shelvacu/nix-stuff
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
9bad53f18858fa43dc9901516973d54e52e344fe
nix-stuff/flake.nix
Shelvacu 9bad53f188 nix fmt
2025-04-19 13:17:36 -07:00

521 lines
17 KiB
Nix
Raw Blame History

{
description = "Configs for shelvacu's nix things";
inputs = {
nixpkgs.url = "nixpkgs/nixos-24.11-small";
nixpkgs-unstable.url = "nixpkgs/nixos-unstable-small";
flake-utils.url = "github:numtide/flake-utils";
nixvim = {
url = "github:nix-community/nixvim/nixos-24.11";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};
nixvim-unstable = {
url = "github:nix-community/nixvim";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
nix-inspect = {
url = "github:bluskript/nix-inspect";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-inspect-unstable = {
url = "github:bluskript/nix-inspect";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
vscode-server-unstable = {
url = "github:nix-community/nixos-vscode-server";
inputs.nixpkgs.follows = "nixpkgs-unstable";
inputs.flake-utils.follows = "flake-utils";
};
vscode-server = {
url = "github:nix-community/nixos-vscode-server";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils";
};
nix-on-droid = {
url = "github:nix-community/nix-on-droid";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};
jovian-unstable = {
# there is no stable jovian :cry:
url = "github:Jovian-Experiments/Jovian-NixOS";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
disko-unstable = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
home-manager = {
url = "github:nix-community/home-manager/release-24.11";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager-unstable = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
nix-search-cli-unstable = {
url = "github:peterldowns/nix-search-cli";
inputs.nixpkgs.follows = "nixpkgs-unstable";
inputs.flake-utils.follows = "flake-utils";
};
nix-search-cli = {
url = "github:peterldowns/nix-search-cli";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils";
};
padtype-unstable = {
url = "git+https://git.uninsane.org/shelvacu/padtype.git";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
nixos-hardware.url = "github:nixos/nixos-hardware";
most-winningest = {
url = "github:captain-jean-luc/most-winningest";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils";
};
nixos-apple-silicon-unstable = {
url = "github:tpwrules/nixos-apple-silicon";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
sm64baserom.url = "git+https://git.uninsane.org/shelvacu/sm64baserom.git";
dns = {
url = "github:nix-community/dns.nix";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils";
};
treefmt-nix = {
url = "github:numtide/treefmt-nix";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
determinate-nix = {
url = "https://flakehub.com/f/DeterminateSystems/nix-src/3.0.0";
inputs.nixpkgs.follows = "nixpkgs";
};
determinate-nix-unstable = {
url = "https://flakehub.com/f/DeterminateSystems/nix-src/3.0.0";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
};
outputs =
{
self,
nixpkgs,
nix-on-droid,
...
