nix-files/flake.nix

# docs:
# - <https://nixos.wiki/wiki/Flakes>
# - <https://serokell.io/blog/practical-nix-flakes>

{
  inputs = {
    nixpkgs-stable.url = "nixpkgs/nixos-22.11";
    nixpkgs-unpatched.url = "nixpkgs/nixos-unstable";
    nixpkgs = {
      url = "path:nixpatches";
      inputs.nixpkgs.follows = "nixpkgs-unpatched";
    };
    mobile-nixos = {
      url = "github:nixos/mobile-nixos";
      flake = false;
    };
    home-manager = {
      url = "github:nix-community/home-manager/release-22.05";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    sops-nix = {
      url = "github:Mic92/sops-nix";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    uninsane-dot-org = {
      url = "git+https://git.uninsane.org/colin/uninsane";
      inputs.nixpkgs.follows = "nixpkgs";
    };
  };

  outputs = {
    self,
    nixpkgs,
    nixpkgs-stable,
    nixpkgs-unpatched,
    mobile-nixos,
    home-manager,
    sops-nix,
    uninsane-dot-org
  }:
    let
      nixpkgsCompiledBy = local: nixpkgs.legacyPackages."${local}";

      decl-host = { name, local, target }:
        let
          # XXX: we'd prefer to use `nixosSystem = (nixpkgsCompiledBy local).nixos`
          # but it doesn't propagate config to the underlying pkgs, meaning it doesn't let you use
          # non-free packages even after setting nixpkgs.allowUnfree.
          nixosSystem = import ((nixpkgsCompiledBy local).path + "/nixos/lib/eval-config.nix");
        in
          (nixosSystem {
            # we use pkgs built for and *by* the target, i.e. emulation, by default.
            # cross compilation only happens on explicit access to `pkgs.cross`
            system = target;
            modules = [
              (import ./hosts/instantiate.nix { localSystem = local; hostName = name; })
              self.nixosModules.default
              self.nixosModules.passthru
              {
                nixpkgs.overlays = [
                  self.overlays.default
                  self.overlays.passthru
                ];
              }
            ];
          });

      decl-bootable-host = { name, local, target }: rec {
        nixosConfiguration = decl-host { inherit name local target; };
        # this produces a EFI-bootable .img file (GPT with a /boot partition and a system (/ or /nix) partition).
        # after building this:
        #   - flash it to a bootable medium (SD card, flash drive, HDD)
        #   - resize the root partition (use cfdisk)
        #   - mount the part
        #      - chown root:nixbld <part>/nix/store
        #      - chown root:root -R <part>/nix/store/*
        #      - chown root:root -R <part>/persist  # if using impermanence
        #      - populate any important things (persist/, home/colin/.ssh, etc)
        #   - boot
        #   - if fs wasn't resized automatically, then `sudo btrfs filesystem resize max /`
        #   - checkout this flake into /etc/nixos AND UPDATE THE FS UUIDS.
        #   - `nixos-rebuild --flake './#<host>' switch`
        img = nixosConfiguration.config.system.build.img;
      };
      hosts = {
        servo = decl-bootable-host { name = "servo"; local = "x86_64-linux"; target = "x86_64-linux"; };
        desko = decl-bootable-host { name = "desko"; local = "x86_64-linux"; target = "x86_64-linux"; };
        lappy = decl-bootable-host { name = "lappy"; local = "x86_64-linux"; target = "x86_64-linux"; };
        moby = decl-bootable-host { name = "moby"; local = "aarch64-linux"; target = "aarch64-linux"; };
        # special cross-compiled variant, to speed up deploys from an x86 box to the arm target
        # note that these *do* produce different store paths, because the closure for the tools used to cross compile
        # v.s. emulate differ.
        # so deploying foo-cross and then foo incurs some rebuilding.
        moby-cross = decl-bootable-host { name = "moby"; local = "x86_64-linux"; target = "aarch64-linux"; };
        rescue = decl-bootable-host { name = "rescue"; local = "x86_64-linux"; target = "x86_64-linux"; };
      };
    in {
      nixosConfigurations = builtins.mapAttrs (name: value: value.nixosConfiguration) hosts;

