swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 00:57:22 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat!: switch to full flake-parts

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-07-03 19:23:03 +02:00
parent 7d82c3cee9
commit 7d614f784c
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
55 changed files with 4443 additions and 4188 deletions
Download patch file Download diff file Expand all files Collapse all files

7157
SwarselSystems.org
View file

File diff suppressed because it is too large Load diff

39
checks/default.nix
View file

@ -1,39 +0,0 @@
{ self, inputs, pkgs, system, ... }:
{
pre-commit-check = inputs.pre-commit-hooks.lib.${system}.run {
src = "${self}";
hooks = {
check-added-large-files.enable = true;
check-case-conflicts.enable = true;
check-executables-have-shebangs.enable = true;
check-shebang-scripts-are-executable.enable = false;
check-merge-conflicts.enable = true;
deadnix.enable = true;
detect-private-keys.enable = true;
end-of-file-fixer.enable = true;
fix-byte-order-marker.enable = true;
flake-checker.enable = true;
forbid-new-submodules.enable = true;
mixed-line-endings.enable = true;
nixpkgs-fmt.enable = true;
statix.enable = true;
trim-trailing-whitespace.enable = true;
destroyed-symlinks = {
enable = true;
entry = "${inputs.pre-commit-hooks.checks.${system}.pre-commit-hooks}/bin/destroyed-symlinks";
};
shellcheck = {
enable = true;
entry = "${pkgs.shellcheck}/bin/shellcheck --shell=bash";
};
shfmt = {
enable = true;
entry = "${pkgs.shfmt}/bin/shfmt -i 4 -sr -d -s -l";
};
};
};
}

23
flake.lock generated
View file

@ -98,6 +98,26 @@
} }
}, },
"devshell": { "devshell": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1741473158,
"narHash": "sha256-kWNaq6wQUbUMlPgw8Y+9/9wP0F8SHkjy24/mN3UAppg=",
"owner": "numtide",
"repo": "devshell",
"rev": "7c9e793ebe66bcba8292989a68c0419b737a22a0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "devshell",
"type": "github"
}
},
"devshell_2": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"nix-topology", "nix-topology",
@ -836,7 +856,7 @@
}, },
"nix-topology": { "nix-topology": {
"inputs": { "inputs": {
"devshell": "devshell", "devshell": "devshell_2",
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_3",
"pre-commit-hooks": "pre-commit-hooks" "pre-commit-hooks": "pre-commit-hooks"
@ -1420,6 +1440,7 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"devshell": "devshell",
"disko": "disko", "disko": "disko",
"emacs-overlay": "emacs-overlay", "emacs-overlay": "emacs-overlay",
"flake-parts": "flake-parts", "flake-parts": "flake-parts",

200
flake.nix
View file

@ -12,7 +12,6 @@
]; ];
}; };
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-kernel.url = "github:NixOS/nixpkgs/063f43f2dbdef86376cc29ad646c45c46e93234c?narHash=sha256-6m1Y3/4pVw1RWTsrkAK2VMYSzG4MMIj7sqUy7o8th1o%3D"; #specifically pinned for kernel version nixpkgs-kernel.url = "github:NixOS/nixpkgs/063f43f2dbdef86376cc29ad646c45c46e93234c?narHash=sha256-6m1Y3/4pVw1RWTsrkAK2VMYSzG4MMIj7sqUy7o8th1o%3D"; #specifically pinned for kernel version
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-25.05"; nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-25.05";
@ -84,196 +83,27 @@
}; };
nix-topology.url = "github:oddlama/nix-topology"; nix-topology.url = "github:oddlama/nix-topology";
flake-parts.url = "github:hercules-ci/flake-parts"; flake-parts.url = "github:hercules-ci/flake-parts";
devshell = {
url = "github:numtide/devshell";
inputs.nixpkgs.follows = "nixpkgs";
};
}; };
outputs = outputs =
inputs@{ self inputs:
, nixpkgs
, home-manager
, systems
, ...
}:
let
inherit (self) outputs;
lib = (nixpkgs.lib // home-manager.lib).extend (_: _: { swarselsystems = import ./lib { inherit self lib inputs outputs systems; }; });
in
inputs.flake-parts.lib.mkFlake { inherit inputs; } { inputs.flake-parts.lib.mkFlake { inherit inputs; } {
imports = [ imports = [
./nix/globals.nix ./nix/globals.nix
./nix/hosts.nix
./nix/topology.nix
./nix/devshell.nix
./nix/apps.nix
./nix/packages.nix
./nix/overlays.nix
./nix/lib.nix
./nix/templates.nix
./nix/formatter.nix
./nix/modules.nix
]; ];
flake = { config, ... }:
let
inherit (self) outputs;
lib = (nixpkgs.lib // home-manager.lib).extend (_: _: { swarselsystems = import ./lib { inherit self lib inputs outputs systems; }; });
linuxUser = "swarsel";
macUser = "leon.schwarzaeugl";
mkFullHost = host: type: {
${host} =
let
systemFunc = if (type == "nixos") then lib.nixosSystem else inputs.nix-darwin.lib.darwinSystem;
in
systemFunc {
specialArgs = { inherit inputs outputs lib self; inherit (config) globals; };
modules = [
{
node.name = host;
node.secretsDir = ./hosts/${type}/${host}/secrets;
}
# put inports here that are for all hosts
inputs.disko.nixosModules.disko
inputs.sops-nix.nixosModules.sops
inputs.impermanence.nixosModules.impermanence
inputs.lanzaboote.nixosModules.lanzaboote
inputs.fw-fanctrl.nixosModules.default
inputs.nix-topology.nixosModules.default
inputs.home-manager.nixosModules.home-manager
"${self}/hosts/${type}/${host}"
{
_module.args.primaryUser = linuxUser;
}
] ++
(if (host == "iso") then [
] else
([
# put nixos imports here that are for all servers and normal hosts
"${self}/modules/nixos"
inputs.stylix.nixosModules.stylix
inputs.nswitch-rcm-nix.nixosModules.nswitch-rcm
] ++ (if (type == "nixos") then [
"${self}/profiles/nixos"
{
home-manager.users."${linuxUser}".imports = [
# put home-manager imports here that are for all normal hosts
"${self}/profiles/home"
"${self}/modules/home"
];
}
] else [
# put nixos imports here that are for darwin hosts
"${self}/modules/nixos/darwin"
"${self}/profiles/nixos"
inputs.home-manager.darwinModules.home-manager
{
home-manager.users."${macUser}".imports = [
# put home-manager imports here that are for darwin hosts
"${self}/modules/home/darwin"
"${self}/profiles/home"
];
}
])
));
};
};
mkHalfHost = host: type: pkgs: {
${host} =
let
systemFunc = if (type == "home") then inputs.home-manager.lib.homeManagerConfiguration else inputs.nix-on-droid.lib.nixOnDroidConfiguration;
in
systemFunc
{
inherit pkgs;
extraSpecialArgs = { inherit inputs outputs lib self; };
modules = [ "${self}/hosts/${type}/${host}" ];
};
};
mkFullHostConfigs = hosts: type: lib.foldl (acc: set: acc // set) { } (lib.map (host: mkFullHost host type) hosts);
mkHalfHostConfigs = hosts: type: pkgs: lib.foldl (acc: set: acc // set) { } (lib.map (host: mkHalfHost host type pkgs) hosts);
in
{
inherit lib;
# nixosModules = import ./modules/nixos { inherit lib; };
# homeModules = import ./modules/home { inherit lib; };
packages = lib.swarselsystems.forEachLinuxSystem (pkgs: import ./pkgs { inherit lib pkgs; });
formatter = lib.swarselsystems.forEachSystem (pkgs: pkgs.nixpkgs-fmt);
overlays = import ./overlays { inherit self lib inputs; };
apps = lib.swarselsystems.forAllSystems (system:
let
appNames = [
"swarsel-bootstrap"
"swarsel-install"
"swarsel-rebuild"
"swarsel-postinstall"
];
appSet = lib.swarselsystems.mkApps system appNames self;
in
appSet // {
default = appSet.swarsel-bootstrap;
}
);
devShells = lib.swarselsystems.forAllSystems (system:
let
pkgs = lib.swarselsystems.pkgsFor.${system};
checks = self.checks.${system};
in
{
default = pkgs.mkShell {
# plugin-files = ${pkgs.nix-plugins.overrideAttrs (o: {
# buildInputs = [pkgs.nixVersions.latest pkgs.boost];
# patches = (o.patches or []) ++ [ "${self}/nix/nix-plugins.patch" ];
# })}/lib/nix/plugins
NIX_CONFIG = ''
plugin-files = ${pkgs.nix-plugins}/lib/nix/plugins
extra-builtins-file = ${self + /nix/extra-builtins.nix}
'';
inherit (checks.pre-commit-check) shellHook;
buildInputs = checks.pre-commit-check.enabledPackages;
nativeBuildInputs = [
(builtins.trace "alarm: we pinned nix_2_24 because of https://github.com/shlevy/nix-plugins/issues/20" pkgs.nixVersions.nix_2_24) # Always use the nix version from this flake's nixpkgs version, so that nix-plugins (below) doesn't fail because of different nix versions.
# pkgs.nix
pkgs.home-manager
pkgs.git
pkgs.just
pkgs.age
pkgs.ssh-to-age
pkgs.sops
pkgs.statix
pkgs.deadnix
pkgs.nixpkgs-fmt
];
};
}
);
templates = import ./templates { inherit lib; };
checks = lib.swarselsystems.forAllSystems (system:
let
pkgs = lib.swarselsystems.pkgsFor.${system};
in
import ./checks { inherit self inputs system pkgs; }
);
diskoConfigurations.default = import .templates/hosts/nixos/disk-config.nix;
nixosConfigurations = mkFullHostConfigs (lib.swarselsystems.readHosts "nixos") "nixos";
homeConfigurations = mkHalfHostConfigs (lib.swarselsystems.readHosts "home") "home" lib.swarselsystems.pkgsFor.x86_64-linux;
darwinConfigurations = mkFullHostConfigs (lib.swarselsystems.readHosts "darwin") "darwin";
nixOnDroidConfigurations = mkHalfHostConfigs (lib.swarselsystems.readHosts "android") "android" lib.swarselsystems.pkgsFor.aarch64-linux;
topology = lib.swarselsystems.forEachSystem (pkgs: import inputs.nix-topology {
inherit pkgs;
modules = [
"${self}/topology"
{ inherit (self) nixosConfigurations; }
];
});
nodes = config.nixosConfigurations;
};
systems = [ systems = [
"x86_64-linux" "x86_64-linux"
"aarch64-linux" "aarch64-linux"

