{ description = "jolheiser's nixos config"; inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; nixpkgs-py39.url = "github:nixos/nixpkgs/f294325aed382b66c7a188482101b0f336d1d7db"; home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; agenix = { url = "github:ryantm/agenix"; inputs = { nixpkgs.follows = "nixpkgs"; darwin.follows = ""; home-manager.follows = ""; }; }; flake-utils.url = "github:numtide/flake-utils"; nur.url = "github:nix-community/NUR"; jolheiser-nur = { url = "git+https://git.jolheiser.com/nur.git"; inputs.nixpkgs.follows = "nixpkgs"; }; helix = { url = "git+https://git.jolheiser.com/helix.drv.git"; inputs.nixpkgs.follows = "nixpkgs"; }; website = { url = "git+https://git.jolheiser.com/jolheiser.com.git"; inputs = { nixpkgs.follows = "nixpkgs"; flake-utils.follows = "flake-utils"; nur.follows = "jolheiser-nur"; }; }; resume = { url = "git+https://git.jolheiser.com/resume.git"; inputs = { nixpkgs.follows = "nixpkgs"; flake-utils.follows = "flake-utils"; }; }; git-age = { url = "git+https://git.jolheiser.com/git-age.git"; inputs = { nixpkgs.follows = "nixpkgs"; flake-utils.follows = "flake-utils"; }; }; gist = { url = "git+https://git.jolheiser.com/gist.git"; inputs.nixpkgs.follows = "nixpkgs"; }; tmpl = { url = "git+https://git.jolheiser.com/tmpl.git"; inputs.nixpkgs.follows = "nixpkgs"; }; gomodinit = { url = "git+https://git.jolheiser.com/gomodinit.git"; inputs.nixpkgs.follows = "nixpkgs"; }; ugit = { url = "git+https://git.jolheiser.com/ugit.git"; inputs.nixpkgs.follows = "nixpkgs"; }; # Other flakes golink = { url = "github:tailscale/golink"; inputs = { nixpkgs.follows = "nixpkgs"; flake-utils.follows = "flake-utils"; }; }; tclip = { url = "github:tailscale-dev/tclip"; inputs = { nixpkgs.follows = "nixpkgs"; utils.follows = "flake-utils"; }; }; templ = { url = "github:a-h/templ"; inputs.nixpkgs.follows = "nixpkgs"; }; # WSL wsl = { url = "github:nix-community/NixOS-WSL"; inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "flake-utils"; }; }; outputs = { nixpkgs, home-manager, agenix, nixpkgs-py39, wsl, ... } @ inputs: let overlays = [ (_: prev: { nur = import inputs.nur { nurpkgs = prev; pkgs = prev; }; jolheiser = { nur = inputs.jolheiser-nur.packages.${prev.system}; helix = inputs.helix.packages.${prev.system}.default; website = inputs.website.packages.${prev.system}.default; resume = inputs.resume.packages.${prev.system}.default; git-age = inputs.git-age.packages.${prev.system}.default; gist = inputs.gist.packages.${prev.system}.default; tmpl = inputs.tmpl.packages.${prev.system}.default; gomodinit = inputs.gomodinit.packages.${prev.system}.default; }; tclip = inputs.tclip.packages.${prev.system}.tclip; templ = inputs.templ.packages.${prev.system}.templ; }) inputs.golink.overlay ]; userSecret = path: { file = path; owner = username; }; commonConfig = {gui ? true}: {config, ...}: { config = { nixpkgs.overlays = overlays; # TODO Remove when apps are updated nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" ]; home-manager = { useGlobalPkgs = true; useUserPackages = true; users.${username}.imports = if gui then [./apps/gui] else [./apps/nogui]; extraSpecialArgs = { flakePath = "/home/${username}/.config/nixpkgs"; }; }; age.secrets = { ssh-config = userSecret ./secrets/shared/ssh-config.age; ssh-config-work = userSecret ./secrets/shared/ssh-config-work.age; spotify = { file = ./secrets/shared/spotify.age; owner = username; path = "/home/${username}/.cache/spotify-player/credentials.json"; }; irc-pw = userSecret ./secrets/shared/irc-pw.age; gist-pw = userSecret ./secrets/shared/gist-pw.age; git-send-email = userSecret ./secrets/shared/git-send-email.age; }; }; }; workModules = [ home-manager.nixosModules.home-manager agenix.nixosModules.default (commonConfig {}) ({pkgs, ...}: { config = { nixpkgs.overlays = [ (_: _: { py39 = import nixpkgs-py39 {inherit (pkgs) system;}; }) ]; home-manager.users.${username}.programs = { git.package = pkgs.gitSVN; firefox.profiles.default.bookmarks = [(import ./apps/gui/firefox/work.nix)]; }; age.secrets = { netrc = { file = ./secrets/work/netrc.age; owner = username; path = "/home/${username}/.netrc"; }; pipconf = { file = ./secrets/work/pip.conf.age; owner = username; path = "/home/${username}/.config/pip/pip.conf"; }; pypirc = { file = ./secrets/work/pypirc.age; owner = username; path = "/home/${username}/.pypirc"; }; cifs = userSecret ./secrets/work/cifs.age; }; }; }) ]; username = "jolheiser"; in { nixosConfigurations = { "chai" = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = workModules ++ [ ./machines/chai ]; }; "masala" = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = workModules ++ [ wsl.nixosModules.wsl ./machines/masala ]; }; "matcha" = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ home-manager.nixosModules.home-manager agenix.nixosModules.default ./machines/matcha (commonConfig {}) ]; }; "sencha" = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ home-manager.nixosModules.home-manager agenix.nixosModules.default ./machines/sencha (commonConfig {}) ]; }; }; colmena = { meta = { nixpkgs = import nixpkgs { system = "x86_64-linux"; overlays = overlays; }; }; dragonwell = { imports = [ inputs.golink.nixosModules.default inputs.ugit.nixosModules.default ./machines/dragonwell ]; }; }; nixConfig = { extra-substitutors = ["https://jolheiser.cachix.org"]; extra-trusted-public-keys = ["jolheiser.cachix.org-1:fiKkfTuHFqDK5ZOVxcqb4InUkKsrTvtMLISid7XvuVg="]; }; } // inputs.flake-utils.lib.eachDefaultSystem (system: let pkgs = nixpkgs.legacyPackages.${system}; in { devShells.default = pkgs.mkShell { nativeBuildInputs = [ agenix.packages.${system}.agenix pkgs.colmena ]; }; }); }