [ + "x86_64-linux" + "aarch64-linux" + "aarch64-darwin" + ]; + wrappedPerSystem = lib.attrs.generate systems ( + system: + config.inputs.wrapper-manager-hm-compat.result.lib { + pkgs = config.inputs.nixpkgs.result.legacyPackages.${system}; + modules = [ + ./starship + ./helix + # TODO: Enable again + # ./rash + ./fish + ./wezterm + ]; + specialArgs.inputs = builtins.mapAttrs (_: input: input.result) config.inputs; + } + ); + wrappedPerSystem' = builtins.mapAttrs (_: wrapped: wrapped.config.build.packages) wrappedPerSystem; + wrapperNames = builtins.attrNames wrappedPerSystem'."x86_64-linux"; +in { - perSystem = - { pkgs, inputs', ... }: - let - wrapped = inputs.wrapper-manager-hm-compat.lib { - inherit pkgs; - modules = [ - ./starship - ./helix - # TODO: Enable again - # ./rash - ./fish - ./wezterm - ]; - specialArgs = { - inherit inputs inputs'; - }; - }; - all-packages = wrapped.config.build.packages; - in - { - packages = all-packages; - }; + config.packages = lib.attrs.generate wrapperNames (wrapper: { + inherit systems; + builder = "custom-load"; + package = { system }: wrappedPerSystem'.${system}.${wrapper}; + }); } diff --git a/wrappers/helix/default.nix b/wrappers/helix/default.nix index 8bd476d..6703955 100644 --- a/wrappers/helix/default.nix +++ b/wrappers/helix/default.nix @@ -1,8 +1,8 @@ -{ pkgs, inputs', ... }: +{ pkgs, inputs, ... }: { programs.helix = { enable = true; - package = inputs'.helix.packages.default; + package = inputs.helix.packages.${pkgs.system}.default; settings = { theme = "base16_default_dark"; editor = { diff --git a/wrappers/rash/default.nix b/wrappers/rash/default.nix index c142a0e..64c026c 100644 --- a/wrappers/rash/default.nix +++ b/wrappers/rash/default.nix @@ -1,6 +1,6 @@ { pkgs, - inputs', + inputs, config, ... }: @@ -13,7 +13,7 @@ rev = "8eb52c163d6ea7c3cec2cc6b1011ce00738942e1"; hash = "sha256-1yU0ZUBQqYEn85j4T2pLs02MTyJnO5BbYALIa88iomY="; }; - racket-with-libs = inputs'.racket.packages.racket.newLayer { + racket-with-libs = inputs.racket.packages.${pkgs.system}.racket.newLayer { withRacketPackages = ps: with ps; [ readline-gpl From 6081f4c79dcb543dd8ccc1e3b8a2487c513020bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= Date: Sun, 23 Mar 2025 20:58:02 +0100 Subject: [PATCH 09/17] treefmt: migrate to nilla --- flake.nix | 24 +----------------------- modules/nilla/builders/custom-load.nix | 7 +------ nilla.nix | 14 ++++++++++++-- treefmt.nix | 19 +++++++++++++++++++ 4 files changed, 33 insertions(+), 31 deletions(-) create mode 100644 treefmt.nix diff --git a/flake.nix b/flake.nix index 17ff3f2..0d5e752 100644 --- a/flake.nix +++ b/flake.nix @@ -29,8 +29,6 @@ ]; imports = [ - inputs.treefmt.flakeModule - ./assets ./hosts ./modules @@ -39,27 +37,7 @@ flake.devShells = transpose (builtins.mapAttrs (_: shell: shell.result) nilla.shells); flake.packages = transpose (builtins.mapAttrs (_: pkg: pkg.result) nilla.packages); - - perSystem = { - treefmt = { - programs.deadnix.enable = true; - programs.nixfmt.enable = true; - programs.statix.enable = true; - programs.fish_indent.enable = true; - programs.deno.enable = true; - programs.stylua.enable = true; - programs.shfmt.enable = true; - settings.global.excludes = [ - # agenix - "*.age" - - # racket - "*.rkt" - "**/rashrc" - ]; - settings.on-unmatched = "fatal"; - }; - }; + flake.formatter = nilla.packages.formatter.result; }; inputs = { diff --git a/modules/nilla/builders/custom-load.nix b/modules/nilla/builders/custom-load.nix index b89bc36..b340dec 100644 --- a/modules/nilla/builders/custom-load.nix +++ b/modules/nilla/builders/custom-load.nix @@ -1,12 +1,7 @@ { lib }: { config.builders.custom-load = { - settings.type = lib.types.submodule { - options.args = lib.options.create { - type = lib.types.null; - default.value = null; - }; - }; + settings.type = lib.types.submodule { }; settings.default = { }; build = pkg: lib.attrs.generate pkg.systems (system: pkg.package { inherit system; }); }; diff --git a/nilla.nix b/nilla.nix index 302900a..39a75a2 100644 --- a/nilla.nix +++ b/nilla.nix @@ -55,13 +55,23 @@ name = "settei-base"; paths = with (getPkgs system); [ # TODO: wrappers - # helix - # fish + helix + fish git-commit-last git-fixup ]; } ); + formatter = { + inherit systems; + builder = "custom-load"; + package = + { system }: + let + eval = inputs.treefmt.lib.evalModule inputs.nixpkgs.legacyPackages.