2
hosts/darwin/nbm-imba-166/default.nix
View file

@ -1,4 +1,4 @@
{ lib, ... }: { lib, config, ... }:
let let
inherit (config.repo.secrets.local) workUser; inherit (config.repo.secrets.local) workUser;
in in

5
hosts/home/default/default.nix
View file

@ -1,12 +1,11 @@
{ self, outputs, config, ... }: { self, inputs, outputs, ... }:
{ {
imports = [ imports = [
inputs.stylix.homeManagerModules.stylix inputs.stylix.homeManagerModules.stylix
inputs.sops-nix.homeManagerModules.sops inputs.sops-nix.homeManagerModules.sops
inputs.nix-index-database.hmModules.nix-index inputs.nix-index-database.hmModules.nix-index
./modules/home/common "${self}/modules/home"
"${self}/modules/home/common/sharedsetup.nix"
]; ];
nixpkgs = { nixpkgs = {

8
hosts/nixos/chaostheatre/default.nix
View file

@ -1,6 +1,8 @@
{ self, inputs, config, pkgs, lib, primaryUser, ... }: { self, inputs, config, pkgs, lib, ... }:
let let
mainUser = "demo";
sharedOptions = { sharedOptions = {
inherit mainUser;
isBtrfs = false; isBtrfs = false;
isLinux = true; isLinux = true;
isPublic = true; isPublic = true;
@ -20,7 +22,7 @@ in
"${self}/hosts/nixos/chaostheatre/options.nix" "${self}/hosts/nixos/chaostheatre/options.nix"
inputs.home-manager.nixosModules.home-manager inputs.home-manager.nixosModules.home-manager
{ {
home-manager.users."${primaryUser}".imports = [ home-manager.users."${mainUser}".imports = [
"${self}/modules/home/common/settings.nix" "${self}/modules/home/common/settings.nix"
"${self}/hosts/nixos/chaostheatre/options-home.nix" "${self}/hosts/nixos/chaostheatre/options-home.nix"
"${self}/modules/home/common/sharedsetup.nix" "${self}/modules/home/common/sharedsetup.nix"
@ -59,7 +61,7 @@ in
} }
sharedOptions; sharedOptions;
home-manager.users."${primaryUser}" = { home-manager.users.${mainUser} = {
home.stateVersion = lib.mkForce "23.05"; home.stateVersion = lib.mkForce "23.05";
swarselsystems = lib.recursiveUpdate swarselsystems = lib.recursiveUpdate
{ {

3
hosts/nixos/moonside/default.nix
View file

@ -1,5 +1,6 @@
{ lib, config, primaryUser, ... }: { lib, config, globals, ... }:
let let
primaryUser = globals.user.name;
inherit (config.repo.secrets.common) workHostName; inherit (config.repo.secrets.common) workHostName;
inherit (config.repo.secrets.local.syncthing) dev1 dev2 dev3 loc1; inherit (config.repo.secrets.local.syncthing) dev1 dev2 dev3 loc1;
serviceDomain = config.repo.secrets.common.services.domains.syncthing3; serviceDomain = config.repo.secrets.common.services.domains.syncthing3;

3
hosts/nixos/nbl-imba-2/default.nix
View file

@ -1,5 +1,6 @@
{ self, config, inputs, lib, primaryUser, ... }: { self, config, inputs, lib, globals, ... }:
let let
primaryUser = globals.user.name;
sharedOptions = { sharedOptions = {
isBtrfs = true; isBtrfs = true;
isLinux = true; isLinux = true;

3
hosts/nixos/sync/default.nix
View file

@ -1,5 +1,6 @@
{ lib, config, primaryUser, ... }: { lib, config, globals, ... }:
let let
primaryUser = globals.user.name;
sharedOptions = { sharedOptions = {
isBtrfs = false; isBtrfs = false;
isLinux = true; isLinux = true;

6
hosts/nixos/toto/default.nix
View file

@ -1,4 +1,4 @@
{ self, inputs, pkgs, lib, primaryUser, ... }: { self, inputs, pkgs, lib, ... }:
let let
modulesPath = "${self}/modules"; modulesPath = "${self}/modules";
sharedOptions = { sharedOptions = {
@ -21,7 +21,7 @@ in
inputs.home-manager.nixosModules.home-manager inputs.home-manager.nixosModules.home-manager
{ {
home-manager.users."${primaryUser}".imports = [ home-manager.users."setup".imports = [
inputs.sops-nix.homeManagerModules.sops inputs.sops-nix.homeManagerModules.sops
"${modulesPath}/home/common/sharedsetup.nix" "${modulesPath}/home/common/sharedsetup.nix"
"${self}/profiles/home" "${self}/profiles/home"
@ -70,7 +70,7 @@ in
} }
sharedOptions; sharedOptions;
home-manager.users."${primaryUser}" = { home-manager.users."setup" = {
home.stateVersion = lib.mkForce "23.05"; home.stateVersion = lib.mkForce "23.05";
swarselsystems = lib.recursiveUpdate swarselsystems = lib.recursiveUpdate
{ {