}@inputs:
let
x86 = "x86_64-linux";
arm = "aarch64-linux";
lib = import "${nixpkgs}/lib";
overlays = import ./overlays;
mkPlainInner =
pkgs:
lib.evalModules {
modules = [
./common
{ vacu.systemKind = "server"; }
];
specialArgs = {
inherit pkgs;
inherit lib;
inherit (inputs) dns;
vacuModuleType = "plain";
inherit inputs;
};
};
mkPlain =
pkgs:
let
inner = mkPlainInner pkgs;
in
inner.config.vacu.withAsserts inner;
mkPkgs =
arg:
let
argAttrAll = if builtins.isString arg then { system = arg; } else arg;
useUnstable = argAttrAll.useUnstable or false;
whichpkgs = if useUnstable then inputs.nixpkgs-unstable else inputs.nixpkgs;
argAttr = lib.removeAttrs argAttrAll [ "useUnstable" ];
config = {
allowUnfree = true;
permittedInsecurePackages = [ "olm-3.2.16" ];
} // (argAttr.config or { });
in
import whichpkgs (
argAttr // { inherit config; } // { overlays = (argAttr.overlays or [ ]) ++ overlays; }
);
pkgs = mkPkgs x86;
defaultInputs = [
"nix-search-cli"
"nix-inspect"
"nixvim"
# "determinate-nix"
];
mkInputs =
{
unstable ? false,
inp ? [ ],
}:
let
suffix = if unstable then "-unstable" else "";
nixpkgs = inputs.${"nixpkgs" + suffix};
inp' = inp ++ defaultInputs;
thisInputsA = builtins.listToAttrs (
map (name: lib.nameValuePair name inputs.${name + suffix}) inp'
);
in
thisInputsA
// {
inherit nixpkgs;
inherit (inputs) self;
};
mkNixosConfig =
{
unstable ? false,
module,
system ? "x86_64-linux",
inp ? [ ],
}:
let
inputs = mkInputs { inherit unstable inp; };
in
inputs.nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs;
inherit (inputs) dns;
vacuModuleType = "nixos";
};
inherit system;
modules = [
./common
module
];
};
in
{
debug.isoDeriv = (
import "${inputs.nixpkgs}/nixos/release-small.nix" {
nixpkgs = ({ revCount = 0; } // inputs.nixpkgs);
}
);
lib = {
inherit
mkPlain
mkPkgs
mkInputs
mkNixosConfig
;
};
nixosConfigurations = {
triple-dezert = mkNixosConfig {
module = ./triple-dezert;
inp = [ "most-winningest" ];
};
compute-deck = mkNixosConfig {
module = ./compute-deck;
inp = [
"jovian"
"home-manager"
"vscode-server"
"disko"
"padtype"
];
unstable = true;
};
liam = mkNixosConfig {
module = ./liam;
inp = [ "sops-nix" ];
};
lp0 = mkNixosConfig { module = ./lp0; };
shel-installer = mkNixosConfig { module = ./installer.nix; };
fw = mkNixosConfig {
module = ./fw;
inp = [
"nixos-hardware"
"sops-nix"
];
};
legtop = mkNixosConfig {
module = ./legtop;
inp = [ "nixos-hardware" ];
};
mmm = mkNixosConfig {
module = ./mmm;
inp = [ "nixos-apple-silicon" ];
system = "aarch64-linux";
unstable = true;
};
toptop = mkNixosConfig {
module = ./toptop;
system = "x86_64-linux";
};
};
nixOnDroidConfigurations.default = nix-on-droid.lib.nixOnDroidConfiguration {
modules = [
./common
./nix-on-droid
];
extraSpecialArgs = {
inputs = mkInputs { };
inherit (inputs) dns;
vacuModuleType = "nix-on-droid";
};
pkgs = mkPkgs { system = arm; };
};
checks = nixpkgs.lib.genAttrs [ x86 ] (
system:
let
pkgs = mkPkgs system;
plain = mkPlain pkgs;
commonTestModule = {
hostPkgs = pkgs;
_module.args.inputs = { inherit (inputs) self; };
node.pkgs = pkgs;