      # unofficial output
      imgs = builtins.mapAttrs (name: value: value.img) hosts;

      overlays = rec {
        default = pkgs;
        pkgs = import ./pkgs/overlay.nix;
        passthru =
          let
            stable = next: prev: {
              stable = nixpkgs-stable.legacyPackages."${prev.stdenv.hostPlatform}";
            };
            mobile = (import "${mobile-nixos}/overlay/overlay.nix");
            uninsane = uninsane-dot-org.overlay;
          in
          next: prev:
            (stable next prev) // (mobile next prev) // (uninsane next prev);
      };

      nixosModules = rec {
        default = sane;
        sane = import ./modules;
        passthru = { ... }: {
          imports = [
            home-manager.nixosModule
            sops-nix.nixosModules.sops
          ];
        };
      };

      packages =
        let
          allPkgsFor = sys:
            let
              pkgsBase = nixpkgsCompiledBy sys;
              pkgsFull = pkgsBase.appendOverlays [
                self.overlays.passthru self.overlays.pkgs
              ];
            in pkgsFull.sane // {
              inherit (pkgsFull) sane uninsane-dot-org;
              nixpkgs = pkgsBase;
            };
        in {
          x86_64-linux = allPkgsFor "x86_64-linux";
          aarch64-linux = allPkgsFor "aarch64-linux";
        };

      templates = {
        python-data = {
          # initialize with:
          # - `nix flake init -t '/home/colin/dev/nixos/#python-data'`
          # then enter with:
          # - `nix develop`
          path = ./templates/python-data;
          description = "python environment for data processing";
        };
      };
    };
}
experimental flake support 2022-05-21 00:07:49 +00:00			`# docs:`
formatting nits 2022-08-25 02:46:10 +00:00			`# - <https://nixos.wiki/wiki/Flakes>`
			`# - <https://serokell.io/blog/practical-nix-flakes>`
experimental flake support 2022-05-21 00:07:49 +00:00
			`{`
			`inputs = {`
flake: update nixpkgs-stable 22.05 -> 22.11 2022-12-14 22:32:41 +00:00			`nixpkgs-stable.url = "nixpkgs/nixos-22.11";`
flake: lift the nixpkgs patching out to its own flake i hope it's a little cleaner this way, but tbh i'm not really sure. 2023-01-10 17:00:43 +00:00			`nixpkgs-unpatched.url = "nixpkgs/nixos-unstable";`
			`nixpkgs = {`
change the nixpkgs url type so that it hashes stably 2023-01-10 17:44:58 +00:00			`url = "path:nixpatches";`
flake: lift the nixpkgs patching out to its own flake i hope it's a little cleaner this way, but tbh i'm not really sure. 2023-01-10 17:00:43 +00:00			`inputs.nixpkgs.follows = "nixpkgs-unpatched";`
			`};`
moby: populate from lappy config (gnome, firefox, etc) it's not the best: probably want to replace with phosh 2022-05-23 02:45:54 +00:00			`mobile-nixos = {`
moby: abandon the flake fork of mobile-nixos and compile against tip instead 2022-05-24 05:47:32 +00:00			`url = "github:nixos/mobile-nixos";`
			`flake = false;`
moby: populate from lappy config (gnome, firefox, etc) it's not the best: probably want to replace with phosh 2022-05-23 02:45:54 +00:00			`};`
add a #lappy-gpt target which builds a flat, flashable image. the root part is ext4 instead of btrfs. nixos-generators doesn't support btrfs. the underlying machinery does though, so we can remove the middleman in a future patch to achieve that. 2022-05-22 01:05:32 +00:00			`home-manager = {`
home manager: update 21.11 -> 22.05 this is necessary for sway to build 2022-06-03 08:39:34 +00:00			`url = "github:nix-community/home-manager/release-22.05";`
add a #lappy-gpt target which builds a flat, flashable image. the root part is ext4 instead of btrfs. nixos-generators doesn't support btrfs. the underlying machinery does though, so we can remove the middleman in a future patch to achieve that. 2022-05-22 01:05:32 +00:00			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
flake: plumb my nixpkgs through to dependencies 2022-10-11 00:19:57 +00:00			`sops-nix = {`
			`url = "github:Mic92/sops-nix";`
			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
restructure flake so that nixosConfigurations mostly just references the other flake outputs 2023-01-11 08:45:41 +00:00			`uninsane-dot-org = {`
add uninsane.org sources as a flake input one can build the site from here with: ``` nix build '.#uninsane.uninsane-dot-org' ``` 2022-10-11 10:22:40 +00:00			`url = "git+https://git.uninsane.org/colin/uninsane";`
			`inputs.nixpkgs.follows = "nixpkgs";`
			`};`
experimental flake support 2022-05-21 00:07:49 +00:00			`};`
factor out the uninsane machine a bit better 2022-05-21 07:30:29 +00:00
vendor librewolf addons instead of fetching them on first run this obviously speeds up startup, it's hopefully also less likely to break surprisingly, and i hope it's the path to me shipping forks of official extensions. 2022-10-27 10:20:29 +00:00			`outputs = {`
			`self,`
			`nixpkgs,`
			`nixpkgs-stable,`
flake: lift the nixpkgs patching out to its own flake i hope it's a little cleaner this way, but tbh i'm not really sure. 2023-01-10 17:00:43 +00:00			`nixpkgs-unpatched,`
vendor librewolf addons instead of fetching them on first run this obviously speeds up startup, it's hopefully also less likely to break surprisingly, and i hope it's the path to me shipping forks of official extensions. 2022-10-27 10:20:29 +00:00			`mobile-nixos,`
			`home-manager,`
			`sops-nix,`
restructure flake so that nixosConfigurations mostly just references the other flake outputs 2023-01-11 08:45:41 +00:00			`uninsane-dot-org`
flake: format 2023-01-11 05:58:07 +00:00			`}:`
flake: remove extraneous toplevel items from `outputs` 2022-06-23 22:57:20 +00:00			`let`
flake: format 2023-01-11 05:58:07 +00:00			`nixpkgsCompiledBy = local: nixpkgs.legacyPackages."${local}";`
pin grpc & users, until the grpc aarch64 build is fixed 2022-12-14 12:27:24 +00:00
flake: format 2023-01-11 05:58:07 +00:00			`decl-host = { name, local, target }:`
			`let`
			# XXX: we'd prefer to use `nixosSystem = (nixpkgsCompiledBy local).nixos`
			`# but it doesn't propagate config to the underlying pkgs, meaning it doesn't let you use`
			`# non-free packages even after setting nixpkgs.allowUnfree.`
			`nixosSystem = import ((nixpkgsCompiledBy local).path + "/nixos/lib/eval-config.nix");`
			`in`
			`(nixosSystem {`
			`# we use pkgs built for and by the target, i.e. emulation, by default.`
			# cross compilation only happens on explicit access to `pkgs.cross`
			`system = target;`
			`modules = [`
move cross compilation out of the flake and into the host definitions 2023-01-11 08:56:06 +00:00			`(import ./hosts/instantiate.nix { localSystem = local; hostName = name; })`
restructure flake so that nixosConfigurations mostly just references the other flake outputs 2023-01-11 08:45:41 +00:00			`self.nixosModules.default`
			`self.nixosModules.passthru`
flake: format 2023-01-11 05:58:07 +00:00			`{`
			`nixpkgs.overlays = [`
restructure flake so that nixosConfigurations mostly just references the other flake outputs 2023-01-11 08:45:41 +00:00			`self.overlays.default`
			`self.overlays.passthru`
			`];`
flake: format 2023-01-11 05:58:07 +00:00			`}`
			`];`
			`});`