3
hosts/nixos/winters/default.nix
View file

@ -1,5 +1,6 @@
{ lib, config, primaryUser, ... }: { lib, config, globals, ... }:
let let
primaryUser = globals.user.name;
sharedOptions = { sharedOptions = {
isBtrfs = false; isBtrfs = false;
isLinux = true; isLinux = true;

120
lib/default.nix
View file

@ -1,120 +0,0 @@
{ self, lib, systems, inputs, ... }:
{
mkIfElseList = p: yes: no: lib.mkMerge [
(lib.mkIf p yes)
(lib.mkIf (!p) no)
];
mkIfElse = p: yes: no: if p then yes else no;
forAllSystems = lib.genAttrs [
"x86_64-linux"
"aarch64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
pkgsFor = lib.genAttrs (import systems) (system:
import inputs.nixpkgs {
inherit system;
overlays = [ self.overlays.default ];
config.allowUnfree = true;
}
);
toCapitalized = str:
if builtins.stringLength str == 0 then
""
else
let
first = builtins.substring 0 1 str;
rest = builtins.substring 1 (builtins.stringLength str - 1) str;
upper = lib.toUpper first;
lower = lib.toLower rest;
in
upper + lower;
# mkUser = name: {
# config.users.users.${name} = {
# group = name;
# isSystemUser = true;
# };
# config.users.groups.${name} = {};
# };
mkTrueOption = lib.mkOption {
type = lib.types.bool;
default = true;
};
mkStrong = lib.mkOverride 60;
getSecret = filename: lib.strings.trim (builtins.readFile "${filename}");
forEachSystem = f: lib.genAttrs (import systems) (system: f lib.swarselsystems.pkgsFor.${system});
forEachLinuxSystem = f: lib.genAttrs [ "x86_64-linux" "aarch64-linux" ] (system: f lib.swarselsystems.pkgsFor.${system});
readHosts = type: lib.attrNames (builtins.readDir "${self}/hosts/${type}");
readNix = type: lib.filter (name: name != "default.nix") (lib.attrNames (builtins.readDir "${self}/${type}"));
mkApps = system: names: self: builtins.listToAttrs (map
(name: {
inherit name;
value = {
type = "app";
program = "${self.packages.${system}.${name}}/bin/${name}";
meta = {
description = "Custom app ${name}.";
};
};
})
names);
mkPackages = names: pkgs: builtins.listToAttrs (map
(name: {
inherit name;
value = pkgs.callPackage "${self}/pkgs/${name}" { inherit self name; };
})
names);
mkModules = names: type: builtins.listToAttrs (map
(name: {
inherit name;
value = import "${self}/modules/${type}/${name}";
})
names);
mkProfiles = names: type: builtins.listToAttrs (map
(name: {
inherit name;
value = import "${self}/profiles/${type}/${name}";
})
names);
mkTemplates = names: builtins.listToAttrs (map
(name: {
inherit name;
value = {
path = "${self}/templates/${name}";
description = "${name} project ";
};
})
names);
mkImports = names: baseDir: lib.map (name: "${self}/${baseDir}/${name}") names;
eachMonitor = _: monitor: {
inherit (monitor) name;
value = builtins.removeAttrs monitor [ "workspace" "name" "output" ];
};
eachOutput = _: monitor: {
inherit (monitor) name;
value = builtins.removeAttrs monitor [ "mode" "name" "scale" "transform" "position" ];
};
}

7
modules/home/darwin/default.nix
View file

@ -1,10 +1,7 @@
{ self, ... }: { self, ... }:
let
modulesPath = "${self}/modules";
in
{ {
imports = [ imports = [
"${modulesPath}/home/common/settings.nix" "${self}/modules/home/common/settings.nix"
"${modulesPath}/home/common/sharedsetup.nix" "${self}/modules/home/common/sharedsetup.nix"
]; ];
} }

7
modules/nixos/client/default.nix
View file

@ -1,7 +1,10 @@
{ lib, ... }: { lib, inputs, ... }:
let let
importNames = lib.swarselsystems.readNix "modules/nixos/client"; importNames = lib.swarselsystems.readNix "modules/nixos/client";
in in
{ {
imports = lib.swarselsystems.mkImports importNames "modules/nixos/client"; imports = lib.swarselsystems.mkImports importNames "modules/nixos/client" ++ [
inputs.stylix.nixosModules.stylix
inputs.nswitch-rcm-nix.nixosModules.nswitch-rcm
];
} }

3
modules/nixos/common/globals.nix
View file

@ -15,6 +15,9 @@ in
name = mkOption { name = mkOption {
type = types.str; type = types.str;
}; };
work = mkOption {
type = types.str;
};
}; };

10
modules/nixos/common/home-manager.nix
View file

@ -1,12 +1,18 @@
{ inputs, config, lib, outputs, globals, nodes, ... }: { self, inputs, config, lib, outputs, globals, nodes, ... }:
let
mainUser = globals.user.name;
in
{ {
options.swarselsystems.modules.home-manager = lib.mkEnableOption "home-manager"; options.swarselsystems.modules.home-manager = lib.mkEnableOption "home-manager";
config = lib.mkIf config.swarselsystems.modules.home-manager { config = lib.mkIf config.swarselsystems.modules.home-manager {
home-manager = lib.mkIf config.swarselsystems.withHomeManager { home-manager = lib.mkIf config.swarselsystems.withHomeManager {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
verbose = true; verbose = true;
users."${mainUser}".imports = [
"${self}/profiles/home"
"${self}/modules/home"
];
sharedModules = [ sharedModules = [
inputs.nix-index-database.hmModules.nix-index inputs.nix-index-database.hmModules.nix-index
inputs.sops-nix.homeManagerModules.sops inputs.sops-nix.homeManagerModules.sops

11
modules/nixos/darwin/default.nix
View file

@ -1,5 +1,10 @@
{ lib, config, outputs, ... }: { self, lib, config, outputs, globals, ... }:
let
macUser = globals.user.work;
in
{ {
imports = [
];
options.swarselsystems.modules.darwin.general = lib.mkEnableOption "darwin config"; options.swarselsystems.modules.darwin.general = lib.mkEnableOption "darwin config";
config = lib.mkIf config.swarselsystems.modules.darwin.general { config = lib.mkIf config.swarselsystems.modules.darwin.general {
@ -12,6 +17,10 @@
}; };
}; };
home-manager.users."${macUser}".imports = [
"${self}/modules/home/darwin"
];
system.stateVersion = 4; system.stateVersion = 4;
}; };
} }

5
modules/nixos/optional/framework.nix
View file

@ -1,5 +1,8 @@
{ lib, config, ... }: { lib, config, inputs, ... }:
{ {
imports = [
inputs.fw-fanctrl.nixosModules.default
];
options.swarselsystems.modules.optional.framework = lib.mkEnableOption "optional framework machine settings"; options.swarselsystems.modules.optional.framework = lib.mkEnableOption "optional framework machine settings";
config = lib.mkIf config.swarselsystems.modules.optional.framework { config = lib.mkIf config.swarselsystems.modules.optional.framework {
services = { services = {

32
nix/apps.nix Normal file
View file

@ -0,0 +1,32 @@
{ self, ... }:
{
perSystem = { system, ... }:
let
mkApps = system: names: self: builtins.listToAttrs (map
(name: {
inherit name;
value = {
type = "app";
program = "${self.packages.${system}.${name}}/bin/${name}";
meta = {
description = "Custom app ${name}.";
};
};
})
names);
appNames = [
"swarsel-bootstrap"
"swarsel-install"
"swarsel-rebuild"
"swarsel-postinstall"
];
appSet = mkApps system appNames self;
in
{
apps = appSet // {
default = appSet.swarsel-bootstrap;
};
};
}