node.pkgsReadOnly = false;
node.specialArgs.selfPackages = self.packages.${system};
node.specialArgs.vacuModuleType = "nixos";
};
mkTest =
name:
nixpkgs.lib.nixos.runTest {
imports = [
commonTestModule
./tests/${name}
{ node.specialArgs.inputs = self.nixosConfigurations.${name}._module.specialArgs.inputs; }
];
};
checksFromConfig = plain.config.vacu.checks;
in
assert !(checksFromConfig ? liam) && !(checksFromConfig ? trip);
checksFromConfig
// {
liam = mkTest "liam";
triple-dezert = mkTest "triple-dezert";
}
);
qb = # qb is "quick build"
let
toplevelOf = name: self.nixosConfigurations.${name}.config.system.build.toplevel;
deterministicCerts = import ./deterministic-certs.nix { nixpkgs = mkPkgs x86; };
renamedAarchPackages = lib.mapAttrs' (
name: value: lib.nameValuePair (name + "-aarch64") value
) self.packages.aarch64-linux;
packages = self.packages.x86_64-linux // renamedAarchPackages;
in
rec {
fw = toplevelOf "fw";
triple-dezert = toplevelOf "triple-dezert";
trip = triple-dezert;
compute-deck = toplevelOf "compute-deck";
cd = compute-deck;
liam = toplevelOf "liam";
lp0 = toplevelOf "lp0";
legtop = toplevelOf "legtop";
lt = legtop;
mmm = toplevelOf "mmm";
shel-installer = toplevelOf "shel-installer";
toptop = toplevelOf "toptop";
tt = toptop;
iso = self.nixosConfigurations.shel-installer.config.system.build.isoImage;
check-triple-dezert = self.checks.x86_64-linux.triple-dezert.driver;
check-trip = check-triple-dezert;
check-liam = self.checks.x86_64-linux.liam.driver;
liam-sieve = self.nixosConfigurations.liam.config.vacu.liam-sieve-script;
nix-on-droid = self.nixOnDroidConfigurations.default.activationPackage;
nod = nix-on-droid;
nod-bootstrap-x86_64 = inputs.nix-on-droid.packages.x86_64-linux.bootstrapZip-x86_64;
nod-bootstrap-aarch64 = inputs.nix-on-droid.packages.x86_64-linux.bootstrapZip-aarch64;
dc-priv = deterministicCerts.privKeyFile "test";
dc-cert = deterministicCerts.selfSigned "test" { };
# sm64 = packages.sm64coopdx;
ak = packages.authorizedKeys;
my-sops = packages.wrappedSops;
inherit (inputs.nixos-apple-silicon-unstable.packages.aarch64-linux)
m1n1
uboot-asahi
installer-bootstrap
;
installer-bootstrap-cross =
inputs.nixos-apple-silicon-unstable.packages.x86_64-linux.installer-bootstrap;
}
// packages;
brokenBuilds = [
"sm64coopdx-aarch64"
"installer-bootstrap"
];
all =
let
linksNoContext = removeAttrs self.qb self.brokenBuilds;
links = builtins.mapAttrs (
name: val: builtins.addErrorContext "while evaluating link ${name}" val
) linksNoContext;
in
pkgs.runCommand "nix-stuff-all"
{
__structuredAttrs = true;
inherit links;
}
''
mkdir $out
cd $out
eval "$(${pkgs.jq}/bin/jq '.links | to_entries | map("ln -s "+.value+" "+.key) | join("\n")' /build/.attrs.json -r)"
'';
impureBuilds = [
"nix-on-droid"
"nod"
"nod-bootstrap-x86_64"
"nod-bootstrap-aarch64"
];
allPure = self.all.overrideAttrs (prev: {
links = removeAttrs prev.links self.impureBuilds;
});
archiveSmall =
let
# We don't want iso/img derivations here because they de-dupe terribly. Any change anywhere requires generating a new iso/img file.