${system} ./treefmt.nix; + in + eval.config.build.wrapper; + }; }; config.shells.default = { diff --git a/treefmt.nix b/treefmt.nix new file mode 100644 index 0000000..e033626 --- /dev/null +++ b/treefmt.nix @@ -0,0 +1,19 @@ +{ + projectRootFile = "nilla.nix"; + programs.deadnix.enable = true; + programs.nixfmt.enable = true; + programs.statix.enable = true; + programs.fish_indent.enable = true; + programs.deno.enable = true; + programs.stylua.enable = true; + programs.shfmt.enable = true; + settings.global.excludes = [ + # agenix + "*.age" + + # racket + "*.rkt" + "**/rashrc" + ]; + settings.on-unmatched = "fatal"; +} From 3a421dfd3c2fc9cf58929ae07facc516cbb713c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= Date: Sun, 23 Mar 2025 21:14:39 +0100 Subject: [PATCH 10/17] flake: simplify transpose logic --- flake.nix | 36 ++++++++++++++---------------------- 1 file changed, 14 insertions(+), 22 deletions(-) diff --git a/flake.nix b/flake.nix index 0d5e752..714019f 100644 --- a/flake.nix +++ b/flake.nix @@ -3,31 +3,23 @@ inputs@{ flake-parts, ... }: let nilla = import ./nilla.nix { inherit inputs; }; - transpose = - attrs: - let - inherit (inputs.nixpkgs) lib; - # maps an attrset of systems to packages to list of [ {name; system; value;} ] - pkgToListAll = - name: pkg: - map (system: { - inherit name system; - value = pkg.${system}; - }) (builtins.attrNames pkg); - pkgsToListAll = pkgs: map (name: pkgToListAll name pkgs.${name}) (builtins.attrNames pkgs); - # list of all packages in format [ {name; system; value;} ] - allPkgs = lib.flatten (pkgsToListAll attrs); - systems = builtins.groupBy (pkg: pkg.system) allPkgs; - in - builtins.mapAttrs (_: pkgs: lib.listToAttrs pkgs) systems; - in - flake-parts.lib.mkFlake { inherit inputs; } { systems = [ "x86_64-linux" "aarch64-linux" "aarch64-darwin" ]; - + # NOTE: Assumes every package is available for every system. + # For now let's say this is always the case. + transpose = + attrs: + let + inherit (inputs.nixpkgs) lib; + mappedForSystem = system: builtins.mapAttrs (_: pkg: pkg.result.${system}) attrs; + in + lib.genAttrs systems mappedForSystem; + in + flake-parts.lib.mkFlake { inherit inputs; } { + inherit systems; imports = [ ./assets ./hosts @@ -35,8 +27,8 @@ ./services ]; - flake.devShells = transpose (builtins.mapAttrs (_: shell: shell.result) nilla.shells); - flake.packages = transpose (builtins.mapAttrs (_: pkg: pkg.result) nilla.packages); + flake.devShells = transpose nilla.shells; + flake.packages = transpose nilla.packages; flake.formatter = nilla.packages.formatter.result; }; From b9b4835c5cc651b9e659fcd54ce2d948e195587c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= Date: Sun, 23 Mar 2025 22:02:20 +0100 Subject: [PATCH 11/17] services: prepare for migration --- modules/flake/services.nix | 8 ++++---- services/attic.nix | 4 ++-- services/forgejo-runner.nix | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/modules/flake/services.nix b/modules/flake/services.nix index f2f07d4..697b701 100644 --- a/modules/flake/services.nix +++ b/modules/flake/services.nix @@ -21,11 +21,11 @@ let type = with lib.types; listOf str; default = [ config.host ]; }; - config = lib.mkOption { + module = lib.mkOption { type = lib.types.deferredModule; default = { }; }; - hostConfig = lib.mkOption { + hostModule = lib.mkOption { type = with lib.types; attrsOf deferredModule; default = { }; }; @@ -36,8 +36,8 @@ let cfg: lib.genAttrs cfg.hosts (host: { imports = [ - cfg.config - (cfg.hostConfig.${host} or { }) + cfg.module + (cfg.hostModule.${host} or { }) ]; }); diff --git a/services/attic.nix b/services/attic.nix index 91d675f..f9d7501 100644 --- a/services/attic.nix +++ b/services/attic.nix @@ -1,12 +1,12 @@ { - services.attic = + config.services.attic = let atticPort = 9476; in { host = "kazuki"; ports = [ atticPort ]; - config = + module = { config, ... }: { age.secrets.attic-creds = { diff --git a/services/forgejo-runner.nix b/services/forgejo-runner.nix index 693d1d1..98574a1 100644 --- a/services/forgejo-runner.nix +++ b/services/forgejo-runner.nix @@ -1,10 +1,10 @@ { - services.forgejo-runner = { + config.services.forgejo-runner = { hosts = [ "ude" "youko" ]; - config = + module = { config, lib, From 7906c51d71b3eef908b1a547b81d0c3958aa94b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= Date: Sun, 23 Mar 2025 22:02:59 +0100 Subject: [PATCH 12/17] services: migrate to nilla --- modules/nilla/default.nix | 5 +- modules/nilla/services.nix | 95 ++++++++++++++++++++++++++++++++++++++ nilla.nix | 3 ++ 3 files changed, 102 insertions(+), 1 deletion(-) create mode 100644 modules/nilla/services.nix diff --git a/modules/nilla/default.nix b/modules/nilla/default.nix index f9e4319..6f39646 100644 --- a/modules/nilla/default.nix +++ b/modules/nilla/default.nix @@ -1,3 +1,6 @@ { - includes = [ ./builders ]; + includes = [ + ./builders + ./services.nix + ]; } diff --git a/modules/nilla/services.nix b/modules/nilla/services.nix new file mode 100644 index 0000000..1b72eaf --- /dev/null +++ b/modules/nilla/services.nix @@ -0,0 +1,95 @@ +{ lib, config }: +let + inherit (builtins) + attrNames + attrValues + concatStringsSep + mapAttrs + foldl' + groupBy + length + ; + serviceModule = + { config }: + { + options = { + host = lib.options.create { + type = lib.types.str; + }; + ports = lib.options.create { + type = lib.types.list.of lib.types.port; + default.value = [ ]; + }; + hosts = lib.options.create { + type = lib.types.list.of lib.types.str; + default.value = [ config.host ]; + }; + module = lib.options.create { + type = lib.types.raw; + default.value = { }; + }; + hostModule = lib.options.create { + type = lib.types.attrs.of lib.types.raw; + default.value = { }; + }; + }; + }; + + moduleToHostConfigs = + cfg: + lib.attrs.generate cfg.hosts (host: { + imports = [ + cfg.module + (cfg.hostModule.${host} or { }) + ]; + }); + + maybeGetPreviousConfigs = acc: host: (acc.${host} or { imports = [ ]; }).imports; + + # Copied from nixpkgs/lib/lists.nix + groupBy' = + op: nul: pred: lst: + mapAttrs (_name: foldl' op nul) (groupBy pred lst); + duplicatePorts = lib.fp.pipe [ + attrValues + (map (cfg: cfg.ports)) + lib.lists.flatten + (groupBy' (cnt: _: cnt + 1) 0 toString) + (lib.attrs.filter (_: cnt: cnt > 1)) + attrNames + ] config.services; +in +{ + options.services = lib.options.create { + type = lib.types.attrs.of (lib.types.submodule serviceModule); + default.value = { }; + }; + + options.extraHostConfigs = lib.options.create { + type = lib.types.attrs.of lib.types.raw; + writable = false; + default.value = lib.fp.pipe [ + attrValues + (foldl' ( + acc: cfg: + acc + // mapAttrs (host: c: { + imports = c.imports ++ (maybeGetPreviousConfigs acc host); + }) (moduleToHostConfigs cfg) + ) { }) + ] config.services; + }; + + config.assertions = [ + { + assertion = duplicatePorts == [ ]; + message = + let + plural = length duplicatePorts > 1; + in + "\nBad service config:\nThe following port${if plural then "s" else ""} ${ + if plural then "were" else "was" + } declared multiple times: ${concatStringsSep ", " duplicatePorts}"; + } + ]; +} diff --git a/nilla.nix b/nilla.nix index 39a75a2..5022b91 100644 --- a/nilla.nix +++ b/nilla.nix @@ -8,6 +8,9 @@ ./modules/nilla ./pkgs ./wrappers + + ./services/attic.nix + ./services/forgejo-runner.nix ]; config.inputs = builtins.mapAttrs (_: src: { From ea89bf9e71469842e39c797e29b7a8cdaee302df Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= Date: Sun, 23 Mar 2025 22:46:55 +0100 Subject: [PATCH 13/17] hosts: migrate to nilla --- assets/default.nix | 8 +-- flake.nix | 6 +- hosts/default.nix | 20 +++---- hosts/hijiri-vm/default.nix | 2 +- hosts/hijiri/default.nix | 2 +- hosts/installer/default.nix | 2 +- hosts/kazuki/default.nix | 2 +- hosts/kogata/default.nix | 2 +- hosts/ude/default.nix | 2 +- hosts/youko/default.nix | 2 +- modules/default.nix | 12 ---- modules/flake/configurations.nix | 54 ------------------ modules/flake/default.nix | 13 ----- modules/flake/services.nix | 95 -------------------------------- modules/nilla/configurations.nix | 47 ++++++++++++++++ modules/nilla/default.nix | 1 + modules/nilla/services.nix | 4 +- nilla.nix | 6 +- services/default.nix | 2 +- 19 files changed, 78 insertions(+), 204 deletions(-) delete mode 100644 modules/flake/configurations.nix delete mode 100644 modules/flake/default.nix delete mode 100644 modules/flake/services.nix create mode 100644 modules/nilla/configurations.nix diff --git a/assets/default.nix b/assets/default.nix index 123d12c..4e3187c 100644 --- a/assets/default.nix +++ b/assets/default.nix @@ -1,8 +1,8 @@ -{ lib, ... }: +{ lib }: { - options.assets = lib.mkOption { - type = lib.types.unspecified; - readOnly = true; + options.assets = lib.options.create { + type = lib.types.raw; + writable = false; }; config.assets = { diff --git a/flake.nix b/flake.nix index 714019f..f42380a 100644 --- a/flake.nix +++ b/flake.nix @@ -21,12 +21,12 @@ flake-parts.lib.mkFlake { inherit inputs; } { inherit systems; imports = [ - ./assets - ./hosts ./modules - ./services ]; + flake.nixosConfigurations = nilla.nixosConfigurations; + flake.darwinConfigurations = nilla.darwinConfigurations; + flake.homeConfigurations = nilla.homeConfigurations; flake.devShells = transpose nilla.shells; flake.packages = transpose nilla.packages; flake.formatter = nilla.packages.formatter.result; diff --git a/hosts/default.nix b/hosts/default.nix index d8ed8b3..3c129f4 