141
nix/devshell.nix Normal file
View file

@ -0,0 +1,141 @@
{ self, inputs, ... }:
{
imports = [
inputs.devshell.flakeModule
inputs.pre-commit-hooks.flakeModule
];
perSystem = { pkgs, system, ... }:
{
pre-commit = {
check.enable = true;
settings = {
addGcRoot = true;
hooks = {
check-added-large-files.enable = true;
check-case-conflicts.enable = true;
check-executables-have-shebangs.enable = true;
check-shebang-scripts-are-executable.enable = false;
check-merge-conflicts.enable = true;
deadnix.enable = true;
detect-private-keys.enable = true;
end-of-file-fixer.enable = true;
fix-byte-order-marker.enable = true;
flake-checker.enable = true;
forbid-new-submodules.enable = true;
mixed-line-endings.enable = true;
nixpkgs-fmt.enable = true;
statix.enable = true;
trim-trailing-whitespace.enable = true;
destroyed-symlinks = {
enable = true;
entry = "${inputs.pre-commit-hooks.checks.${system}.pre-commit-hooks}/bin/destroyed-symlinks";
};
shellcheck = {
enable = true;
entry = "${pkgs.shellcheck}/bin/shellcheck --shell=bash";
};
shfmt = {
enable = true;
entry = "${pkgs.shfmt}/bin/shfmt -i 4 -sr -d -s -l";
};
};
};
};
devshells.default = {
packages = [
(builtins.trace "alarm: we pinned nix_2_24 because of https://github.com/shlevy/nix-plugins/issues/20" pkgs.nixVersions.nix_2_24) # Always use the nix version from this flake's nixpkgs version, so that nix-plugins (below) doesn't fail because of different nix versions.
pkgs.git
pkgs.just
pkgs.age
pkgs.ssh-to-age
pkgs.sops
pkgs.home-manager
pkgs.nixpkgs-fmt
self.packages.${system}.swarsel-build
self.packages.${system}.swarsel-deploy
];
commands = [
{
package = pkgs.statix;
help = "Lint flake";
}
{
package = pkgs.deadnix;
help = "Check flake for dead code";
}
{
package = pkgs.nix-tree;
help = "Interactively browse dependency graphs of Nix derivations";
}
{
package = pkgs.nvd;
help = "Diff two nix toplevels and show which packages were upgraded";
}
{
package = pkgs.nix-diff;
help = "Explain why two Nix derivations differ";
}
{
package = pkgs.nix-output-monitor;
help = "Nix Output Monitor (a drop-in alternative for `nix` which shows a build graph)";
name = "nom";
}
{
name = "hm";
help = "Manage home-manager config";
command = "home-manager";
}
{
name = "fmt";
help = "Format flake";
command = "nixpkgs-fmt --check \"$FLAKE\"";
}
{
name = "sd";
help = "Build and deploy this nix config to nodes";
command = "swarsel-deploy \"$@\"";
}
{
name = "sl";
help = "Build and deploy a config to nodes";
command = "swarsel-deploy \${1} switch";
}
{
name = "sw";
help = "Build and switch to the host's config locally";
command = "swarsel-deploy $(hostname) switch";
}
{
name = "bld";
help = "Build a number of configurations";
command = "swarel-build \"$@\"";
}
{
name = "c";
help = "Work with the flake git repository";
command = "git --git-dir=$FLAKE/.git --work-tree=$FLAKE/ \"$@\"";
}
];
devshell.startup.pre-commit-install.text = "pre-commit install";
env = [
{
# Additionally configure nix-plugins with our extra builtins file.
# We need this for our repo secrets.
name = "NIX_CONFIG";
value = ''
plugin-files = ${pkgs.nix-plugins}/lib/nix/plugins
extra-builtins-file = ${self + /nix/extra-builtins.nix}
'';
}
];
};
};
}

6
nix/formatter.nix Normal file
View file

@ -0,0 +1,6 @@
_:
{
perSystem = { pkgs, ... }: {
formatter = pkgs.nixpkgs-fmt;
};
}

21
nix/globals.nix
View file

@ -1,4 +1,4 @@
# taken from https://github.com/oddlama/nix-config/blob/main/nix/globals.nix # adapted from https://github.com/oddlama/nix-config/blob/main/nix/globals.nix
{ inputs, ... }: { inputs, ... }:
{ {
flake = { config, lib, ... }: flake = { config, lib, ... }:
@ -14,7 +14,24 @@
}; };
modules = [ modules = [
../modules/nixos/common/globals.nix ../modules/nixos/common/globals.nix
./globals-general.nix (
{ lib, ... }:
let
# Try to access the extra builtin we loaded via nix-plugins.
# Throw an error if that doesn't exist.
sopsImportEncrypted =
assert lib.assertMsg (builtins ? extraBuiltins.sopsImportEncrypted)
"The extra builtin 'sopsImportEncrypted' is not available, so repo.secrets cannot be decrypted. Did you forget to add nix-plugins and point it to `./nix/extra-builtins.nix` ?";
builtins.extraBuiltins.sopsImportEncrypted;
in
{
imports = [
(sopsImportEncrypted ../secrets/repo/globals.nix.enc)
];
}
)
( (
{ lib, ... }: { lib, ... }:
{ {

92
nix/hosts.nix Normal file
View file

@ -0,0 +1,92 @@
{ self, inputs, ... }:
{
flake = { config, ... }:
let
inherit (self) outputs;
inherit (outputs) lib;
# lib = (inputs.nixpkgs.lib // inputs.home-manager.lib).extend (_: _: { swarselsystems = import "${self}/lib" { inherit self lib inputs outputs; inherit (inputs) systems; }; });
mkNixosHost = { minimal }: name:
lib.nixosSystem {
specialArgs = { inherit inputs outputs lib self minimal; inherit (config) globals nodes; };
modules = [
inputs.disko.nixosModules.disko
inputs.sops-nix.nixosModules.sops
inputs.impermanence.nixosModules.impermanence
inputs.lanzaboote.nixosModules.lanzaboote
inputs.nix-topology.nixosModules.default
inputs.home-manager.nixosModules.home-manager
"${self}/hosts/nixos/${name}"
"${self}/profiles/nixos"
"${self}/modules/nixos"
{
node.name = name;
node.secretsDir = ../hosts/nixos/${name}/secrets;
}
];
};
mkDarwinHost = { minimal }: name:
inputs.nix-darwin.lib.darwinSystem {
specialArgs = { inherit inputs outputs lib self minimal; inherit (config) globals nodes; };
modules = [
# inputs.disko.nixosModules.disko
# inputs.sops-nix.nixosModules.sops
# inputs.impermanence.nixosModules.impermanence
# inputs.lanzaboote.nixosModules.lanzaboote
# inputs.fw-fanctrl.nixosModules.default
# inputs.nix-topology.nixosModules.default
inputs.home-manager.darwinModules.home-manager
"${self}/hosts/darwin/${name}"
"${self}/modules/nixos/darwin"
# needed for infrastructure
"${self}/modules/nixos/common/meta.nix"
"${self}/modules/nixos/common/globals.nix"
{
node.name = name;
node.secretsDir = ../hosts/darwin/${name}/secrets;
}
];
};
mkHalfHost = name: type: pkgs: {
${name} =
let
systemFunc = if (type == "home") then inputs.home-manager.lib.homeManagerConfiguration else inputs.nix-on-droid.lib.nixOnDroidConfiguration;
in
systemFunc
{
inherit pkgs;
extraSpecialArgs = { inherit inputs outputs lib self; };
modules = [ "${self}/hosts/${type}/${name}" ];
};
};
mkHalfHostConfigs = hosts: type: pkgs: lib.foldl (acc: set: acc // set) { } (lib.map (name: mkHalfHost name type pkgs) hosts);
nixosHosts = builtins.attrNames (lib.filterAttrs (_: type: type == "directory") (builtins.readDir "${self}/hosts/nixos"));
darwinHosts = builtins.attrNames (lib.filterAttrs (_: type: type == "directory") (builtins.readDir "${self}/hosts/darwin"));
in
{
nixosConfigurations = lib.genAttrs nixosHosts (mkNixosHost {
minimal = false;
});
nixosConfigurationsMinimal = lib.genAttrs nixosHosts (mkNixosHost {
minimal = true;
});
darwinConfigurations = lib.genAttrs darwinHosts (mkDarwinHost {
minimal = false;
});
darwinConfigurationsMinimal = lib.genAttrs darwinHosts (mkDarwinHost {
minimal = true;
});
# TODO: Build these for all architectures
homeConfigurations = mkHalfHostConfigs (lib.swarselsystems.readHosts "home") "home" lib.swarselsystems.pkgsFor.x86_64-linux;
nixOnDroidConfigurations = mkHalfHostConfigs (lib.swarselsystems.readHosts "android") "android" lib.swarselsystems.pkgsFor.aarch64-linux;
diskoConfigurations.default = import "${self}/templates/hosts/nixos/disk-config.nix";
nodes = config.nixosConfigurations // config.darwinConfigurations;
};
}