			`decl-bootable-host = { name, local, target }: rec {`
			`nixosConfiguration = decl-host { inherit name local target; };`
			`# this produces a EFI-bootable .img file (GPT with a /boot partition and a system (/ or /nix) partition).`
			`# after building this:`
			`# - flash it to a bootable medium (SD card, flash drive, HDD)`
			`# - resize the root partition (use cfdisk)`
			`# - mount the part`
			`# - chown root:nixbld <part>/nix/store`
			`# - chown root:root -R <part>/nix/store/*`
			`# - chown root:root -R <part>/persist # if using impermanence`
			`# - populate any important things (persist/, home/colin/.ssh, etc)`
			`# - boot`
			# - if fs wasn't resized automatically, then `sudo btrfs filesystem resize max /`
			`# - checkout this flake into /etc/nixos AND UPDATE THE FS UUIDS.`
			# - `nixos-rebuild --flake './#<host>' switch`
			`img = nixosConfiguration.config.system.build.img;`
			`};`
			`hosts = {`
			`servo = decl-bootable-host { name = "servo"; local = "x86_64-linux"; target = "x86_64-linux"; };`
			`desko = decl-bootable-host { name = "desko"; local = "x86_64-linux"; target = "x86_64-linux"; };`
			`lappy = decl-bootable-host { name = "lappy"; local = "x86_64-linux"; target = "x86_64-linux"; };`
			`moby = decl-bootable-host { name = "moby"; local = "aarch64-linux"; target = "aarch64-linux"; };`
			`# special cross-compiled variant, to speed up deploys from an x86 box to the arm target`
			`# note that these do produce different store paths, because the closure for the tools used to cross compile`
			`# v.s. emulate differ.`
			`# so deploying foo-cross and then foo incurs some rebuilding.`
			`moby-cross = decl-bootable-host { name = "moby"; local = "x86_64-linux"; target = "aarch64-linux"; };`
			`rescue = decl-bootable-host { name = "rescue"; local = "x86_64-linux"; target = "x86_64-linux"; };`
add uninsane.org sources as a flake input one can build the site from here with: ``` nix build '.#uninsane.uninsane-dot-org' ``` 2022-10-11 10:22:40 +00:00			`};`
vendor librewolf addons instead of fetching them on first run this obviously speeds up startup, it's hopefully also less likely to break surprisingly, and i hope it's the path to me shipping forks of official extensions. 2022-10-27 10:20:29 +00:00			`in {`
flake: format 2023-01-11 05:58:07 +00:00			`nixosConfigurations = builtins.mapAttrs (name: value: value.nixosConfiguration) hosts;`
move cross compilation out of the flake and into the host definitions 2023-01-11 08:56:06 +00:00
			`# unofficial output`
flake: format 2023-01-11 05:58:07 +00:00			`imgs = builtins.mapAttrs (name: value: value.img) hosts;`