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -1,11 +1,11 @@ { config, - self, - inputs, - ... }: +let + inputs = builtins.mapAttrs (_: input: input.result) config.inputs; +in { - imports = [ + includes = [ ./kazuki ./hijiri-vm ./hijiri @@ -16,20 +16,20 @@ ./youko ]; - builders = + config.configBuilders = let sharedOptions = { _file = ./default.nix; settei.sane-defaults.allSshKeys = config.assets.sshKeys.user; settei.flake-qol.inputs = inputs // { - settei = self; + settei = inputs.self; }; }; baseNixos = inputs.nixpkgs.lib.nixosSystem { modules = [ - self.nixosModules.combined + inputs.self.nixosModules.combined sharedOptions ]; specialArgs.configurationName = "base"; @@ -37,7 +37,7 @@ baseDarwin = inputs.darwin.lib.darwinSystem { modules = [ - self.darwinModules.combined + inputs.self.darwinModules.combined sharedOptions ]; specialArgs.configurationName = "base"; @@ -49,7 +49,7 @@ baseNixos.extendModules { modules = [ module - config.__extraHostConfigs.${name} or { } + config.extraHostConfigs.${name} or { } ]; specialArgs.configurationName = name; }; @@ -60,7 +60,7 @@ eval = baseDarwin._module.args.extendModules { modules = [ module - config.__extraHostConfigs.${name} or { } + config.extraHostConfigs.${name} or { } ]; specialArgs.configurationName = name; }; diff --git a/hosts/hijiri-vm/default.nix b/hosts/hijiri-vm/default.nix index db26c63..5f6d088 100644 --- a/hosts/hijiri-vm/default.nix +++ b/hosts/hijiri-vm/default.nix @@ -1,5 +1,5 @@ { - configurations.nixos.hijiri-vm = + config.configurations.nixos.hijiri-vm = { modulesPath, lib, diff --git a/hosts/hijiri/default.nix b/hosts/hijiri/default.nix index bb7db92..a0e6857 100644 --- a/hosts/hijiri/default.nix +++ b/hosts/hijiri/default.nix @@ -1,5 +1,5 @@ { - configurations.darwin.hijiri = + config.configurations.darwin.hijiri = { config, pkgs, diff --git a/hosts/installer/default.nix b/hosts/installer/default.nix index 24bdef8..a1692c6 100644 --- a/hosts/installer/default.nix +++ b/hosts/installer/default.nix @@ -1,6 +1,6 @@ { lib, ... }: { - configurations.nixos = + config.configurations.nixos = let mkInstaller = system: diff --git a/hosts/kazuki/default.nix b/hosts/kazuki/default.nix index df92f1c..029d7d0 100644 --- a/hosts/kazuki/default.nix +++ b/hosts/kazuki/default.nix @@ -1,5 +1,5 @@ { - configurations.nixos.kazuki = + config.configurations.nixos.kazuki = { modulesPath, ... diff --git a/hosts/kogata/default.nix b/hosts/kogata/default.nix index 6bf9e2f..3e7c21f 100644 --- a/hosts/kogata/default.nix +++ b/hosts/kogata/default.nix @@ -1,5 +1,5 @@ { - configurations.darwin.kogata = + config.configurations.darwin.kogata = { pkgs, ... }: { nixpkgs.system = "aarch64-darwin"; diff --git a/hosts/ude/default.nix b/hosts/ude/default.nix index d395fbd..fd3e19b 100644 --- a/hosts/ude/default.nix +++ b/hosts/ude/default.nix @@ -1,5 +1,5 @@ { - configurations.nixos.ude = + config.configurations.nixos.ude = { config, modulesPath, diff --git a/hosts/youko/default.nix b/hosts/youko/default.nix index 3a2fe49..b801507 100644 --- a/hosts/youko/default.nix +++ b/hosts/youko/default.nix @@ -1,5 +1,5 @@ { - configurations.nixos.youko = + config.configurations.nixos.youko = { config, lib, diff --git a/modules/default.nix b/modules/default.nix index 24a8f46..7ee30ef 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -3,24 +3,12 @@ inputs, ... }: -let - flakeModule = import ./flake { inherit (inputs) nixpkgs darwin home-manager; }; -in { - imports = [ - flakeModule - ]; - flake.homeModules = rec { settei = ./home; default = settei; }; - flake.flakeModules = rec { - settei = flakeModule; - default = settei; - }; - flake.nixosModules = rec { settei = import ./system { inherit (config) perInput; diff --git a/modules/flake/configurations.nix b/modules/flake/configurations.nix deleted file mode 100644 index 67ccc1b..0000000 --- a/modules/flake/configurations.nix +++ /dev/null @@ -1,54 +0,0 @@ -{ - nixpkgs, - darwin, - home-manager, -}: -{ - config, - lib, - ... -}: -with lib; -{ - _file = ./configurations.nix; - - options = { - # Those functions take the final arguments and emit a valid configuration. - # Probably should hardly ever be overriden - builders = { - nixos = mkOption { - type = types.functionTo types.unspecified; - default = _name: nixpkgs.lib.nixosSystem; - }; - darwin = mkOption { - type = types.functionTo types.unspecified; - default = _name: darwin.lib.darwinSystem; - }; - home = mkOption { - type = types.functionTo types.unspecified; - default = _name: home-manager.lib.homeManagerConfiguration; - }; - }; - - configurations = { - nixos = mkOption { - type = types.lazyAttrsOf types.deferredModule; - default = { }; - }; - darwin = mkOption { - type = types.lazyAttrsOf types.deferredModule; - default = { }; - }; - home = mkOption { - type = types.lazyAttrsOf types.deferredModule; - default = { }; - }; - }; - }; - - config.flake = { - nixosConfigurations = mapAttrs config.builders.nixos config.configurations.nixos; - darwinConfigurations = mapAttrs config.builders.darwin config.configurations.darwin; - homeConfigurations = mapAttrs config.builders.home config.configurations.home; - }; -} diff --git a/modules/flake/default.nix b/modules/flake/default.nix deleted file mode 100644 index 78bb73d..0000000 --- a/modules/flake/default.