36
hosts/nixos/iso/default.nix → nix/iso.nix
View file

@ -1,4 +1,4 @@
{ self, pkgs, inputs, config, lib, modulesPath, primaryUser ? "swarsel", ... }: { self, pkgs, inputs, config, lib, modulesPath, ... }:
let let
pubKeys = lib.filesystem.listFilesRecursive "${self}/secrets/keys/ssh"; pubKeys = lib.filesystem.listFilesRecursive "${self}/secrets/keys/ssh";
in in
@ -18,30 +18,18 @@ in
inputs.home-manager.nixosModules.home-manager inputs.home-manager.nixosModules.home-manager
{ {
home-manager.users."${primaryUser}".imports = [ home-manager.users."setup".imports = [
"${self}/modules/home/common/settings.nix" "${self}/modules/home/common/settings.nix"
"${self}/modules/home/common/sharedsetup.nix" "${self}/modules/home/common/sharedsetup.nix"
]; ];
} }
]; ];
options.node = {
name = lib.mkOption {
description = "Node Name.";
type = lib.types.str;
};
secretsDir = lib.mkOption {
description = "Path to the secrets directory for this node.";
type = lib.types.path;
default = ./.;
};
};
config = { config = {
node.name = lib.mkForce "drugstore";
swarselsystems = { swarselsystems = {
info = "~SwarselSystems~ installer ISO"; info = "~SwarselSystems~ installer ISO";
}; };
home-manager.users."${primaryUser}" = { home-manager.users."setup" = {
home = { home = {
stateVersion = "23.05"; stateVersion = "23.05";
file = { file = {
@ -78,15 +66,15 @@ in
config.allowUnfree = true; config.allowUnfree = true;
}; };
services.getty.autologinUser = lib.mkForce primaryUser; services.getty.autologinUser = lib.mkForce "setup";
users = { users = {
allowNoPasswordLogin = true; allowNoPasswordLogin = true;
groups.swarsel = { }; groups.swarsel = { };
users = { users = {
swarsel = { setup = {
name = primaryUser; name = "setup";
group = primaryUser; group = "setup";
isNormalUser = true; isNormalUser = true;
password = "setup"; # this is overwritten after install password = "setup"; # this is overwritten after install
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key); openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
@ -94,7 +82,7 @@ in
}; };
root = { root = {
# password = lib.mkForce config.users.users.swarsel.password; # this is overwritten after install # password = lib.mkForce config.users.users.swarsel.password; # this is overwritten after install
openssh.authorizedKeys.keys = config.users.users."${primaryUser}".openssh.authorizedKeys.keys; openssh.authorizedKeys.keys = config.users.users."setup".openssh.authorizedKeys.keys;
}; };
}; };
}; };
@ -110,10 +98,10 @@ in
system.activationScripts.cache = { system.activationScripts.cache = {
text = '' text = ''
mkdir -p -m=0777 /home/${primaryUser}/.local/state/nix/profiles mkdir -p -m=0777 /home/setup/.local/state/nix/profiles
mkdir -p -m=0777 /home/${primaryUser}/.local/state/home-manager/gcroots mkdir -p -m=0777 /home/setup/.local/state/home-manager/gcroots
mkdir -p -m=0777 /home/${primaryUser}/.local/share/nix/ mkdir -p -m=0777 /home/setup/.local/share/nix/
printf '{\"extra-substituters\":{\"https://nix-community.cachix.org\":true,\"https://nix-community.cachix.org https://cache.ngi0.nixos.org/\":true},\"extra-trusted-public-keys\":{\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=\":true,\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= cache.ngi0.nixos.org-1:KqH5CBLNSyX184S9BKZJo1LxrxJ9ltnY2uAs5c/f1MA=\":true}}' | tee /home/${primaryUser}/.local/share/nix/trusted-settings.json > /dev/null printf '{\"extra-substituters\":{\"https://nix-community.cachix.org\":true,\"https://nix-community.cachix.org https://cache.ngi0.nixos.org/\":true},\"extra-trusted-public-keys\":{\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=\":true,\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= cache.ngi0.nixos.org-1:KqH5CBLNSyX184S9BKZJo1LxrxJ9ltnY2uAs5c/f1MA=\":true}}' | tee /home/setup/.local/share/nix/trusted-settings.json > /dev/null
mkdir -p /root/.local/share/nix/ mkdir -p /root/.local/share/nix/
printf '{\"extra-substituters\":{\"https://nix-community.cachix.org\":true,\"https://nix-community.cachix.org https://cache.ngi0.nixos.org/\":true},\"extra-trusted-public-keys\":{\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=\":true,\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= cache.ngi0.nixos.org-1:KqH5CBLNSyX184S9BKZJo1LxrxJ9ltnY2uAs5c/f1MA=\":true}}' | tee /root/.local/share/nix/trusted-settings.json > /dev/null printf '{\"extra-substituters\":{\"https://nix-community.cachix.org\":true,\"https://nix-community.cachix.org https://cache.ngi0.nixos.org/\":true},\"extra-trusted-public-keys\":{\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=\":true,\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= cache.ngi0.nixos.org-1:KqH5CBLNSyX184S9BKZJo1LxrxJ9ltnY2uAs5c/f1MA=\":true}}' | tee /root/.local/share/nix/trusted-settings.json > /dev/null
''; '';