isoContents = lib.concatStringsSep "\n" (
map (
c: "${c.source} => ${c.target}"
) self.nixosConfigurations.shel-installer.config.isoImage.contents
);
isoContentsPkg = pkgs.writeText "iso-contents" isoContents;
allButImgs = self.all.overrideAttrs (prev: {
links = (removeAttrs prev.links [ "iso" ]) // {
iso-contents = isoContentsPkg;
};
});
in
allButImgs;
archive =
let
inherit (self) archiveSmall;
in
archiveSmall.overrideAttrs (prev: {
links = prev.links // {
build-deps = pkgs.closureInfo { rootPaths = [ archiveSmall.drvPath ]; };
};
});
}
// (inputs.flake-utils.lib.eachDefaultSystem (
system:
let
mkNixvim =
unstable:
let
nixvim-input = if unstable then inputs.nixvim-unstable else inputs.nixvim;
in
nixvim-input.legacyPackages.${system}.makeNixvimWithModule {
module = {
imports = [ ./nixvim ];
_module.args = { inherit pkgs-unstable; };
};
extraSpecialArgs = { inherit unstable inputs system; };
};
nixpkgs-args = {
inherit system;
config.allowUnfree = true;
overlays = [ inputs.sm64baserom.overlays.default ];
};
pkgs-unstable = mkPkgs (nixpkgs-args // { useUnstable = true; });
pkgs-stable = mkPkgs (nixpkgs-args // { useUnstable = false; });
_plain = mkPlain pkgs-unstable;
plain = _plain.config.vacu.withAsserts _plain;
treefmtEval = inputs.treefmt-nix.lib.evalModule pkgs-unstable ./treefmt.nix;
in
{
formatter = treefmtEval.config.build.wrapper;
apps.sops = {
type = "app";
program = lib.getExe self.packages.${system}.wrappedSops;
};
vacuconfig = plain.config;
legacyPackages = {
unstable = pkgs-unstable;
stable = pkgs-stable;
};
packages = rec {
authorizedKeys = pkgs-stable.writeText "authorizedKeys" (
lib.concatStringsSep "\n" (
lib.mapAttrsToList (k: v: "${v} ${k}") plain.config.vacu.ssh.authorizedKeys
)
);
bandcamp-collection-downloader = pkgs-unstable.callPackage ./packages/bcd { };
bcd = bandcamp-collection-downloader;
# dnix = inputs.determinate-nix.packages.${system}.nix;
dns = import ./scripts/dns {
inherit pkgs lib inputs;
inherit (plain) config;
};
generated = pkgs.linkFarm "generated" {
nixpkgs = "${inputs.nixpkgs}";
"liam-test/hints.py" = pkgs.writeText "hints.py" (
import ./typesForTest.nix {
name = "liam";
inherit (pkgs-stable) lib;
inherit self;
inherit (inputs) nixpkgs;
}
);
"dns/python-env" = builtins.dirOf (builtins.dirOf dns.interpreter);
"mailtest/python-env" = builtins.dirOf (
builtins.dirOf self.checks.x86_64-linux.liam.nodes.checker.vacu.mailtest.smtp.interpreter
);
};
haproxy-auth-request = pkgs.callPackage ./packages/haproxy-auth-request.nix {
inherit haproxy-lua-http;
};
haproxy-lua-http = pkgs.callPackage ./packages/haproxy-lua-http.nix { };
liam-sieve-script = self.nixosConfigurations.liam.config.vacu.liam-sieve-script;
leanLatest = pkgs-unstable.callPackage ./packages/leanLatest.nix { };
nixvim = mkNixvim false;
nixvim-unstable = mkNixvim true;
nix-inspect = inputs.nix-inspect.packages.${system}.default;
nix-search-cli = inputs.nix-search-cli.packages.${system}.default;
openterface-qt = pkgs.callPackage ./packages/openterface-qt.nix { };
# rg-cubexx-v1-0-1 = pkgs.fetchurlWithWetransfer {
# url = "https://we.tl/t-nwhCNkgXwG";
# name = "cxm_rgcubexx-v1-0-1-en32gb-2401018_2024-10-19_0631.zip";
# recursiveHash = true;
# hash = "sha256-kQds0/BdlEA10LJozOvpQ65TemTx6CxjO8rANi4o5K0=";
# };
sopsConfig = plain.config.vacu.sopsConfigFile;
sourceTree = plain.config.vacu.sourceTree;
transferwee = pkgs.callPackage ./packages/transferwee.nix { };
units = plain.config.vacu.units.finalPackage;
update-git-keys = pkgs-stable.callPackage ./scripts/update-git-keys.nix { inherit (plain) config; };
vnopnCA = pkgs-stable.writeText "vnopnCA.cert" plain.config.vacu.vnopnCA;
wrappedSops = plain.config.vacu.wrappedSops;
z3 = pkgs-unstable.callPackage ./packages/z3 { };
# mycoopdx = pkgs-unstable.callPackage ./packages/sm64coopdx.nix { };
# zulip-server = pkgs.python312Packages.callPackage ./packages/zulip.nix { };
};
}
));
}
Reference in New Issue View Git Blame Copy Permalink