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ - nixpkgs, - darwin, - home-manager, -}: -{ - _file = ./default.nix; - - imports = [ - (import ./configurations.nix { inherit nixpkgs darwin home-manager; }) - ./services.nix - ]; -} diff --git a/modules/flake/services.nix b/modules/flake/services.nix deleted file mode 100644 index 697b701..0000000 --- a/modules/flake/services.nix +++ /dev/null @@ -1,95 +0,0 @@ -# List of features I want this module to eventually have -# TODO: Automatic port allocation -# TODO: Making it possible to conveniently isolate services (running them in NixOS containers) -# TODO: Handling specializations -# TODO: Convenient http handling -# TODO: Automatic backup -{ config, lib, ... }: -let - serviceModule = - { config, ... }: - { - options = { - host = lib.mkOption { - type = lib.types.str; - }; - ports = lib.mkOption { - type = with lib.types; listOf port; - default = [ ]; - }; - hosts = lib.mkOption { - type = with lib.types; listOf str; - default = [ config.host ]; - }; - module = lib.mkOption { - type = lib.types.deferredModule; - default = { }; - }; - hostModule = lib.mkOption { - type = with lib.types; attrsOf deferredModule; - default = { }; - }; - }; - }; - - moduleToHostConfigs = - cfg: - lib.genAttrs cfg.hosts (host: { - imports = [ - cfg.module - (cfg.hostModule.${host} or { }) - ]; - }); - - maybeGetPreviousConfigs = acc: host: (acc.${host} or { imports = [ ]; }).imports; -in -{ - _file = ./services.nix; - - options = { - services = lib.mkOption { - type = with lib.types; attrsOf (submodule serviceModule); - default = { }; - }; - - __extraHostConfigs = lib.mkOption { - type = with lib.types; attrsOf deferredModule; - readOnly = true; - }; - }; - - config.__extraHostConfigs = - let - duplicatePorts = lib.pipe config.services [ - lib.attrValues - (map (cfg: cfg.ports)) - lib.flatten - (lib.groupBy' (cnt: _: cnt + 1) 0 toString) - (lib.filterAttrs (_: cnt: cnt > 1)) - lib.attrNames - ]; - assertMsg = - let - plural = lib.length duplicatePorts > 1; - in - "\nBad service config:\nThe following port${if plural then "s" else ""} ${ - if plural then "were" else "was" - } declared multiple times: ${lib.concatStringsSep ", " duplicatePorts}"; - # Here I collect all the services..config into a flat - # __extraHostConfigs..imports = [ - # ... - # ] - # so that I can easily import them in hosts/default.nix - hostConfigs = lib.pipe config.services [ - lib.attrValues - (lib.foldl' ( - acc: cfg: - acc - // lib.mapAttrs (host: c: { - imports = c.imports ++ (maybeGetPreviousConfigs acc host); - }) (moduleToHostConfigs cfg) - ) { }) - ]; - in - if duplicatePorts != [ ] then throw assertMsg else hostConfigs; -} diff --git a/modules/nilla/configurations.nix b/modules/nilla/configurations.nix new file mode 100644 index 0000000..6f02f7e --- /dev/null +++ b/modules/nilla/configurations.nix @@ -0,0 +1,47 @@ +{ config, lib }: +{ + options = { + configBuilders = { + nixos = lib.options.create { + type = lib.types.function lib.types.raw; + default.value = _name: config.inputs.nixpkgs.result.lib.nixosSystem; + }; + darwin = lib.options.create { + type = lib.types.function lib.types.raw; + default.value = _name: config.inputs.darwin.result.lib.darwinSystem; + }; + home = lib.options.create { + type = lib.types.function lib.types.raw; + default.value = _name: config.inputs.home-manager.result.lib.homeManagerConfiguration; + }; + }; + + configurations = { + nixos = lib.options.create { + type = lib.types.attrs.lazy lib.types.raw; + default.value = { }; + }; + darwin = lib.options.create { + type = lib.types.attrs.lazy lib.types.raw; + default.value = { }; + }; + home = lib.options.create { + type = lib.types.attrs.lazy lib.types.raw; + default.value = { }; + }; + }; + + nixosConfigurations = lib.options.create { + type = lib.types.attrs.lazy lib.types.raw; + default.value = builtins.mapAttrs config.configBuilders.nixos