88
nix/lib.nix Normal file
View file

@ -0,0 +1,88 @@
{ self, inputs, ... }:
let
swarselsystems =
let
inherit (inputs) systems;
inherit (inputs.nixpkgs) lib;
in
rec {
mkIfElseList = p: yes: no: lib.mkMerge [
(lib.mkIf p yes)
(lib.mkIf (!p) no)
];
mkIfElse = p: yes: no: if p then yes else no;
pkgsFor = lib.genAttrs (import systems) (system:
import inputs.nixpkgs {
inherit system;
overlays = [ self.overlays.default ];
config.allowUnfree = true;
}
);
toCapitalized = str:
if builtins.stringLength str == 0 then
""
else
let
first = builtins.substring 0 1 str;
rest = builtins.substring 1 (builtins.stringLength str - 1) str;
upper = lib.toUpper first;
lower = lib.toLower rest;
in
upper + lower;
mkTrueOption = lib.mkOption {
type = lib.types.bool;
default = true;
};
mkStrong = lib.mkOverride 60;
forEachSystem = f: lib.genAttrs (import systems) (system: f pkgsFor.${system});
forEachLinuxSystem = f: lib.genAttrs [ "x86_64-linux" "aarch64-linux" ] (system: f pkgsFor.${system});
readHosts = type: lib.attrNames (builtins.readDir "${self}/hosts/${type}");
readNix = type: lib.filter (name: name != "default.nix") (lib.attrNames (builtins.readDir "${self}/${type}"));
mkModules = names: type: builtins.listToAttrs (map
(name: {
inherit name;
value = import "${self}/modules/${type}/${name}";
})
names);
mkProfiles = names: type: builtins.listToAttrs (map
(name: {
inherit name;
value = import "${self}/profiles/${type}/${name}";
})
names);
mkImports = names: baseDir: lib.map (name: "${self}/${baseDir}/${name}") names;
eachMonitor = _: monitor: {
inherit (monitor) name;
value = builtins.removeAttrs monitor [ "workspace" "name" "output" ];
};
eachOutput = _: monitor: {
inherit (monitor) name;
value = builtins.removeAttrs monitor [ "mode" "name" "scale" "transform" "position" ];
};
};
in
{
flake = _:
{
lib = (inputs.nixpkgs.lib // inputs.home-manager.lib).extend (_: _: {
inherit swarselsystems;
});
};
}

11
nix/modules.nix Normal file
View file

@ -0,0 +1,11 @@
{ self, ... }:
{
flake = _:
let
inherit (self.outputs) lib;
in
{
nixosModules.default = import "${self}/modules/nixos" { inherit lib; };
homeModules = import "${self}/modules/home" { inherit lib; };
};
}

88
nix/overlays.nix Normal file
View file

@ -0,0 +1,88 @@
{ self, inputs, ... }:
let
inherit (self) outputs;
inherit (outputs) lib;
in
{
flake = { config, ... }:
{
overlays = {
default = final: prev:
let
additions = final: _: import "${self}/pkgs" { pkgs = final; inherit self lib; };
modifications = final: prev: {
vesktop = prev.vesktop.override {
withSystemVencord = true;
};
firefox = prev.firefox.override {
nativeMessagingHosts = [
prev.tridactyl-native
prev.browserpass
prev.plasma5Packages.plasma-browser-integration
];
};
mgba = final.swarsel-mgba;
retroarch = prev.retroarch.withCores (cores: with cores; [
snes9x # snes
nestopia # nes
dosbox # dos
scummvm # scumm
vba-m # gb/a
mgba # gb/a
melonds # ds
dolphin # gc/wii
]);
};
nixpkgs-stable = final: _: {
stable = import inputs.nixpkgs-stable {
inherit (final) system;
config.allowUnfree = true;
};
};
nixpkgs-kernel = final: _: {
kernel = import inputs.nixpkgs-kernel {
inherit (final) system;
config.allowUnfree = true;
};
};
nixpkgs-stable24_05 = final: _: {
stable24_05 = import inputs.nixpkgs-stable24_05 {
inherit (final) system;
config.allowUnfree = true;
};
};
nixpkgs-stable24_11 = final: _: {
stable24_11 = import inputs.nixpkgs-stable24_11 {
inherit (final) system;
config.allowUnfree = true;
};
};
zjstatus = _: prev: {
zjstatus = inputs.zjstatus.packages.${prev.system}.default;
};
in
(additions final prev)
// (modifications final prev)
// (nixpkgs-stable final prev)
// (nixpkgs-kernel final prev)
// (nixpkgs-stable24_05 final prev)
// (nixpkgs-stable24_11 final prev)
// (zjstatus final prev)
// (inputs.vbc-nix.overlays.default final prev)
// (inputs.nur.overlays.default final prev)
// (inputs.emacs-overlay.overlay final prev)
// (inputs.nix-topology.overlays.default final prev)
// (inputs.nixgl.overlay final prev);
};
};
}

10
nix/packages.nix Normal file
View file

@ -0,0 +1,10 @@
{ self, ... }:
{
flake = _:
let
inherit (self.outputs) lib;
in
{
packages = lib.swarselsystems.forEachLinuxSystem (pkgs: import "${self}/pkgs" { inherit self lib pkgs; });
};
}

26
nix/templates.nix Normal file
View file

@ -0,0 +1,26 @@
{ self, ... }:
{
flake = _: {
templates =
let
mkTemplates = names: builtins.listToAttrs (map
(name: {
inherit name;
value = {
path = "${self}/templates/${name}";
description = "${name} project ";
};
})
names);
templateNames = [
"python"
"rust"
"go"
"cpp"
"latex"
"default"
];
in
mkTemplates templateNames;
};
}

0
topology/images/DELL-C2665dnf.png → nix/topology-images/DELL-C2665dnf.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 122 KiB

After

Width:  |  Height:  |  Size: 122 KiB

Before After
Before After

0
topology/images/TL-SG1005D.png → nix/topology-images/TL-SG1005D.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 393 KiB

After

Width:  |  Height:  |  Size: 393 KiB

Before After
Before After

0
topology/images/TL-SG108.png → nix/topology-images/TL-SG108.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 139 KiB

After

Width:  |  Height:  |  Size: 139 KiB

Before After
Before After

0
topology/images/ankisync.png → nix/topology-images/ankisync.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 91 KiB

After

Width:  |  Height:  |  Size: 91 KiB

Before After
Before After

0
topology/images/croc.png → nix/topology-images/croc.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 22 KiB

After

Width:  |  Height:  |  Size: 22 KiB

Before After
Before After

0
topology/images/firefly-iii.png → nix/topology-images/firefly-iii.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 90 KiB

After

Width:  |  Height:  |  Size: 90 KiB

Before After
Before After

0
topology/images/freshrss.png → nix/topology-images/freshrss.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 14 KiB

After

Width:  |  Height:  |  Size: 14 KiB

Before After
Before After

0
topology/images/huawei.png → nix/topology-images/huawei.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 157 KiB

After

Width:  |  Height:  |  Size: 157 KiB

Before After
Before After

0
topology/images/hunsn.png → nix/topology-images/hunsn.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 205 KiB

After

Width:  |  Height:  |  Size: 205 KiB

Before After
Before After

0
topology/images/kavita.png → nix/topology-images/kavita.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.9 KiB

After

Width:  |  Height:  |  Size: 1.9 KiB

Before After
Before After

0
topology/images/koillection.png → nix/topology-images/koillection.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 23 KiB

After

Width:  |  Height:  |  Size: 23 KiB

Before After
Before After

0
topology/images/microbin.png → nix/topology-images/microbin.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 29 KiB

After

Width:  |  Height:  |  Size: 29 KiB

Before After
Before After

0
topology/images/mpd.png → nix/topology-images/mpd.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 9.7 KiB

After

Width:  |  Height:  |  Size: 9.7 KiB

Before After
Before After

0
topology/images/nintendo-switch.png → nix/topology-images/nintendo-switch.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 84 KiB

After

Width:  |  Height:  |  Size: 84 KiB

Before After
Before After

0
topology/images/pc.png → nix/topology-images/pc.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 107 KiB

After

Width:  |  Height:  |  Size: 107 KiB

Before After
Before After

0
topology/images/readarr.png → nix/topology-images/readarr.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 18 KiB

After

Width:  |  Height:  |  Size: 18 KiB

Before After
Before After

0
topology/images/shlink.png → nix/topology-images/shlink.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 250 KiB