try to do cross-compiling in a slightly less hacky way 2023-01-11 07:22:21 +00:00			`overlays = rec {`
restructure flake so that nixosConfigurations mostly just references the other flake outputs 2023-01-11 08:45:41 +00:00			`default = pkgs;`
			`pkgs = import ./pkgs/overlay.nix;`
flake: fix passthru overlays (fixes broken image building) 2023-01-11 09:08:46 +00:00			`passthru =`
restructure flake so that nixosConfigurations mostly just references the other flake outputs 2023-01-11 08:45:41 +00:00			`let`
flake: fix passthru overlays (fixes broken image building) 2023-01-11 09:08:46 +00:00			`stable = next: prev: {`
			`stable = nixpkgs-stable.legacyPackages."${prev.stdenv.hostPlatform}";`
			`};`
restructure flake so that nixosConfigurations mostly just references the other flake outputs 2023-01-11 08:45:41 +00:00			`mobile = (import "${mobile-nixos}/overlay/overlay.nix");`
			`uninsane = uninsane-dot-org.overlay;`
			`in`
flake: fix passthru overlays (fixes broken image building) 2023-01-11 09:08:46 +00:00			`next: prev:`
			`(stable next prev) // (mobile next prev) // (uninsane next prev);`
restructure flake so that nixosConfigurations mostly just references the other flake outputs 2023-01-11 08:45:41 +00:00			`};`

			`nixosModules = rec {`
			`default = sane;`
			`sane = import ./modules;`
			`passthru = { ... }: {`
			`imports = [`
			`home-manager.nixosModule`
			`sops-nix.nixosModules.sops`
			`];`
			`};`
try to do cross-compiling in a slightly less hacky way 2023-01-11 07:22:21 +00:00			`};`

flake: format 2023-01-11 05:58:07 +00:00			`packages =`
			`let`
flake: clean up nixpkgsFor-related functions 2023-01-11 07:50:32 +00:00			`allPkgsFor = sys:`
restructure flake so that nixosConfigurations mostly just references the other flake outputs 2023-01-11 08:45:41 +00:00			`let`
			`pkgsBase = nixpkgsCompiledBy sys;`
			`pkgsFull = pkgsBase.appendOverlays [`
			`self.overlays.passthru self.overlays.pkgs`
			`];`
			`in pkgsFull.sane // {`
			`inherit (pkgsFull) sane uninsane-dot-org;`
			`nixpkgs = pkgsBase;`
			`};`
flake: format 2023-01-11 05:58:07 +00:00			`in {`
			`x86_64-linux = allPkgsFor "x86_64-linux";`
			`aarch64-linux = allPkgsFor "aarch64-linux";`
			`};`

			`templates = {`
			`python-data = {`
			`# initialize with:`
			# - `nix flake init -t '/home/colin/dev/nixos/#python-data'`
			`# then enter with:`
			# - `nix develop`
			`path = ./templates/python-data;`
			`description = "python environment for data processing";`
			`};`
add `templates.python-data` for more info, see <https://nixos.org/manual/nix/stable/command-ref/new-cli/nix3-flake-init.html> 2022-11-30 00:48:27 +00:00			`};`
			`};`
experimental flake support 2022-05-21 00:07:49 +00:00			`}`