config.configurations.nixos; + }; + darwinConfigurations = lib.options.create { + type = lib.types.attrs.lazy lib.types.raw; + default.value = builtins.mapAttrs config.configBuilders.darwin config.configurations.darwin; + }; + homeConfigurations = lib.options.create { + type = lib.types.attrs.lazy lib.types.raw; + default.value = builtins.mapAttrs config.configBuilders.home config.configurations.home; + }; + }; +} diff --git a/modules/nilla/default.nix b/modules/nilla/default.nix index 6f39646..8a7dea6 100644 --- a/modules/nilla/default.nix +++ b/modules/nilla/default.nix @@ -2,5 +2,6 @@ includes = [ ./builders ./services.nix + ./configurations.nix ]; } diff --git a/modules/nilla/services.nix b/modules/nilla/services.nix index 1b72eaf..1045a4a 100644 --- a/modules/nilla/services.nix +++ b/modules/nilla/services.nix @@ -14,14 +14,14 @@ let { options = { host = lib.options.create { - type = lib.types.str; + type = lib.types.string; }; ports = lib.options.create { type = lib.types.list.of lib.types.port; default.value = [ ]; }; hosts = lib.options.create { - type = lib.types.list.of lib.types.str; + type = lib.types.list.of lib.types.string; default.value = [ config.host ]; }; module = lib.options.create { diff --git a/nilla.nix b/nilla.nix index 5022b91..eba8c90 100644 --- a/nilla.nix +++ b/nilla.nix @@ -8,9 +8,9 @@ ./modules/nilla ./pkgs ./wrappers - - ./services/attic.nix - ./services/forgejo-runner.nix + ./hosts + ./assets + ./services ]; config.inputs = builtins.mapAttrs (_: src: { diff --git a/services/default.nix b/services/default.nix index 1837462..c87f779 100644 --- a/services/default.nix +++ b/services/default.nix @@ -1,5 +1,5 @@ { - imports = [ + includes = [ ./attic.nix ./forgejo-runner.nix ]; From 75074db3c8f4f3adde9c584ae5695802d5850d84 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= Date: Sun, 23 Mar 2025 22:58:55 +0100 Subject: [PATCH 14/17] modules: migrate to nilla --- flake.nix | 6 +++--- hosts/default.nix | 4 ++-- modules/default.nix | 18 +++++++++++------- modules/nilla/default.nix | 1 + modules/nilla/modules.nix | 17 +++++++++++++++++ nilla.nix | 1 + 6 files changed, 35 insertions(+), 12 deletions(-) create mode 100644 modules/nilla/modules.nix diff --git a/flake.nix b/flake.nix index f42380a..1468e8f 100644 --- a/flake.nix +++ b/flake.nix @@ -20,10 +20,10 @@ in flake-parts.lib.mkFlake { inherit inputs; } { inherit systems; - imports = [ - ./modules - ]; + flake.nixosModules = nilla.nixosModules; + flake.darwinModules = nilla.darwinModules; + flake.homeModules = nilla.homeModules; flake.nixosConfigurations = nilla.nixosConfigurations; flake.darwinConfigurations = nilla.darwinConfigurations; flake.homeConfigurations = nilla.homeConfigurations; diff --git a/hosts/default.nix b/hosts/default.nix index 3c129f4..4acc074 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -29,7 +29,7 @@ in baseNixos = inputs.nixpkgs.lib.nixosSystem { modules = [ - inputs.self.nixosModules.combined + config.nixosModules.combined sharedOptions ]; specialArgs.configurationName = "base"; @@ -37,7 +37,7 @@ in baseDarwin = inputs.darwin.lib.darwinSystem { modules = [ - inputs.self.darwinModules.combined + config.darwinModules.combined sharedOptions ]; specialArgs.configurationName = "base"; diff --git a/modules/default.nix b/modules/default.nix index 7ee30ef..2dc9115 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -1,17 +1,21 @@ { config, - inputs, - ... }: +let + inputs = builtins.mapAttrs (_: input: input.result) config.inputs; + perInput = system: flake: { + packages = flake.packages.${system}; + }; +in { - flake.homeModules = rec { + config.homeModules = rec { settei = ./home; default = settei; }; - flake.nixosModules = rec { + config.nixosModules = rec { settei = import ./system { - inherit (config) perInput; + inherit perInput; isLinux = true; }; combined = { @@ -33,9 +37,9 @@ default = combined; }; - flake.darwinModules = rec { + config.darwinModules = rec { settei = import ./system { - inherit (config) perInput; + inherit perInput; isLinux = false; }; combined = { diff --git a/modules/nilla/default.nix b/modules/nilla/default.nix index 8a7dea6..bfcd452 100644 --- a/modules/nilla/default.nix +++ b/modules/nilla/default.nix @@ -3,5 +3,6 @@ ./builders ./services.nix ./configurations.nix + ./modules.nix ]; } diff --git a/modules/nilla/modules.nix b/modules/nilla/modules.nix new file mode 100644 index 0000000..7b8a6dc --- /dev/null +++ b/modules/nilla/modules.nix @@ -0,0 +1,17 @@ +{ lib }: +{ + options = { + nixosModules = lib.options.create { + type = lib.types.attrs.of lib.types.raw; + default.value = { }; + }; + darwinModules = lib.options.create { + type = lib.types.attrs.of lib.types.raw; + default.value = { }; + }; + homeModules = lib.options.create { + type = lib.types.attrs.of lib.types.raw; + default.value = { }; + }; + }; +} diff --git a/nilla.nix b/nilla.nix index eba8c90..bc20103 100644 --- a/nilla.nix +++ b/nilla.nix @@ -11,6 +11,7 @@ ./hosts ./assets ./services + ./modules ]; config.inputs = builtins.mapAttrs (_: src: { From 9feea032e7063c230499ce5400e36ea9ef46bd02 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= Date: Sun, 23 Mar 2025 23:02:23 +0100 Subject: [PATCH 15/17] flake: remove flake-parts --- flake.lock | 23 +---------------------- flake.nix | 28 +++++++++++----------------- 2 files changed, 12 insertions(+), 39 deletions(-) diff --git a/flake.lock b/flake.lock index eb64358..2011879 100644 --- a/flake.lock +++ b/flake.lock @@ -260,26 +260,6 @@ } }, "flake-parts_2": { - "inputs": { - "nixpkgs-lib": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1741352980, - "narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "flake-parts_3": { "inputs": { "nixpkgs-lib": "nixpkgs-lib" }, @@ -474,7 +454,7 @@ }, "niko-nur": { "inputs": { - "flake-parts": "flake-parts_3", + "flake-parts": "flake-parts_2", "nixpkgs": "nixpkgs" }, "locked": { @@ -634,7 +614,6 @@ "disko": "disko", "fenix": "fenix", "firefox-darwin": "firefox-darwin", - "flake-parts": "flake-parts_2", "helix": "helix", "home-manager": "home-manager", "lix": "lix", diff --git a/flake.nix b/flake.nix index 1468e8f..d54c0be 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,6 @@ { outputs = - inputs@{ flake-parts, ... }: + inputs: let nilla = import ./nilla.nix { inherit inputs; }; systems = [ @@ -18,26 +18,20 @@ in lib.genAttrs systems mappedForSystem; in - flake-parts.lib.mkFlake { inherit inputs; } { - inherit systems; - - flake.nixosModules = nilla.nixosModules; - flake.darwinModules = nilla.darwinModules; - flake.homeModules = nilla.homeModules; - flake.nixosConfigurations = nilla.nixosConfigurations; - flake.darwinConfigurations = nilla.darwinConfigurations; - flake.homeConfigurations = nilla.homeConfigurations; - flake.devShells = transpose nilla.shells; - flake.packages = transpose nilla.packages; - flake.formatter = nilla.packages.formatter.result; + { + inherit (nilla) nixosModules; + inherit (nilla) darwinModules; + inherit (nilla) homeModules; + inherit (nilla) nixosConfigurations; + inherit (nilla) darwinConfigurations; + inherit (nilla) homeConfigurations; + devShells = transpose nilla.shells; + packages = transpose nilla.packages; + formatter = nilla.packages.formatter.result; }; inputs = { nixpkgs.url = "github:nixos/nixpkgs?ref=nixpkgs-unstable"; - flake-parts = { - url = "github:hercules-ci/flake-parts"; - inputs.nixpkgs-lib.follows = "nixpkgs"; - }; disko = { url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; From 12ad94fd705631f753f1410d44eb48726e9cdc51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= Date: Mon, 31 Mar 2025 18:34:38 +0200 Subject: [PATCH 16/17] flake.lock: update --- flake.lock | 78 +++++++++++++++++++++++++++--------------------------- 1 file changed, 39 insertions(+), 39 deletions(-) diff --git a/flake.lock b/flake.lock index 2011879..32a92b1 100644 --- a/flake.lock +++ b/flake.lock @@ -3,11 +3,11 @@ "__flake-compat": { "flake": false, "locked": { - "lastModified": 1742412704, - "narHash": "sha256-mhazLo8DuZ3c6r5I7hDxxag8ftAM4W0aUjFjQuw8q5c=", + "lastModified": 1743033641, + "narHash": "sha256-7L0/So1J21N4VHaZRzdK6Ywj3+NLdHfM8z0o5XVuPeo=", "ref": "refs/heads/main", - "rev": "f7a7752f237bbc59b868058f70cffd3e436b49b7", - "revCount": 69, + "rev": "5bbdeaea85d5f396f01e8af94bcb6f29d5af22f7", + "revCount": 83, "type": "git", "url": "https://git.lix.systems/lix-project/flake-compat.git" }, @@ -95,11 +95,11 @@ "conduit-src": { "flake": false, "locked": { - "lastModified": 1742005420, - "narHash": "sha256-v4LCx7VUZ+8Hy1+6ziREVY/QEADjZbo8c0h9eU7nMVY=", + "lastModified": 1742789401, + "narHash": "sha256-oZ8TPrtzPwXupsAfwMjLRI/s0/PokqL3q1ejeGVn5lE=", "owner": "famedly", "repo": "conduit", - "rev": "063d13a0e10619f17bc21f0dd291c5a733581394", + "rev": "a7e6f60b41122761422df2b7bcc0c192416f9a28", "type": "gitlab" }, "original": { @@ -131,11 +131,11 @@ ] }, "locked": { - "lastModified": 1742382197, - "narHash": "sha256-5OtFbbdKAkWDVuzjs1J9KwdFuDxsEvz0FZX3xR2jEUM=", + "lastModified": 1743359449, + "narHash": "sha256-unjpn5SCn55Ma+/grXuTybICgUa/bcPGKxJMt9lLoIg=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "643b57fd32135769f809913663130a95fe6db49e", + "rev": "fe625481e50d05aa452d684d5228e5059b4942d4", "type": "github" }, "original": { @@ -193,11 +193,11 @@ ] }, "locked": { - "lastModified": 1742432361, - "narHash": "sha256-FlqTrkzSn6oPR5iJTPsCQDd0ioMGzzxnPB+2wve9W2w=", + "lastModified": 1743383039, + "narHash": "sha256-Palj4EeFRS3tLl2aK0FgE01SBWRbqD4vKE+SNBJaYo4=", "owner": "bandithedoge", "repo": "nixpkgs-firefox-darwin", - "rev": "c868ff433ea5123e837a62ae689543045187d7a4", + "rev": "96f1d9e12f0efbbc4cea47c0a06a1667ed90e5f8", "type": "github" }, "original": { @@ -355,11 +355,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1742479163, - "narHash": "sha256-YC0zdGyZMu7seA2Jm1mxtcxE4lSeVwvCPMfWzJ8+o/c=", + "lastModified": 1743346877, + "narHash": "sha256-WczB9koq4xvdBZoMLW8VFT16RGaDrJXyA0rDTg2GFVU=", "owner": "helix-editor", "repo": "helix", - "rev": "b7d735ffe66a03ab5970e5f860923aada50d4e4c", + "rev": "e148d8b3110ace99505c0871714cd64391cc4ba3", "type": "github" }, "original": { @@ -375,11 +375,11 @@ ] }, "locked": { - "lastModified": 1742501496, - "narHash": "sha256-LYwyZmhckDKK7i4avmbcs1pBROpOaHi98lbjX1fmVpU=", + "lastModified": 1743360001, + "narHash": "sha256-HtpS/ZdgWXw0y+aFdORcX5RuBGTyz3WskThspNR70SM=", "owner": "nix-community", "repo": "home-manager", - "rev": "d725df5ad8cee60e61ee6fe3afb735e4fbc1ff41", + "rev": "b6fd653ef8fbeccfd4958650757e91767a65506d", "type": "github" }, "original": { @@ -391,11 +391,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1742411066, - "narHash": "sha256-8vXOKPQFRzTjapsRnTJ1nuFjUfC+AGI2ybdK5cAEHZ8=", + "lastModified": 1743274305, + "narHash": "sha256-gsPA3AAGi3pucRpzJbhWWyyOBv2/2OjAjU/SlcSE8Vc=", "ref": "refs/heads/main", - "rev": "2491b7cc2128ee440d24768c4521c38b1859fc28", - "revCount": 17705, + "rev": "d169c092fc28838a253be136d17fe7de1292c728", + "revCount": 17746, "type": "git", "url": "https://git.lix.systems/lix-project/lix.git" }, @@ -416,11 +416,11 @@ ] }, "locked": { - "lastModified": 1741894565, - "narHash": "sha256-2FD0NDJbEjUHloVrtEIms5miJsj1tvQCc/0YK5ambyc=", + "lastModified": 1742945498, + "narHash": "sha256-MB/b/xcDKqaVBxJIIxwb81r8ZiGLeKEcqokATRRroo8=", "ref": "refs/heads/main", - "rev": "a6da43f8193d9e329bba1795c42590c27966082e", - "revCount": 136, + "rev": "fa69ae26cc32dda178117b46487c2165c0e08316", + "revCount": 138, "type": "git", "url": "https://git.lix.systems/lix-project/nixos-module.git" }, @@ -474,11 +474,11 @@ "nilla": { "flake": false, "locked": { - "lastModified": 1742722370, - "narHash": "sha256-MqdseA78bo2M3zfb0mjcBPYU2Qn9CF/KH5LZivWRtB0=", + "lastModified": 1743409018, + "narHash": "sha256-fghnO1XmDnM0U6PdFu0GquNIRQNxH2IQ1AgifyZk6Wk=", "owner": "nilla-nix", "repo": "nilla", - "rev": "b30b5a225843ab649a9b140eb3cbbcc8030a7eaf", + "rev": "6747fe62879d7d15c96808bc370a52941287772c", "type": "github" }, "original": { @@ -569,11 +569,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1742395137, - "narHash": "sha256-WWNNjCSzQCtATpCFEijm81NNG1xqlLMVbIzXAiZysbs=", + "lastModified": 1743259260, + "narHash": "sha256-ArWLUgRm1tKHiqlhnymyVqi5kLNCK5ghvm06mfCl4QY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "2a725d40de138714db4872dc7405d86457aa17ad", + "rev": "eb0e0f21f15c559d2ac7633dc81d079d1caf5f5f", "type": "github" }, "original": { @@ -755,11 +755,11 @@ ] }, "locked": { - "lastModified": 1742370146, - "narHash": "sha256-XRE8hL4vKIQyVMDXykFh4ceo3KSpuJF3ts8GKwh5bIU=", + "lastModified": 1743081648, + "narHash": "sha256-WRAylyYptt6OX5eCEBWyTwOEqEtD6zt33rlUkr6u3cE=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "adc195eef5da3606891cedf80c0d9ce2d3190808", + "rev": "29a3d7b768c70addce17af0869f6e2bd8f5be4b7", "type": "github" }, "original": { @@ -827,11 +827,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1741803511, - "narHash": "sha256-DcCGBWvAvt+OWI+EcPRO+/IXZHkFgPxZUmxf2VLl8no=", + "lastModified": 1743151937, + "narHash": "sha256-SjfGN+3wrzgRvzpziowTQUIr/o6ac5iMniua0ra6elo=", "owner": "dj95", "repo": "zjstatus", - "rev": "df9c77718f7023de8406e593eda6b5b0bc09cddd", + "rev": "2772e18d1bf57b5fe24c7e2c86a6cbec0475cd88", "type": "github" }, "original": { From 9a2c0fed2ccd4b633417b1574c8e45014065d031 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nikodem=20Rabuli=C5=84ski?= Date: Mon, 31 Mar 2025 20:06:15 +0200 Subject: [PATCH 17/17] inputs: lazy-trees at home --- inputs.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/inputs.nix b/inputs.nix index 27826d6..6660e6e 100644 --- a/inputs.nix +++ b/inputs.nix @@ -5,6 +5,10 @@ let url = "${url}/archive/${rev}.tar.gz"; sha256 = narHash; }; - flake = import flake-compat { src = ./.; }; + flake = import flake-compat { + src = ./.; + copySourceTreeToStore = false; + useBuiltinsFetchTree = true; + }; in flake.inputs