After

Width:  |  Height:  |  Size: 250 KiB

Before After
Before After

171
nix/topology.nix Normal file
View file

@ -0,0 +1,171 @@
{ self, inputs, ... }:
{
imports = [
inputs.nix-topology.flakeModule
];
perSystem.topology.modules = [
({ config, ... }:
let
inherit (config.lib.topology)
mkInternet
mkDevice
mkSwitch
mkRouter
mkConnection
;
in
{
renderer = "elk";
networks = {
home-lan = {
name = "Home LAN";
cidrv4 = "192.168.1.0/24";
};
wg = {
name = "Wireguard Tunnel";
cidrv4 = "192.168.3.0/24";
};
};
nodes = {
internet = mkInternet {
connections = [
(mkConnection "moonside" "wan")
(mkConnection "pfsense" "wan")
(mkConnection "sync" "wan")
(mkConnection "toto" "bootstrapper")
(mkConnection "chaostheatre" "demo host")
];
};
chaostheatre.interfaces."demo host" = { };
toto.interfaces."bootstrapper" = { };
sync.interfaces.wan = { };
moonside.interfaces.wan = { };
pfsense = mkRouter "pfSense" {
info = "HUNSN RM02";
image = "${self}/topology-images/hunsn.png";
interfaceGroups = [
[
"eth2"
"eth3"
"eth4"
"eth5"
"eth6"
]
[ "wan" ]
];
interfaces.wg = {
addresses = [ "192.168.3.1" ];
network = "wg";
virtual = true;
type = "wireguard";
};
connections = {
eth2 = mkConnection "switch-livingroom" "eth1";
eth4 = mkConnection "winters" "eth1";
eth3 = mkConnection "switch-bedroom" "eth1";
eth6 = mkConnection "wifi-ap" "eth1";
wg = mkConnection "moonside" "wg";
};
interfaces = {
eth2 = {
addresses = [ "192.168.1.1" ];
network = "home-lan";
};
eth3 = {
addresses = [ "192.168.1.1" ];
network = "home-lan";
};
eth4 = {
addresses = [ "192.168.1.1" ];
network = "home-lan";
};
eth6 = {
addresses = [ "192.168.1.1" ];
network = "home-lan";
};
};
};
winters.interfaces."eth1" = { };
wifi-ap = mkSwitch "Wi-Fi AP" {
info = "Huawei";
image = "${self}/topology-images/huawei.png";
interfaceGroups = [
[
"eth1"
"wifi"
]
];
};
switch-livingroom = mkSwitch "Switch Livingroom" {
info = "TL-SG108";
image = "${self}/topology-images/TL-SG108.png";
interfaceGroups = [
[
"eth1"
"eth2"
"eth3"
"eth4"
"eth5"
"eth6"
"eth7"
"eth8"
]
];
connections = {
eth2 = mkConnection "nswitch" "eth1";
eth7 = mkConnection "pc" "eth1";
eth8 = mkConnection "nbl-imba-2" "eth1";
};
};
nswitch = mkDevice "Nintendo Switch" {
info = "Nintendo Switch";
image = "${self}/topology-images/nintendo-switch.png";
interfaces.eth1 = { };
};
pc = mkDevice "Windows Gaming Server" {
info = "i7-4790k, GTX970, 32GB RAM";
image = "${self}/topology-images/pc.png";
interfaces.eth1 = { };
};
nbl-imba-2.interfaces.eth1 = { };
switch-bedroom = mkSwitch "Switch Bedroom" {
info = "TL-SG1005D";
image = "${self}/topology-images/TL-SG1005D.png";
interfaceGroups = [
[
"eth1"
"eth2"
"eth3"
"eth4"
"eth5"
]
];
connections.eth2 = mkConnection "printer" "eth1";
};
printer = mkDevice "Printer" {
info = "DELL C2665dnf";
image = "${self}/topology-images/DELL-C2665dnf.png";
interfaces.eth1 = { };
};
};
})
];
}

86
overlays/default.nix
View file

@ -1,86 +0,0 @@
{ self, inputs, lib, ... }:
let
additions = final: _: import "${self}/pkgs" { pkgs = final; inherit lib; };
modifications = final: prev: {
vesktop = prev.vesktop.override {
withSystemVencord = true;
};
firefox = prev.firefox.override {
nativeMessagingHosts = [
prev.tridactyl-native
prev.browserpass
prev.plasma5Packages.plasma-browser-integration
];
};
mgba = final.swarsel-mgba;
retroarch = prev.retroarch.withCores (cores: with cores; [
snes9x # snes
nestopia # nes
dosbox # dos
scummvm # scumm
vba-m # gb/a
mgba # gb/a
melonds # ds
dolphin # gc/wii
]);
};
nixpkgs-stable = final: _: {
stable = import inputs.nixpkgs-stable {
inherit (final) system;
config.allowUnfree = true;
};
};
nixpkgs-kernel = final: _: {
kernel = import inputs.nixpkgs-kernel {
inherit (final) system;
config.allowUnfree = true;
};
};
nixpkgs-stable24_05 = final: _: {
stable24_05 = import inputs.nixpkgs-stable24_05 {
inherit (final) system;
config.allowUnfree = true;
};
};
nixpkgs-stable24_11 = final: _: {
stable24_11 = import inputs.nixpkgs-stable24_11 {
inherit (final) system;
config.allowUnfree = true;
};
};
zjstatus = _: prev: {
zjstatus = inputs.zjstatus.packages.${prev.system}.default;
};
in
{
default =
final: prev:
(additions final prev)
// (modifications final prev)
// (nixpkgs-stable final prev)
// (nixpkgs-kernel final prev)
// (nixpkgs-stable24_05 final prev)
// (nixpkgs-stable24_11 final prev)
// (zjstatus final prev)
// (inputs.vbc-nix.overlays.default final prev)
// (inputs.nur.overlays.default final prev)
// (inputs.emacs-overlay.overlay final prev)
// (inputs.nix-topology.overlays.default final prev)
// (inputs.nixgl.overlay final prev);
}

10
pkgs/default.nix
View file

@ -1,5 +1,11 @@
{ lib, pkgs, ... }: { self, lib, pkgs, ... }:
let let
mkPackages = names: pkgs: builtins.listToAttrs (map
(name: {
inherit name;
value = pkgs.callPackage "${self}/pkgs/${name}" { inherit self name; };
})
names);
packageNames = lib.swarselsystems.readNix "pkgs"; packageNames = lib.swarselsystems.readNix "pkgs";
in in
lib.swarselsystems.mkPackages packageNames pkgs mkPackages packageNames pkgs

15
pkgs/swarsel-build/default.nix Normal file
View file

@ -0,0 +1,15 @@
{ name, nix-output-monitor, writeShellApplication, ... }:
writeShellApplication {
runtimeInputs = [ nix-output-monitor ];
inherit name;
text = ''
set -euo pipefail
[[ "$#" -ge 1 ]] \
|| { echo "usage: build <HOST>..." >&2; exit 1; }
HOSTS=()
for h in "$@"; do
HOSTS+=(".#nixosConfigurations.$h.config.system.build.toplevel")
done
nom build --no-link --print-out-paths --show-trace "''${HOSTS[@]}"
'';
}

6
secrets/repo/globals.nix.enc
View file

@ -1,5 +1,5 @@
{ {
"data": "ENC[AES256_GCM,data:1h+/I2SLfNqHrqWDAYmkkxFMwbN23zhUVTfWYcG9hmwiZ5KZoGErt1pvR6p2BIyBb3XrfqQoV8TWJrE7IrDKRkdX4MoaviT+W6wXJ46nTJAkJ2lbuNIfQR1paAqiIfeRIzx2GgOf,iv:GIHpghRgq1SBIs8KHzNLTvFJ7aruPd6e4zDe5GjuNo0=,tag:TvXf4qYWoSOqvlqnVsKxsw==,type:str]", "data": "ENC[AES256_GCM,data:PW4DwwvVLuaUtuvJr/h+Zx+8V1i1D3hVlATFr5yI5nykn7T/ZLf7lJFYJGqms9DHExxiGmYNWCXkFrRqOnKpBajxUuuljaE0Yd4bxIga4hF5KC+nJS5BGT9tVOQfp/sopJvp7QjxLKBcZcZ9uya2+DhxJdhmtRUj5A04ze68PsQMl4zuU7Y=,iv:1rblF4XnYDHpwz0Sl6E/3Xd9ITP5KWC8Qm5Ghf+TaTI=,tag:JmxpswTJZO7y9D4hQEn1Gw==,type:str]",
"sops": { "sops": {
"age": [ "age": [
{ {
@ -27,8 +27,8 @@
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBibGlMSU4vUEF5UlNVZzlr\nMTMyOFY2Zi8rZFdZT1JrelZEUUZkZHFvOFdzCjVPbVovaU9nZklJQWNZeDJZNm0r\nMXBIK2hsZEY0NElxTVVMWmN6WU1Ld28KLS0tIENaallkK05SMllia3prV25hZDR2\nZDBNU0dYYnJESG1JZGpvSGp1WW9UMVEKJgfdLp7BRXvyAekecNJiaBXmxSj1qNxx\nZeHceqEkfWV/PzX+RP4LHjXTQCLEOJijbKxDmxSsYq49hC9xjZASuw==\n-----END AGE ENCRYPTED FILE-----\n" "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBibGlMSU4vUEF5UlNVZzlr\nMTMyOFY2Zi8rZFdZT1JrelZEUUZkZHFvOFdzCjVPbVovaU9nZklJQWNZeDJZNm0r\nMXBIK2hsZEY0NElxTVVMWmN6WU1Ld28KLS0tIENaallkK05SMllia3prV25hZDR2\nZDBNU0dYYnJESG1JZGpvSGp1WW9UMVEKJgfdLp7BRXvyAekecNJiaBXmxSj1qNxx\nZeHceqEkfWV/PzX+RP4LHjXTQCLEOJijbKxDmxSsYq49hC9xjZASuw==\n-----END AGE ENCRYPTED FILE-----\n"
} }
], ],
"lastmodified": "2025-07-02T12:24:56Z", "lastmodified": "2025-07-03T16:55:42Z",
"mac": "ENC[AES256_GCM,data:MTBfNpPWlBI6HbTrcUhydq4NH/4m+kQWPuIjHo2eJmGbdoXk1qN1fHoKTB5U29YZWQuybBiSCRtLLWZdKhs5Vv9UsXOPDsKLflCW+sr0DEKd37ONzhlHhWsHGLF9kFOXZtruJe0p0Sh7oGy3T6ee4ABog3LwQ59ZcRmAxr7haFI=,iv:mDCvJrZXPOeuD01sqoLNGEHcexHZkZ3ankBk/lCMbUs=,tag:fqqJ8O8lI30SIqcCxAXVPA==,type:str]", "mac": "ENC[AES256_GCM,data:+k6CeK5XiwsJJtvqr/NnRQvERqsV46tQoDnY6L5ptKQLyhMC8HPhrfn/LTJmRNqA8VXaDwSqm8zn+l8mJK55P/kZeeuLSmsvSYIgKlbp6naAbhyWM/q7IsT1fOAmFGKuG5nKaOy+ufxaXwIWWRPejmi9i+gmEw2FOTNimwyOqwc=,iv:q6P6QuipKMGc5i5oZ7XoU/qkbgo4X/SejfJUorAGb1M=,tag:sGfym1AaYAYHEzwDC5Dgsg==,type:str]",
"pgp": [ "pgp": [
{ {
"created_at": "2025-07-02T12:10:18Z", "created_at": "2025-07-02T12:10:18Z",

12
templates/default.nix
View file

@ -1,12 +0,0 @@
{ lib, ... }:
let
templateNames = [
"python"
"rust"
"go"
"cpp"
"latex"
"default"
];
in
lib.swarselsystems.mkTemplates templateNames

3
templates/hosts/nixos/default.nix
View file

@ -1,9 +1,10 @@
{ self, inputs, pkgs, lib, primaryUser, ... }: { self, inputs, pkgs, lib, globals, ... }:
let let
modulesPath = "${self}/modules"; modulesPath = "${self}/modules";
sharedOptions = { sharedOptions = {
isBtrfs = true; isBtrfs = true;
}; };
primaryUser = globals.user.name;
in in
{ {

162
topology/default.nix
View file

@ -1,162 +0,0 @@
{ config, ... }:
let
inherit (config.lib.topology)
mkInternet
mkDevice
mkSwitch
mkRouter
mkConnection
;
in
{
renderer = "elk";
networks = {
home-lan = {
name = "Home LAN";
cidrv4 = "192.168.1.0/24";
};
wg = {
name = "Wireguard Tunnel";
cidrv4 = "192.168.3.0/24";
};
};
nodes = {
internet = mkInternet {
connections = [
(mkConnection "moonside" "wan")
(mkConnection "pfsense" "wan")
(mkConnection "sync" "wan")
(mkConnection "toto" "bootstrapper")
(mkConnection "drugstore" "installer image")
(mkConnection "chaostheatre" "demo host")
];
};
chaostheatre.interfaces."demo host" = { };
drugstore.interfaces."installer image" = { };
toto.interfaces."bootstrapper" = { };
sync.interfaces.wan = { };
moonside.interfaces.wan = { };
pfsense = mkRouter "pfSense" {
info = "HUNSN RM02";
image = ../topology/images/hunsn.png;
interfaceGroups = [
[
"eth2"
"eth3"
"eth4"
"eth5"
"eth6"
]
[ "wan" ]
];
interfaces.wg = {
addresses = [ "192.168.3.1" ];
network = "wg";
virtual = true;
type = "wireguard";
};
connections = {
eth2 = mkConnection "switch-livingroom" "eth1";
eth4 = mkConnection "winters" "eth1";
eth3 = mkConnection "switch-bedroom" "eth1";
eth6 = mkConnection "wifi-ap" "eth1";
wg = mkConnection "moonside" "wg";
};
interfaces = {
eth2 = {
addresses = [ "192.168.1.1" ];
network = "home-lan";
};
eth3 = {
addresses = [ "192.168.1.1" ];
network = "home-lan";
};
eth4 = {
addresses = [ "192.168.1.1" ];
network = "home-lan";
};
eth6 = {
addresses = [ "192.168.1.1" ];
network = "home-lan";
};
};
};
winters.interfaces."eth1" = { };
wifi-ap = mkSwitch "Wi-Fi AP" {
info = "Huawei";
image = ../topology/images/huawei.png;
interfaceGroups = [
[
"eth1"
"wifi"
]
];
};
switch-livingroom = mkSwitch "Switch Livingroom" {
info = "TL-SG108";
image = ../topology/images/TL-SG108.png;
interfaceGroups = [
[
"eth1"
"eth2"
"eth3"
"eth4"
"eth5"
"eth6"
"eth7"
"eth8"
]
];
connections = {
eth2 = mkConnection "nswitch" "eth1";
eth7 = mkConnection "pc" "eth1";
eth8 = mkConnection "nbl-imba-2" "eth1";
};
};
nswitch = mkDevice "Nintendo Switch" {
info = "Nintendo Switch";
image = ../topology/images/nintendo-switch.png;
interfaces.eth1 = { };
};
pc = mkDevice "Windows Gaming Server" {
info = "i7-4790k, GTX970, 32GB RAM";
image = ../topology/images/pc.png;
interfaces.eth1 = { };
};
nbl-imba-2.interfaces.eth1 = { };
switch-bedroom = mkSwitch "Switch Bedroom" {
info = "TL-SG1005D";
image = ../topology/images/TL-SG1005D.png;
interfaceGroups = [
[
"eth1"
"eth2"
"eth3"
"eth4"
"eth5"
]
];
connections.eth2 = mkConnection "printer" "eth1";
};
printer = mkDevice "Printer" {
info = "DELL C2665dnf";
image = ../topology/images/DELL-C2665dnf.png;
interfaces.eth1 = { };
};
};
}